API tools faq
paste
Advertisement
Guest User

C

a guest
Feb 27th, 2018
1,579
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 249.46 KB | None | 0 0
raw download clone embed print report
  1. 17:16:36 CylanceSvc(68)[4] Information: Logging Started: Tuesday, February 27, 2018 5:16:36 PM (Tue, 27 Feb 2018 23:16:36 GMT) Machine Name: AEP-S23-V100 FQDN: AEP-S23-V100 Product Version: 2.0.1450.8
  2. 17:16:36 CylanceSvc(68)[4] Information: Log level set to 'Information'
  3. 17:16:36 CylanceSvc(68)[4] Information: [Cylance.Host.Agent.CyService] > Initializing...
  4. 17:16:42 CylanceSvc(68)[6] Information: [Cylance.Host.Agent.CyService] Upgrade Database
  5. 17:16:42 CylanceSvc(68)[6] Information: [Cylance.Host.Agent.CyService] Verify Quarantine Table
  6. 17:16:42 CylanceSvc(68)[4] Information: [Cylance.Host.Agent.CyService] CyUpdate Mutex doesn't exist. Creating new version of it.
  7. 17:16:42 CylanceSvc(68)[5] Information: [Cylance.Host.Agent.CyService] Self Protect
  8. 17:16:42 CylanceSvc(68)[4] Information: Starting service
  9. 17:16:43 CylanceSvc(68)[4] Information: [SlimController] Loaded Controller module ver. 2.0.1450.8
  10. 17:16:43 CylanceSvc(68)[4] Information: Loaded module type Analysis ver. 2.0.1450.8
  11. 17:16:43 CylanceSvc(68)[4] Information: Loaded module type DeviceControl ver. 2.0.1450.8
  12. 17:16:43 CylanceSvc(68)[4] Information: Loaded module type CommandControlUi ver. 2.0.1450.8
  13. 17:16:43 CylanceSvc(68)[4] Information: Loaded module type OpticsEventManager ver. 2.0.1450.8
  14. 17:16:43 CylanceSvc(68)[4] Information: Venue command polling interval set to occur every 58 seconds, file list reset interval set to occur every 5 hours 35 minutes.
  15. 17:16:43 CylanceSvc(68)[4] Information: Loaded module type Venue ver. 2.0.1450.8
  16. 17:16:43 CylanceSvc(68)[4] Information: Loaded module type WindowsEventLogger ver. 2.0.1450.8
  17. 17:16:43 CylanceSvc(68)[11] Information: [Cylance.Host.Throttle.Throttle] Thread: Thread_PollPipes starts ...
  18. 17:16:43 CylanceSvc(68)[18] Information: Processing local model [PE, Cylance.Host.Analyzer.LocalModelManager+LocalModelInfo]
  19. 17:16:44 CylanceSvc(68)[4] Information: [LogUploadEngine] > Initialize
  20. 17:16:44 CylanceSvc(68)[4] Information: [LogUploadEngine] Log auto-upload enabled
  21. 17:16:44 CylanceSvc(68)[4] Information: [LogUploadEngine] History: Log file 'C:\Program Files\Cylance\Desktop\log\2018-01-25.log' queued for upload
  22. 17:16:44 CylanceSvc(68)[4] Information: [LogUploadEngine] < Initialize
  23. 17:16:44 CylanceSvc(68)[21] Information: [LogUploadEngine] Thread: Log Upload queue manager starts ...
  24. 17:16:44 CylanceSvc(68)[4] Information: [StatusWriter] Writing status file enabled.
  25. 17:16:45 CylanceSvc(68)[9] Information: [‹.’] Thread: MessageDispatcher starts ...
  26. 17:16:45 CylanceSvc(68)[22] Information: [Cylance.Host.Analysis.AnalysisModule] Thread: Analysis module starts ...
  27. 17:16:45 CylanceSvc(68)[4] Information: [Cylance.Host.DeviceControl.DeviceControl] PolicyUpdated: Device Control has been disabled
  28. 17:16:45 CylanceSvc(68)[4] Information: [Cylance.Host.DeviceControl.DeviceControl] PolicyUpdated: USB Device Settings (alert=0, block=1): Unknown Device = 0, USBDrive = 0, USBCDDVDRW = 0, StillImage = 0, AndroidUSB = 0, WPD = 0, VMWareMount = 0, iOS = 0, SDCard = 0,
  29. 17:16:45 CylanceSvc(68)[4] Information: [Cylance.Host.Agent.CyService] < Initializing
  30. 17:16:45 CylanceSvc(68)[21] Information: [LogUploadEngine] Internal Id: dcd76405-8eff-443f-aa1c-5c4bdee72029
  31. File uploaded: C:\Program Files\Cylance\Desktop\log\2018-01-25.log
  32. Response status: OK
  33. 17:16:45 CylanceSvc(68)[22] Information: [Cylance.Host.Analyzer.Analyzer] SetPolicy: Policy Name = Default, AbnormalThreshold = -600
  34. 17:16:45 CylanceSvc(68)[22] Information: [Cylance.Host.Analyzer.Analyzer] SetPolicy: threats action AutoBlock, AutoSubmit
  35. 17:16:45 CylanceSvc(68)[22] Information: [Cylance.Host.Analyzer.Analyzer] SetPolicy: abnormal exe action AutoBlock, AutoSubmit
  36. 17:16:45 CylanceSvc(68)[22] Information: [Cylance.Host.Analyzer.Analyzer] SetPolicy: Sample Copy Path is ''
  37. 17:16:45 CylanceSvc(68)[22] Information: [Cylance.Host.Analyzer.Analyzer] SetPolicy: MaxArchiveSize=0, MaxFileSize=150
  38. 17:16:45 CylanceSvc(68)[22] Information: [Cylance.Host.Analyzer.Analyzer] SetPolicy: AutoBlockThreat=True, AutoBlockAbnormal=True, EnableUpload=True, DisconnectedMode=False
  39. 17:16:45 CylanceSvc(68)[22] Information: [Cylance.Host.MemDef.MemDef] SetPolicy: MemDef 'Enabled' from venue policy request
  40. 17:16:45 CylanceSvc(68)[22] Information: [Cylance.Host.MemDef.MemDef] SetPolicy: Script 'Enabled' from venue policy request
  41. 17:16:45 CylanceSvc(68)[22] Information: [Cylance.Host.MemDef.MemDef] SetPolicy: Script control modes: powershell scripts 'Block', powershell console mode 'Block', activescript 'Block', macro 'Block'
  42. 17:16:45 CylanceSvc(68)[22] Information: [Cylance.Host.MemDef.MemDef] StartMemDef called
  43. 17:16:45 CylanceSvc(68)[22] Information: [Cylance.Host.ProcessMonitor.ProcessMonitor] SetPolicy: AutoBlock: autoBlockThreats=True, autoBlockSuspicious=True
  44. 17:16:45 CylanceSvc(68)[19] Information: [DeviceFingerPrint] fingerprintFields: [VMware, Inc.] UUID:36fd0d42-2992-b453-6515-74d890fe139e
  45. 17:16:45 CylanceSvc(68)[19] Information: [DeviceFingerPrint] fingerprint : 36fd0d42-2992-b453-6515-74d890fe139e
  46. 17:16:46 CylanceSvc(68)[19] Information: [VenueCommandManager] Venue network connection state changed; new state=Connected
  47. 17:16:46 CylanceSvc(68)[19] Information: [AgentPolicy] Online Policy 'Default' is updated
  48. 17:16:46 CylanceSvc(68)[15] Information: [Cylance.Host.DeviceControl.DeviceControl] PolicyUpdated: Device Control has been disabled
  49. 17:16:46 CylanceSvc(68)[15] Information: [Cylance.Host.DeviceControl.DeviceControl] PolicyUpdated: USB Device Settings (alert=0, block=1): Unknown Device = 0, USBDrive = 0, USBCDDVDRW = 0, StillImage = 0, AndroidUSB = 0, WPD = 0, VMWareMount = 0, iOS = 0, SDCard = 0,
  50. 17:16:47 CylanceSvc(68)[22] Information: [Cylance.Host.ProcessMonitor.ProcessMonitor] SetPolicy: Lockdown: deny change=False, deny remote execution=False
  51. 17:16:47 CylanceSvc(68)[22] Information: [Cylance.Host.ProcessMonitor.ProcessMonitor] SetPolicy: terminateRunningModules=7
  52. 17:16:47 CylanceSvc(68)[22] Information: [Cylance.Host.FileSystem.FileSystem] SetPolicy: full_disc_scan=RunOnce: prev=Stopped, watch_for_new_files=True: prev=False
  53. 17:16:47 CylanceSvc(68)[27] Information: [Cylance.Host.FileSystem.CyFileSystemScanner] Thread: File System Scan starts ...
  54. 17:16:47 CylanceSvc(68)[27] Information: [Cylance.Host.FileSystem.FileSystem] Updating scan Status to Scanning
  55. 17:16:47 CylanceSvc(68)[27] Information: [Cylance.Host.FileSystem.CyFileSystemScanner] File System Scan Starting
  56. 17:16:47 CylanceSvc(68)[27] Information: [Cylance.Host.FileSystem.FileSystem] Updating scan Status to Stopped
  57. 17:16:47 CylanceSvc(68)[27] Information: [Cylance.Host.FileSystem.CyFileSystemScanner] File System Scan Complete
  58. 17:16:47 CylanceSvc(68)[27] Information: [Cylance.Host.FileSystem.CyFileSystemScanner] Thread: File System Scan stopped.
  59. 17:16:47 CylanceSvc(68)[28] Information: [Cylance.Host.FileSystem.CyFileSystemWatcher] Thread: File System Watcher starts ...
  60. 17:16:47 CylanceSvc(68)[22] Information: [Cylance.Host.MessageProcessor.MsgProcessor] Policy: service shutdown mode = PreventShutdown
  61. 17:16:47 CylanceSvc(68)[22] Information: [Cylance.Host.Analysis.AnalysisModule] Analysis module starts components
  62. 17:17:01 CylanceSvc(68)[18] Information: Local 'PE' model version: 131308214743030001 old version 131308214743030001
  63. 17:17:14 CylanceSvc(68)[18] Information: Processing local model [OLE, Cylance.Host.Analyzer.LocalModelManager+LocalModelInfo]
  64. 17:17:15 CylanceSvc(68)[18] Information: Local 'OLE' model version: 130983098946186498 old version 130983098946186498
  65. 17:17:15 CylanceSvc(68)[18] Information: Processing local model [PDF, Cylance.Host.Analyzer.LocalModelManager+LocalModelInfo]
  66. 17:17:15 CylanceSvc(68)[18] Information: Local 'PDF' model version: 130982430169106361 old version 130982430169106361
  67. 17:17:15 CylanceSvc(68)[16] Information: [Cylance.Host.Analyzer.FileProcessor] Thread: Process File starts ...
  68. 17:17:15 CylanceSvc(68)[30] Information: [Cylance.Host.Analyzer.ReAnalyzer] Thread: Reanalyzer starts ...
  69. 17:17:16 CylanceSvc(68)[22] Information: [Cylance.Host.Analyzer.FileProcessor] QueryInfinityStatus: Infinity network connection state changed; new state=Connected
  70. 17:17:16 CylanceSvc(68)[22] Information: [Cylance.Host.Analyzer.Analyzer] SetPolicy: Policy Name = Default, AbnormalThreshold = -600
  71. 17:17:16 CylanceSvc(68)[22] Information: [Cylance.Host.Analyzer.Analyzer] SetPolicy: threats action AutoBlock, AutoSubmit
  72. 17:17:16 CylanceSvc(68)[22] Information: [Cylance.Host.Analyzer.Analyzer] SetPolicy: abnormal exe action AutoBlock, AutoSubmit
  73. 17:17:16 CylanceSvc(68)[22] Information: [Cylance.Host.Analyzer.Analyzer] SetPolicy: Sample Copy Path is ''
  74. 17:17:16 CylanceSvc(68)[22] Information: [Cylance.Host.Analyzer.Analyzer] SetPolicy: MaxArchiveSize=0, MaxFileSize=150
  75. 17:17:16 CylanceSvc(68)[22] Information: [Cylance.Host.Analyzer.Analyzer] SetPolicy: AutoBlockThreat=True, AutoBlockAbnormal=True, EnableUpload=True, DisconnectedMode=False
  76. 17:17:16 CylanceSvc(68)[22] Information: [Cylance.Host.MemDef.MemDef] SetPolicy: MemDef 'Enabled' from venue policy request
  77. 17:17:16 CylanceSvc(68)[22] Information: [Cylance.Host.MemDef.MemDef] SetPolicy: Script 'Enabled' from venue policy request
  78. 17:17:16 CylanceSvc(68)[22] Information: [Cylance.Host.MemDef.MemDef] SetPolicy: Script control modes: powershell scripts 'Block', powershell console mode 'Block', activescript 'Block', macro 'Block'
  79. 17:17:16 CylanceSvc(68)[22] Information: [Cylance.Host.ProcessMonitor.ProcessMonitor] SetPolicy: AutoBlock: autoBlockThreats=True, autoBlockSuspicious=True
  80. 17:17:16 CylanceSvc(68)[22] Information: [Cylance.Host.ProcessMonitor.ProcessMonitor] SetPolicy: Lockdown: deny change=False, deny remote execution=False
  81. 17:17:16 CylanceSvc(68)[22] Information: [Cylance.Host.ProcessMonitor.ProcessMonitor] SetPolicy: terminateRunningModules=7
  82. 17:17:16 CylanceSvc(68)[22] Information: [Cylance.Host.FileSystem.FileSystem] SetPolicy: full_disc_scan=RunOnce: prev=RunOnce, watch_for_new_files=True: prev=True
  83. 17:17:16 CylanceSvc(68)[22] Information: [Cylance.Host.Analyzer.GlobalListsManager] UpdateFilter: filter 'UniversalExclusion' (capacity=30494, is empty=False) is updated
  84. 17:17:16 CylanceSvc(68)[31] Information: [Cylance.Host.ProcessMonitor.ProcessMonitor] Thread: Submiting modules for analyzing
  85. 17:17:16 CylanceSvc(68)[14] Information: [Cylance.Host.KernelDriver.Driver] Driver: UNKNOWN_FILE '', local: 'C:\Program Files\Splunk\bin\splunk-regmon.exe', procId: 1168, hash: '3F687C6676DE476CC02252D7556B0ECDD48443C9D5DE0BDB0CE4B660F5288952'
  86. 17:17:16 CylanceSvc(68)[14] Information: [Cylance.Host.ProcessMonitor.ProcessMonitor] OnUnknownFile(1): Allow 'C:\Program Files\Splunk\bin\splunk-regmon.exe'-3F687C6676DE476CC02252D7556B0ECDD48443C9D5DE0BDB0CE4B660F5288952 Allow by GlobalPolicy (trust_files_in_scan_exception_list)
  87. 17:17:16 CylanceSvc(68)[14] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 3F687C6676DE476CC02252D7556B0ECDD48443C9D5DE0BDB0CE4B660F5288952 'C:\Program Files\Splunk\bin\splunk-regmon.exe'
  88. 17:17:16 CylanceSvc(68)[14] Information: [Cylance.Host.KernelDriver.Driver] Driver: UNKNOWN_FILE '', local: 'C:\Program Files\Splunk\bin\libxml2.dll', procId: 4992, hash: 'E115D19679CC88BA6BECA31D979B49E9439A71235D7DC0D6A3016059891554F1'
  89. 17:17:16 CylanceSvc(68)[14] Information: [Cylance.Host.ProcessMonitor.ProcessMonitor] OnUnknownFile(1): Allow 'C:\Program Files\Splunk\bin\libxml2.dll'-E115D19679CC88BA6BECA31D979B49E9439A71235D7DC0D6A3016059891554F1 Allow by GlobalPolicy (trust_files_in_scan_exception_list)
  90. 17:17:16 CylanceSvc(68)[14] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow E115D19679CC88BA6BECA31D979B49E9439A71235D7DC0D6A3016059891554F1 'C:\Program Files\Splunk\bin\libxml2.dll'
  91. 17:17:16 CylanceSvc(68)[14] Information: [Cylance.Host.KernelDriver.Driver] Driver: UNKNOWN_FILE '', local: 'C:\Program Files\Splunk\bin\libxslt.dll', procId: 4992, hash: '5A77BCD449B7CD5D4152D06B5755E0D319456E9F0F41F8E6849B7E5D662B3F3D'
  92. 17:17:16 CylanceSvc(68)[14] Information: [Cylance.Host.ProcessMonitor.ProcessMonitor] OnUnknownFile(1): Allow 'C:\Program Files\Splunk\bin\libxslt.dll'-5A77BCD449B7CD5D4152D06B5755E0D319456E9F0F41F8E6849B7E5D662B3F3D Allow by GlobalPolicy (trust_files_in_scan_exception_list)
  93. 17:17:16 CylanceSvc(68)[14] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 5A77BCD449B7CD5D4152D06B5755E0D319456E9F0F41F8E6849B7E5D662B3F3D 'C:\Program Files\Splunk\bin\libxslt.dll'
  94. 17:17:16 CylanceSvc(68)[14] Information: [Cylance.Host.KernelDriver.Driver] Driver: UNKNOWN_FILE '', local: 'C:\Program Files\Splunk\bin\ssleay32.dll', procId: 4992, hash: '0F351D8A2A414BE1F6F895AEEF95EAC89DD14C443CD908A7A7BF19FD52C40FD9'
  95. 17:17:16 CylanceSvc(68)[14] Information: [Cylance.Host.ProcessMonitor.ProcessMonitor] OnUnknownFile(1): Allow 'C:\Program Files\Splunk\bin\ssleay32.dll'-0F351D8A2A414BE1F6F895AEEF95EAC89DD14C443CD908A7A7BF19FD52C40FD9 Allow by GlobalPolicy (trust_files_in_scan_exception_list)
  96. 17:17:16 CylanceSvc(68)[14] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 0F351D8A2A414BE1F6F895AEEF95EAC89DD14C443CD908A7A7BF19FD52C40FD9 'C:\Program Files\Splunk\bin\ssleay32.dll'
  97. 17:17:16 CylanceSvc(68)[14] Information: [Cylance.Host.KernelDriver.Driver] Driver: UNKNOWN_FILE '', local: 'C:\Program Files\Splunk\bin\libxmlsec.dll', procId: 4992, hash: 'BC263CB7FBBE45CE13CCB233F4813C348A94BC174EC14C148044647D8D996510'
  98. 17:17:16 CylanceSvc(68)[14] Information: [Cylance.Host.ProcessMonitor.ProcessMonitor] OnUnknownFile(1): Allow 'C:\Program Files\Splunk\bin\libxmlsec.dll'-BC263CB7FBBE45CE13CCB233F4813C348A94BC174EC14C148044647D8D996510 Allow by GlobalPolicy (trust_files_in_scan_exception_list)
  99. 17:17:16 CylanceSvc(68)[14] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow BC263CB7FBBE45CE13CCB233F4813C348A94BC174EC14C148044647D8D996510 'C:\Program Files\Splunk\bin\libxmlsec.dll'
  100. 17:17:16 CylanceSvc(68)[14] Information: [Cylance.Host.KernelDriver.Driver] Driver: UNKNOWN_FILE '', local: 'C:\Program Files\Splunk\bin\libeay32.dll', procId: 4992, hash: '7F24A035733C557F30741002B8A654FB944EB545F95C0ACF16D0174CE515CD8D'
  101. 17:17:16 CylanceSvc(68)[14] Information: [Cylance.Host.ProcessMonitor.ProcessMonitor] OnUnknownFile(1): Allow 'C:\Program Files\Splunk\bin\libeay32.dll'-7F24A035733C557F30741002B8A654FB944EB545F95C0ACF16D0174CE515CD8D Allow by GlobalPolicy (trust_files_in_scan_exception_list)
  102. 17:17:16 CylanceSvc(68)[14] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 7F24A035733C557F30741002B8A654FB944EB545F95C0ACF16D0174CE515CD8D 'C:\Program Files\Splunk\bin\libeay32.dll'
  103. 17:17:16 CylanceSvc(68)[14] Information: [Cylance.Host.KernelDriver.Driver] Driver: UNKNOWN_FILE '', local: 'C:\Program Files\Splunk\bin\archive.dll', procId: 4992, hash: '84985A026BCCDD8914E92BF36F521D6EB4C4C57A8B5A4EBB8E120AEDED468ACB'
  104. 17:17:16 CylanceSvc(68)[14] Information: [Cylance.Host.ProcessMonitor.ProcessMonitor] OnUnknownFile(1): Allow 'C:\Program Files\Splunk\bin\archive.dll'-84985A026BCCDD8914E92BF36F521D6EB4C4C57A8B5A4EBB8E120AEDED468ACB Allow by GlobalPolicy (trust_files_in_scan_exception_list)
  105. 17:17:16 CylanceSvc(68)[14] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 84985A026BCCDD8914E92BF36F521D6EB4C4C57A8B5A4EBB8E120AEDED468ACB 'C:\Program Files\Splunk\bin\archive.dll'
  106. 17:17:17 CylanceSvc(68)[14] Information: [Cylance.Host.KernelDriver.Driver] Driver: UNKNOWN_FILE '', local: 'C:\Program Files\Splunk\bin\win32file.pyd', procId: 4536, hash: 'D0E70EAE2BEAB434FDF1AE392D6998606875CAB86B4AA74CFBC8EC18B1BEC900'
  107. 17:17:17 CylanceSvc(68)[14] Information: [Cylance.Host.ProcessMonitor.ProcessMonitor] OnUnknownFile(1): Allow 'C:\Program Files\Splunk\bin\win32file.pyd'-D0E70EAE2BEAB434FDF1AE392D6998606875CAB86B4AA74CFBC8EC18B1BEC900 Allow by GlobalPolicy (trust_files_in_scan_exception_list)
  108. 17:17:17 CylanceSvc(68)[14] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow D0E70EAE2BEAB434FDF1AE392D6998606875CAB86B4AA74CFBC8EC18B1BEC900 'C:\Program Files\Splunk\bin\win32file.pyd'
  109. 17:17:17 CylanceUI(4964)[1] Information: Logging Started: Tuesday, February 27, 2018 5:17:17 PM (Tue, 27 Feb 2018 23:17:17 GMT) Machine Name: AEP-S23-V100 FQDN: AEP-S23-V100 Product Version: 2.0.1450.8
  110. 17:17:17 CylanceUI(4964)[1] Information: Log level set to 'Information'
  111. 17:17:17 CylanceUI(4964)[1] Information: Initializing...
  112. 17:17:17 CylanceSvc(68)[14] Information: [Cylance.Host.KernelDriver.Driver] Driver: UNKNOWN_FILE '', local: 'C:\Program Files\Splunk\bin\unicodedata.pyd', procId: 4536, hash: '5E64AB60F688652FF611D5D377A58D9BEB0E6868A60D730C82F9FADEE982FCA7'
  113. 17:17:17 CylanceSvc(68)[14] Information: [Cylance.Host.ProcessMonitor.ProcessMonitor] OnUnknownFile(1): Allow 'C:\Program Files\Splunk\bin\unicodedata.pyd'-5E64AB60F688652FF611D5D377A58D9BEB0E6868A60D730C82F9FADEE982FCA7 Allow by GlobalPolicy (trust_files_in_scan_exception_list)
  114. 17:17:17 CylanceSvc(68)[14] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 5E64AB60F688652FF611D5D377A58D9BEB0E6868A60D730C82F9FADEE982FCA7 'C:\Program Files\Splunk\bin\unicodedata.pyd'
  115. 17:17:17 CylanceSvc(68)[14] Information: [Cylance.Host.KernelDriver.Driver] Driver: UNKNOWN_FILE '', local: 'C:\Program Files\Splunk\bin\splunk-winevtlog.exe', procId: 1168, hash: '15F4CA2F25FB357871504E686292C710A4DEA34031388273A7C39D34277C5243'
  116. 17:17:17 CylanceSvc(68)[14] Information: [Cylance.Host.ProcessMonitor.ProcessMonitor] OnUnknownFile(1): Allow 'C:\Program Files\Splunk\bin\splunk-winevtlog.exe'-15F4CA2F25FB357871504E686292C710A4DEA34031388273A7C39D34277C5243 Allow by GlobalPolicy (trust_files_in_scan_exception_list)
  117. 17:17:17 CylanceSvc(68)[14] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 15F4CA2F25FB357871504E686292C710A4DEA34031388273A7C39D34277C5243 'C:\Program Files\Splunk\bin\splunk-winevtlog.exe'
  118. 17:17:18 CylanceSvc(68)[14] Information: [Cylance.Host.KernelDriver.Driver] Driver: UNKNOWN_FILE '', local: 'C:\Program Files\Splunk\bin\splunk-winprintmon.exe', procId: 1168, hash: 'EDD7B89D36AE23167FBFCAF5C1CA983E37536BE49D00E59B77D9769C817EF576'
  119. 17:17:18 CylanceSvc(68)[14] Information: [Cylance.Host.ProcessMonitor.ProcessMonitor] OnUnknownFile(1): Allow 'C:\Program Files\Splunk\bin\splunk-winprintmon.exe'-EDD7B89D36AE23167FBFCAF5C1CA983E37536BE49D00E59B77D9769C817EF576 Allow by GlobalPolicy (trust_files_in_scan_exception_list)
  120. 17:17:18 CylanceSvc(68)[14] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow EDD7B89D36AE23167FBFCAF5C1CA983E37536BE49D00E59B77D9769C817EF576 'C:\Program Files\Splunk\bin\splunk-winprintmon.exe'
  121. 17:17:18 CylanceSvc(68)[14] Information: [Cylance.Host.KernelDriver.Driver] Driver: UNKNOWN_FILE '', local: 'C:\Program Files\Splunk\bin\splunkd.exe', procId: 1168, hash: 'C9C0468F324A38F15EAB7ABE4A4027D3157D2DC13086F0CB4E7FB527717AAB96'
  122. 17:17:18 CylanceSvc(68)[14] Information: [Cylance.Host.ProcessMonitor.ProcessMonitor] OnUnknownFile(1): Allow 'C:\Program Files\Splunk\bin\splunkd.exe'-C9C0468F324A38F15EAB7ABE4A4027D3157D2DC13086F0CB4E7FB527717AAB96 Allow by GlobalPolicy (trust_files_in_scan_exception_list)
  123. 17:17:18 CylanceSvc(68)[14] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow C9C0468F324A38F15EAB7ABE4A4027D3157D2DC13086F0CB4E7FB527717AAB96 'C:\Program Files\Splunk\bin\splunkd.exe'
  124. 17:17:19 CylanceSvc(68)[32] Information: [Cylance.Host.KernelDriver.Driver] Driver: UNKNOWN_FILE '', local: 'C:\Program Files\Splunk\bin\python.exe', procId: 1168, hash: '384BD22335A2E3BB1FA0D0E3E51369B7472C548134073F9633AFA772DC023278'
  125. 17:17:19 CylanceSvc(68)[32] Information: [Cylance.Host.ProcessMonitor.ProcessMonitor] OnUnknownFile(1): Allow 'C:\Program Files\Splunk\bin\python.exe'-384BD22335A2E3BB1FA0D0E3E51369B7472C548134073F9633AFA772DC023278 Allow by GlobalPolicy (trust_files_in_scan_exception_list)
  126. 17:17:19 CylanceSvc(68)[32] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 384BD22335A2E3BB1FA0D0E3E51369B7472C548134073F9633AFA772DC023278 'C:\Program Files\Splunk\bin\python.exe'
  127. 17:17:19 CylanceSvc(68)[20] Information: [Cylance.Host.KernelDriver.Driver] Driver: UNKNOWN_FILE '', local: 'C:\Program Files\Splunk\bin\python27.dll', procId: 2472, hash: 'BACA8F64BA7EDEAD4EAEF369FED8D96B1EDBD739601C09D12CE76FFA85892C6D'
  128. 17:17:19 CylanceSvc(68)[20] Information: [Cylance.Host.ProcessMonitor.ProcessMonitor] OnUnknownFile(1): Allow 'C:\Program Files\Splunk\bin\python27.dll'-BACA8F64BA7EDEAD4EAEF369FED8D96B1EDBD739601C09D12CE76FFA85892C6D Allow by GlobalPolicy (trust_files_in_scan_exception_list)
  129. 17:17:19 CylanceSvc(68)[20] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow BACA8F64BA7EDEAD4EAEF369FED8D96B1EDBD739601C09D12CE76FFA85892C6D 'C:\Program Files\Splunk\bin\python27.dll'
  130. 17:17:20 CylanceSvc(68)[20] Information: [Cylance.Host.KernelDriver.Driver] Driver: UNKNOWN_FILE '', local: 'C:\Program Files\Splunk\bin\etree.pyd', procId: 2472, hash: '18762A03722692DEEC4B5E42924E15C65DE1F938D8475E99A56353EEEF6402E5'
  131. 17:17:20 CylanceSvc(68)[20] Information: [Cylance.Host.ProcessMonitor.ProcessMonitor] OnUnknownFile(1): Allow 'C:\Program Files\Splunk\bin\etree.pyd'-18762A03722692DEEC4B5E42924E15C65DE1F938D8475E99A56353EEEF6402E5 Allow by GlobalPolicy (trust_files_in_scan_exception_list)
  132. 17:17:20 CylanceSvc(68)[20] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 18762A03722692DEEC4B5E42924E15C65DE1F938D8475E99A56353EEEF6402E5 'C:\Program Files\Splunk\bin\etree.pyd'
  133. 17:17:20 CylanceSvc(68)[32] Information: [Cylance.Host.KernelDriver.Driver] Driver: UNKNOWN_FILE '', local: 'C:\Program Files\Splunk\bin\libexslt.dll', procId: 2472, hash: 'E7236DD2692E472E9B0378665781026F1C19B99DE6EA6365A0574A189BD8E6DA'
  134. 17:17:20 CylanceSvc(68)[32] Information: [Cylance.Host.ProcessMonitor.ProcessMonitor] OnUnknownFile(1): Allow 'C:\Program Files\Splunk\bin\libexslt.dll'-E7236DD2692E472E9B0378665781026F1C19B99DE6EA6365A0574A189BD8E6DA Allow by GlobalPolicy (trust_files_in_scan_exception_list)
  135. 17:17:20 CylanceSvc(68)[32] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow E7236DD2692E472E9B0378665781026F1C19B99DE6EA6365A0574A189BD8E6DA 'C:\Program Files\Splunk\bin\libexslt.dll'
  136. 17:17:20 CylanceSvc(68)[32] Information: [Cylance.Host.KernelDriver.Driver] Driver: UNKNOWN_FILE '', local: 'C:\Program Files\Splunk\bin\_socket.pyd', procId: 2472, hash: '1274F2E236B124EA3F4D1FE3E7EDCF57194B8F4592BA6C31AA0EB9DE787A0E85'
  137. 17:17:20 CylanceSvc(68)[32] Information: [Cylance.Host.ProcessMonitor.ProcessMonitor] OnUnknownFile(1): Allow 'C:\Program Files\Splunk\bin\_socket.pyd'-1274F2E236B124EA3F4D1FE3E7EDCF57194B8F4592BA6C31AA0EB9DE787A0E85 Allow by GlobalPolicy (trust_files_in_scan_exception_list)
  138. 17:17:20 CylanceSvc(68)[32] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 1274F2E236B124EA3F4D1FE3E7EDCF57194B8F4592BA6C31AA0EB9DE787A0E85 'C:\Program Files\Splunk\bin\_socket.pyd'
  139. 17:17:20 CylanceSvc(68)[20] Information: [Cylance.Host.KernelDriver.Driver] Driver: UNKNOWN_FILE '', local: 'C:\Program Files\Splunk\bin\_ssl.pyd', procId: 2472, hash: '3F1070CFAEE188E8FB6832932C8CFE095ED3343B0EE5CA176F80FAE25606AC4F'
  140. 17:17:20 CylanceSvc(68)[20] Information: [Cylance.Host.ProcessMonitor.ProcessMonitor] OnUnknownFile(1): Allow 'C:\Program Files\Splunk\bin\_ssl.pyd'-3F1070CFAEE188E8FB6832932C8CFE095ED3343B0EE5CA176F80FAE25606AC4F Allow by GlobalPolicy (trust_files_in_scan_exception_list)
  141. 17:17:20 CylanceSvc(68)[20] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 3F1070CFAEE188E8FB6832932C8CFE095ED3343B0EE5CA176F80FAE25606AC4F 'C:\Program Files\Splunk\bin\_ssl.pyd'
  142. 17:17:20 CylanceSvc(68)[20] Information: [Cylance.Host.KernelDriver.Driver] Driver: UNKNOWN_FILE '', local: 'C:\Program Files\Splunk\bin\_elementtree.pyd', procId: 2472, hash: '0177AF1AA1B353F8C5956593A6CEB715F8E792168D9FF3F05A917F0165A4D027'
  143. 17:17:20 CylanceSvc(68)[20] Information: [Cylance.Host.ProcessMonitor.ProcessMonitor] OnUnknownFile(1): Allow 'C:\Program Files\Splunk\bin\_elementtree.pyd'-0177AF1AA1B353F8C5956593A6CEB715F8E792168D9FF3F05A917F0165A4D027 Allow by GlobalPolicy (trust_files_in_scan_exception_list)
  144. 17:17:20 CylanceSvc(68)[20] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 0177AF1AA1B353F8C5956593A6CEB715F8E792168D9FF3F05A917F0165A4D027 'C:\Program Files\Splunk\bin\_elementtree.pyd'
  145. 17:17:20 CylanceSvc(68)[20] Information: [Cylance.Host.KernelDriver.Driver] Driver: UNKNOWN_FILE '', local: 'C:\Program Files\Splunk\bin\pyexpat.pyd', procId: 2472, hash: 'E2ABB9316186F2F2F617979DA9FD6D79210C63437E5BDF7CA7FF1062858DF932'
  146. 17:17:20 CylanceSvc(68)[20] Information: [Cylance.Host.ProcessMonitor.ProcessMonitor] OnUnknownFile(1): Allow 'C:\Program Files\Splunk\bin\pyexpat.pyd'-E2ABB9316186F2F2F617979DA9FD6D79210C63437E5BDF7CA7FF1062858DF932 Allow by GlobalPolicy (trust_files_in_scan_exception_list)
  147. 17:17:20 CylanceSvc(68)[20] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow E2ABB9316186F2F2F617979DA9FD6D79210C63437E5BDF7CA7FF1062858DF932 'C:\Program Files\Splunk\bin\pyexpat.pyd'
  148. 17:17:20 CylanceSvc(68)[20] Information: [Cylance.Host.KernelDriver.Driver] Driver: UNKNOWN_FILE '', local: 'C:\Program Files\Splunk\bin\win32service.pyd', procId: 2472, hash: '5E3D51D826A9483603964A236C0ED91D9EFCBB379A844B753A818AD5B5838311'
  149. 17:17:20 CylanceSvc(68)[20] Information: [Cylance.Host.ProcessMonitor.ProcessMonitor] OnUnknownFile(1): Allow 'C:\Program Files\Splunk\bin\win32service.pyd'-5E3D51D826A9483603964A236C0ED91D9EFCBB379A844B753A818AD5B5838311 Allow by GlobalPolicy (trust_files_in_scan_exception_list)
  150. 17:17:20 CylanceSvc(68)[20] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 5E3D51D826A9483603964A236C0ED91D9EFCBB379A844B753A818AD5B5838311 'C:\Program Files\Splunk\bin\win32service.pyd'
  151. 17:17:20 CylanceSvc(68)[32] Information: [Cylance.Host.KernelDriver.Driver] Driver: UNKNOWN_FILE '', local: 'C:\Program Files\Splunk\bin\PyWinTypes27.dll', procId: 2472, hash: 'D2918F58CF4028228EA9F192EE1E2D55E8A49666B93CEFF33C97AF325A05654B'
  152. 17:17:20 CylanceSvc(68)[32] Information: [Cylance.Host.ProcessMonitor.ProcessMonitor] OnUnknownFile(1): Allow 'C:\Program Files\Splunk\bin\PyWinTypes27.dll'-D2918F58CF4028228EA9F192EE1E2D55E8A49666B93CEFF33C97AF325A05654B Allow by GlobalPolicy (trust_files_in_scan_exception_list)
  153. 17:17:20 CylanceSvc(68)[32] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow D2918F58CF4028228EA9F192EE1E2D55E8A49666B93CEFF33C97AF325A05654B 'C:\Program Files\Splunk\bin\PyWinTypes27.dll'
  154. 17:17:20 CylanceSvc(68)[20] Information: [Cylance.Host.KernelDriver.Driver] Driver: UNKNOWN_FILE '', local: 'C:\Program Files\Splunk\bin\win32api.pyd', procId: 2472, hash: '291FBE9423B02C7264F27014C32A7134DC0D1D80BD02777B0DD4B43F475F25DF'
  155. 17:17:20 CylanceSvc(68)[20] Information: [Cylance.Host.ProcessMonitor.ProcessMonitor] OnUnknownFile(1): Allow 'C:\Program Files\Splunk\bin\win32api.pyd'-291FBE9423B02C7264F27014C32A7134DC0D1D80BD02777B0DD4B43F475F25DF Allow by GlobalPolicy (trust_files_in_scan_exception_list)
  156. 17:17:20 CylanceSvc(68)[20] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 291FBE9423B02C7264F27014C32A7134DC0D1D80BD02777B0DD4B43F475F25DF 'C:\Program Files\Splunk\bin\win32api.pyd'
  157. 17:17:20 CylanceSvc(68)[20] Information: [Cylance.Host.KernelDriver.Driver] Driver: UNKNOWN_FILE '', local: 'C:\Program Files\Splunk\bin\_win32sysloader.pyd', procId: 2472, hash: '4392FC4F9E147619FC36461550EB114A3A1C363A698250FF8AEA20CD264400B3'
  158. 17:17:20 CylanceSvc(68)[20] Information: [Cylance.Host.ProcessMonitor.ProcessMonitor] OnUnknownFile(1): Allow 'C:\Program Files\Splunk\bin\_win32sysloader.pyd'-4392FC4F9E147619FC36461550EB114A3A1C363A698250FF8AEA20CD264400B3 Allow by GlobalPolicy (trust_files_in_scan_exception_list)
  159. 17:17:20 CylanceSvc(68)[20] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 4392FC4F9E147619FC36461550EB114A3A1C363A698250FF8AEA20CD264400B3 'C:\Program Files\Splunk\bin\_win32sysloader.pyd'
  160. 17:17:20 CylanceSvc(68)[20] Information: [Cylance.Host.KernelDriver.Driver] Driver: UNKNOWN_FILE '', local: 'C:\Program Files\Splunk\bin\crypto.pyd', procId: 2472, hash: 'EE2AD137776DE567528687519B0DA9D2F7CC3D457A2883FCAE07E3771CFF709A'
  161. 17:17:20 CylanceSvc(68)[20] Information: [Cylance.Host.ProcessMonitor.ProcessMonitor] OnUnknownFile(1): Allow 'C:\Program Files\Splunk\bin\crypto.pyd'-EE2AD137776DE567528687519B0DA9D2F7CC3D457A2883FCAE07E3771CFF709A Allow by GlobalPolicy (trust_files_in_scan_exception_list)
  162. 17:17:20 CylanceSvc(68)[20] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow EE2AD137776DE567528687519B0DA9D2F7CC3D457A2883FCAE07E3771CFF709A 'C:\Program Files\Splunk\bin\crypto.pyd'
  163. 17:17:20 CylanceSvc(68)[32] Information: [Cylance.Host.KernelDriver.Driver] Driver: UNKNOWN_FILE '', local: 'C:\Program Files\Splunk\bin\rand.pyd', procId: 2472, hash: '82B6159F3481EA4997366040772965B9F0A6F0224A944F35FB5101577A4673FB'
  164. 17:17:20 CylanceSvc(68)[32] Information: [Cylance.Host.ProcessMonitor.ProcessMonitor] OnUnknownFile(1): Allow 'C:\Program Files\Splunk\bin\rand.pyd'-82B6159F3481EA4997366040772965B9F0A6F0224A944F35FB5101577A4673FB Allow by GlobalPolicy (trust_files_in_scan_exception_list)
  165. 17:17:20 CylanceSvc(68)[32] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 82B6159F3481EA4997366040772965B9F0A6F0224A944F35FB5101577A4673FB 'C:\Program Files\Splunk\bin\rand.pyd'
  166. 17:17:20 CylanceSvc(68)[20] Information: [Cylance.Host.KernelDriver.Driver] Driver: UNKNOWN_FILE '', local: 'C:\Program Files\Splunk\bin\SSL.pyd', procId: 2472, hash: '2A70B8AD89B48DE1DD9C52BF129BF96C67555E0AB538A216444BC3296B1D10E2'
  167. 17:17:20 CylanceSvc(68)[20] Information: [Cylance.Host.ProcessMonitor.ProcessMonitor] OnUnknownFile(1): Allow 'C:\Program Files\Splunk\bin\SSL.pyd'-2A70B8AD89B48DE1DD9C52BF129BF96C67555E0AB538A216444BC3296B1D10E2 Allow by GlobalPolicy (trust_files_in_scan_exception_list)
  168. 17:17:20 CylanceSvc(68)[20] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 2A70B8AD89B48DE1DD9C52BF129BF96C67555E0AB538A216444BC3296B1D10E2 'C:\Program Files\Splunk\bin\SSL.pyd'
  169. 17:17:52 CylanceSvc(68)[6] Information: [Cylance.Host.Agent.Updater.UpdateManager] RunCheckForUpdates: runCheckNow: False, justRan: True, onDemand: False, updateContinue: False
  170. 17:18:09 CylanceSvc(68)[34] Information: [Cylance.Host.KernelDriver.Driver] Driver: UNKNOWN_FILE '', local: 'C:\Program Files\Splunk\bin\splunk-MonitorNoHandle.exe', procId: 1168, hash: '92EBA7B87AB5481E63C1DDABC3B62AC647A23FFD7A9C6DF5B17B3EF25147A09D'
  171. 17:18:09 CylanceSvc(68)[34] Information: [Cylance.Host.ProcessMonitor.ProcessMonitor] OnUnknownFile(1): Allow 'C:\Program Files\Splunk\bin\splunk-MonitorNoHandle.exe'-92EBA7B87AB5481E63C1DDABC3B62AC647A23FFD7A9C6DF5B17B3EF25147A09D Allow by GlobalPolicy (trust_files_in_scan_exception_list)
  172. 17:18:09 CylanceSvc(68)[34] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 92EBA7B87AB5481E63C1DDABC3B62AC647A23FFD7A9C6DF5B17B3EF25147A09D 'C:\Program Files\Splunk\bin\splunk-MonitorNoHandle.exe'
  173. 17:18:10 CylanceSvc(68)[31] Information: [Cylance.Host.KernelDriver.Driver] Driver: UNKNOWN_FILE '', local: 'C:\Program Files\Splunk\bin\splunk-admon.exe', procId: 1168, hash: '261B16E230C2FB33B1EC6997DF88F286B172524CE9AB6ED33CFEDA736C6FF8E1'
  174. 17:18:10 CylanceSvc(68)[31] Information: [Cylance.Host.ProcessMonitor.ProcessMonitor] OnUnknownFile(1): Allow 'C:\Program Files\Splunk\bin\splunk-admon.exe'-261B16E230C2FB33B1EC6997DF88F286B172524CE9AB6ED33CFEDA736C6FF8E1 Allow by GlobalPolicy (trust_files_in_scan_exception_list)
  175. 17:18:10 CylanceSvc(68)[31] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 261B16E230C2FB33B1EC6997DF88F286B172524CE9AB6ED33CFEDA736C6FF8E1 'C:\Program Files\Splunk\bin\splunk-admon.exe'
  176. 17:18:11 CylanceSvc(68)[31] Information: [Cylance.Host.KernelDriver.Driver] Driver: UNKNOWN_FILE '', local: 'C:\Program Files\Splunk\bin\splunk-netmon.exe', procId: 1168, hash: '8B6BC024C8251A3B3EC1B6B9EF7036902FEDDD5372C3D46C78B2085195EDE855'
  177. 17:18:11 CylanceSvc(68)[31] Information: [Cylance.Host.ProcessMonitor.ProcessMonitor] OnUnknownFile(1): Allow 'C:\Program Files\Splunk\bin\splunk-netmon.exe'-8B6BC024C8251A3B3EC1B6B9EF7036902FEDDD5372C3D46C78B2085195EDE855 Allow by GlobalPolicy (trust_files_in_scan_exception_list)
  178. 17:18:11 CylanceSvc(68)[31] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 8B6BC024C8251A3B3EC1B6B9EF7036902FEDDD5372C3D46C78B2085195EDE855 'C:\Program Files\Splunk\bin\splunk-netmon.exe'
  179. 17:18:14 CylanceSvc(68)[31] Information: [Cylance.Host.KernelDriver.Driver] Driver: UNKNOWN_FILE '', local: 'C:\Program Files\Splunk\bin\splunk-powershell.exe', procId: 1168, hash: '0B549DA6720B93262263A0B2F914B49E878C7045A4D1F12727DEC005A7DFC715'
  180. 17:18:14 CylanceSvc(68)[31] Information: [Cylance.Host.ProcessMonitor.ProcessMonitor] OnUnknownFile(1): Allow 'C:\Program Files\Splunk\bin\splunk-powershell.exe'-0B549DA6720B93262263A0B2F914B49E878C7045A4D1F12727DEC005A7DFC715 Allow by GlobalPolicy (trust_files_in_scan_exception_list)
  181. 17:18:14 CylanceSvc(68)[31] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 0B549DA6720B93262263A0B2F914B49E878C7045A4D1F12727DEC005A7DFC715 'C:\Program Files\Splunk\bin\splunk-powershell.exe'
  182. 17:19:16 CylanceSvc(68)[39] Information: [Cylance.Host.MemDef.MemDef] Out of process unmap received => 1608, 140736806322176, \Device\HarddiskVolume2\Windows\System32\ntdll.dll, 0, 0, 0
  183. 17:19:16 CylanceSvc(68)[39] Information: [Cylance.Host.MemDef.MemDef] Process Terminated: C:\WINDOWS\system32\WerFault.exe
  184. 17:19:16 CylanceSvc(68)[39] Information: [Cylance.Host.MemDef.MemDef] Out of process unmap received => 1524, 140736806322176, \Device\HarddiskVolume2\Windows\System32\ntdll.dll, 0, 0, 0
  185. 17:19:16 CylanceSvc(68)[39] Information: [Cylance.Host.MemDef.MemDef] Process Terminated: C:\WINDOWS\system32\WerFault.exe
  186. 17:19:19 CylanceSvc(68)[5] Information: [Cylance.Host.MemDef.MemDef] GetExploitsProcessInfoList - returning 2 processed violations
  187. 17:19:19 CylanceSvc(68)[5] Information: [Cylance.Host.MemDef.MemDef] GetScriptsProcessInfoList - returning 0 processed scripts
  188. 17:19:26 CylanceSvc(68)[38] Information: [Cylance.Host.KernelDriver.Driver] Driver: UNKNOWN_FILE '', local: 'C:\Users\admin\AppData\Local\Microsoft\Windows\INetCache\IE\BVVTMXPC\Thunderbird Setup 52.6.0.exe', procId: 2580, hash: 'AC20083020A0762F8238160D624C2234DB766B47BF848E5EB63C1FD904C1B82D'
  189. 17:19:27 CylanceSvc(68)[38] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow AC20083020A0762F8238160D624C2234DB766B47BF848E5EB63C1FD904C1B82D 'C:\Users\admin\AppData\Local\Microsoft\Windows\INetCache\IE\BVVTMXPC\Thunderbird Setup 52.6.0.exe'
  190. 17:19:27 CylanceSvc(68)[38] Information: [Cylance.Host.ProcessMonitor.ProcessMonitor] OnUnknownFile(1) SendBlockResponse: Allow 'C:\Users\admin\AppData\Local\Microsoft\Windows\INetCache\IE\BVVTMXPC\Thunderbird Setup 52.6.0.exe'-AC20083020A0762F8238160D624C2234DB766B47BF848E5EB63C1FD904C1B82D
  191. 17:19:28 CylanceSvc(68)[38] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow AC20083020A0762F8238160D624C2234DB766B47BF848E5EB63C1FD904C1B82D 'C:\Users\admin\AppData\Local\Microsoft\Windows\INetCache\IE\BVVTMXPC\Thunderbird Setup 52.6.0.exe'
  192. 17:19:28 CylanceSvc(68)[38] Information: [Cylance.Host.Analyzer.Analyzer] AnalyzeFile remove from list: 'C:\Users\admin\AppData\Local\Microsoft\Windows\INetCache\IE\BVVTMXPC\Thunderbird Setup 52.6.0.exe'-AC20083020A0762F8238160D624C2234DB766B47BF848E5EB63C1FD904C1B82D FileInvalid=False detector='execution_control' score=988 prev_dectector='unknown' prev_score=0
  193. 17:19:40 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow AC20083020A0762F8238160D624C2234DB766B47BF848E5EB63C1FD904C1B82D 'c:\users\admin\appdata\local\microsoft\windows\inetcache\ie\bvvtmxpc\thunderbird setup 52.6.0.exe'
  194. 17:19:43 CylanceSvc(68)[36] Information: [Cylance.Host.KernelDriver.Driver] Driver: UNKNOWN_FILE '', local: 'C:\Users\admin\AppData\Local\Temp\7zSC8A5.tmp\setup.exe', procId: 4084, hash: '62B6E32F9FFECC86EF2854B9E7B8362081A98D3960CFE5D6EE8E930CBDA62B9C'
  195. 17:19:43 CylanceSvc(68)[36] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 62B6E32F9FFECC86EF2854B9E7B8362081A98D3960CFE5D6EE8E930CBDA62B9C 'C:\Users\admin\AppData\Local\Temp\7zSC8A5.tmp\setup.exe'
  196. 17:19:43 CylanceSvc(68)[36] Information: [Cylance.Host.ProcessMonitor.ProcessMonitor] OnUnknownFile(1) SendBlockResponse: Allow 'C:\Users\admin\AppData\Local\Temp\7zSC8A5.tmp\setup.exe'-62B6E32F9FFECC86EF2854B9E7B8362081A98D3960CFE5D6EE8E930CBDA62B9C
  197. 17:19:43 CylanceSvc(68)[36] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 62B6E32F9FFECC86EF2854B9E7B8362081A98D3960CFE5D6EE8E930CBDA62B9C 'C:\Users\admin\AppData\Local\Temp\7zSC8A5.tmp\setup.exe'
  198. 17:19:43 CylanceSvc(68)[36] Information: [Cylance.Host.Analyzer.Analyzer] AnalyzeFile remove from list: 'C:\Users\admin\AppData\Local\Temp\7zSC8A5.tmp\setup.exe'-62B6E32F9FFECC86EF2854B9E7B8362081A98D3960CFE5D6EE8E930CBDA62B9C FileInvalid=False detector='execution_control' score=998 prev_dectector='unknown' prev_score=0
  199. 17:19:43 CylanceSvc(68)[36] Information: [Cylance.Host.KernelDriver.Driver] Driver: UNKNOWN_FILE '', local: 'C:\Users\admin\AppData\Local\Temp\nsv736.tmp\System.dll', procId: 5452, hash: '4FF9B2678D698677C5D9732678F9CF53F17290E09D053691AAC4CC6E6F595CBE'
  200. 17:19:43 CylanceSvc(68)[36] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 4FF9B2678D698677C5D9732678F9CF53F17290E09D053691AAC4CC6E6F595CBE 'C:\Users\admin\AppData\Local\Temp\nsv736.tmp\System.dll'
  201. 17:19:43 CylanceSvc(68)[36] Information: [Cylance.Host.ProcessMonitor.ProcessMonitor] OnUnknownFile(1) SendBlockResponse: Allow 'C:\Users\admin\AppData\Local\Temp\nsv736.tmp\System.dll'-4FF9B2678D698677C5D9732678F9CF53F17290E09D053691AAC4CC6E6F595CBE
  202. 17:19:43 CylanceSvc(68)[31] Information: [Cylance.Host.KernelDriver.Driver] Driver: UNKNOWN_FILE '', local: 'C:\Users\admin\AppData\Local\Temp\nsv736.tmp\UAC.dll', procId: 5452, hash: '0D21041A1B5CD9F9968FC1D457C78A802C9C5A23F375327E833501B65BCD095D'
  203. 17:19:43 CylanceSvc(68)[36] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 4FF9B2678D698677C5D9732678F9CF53F17290E09D053691AAC4CC6E6F595CBE 'C:\Users\admin\AppData\Local\Temp\nsv736.tmp\System.dll'
  204. 17:19:43 CylanceSvc(68)[36] Information: [Cylance.Host.Analyzer.Analyzer] AnalyzeFile remove from list: 'C:\Users\admin\AppData\Local\Temp\nsv736.tmp\System.dll'-4FF9B2678D698677C5D9732678F9CF53F17290E09D053691AAC4CC6E6F595CBE FileInvalid=False detector='execution_control' score=978 prev_dectector='unknown' prev_score=0
  205. 17:19:43 CylanceSvc(68)[31] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 0D21041A1B5CD9F9968FC1D457C78A802C9C5A23F375327E833501B65BCD095D 'C:\Users\admin\AppData\Local\Temp\nsv736.tmp\UAC.dll'
  206. 17:19:43 CylanceSvc(68)[31] Information: [Cylance.Host.ProcessMonitor.ProcessMonitor] OnUnknownFile(1) SendBlockResponse: Allow 'C:\Users\admin\AppData\Local\Temp\nsv736.tmp\UAC.dll'-0D21041A1B5CD9F9968FC1D457C78A802C9C5A23F375327E833501B65BCD095D
  207. 17:19:43 CylanceSvc(68)[31] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 0D21041A1B5CD9F9968FC1D457C78A802C9C5A23F375327E833501B65BCD095D 'C:\Users\admin\AppData\Local\Temp\nsv736.tmp\UAC.dll'
  208. 17:19:43 CylanceSvc(68)[31] Information: [Cylance.Host.Analyzer.Analyzer] AnalyzeFile remove from list: 'C:\Users\admin\AppData\Local\Temp\nsv736.tmp\UAC.dll'-0D21041A1B5CD9F9968FC1D457C78A802C9C5A23F375327E833501B65BCD095D FileInvalid=False detector='execution_control' score=972 prev_dectector='unknown' prev_score=0
  209. 17:19:43 CylanceSvc(68)[31] Information: [Cylance.Host.KernelDriver.Driver] Driver: UNKNOWN_FILE '', local: 'C:\Users\admin\AppData\Local\Temp\nsv736.tmp\InstallOptions.dll', procId: 5452, hash: '2A2878B54550178144665D4C5F67309F71F1089679AE0F84FA419B8A309A88E4'
  210. 17:19:43 CylanceSvc(68)[31] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 2A2878B54550178144665D4C5F67309F71F1089679AE0F84FA419B8A309A88E4 'C:\Users\admin\AppData\Local\Temp\nsv736.tmp\InstallOptions.dll'
  211. 17:19:43 CylanceSvc(68)[31] Information: [Cylance.Host.ProcessMonitor.ProcessMonitor] OnUnknownFile(1) SendBlockResponse: Allow 'C:\Users\admin\AppData\Local\Temp\nsv736.tmp\InstallOptions.dll'-2A2878B54550178144665D4C5F67309F71F1089679AE0F84FA419B8A309A88E4
  212. 17:19:43 CylanceSvc(68)[31] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 2A2878B54550178144665D4C5F67309F71F1089679AE0F84FA419B8A309A88E4 'C:\Users\admin\AppData\Local\Temp\nsv736.tmp\InstallOptions.dll'
  213. 17:19:43 CylanceSvc(68)[31] Information: [Cylance.Host.Analyzer.Analyzer] AnalyzeFile remove from list: 'C:\Users\admin\AppData\Local\Temp\nsv736.tmp\InstallOptions.dll'-2A2878B54550178144665D4C5F67309F71F1089679AE0F84FA419B8A309A88E4 FileInvalid=False detector='execution_control' score=995 prev_dectector='unknown' prev_score=0
  214. 17:19:46 CylanceSvc(68)[34] Information: [Cylance.Host.KernelDriver.Driver] Driver: UNKNOWN_FILE '', local: 'C:\Users\admin\AppData\Local\Temp\nsv736.tmp\ServicesHelper.dll', procId: 5452, hash: '6D2F1DF00E70097A667F6020205BBFEA67A4FD5E0C244F0400752B4671C0A3F3'
  215. 17:19:46 CylanceSvc(68)[34] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 6D2F1DF00E70097A667F6020205BBFEA67A4FD5E0C244F0400752B4671C0A3F3 'C:\Users\admin\AppData\Local\Temp\nsv736.tmp\ServicesHelper.dll'
  216. 17:19:46 CylanceSvc(68)[34] Information: [Cylance.Host.ProcessMonitor.ProcessMonitor] OnUnknownFile(1) SendBlockResponse: Allow 'C:\Users\admin\AppData\Local\Temp\nsv736.tmp\ServicesHelper.dll'-6D2F1DF00E70097A667F6020205BBFEA67A4FD5E0C244F0400752B4671C0A3F3
  217. 17:19:46 CylanceSvc(68)[38] Information: [Cylance.Host.KernelDriver.Driver] Driver: UNKNOWN_FILE '', local: 'C:\Users\admin\AppData\Local\Temp\nsv736.tmp\UserInfo.dll', procId: 5452, hash: '5BFBBDA954E6AC97E5EEFCCE298CA3EE14D1D2B9B27CA58320E0940DFBFB57EE'
  218. 17:19:46 CylanceSvc(68)[34] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 6D2F1DF00E70097A667F6020205BBFEA67A4FD5E0C244F0400752B4671C0A3F3 'C:\Users\admin\AppData\Local\Temp\nsv736.tmp\ServicesHelper.dll'
  219. 17:19:46 CylanceSvc(68)[34] Information: [Cylance.Host.Analyzer.Analyzer] AnalyzeFile remove from list: 'C:\Users\admin\AppData\Local\Temp\nsv736.tmp\ServicesHelper.dll'-6D2F1DF00E70097A667F6020205BBFEA67A4FD5E0C244F0400752B4671C0A3F3 FileInvalid=False detector='execution_control' score=1000 prev_dectector='unknown' prev_score=0
  220. 17:19:46 CylanceSvc(68)[38] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 5BFBBDA954E6AC97E5EEFCCE298CA3EE14D1D2B9B27CA58320E0940DFBFB57EE 'C:\Users\admin\AppData\Local\Temp\nsv736.tmp\UserInfo.dll'
  221. 17:19:46 CylanceSvc(68)[38] Information: [Cylance.Host.ProcessMonitor.ProcessMonitor] OnUnknownFile(1) SendBlockResponse: Allow 'C:\Users\admin\AppData\Local\Temp\nsv736.tmp\UserInfo.dll'-5BFBBDA954E6AC97E5EEFCCE298CA3EE14D1D2B9B27CA58320E0940DFBFB57EE
  222. 17:19:46 CylanceSvc(68)[38] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 5BFBBDA954E6AC97E5EEFCCE298CA3EE14D1D2B9B27CA58320E0940DFBFB57EE 'C:\Users\admin\AppData\Local\Temp\nsv736.tmp\UserInfo.dll'
  223. 17:19:46 CylanceSvc(68)[38] Information: [Cylance.Host.Analyzer.Analyzer] AnalyzeFile remove from list: 'C:\Users\admin\AppData\Local\Temp\nsv736.tmp\UserInfo.dll'-5BFBBDA954E6AC97E5EEFCCE298CA3EE14D1D2B9B27CA58320E0940DFBFB57EE FileInvalid=False detector='execution_control' score=989 prev_dectector='unknown' prev_score=0
  224. 17:19:49 CylanceSvc(68)[36] Information: [Cylance.Host.KernelDriver.Driver] Driver: UNKNOWN_FILE '', local: 'C:\Program Files (x86)\Mozilla Thunderbird\AccessibleMarshal.dll', procId: 5628, hash: '274222E5AE4EA4BEBB84A96CCD2DF0E79ECFC2906A358804A86F7DB4AFE374F1'
  225. 17:19:49 CylanceSvc(68)[36] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 274222E5AE4EA4BEBB84A96CCD2DF0E79ECFC2906A358804A86F7DB4AFE374F1 'C:\Program Files (x86)\Mozilla Thunderbird\AccessibleMarshal.dll'
  226. 17:19:49 CylanceSvc(68)[36] Information: [Cylance.Host.ProcessMonitor.ProcessMonitor] OnUnknownFile(1) SendBlockResponse: Allow 'C:\Program Files (x86)\Mozilla Thunderbird\AccessibleMarshal.dll'-274222E5AE4EA4BEBB84A96CCD2DF0E79ECFC2906A358804A86F7DB4AFE374F1
  227. 17:19:49 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 274222E5AE4EA4BEBB84A96CCD2DF0E79ECFC2906A358804A86F7DB4AFE374F1 'c:\users\admin\appdata\local\temp\7zsc8a5.tmp\core\accessiblemarshal.dll'
  228. 17:19:49 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow BCE066193FEB60B08EDF4CBEB490AAAA5DFFEB8A63A720CADF948748A9AF4B8F 'c:\users\admin\appdata\local\temp\7zsc8a5.tmp\core\api-ms-win-core-console-l1-1-0.dll'
  229. 17:19:49 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 29B23370474BE0C459CC47863603167CC7191F58318BD29877225FCBF2454215 'c:\users\admin\appdata\local\temp\7zsc8a5.tmp\core\api-ms-win-core-datetime-l1-1-0.dll'
  230. 17:19:49 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 891CCFEB349116283326262C27B8894B43CDC89B8AFD5BA7D21B891814A68075 'c:\users\admin\appdata\local\temp\7zsc8a5.tmp\core\api-ms-win-core-errorhandling-l1-1-0.dll'
  231. 17:19:49 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow F654E56C4299F507BC34271B6BAA29290FD4919B853E17D7470596CAD779F063 'c:\users\admin\appdata\local\temp\7zsc8a5.tmp\core\api-ms-win-core-debug-l1-1-0.dll'
  232. 17:19:49 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 71C87C14BC1BD0B20D9F68D4943E93C4C6DDC1B6CF252938BB15FE562552F93E 'c:\users\admin\appdata\local\temp\7zsc8a5.tmp\core\api-ms-win-core-file-l1-1-0.dll'
  233. 17:19:49 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 668F91E94E76DB4457184909E6A1AB4655E81A8EF37DC37B4ECFE93146C29A88 'c:\users\admin\appdata\local\temp\7zsc8a5.tmp\core\api-ms-win-core-file-l1-2-0.dll'
  234. 17:19:49 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 5089484C8C56AC8E095CADC3DC971DF71EDEB52F856940632821FD37E81AE5CA 'c:\users\admin\appdata\local\temp\7zsc8a5.tmp\core\api-ms-win-core-handle-l1-1-0.dll'
  235. 17:19:49 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 9A5952C82CBCB1A8ECE9C51C258667D9AB96D13EC6455873999FF0BF78C3CAB0 'c:\users\admin\appdata\local\temp\7zsc8a5.tmp\core\api-ms-win-core-heap-l1-1-0.dll'
  236. 17:19:49 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow A11C772B2451B0C9C706B03381819E4A1DEF3E2FBBBA8362509BBE57DBD5C666 'c:\users\admin\appdata\local\temp\7zsc8a5.tmp\core\api-ms-win-core-file-l2-1-0.dll'
  237. 17:19:49 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow FF482F69F2183B5FD3C1B45D9006156524B8F8A5F518E33D6E92EA079787E64D 'c:\users\admin\appdata\local\temp\7zsc8a5.tmp\core\api-ms-win-core-interlocked-l1-1-0.dll'
  238. 17:19:49 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 4F11443A2FA6C714D3E33597F0D08DE4E11A6A2FDB7DE2E4A01ADDD5977665C5 'c:\users\admin\appdata\local\temp\7zsc8a5.tmp\core\api-ms-win-core-localization-l1-2-0.dll'
  239. 17:19:49 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow D8D74FB87F94A587582D56934816362B992B712E47C39F13D957058F17724886 'c:\users\admin\appdata\local\temp\7zsc8a5.tmp\core\api-ms-win-core-libraryloader-l1-1-0.dll'
  240. 17:19:49 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 50BF87DA10AE3F442C457E42D6666993B0FCA7C5D4DF521E8CD0959995FBCDDC 'c:\users\admin\appdata\local\temp\7zsc8a5.tmp\core\api-ms-win-core-memory-l1-1-0.dll'
  241. 17:19:49 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 2F4690B3C2587C0BFB81AB701D50E497406994613151FAF007423C59CA5E2281 'c:\users\admin\appdata\local\temp\7zsc8a5.tmp\core\api-ms-win-core-namedpipe-l1-1-0.dll'
  242. 17:19:49 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 979FF0E25E7EA00B8714C9EF2DC8417E69AFAC137EA88F77F8F5A9FFEAA31923 'c:\users\admin\appdata\local\temp\7zsc8a5.tmp\core\api-ms-win-core-processthreads-l1-1-0.dll'
  243. 17:19:49 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 5BACBBE62E36AD0F6D7742E70361F26BC56A44DBD28CC0291F588420E0C218A6 'c:\users\admin\appdata\local\temp\7zsc8a5.tmp\core\api-ms-win-core-processthreads-l1-1-1.dll'
  244. 17:19:49 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 9B5A5536AED84D45A00DA1056AF4762FEC805EABA742C6BF2D2FCA60993711BB 'c:\users\admin\appdata\local\temp\7zsc8a5.tmp\core\api-ms-win-core-processenvironment-l1-1-0.dll'
  245. 17:19:49 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 619E5120BFDD11461672CE8798DA00166E57C528B9AFD80404D2C9CBE87E2C07 'c:\users\admin\appdata\local\temp\7zsc8a5.tmp\core\api-ms-win-core-profile-l1-1-0.dll'
  246. 17:19:49 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 550D4FC902F25F2A0C09F475B5CECEE43FB3A0A042126479560B0001DB5C4891 'c:\users\admin\appdata\local\temp\7zsc8a5.tmp\core\api-ms-win-core-string-l1-1-0.dll'
  247. 17:19:49 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow BFF7EA28E198C7DBEE45D35FD98AE03696E9E252D46BEC9FF7B7823CBA1681F1 'c:\users\admin\appdata\local\temp\7zsc8a5.tmp\core\api-ms-win-core-synch-l1-1-0.dll'
  248. 17:19:49 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 6D541B215CFA452E54DC6AF9317A7FC24043FA465EF2B561E0F245A4870B2705 'c:\users\admin\appdata\local\temp\7zsc8a5.tmp\core\api-ms-win-core-rtlsupport-l1-1-0.dll'
  249. 17:19:49 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow E29EAA099BE15958CB65D03D47959CAE2DAC342402856C5F0E4DA672193C329D 'c:\users\admin\appdata\local\temp\7zsc8a5.tmp\core\api-ms-win-core-synch-l1-2-0.dll'
  250. 17:19:49 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow A5453CD2B5E98D40CA17DD20A8F5974F29DE7236A076867A3BC3CBCA441BE928 'c:\users\admin\appdata\local\temp\7zsc8a5.tmp\core\api-ms-win-core-timezone-l1-1-0.dll'
  251. 17:19:49 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 48D491B08D395A8AC47CC22A70D1C3F5E84D716AFE2678E825F24492E8FF2ED4 'c:\users\admin\appdata\local\temp\7zsc8a5.tmp\core\api-ms-win-core-util-l1-1-0.dll'
  252. 17:19:49 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 81926C2B97A7B01061C5042DA0005F0B64FE9E07852478B2A65E8A8EB5560B1F 'c:\users\admin\appdata\local\temp\7zsc8a5.tmp\core\api-ms-win-core-sysinfo-l1-1-0.dll'
  253. 17:19:49 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 3737D7875668EB4812AB01FE82226D758D480128C76BC234806BFD40694CF048 'c:\users\admin\appdata\local\temp\7zsc8a5.tmp\core\api-ms-win-crt-conio-l1-1-0.dll'
  254. 17:19:49 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 9FC2486ED5D3FFF78DEB69A7386F4575451D43B67F759AFB056AC66B82041E3D 'c:\users\admin\appdata\local\temp\7zsc8a5.tmp\core\api-ms-win-crt-environment-l1-1-0.dll'
  255. 17:19:49 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 136E5DE4B535AABF6368C06F82339D2EF6C34165661F40433BCEF4EBB90B30FE 'c:\users\admin\appdata\local\temp\7zsc8a5.tmp\core\api-ms-win-crt-filesystem-l1-1-0.dll'
  256. 17:19:49 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow D16C5B0E19870E86354B5E6CDC4C81E80777749F6BBE6B675F680CEC0FFAE35D 'c:\users\admin\appdata\local\temp\7zsc8a5.tmp\core\api-ms-win-crt-convert-l1-1-0.dll'
  257. 17:19:49 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow B90BFFA9E03FFD4ECF1D0D709C60F61D13490E84C4550EF06586BC9B1024ED00 'c:\users\admin\appdata\local\temp\7zsc8a5.tmp\core\api-ms-win-crt-heap-l1-1-0.dll'
  258. 17:19:49 CylanceSvc(68)[36] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 274222E5AE4EA4BEBB84A96CCD2DF0E79ECFC2906A358804A86F7DB4AFE374F1 'C:\Program Files (x86)\Mozilla Thunderbird\AccessibleMarshal.dll'
  259. 17:19:49 CylanceSvc(68)[36] Information: [Cylance.Host.Analyzer.Analyzer] AnalyzeFile remove from list: 'C:\Program Files (x86)\Mozilla Thunderbird\AccessibleMarshal.dll'-274222E5AE4EA4BEBB84A96CCD2DF0E79ECFC2906A358804A86F7DB4AFE374F1 FileInvalid=False detector='execution_control' score=1000 prev_dectector='unknown' prev_score=0
  260. 17:19:49 CylanceSvc(68)[36] Information: [Cylance.Host.KernelDriver.Driver] Driver: UNKNOWN_FILE '', local: 'C:\Program Files (x86)\Mozilla Thunderbird\vcruntime140.dll', procId: 5640, hash: '6823B98C3E922490A2F97F54862D32193900077E49F0360522B19E06E6DA24B4'
  261. 17:19:49 CylanceSvc(68)[36] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 6823B98C3E922490A2F97F54862D32193900077E49F0360522B19E06E6DA24B4 'C:\Program Files (x86)\Mozilla Thunderbird\vcruntime140.dll'
  262. 17:19:49 CylanceSvc(68)[36] Information: [Cylance.Host.ProcessMonitor.ProcessMonitor] OnUnknownFile(1) SendBlockResponse: Allow 'C:\Program Files (x86)\Mozilla Thunderbird\vcruntime140.dll'-6823B98C3E922490A2F97F54862D32193900077E49F0360522B19E06E6DA24B4
  263. 17:19:49 CylanceSvc(68)[36] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 6823B98C3E922490A2F97F54862D32193900077E49F0360522B19E06E6DA24B4 'C:\Program Files (x86)\Mozilla Thunderbird\vcruntime140.dll'
  264. 17:19:49 CylanceSvc(68)[36] Information: [Cylance.Host.Analyzer.Analyzer] AnalyzeFile remove from list: 'C:\Program Files (x86)\Mozilla Thunderbird\vcruntime140.dll'-6823B98C3E922490A2F97F54862D32193900077E49F0360522B19E06E6DA24B4 FileInvalid=False detector='execution_control' score=1000 prev_dectector='unknown' prev_score=0
  265. 17:19:49 CylanceSvc(68)[36] Information: [Cylance.Host.KernelDriver.Driver] Driver: UNKNOWN_FILE '', local: 'C:\Users\admin\AppData\Local\Temp\nsv736.tmp\CityHash.dll', procId: 5452, hash: 'D3D7B3D7A7941D66C7F75257BE90B12AC76F787AF42CD58F019CE0280972598A'
  266. 17:19:49 CylanceSvc(68)[36] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow D3D7B3D7A7941D66C7F75257BE90B12AC76F787AF42CD58F019CE0280972598A 'C:\Users\admin\AppData\Local\Temp\nsv736.tmp\CityHash.dll'
  267. 17:19:49 CylanceSvc(68)[36] Information: [Cylance.Host.ProcessMonitor.ProcessMonitor] OnUnknownFile(1) SendBlockResponse: Allow 'C:\Users\admin\AppData\Local\Temp\nsv736.tmp\CityHash.dll'-D3D7B3D7A7941D66C7F75257BE90B12AC76F787AF42CD58F019CE0280972598A
  268. 17:19:49 CylanceSvc(68)[36] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow D3D7B3D7A7941D66C7F75257BE90B12AC76F787AF42CD58F019CE0280972598A 'C:\Users\admin\AppData\Local\Temp\nsv736.tmp\CityHash.dll'
  269. 17:19:49 CylanceSvc(68)[36] Information: [Cylance.Host.Analyzer.Analyzer] AnalyzeFile remove from list: 'C:\Users\admin\AppData\Local\Temp\nsv736.tmp\CityHash.dll'-D3D7B3D7A7941D66C7F75257BE90B12AC76F787AF42CD58F019CE0280972598A FileInvalid=False detector='execution_control' score=1000 prev_dectector='unknown' prev_score=0
  270. 17:19:49 CylanceSvc(68)[36] Information: [Cylance.Host.KernelDriver.Driver] Driver: UNKNOWN_FILE '', local: 'C:\Program Files (x86)\Mozilla Thunderbird\MapiProxy_InUse.dll', procId: 5656, hash: 'D62B4F4F3856581CB506A3E482ED0390DFBFB43AD06E4023B7DA5D329BC0D9A1'
  271. 17:19:49 CylanceSvc(68)[36] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow D62B4F4F3856581CB506A3E482ED0390DFBFB43AD06E4023B7DA5D329BC0D9A1 'C:\Program Files (x86)\Mozilla Thunderbird\MapiProxy_InUse.dll'
  272. 17:19:49 CylanceSvc(68)[36] Information: [Cylance.Host.ProcessMonitor.ProcessMonitor] OnUnknownFile(1) SendBlockResponse: Allow 'C:\Program Files (x86)\Mozilla Thunderbird\MapiProxy_InUse.dll'-D62B4F4F3856581CB506A3E482ED0390DFBFB43AD06E4023B7DA5D329BC0D9A1
  273. 17:19:49 CylanceSvc(68)[36] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow D62B4F4F3856581CB506A3E482ED0390DFBFB43AD06E4023B7DA5D329BC0D9A1 'C:\Program Files (x86)\Mozilla Thunderbird\MapiProxy_InUse.dll'
  274. 17:19:49 CylanceSvc(68)[36] Information: [Cylance.Host.Analyzer.Analyzer] AnalyzeFile remove from list: 'C:\Program Files (x86)\Mozilla Thunderbird\MapiProxy_InUse.dll'-D62B4F4F3856581CB506A3E482ED0390DFBFB43AD06E4023B7DA5D329BC0D9A1 FileInvalid=False detector='execution_control' score=1000 prev_dectector='unknown' prev_score=0
  275. 17:19:49 CylanceSvc(68)[36] Information: [Cylance.Host.KernelDriver.Driver] Driver: UNKNOWN_FILE '', local: 'C:\Users\admin\AppData\Local\Temp\nsv736.tmp\nsExec.dll', procId: 5452, hash: '49A6A1C1F19574B2A247CE6C5ADC0751E046D27C30912816BA415F871B74AE5D'
  276. 17:19:50 CylanceSvc(68)[36] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 49A6A1C1F19574B2A247CE6C5ADC0751E046D27C30912816BA415F871B74AE5D 'C:\Users\admin\AppData\Local\Temp\nsv736.tmp\nsExec.dll'
  277. 17:19:50 CylanceSvc(68)[38] Information: [Cylance.Host.KernelDriver.Driver] Driver: UNKNOWN_FILE '', local: 'C:\Program Files (x86)\Mozilla Thunderbird\maintenanceservice_installer.exe', procId: 5452, hash: '8653A2A70E19DC08E1B28BC28E93E3A7B6FA87B57FF43C901E5AEE9720A16B54'
  278. 17:19:50 CylanceSvc(68)[36] Information: [Cylance.Host.ProcessMonitor.ProcessMonitor] OnUnknownFile(1) SendBlockResponse: Allow 'C:\Users\admin\AppData\Local\Temp\nsv736.tmp\nsExec.dll'-49A6A1C1F19574B2A247CE6C5ADC0751E046D27C30912816BA415F871B74AE5D
  279. 17:19:50 CylanceSvc(68)[36] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 49A6A1C1F19574B2A247CE6C5ADC0751E046D27C30912816BA415F871B74AE5D 'C:\Users\admin\AppData\Local\Temp\nsv736.tmp\nsExec.dll'
  280. 17:19:50 CylanceSvc(68)[36] Information: [Cylance.Host.Analyzer.Analyzer] AnalyzeFile remove from list: 'C:\Users\admin\AppData\Local\Temp\nsv736.tmp\nsExec.dll'-49A6A1C1F19574B2A247CE6C5ADC0751E046D27C30912816BA415F871B74AE5D FileInvalid=False detector='execution_control' score=1000 prev_dectector='unknown' prev_score=0
  281. 17:19:50 CylanceSvc(68)[38] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 8653A2A70E19DC08E1B28BC28E93E3A7B6FA87B57FF43C901E5AEE9720A16B54 'C:\Program Files (x86)\Mozilla Thunderbird\maintenanceservice_installer.exe'
  282. 17:19:50 CylanceSvc(68)[38] Information: [Cylance.Host.ProcessMonitor.ProcessMonitor] OnUnknownFile(1) SendBlockResponse: Allow 'C:\Program Files (x86)\Mozilla Thunderbird\maintenanceservice_installer.exe'-8653A2A70E19DC08E1B28BC28E93E3A7B6FA87B57FF43C901E5AEE9720A16B54
  283. 17:19:50 CylanceSvc(68)[38] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 8653A2A70E19DC08E1B28BC28E93E3A7B6FA87B57FF43C901E5AEE9720A16B54 'C:\Program Files (x86)\Mozilla Thunderbird\maintenanceservice_installer.exe'
  284. 17:19:50 CylanceSvc(68)[38] Information: [Cylance.Host.Analyzer.Analyzer] AnalyzeFile remove from list: 'C:\Program Files (x86)\Mozilla Thunderbird\maintenanceservice_installer.exe'-8653A2A70E19DC08E1B28BC28E93E3A7B6FA87B57FF43C901E5AEE9720A16B54 FileInvalid=False detector='execution_control' score=996 prev_dectector='unknown' prev_score=0
  285. 17:19:50 CylanceSvc(68)[38] Information: [Cylance.Host.KernelDriver.Driver] Driver: UNKNOWN_FILE '', local: 'C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe', procId: 5712, hash: '3D05645FBF375B60228DB4C20EB4232E5C27D37F2D6B89C73465AA0799858558'
  286. 17:19:50 CylanceSvc(68)[38] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 3D05645FBF375B60228DB4C20EB4232E5C27D37F2D6B89C73465AA0799858558 'C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe'
  287. 17:19:50 CylanceSvc(68)[38] Information: [Cylance.Host.ProcessMonitor.ProcessMonitor] OnUnknownFile(1) SendBlockResponse: Allow 'C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe'-3D05645FBF375B60228DB4C20EB4232E5C27D37F2D6B89C73465AA0799858558
  288. 17:19:50 CylanceSvc(68)[38] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 3D05645FBF375B60228DB4C20EB4232E5C27D37F2D6B89C73465AA0799858558 'C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe'
  289. 17:19:50 CylanceSvc(68)[38] Information: [Cylance.Host.Analyzer.Analyzer] AnalyzeFile remove from list: 'C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe'-3D05645FBF375B60228DB4C20EB4232E5C27D37F2D6B89C73465AA0799858558 FileInvalid=False detector='execution_control' score=994 prev_dectector='unknown' prev_score=0
  290. 17:19:50 CylanceSvc(68)[36] Information: [Cylance.Host.KernelDriver.Driver] Driver: UNKNOWN_FILE '', local: 'C:\Users\admin\AppData\Local\Temp\nsv736.tmp\ShellLink.dll', procId: 5452, hash: '5D103419245E2A5F124A96CACE25D6836B2398EDC0AA3919829B0FD6AD8B5D6A'
  291. 17:19:50 CylanceSvc(68)[36] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 5D103419245E2A5F124A96CACE25D6836B2398EDC0AA3919829B0FD6AD8B5D6A 'C:\Users\admin\AppData\Local\Temp\nsv736.tmp\ShellLink.dll'
  292. 17:19:50 CylanceSvc(68)[36] Information: [Cylance.Host.ProcessMonitor.ProcessMonitor] OnUnknownFile(1) SendBlockResponse: Allow 'C:\Users\admin\AppData\Local\Temp\nsv736.tmp\ShellLink.dll'-5D103419245E2A5F124A96CACE25D6836B2398EDC0AA3919829B0FD6AD8B5D6A
  293. 17:19:50 CylanceSvc(68)[36] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 5D103419245E2A5F124A96CACE25D6836B2398EDC0AA3919829B0FD6AD8B5D6A 'C:\Users\admin\AppData\Local\Temp\nsv736.tmp\ShellLink.dll'
  294. 17:19:50 CylanceSvc(68)[36] Information: [Cylance.Host.Analyzer.Analyzer] AnalyzeFile remove from list: 'C:\Users\admin\AppData\Local\Temp\nsv736.tmp\ShellLink.dll'-5D103419245E2A5F124A96CACE25D6836B2398EDC0AA3919829B0FD6AD8B5D6A FileInvalid=False detector='execution_control' score=1000 prev_dectector='unknown' prev_score=0
  295. 17:19:50 CylanceSvc(68)[36] Information: [Cylance.Host.KernelDriver.Driver] Driver: UNKNOWN_FILE '', local: 'C:\Users\admin\AppData\Local\Temp\nsv736.tmp\ApplicationID.dll', procId: 5452, hash: 'D43896C0C02BEC598B7513B9A8815BB301C6B73DA0FB2E0AEE99146B4BD5E287'
  296. 17:19:50 CylanceSvc(68)[36] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow D43896C0C02BEC598B7513B9A8815BB301C6B73DA0FB2E0AEE99146B4BD5E287 'C:\Users\admin\AppData\Local\Temp\nsv736.tmp\ApplicationID.dll'
  297. 17:19:51 CylanceSvc(68)[36] Information: [Cylance.Host.ProcessMonitor.ProcessMonitor] OnUnknownFile(1) SendBlockResponse: Allow 'C:\Users\admin\AppData\Local\Temp\nsv736.tmp\ApplicationID.dll'-D43896C0C02BEC598B7513B9A8815BB301C6B73DA0FB2E0AEE99146B4BD5E287
  298. 17:19:51 CylanceSvc(68)[36] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow D43896C0C02BEC598B7513B9A8815BB301C6B73DA0FB2E0AEE99146B4BD5E287 'C:\Users\admin\AppData\Local\Temp\nsv736.tmp\ApplicationID.dll'
  299. 17:19:51 CylanceSvc(68)[36] Information: [Cylance.Host.Analyzer.Analyzer] AnalyzeFile remove from list: 'C:\Users\admin\AppData\Local\Temp\nsv736.tmp\ApplicationID.dll'-D43896C0C02BEC598B7513B9A8815BB301C6B73DA0FB2E0AEE99146B4BD5E287 FileInvalid=False detector='execution_control' score=1000 prev_dectector='unknown' prev_score=0
  300. 17:19:51 CylanceSvc(68)[36] Information: [Cylance.Host.KernelDriver.Driver] Driver: UNKNOWN_FILE '', local: 'C:\Users\admin\AppData\Local\Temp\nsv736.tmp\AppAssocReg.dll', procId: 5452, hash: '386C19010F04C04A3A0071CCE09F7A2C10393392C7CA5877BECC437AD9D31D37'
  301. 17:19:51 CylanceSvc(68)[36] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 386C19010F04C04A3A0071CCE09F7A2C10393392C7CA5877BECC437AD9D31D37 'C:\Users\admin\AppData\Local\Temp\nsv736.tmp\AppAssocReg.dll'
  302. 17:19:51 CylanceSvc(68)[36] Information: [Cylance.Host.ProcessMonitor.ProcessMonitor] OnUnknownFile(1) SendBlockResponse: Allow 'C:\Users\admin\AppData\Local\Temp\nsv736.tmp\AppAssocReg.dll'-386C19010F04C04A3A0071CCE09F7A2C10393392C7CA5877BECC437AD9D31D37
  303. 17:19:51 CylanceSvc(68)[36] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 386C19010F04C04A3A0071CCE09F7A2C10393392C7CA5877BECC437AD9D31D37 'C:\Users\admin\AppData\Local\Temp\nsv736.tmp\AppAssocReg.dll'
  304. 17:19:51 CylanceSvc(68)[36] Information: [Cylance.Host.Analyzer.Analyzer] AnalyzeFile remove from list: 'C:\Users\admin\AppData\Local\Temp\nsv736.tmp\AppAssocReg.dll'-386C19010F04C04A3A0071CCE09F7A2C10393392C7CA5877BECC437AD9D31D37 FileInvalid=False detector='execution_control' score=971 prev_dectector='unknown' prev_score=0
  305. 17:19:51 CylanceSvc(68)[36] Information: [Cylance.Host.KernelDriver.Driver] Driver: UNKNOWN_FILE '', local: 'C:\Users\admin\AppData\Local\Temp\nsv736.tmp\InvokeShellVerb.dll', procId: 5452, hash: '2FDDC8B8AB4BF4838EA374D25E4CB9E83362C3F1CB24F380137D14C814D56169'
  306. 17:19:51 CylanceSvc(68)[36] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 2FDDC8B8AB4BF4838EA374D25E4CB9E83362C3F1CB24F380137D14C814D56169 'C:\Users\admin\AppData\Local\Temp\nsv736.tmp\InvokeShellVerb.dll'
  307. 17:19:51 CylanceSvc(68)[36] Information: [Cylance.Host.ProcessMonitor.ProcessMonitor] OnUnknownFile(1) SendBlockResponse: Allow 'C:\Users\admin\AppData\Local\Temp\nsv736.tmp\InvokeShellVerb.dll'-2FDDC8B8AB4BF4838EA374D25E4CB9E83362C3F1CB24F380137D14C814D56169
  308. 17:19:51 CylanceSvc(68)[36] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 2FDDC8B8AB4BF4838EA374D25E4CB9E83362C3F1CB24F380137D14C814D56169 'C:\Users\admin\AppData\Local\Temp\nsv736.tmp\InvokeShellVerb.dll'
  309. 17:19:51 CylanceSvc(68)[36] Information: [Cylance.Host.Analyzer.Analyzer] AnalyzeFile remove from list: 'C:\Users\admin\AppData\Local\Temp\nsv736.tmp\InvokeShellVerb.dll'-2FDDC8B8AB4BF4838EA374D25E4CB9E83362C3F1CB24F380137D14C814D56169 FileInvalid=False detector='execution_control' score=1000 prev_dectector='unknown' prev_score=0
  310. 17:19:53 CylanceSvc(68)[36] Information: [Cylance.Host.KernelDriver.Driver] Driver: UNKNOWN_FILE '', local: 'C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe', procId: 5452, hash: 'EDA62C01D03CEC31A72D46169F82C6FBE83801BF247447582890355D2DC05EC3'
  311. 17:19:53 CylanceSvc(68)[36] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow EDA62C01D03CEC31A72D46169F82C6FBE83801BF247447582890355D2DC05EC3 'C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe'
  312. 17:19:53 CylanceSvc(68)[36] Information: [Cylance.Host.ProcessMonitor.ProcessMonitor] OnUnknownFile(1) SendBlockResponse: Allow 'C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe'-EDA62C01D03CEC31A72D46169F82C6FBE83801BF247447582890355D2DC05EC3
  313. 17:19:53 CylanceSvc(68)[36] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow EDA62C01D03CEC31A72D46169F82C6FBE83801BF247447582890355D2DC05EC3 'C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe'
  314. 17:19:53 CylanceSvc(68)[36] Information: [Cylance.Host.Analyzer.Analyzer] AnalyzeFile remove from list: 'C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe'-EDA62C01D03CEC31A72D46169F82C6FBE83801BF247447582890355D2DC05EC3 FileInvalid=False detector='execution_control' score=1000 prev_dectector='unknown' prev_score=0
  315. 17:19:53 CylanceSvc(68)[36] Information: [Cylance.Host.KernelDriver.Driver] Driver: UNKNOWN_FILE '', local: 'C:\Program Files (x86)\Mozilla Thunderbird\mozglue.dll', procId: 5844, hash: 'E72A180E1E49A80E2964F44C702507DA72277A7B9310E0460ECA0589A342288E'
  316. 17:19:53 CylanceSvc(68)[31] Information: [Cylance.Host.KernelDriver.Driver] Driver: UNKNOWN_FILE '', local: 'C:\Program Files (x86)\Mozilla Thunderbird\msvcp140.dll', procId: 5844, hash: '9C1DC36D319382E1501CDEAAE36BAD5B820EA84393EF6149E377D2FB2FC361A5'
  317. 17:19:53 CylanceSvc(68)[36] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow E72A180E1E49A80E2964F44C702507DA72277A7B9310E0460ECA0589A342288E 'C:\Program Files (x86)\Mozilla Thunderbird\mozglue.dll'
  318. 17:19:53 CylanceSvc(68)[36] Information: [Cylance.Host.ProcessMonitor.ProcessMonitor] OnUnknownFile(1) SendBlockResponse: Allow 'C:\Program Files (x86)\Mozilla Thunderbird\mozglue.dll'-E72A180E1E49A80E2964F44C702507DA72277A7B9310E0460ECA0589A342288E
  319. 17:19:53 CylanceSvc(68)[36] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow E72A180E1E49A80E2964F44C702507DA72277A7B9310E0460ECA0589A342288E 'C:\Program Files (x86)\Mozilla Thunderbird\mozglue.dll'
  320. 17:19:53 CylanceSvc(68)[36] Information: [Cylance.Host.Analyzer.Analyzer] AnalyzeFile remove from list: 'C:\Program Files (x86)\Mozilla Thunderbird\mozglue.dll'-E72A180E1E49A80E2964F44C702507DA72277A7B9310E0460ECA0589A342288E FileInvalid=False detector='execution_control' score=1000 prev_dectector='unknown' prev_score=0
  321. 17:19:53 CylanceSvc(68)[31] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 9C1DC36D319382E1501CDEAAE36BAD5B820EA84393EF6149E377D2FB2FC361A5 'C:\Program Files (x86)\Mozilla Thunderbird\msvcp140.dll'
  322. 17:19:53 CylanceSvc(68)[31] Information: [Cylance.Host.ProcessMonitor.ProcessMonitor] OnUnknownFile(1) SendBlockResponse: Allow 'C:\Program Files (x86)\Mozilla Thunderbird\msvcp140.dll'-9C1DC36D319382E1501CDEAAE36BAD5B820EA84393EF6149E377D2FB2FC361A5
  323. 17:19:53 CylanceSvc(68)[36] Information: [Cylance.Host.KernelDriver.Driver] Driver: UNKNOWN_FILE '', local: 'C:\Program Files (x86)\Mozilla Thunderbird\api-ms-win-crt-runtime-l1-1-0.dll', procId: 5844, hash: '882DA90B6368056908E9CD21C4719A016E9A3CA597ECA9183892A5806B4A8D4A'
  324. 17:19:53 CylanceSvc(68)[31] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 9C1DC36D319382E1501CDEAAE36BAD5B820EA84393EF6149E377D2FB2FC361A5 'C:\Program Files (x86)\Mozilla Thunderbird\msvcp140.dll'
  325. 17:19:53 CylanceSvc(68)[31] Information: [Cylance.Host.Analyzer.Analyzer] AnalyzeFile remove from list: 'C:\Program Files (x86)\Mozilla Thunderbird\msvcp140.dll'-9C1DC36D319382E1501CDEAAE36BAD5B820EA84393EF6149E377D2FB2FC361A5 FileInvalid=False detector='execution_control' score=1000 prev_dectector='unknown' prev_score=0
  326. 17:19:53 CylanceSvc(68)[36] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 882DA90B6368056908E9CD21C4719A016E9A3CA597ECA9183892A5806B4A8D4A 'C:\Program Files (x86)\Mozilla Thunderbird\api-ms-win-crt-runtime-l1-1-0.dll'
  327. 17:19:53 CylanceSvc(68)[31] Information: [Cylance.Host.KernelDriver.Driver] Driver: UNKNOWN_FILE '', local: 'C:\Program Files (x86)\Mozilla Thunderbird\api-ms-win-crt-string-l1-1-0.dll', procId: 5844, hash: '034A8ABF2BF027AD950FDF8FBDF488188C8D02EBA8E160AA95DE376FF1F32FE6'
  328. 17:19:53 CylanceSvc(68)[36] Information: [Cylance.Host.ProcessMonitor.ProcessMonitor] OnUnknownFile(1) SendBlockResponse: Allow 'C:\Program Files (x86)\Mozilla Thunderbird\api-ms-win-crt-runtime-l1-1-0.dll'-882DA90B6368056908E9CD21C4719A016E9A3CA597ECA9183892A5806B4A8D4A
  329. 17:19:53 CylanceSvc(68)[36] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 882DA90B6368056908E9CD21C4719A016E9A3CA597ECA9183892A5806B4A8D4A 'C:\Program Files (x86)\Mozilla Thunderbird\api-ms-win-crt-runtime-l1-1-0.dll'
  330. 17:19:53 CylanceSvc(68)[36] Information: [Cylance.Host.Analyzer.Analyzer] AnalyzeFile remove from list: 'C:\Program Files (x86)\Mozilla Thunderbird\api-ms-win-crt-runtime-l1-1-0.dll'-882DA90B6368056908E9CD21C4719A016E9A3CA597ECA9183892A5806B4A8D4A FileInvalid=False detector='execution_control' score=1000 prev_dectector='unknown' prev_score=0
  331. 17:19:53 CylanceSvc(68)[31] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 034A8ABF2BF027AD950FDF8FBDF488188C8D02EBA8E160AA95DE376FF1F32FE6 'C:\Program Files (x86)\Mozilla Thunderbird\api-ms-win-crt-string-l1-1-0.dll'
  332. 17:19:53 CylanceSvc(68)[36] Information: [Cylance.Host.KernelDriver.Driver] Driver: UNKNOWN_FILE '', local: 'C:\Program Files (x86)\Mozilla Thunderbird\api-ms-win-crt-stdio-l1-1-0.dll', procId: 5844, hash: '44BBB2AEC747E1CBC63FC7C4D2E8C5EC1CA9F9D026835AC2CCB0D60971B6107A'
  333. 17:19:53 CylanceSvc(68)[31] Information: [Cylance.Host.ProcessMonitor.ProcessMonitor] OnUnknownFile(1) SendBlockResponse: Allow 'C:\Program Files (x86)\Mozilla Thunderbird\api-ms-win-crt-string-l1-1-0.dll'-034A8ABF2BF027AD950FDF8FBDF488188C8D02EBA8E160AA95DE376FF1F32FE6
  334. 17:19:53 CylanceSvc(68)[31] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 034A8ABF2BF027AD950FDF8FBDF488188C8D02EBA8E160AA95DE376FF1F32FE6 'C:\Program Files (x86)\Mozilla Thunderbird\api-ms-win-crt-string-l1-1-0.dll'
  335. 17:19:53 CylanceSvc(68)[31] Information: [Cylance.Host.Analyzer.Analyzer] AnalyzeFile remove from list: 'C:\Program Files (x86)\Mozilla Thunderbird\api-ms-win-crt-string-l1-1-0.dll'-034A8ABF2BF027AD950FDF8FBDF488188C8D02EBA8E160AA95DE376FF1F32FE6 FileInvalid=False detector='execution_control' score=1000 prev_dectector='unknown' prev_score=0
  336. 17:19:53 CylanceSvc(68)[36] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 44BBB2AEC747E1CBC63FC7C4D2E8C5EC1CA9F9D026835AC2CCB0D60971B6107A 'C:\Program Files (x86)\Mozilla Thunderbird\api-ms-win-crt-stdio-l1-1-0.dll'
  337. 17:19:53 CylanceSvc(68)[31] Information: [Cylance.Host.KernelDriver.Driver] Driver: UNKNOWN_FILE '', local: 'C:\Program Files (x86)\Mozilla Thunderbird\api-ms-win-crt-time-l1-1-0.dll', procId: 5844, hash: '9766C4200B3F51630097FCE8D4F10B33383E663601802ADA72660604876C99E9'
  338. 17:19:53 CylanceSvc(68)[36] Information: [Cylance.Host.ProcessMonitor.ProcessMonitor] OnUnknownFile(1) SendBlockResponse: Allow 'C:\Program Files (x86)\Mozilla Thunderbird\api-ms-win-crt-stdio-l1-1-0.dll'-44BBB2AEC747E1CBC63FC7C4D2E8C5EC1CA9F9D026835AC2CCB0D60971B6107A
  339. 17:19:53 CylanceSvc(68)[36] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 44BBB2AEC747E1CBC63FC7C4D2E8C5EC1CA9F9D026835AC2CCB0D60971B6107A 'C:\Program Files (x86)\Mozilla Thunderbird\api-ms-win-crt-stdio-l1-1-0.dll'
  340. 17:19:53 CylanceSvc(68)[36] Information: [Cylance.Host.Analyzer.Analyzer] AnalyzeFile remove from list: 'C:\Program Files (x86)\Mozilla Thunderbird\api-ms-win-crt-stdio-l1-1-0.dll'-44BBB2AEC747E1CBC63FC7C4D2E8C5EC1CA9F9D026835AC2CCB0D60971B6107A FileInvalid=False detector='execution_control' score=1000 prev_dectector='unknown' prev_score=0
  341. 17:19:53 CylanceSvc(68)[31] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 9766C4200B3F51630097FCE8D4F10B33383E663601802ADA72660604876C99E9 'C:\Program Files (x86)\Mozilla Thunderbird\api-ms-win-crt-time-l1-1-0.dll'
  342. 17:19:53 CylanceSvc(68)[36] Information: [Cylance.Host.KernelDriver.Driver] Driver: UNKNOWN_FILE '', local: 'C:\Program Files (x86)\Mozilla Thunderbird\api-ms-win-crt-utility-l1-1-0.dll', procId: 5844, hash: 'FA10F7E2AB54C2EBCD4688E39BC4AF1544FA21B73BE7FD0562B3FF7CFF041F7A'
  343. 17:19:53 CylanceSvc(68)[31] Information: [Cylance.Host.ProcessMonitor.ProcessMonitor] OnUnknownFile(1) SendBlockResponse: Allow 'C:\Program Files (x86)\Mozilla Thunderbird\api-ms-win-crt-time-l1-1-0.dll'-9766C4200B3F51630097FCE8D4F10B33383E663601802ADA72660604876C99E9
  344. 17:19:53 CylanceSvc(68)[31] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 9766C4200B3F51630097FCE8D4F10B33383E663601802ADA72660604876C99E9 'C:\Program Files (x86)\Mozilla Thunderbird\api-ms-win-crt-time-l1-1-0.dll'
  345. 17:19:53 CylanceSvc(68)[31] Information: [Cylance.Host.Analyzer.Analyzer] AnalyzeFile remove from list: 'C:\Program Files (x86)\Mozilla Thunderbird\api-ms-win-crt-time-l1-1-0.dll'-9766C4200B3F51630097FCE8D4F10B33383E663601802ADA72660604876C99E9 FileInvalid=False detector='execution_control' score=1000 prev_dectector='unknown' prev_score=0
  346. 17:19:53 CylanceSvc(68)[36] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow FA10F7E2AB54C2EBCD4688E39BC4AF1544FA21B73BE7FD0562B3FF7CFF041F7A 'C:\Program Files (x86)\Mozilla Thunderbird\api-ms-win-crt-utility-l1-1-0.dll'
  347. 17:19:53 CylanceSvc(68)[31] Information: [Cylance.Host.KernelDriver.Driver] Driver: UNKNOWN_FILE '', local: 'C:\Program Files (x86)\Mozilla Thunderbird\api-ms-win-crt-math-l1-1-0.dll', procId: 5844, hash: '69C637C0BE7DDFE0690D8C642EC6D0850085617C3C3DDA9531CAC818F06F66E8'
  348. 17:19:53 CylanceSvc(68)[36] Information: [Cylance.Host.ProcessMonitor.ProcessMonitor] OnUnknownFile(1) SendBlockResponse: Allow 'C:\Program Files (x86)\Mozilla Thunderbird\api-ms-win-crt-utility-l1-1-0.dll'-FA10F7E2AB54C2EBCD4688E39BC4AF1544FA21B73BE7FD0562B3FF7CFF041F7A
  349. 17:19:54 CylanceSvc(68)[36] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow FA10F7E2AB54C2EBCD4688E39BC4AF1544FA21B73BE7FD0562B3FF7CFF041F7A 'C:\Program Files (x86)\Mozilla Thunderbird\api-ms-win-crt-utility-l1-1-0.dll'
  350. 17:19:54 CylanceSvc(68)[36] Information: [Cylance.Host.Analyzer.Analyzer] AnalyzeFile remove from list: 'C:\Program Files (x86)\Mozilla Thunderbird\api-ms-win-crt-utility-l1-1-0.dll'-FA10F7E2AB54C2EBCD4688E39BC4AF1544FA21B73BE7FD0562B3FF7CFF041F7A FileInvalid=False detector='execution_control' score=1000 prev_dectector='unknown' prev_score=0
  351. 17:19:54 CylanceSvc(68)[31] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 69C637C0BE7DDFE0690D8C642EC6D0850085617C3C3DDA9531CAC818F06F66E8 'C:\Program Files (x86)\Mozilla Thunderbird\api-ms-win-crt-math-l1-1-0.dll'
  352. 17:19:54 CylanceSvc(68)[36] Information: [Cylance.Host.KernelDriver.Driver] Driver: UNKNOWN_FILE '', local: 'C:\Program Files (x86)\Mozilla Thunderbird\ldap60.dll', procId: 5844, hash: '750BEE7E9E8A86E2976E4FE9113499048B83FB49BD7786BC5A632C1CC999FBE5'
  353. 17:19:54 CylanceSvc(68)[31] Information: [Cylance.Host.ProcessMonitor.ProcessMonitor] OnUnknownFile(1) SendBlockResponse: Allow 'C:\Program Files (x86)\Mozilla Thunderbird\api-ms-win-crt-math-l1-1-0.dll'-69C637C0BE7DDFE0690D8C642EC6D0850085617C3C3DDA9531CAC818F06F66E8
  354. 17:19:54 CylanceSvc(68)[31] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 69C637C0BE7DDFE0690D8C642EC6D0850085617C3C3DDA9531CAC818F06F66E8 'C:\Program Files (x86)\Mozilla Thunderbird\api-ms-win-crt-math-l1-1-0.dll'
  355. 17:19:54 CylanceSvc(68)[31] Information: [Cylance.Host.Analyzer.Analyzer] AnalyzeFile remove from list: 'C:\Program Files (x86)\Mozilla Thunderbird\api-ms-win-crt-math-l1-1-0.dll'-69C637C0BE7DDFE0690D8C642EC6D0850085617C3C3DDA9531CAC818F06F66E8 FileInvalid=False detector='execution_control' score=1000 prev_dectector='unknown' prev_score=0
  356. 17:19:54 CylanceSvc(68)[36] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 750BEE7E9E8A86E2976E4FE9113499048B83FB49BD7786BC5A632C1CC999FBE5 'C:\Program Files (x86)\Mozilla Thunderbird\ldap60.dll'
  357. 17:19:54 CylanceSvc(68)[31] Information: [Cylance.Host.KernelDriver.Driver] Driver: UNKNOWN_FILE '', local: 'C:\Program Files (x86)\Mozilla Thunderbird\api-ms-win-crt-multibyte-l1-1-0.dll', procId: 5844, hash: '414A2BD84B042E2CCF758270647BCFA02D78EB0125C0584DD53F7245481D66B9'
  358. 17:19:54 CylanceSvc(68)[36] Information: [Cylance.Host.ProcessMonitor.ProcessMonitor] OnUnknownFile(1) SendBlockResponse: Allow 'C:\Program Files (x86)\Mozilla Thunderbird\ldap60.dll'-750BEE7E9E8A86E2976E4FE9113499048B83FB49BD7786BC5A632C1CC999FBE5
  359. 17:19:54 CylanceSvc(68)[36] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 750BEE7E9E8A86E2976E4FE9113499048B83FB49BD7786BC5A632C1CC999FBE5 'C:\Program Files (x86)\Mozilla Thunderbird\ldap60.dll'
  360. 17:19:54 CylanceSvc(68)[36] Information: [Cylance.Host.Analyzer.Analyzer] AnalyzeFile remove from list: 'C:\Program Files (x86)\Mozilla Thunderbird\ldap60.dll'-750BEE7E9E8A86E2976E4FE9113499048B83FB49BD7786BC5A632C1CC999FBE5 FileInvalid=False detector='execution_control' score=1000 prev_dectector='unknown' prev_score=0
  361. 17:19:54 CylanceSvc(68)[31] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 414A2BD84B042E2CCF758270647BCFA02D78EB0125C0584DD53F7245481D66B9 'C:\Program Files (x86)\Mozilla Thunderbird\api-ms-win-crt-multibyte-l1-1-0.dll'
  362. 17:19:54 CylanceSvc(68)[31] Information: [Cylance.Host.ProcessMonitor.ProcessMonitor] OnUnknownFile(1) SendBlockResponse: Allow 'C:\Program Files (x86)\Mozilla Thunderbird\api-ms-win-crt-multibyte-l1-1-0.dll'-414A2BD84B042E2CCF758270647BCFA02D78EB0125C0584DD53F7245481D66B9
  363. 17:19:54 CylanceSvc(68)[36] Information: [Cylance.Host.KernelDriver.Driver] Driver: UNKNOWN_FILE '', local: 'C:\Program Files (x86)\Mozilla Thunderbird\nss3.dll', procId: 5844, hash: 'A867BED3617BC1F131F89A5E3A199E2A2DA9F318A353917A4BF762A8CF880CDB'
  364. 17:19:54 CylanceSvc(68)[31] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 414A2BD84B042E2CCF758270647BCFA02D78EB0125C0584DD53F7245481D66B9 'C:\Program Files (x86)\Mozilla Thunderbird\api-ms-win-crt-multibyte-l1-1-0.dll'
  365. 17:19:54 CylanceSvc(68)[31] Information: [Cylance.Host.Analyzer.Analyzer] AnalyzeFile remove from list: 'C:\Program Files (x86)\Mozilla Thunderbird\api-ms-win-crt-multibyte-l1-1-0.dll'-414A2BD84B042E2CCF758270647BCFA02D78EB0125C0584DD53F7245481D66B9 FileInvalid=False detector='execution_control' score=1000 prev_dectector='unknown' prev_score=0
  366. 17:19:54 CylanceSvc(68)[36] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow A867BED3617BC1F131F89A5E3A199E2A2DA9F318A353917A4BF762A8CF880CDB 'C:\Program Files (x86)\Mozilla Thunderbird\nss3.dll'
  367. 17:19:54 CylanceSvc(68)[36] Information: [Cylance.Host.ProcessMonitor.ProcessMonitor] OnUnknownFile(1) SendBlockResponse: Allow 'C:\Program Files (x86)\Mozilla Thunderbird\nss3.dll'-A867BED3617BC1F131F89A5E3A199E2A2DA9F318A353917A4BF762A8CF880CDB
  368. 17:19:54 CylanceSvc(68)[31] Information: [Cylance.Host.KernelDriver.Driver] Driver: UNKNOWN_FILE '', local: 'C:\Program Files (x86)\Mozilla Thunderbird\prldap60.dll', procId: 5844, hash: '6FA16467A36721CBEF088F59365BF6E5EE3048C0706F6CF1A091C699A408EC81'
  369. 17:19:54 CylanceSvc(68)[31] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 6FA16467A36721CBEF088F59365BF6E5EE3048C0706F6CF1A091C699A408EC81 'C:\Program Files (x86)\Mozilla Thunderbird\prldap60.dll'
  370. 17:19:54 CylanceSvc(68)[38] Information: [Cylance.Host.KernelDriver.Driver] Driver: UNKNOWN_FILE '', local: 'C:\Program Files (x86)\Mozilla Thunderbird\lgpllibs.dll', procId: 5844, hash: '3A037468F5E731E13A2003A466D2DD44977215C8A97E54EF2E53917B24474AC8'
  371. 17:19:54 CylanceSvc(68)[31] Information: [Cylance.Host.ProcessMonitor.ProcessMonitor] OnUnknownFile(1) SendBlockResponse: Allow 'C:\Program Files (x86)\Mozilla Thunderbird\prldap60.dll'-6FA16467A36721CBEF088F59365BF6E5EE3048C0706F6CF1A091C699A408EC81
  372. 17:19:54 CylanceSvc(68)[36] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow A867BED3617BC1F131F89A5E3A199E2A2DA9F318A353917A4BF762A8CF880CDB 'C:\Program Files (x86)\Mozilla Thunderbird\nss3.dll'
  373. 17:19:54 CylanceSvc(68)[36] Information: [Cylance.Host.Analyzer.Analyzer] AnalyzeFile remove from list: 'C:\Program Files (x86)\Mozilla Thunderbird\nss3.dll'-A867BED3617BC1F131F89A5E3A199E2A2DA9F318A353917A4BF762A8CF880CDB FileInvalid=False detector='execution_control' score=999 prev_dectector='unknown' prev_score=0
  374. 17:19:54 CylanceSvc(68)[31] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 6FA16467A36721CBEF088F59365BF6E5EE3048C0706F6CF1A091C699A408EC81 'C:\Program Files (x86)\Mozilla Thunderbird\prldap60.dll'
  375. 17:19:54 CylanceSvc(68)[31] Information: [Cylance.Host.Analyzer.Analyzer] AnalyzeFile remove from list: 'C:\Program Files (x86)\Mozilla Thunderbird\prldap60.dll'-6FA16467A36721CBEF088F59365BF6E5EE3048C0706F6CF1A091C699A408EC81 FileInvalid=False detector='execution_control' score=1000 prev_dectector='unknown' prev_score=0
  376. 17:19:54 CylanceSvc(68)[38] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 3A037468F5E731E13A2003A466D2DD44977215C8A97E54EF2E53917B24474AC8 'C:\Program Files (x86)\Mozilla Thunderbird\lgpllibs.dll'
  377. 17:19:54 CylanceSvc(68)[31] Information: [Cylance.Host.KernelDriver.Driver] Driver: UNKNOWN_FILE '', local: 'C:\Program Files (x86)\Mozilla Thunderbird\api-ms-win-crt-locale-l1-1-0.dll', procId: 5844, hash: 'BE19250A19ED49CE247999D6F0B953EDC2AB7C66B46F1CFBD0C24BE91B84B297'
  378. 17:19:54 CylanceSvc(68)[38] Information: [Cylance.Host.ProcessMonitor.ProcessMonitor] OnUnknownFile(1) SendBlockResponse: Allow 'C:\Program Files (x86)\Mozilla Thunderbird\lgpllibs.dll'-3A037468F5E731E13A2003A466D2DD44977215C8A97E54EF2E53917B24474AC8
  379. 17:19:54 CylanceSvc(68)[38] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 3A037468F5E731E13A2003A466D2DD44977215C8A97E54EF2E53917B24474AC8 'C:\Program Files (x86)\Mozilla Thunderbird\lgpllibs.dll'
  380. 17:19:54 CylanceSvc(68)[38] Information: [Cylance.Host.Analyzer.Analyzer] AnalyzeFile remove from list: 'C:\Program Files (x86)\Mozilla Thunderbird\lgpllibs.dll'-3A037468F5E731E13A2003A466D2DD44977215C8A97E54EF2E53917B24474AC8 FileInvalid=False detector='execution_control' score=1000 prev_dectector='unknown' prev_score=0
  381. 17:19:54 CylanceSvc(68)[31] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow BE19250A19ED49CE247999D6F0B953EDC2AB7C66B46F1CFBD0C24BE91B84B297 'C:\Program Files (x86)\Mozilla Thunderbird\api-ms-win-crt-locale-l1-1-0.dll'
  382. 17:19:54 CylanceSvc(68)[31] Information: [Cylance.Host.ProcessMonitor.ProcessMonitor] OnUnknownFile(1) SendBlockResponse: Allow 'C:\Program Files (x86)\Mozilla Thunderbird\api-ms-win-crt-locale-l1-1-0.dll'-BE19250A19ED49CE247999D6F0B953EDC2AB7C66B46F1CFBD0C24BE91B84B297
  383. 17:19:54 CylanceSvc(68)[31] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow BE19250A19ED49CE247999D6F0B953EDC2AB7C66B46F1CFBD0C24BE91B84B297 'C:\Program Files (x86)\Mozilla Thunderbird\api-ms-win-crt-locale-l1-1-0.dll'
  384. 17:19:54 CylanceSvc(68)[31] Information: [Cylance.Host.Analyzer.Analyzer] AnalyzeFile remove from list: 'C:\Program Files (x86)\Mozilla Thunderbird\api-ms-win-crt-locale-l1-1-0.dll'-BE19250A19ED49CE247999D6F0B953EDC2AB7C66B46F1CFBD0C24BE91B84B297 FileInvalid=False detector='execution_control' score=1000 prev_dectector='unknown' prev_score=0
  385. 17:19:55 CylanceSvc(68)[31] Information: [Cylance.Host.KernelDriver.Driver] Driver: UNKNOWN_FILE '', local: 'C:\Program Files (x86)\Mozilla Thunderbird\xul.dll', procId: 5844, hash: '1258C6934E8ED00E7BFBCB80D55887DE525CF42297D0203135A14775278CE03E'
  386. 17:19:58 CylanceSvc(68)[31] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 1258C6934E8ED00E7BFBCB80D55887DE525CF42297D0203135A14775278CE03E 'C:\Program Files (x86)\Mozilla Thunderbird\xul.dll'
  387. 17:19:58 CylanceSvc(68)[31] Information: [Cylance.Host.ProcessMonitor.ProcessMonitor] OnUnknownFile(1) SendBlockResponse: Allow 'C:\Program Files (x86)\Mozilla Thunderbird\xul.dll'-1258C6934E8ED00E7BFBCB80D55887DE525CF42297D0203135A14775278CE03E
  388. 17:19:58 CylanceSvc(68)[31] Warning: [Cylance.Host.Analyzer.FileUploader] Requested file 'C:\Program Files (x86)\Mozilla Thunderbird\xul.dll' will not be uploaded because its size (55451600 bytes) is larger than the maximum allowed size (52428800 bytes)
  389. 17:19:58 CylanceSvc(68)[31] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 1258C6934E8ED00E7BFBCB80D55887DE525CF42297D0203135A14775278CE03E 'C:\Program Files (x86)\Mozilla Thunderbird\xul.dll'
  390. 17:19:58 CylanceSvc(68)[16] Information: [Cylance.Host.Analyzer.FileProcessor] Set item to 'invalid' - GetFileStatus(0) 'c:\users\admin\appdata\local\temp\7zsc8a5.tmp\core\api-ms-win-crt-locale-l1-1-0.dll'-BE19250A19ED49CE247999D6F0B953EDC2AB7C66B46F1CFBD0C24BE91B84B297 file does not exist and is not quarantined
  391. 17:19:58 CylanceSvc(68)[16] Information: [Cylance.Host.Analyzer.FileProcessor] Set item to 'invalid' - GetFileStatus(0) 'c:\users\admin\appdata\local\temp\7zsc8a5.tmp\core\api-ms-win-crt-math-l1-1-0.dll'-69C637C0BE7DDFE0690D8C642EC6D0850085617C3C3DDA9531CAC818F06F66E8 file does not exist and is not quarantined
  392. 17:19:58 CylanceSvc(68)[16] Information: [Cylance.Host.Analyzer.FileProcessor] Set item to 'invalid' - GetFileStatus(0) 'c:\users\admin\appdata\local\temp\7zsc8a5.tmp\core\api-ms-win-crt-multibyte-l1-1-0.dll'-414A2BD84B042E2CCF758270647BCFA02D78EB0125C0584DD53F7245481D66B9 file does not exist and is not quarantined
  393. 17:19:58 CylanceSvc(68)[16] Information: [Cylance.Host.Analyzer.FileProcessor] Set item to 'invalid' - GetFileStatus(0) 'c:\users\admin\appdata\local\temp\7zsc8a5.tmp\core\api-ms-win-crt-private-l1-1-0.dll'-5710E3ED5819CCAA9CF558AB57534BC880C610C06F2A44ADFAFBFAB5BFC38C2B file does not exist and is not quarantined
  394. 17:19:58 CylanceSvc(68)[16] Information: [Cylance.Host.Analyzer.FileProcessor] Set item to 'invalid' - GetFileStatus(0) 'c:\users\admin\appdata\local\temp\7zsc8a5.tmp\core\api-ms-win-crt-process-l1-1-0.dll'-3A2355A23874342777391B4A06C5CDCD990DED287CC4A27FDF0A071AC3B229AD file does not exist and is not quarantined
  395. 17:19:58 CylanceSvc(68)[16] Information: [Cylance.Host.Analyzer.FileProcessor] Set item to 'invalid' - GetFileStatus(0) 'c:\users\admin\appdata\local\temp\7zsc8a5.tmp\core\api-ms-win-crt-runtime-l1-1-0.dll'-882DA90B6368056908E9CD21C4719A016E9A3CA597ECA9183892A5806B4A8D4A file does not exist and is not quarantined
  396. 17:19:58 CylanceSvc(68)[16] Information: [Cylance.Host.Analyzer.FileProcessor] Set item to 'invalid' - GetFileStatus(0) 'c:\users\admin\appdata\local\temp\7zsc8a5.tmp\core\api-ms-win-crt-stdio-l1-1-0.dll'-44BBB2AEC747E1CBC63FC7C4D2E8C5EC1CA9F9D026835AC2CCB0D60971B6107A file does not exist and is not quarantined
  397. 17:19:58 CylanceSvc(68)[16] Information: [Cylance.Host.Analyzer.FileProcessor] Set item to 'invalid' - GetFileStatus(0) 'c:\users\admin\appdata\local\temp\7zsc8a5.tmp\core\api-ms-win-crt-string-l1-1-0.dll'-034A8ABF2BF027AD950FDF8FBDF488188C8D02EBA8E160AA95DE376FF1F32FE6 file does not exist and is not quarantined
  398. 17:19:58 CylanceSvc(68)[16] Information: [Cylance.Host.Analyzer.FileProcessor] Set item to 'invalid' - GetFileStatus(0) 'c:\users\admin\appdata\local\temp\7zsc8a5.tmp\core\api-ms-win-crt-time-l1-1-0.dll'-9766C4200B3F51630097FCE8D4F10B33383E663601802ADA72660604876C99E9 file does not exist and is not quarantined
  399. 17:19:58 CylanceSvc(68)[16] Information: [Cylance.Host.Analyzer.FileProcessor] Set item to 'invalid' - GetFileStatus(0) 'c:\users\admin\appdata\local\temp\7zsc8a5.tmp\core\api-ms-win-crt-utility-l1-1-0.dll'-FA10F7E2AB54C2EBCD4688E39BC4AF1544FA21B73BE7FD0562B3FF7CFF041F7A file does not exist and is not quarantined
  400. 17:19:58 CylanceSvc(68)[16] Information: [Cylance.Host.Analyzer.FileProcessor] Set item to 'invalid' - GetFileStatus(0) 'c:\users\admin\appdata\local\temp\7zsc8a5.tmp\core\breakpadinjector.dll'-493DF5A7EE66086FC2FD2D1A69AFDFCCC9524DDAC1265AB916335A620D260CAA file does not exist and is not quarantined
  401. 17:19:58 CylanceSvc(68)[16] Information: [Cylance.Host.Analyzer.FileProcessor] Set item to 'invalid' - GetFileStatus(0) 'c:\users\admin\appdata\local\temp\7zsc8a5.tmp\core\d3dcompiler_43.dll'-2F23182EC6F4889397AC4BF03D62536136C5BDBA825C7D2C4EF08C827F3A8A1C file does not exist and is not quarantined
  402. 17:19:58 CylanceSvc(68)[16] Information: [Cylance.Host.Analyzer.FileProcessor] Set item to 'invalid' - GetFileStatus(0) 'c:\users\admin\appdata\local\temp\7zsc8a5.tmp\core\d3dcompiler_47.dll'-3A010EE7186086A7F77B6AEC3644E05F8495A84895B90572CAB8D4F14EFA088E file does not exist and is not quarantined
  403. 17:19:58 CylanceSvc(68)[16] Information: [Cylance.Host.Analyzer.FileProcessor] Set item to 'invalid' - GetFileStatus(0) 'c:\users\admin\appdata\local\temp\7zsc8a5.tmp\core\freebl3.dll'-876499099D90AE17389A9BA0CE1DBF88C3427DE17395C49CFCE5EBFE361F59EA file does not exist and is not quarantined
  404. 17:19:58 CylanceSvc(68)[16] Information: [Cylance.Host.Analyzer.FileProcessor] Set item to 'invalid' - GetFileStatus(0) 'c:\users\admin\appdata\local\temp\7zsc8a5.tmp\core\ldap60.dll'-750BEE7E9E8A86E2976E4FE9113499048B83FB49BD7786BC5A632C1CC999FBE5 file does not exist and is not quarantined
  405. 17:19:58 CylanceSvc(68)[16] Information: [Cylance.Host.Analyzer.FileProcessor] Set item to 'invalid' - GetFileStatus(0) 'c:\users\admin\appdata\local\temp\7zsc8a5.tmp\core\ldif60.dll'-AB8A145C8B123BA5BE925ED92A926023F1C745942CA6EB6EFF96EE927294D600 file does not exist and is not quarantined
  406. 17:19:58 CylanceSvc(68)[16] Information: [Cylance.Host.Analyzer.FileProcessor] Set item to 'invalid' - GetFileStatus(0) 'c:\users\admin\appdata\local\temp\7zsc8a5.tmp\core\lgpllibs.dll'-3A037468F5E731E13A2003A466D2DD44977215C8A97E54EF2E53917B24474AC8 file does not exist and is not quarantined
  407. 17:19:58 CylanceSvc(68)[16] Information: [Cylance.Host.Analyzer.FileProcessor] Set item to 'invalid' - GetFileStatus(0) 'c:\users\admin\appdata\local\temp\7zsc8a5.tmp\core\libegl.dll'-41F739EB9D4E5B314401BD1733BFBACCB3F241D973806C6EC05E3DAE6D7A3922 file does not exist and is not quarantined
  408. 17:19:58 CylanceSvc(68)[16] Information: [Cylance.Host.Analyzer.FileProcessor] Set item to 'invalid' - GetFileStatus(0) 'c:\users\admin\appdata\local\temp\7zsc8a5.tmp\core\libglesv2.dll'-2F593EE03CA99EC27B7044B05050714D3BFF0D5EDB3C6AF13CCF00C6180B58A5 file does not exist and is not quarantined
  409. 17:19:58 CylanceSvc(68)[16] Information: [Cylance.Host.Analyzer.FileProcessor] Set item to 'invalid' - GetFileStatus(0) 'c:\users\admin\appdata\local\temp\7zsc8a5.tmp\core\mapiproxy.dll'-D62B4F4F3856581CB506A3E482ED0390DFBFB43AD06E4023B7DA5D329BC0D9A1 file does not exist and is not quarantined
  410. 17:19:58 CylanceSvc(68)[16] Information: [Cylance.Host.Analyzer.FileProcessor] Set item to 'invalid' - GetFileStatus(0) 'c:\users\admin\appdata\local\temp\7zsc8a5.tmp\core\mozglue.dll'-E72A180E1E49A80E2964F44C702507DA72277A7B9310E0460ECA0589A342288E file does not exist and is not quarantined
  411. 17:19:58 CylanceSvc(68)[31] Information: [Cylance.Host.KernelDriver.Driver] Driver: UNKNOWN_FILE '', local: 'C:\Program Files (x86)\Mozilla Thunderbird\softokn3.dll', procId: 5844, hash: '4E9158B66F895EB633F38FE2F9090397C1B0DC6CA311BCCAB79CFEBFC1B096C7'
  412. 17:19:58 CylanceSvc(68)[31] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 4E9158B66F895EB633F38FE2F9090397C1B0DC6CA311BCCAB79CFEBFC1B096C7 'C:\Program Files (x86)\Mozilla Thunderbird\softokn3.dll'
  413. 17:19:58 CylanceSvc(68)[38] Information: [Cylance.Host.KernelDriver.Driver] Driver: UNKNOWN_FILE '', local: 'C:\Program Files (x86)\Mozilla Thunderbird\nssdbm3.dll', procId: 5844, hash: '64B8500FCFE3F0A16BD6166F669E554ED04B198D7430B4430069E269EA76C78E'
  414. 17:19:58 CylanceSvc(68)[31] Information: [Cylance.Host.ProcessMonitor.ProcessMonitor] OnUnknownFile(1) SendBlockResponse: Allow 'C:\Program Files (x86)\Mozilla Thunderbird\softokn3.dll'-4E9158B66F895EB633F38FE2F9090397C1B0DC6CA311BCCAB79CFEBFC1B096C7
  415. 17:19:58 CylanceSvc(68)[31] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 4E9158B66F895EB633F38FE2F9090397C1B0DC6CA311BCCAB79CFEBFC1B096C7 'C:\Program Files (x86)\Mozilla Thunderbird\softokn3.dll'
  416. 17:19:58 CylanceSvc(68)[31] Information: [Cylance.Host.Analyzer.Analyzer] AnalyzeFile remove from list: 'C:\Program Files (x86)\Mozilla Thunderbird\softokn3.dll'-4E9158B66F895EB633F38FE2F9090397C1B0DC6CA311BCCAB79CFEBFC1B096C7 FileInvalid=False detector='execution_control' score=1000 prev_dectector='unknown' prev_score=0
  417. 17:19:58 CylanceSvc(68)[38] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 64B8500FCFE3F0A16BD6166F669E554ED04B198D7430B4430069E269EA76C78E 'C:\Program Files (x86)\Mozilla Thunderbird\nssdbm3.dll'
  418. 17:19:58 CylanceSvc(68)[38] Information: [Cylance.Host.ProcessMonitor.ProcessMonitor] OnUnknownFile(1) SendBlockResponse: Allow 'C:\Program Files (x86)\Mozilla Thunderbird\nssdbm3.dll'-64B8500FCFE3F0A16BD6166F669E554ED04B198D7430B4430069E269EA76C78E
  419. 17:19:58 CylanceSvc(68)[31] Information: [Cylance.Host.KernelDriver.Driver] Driver: UNKNOWN_FILE '', local: 'C:\Program Files (x86)\Mozilla Thunderbird\freebl3.dll', procId: 5844, hash: '876499099D90AE17389A9BA0CE1DBF88C3427DE17395C49CFCE5EBFE361F59EA'
  420. 17:19:58 CylanceSvc(68)[38] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 64B8500FCFE3F0A16BD6166F669E554ED04B198D7430B4430069E269EA76C78E 'C:\Program Files (x86)\Mozilla Thunderbird\nssdbm3.dll'
  421. 17:19:58 CylanceSvc(68)[38] Information: [Cylance.Host.Analyzer.Analyzer] AnalyzeFile remove from list: 'C:\Program Files (x86)\Mozilla Thunderbird\nssdbm3.dll'-64B8500FCFE3F0A16BD6166F669E554ED04B198D7430B4430069E269EA76C78E FileInvalid=False detector='execution_control' score=1000 prev_dectector='unknown' prev_score=0
  422. 17:19:58 CylanceSvc(68)[31] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 876499099D90AE17389A9BA0CE1DBF88C3427DE17395C49CFCE5EBFE361F59EA 'C:\Program Files (x86)\Mozilla Thunderbird\freebl3.dll'
  423. 17:19:58 CylanceSvc(68)[31] Information: [Cylance.Host.ProcessMonitor.ProcessMonitor] OnUnknownFile(1) SendBlockResponse: Allow 'C:\Program Files (x86)\Mozilla Thunderbird\freebl3.dll'-876499099D90AE17389A9BA0CE1DBF88C3427DE17395C49CFCE5EBFE361F59EA
  424. 17:19:58 CylanceSvc(68)[38] Information: [Cylance.Host.KernelDriver.Driver] Driver: UNKNOWN_FILE '', local: 'C:\Program Files (x86)\Mozilla Thunderbird\nssckbi.dll', procId: 5844, hash: '56303FB1ECA950C6C5A2E99420A1D3E906216CE4F71E1CA4E43799CBBA64475F'
  425. 17:19:59 CylanceSvc(68)[31] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 876499099D90AE17389A9BA0CE1DBF88C3427DE17395C49CFCE5EBFE361F59EA 'C:\Program Files (x86)\Mozilla Thunderbird\freebl3.dll'
  426. 17:19:59 CylanceSvc(68)[31] Information: [Cylance.Host.Analyzer.Analyzer] AnalyzeFile remove from list: 'C:\Program Files (x86)\Mozilla Thunderbird\freebl3.dll'-876499099D90AE17389A9BA0CE1DBF88C3427DE17395C49CFCE5EBFE361F59EA FileInvalid=False detector='execution_control' score=1000 prev_dectector='unknown' prev_score=0
  427. 17:19:59 CylanceSvc(68)[38] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 56303FB1ECA950C6C5A2E99420A1D3E906216CE4F71E1CA4E43799CBBA64475F 'C:\Program Files (x86)\Mozilla Thunderbird\nssckbi.dll'
  428. 17:19:59 CylanceSvc(68)[38] Information: [Cylance.Host.ProcessMonitor.ProcessMonitor] OnUnknownFile(1) SendBlockResponse: Allow 'C:\Program Files (x86)\Mozilla Thunderbird\nssckbi.dll'-56303FB1ECA950C6C5A2E99420A1D3E906216CE4F71E1CA4E43799CBBA64475F
  429. 17:19:59 CylanceSvc(68)[38] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 56303FB1ECA950C6C5A2E99420A1D3E906216CE4F71E1CA4E43799CBBA64475F 'C:\Program Files (x86)\Mozilla Thunderbird\nssckbi.dll'
  430. 17:19:59 CylanceSvc(68)[38] Information: [Cylance.Host.Analyzer.Analyzer] AnalyzeFile remove from list: 'C:\Program Files (x86)\Mozilla Thunderbird\nssckbi.dll'-56303FB1ECA950C6C5A2E99420A1D3E906216CE4F71E1CA4E43799CBBA64475F FileInvalid=False detector='execution_control' score=997 prev_dectector='unknown' prev_score=0
  431. 17:20:00 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 274222E5AE4EA4BEBB84A96CCD2DF0E79ECFC2906A358804A86F7DB4AFE374F1 'c:\program files (x86)\mozilla thunderbird\accessiblemarshal.dll'
  432. 17:20:00 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow BCE066193FEB60B08EDF4CBEB490AAAA5DFFEB8A63A720CADF948748A9AF4B8F 'c:\program files (x86)\mozilla thunderbird\api-ms-win-core-console-l1-1-0.dll'
  433. 17:20:00 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 29B23370474BE0C459CC47863603167CC7191F58318BD29877225FCBF2454215 'c:\program files (x86)\mozilla thunderbird\api-ms-win-core-datetime-l1-1-0.dll'
  434. 17:20:00 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow F654E56C4299F507BC34271B6BAA29290FD4919B853E17D7470596CAD779F063 'c:\program files (x86)\mozilla thunderbird\api-ms-win-core-debug-l1-1-0.dll'
  435. 17:20:00 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 891CCFEB349116283326262C27B8894B43CDC89B8AFD5BA7D21B891814A68075 'c:\program files (x86)\mozilla thunderbird\api-ms-win-core-errorhandling-l1-1-0.dll'
  436. 17:20:00 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 71C87C14BC1BD0B20D9F68D4943E93C4C6DDC1B6CF252938BB15FE562552F93E 'c:\program files (x86)\mozilla thunderbird\api-ms-win-core-file-l1-1-0.dll'
  437. 17:20:00 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 668F91E94E76DB4457184909E6A1AB4655E81A8EF37DC37B4ECFE93146C29A88 'c:\program files (x86)\mozilla thunderbird\api-ms-win-core-file-l1-2-0.dll'
  438. 17:20:00 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow A11C772B2451B0C9C706B03381819E4A1DEF3E2FBBBA8362509BBE57DBD5C666 'c:\program files (x86)\mozilla thunderbird\api-ms-win-core-file-l2-1-0.dll'
  439. 17:20:00 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 5089484C8C56AC8E095CADC3DC971DF71EDEB52F856940632821FD37E81AE5CA 'c:\program files (x86)\mozilla thunderbird\api-ms-win-core-handle-l1-1-0.dll'
  440. 17:20:00 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 9A5952C82CBCB1A8ECE9C51C258667D9AB96D13EC6455873999FF0BF78C3CAB0 'c:\program files (x86)\mozilla thunderbird\api-ms-win-core-heap-l1-1-0.dll'
  441. 17:20:04 CylanceSvc(68)[31] Information: [Cylance.Host.KernelDriver.Driver] Driver: UNKNOWN_FILE '', local: 'C:\Program Files (x86)\Mozilla Thunderbird\uninstall\helper.exe', procId: 5844, hash: '3DDBA884BAEC119EE119C5DB289DF0AFF8F750B3DEC1DA4722BDD827C163C115'
  442. 17:20:04 CylanceSvc(68)[31] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 3DDBA884BAEC119EE119C5DB289DF0AFF8F750B3DEC1DA4722BDD827C163C115 'C:\Program Files (x86)\Mozilla Thunderbird\uninstall\helper.exe'
  443. 17:20:04 CylanceSvc(68)[31] Information: [Cylance.Host.ProcessMonitor.ProcessMonitor] OnUnknownFile(1) SendBlockResponse: Allow 'C:\Program Files (x86)\Mozilla Thunderbird\uninstall\helper.exe'-3DDBA884BAEC119EE119C5DB289DF0AFF8F750B3DEC1DA4722BDD827C163C115
  444. 17:20:04 CylanceSvc(68)[31] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 3DDBA884BAEC119EE119C5DB289DF0AFF8F750B3DEC1DA4722BDD827C163C115 'C:\Program Files (x86)\Mozilla Thunderbird\uninstall\helper.exe'
  445. 17:20:04 CylanceSvc(68)[31] Information: [Cylance.Host.Analyzer.Analyzer] AnalyzeFile remove from list: 'C:\Program Files (x86)\Mozilla Thunderbird\uninstall\helper.exe'-3DDBA884BAEC119EE119C5DB289DF0AFF8F750B3DEC1DA4722BDD827C163C115 FileInvalid=False detector='execution_control' score=1000 prev_dectector='unknown' prev_score=0
  446. 17:20:16 CylanceSvc(68)[16] Warning: [Cylance.Host.Analyzer.FileUploader] Requested file 'C:\Program Files (x86)\Mozilla Thunderbird\xul.dll' will not be uploaded because its size (55451600 bytes) is larger than the maximum allowed size (52428800 bytes)
  447. 17:20:17 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow FF482F69F2183B5FD3C1B45D9006156524B8F8A5F518E33D6E92EA079787E64D 'c:\program files (x86)\mozilla thunderbird\api-ms-win-core-interlocked-l1-1-0.dll'
  448. 17:20:17 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 4F11443A2FA6C714D3E33597F0D08DE4E11A6A2FDB7DE2E4A01ADDD5977665C5 'c:\program files (x86)\mozilla thunderbird\api-ms-win-core-localization-l1-2-0.dll'
  449. 17:20:17 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 50BF87DA10AE3F442C457E42D6666993B0FCA7C5D4DF521E8CD0959995FBCDDC 'c:\program files (x86)\mozilla thunderbird\api-ms-win-core-memory-l1-1-0.dll'
  450. 17:20:17 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 2F4690B3C2587C0BFB81AB701D50E497406994613151FAF007423C59CA5E2281 'c:\program files (x86)\mozilla thunderbird\api-ms-win-core-namedpipe-l1-1-0.dll'
  451. 17:20:17 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow D8D74FB87F94A587582D56934816362B992B712E47C39F13D957058F17724886 'c:\program files (x86)\mozilla thunderbird\api-ms-win-core-libraryloader-l1-1-0.dll'
  452. 17:20:17 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 9B5A5536AED84D45A00DA1056AF4762FEC805EABA742C6BF2D2FCA60993711BB 'c:\program files (x86)\mozilla thunderbird\api-ms-win-core-processenvironment-l1-1-0.dll'
  453. 17:20:17 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 979FF0E25E7EA00B8714C9EF2DC8417E69AFAC137EA88F77F8F5A9FFEAA31923 'c:\program files (x86)\mozilla thunderbird\api-ms-win-core-processthreads-l1-1-0.dll'
  454. 17:20:17 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 5BACBBE62E36AD0F6D7742E70361F26BC56A44DBD28CC0291F588420E0C218A6 'c:\program files (x86)\mozilla thunderbird\api-ms-win-core-processthreads-l1-1-1.dll'
  455. 17:20:17 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 619E5120BFDD11461672CE8798DA00166E57C528B9AFD80404D2C9CBE87E2C07 'c:\program files (x86)\mozilla thunderbird\api-ms-win-core-profile-l1-1-0.dll'
  456. 17:20:17 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 6D541B215CFA452E54DC6AF9317A7FC24043FA465EF2B561E0F245A4870B2705 'c:\program files (x86)\mozilla thunderbird\api-ms-win-core-rtlsupport-l1-1-0.dll'
  457. 17:20:17 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 1258C6934E8ED00E7BFBCB80D55887DE525CF42297D0203135A14775278CE03E 'C:\Program Files (x86)\Mozilla Thunderbird\xul.dll'
  458. 17:20:17 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 550D4FC902F25F2A0C09F475B5CECEE43FB3A0A042126479560B0001DB5C4891 'c:\program files (x86)\mozilla thunderbird\api-ms-win-core-string-l1-1-0.dll'
  459. 17:20:17 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow BFF7EA28E198C7DBEE45D35FD98AE03696E9E252D46BEC9FF7B7823CBA1681F1 'c:\program files (x86)\mozilla thunderbird\api-ms-win-core-synch-l1-1-0.dll'
  460. 17:20:17 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow E29EAA099BE15958CB65D03D47959CAE2DAC342402856C5F0E4DA672193C329D 'c:\program files (x86)\mozilla thunderbird\api-ms-win-core-synch-l1-2-0.dll'
  461. 17:20:17 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 81926C2B97A7B01061C5042DA0005F0B64FE9E07852478B2A65E8A8EB5560B1F 'c:\program files (x86)\mozilla thunderbird\api-ms-win-core-sysinfo-l1-1-0.dll'
  462. 17:20:17 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow A5453CD2B5E98D40CA17DD20A8F5974F29DE7236A076867A3BC3CBCA441BE928 'c:\program files (x86)\mozilla thunderbird\api-ms-win-core-timezone-l1-1-0.dll'
  463. 17:20:17 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 48D491B08D395A8AC47CC22A70D1C3F5E84D716AFE2678E825F24492E8FF2ED4 'c:\program files (x86)\mozilla thunderbird\api-ms-win-core-util-l1-1-0.dll'
  464. 17:20:17 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 3737D7875668EB4812AB01FE82226D758D480128C76BC234806BFD40694CF048 'c:\program files (x86)\mozilla thunderbird\api-ms-win-crt-conio-l1-1-0.dll'
  465. 17:20:17 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow D16C5B0E19870E86354B5E6CDC4C81E80777749F6BBE6B675F680CEC0FFAE35D 'c:\program files (x86)\mozilla thunderbird\api-ms-win-crt-convert-l1-1-0.dll'
  466. 17:20:17 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 9FC2486ED5D3FFF78DEB69A7386F4575451D43B67F759AFB056AC66B82041E3D 'c:\program files (x86)\mozilla thunderbird\api-ms-win-crt-environment-l1-1-0.dll'
  467. 17:20:17 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 136E5DE4B535AABF6368C06F82339D2EF6C34165661F40433BCEF4EBB90B30FE 'c:\program files (x86)\mozilla thunderbird\api-ms-win-crt-filesystem-l1-1-0.dll'
  468. 17:20:17 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow B90BFFA9E03FFD4ECF1D0D709C60F61D13490E84C4550EF06586BC9B1024ED00 'c:\program files (x86)\mozilla thunderbird\api-ms-win-crt-heap-l1-1-0.dll'
  469. 17:20:17 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow BE19250A19ED49CE247999D6F0B953EDC2AB7C66B46F1CFBD0C24BE91B84B297 'c:\program files (x86)\mozilla thunderbird\api-ms-win-crt-locale-l1-1-0.dll'
  470. 17:20:17 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 69C637C0BE7DDFE0690D8C642EC6D0850085617C3C3DDA9531CAC818F06F66E8 'c:\program files (x86)\mozilla thunderbird\api-ms-win-crt-math-l1-1-0.dll'
  471. 17:20:17 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 414A2BD84B042E2CCF758270647BCFA02D78EB0125C0584DD53F7245481D66B9 'c:\program files (x86)\mozilla thunderbird\api-ms-win-crt-multibyte-l1-1-0.dll'
  472. 17:20:17 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 5710E3ED5819CCAA9CF558AB57534BC880C610C06F2A44ADFAFBFAB5BFC38C2B 'c:\program files (x86)\mozilla thunderbird\api-ms-win-crt-private-l1-1-0.dll'
  473. 17:20:17 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 3A2355A23874342777391B4A06C5CDCD990DED287CC4A27FDF0A071AC3B229AD 'c:\program files (x86)\mozilla thunderbird\api-ms-win-crt-process-l1-1-0.dll'
  474. 17:20:17 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 882DA90B6368056908E9CD21C4719A016E9A3CA597ECA9183892A5806B4A8D4A 'c:\program files (x86)\mozilla thunderbird\api-ms-win-crt-runtime-l1-1-0.dll'
  475. 17:20:17 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 44BBB2AEC747E1CBC63FC7C4D2E8C5EC1CA9F9D026835AC2CCB0D60971B6107A 'c:\program files (x86)\mozilla thunderbird\api-ms-win-crt-stdio-l1-1-0.dll'
  476. 17:20:17 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 034A8ABF2BF027AD950FDF8FBDF488188C8D02EBA8E160AA95DE376FF1F32FE6 'c:\program files (x86)\mozilla thunderbird\api-ms-win-crt-string-l1-1-0.dll'
  477. 17:20:17 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 9766C4200B3F51630097FCE8D4F10B33383E663601802ADA72660604876C99E9 'c:\program files (x86)\mozilla thunderbird\api-ms-win-crt-time-l1-1-0.dll'
  478. 17:20:45 CylanceSvc(68)[19] Information: [ProcessStatistics] Stats|PrivateMemorySize64(K)|CpuUser%|Threads|Handles|WorkingSet64(K)|PeakWorkingSet64(K)|VirtualMemorySize64(K)|PeakVirtualMemorySize64(K)|PagedMemorySize64(K)|PeakPagedMemorySize64(K)|PagedSystemMemorySize64(K)|NonpagedSystemMemorySize64(K)|CpuPriv%|CpuTotl%|ElapsedTime|WorkingSetPrivateMemory(Kb)|IoDataBytesPerSec|PageFaultsPerSec|BytesSent(Kb)|BytesReceived(Kb)|ConnectionsEstablished
  479. 17:20:45 CylanceSvc(68)[19] Information: [ProcessStatistics] Stats|509452|98|39|1153|77228|684760|1092400|1225280|509452|778248|528|130|33|133|252|62764|106606|26302|38|225|9
  480. 17:20:49 CylanceSvc(68)[16] Warning: [Cylance.Host.Analyzer.FileUploader] Requested file 'c:\program files (x86)\mozilla thunderbird\xul.dll' will not be uploaded because its size (55451600 bytes) is larger than the maximum allowed size (52428800 bytes)
  481. 17:20:49 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow FA10F7E2AB54C2EBCD4688E39BC4AF1544FA21B73BE7FD0562B3FF7CFF041F7A 'c:\program files (x86)\mozilla thunderbird\api-ms-win-crt-utility-l1-1-0.dll'
  482. 17:20:49 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 493DF5A7EE66086FC2FD2D1A69AFDFCCC9524DDAC1265AB916335A620D260CAA 'c:\program files (x86)\mozilla thunderbird\breakpadinjector.dll'
  483. 17:20:49 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow DDC2DE7D732D0CFC2CDAA58927FFDE075D369C992DF883A40FEF7898A504E85D 'c:\program files (x86)\mozilla thunderbird\crashreporter.exe'
  484. 17:20:49 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 2F23182EC6F4889397AC4BF03D62536136C5BDBA825C7D2C4EF08C827F3A8A1C 'c:\program files (x86)\mozilla thunderbird\d3dcompiler_43.dll'
  485. 17:20:49 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 3A010EE7186086A7F77B6AEC3644E05F8495A84895B90572CAB8D4F14EFA088E 'c:\program files (x86)\mozilla thunderbird\d3dcompiler_47.dll'
  486. 17:20:49 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 876499099D90AE17389A9BA0CE1DBF88C3427DE17395C49CFCE5EBFE361F59EA 'c:\program files (x86)\mozilla thunderbird\freebl3.dll'
  487. 17:20:49 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 750BEE7E9E8A86E2976E4FE9113499048B83FB49BD7786BC5A632C1CC999FBE5 'c:\program files (x86)\mozilla thunderbird\ldap60.dll'
  488. 17:20:49 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow AB8A145C8B123BA5BE925ED92A926023F1C745942CA6EB6EFF96EE927294D600 'c:\program files (x86)\mozilla thunderbird\ldif60.dll'
  489. 17:20:49 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 3A037468F5E731E13A2003A466D2DD44977215C8A97E54EF2E53917B24474AC8 'c:\program files (x86)\mozilla thunderbird\lgpllibs.dll'
  490. 17:20:49 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 41F739EB9D4E5B314401BD1733BFBACCB3F241D973806C6EC05E3DAE6D7A3922 'c:\program files (x86)\mozilla thunderbird\libegl.dll'
  491. 17:20:49 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 2F593EE03CA99EC27B7044B05050714D3BFF0D5EDB3C6AF13CCF00C6180B58A5 'c:\program files (x86)\mozilla thunderbird\libglesv2.dll'
  492. 17:20:49 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 3D05645FBF375B60228DB4C20EB4232E5C27D37F2D6B89C73465AA0799858558 'c:\program files (x86)\mozilla thunderbird\maintenanceservice.exe'
  493. 17:20:49 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 8653A2A70E19DC08E1B28BC28E93E3A7B6FA87B57FF43C901E5AEE9720A16B54 'c:\program files (x86)\mozilla thunderbird\maintenanceservice_installer.exe'
  494. 17:20:49 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow D62B4F4F3856581CB506A3E482ED0390DFBFB43AD06E4023B7DA5D329BC0D9A1 'c:\program files (x86)\mozilla thunderbird\mapiproxy.dll'
  495. 17:20:49 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow E72A180E1E49A80E2964F44C702507DA72277A7B9310E0460ECA0589A342288E 'c:\program files (x86)\mozilla thunderbird\mozglue.dll'
  496. 17:20:49 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow AD2727C5DEFA4FE867BC7EAAE29C2A99F01C314123368B0C4EA3BCF21688A1AE 'c:\program files (x86)\mozilla thunderbird\mozmapi32.dll'
  497. 17:20:49 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 9C1DC36D319382E1501CDEAAE36BAD5B820EA84393EF6149E377D2FB2FC361A5 'c:\program files (x86)\mozilla thunderbird\msvcp140.dll'
  498. 17:20:49 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow A867BED3617BC1F131F89A5E3A199E2A2DA9F318A353917A4BF762A8CF880CDB 'c:\program files (x86)\mozilla thunderbird\nss3.dll'
  499. 17:20:49 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 56303FB1ECA950C6C5A2E99420A1D3E906216CE4F71E1CA4E43799CBBA64475F 'c:\program files (x86)\mozilla thunderbird\nssckbi.dll'
  500. 17:20:49 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 64B8500FCFE3F0A16BD6166F669E554ED04B198D7430B4430069E269EA76C78E 'c:\program files (x86)\mozilla thunderbird\nssdbm3.dll'
  501. 17:20:49 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow E6B32E8D6769928A9D9DB61E449C6E2F907E6717136F590EB1DEF7BF665AE035 'c:\program files (x86)\mozilla thunderbird\plugin-container.exe'
  502. 17:20:49 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 7F0FA622CFC1D4A782241D18CC833CD78250749D013AFD7776FD09DAEF0CA4C9 'c:\program files (x86)\mozilla thunderbird\plugin-hang-ui.exe'
  503. 17:20:49 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 6FA16467A36721CBEF088F59365BF6E5EE3048C0706F6CF1A091C699A408EC81 'c:\program files (x86)\mozilla thunderbird\prldap60.dll'
  504. 17:20:49 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 4E9158B66F895EB633F38FE2F9090397C1B0DC6CA311BCCAB79CFEBFC1B096C7 'c:\program files (x86)\mozilla thunderbird\softokn3.dll'
  505. 17:20:49 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow EDA62C01D03CEC31A72D46169F82C6FBE83801BF247447582890355D2DC05EC3 'c:\program files (x86)\mozilla thunderbird\thunderbird.exe'
  506. 17:20:49 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow F085B1B009AB89049BA95DD4FFDE276D5B1F6FA0055F58DC3FC0D4B03AE8116D 'c:\program files (x86)\mozilla thunderbird\ucrtbase.dll'
  507. 17:20:49 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 8A424BE6954E928FA573E9988B07F18D255F7A2DD61E78899003C369038C174D 'c:\program files (x86)\mozilla thunderbird\updater.exe'
  508. 17:20:49 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 6823B98C3E922490A2F97F54862D32193900077E49F0360522B19E06E6DA24B4 'c:\program files (x86)\mozilla thunderbird\vcruntime140.dll'
  509. 17:20:49 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow B73BFF37E0E1C06B86374DE1B6517526675FB9C4BEA9AF1BF2F414764DE0041A 'c:\program files (x86)\mozilla thunderbird\wow_helper.exe'
  510. 17:20:49 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 1A805C2E14668C0D22469BE9534F354FF21DD6A16BAFDFA0AE7A781B5A46E6D1 'c:\program files (x86)\mozilla thunderbird\wsenable.exe'
  511. 17:21:08 CylanceSvc(68)[34] Information: [Cylance.Host.KernelDriver.Driver] Driver: UNKNOWN_FILE '', local: 'C:\Users\admin\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe', procId: 4920, hash: '77853169F32426F38BD74A7CD82AEF1DC165779898160AF9C8D6A7C4B39450A3'
  512. 17:21:08 CylanceSvc(68)[34] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 77853169F32426F38BD74A7CD82AEF1DC165779898160AF9C8D6A7C4B39450A3 'C:\Users\admin\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe'
  513. 17:21:08 CylanceSvc(68)[34] Information: [Cylance.Host.ProcessMonitor.ProcessMonitor] OnUnknownFile(1) SendBlockResponse: Allow 'C:\Users\admin\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe'-77853169F32426F38BD74A7CD82AEF1DC165779898160AF9C8D6A7C4B39450A3
  514. 17:21:10 CylanceSvc(68)[34] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 77853169F32426F38BD74A7CD82AEF1DC165779898160AF9C8D6A7C4B39450A3 'C:\Users\admin\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe'
  515. 17:21:10 CylanceSvc(68)[34] Information: [Cylance.Host.Analyzer.Analyzer] AnalyzeFile remove from list: 'C:\Users\admin\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe'-77853169F32426F38BD74A7CD82AEF1DC165779898160AF9C8D6A7C4B39450A3 FileInvalid=False detector='execution_control' score=1000 prev_dectector='unknown' prev_score=0
  516. 17:21:20 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 3DDBA884BAEC119EE119C5DB289DF0AFF8F750B3DEC1DA4722BDD827C163C115 'c:\program files (x86)\mozilla thunderbird\uninstall\helper.exe'
  517. 17:21:20 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow D62B4F4F3856581CB506A3E482ED0390DFBFB43AD06E4023B7DA5D329BC0D9A1 'c:\program files (x86)\mozilla thunderbird\mapiproxy_inuse.dll'
  518. 17:21:20 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow AD2727C5DEFA4FE867BC7EAAE29C2A99F01C314123368B0C4EA3BCF21688A1AE 'c:\program files (x86)\mozilla thunderbird\mozmapi32_inuse.dll'
  519. 17:21:20 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 3D05645FBF375B60228DB4C20EB4232E5C27D37F2D6B89C73465AA0799858558 'c:\program files (x86)\mozilla maintenance service\maintenanceservice.exe'
  520. 17:21:20 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 031C55AF1DB560D3036198420B917555EE65F2B884591B348AF2116D974B69F3 'c:\program files (x86)\mozilla maintenance service\uninstall.exe'
  521. 17:21:20 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 77853169F32426F38BD74A7CD82AEF1DC165779898160AF9C8D6A7C4B39450A3 'c:\users\admin\appdata\local\microsoft\windows\inetcache\ie\wiovs70r\onedrivesetup[2].exe'
  522. 17:21:34 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 77853169F32426F38BD74A7CD82AEF1DC165779898160AF9C8D6A7C4B39450A3 'c:\users\admin\appdata\local\microsoft\onedrive\standaloneupdater\onedrivesetup.exe'
  523. 17:21:34 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow DF1BAB7AA1B28866ED74C21658868AA52DB281BBAADE9C666C61E98F5300607C 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\adal.dll'
  524. 17:21:34 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 7A7B69E5BE7A4B01EA48FC22B8A49DC2BE5957C4FD0B253B22C9B0CFAF35B8C5 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\api-ms-win-core-console-l1-1-0.dll'
  525. 17:21:34 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 419CAE5B5A3E0DE7661D32ECD2185F91FD4282ABDAB6F9264A8C492358202ED9 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\api-ms-win-core-datetime-l1-1-0.dll'
  526. 17:21:34 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow D813A2BD5EE189D305FE2AC458521F0F62981C0E36E5C10F05850314295996E5 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\api-ms-win-core-debug-l1-1-0.dll'
  527. 17:21:34 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 59079CD59213E721E03E33366D68E20D92F06C92BF51D572DB586722E33629B7 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\api-ms-win-core-errorhandling-l1-1-0.dll'
  528. 17:21:34 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow E9BE1025887D2421B0BFA316DAC3F306980111A8CC951E6B36DE6EC26BFC7149 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\api-ms-win-core-file-l1-1-0.dll'
  529. 17:21:34 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow A497B2D4B5DBD279D18D5430726571213AC09B5A451D1104AE15B7820B791036 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\msvcp140.dll'
  530. 17:21:34 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 5B5A45005F50DD1237BE578C10C62FB8B896CB5B7C1480EBE5A9386A4984A42F 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\api-ms-win-core-file-l1-2-0.dll'
  531. 17:21:34 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 8DE9743E49B6584F1E987400EC03F074E769762B78B9F49A91E98613CC0FE590 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\api-ms-win-core-file-l2-1-0.dll'
  532. 17:21:34 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow F1FA93FF9FA7136F8E42B54692E6C3A9B7B28741EC58EA5B4687936B59DF4088 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\api-ms-win-core-handle-l1-1-0.dll'
  533. 17:21:34 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow A15A11A33CF633803EFE833920149E99CB99DDC117F52C335534FB4F61EEF309 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\api-ms-win-core-heap-l1-1-0.dll'
  534. 17:21:34 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow A32A786C811D31BD71B2172E49C8B25C22D7B48BEC717BEDA7728F2308549E45 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\api-ms-win-core-interlocked-l1-1-0.dll'
  535. 17:21:34 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 3C00204C81ACDEE3015CD6DCEBE988684331879BC5F7192B8D2CA818312693BB 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\api-ms-win-core-libraryloader-l1-1-0.dll'
  536. 17:21:34 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow BCD2A1DDDB15A11ED10DE4EB0178ADE56F5326C87E836FABBD3E70F412790A05 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\api-ms-win-core-localization-l1-2-0.dll'
  537. 17:21:34 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 694AE9F2D75B390BCD00377D0133BABB5DB932B0709FA2A8685879956FEF4B0F 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\api-ms-win-core-memory-l1-1-0.dll'
  538. 17:21:34 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 84CD3655FA6C557106474E9C8A430A02BC46236A07E9A9F3CD65FA83FE8C4B64 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\api-ms-win-core-namedpipe-l1-1-0.dll'
  539. 17:21:34 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow BDD9E56B3F46697D02F692F4DD830B44B48988BD5EA14E887EEBA10B9ED4E832 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\api-ms-win-core-processenvironment-l1-1-0.dll'
  540. 17:21:34 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 9590C024AD656C18992BD2E565BC6227CE8C4C2B89D6D159274726C481CD5759 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\onedrive.exe'
  541. 17:21:34 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 21A489D51CBE09900F93CA4275217B227DD90765379208F0C4AFF051086EFE5F 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\api-ms-win-core-processthreads-l1-1-0.dll'
  542. 17:21:34 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 845E916CB506FD2F36F5CC636FF8EEDEF7F226FE85C5BED4FD0BEE4D2BEB69B2 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\api-ms-win-core-processthreads-l1-1-1.dll'
  543. 17:21:34 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 3884B8BAEDCE90F8642A089E3DBD8A4A1D2FD7462E4C8002CCADCE37BF08FB26 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\api-ms-win-core-profile-l1-1-0.dll'
  544. 17:21:34 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 3BB189D44567B6754D342B08BDA6E9000D8C87C48D654B8E2B62FC3081F578F5 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\api-ms-win-core-rtlsupport-l1-1-0.dll'
  545. 17:21:34 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 94344DED757C2F48B71EC464BAEC95A265A3B7508B03DFED386D7611F0AC7CEF 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\api-ms-win-core-string-l1-1-0.dll'
  546. 17:21:34 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 2AEB2C4CDC411FF4848B178E5EDDB44F3E821FD9F7B3F20C262EF4363A691950 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\api-ms-win-core-synch-l1-1-0.dll'
  547. 17:21:34 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow D8D73A142FCB83E788B9C304E2BB2C535CAA9604A986DA70487980123B2BA759 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\api-ms-win-core-synch-l1-2-0.dll'
  548. 17:21:34 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow A4DCC44EBD1F334467F9FF7EAB03FEA0FC5ED339B223D30EB6E72F1C34421BAF 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\api-ms-win-core-sysinfo-l1-1-0.dll'
  549. 17:21:34 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 3838A4202AABF633DECF4167E34C1C90E0D9621020F551F9DEE4D1C2059FCE62 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\api-ms-win-core-timezone-l1-1-0.dll'
  550. 17:21:34 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow A3B96E96A03D91766DF6B7D4016469AFC07A1AEA6D84E0EA73581C0979529CF8 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\api-ms-win-core-util-l1-1-0.dll'
  551. 17:21:34 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 14EE2B519D2FD3558FC0B8576E514845D6D0C4BA7FAEB35DC68BDEA412CCE24C 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\api-ms-win-crt-conio-l1-1-0.dll'
  552. 17:21:34 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow D91C8687FBF8A57520C1A18219EDA016393D04FFD8865AAE98F6DD8D6D51E084 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\api-ms-win-crt-convert-l1-1-0.dll'
  553. 17:21:44 CylanceSvc(68)[25] Information: [ProcessStatistics] Stats|510928|6|38|1149|115680|684760|1091376|1225280|510928|778248|526|130|1|7|312|106120|1747575|1454|46|230|9
  554. 17:21:52 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 20D404DFD9E3B287CBDE4C2D8A0F75324D6995DE18F6B2D8BBFD14AD3F5A5894 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\api-ms-win-crt-environment-l1-1-0.dll'
  555. 17:21:52 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 10DE34BA6BBE13EED05AD2A9DB5B74A7BA3203EF1EBA67252267EF0A8EA761CD 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\pt-pt\filesync.localizedresources.dll.mui'
  556. 17:21:52 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow FAD074576FCFCBBD03D21F2305730CD7B19095475227569DBF3C776CA9A7842B 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\api-ms-win-crt-filesystem-l1-1-0.dll'
  557. 17:21:52 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 9676E00D0DC28D9299A6508C54EFFBFBF8C451D20B49CF8432B268B01F8576B6 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\api-ms-win-crt-heap-l1-1-0.dll'
  558. 17:21:52 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow F9C9963151DE0E6C995A0FE1109F73AB73971D5BE2B7AD6B9B65CA9E042CD1D9 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\api-ms-win-crt-locale-l1-1-0.dll'
  559. 17:21:52 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 831018CEFB54901E91B5BE7D3E6C63436EA08ABE406878FC7BDFC882577AB253 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\hi\filesync.localizedresources.dll.mui'
  560. 17:21:52 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 7E6D9AA82821139F289EB0B07158766D02B0D4961712A15A74301F6EA0A9D9D6 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\api-ms-win-crt-math-l1-1-0.dll'
  561. 17:21:52 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow D09896B6A0EF7F1972AFF2FDDF49B249DD26C3C05CA0A9D5E67DA3BEFCD7A6F3 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\api-ms-win-crt-multibyte-l1-1-0.dll'
  562. 17:21:52 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 4A315EF05859BC7A16F4698D206EFA4CA93BC92DE0C59816A7139A67449E1F16 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\api-ms-win-crt-private-l1-1-0.dll'
  563. 17:21:52 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 96242EEB0D8F31D4FFCA69D6A4F2781958414920A7583B01931027B0A997DDC0 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\api-ms-win-crt-process-l1-1-0.dll'
  564. 17:21:52 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow DC55C72D83D622653878C021DF19242FEC28AE22172BF2A904A8E68AACD5257A 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\onedrivestandaloneupdater.exe'
  565. 17:21:52 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow E1D6C9B65D76CE9466D51224DA58EFAC02DFC06D159BC3BC97EDB424A7ED1298 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\api-ms-win-crt-runtime-l1-1-0.dll'
  566. 17:21:52 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow CEADD4357A768D2BA0F47E276D4D9B81585F0BFA7C31620671F348EF7C1EE7F9 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\api-ms-win-crt-stdio-l1-1-0.dll'
  567. 17:21:52 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 28F729C48FF144D144ECB95E455FBE675992EC701E40B2A65C608C9DCA3A7B2E 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\api-ms-win-crt-string-l1-1-0.dll'
  568. 17:21:52 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 781EB111B34CA9A4AF846D7C66087D473E05F5494623511DD0B24064E6A0B691 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\api-ms-win-crt-time-l1-1-0.dll'
  569. 17:21:52 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 4555AB5DB2F0969CC32B325211A0B727D12E74DA3DB63E57B149FB2BBF0B2D6C 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\api-ms-win-crt-utility-l1-1-0.dll'
  570. 17:21:52 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow D32BEC0FBCF8E475407D5F3ED210D0DA53FA942C1150E1BF3E6AB960C2CD2F1F 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\qt5core.dll'
  571. 17:21:52 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 7392711BC0A3A3E544CF2EB6287D80FDD86073FC6FDFF48A3BEE54F54887525B 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\etwlog.dll'
  572. 17:21:52 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 46AE81A9264E21886B1954665AF9973FC659C0518FF448D7959233E2D4D3488A 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\filecoauth.exe'
  573. 17:21:52 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow E7A74C256577B8D38F0643BDE315B9B5EF2D6D7C75463209E1B17565285D3024 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\filecoauthlib.dll'
  574. 17:21:52 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow AB772C692C50A64E54743EBE776CBBB0A92C6C1D15CD854FAC8949A9A14631AF 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\filesync.localizedresources.dll'
  575. 17:21:52 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow D0EF27C8B92D5F68DF15B46D47EAD2C3D4434CAC97B0EEE2A82F4BA5F5C287AA 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\filesync.resources.dll'
  576. 17:21:52 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow B5DD9927AFAAD5854940BA0D4F96A24AAA5D7E77D957D21F1D631CF7B8A36E73 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\hr\filesync.localizedresources.dll.mui'
  577. 17:21:52 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 7668AF58F54123D98EBFC820DF977A4143E4134766402FE1743C58B867280E9A 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\qt5dbus.dll'
  578. 17:21:52 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow A8FF19400702A8ACCEFE939C8C37D6FAD07C4F19718C58988AC8230136F3918D 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\filesyncapi.dll'
  579. 17:21:52 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 0821D6A2C19DC1546972C4D04CF099932CB8392BC488968A2F1BAB1346EE78BE 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\filesyncclient.dll'
  580. 17:21:52 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 794F00BEB11A9102A5430DDA7E1F0F4A1B370074EDED720AA324EE063411AD5B 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\filesyncconfig.exe'
  581. 17:21:52 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 701860B64ECE75BE4EF12DB1570DA7DFAF084C8BCAE2B8C391F12F2970D16B8E 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\filesyncfal.dll'
  582. 17:21:52 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 327A113A5E2549B63A3634AAAEF75B68E7FB12428D7B04AE7EEC21743B063975 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\qt5gui.dll'
  583. 17:21:52 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow E382D2D3CE8FB1103C31AD7069A488143C4EE00E627327F7273A80F53EF02A36 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\filesyncfalwb.dll'
  584. 17:21:52 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow D6F5C17472AEDEEAC25C4D6B78F9AF5BC36E6F487C3CB42978F6165156A3683A 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\hu\filesync.localizedresources.dll.mui'
  585. 17:22:07 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 5F3DFB4F2ADEEBB391813AEF4441A2518CD672AB1B6CCF57201C8F6F34C1285E 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\qut-latn\filesync.localizedresources.dll.mui'
  586. 17:22:07 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow FD71895AACEB87279956E84CF780543C065F6EAF477EC66179D1BEE04E4C200B 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\filesyncsessions.dll'
  587. 17:22:07 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow D55C1F0706C8FC72631BAA369F1E132117406B115F8AD3ADA4706F2AFDE1D98E 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\filesyncshell.dll'
  588. 17:22:07 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow A24BD2CD0DAC4C70AB48FAC2F1870DF1D986CEA0DABA8D30D14E3EF450CE4AEA 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\qt5network.dll'
  589. 17:22:07 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 333D0D6300BDF3BD92E4C36867190B5897A331F9512BA897668BC06A835F9D4A 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\filesyncviews.dll'
  590. 17:22:07 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow DC2A23414688339A456B545C9084A4ECAC25890F1907CEE1A8384FB7C11159CC 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\libeay32.dll'
  591. 17:22:07 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow D560F8B0EEC8AE532085CC16395F22ED5C6B864557F3AE1D96A1B468844CA678 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\qt5printsupport.dll'
  592. 17:22:07 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 64F5A60407008134BA789527F16BC3494E66D55CE45D11E68EEE7B5AF66095F2 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\libegl.dll'
  593. 17:22:07 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 06BE6604FFAE96B9EA8F4CAD213C36D52D3F4999729B65F89E490EF667E4156A 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\quz-pe\filesync.localizedresources.dll.mui'
  594. 17:22:07 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 7C6094718AC86C4AFE6747F121574CACA7B2DEA158B551DE549CDC061D5087D9 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\hy\filesync.localizedresources.dll.mui'
  595. 17:22:07 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 078861E9C790D935BB0FE85455F820296558758F612C83B0864C389206479713 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\libglesv2.dll'
  596. 17:22:07 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 15410EA0583BA9A467B0C9FE0F6859095DD489E731A05ECE7A4DC8518D9870E0 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\qt5qml.dll'
  597. 17:22:07 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 5EBBB393CBB3A84AED3240E51D9BCD796A6AE495AF5239186451DF4549CC564B 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\loggingplatform.dll'
  598. 17:22:07 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 2C7D4996C78E691DFFD9B29EE68AAE7202CDCB1878AC644067FB102CF62222C1 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\qt5quick.dll'
  599. 17:22:07 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow AA9D1997590DC3D77DCEB2E9CEE52F0714FB291E683F4A0B11250C7E28899E59 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\ro\filesync.localizedresources.dll.mui'
  600. 17:22:07 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow D52D487B4F258BF4FBBBDE71EF5542822681AB29F005FCE882BEB29643134CC4 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\id\filesync.localizedresources.dll.mui'
  601. 17:22:07 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 293A3789BC6AB713A8F51C1692EE8301AA4F23B8328753FEFEA2125A4BE5E053 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\qt5quickcontrols2.dll'
  602. 17:22:07 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 18F6C940E0E986021634674A53795AECF60E2C585BFAB7AA84C46D6B35FD767A 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\ru\filesync.localizedresources.dll.mui'
  603. 17:22:07 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 81CC13C3766000F4A0330635333453876A963909C8C82634CFFE143A820B6A0C 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\qt5quicktemplates2.dll'
  604. 17:22:07 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 7A9C21244FD8C156AA17AE994A45FE8C4F5AD9040089CB6823BF95A0D3290054 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\ig-ng\filesync.localizedresources.dll.mui'
  605. 17:22:07 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow EF2672CECE5A146417957A8DCABDABA4F4457A54A91ADCCC502ED505A8A3B456 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\qt5svg.dll'
  606. 17:22:07 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 84746B5C7EC560D8A461A615CB5F1DC2FB8369D1C07622EB7FDEBCDBAE7F9E5A 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\rw\filesync.localizedresources.dll.mui'
  607. 17:22:07 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 94EEF1B2F6A91C64B24B92F0F45163FF8D014D77DE6374181703151B465D8F7F 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\imageformats\qjpeg.dll'
  608. 17:22:07 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 1E60AD91BE6ACA225BFF7B852484B5D64DB92E3247DE68D56E8F8220D75B45EA 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\qt5widgets.dll'
  609. 17:22:07 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 9A1F51321365760CF020656CBAAF0B98E6C60D61C2F62F4BB4E8CD9189E757B1 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\imageformats\qsvg.dll'
  610. 17:22:07 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow FF3A2F225D28AF9455E0D8D496AAA206BEF12181EEC11A7907A081161E0D25D8 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\sd-arab\filesync.localizedresources.dll.mui'
  611. 17:22:07 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 15D49FB5E559F6F8695A6F771927324EAE76F23279FE74EA95E4BA5D1EABFA72 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\qt5winextras.dll'
  612. 17:22:07 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 57D7BC2F8B0CF2F66FDF96EDB043F1748BAC7F25643AE363512989BA67DD5715 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\si-lk\filesync.localizedresources.dll.mui'
  613. 17:22:07 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 306C18689C97D9B10BCBF5619B4F73BD644B242EB43A9C62A2DDFD9DD03EE63C 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\sk\filesync.localizedresources.dll.mui'
  614. 17:22:07 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 8FEB7D57341EE7F376623AAB53AFBCE64990BE0D6E629239B379FC266483A55A 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\remoteaccess.dll'
  615. 17:22:07 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 9DF6BEC5619CF350DF2D43E8AD9ED137205F8FDAE3029EFE502D49F1A5598860 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\sl\filesync.localizedresources.dll.mui'
  616. 17:22:11 CylanceSvc(68)[36] Information: [Cylance.Host.KernelDriver.Driver] Driver: UNKNOWN_FILE '', local: 'C:\Users\admin\AppData\Local\Microsoft\OneDrive\17.3.7294.0108\vcruntime140.dll', procId: 5960, hash: '0E4B02DCEE2E6C83589706F2DE2D58E79C9E62EB99B03ACC3DDC6855FACAB195'
  617. 17:22:11 CylanceSvc(68)[36] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 0E4B02DCEE2E6C83589706F2DE2D58E79C9E62EB99B03ACC3DDC6855FACAB195 'C:\Users\admin\AppData\Local\Microsoft\OneDrive\17.3.7294.0108\vcruntime140.dll'
  618. 17:22:11 CylanceSvc(68)[36] Information: [Cylance.Host.ProcessMonitor.ProcessMonitor] OnUnknownFile(1) SendBlockResponse: Allow 'C:\Users\admin\AppData\Local\Microsoft\OneDrive\17.3.7294.0108\vcruntime140.dll'-0E4B02DCEE2E6C83589706F2DE2D58E79C9E62EB99B03ACC3DDC6855FACAB195
  619. 17:22:11 CylanceSvc(68)[36] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 0E4B02DCEE2E6C83589706F2DE2D58E79C9E62EB99B03ACC3DDC6855FACAB195 'C:\Users\admin\AppData\Local\Microsoft\OneDrive\17.3.7294.0108\vcruntime140.dll'
  620. 17:22:11 CylanceSvc(68)[36] Information: [Cylance.Host.Analyzer.Analyzer] AnalyzeFile remove from list: 'C:\Users\admin\AppData\Local\Microsoft\OneDrive\17.3.7294.0108\vcruntime140.dll'-0E4B02DCEE2E6C83589706F2DE2D58E79C9E62EB99B03ACC3DDC6855FACAB195 FileInvalid=False detector='execution_control' score=1000 prev_dectector='unknown' prev_score=0
  621. 17:22:11 CylanceSvc(68)[34] Information: [Cylance.Host.KernelDriver.Driver] Driver: UNKNOWN_FILE '', local: 'C:\Users\admin\AppData\Local\Microsoft\OneDrive\17.3.7294.0108\Telemetry.dll', procId: 5960, hash: 'F55E1D08661DF0F4BBA87402ABA3064B40F3EE20EA2A962F3B534DBEC112476F'
  622. 17:22:11 CylanceSvc(68)[34] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow F55E1D08661DF0F4BBA87402ABA3064B40F3EE20EA2A962F3B534DBEC112476F 'C:\Users\admin\AppData\Local\Microsoft\OneDrive\17.3.7294.0108\Telemetry.dll'
  623. 17:22:11 CylanceSvc(68)[34] Information: [Cylance.Host.ProcessMonitor.ProcessMonitor] OnUnknownFile(1) SendBlockResponse: Allow 'C:\Users\admin\AppData\Local\Microsoft\OneDrive\17.3.7294.0108\Telemetry.dll'-F55E1D08661DF0F4BBA87402ABA3064B40F3EE20EA2A962F3B534DBEC112476F
  624. 17:22:11 CylanceSvc(68)[34] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow F55E1D08661DF0F4BBA87402ABA3064B40F3EE20EA2A962F3B534DBEC112476F 'C:\Users\admin\AppData\Local\Microsoft\OneDrive\17.3.7294.0108\Telemetry.dll'
  625. 17:22:11 CylanceSvc(68)[34] Information: [Cylance.Host.Analyzer.Analyzer] AnalyzeFile remove from list: 'C:\Users\admin\AppData\Local\Microsoft\OneDrive\17.3.7294.0108\Telemetry.dll'-F55E1D08661DF0F4BBA87402ABA3064B40F3EE20EA2A962F3B534DBEC112476F FileInvalid=False detector='execution_control' score=1000 prev_dectector='unknown' prev_score=0
  626. 17:22:18 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 7A78A6DCDBBC721050860937FEA5D6D790F470D6A04821DD6A993D89F59659EC 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\sq\filesync.localizedresources.dll.mui'
  627. 17:22:18 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow E5063639A044165CE4E6CA0DFFFD960B36095281A5DFE73F13691B867E076DD4 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\sqmapi.dll'
  628. 17:22:18 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 42A6F52E0DCB6C5DE30066E74AC667776642934531BB0D5E151F56CB88D58769 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\sr-cyrl-ba\filesync.localizedresources.dll.mui'
  629. 17:22:18 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 3361E06139394959229BC8E0363E5DAE59DEBF6BDCE6722E0243F1E6589BF713 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\ssleay32.dll'
  630. 17:22:18 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow BE55034F15A673E84C4EFE4393CB531E077290B6828C4D3365B41737C3EF74D9 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\sr-cyrl-rs\filesync.localizedresources.dll.mui'
  631. 17:22:18 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow E9D553029D76BF5E79AD272909CC3B52E798E04F9FC1A0F21C0F81DE12E52A96 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\syncengine.dll'
  632. 17:22:18 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow A75D71DE3D9A3ECCFA54E028A462E9CE2DF10ABBF251B47AA1577AC1099A4022 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\sr-latn-rs\filesync.localizedresources.dll.mui'
  633. 17:22:18 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow F55E1D08661DF0F4BBA87402ABA3064B40F3EE20EA2A962F3B534DBEC112476F 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\telemetry.dll'
  634. 17:22:18 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow B009D3F2EBE43AE454915CBAFE76D088AA0BCE4060E77CCDE1340FFB2C8BAFAA 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\sv\filesync.localizedresources.dll.mui'
  635. 17:22:18 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 50404D65CA9C1AACDBC0614FBF8FE38CBA54CC2D5451BD32F7E655D39F05A940 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\sw\filesync.localizedresources.dll.mui'
  636. 17:22:18 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 3EA243336D59551096B1DDE7000504F769C0A7F4849ABEAB7BE1D0A2060E482F 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\ucrtbase.dll'
  637. 17:22:18 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 81034FF548091661D7A74748D61412AFD9CB457FF33EF5B588697DB3FBB07FE8 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\ta\filesync.localizedresources.dll.mui'
  638. 17:22:18 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 504B99FC7B91D952B837ADC82BD6EB06DCBE7307200678CB6EBA03996C6BBD1D 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\updateringsettings.dll'
  639. 17:22:18 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 0E4B02DCEE2E6C83589706F2DE2D58E79C9E62EB99B03ACC3DDC6855FACAB195 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\vcruntime140.dll'
  640. 17:22:18 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow B92F50F70E93436EE7394BC32A7A2337D3868686D99BAB654F38B13AACBD70A8 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\te\filesync.localizedresources.dll.mui'
  641. 17:22:18 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 5D4A77694086F633C537AE5CCC6DC180F9E0AD9DA8BDF88D494CC387B86272C3 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\tg-cyrl\filesync.localizedresources.dll.mui'
  642. 17:22:18 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 9EF36375529915DBD1CBDC8C99B3ECE34B8172320A921FFB0369FA380477846A 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\wnsclientapi.dll'
  643. 17:22:18 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 02CA11D7BA4A5A1769AF3DAECA69A362F2E714E92954F54CA0F50B4F4E90C6B7 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\th\filesync.localizedresources.dll.mui'
  644. 17:22:18 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow D524EC83359EE1DFB45BD119C0049B65961DDD762FBC056756E6EBDFD06BA120 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\ti\filesync.localizedresources.dll.mui'
  645. 17:22:18 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow EBF4465C0A27178139A2E26F65083DF43DD555482E6DC688C648D710EC6514E7 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\af\filesync.localizedresources.dll.mui'
  646. 17:22:18 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 657499C4DE62CF0B6842FF574819153B342F8872F879322F305184449B4C9212 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\tk-tm\filesync.localizedresources.dll.mui'
  647. 17:22:18 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow FD97858B70368CB7752EDC5E04FA7C9F3189B71E46AB336FD965F284A6A78326 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\am-et\filesync.localizedresources.dll.mui'
  648. 17:22:18 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 9A682C6CCC34B1C288CDD2BDD2869691F1F49F8CE6B71ECDBBD328FC837582C0 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\tn-za\filesync.localizedresources.dll.mui'
  649. 17:22:18 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 8FF73067864890EB986862D7DD68672B3CBE3577488C8A15EAF7A526AB8930B9 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\amd64\filecoauthlib64.dll'
  650. 17:22:18 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 6E267213988DE0A27470D711421629BC08C640A7BEA7CBC45DA5E3BCB8174624 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\amd64\filesyncapi64.dll'
  651. 17:22:18 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 77D47B9B054BBBB54834A81F3F29D4457A2533D22F9789B09DD8372380D648E2 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\tr\filesync.localizedresources.dll.mui'
  652. 17:22:18 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 78BACDF808D730BE02125BE70654DD365FB84D4F24A43F1028052B161F647128 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\amd64\filesyncshell64.dll'
  653. 17:22:18 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 7074093120839C8105AF6BF67268E6600282A689549C36FA3DFD2B3A7E5AA260 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\tt\filesync.localizedresources.dll.mui'
  654. 17:22:18 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow DFCB02E44FA5A4E762F4413BDAEA21E5BC327464D1163608A8B89B84E24ED2CA 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\ar\filesync.localizedresources.dll.mui'
  655. 17:22:18 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow AB8BD60D59A64DCE0F5352F826CDB0371C2A9535A320E408CA8221C55D45609C 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\ug-arab\filesync.localizedresources.dll.mui'
  656. 17:22:18 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 053BFF5330BFC1BC57EDFBD9A41D2A649E1AC598CC371640E81CC5B65B27B158 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\uk\filesync.localizedresources.dll.mui'
  657. 17:22:28 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow C2EB49975C30EFF36C49389407B7589EB181E61CE8B278AA89FD79BD81C4F5BF 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\ur\filesync.localizedresources.dll.mui'
  658. 17:22:28 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 233557961932F9CAA1D15CB8CD345D93A463C2684F850BDC0D6C03D4DDF19282 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\as-in\filesync.localizedresources.dll.mui'
  659. 17:22:28 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 53BE9E724E3649F9C1FCA829CEE90DB6FD06BD3D859F2D602C71220997240442 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\az-latn-az\filesync.localizedresources.dll.mui'
  660. 17:22:28 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 3132DEF1F63D60559926AEA3651798F53C51A630323620091922EABE4E8F1E88 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\uz-latn-uz\filesync.localizedresources.dll.mui'
  661. 17:22:28 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow FEBD8027DA217BD7AD39CAA86A6DD92B6BF387D042630E30268DB01DDF8D57BE 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\be\filesync.localizedresources.dll.mui'
  662. 17:22:28 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 0AB91B8B560941667827B3A9E4F6C7B85DB024239DE2F2B81B42D525336068E2 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\vi\filesync.localizedresources.dll.mui'
  663. 17:22:28 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 8AC9CD3CCF0AB80C88592E365CCC85E9248108B6BC3A611A033C7A2569759156 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\bg\filesync.localizedresources.dll.mui'
  664. 17:22:28 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 8810F72140ACC4E4C782A39E34EE820F3FDBDFED45F44158242660CDB7206902 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\wo\filesync.localizedresources.dll.mui'
  665. 17:22:28 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow FEC28EC846D602FCF3A6E498D59B96C274D955F2629A6CDF678ED3A2D66AF0E8 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\bn-bd\filesync.localizedresources.dll.mui'
  666. 17:22:28 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 1C8C59ED3C00FA5446EF520621A700EE7F814FC0BEE044C9DE28407DF843392F 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\xh-za\filesync.localizedresources.dll.mui'
  667. 17:22:28 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 1286FF609B985AE505FDE381F1D1B06A33CFC60E851CF320A91F4E93FA235194 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\bn-in\filesync.localizedresources.dll.mui'
  668. 17:22:28 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 7D5C1DFC026B599865F8B3AA6E57D70C40324959CE0699650EB4A9CC76BA0959 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\yo-ng\filesync.localizedresources.dll.mui'
  669. 17:22:28 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 580142939F9CF26D1455843F5C322A4F347E0F88DD94F27010FC430E2230C116 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\bs-latn-ba\filesync.localizedresources.dll.mui'
  670. 17:22:28 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow EA19EDA21E5494D8780CB507CB913FD929377DC5B9ED70D9DFFE832E64919472 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\zh-cn\filesync.localizedresources.dll.mui'
  671. 17:22:28 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 75528F27EE9369C95153E73E01EEE02A9596FB8BBC13DABE693DE03B463BA1A1 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\ca\filesync.localizedresources.dll.mui'
  672. 17:22:28 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow CDEFC236BDFA3F10571B687E5A1E2152AE786265F8B4C6898CC1A67DEBBF991F 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\zh-tw\filesync.localizedresources.dll.mui'
  673. 17:22:28 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 422461112D572BDE604DD4487474E3349D3B984EC0C479D0C7F402107335ED22 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\ca-es-valencia\filesync.localizedresources.dll.mui'
  674. 17:22:28 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow AC37A1E58CFD487C4DAD89D3B4FEC0AD7E1AAD978D3E08D31FB315C1D3D6ECC5 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\zu-za\filesync.localizedresources.dll.mui'
  675. 17:22:28 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow CA00FEDC251B4FA6CEDA67AE9B15881ACA9F0F8F84114C8006F5B25BB2FCB81F 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\cs\filesync.localizedresources.dll.mui'
  676. 17:22:28 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow A83496754DAAC422EF85761C8A2B50E2F8EED66B13DD67D6A2951F58EE9453C7 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\is\filesync.localizedresources.dll.mui'
  677. 17:22:28 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 293799E2054F2E0C58E8F027BDF0792AD8E2D1F0E67FC4419AD5E439FBCF0F07 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\cy-gb\filesync.localizedresources.dll.mui'
  678. 17:22:28 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow BF01E112E0FACE8868106994E0C2DAB645F88D72193537EF8BF3ECCC4CC5C7B8 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\it\filesync.localizedresources.dll.mui'
  679. 17:22:28 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 2AC68101499428F5F20891A139DAE17D5DEB8135E20388DEEAF65F193E3CE8ED 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\da\filesync.localizedresources.dll.mui'
  680. 17:22:28 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 1383B33554FA0B22EFB92A0735897F99A072CBB556A021DE17C58748024BA524 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\ja\filesync.localizedresources.dll.mui'
  681. 17:22:28 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow BE19B6DC342582E04F39D2A58E2925524F989B379620BEE3A404C6FEACD899BA 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\de\filesync.localizedresources.dll.mui'
  682. 17:22:28 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow B126335304FEAF7F7DB5E1224166FFAF2A3437D43F2D5B2D73A8AF2C45B25D0F 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\qml\qtquick.2\qtquick2plugin.dll'
  683. 17:22:28 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 631208E0936DC44A464DDA154CB02C6AA7D41839B87878E88BFDB62F26517045 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\ka\filesync.localizedresources.dll.mui'
  684. 17:22:28 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 4DA4F03734D430A36618C5E836EE3889CF7B9E103055D05A839696091C151017 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\el\filesync.localizedresources.dll.mui'
  685. 17:22:28 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 034F7397BD88EE06A62281FE443510BF2DC2AE8DD6493BD64342F97E4FC2D508 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\kk\filesync.localizedresources.dll.mui'
  686. 17:22:28 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 0A5A80EEC50F0D04EA1BB8B9E6F6E9A113A1467DCD2F7699B61E02166BFDA582 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\en\filesync.localizedresources.dll.mui'
  687. 17:22:28 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 1EAA2594576B580D23F52F02D2EC17FF73C8675AB25731DE6E15753D5FAB4787 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\km-kh\filesync.localizedresources.dll.mui'
  688. 17:22:31 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 627E6B2FE0DF4A0019C72A99D00854C8C7943C0B4AC8E662064CFF88A1A1E971 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\en-gb\filesync.localizedresources.dll.mui'
  689. 17:22:31 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 69CB550D5709D1729A62E4BB4C9209777D23E6AF4DD76217F6D3A3F695083F18 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\kn\filesync.localizedresources.dll.mui'
  690. 17:22:31 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 734D75E0FB79015332CEE13674734F0830CCBFFF3B7FD20307CF11E6CF877437 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\es\filesync.localizedresources.dll.mui'
  691. 17:22:31 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow EE947DD488E718538CF77DFBA9EE1F075B4A0F2DFCBF32B8F0C4837F75FD0C6E 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\ko\filesync.localizedresources.dll.mui'
  692. 17:22:31 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow DA399395DAEC7283D86B01B09B30C85F21F4F601BB2EBC8D846006B608F91022 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\et\filesync.localizedresources.dll.mui'
  693. 17:22:31 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 7FA1B78C803F0204DA9F0F34B0A66E52EB2C01C05F069D7D701C5AE91FDAB5D4 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\kok\filesync.localizedresources.dll.mui'
  694. 17:22:31 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 6F768A5799E98AC04B8A34A8F8E1E8620551884C084C8EA05B3C3E6C78B1FC0A 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\eu\filesync.localizedresources.dll.mui'
  695. 17:22:31 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 08131146DDB95B0C3DCC934F201429F78ACFC9BB3FA5284075D0B3424D11889D 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\ku-arab\filesync.localizedresources.dll.mui'
  696. 17:22:31 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow C0B6B62D30759E9C830D01D2CC45E0343026B2286AB84DC33AF4DED908481C70 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\fa\filesync.localizedresources.dll.mui'
  697. 17:22:31 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow EF9EC814EB5CE8B521845265CC0D551186E389475AA75B8A21BFD05CA59261E7 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\ky\filesync.localizedresources.dll.mui'
  698. 17:22:31 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 873A2CA746304D9EFF33B020181A3ADD8B96FAEDAB355E6F35EF5D9F2D93F591 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\fi\filesync.localizedresources.dll.mui'
  699. 17:22:31 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow C45069EE381311B4DBD0B62AD618D2818AF0E99E7EBDEEC718299F3A6A7A9B53 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\lb-lu\filesync.localizedresources.dll.mui'
  700. 17:22:31 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 45BFA188BA00847CC633D2CF61DC806E1D40543DA10564520A9F984DFB131898 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\fil-ph\filesync.localizedresources.dll.mui'
  701. 17:22:31 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 5C6D9C4B5D8B06DDD3B75FC0219EC741BDD19F1DA3E29A5B62264E84BBA84B70 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\lt\filesync.localizedresources.dll.mui'
  702. 17:22:31 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow B096F9ADB07A294D91A7F320884DCD406844460A8989229E8F827F70AF21FD09 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\fr\filesync.localizedresources.dll.mui'
  703. 17:22:31 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 1036CC60EE82242B0152E2DD3914CEC429F9D29ED06590C04039E6F39E1D9526 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\lv\filesync.localizedresources.dll.mui'
  704. 17:22:31 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 9585E6C3B21752298AA4A2381A67A7102257DE40D91EF40728477C4686BABF4B 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\ga-ie\filesync.localizedresources.dll.mui'
  705. 17:22:31 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow A0464F46AAA8142CA61A2E552599B61FD92C7D344233EC73BE1D50277AEA1637 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\mi-nz\filesync.localizedresources.dll.mui'
  706. 17:22:31 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow A090ED626D9AA5B67E906807843C13401D231CC4E13E91080CC2C3EC238EA38F 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\gd-latn\filesync.localizedresources.dll.mui'
  707. 17:22:31 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 6AE11BC79FAC12AF0BCFFD110AC2B2BBB6F47EE131EB5172E9DC37991BDB5221 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\mk\filesync.localizedresources.dll.mui'
  708. 17:22:31 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow AAD65D418737CF8157F83A8AB0A975AFFCA22FEE5CB22E69D89F236D2752D572 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\qml\qtquick\controls.2\qtquickcontrols2plugin.dll'
  709. 17:22:31 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 51E7A7723DFBD63165FE85ABF2334F35662DD6A450E3F372A8C8B02CF34FFE00 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\gl\filesync.localizedresources.dll.mui'
  710. 17:22:31 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 9434848D5D8DC198BAC2DAF2527FAE2ABF1651D1C5509D449E36D97BE496DC08 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\ml-in\filesync.localizedresources.dll.mui'
  711. 17:22:31 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 808A7D21E052C141CE31FA0137FDD9EED7594066F666B3396B2DA0ECAB9324FD 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\gu\filesync.localizedresources.dll.mui'
  712. 17:22:32 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 89CF65EE19F567AE871C0B6451985A9D42C61C47C1F441D5A0B8078318ECC45A 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\mn\filesync.localizedresources.dll.mui'
  713. 17:22:32 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 58BF67A2BC5C713129460B84B047D2AFF1424A29490601545FDF108717EB1D3C 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\ha-latn-ng\filesync.localizedresources.dll.mui'
  714. 17:22:32 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow F1F83653FE04A9BD2708976505B843856F70C2A479E1BEC31C1DBF6EDCB5FDD5 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\mr\filesync.localizedresources.dll.mui'
  715. 17:22:32 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 9397FC0A109960C280C4981C35DE692C7B9F578DA6474C9ACC90A96A3D45B77B 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\he\filesync.localizedresources.dll.mui'
  716. 17:22:32 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 7819B13832D6EED1DD1F779A50B4B51D6C86344C0840BA860D1A5C3D133456A1 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\ms\filesync.localizedresources.dll.mui'
  717. 17:22:32 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 651A8C0471347B7FD4C9E95021C3009F2FAB1ABF7A1657CAC843351014EF8F67 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\mt-mt\filesync.localizedresources.dll.mui'
  718. 17:22:32 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 1F7C7946EF52E3E79B317F4CBAA071DEAEFBBFD22F88DCB3BB32AD9AC218CA2A 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\nb-no\filesync.localizedresources.dll.mui'
  719. 17:22:44 CylanceSvc(68)[35] Information: [ProcessStatistics] Stats|509848|2|36|1110|55780|684760|1089284|1225280|509848|778248|525|131|2|4|372|52756|1520602|570|60|239|9
  720. 17:23:03 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow F179E7A9A426A24D45F5CB5FAFFAEB0C17A463CDB6AA995DEC221CE4447677EB 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\qml\qtquick\extras\qtquickextrasplugin.dll'
  721. 17:23:03 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 1E43E81BE8B465A225178E585EA566415A5A6652C94AB6DBBFDC501A1E3099C3 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\ne-np\filesync.localizedresources.dll.mui'
  722. 17:23:03 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 218A0188F3EBB1C87E4CE199FA05433204A95B9402D6ED995C1EFDA534D24D59 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\nl\filesync.localizedresources.dll.mui'
  723. 17:23:03 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow FBE719B3640110DA29D7881C529067C365DC159A7C741904B5D191FB76AB1C9E 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\nn-no\filesync.localizedresources.dll.mui'
  724. 17:23:03 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 945C252B8757666EB36909F30A7C9C2F61BBEDEF0E392BEA4F1E4491682DB956 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\qml\qtquick\layouts\qquicklayoutsplugin.dll'
  725. 17:23:03 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow DFB8A1BA4A78F5615BB6EA26F639BF58F601C6100083A9F6EEB5018D20B19667 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\nso-za\filesync.localizedresources.dll.mui'
  726. 17:23:03 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 176812BF3DB3D64083E92925E8366A7F93C1221216960A4BC9E4E74AEB450567 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\or-in\filesync.localizedresources.dll.mui'
  727. 17:23:03 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 62B22020F3C203DCD939555FE8C16F971856903C94CE87F3A084489A5EB8CC5F 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\pa\filesync.localizedresources.dll.mui'
  728. 17:23:03 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 124AF9DA35BC446BDCF32F1F84368A14EA69B429B8937C0539F78DEBA1497E11 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\qml\qtquick\templates.2\qtquicktemplates2plugin.dll'
  729. 17:23:03 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 0C7A6325A0F8BB1B6362CAEA52AAB8AF150A454F26C00D44B483FA4429384441 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\pa-arab\filesync.localizedresources.dll.mui'
  730. 17:23:03 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 94C31A0C1833326111AF29DD31E49423D18BD28FBCEA3D6A8D7CD5E1921BEB1B 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\pl\filesync.localizedresources.dll.mui'
  731. 17:23:03 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 6B0F199F90743ED6095C07F29A847294CF41EC37CE1E3FB567A8AD47738D99EC 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\platforms\qwindows.dll'
  732. 17:23:03 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow C3DD665EAA7BF4AC66C6246F2D53D962C4A23696B3EA46260E73112F74A0934B 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\prs-af\filesync.localizedresources.dll.mui'
  733. 17:23:03 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 2B7F1FABB119DB8F4C34B7D361F6F3009FE321218B44129BD7C3A033AFFDB9CD 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\qml\qtquick\window.2\windowplugin.dll'
  734. 17:23:03 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow C5BF373A7488F28560FE9D122246F415623DB0FBC4D7E037F924FDF70E4B7480 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\pt-br\filesync.localizedresources.dll.mui'
  735. 17:23:03 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow A491749DE505135E08D9BA6F91C6EADEDB589639546D6C59EA65A9C4181A8DC9 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\qml\qtquick\controls\styles\flat\qtquickextrasflatplugin.dll'
  736. 17:23:03 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 77853169F32426F38BD74A7CD82AEF1DC165779898160AF9C8D6A7C4B39450A3 'c:\users\admin\appdata\local\microsoft\onedrive\17.3.7294.0108\onedrivesetup.exe'
  737. 17:23:03 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 9590C024AD656C18992BD2E565BC6227CE8C4C2B89D6D159274726C481CD5759 'c:\users\admin\appdata\local\microsoft\onedrive\onedrive.exe'
  738. 17:23:03 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow DC55C72D83D622653878C021DF19242FEC28AE22172BF2A904A8E68AACD5257A 'c:\users\admin\appdata\local\microsoft\onedrive\onedrivestandaloneupdater.exe'
  739. 17:23:44 CylanceSvc(68)[5] Information: [ProcessStatistics] Stats|512936|0|39|1361|77380|684760|1092356|1225280|512936|778248|527|131|0|0|432|67108|16926|90|63|240|9
  740. 17:24:44 CylanceSvc(68)[37] Information: [ProcessStatistics] Stats|509848|0|36|1241|82828|684760|1089284|1225280|509848|778248|526|129|0|0|492|70388|513|21|65|241|9
  741. 17:25:16 CylanceSvc(68)[18] Information: [Cylance.Host.MemDef.MemDef] Out of process unmap received => 5280, 140736806322176, \Device\HarddiskVolume2\Windows\System32\ntdll.dll, 0, 0, 0
  742. 17:25:16 CylanceSvc(68)[18] Information: [Cylance.Host.MemDef.MemDef] Process Terminated: C:\WINDOWS\system32\WerFault.exe
  743. 17:25:16 CylanceSvc(68)[6] Information: [Cylance.Host.MemDef.MemDef] Out of process unmap received => 5760, 140736806322176, \Device\HarddiskVolume2\Windows\System32\ntdll.dll, 0, 0, 0
  744. 17:25:16 CylanceSvc(68)[6] Information: [Cylance.Host.MemDef.MemDef] Process Terminated: C:\WINDOWS\system32\WerFault.exe
  745. 17:25:19 CylanceSvc(68)[37] Information: [Cylance.Host.MemDef.MemDef] GetExploitsProcessInfoList - returning 4 processed violations
  746. 17:25:19 CylanceSvc(68)[37] Information: [Cylance.Host.MemDef.MemDef] GetScriptsProcessInfoList - returning 0 processed scripts
  747. 17:25:44 CylanceSvc(68)[35] Information: [ProcessStatistics] Stats|508244|0|35|1226|87100|684760|1088260|1225280|508244|778248|519|127|0|0|552|73188|11375|26|69|242|9
  748. 17:26:44 CylanceSvc(68)[5] Information: [ProcessStatistics] Stats|508244|0|35|1306|88020|684760|1088260|1225280|508244|778248|518|127|0|0|612|74148|379|6|71|243|9
  749. 17:27:44 CylanceSvc(68)[25] Information: [ProcessStatistics] Stats|508268|0|35|1189|89240|684760|1088260|1225280|508268|778248|518|127|0|0|672|75112|380|6|73|243|9
  750. 17:28:44 CylanceSvc(68)[25] Information: [ProcessStatistics] Stats|509372|0|36|1329|90316|684760|1089284|1225280|509372|778248|520|128|0|0|732|75940|957|6|75|244|9
  751. 17:29:44 CylanceSvc(68)[5] Information: [ProcessStatistics] Stats|507308|0|34|1196|91044|684760|1087236|1225280|507308|778248|519|127|0|0|792|76644|772|5|76|244|9
  752. 17:30:26 CylanceSvc(68)[54] Information: [Cylance.Host.Agent.Updater.UpdateManager] RunCheckForUpdates: runCheckNow: True, justRan: False, onDemand: True, updateContinue: False
  753. 17:30:27 CyUpdate(5496)[1] Information: Logging Started: Tuesday, February 27, 2018 5:30:27 PM (Tue, 27 Feb 2018 23:30:27 GMT) Machine Name: AEP-S23-V100 FQDN: AEP-S23-V100 Product Version: 2.0.1450.8
  754. 17:30:27 CyUpdate(5496)[1] Information: Log level set to 'Information'
  755. 17:30:27 CyUpdate(5496)[1] Information: CyUpdate starting, PID = 5496...
  756. 17:30:27 CyUpdate(5496)[1] Information: Last updater runtime:'0001/01/01 00:00:00' - can run after:'0001/01/01 01:22:00'
  757. 17:30:27 CyUpdate(5496)[1] Information: CyUpdate starting, PID = 5496...
  758. 17:30:27 CyUpdate(5496)[1] Information: Current Cylance Protect: Pre1280 = False, PreOptics = True
  759. 17:30:27 CyUpdate(5496)[1] Information: Updater 2.0.1450.8. Checking for updates to the updater mechanism
  760. 17:30:28 CyUpdate(5496)[1] Information: Endpoint URL: 'https://update.cylance.com/updates'
  761. 17:30:28 CyUpdate(5496)[1] Information: GetFiles Request = '{"TenantId":"XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXb09c","Bitness":64,"DeviceId":"XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXX9eb3","FileVersions":[{"FileName":"CommonUtils.dll","Version":"5.0.0.2598"},{"FileName":"CyDevFlt64.sys","Version":"1.1.1.1"},{"FileName":"CyHelper64.dll","Version":"2.0.1450.8"},{"FileName":"CyKNPHDOJQHQZ.dll","Version":"2.0.1450.8"},{"FileName":"Cylance.Engine.Utils.dll","Version":"1.0.1.0"},{"FileName":"Cylance.Host.Analysis.dll","Version":"2.0.1450.8"},{"FileName":"Cylance.Host.CCUI.Interfaces.dll","Version":"2.0.1450.8"},{"FileName":"Cylance.Host.CommandControlUI.dll","Version":"2.0.1450.8"},{"FileName":"Cylance.Host.Controller.dll","Version":"2.0.1450.8"},{"FileName":"Cylance.Host.CylanceOptics.dll","Version":"2.0.1450.8"},{"FileName":"Cylance.Host.CylanceVenue.dll","Version":"2.0.1450.8"},{"FileName":"Cylance.Host.CylanceVenueModule.dll","Version":"2.0.1450.8"},{"FileName":"Cylance.Host.InfinityModel.dll","Version":"2.0.1450.628"},{"FileName":"Cylance.Host.InfinityModelOLE.dll","Version":"2.0.1450.628"},{"FileName":"Cylance.Host.InfinityModelPDF.dll","Version":"2.0.1450.628"},{"FileName":"Cylance.Host.MemDefPS_GAC.dll","Version":"2.0.1450.8"},{"FileName":"Cylance.Host.SystemInformation.dll","Version":"2.0.1450.8"},{"FileName":"Cylance.Host.Updater.dll","Version":"2.0.1450.8"},{"FileName":"Cylance.Host.Versions.dll","Version":"2.0.1450.8"},{"FileName":"Cylance.Host.WindowsEventLogWriter.dll","Version":"2.0.1450.8"},{"FileName":"Cylance.Host.WMIProvider_GAC.dll","Version":"2.0.1450.8"},{"FileName":"Cylance.Interfaces.dll","Version":"2.0.1450.8"},{"FileName":"Cylance.UpdateMgr.Interfaces.dll","Version":"2.0.1450.8"},{"FileName":"CylanceSvc64.exe","Version":"2.0.1450.8"},{"FileName":"CylanceUI.exe","Version":"2.0.1450.8"},{"FileName":"CyMemDef.dll","Version":"2.0.1450.8"},{"FileName":"CyMemDef64.dll","Version":"2.0.1450.8"},{"FileName":"CyMemDefPS.dll","Version":"2.0.1450.8"},{"FileName":"CyMemDefPS64.dll","Version":"2.0.1450.8"},{"FileName":"CyNTFMIHYBLXA.dll","Version":"2.0.1450.8"},{"FileName":"CyProtect.exe","Version":"2.0.1450.8"},{"FileName":"CyProtectDrv64.sys","Version":"2.0.1450.2"},{"FileName":"CyUpdate.exe","Version":"2.0.1450.8"},{"FileName":"InfinityDotNet.dll","Version":"1.1.1.0"},{"FileName":"ISampleScoring.dll","Version":"1.2.8.1"},{"FileName":"LocalePkg.exe","Version":"2.0.1450.8"},{"FileName":"Newtonsoft.Json.dll","Version":"6.0.2.16931"},{"FileName":"SampleScoring2OLE.dll","Version":"1.2.7.2009"},{"FileName":"SampleScoring2PDF.dll","Version":"1.2.7.2007"},{"FileName":"SampleScoring2PE.dll","Version":"4.3.3.0"},{"FileName":"SharedDefinitions.dll","Version":"5.0.3.2704"}]}'
  762. 17:30:28 CyUpdate(5496)[1] Information: GetFiles Response = '[]'
  763. 17:30:28 CyUpdate(5496)[1] Information: No items were retrieved from the update site.
  764. 17:30:28 CyUpdate(5496)[1] Information: No updates found.
  765. 17:30:28 CyUpdate(5496)[1] Information: Update says it's done, checking for more products.
  766. 17:30:28 CyUpdate(5496)[1] Information: Next url is: 'v1/updates/protect', and our current url is: ''
  767. 17:30:28 CyUpdate(5496)[1] Information: More products so scheduling update again.
  768. 17:30:31 CyUpdate(5496)[1] Information: Exiting CyUpdate.
  769. 17:30:36 CyUpdate(5496)[1] Information: CyUpdate exit, PID = 5496
  770. 17:30:36 CyUpdate(5496)[1] Information: CyUpdate releasing mutex handle.
  771. 17:30:44 CylanceSvc(68)[5] Information: [ProcessStatistics] Stats|509872|0|36|1427|95092|684760|1090540|1225280|509872|778248|522|128|0|0|852|78972|9966|38|78|245|9
  772. 17:31:26 CylanceSvc(68)[5] Information: [Cylance.Host.Agent.Updater.UpdateManager] RunCheckForUpdates: runCheckNow: True, justRan: True, onDemand: False, updateContinue: True
  773. 17:31:44 CylanceSvc(68)[25] Information: [ProcessStatistics] Stats|508940|0|35|1264|96196|684760|1088748|1225280|508940|778248|524|128|0|0|912|79932|870|7|80|245|9
  774. 17:32:44 CylanceSvc(68)[5] Information: [ProcessStatistics] Stats|509964|0|36|1218|98336|684760|1089740|1225280|509964|778248|525|128|0|0|972|81372|900|12|82|246|9
  775. 17:33:44 CylanceSvc(68)[5] Information: [ProcessStatistics] Stats|506876|0|33|1319|99148|684760|1086668|1225280|506876|778248|523|127|0|0|1032|82104|504|5|84|247|9
  776. 17:34:44 CylanceSvc(68)[5] Information: [ProcessStatistics] Stats|505868|0|32|1451|99960|684760|1085644|1225280|505868|778248|524|127|0|0|1092|83204|620|6|86|247|9
  777. 17:35:44 CylanceSvc(68)[37] Information: [ProcessStatistics] Stats|508984|0|35|1303|103008|684760|1089740|1225280|508984|778248|521|128|0|0|1152|84440|549|14|88|248|9
  778. 17:36:34 CylanceUI(1672)[1] Information: Logging Started: Tuesday, February 27, 2018 5:36:34 PM (Tue, 27 Feb 2018 23:36:34 GMT) Machine Name: AEP-S23-V100 FQDN: AEP-S23-V100 Product Version: 2.0.1450.8
  779. 17:36:34 CylanceUI(1672)[1] Information: Log level set to 'Information'
  780. 17:36:34 CylanceUI(1672)[1] Information: Initializing...
  781. 17:36:41 CylanceSvc(68)[20] Information: [Cylance.Host.Agent.Updater.UpdateManager] RunCheckForUpdates: runCheckNow: True, justRan: False, onDemand: True, updateContinue: False
  782. 17:36:41 CyUpdate(3900)[1] Information: Logging Started: Tuesday, February 27, 2018 5:36:41 PM (Tue, 27 Feb 2018 23:36:41 GMT) Machine Name: AEP-S23-V100 FQDN: AEP-S23-V100 Product Version: 2.0.1450.8
  783. 17:36:41 CyUpdate(3900)[1] Information: Log level set to 'Information'
  784. 17:36:41 CyUpdate(3900)[1] Information: CyUpdate starting, PID = 3900...
  785. 17:36:41 CyUpdate(3900)[1] Information: Last updater runtime:'0001/01/01 00:00:00' - can run after:'0001/01/01 01:15:00'
  786. 17:36:41 CyUpdate(3900)[1] Information: CyUpdate starting, PID = 3900...
  787. 17:36:41 CyUpdate(3900)[1] Information: Current Cylance Protect: Pre1280 = False, PreOptics = True
  788. 17:36:41 CyUpdate(3900)[1] Information: Updater 2.0.1450.8. Checking for updates to the updater mechanism
  789. 17:36:42 CyUpdate(3900)[1] Information: Endpoint URL: 'https://update.cylance.com/updates'
  790. 17:36:42 CyUpdate(3900)[1] Information: GetFiles Request = '{"TenantId":"XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXb09c","Bitness":64,"DeviceId":"XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXX9eb3","FileVersions":[{"FileName":"CommonUtils.dll","Version":"5.0.0.2598"},{"FileName":"CyDevFlt64.sys","Version":"1.1.1.1"},{"FileName":"CyHelper64.dll","Version":"2.0.1450.8"},{"FileName":"CyKNPHDOJQHQZ.dll","Version":"2.0.1450.8"},{"FileName":"Cylance.Engine.Utils.dll","Version":"1.0.1.0"},{"FileName":"Cylance.Host.Analysis.dll","Version":"2.0.1450.8"},{"FileName":"Cylance.Host.CCUI.Interfaces.dll","Version":"2.0.1450.8"},{"FileName":"Cylance.Host.CommandControlUI.dll","Version":"2.0.1450.8"},{"FileName":"Cylance.Host.Controller.dll","Version":"2.0.1450.8"},{"FileName":"Cylance.Host.CylanceOptics.dll","Version":"2.0.1450.8"},{"FileName":"Cylance.Host.CylanceVenue.dll","Version":"2.0.1450.8"},{"FileName":"Cylance.Host.CylanceVenueModule.dll","Version":"2.0.1450.8"},{"FileName":"Cylance.Host.InfinityModel.dll","Version":"2.0.1450.628"},{"FileName":"Cylance.Host.InfinityModelOLE.dll","Version":"2.0.1450.628"},{"FileName":"Cylance.Host.InfinityModelPDF.dll","Version":"2.0.1450.628"},{"FileName":"Cylance.Host.MemDefPS_GAC.dll","Version":"2.0.1450.8"},{"FileName":"Cylance.Host.SystemInformation.dll","Version":"2.0.1450.8"},{"FileName":"Cylance.Host.Updater.dll","Version":"2.0.1450.8"},{"FileName":"Cylance.Host.Versions.dll","Version":"2.0.1450.8"},{"FileName":"Cylance.Host.WindowsEventLogWriter.dll","Version":"2.0.1450.8"},{"FileName":"Cylance.Host.WMIProvider_GAC.dll","Version":"2.0.1450.8"},{"FileName":"Cylance.Interfaces.dll","Version":"2.0.1450.8"},{"FileName":"Cylance.UpdateMgr.Interfaces.dll","Version":"2.0.1450.8"},{"FileName":"CylanceSvc64.exe","Version":"2.0.1450.8"},{"FileName":"CylanceUI.exe","Version":"2.0.1450.8"},{"FileName":"CyMemDef.dll","Version":"2.0.1450.8"},{"FileName":"CyMemDef64.dll","Version":"2.0.1450.8"},{"FileName":"CyMemDefPS.dll","Version":"2.0.1450.8"},{"FileName":"CyMemDefPS64.dll","Version":"2.0.1450.8"},{"FileName":"CyNTFMIHYBLXA.dll","Version":"2.0.1450.8"},{"FileName":"CyProtect.exe","Version":"2.0.1450.8"},{"FileName":"CyProtectDrv64.sys","Version":"2.0.1450.2"},{"FileName":"CyUpdate.exe","Version":"2.0.1450.8"},{"FileName":"InfinityDotNet.dll","Version":"1.1.1.0"},{"FileName":"ISampleScoring.dll","Version":"1.2.8.1"},{"FileName":"LocalePkg.exe","Version":"2.0.1450.8"},{"FileName":"Newtonsoft.Json.dll","Version":"6.0.2.16931"},{"FileName":"SampleScoring2OLE.dll","Version":"1.2.7.2009"},{"FileName":"SampleScoring2PDF.dll","Version":"1.2.7.2007"},{"FileName":"SampleScoring2PE.dll","Version":"4.3.3.0"},{"FileName":"SharedDefinitions.dll","Version":"5.0.3.2704"}]}'
  791. 17:36:42 CyUpdate(3900)[1] Information: GetFiles Response = '[]'
  792. 17:36:42 CyUpdate(3900)[1] Information: No items were retrieved from the update site.
  793. 17:36:42 CyUpdate(3900)[1] Information: No updates found.
  794. 17:36:42 CyUpdate(3900)[1] Information: Update says it's done, checking for more products.
  795. 17:36:42 CyUpdate(3900)[1] Information: Next url is: 'v1/updates/protect', and our current url is: ''
  796. 17:36:42 CyUpdate(3900)[1] Information: More products so scheduling update again.
  797. 17:36:44 CylanceSvc(68)[58] Information: [ProcessStatistics] Stats|469616|0|39|1411|104676|684760|1093836|1225280|469616|778248|525|128|0|0|1212|86012|15720|27|91|249|9
  798. 17:36:45 CyUpdate(3900)[1] Information: Exiting CyUpdate.
  799. 17:36:50 CyUpdate(3900)[1] Information: CyUpdate exit, PID = 3900
  800. 17:36:50 CyUpdate(3900)[1] Information: CyUpdate releasing mutex handle.
  801. 17:37:41 CylanceSvc(68)[40] Information: [Cylance.Host.Agent.Updater.UpdateManager] RunCheckForUpdates: runCheckNow: True, justRan: True, onDemand: False, updateContinue: True
  802. 17:37:44 CylanceSvc(68)[15] Information: [ProcessStatistics] Stats|467596|0|36|1297|106132|684760|1090764|1225280|467596|778248|529|128|0|0|1272|87452|1056|9|93|249|9
  803. 17:38:44 CylanceSvc(68)[26] Information: [ProcessStatistics] Stats|465532|0|34|1406|106972|684760|1088716|1225280|465532|778248|529|127|0|0|1332|88292|502|6|95|250|9
  804. 17:39:44 CylanceSvc(68)[5] Information: [ProcessStatistics] Stats|462440|0|31|1500|107788|684760|1085644|1225280|462440|778248|529|127|0|0|1392|89108|498|5|97|251|9
  805. 17:40:44 CylanceSvc(68)[26] Information: [ProcessStatistics] Stats|462436|0|31|1371|108680|684760|1085644|1225280|462436|778248|529|127|0|0|1452|89976|417|5|99|251|9
  806. 17:41:44 CylanceSvc(68)[40] Information: [ProcessStatistics] Stats|465644|0|34|1500|109652|684760|1088716|1225280|465644|778248|522|127|0|0|1512|90972|893|6|100|252|9
  807. 17:42:44 CylanceSvc(68)[5] Information: [ProcessStatistics] Stats|462552|0|31|1330|110496|684760|1085644|1225280|462552|778248|522|127|0|0|1572|91768|498|5|102|252|9
  808. 17:43:44 CylanceSvc(68)[5] Information: [ProcessStatistics] Stats|462552|0|31|1413|111360|684760|1085644|1225280|462552|778248|522|127|0|0|1632|92624|378|5|104|253|9
  809. 17:44:44 CylanceSvc(68)[26] Information: [ProcessStatistics] Stats|462556|0|31|1484|112176|684760|1085644|1225280|462556|778248|521|127|0|0|1692|93400|339|5|106|253|9
  810. 17:45:44 CylanceSvc(68)[5] Information: [ProcessStatistics] Stats|462552|0|31|1338|112920|684760|1085644|1225280|462552|778248|520|127|0|0|1752|93900|378|4|108|254|9
  811. 17:45:57 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 3E9FDB72C6867646C634CF61DC11A42C776A643497474DD46FF5A478B66B20FE 'c:\windows\temp\sdiag_9631f752-137f-48ca-bc70-ad1dd9e2e43e\diagpackage.dll'
  812. 17:46:05 CylanceSvc(68)[58] Information: [Cylance.Host.KernelDriver.Driver] Driver: UNKNOWN_FILE '', local: 'C:\Windows\assembly\NativeImages_v4.0.30319_32\Microsoft.B3325a29b#\9e6f1308b1bf239e934555444c1b8e0c\Microsoft.Build.Framework.ni.dll', procId: 3084, hash: 'D74F5F60636005E1FE43808D2915ED9CA804CA0FABE3A9ABE6699C7B5B3DAD43'
  813. 17:46:05 CylanceSvc(68)[58] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow D74F5F60636005E1FE43808D2915ED9CA804CA0FABE3A9ABE6699C7B5B3DAD43 'C:\Windows\assembly\NativeImages_v4.0.30319_32\Microsoft.B3325a29b#\9e6f1308b1bf239e934555444c1b8e0c\Microsoft.Build.Framework.ni.dll'
  814. 17:46:05 CylanceSvc(68)[58] Information: [Cylance.Host.ProcessMonitor.ProcessMonitor] OnUnknownFile(1) SendBlockResponse: Allow 'C:\Windows\assembly\NativeImages_v4.0.30319_32\Microsoft.B3325a29b#\9e6f1308b1bf239e934555444c1b8e0c\Microsoft.Build.Framework.ni.dll'-D74F5F60636005E1FE43808D2915ED9CA804CA0FABE3A9ABE6699C7B5B3DAD43
  815. 17:46:05 CylanceSvc(68)[58] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow D74F5F60636005E1FE43808D2915ED9CA804CA0FABE3A9ABE6699C7B5B3DAD43 'C:\Windows\assembly\NativeImages_v4.0.30319_32\Microsoft.B3325a29b#\9e6f1308b1bf239e934555444c1b8e0c\Microsoft.Build.Framework.ni.dll'
  816. 17:46:05 CylanceSvc(68)[58] Information: [Cylance.Host.Analyzer.Analyzer] AnalyzeFile remove from list: 'C:\Windows\assembly\NativeImages_v4.0.30319_32\Microsoft.B3325a29b#\9e6f1308b1bf239e934555444c1b8e0c\Microsoft.Build.Framework.ni.dll'-D74F5F60636005E1FE43808D2915ED9CA804CA0FABE3A9ABE6699C7B5B3DAD43 FileInvalid=False detector='execution_control' score=1000 prev_dectector='unknown' prev_score=0
  817. 17:46:10 CylanceSvc(68)[16] Information: [Cylance.Host.Analyzer.FileProcessor] Set item to 'invalid' - GetFileStatus(0) 'c:\windows\temp\sdiag_9631f752-137f-48ca-bc70-ad1dd9e2e43e\en-us\diagpackage.dll.mui'-06156E74F9B4085C3B62841C8D55330CF485E991D595C225EBCD9819D8CEEFAD file does not exist and is not quarantined
  818. 17:46:13 CylanceSvc(68)[58] Information: [Cylance.Host.KernelDriver.Driver] Driver: UNKNOWN_FILE '', local: 'C:\Windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Build\d5398d93a9bd4763b092da9c25e49fdd\Microsoft.Build.ni.dll', procId: 5364, hash: '2AF9AA7A568237B27392952FDD35C3AA8CE12695D5EF8691E9F56986119B0E26'
  819. 17:46:13 CylanceSvc(68)[58] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 2AF9AA7A568237B27392952FDD35C3AA8CE12695D5EF8691E9F56986119B0E26 'C:\Windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Build\d5398d93a9bd4763b092da9c25e49fdd\Microsoft.Build.ni.dll'
  820. 17:46:13 CylanceSvc(68)[58] Information: [Cylance.Host.ProcessMonitor.ProcessMonitor] OnUnknownFile(1) SendBlockResponse: Allow 'C:\Windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Build\d5398d93a9bd4763b092da9c25e49fdd\Microsoft.Build.ni.dll'-2AF9AA7A568237B27392952FDD35C3AA8CE12695D5EF8691E9F56986119B0E26
  821. 17:46:13 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 37072945E08E12907182B750C07DAAB1BAB41542352679D8A980FBC143635C6D 'c:\users\admin\appdata\local\temp\fe54b690-6da0-4c09-b78a-0266332cafbd\appxprovider.dll'
  822. 17:46:13 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow FE9B7F458561A6ABC82791D49BFD07C5355587171C32792A6A52A9383F920C2B 'c:\users\admin\appdata\local\temp\fe54b690-6da0-4c09-b78a-0266332cafbd\assocprovider.dll'
  823. 17:46:13 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow A9D1E6AC8007F265B9E2E3CBBB810DB7D553A7CDEBDBBAB42F9B040813E7B62E 'c:\users\admin\appdata\local\temp\fe54b690-6da0-4c09-b78a-0266332cafbd\cbsprovider.dll'
  824. 17:46:13 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 2B93095E9D6875916A36178D0E9B37DCB6E518CB6F1A04CFCFF199B2645AB4AF 'c:\users\admin\appdata\local\temp\fe54b690-6da0-4c09-b78a-0266332cafbd\compatprovider.dll'
  825. 17:46:13 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 432EB67107210A7C62D41C3E6688EAE65D80DEF6D0DC830DBAFC8044E2F16291 'c:\users\admin\appdata\local\temp\fe54b690-6da0-4c09-b78a-0266332cafbd\dismcore.dll'
  826. 17:46:13 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 64D820D579E20608823C866C6AD7F289DA05FE3D5F532F624AF0B5FDBA2BB0A9 'c:\users\admin\appdata\local\temp\fe54b690-6da0-4c09-b78a-0266332cafbd\dismcoreps.dll'
  827. 17:46:13 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow D8C41210EC8CDEC379E66D28DDCA2F5AB07041B1132F83DC5C763EAE116E995F 'c:\users\admin\appdata\local\temp\fe54b690-6da0-4c09-b78a-0266332cafbd\dismhost.exe'
  828. 17:46:13 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 5FD4F4B5F40DDC63D5D0B60BA9067837DAA712870E57D9D57033FD9282A99C4F 'c:\users\admin\appdata\local\temp\fe54b690-6da0-4c09-b78a-0266332cafbd\dismprov.dll'
  829. 17:46:13 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 178F8047E8AF9B75BD88732C33EA354934E8A243CD15E6CE153F11F6E70D53CC 'c:\users\admin\appdata\local\temp\fe54b690-6da0-4c09-b78a-0266332cafbd\dmiprovider.dll'
  830. 17:46:13 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 107B10A8C1426F1C0D703F06832D740A4CFDCAA596FA0EA147A32A736A7A2A4D 'c:\users\admin\appdata\local\temp\fe54b690-6da0-4c09-b78a-0266332cafbd\en-us\appxprovider.dll.mui'
  831. 17:46:13 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 22DC7317108A528BA92C853330598F628B93FFF27CAC34C2F501B806A75261D9 'c:\users\admin\appdata\local\temp\fe54b690-6da0-4c09-b78a-0266332cafbd\en-us\assocprovider.dll.mui'
  832. 17:46:13 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow ABD3824664D1336EE849D89BA178606CC1B1E23E173752D8093F34A5580FA8F4 'c:\users\admin\appdata\local\temp\fe54b690-6da0-4c09-b78a-0266332cafbd\en-us\cbsprovider.dll.mui'
  833. 17:46:13 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow A74D765B796638A921C4810D1712A08F7A37C9BA9E91F4DFDCB9727611C3D18D 'c:\users\admin\appdata\local\temp\fe54b690-6da0-4c09-b78a-0266332cafbd\en-us\compatprovider.dll.mui'
  834. 17:46:13 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 9BDA61D23DC50F9AFA82DA94B06B7B9C8229D5ED666D2F5270DAE13100815C27 'c:\users\admin\appdata\local\temp\fe54b690-6da0-4c09-b78a-0266332cafbd\en-us\dismcore.dll.mui'
  835. 17:46:13 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow B972A0B2C4682E9074441B481BD886DE19B8DB3DBA401B88E980B154C14D5A7E 'c:\users\admin\appdata\local\temp\fe54b690-6da0-4c09-b78a-0266332cafbd\en-us\dismprov.dll.mui'
  836. 17:46:13 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 52B06DFD85FB5AB1DCE2BE665CA144B1AE6658F518D1623D9B44C347C482B064 'c:\users\admin\appdata\local\temp\fe54b690-6da0-4c09-b78a-0266332cafbd\en-us\dmiprovider.dll.mui'
  837. 17:46:13 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow C210389DBB9B7B4A802E4B0C3C708B6F55B086564A01E19CFB183B6AF916C30A 'c:\users\admin\appdata\local\temp\fe54b690-6da0-4c09-b78a-0266332cafbd\en-us\ffuprovider.dll.mui'
  838. 17:46:13 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 8B4CE62F4E4294E701193C7AE393EB5EB29AA45932D376CB1A03728A140096AE 'c:\users\admin\appdata\local\temp\fe54b690-6da0-4c09-b78a-0266332cafbd\en-us\folderprovider.dll.mui'
  839. 17:46:13 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 476F6CDF1014A24A14B1572801E89A796354AB0ED9B8E4FB38740BE007F9015D 'c:\users\admin\appdata\local\temp\fe54b690-6da0-4c09-b78a-0266332cafbd\en-us\genericprovider.dll.mui'
  840. 17:46:13 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow DCE9AD3B79F91BEBEDDFCD9E03F1557CB7C6114AC906081E9E046F807093CDF1 'c:\users\admin\appdata\local\temp\fe54b690-6da0-4c09-b78a-0266332cafbd\en-us\ibsprovider.dll.mui'
  841. 17:46:13 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow F41738FEF7140176447ECF371B1117A485E48BA6F3E9AFAA8C4F883ABFAE62DA 'c:\users\admin\appdata\local\temp\fe54b690-6da0-4c09-b78a-0266332cafbd\en-us\imagingprovider.dll.mui'
  842. 17:46:13 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 17CB486CADB679C75A27BA6C76E2FE714F4B8DA845E6F795759517D6734F0BC9 'c:\users\admin\appdata\local\temp\fe54b690-6da0-4c09-b78a-0266332cafbd\en-us\intlprovider.dll.mui'
  843. 17:46:13 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow DAFFE67521F9B4657FBFEF9585234CB39293F9B866C0D97D66F675037515BB51 'c:\users\admin\appdata\local\temp\fe54b690-6da0-4c09-b78a-0266332cafbd\en-us\logprovider.dll.mui'
  844. 17:46:13 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow C2CE66F2F218890AA76F8BAB68B4C0FDCED0688E694F912F3A5BFABFA6CDB5E7 'c:\users\admin\appdata\local\temp\fe54b690-6da0-4c09-b78a-0266332cafbd\en-us\msiprovider.dll.mui'
  845. 17:46:13 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow D5DBC0A52B598800EE14569859383525950B865F4816E47E2E73F79AA1C32A09 'c:\users\admin\appdata\local\temp\fe54b690-6da0-4c09-b78a-0266332cafbd\en-us\offlinesetupprovider.dll.mui'
  846. 17:46:13 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 54E985CFF256CEBE82E9EF3E814A5FDA9FF730BCB50265E9BA78DE65A4DE3F42 'c:\users\admin\appdata\local\temp\fe54b690-6da0-4c09-b78a-0266332cafbd\en-us\osprovider.dll.mui'
  847. 17:46:13 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow C8579EC95A51EB663FFC6145F0998C2F1930A6B8146C84C0A9094BCA4E5195A7 'c:\users\admin\appdata\local\temp\fe54b690-6da0-4c09-b78a-0266332cafbd\en-us\provprovider.dll.mui'
  848. 17:46:13 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 016C6071B04E6D7E12AD9B8A85C002320331E01ED62922C573A1AC43BA0DD919 'c:\users\admin\appdata\local\temp\fe54b690-6da0-4c09-b78a-0266332cafbd\en-us\smiprovider.dll.mui'
  849. 17:46:13 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow CDCDD5CC1851B20361D79588AF42B3E656DF656E4082EFD287302A15A6890099 'c:\users\admin\appdata\local\temp\fe54b690-6da0-4c09-b78a-0266332cafbd\en-us\transmogprovider.dll.mui'
  850. 17:46:13 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 2D2D82EE842CD346B58DCAFAE6FEC46D491E0D15CFBE0D8964A4AB7F18C5AAB9 'c:\users\admin\appdata\local\temp\fe54b690-6da0-4c09-b78a-0266332cafbd\en-us\unattendprovider.dll.mui'
  851. 17:46:13 CylanceSvc(68)[58] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 2AF9AA7A568237B27392952FDD35C3AA8CE12695D5EF8691E9F56986119B0E26 'C:\Windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Build\d5398d93a9bd4763b092da9c25e49fdd\Microsoft.Build.ni.dll'
  852. 17:46:13 CylanceSvc(68)[58] Information: [Cylance.Host.Analyzer.Analyzer] AnalyzeFile remove from list: 'C:\Windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Build\d5398d93a9bd4763b092da9c25e49fdd\Microsoft.Build.ni.dll'-2AF9AA7A568237B27392952FDD35C3AA8CE12695D5EF8691E9F56986119B0E26 FileInvalid=False detector='execution_control' score=1000 prev_dectector='unknown' prev_score=0
  853. 17:46:15 CylanceSvc(68)[58] Information: [Cylance.Host.KernelDriver.Driver] Driver: UNKNOWN_FILE '', local: 'C:\Windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Ifcaec084#\3d10d161efe7630d41e33e255c4db7e0\Microsoft.Internal.Tasks.Dataflow.ni.dll', procId: 244, hash: 'B7DD596358C63D0A1D0AC924B74D387E2A49230E3AE8F5EFFB6C20FCFF068FDD'
  854. 17:46:15 CylanceSvc(68)[58] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow B7DD596358C63D0A1D0AC924B74D387E2A49230E3AE8F5EFFB6C20FCFF068FDD 'C:\Windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Ifcaec084#\3d10d161efe7630d41e33e255c4db7e0\Microsoft.Internal.Tasks.Dataflow.ni.dll'
  855. 17:46:15 CylanceSvc(68)[58] Information: [Cylance.Host.ProcessMonitor.ProcessMonitor] OnUnknownFile(1) SendBlockResponse: Allow 'C:\Windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Ifcaec084#\3d10d161efe7630d41e33e255c4db7e0\Microsoft.Internal.Tasks.Dataflow.ni.dll'-B7DD596358C63D0A1D0AC924B74D387E2A49230E3AE8F5EFFB6C20FCFF068FDD
  856. 17:46:15 CylanceSvc(68)[58] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow B7DD596358C63D0A1D0AC924B74D387E2A49230E3AE8F5EFFB6C20FCFF068FDD 'C:\Windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Ifcaec084#\3d10d161efe7630d41e33e255c4db7e0\Microsoft.Internal.Tasks.Dataflow.ni.dll'
  857. 17:46:15 CylanceSvc(68)[58] Information: [Cylance.Host.Analyzer.Analyzer] AnalyzeFile remove from list: 'C:\Windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Ifcaec084#\3d10d161efe7630d41e33e255c4db7e0\Microsoft.Internal.Tasks.Dataflow.ni.dll'-B7DD596358C63D0A1D0AC924B74D387E2A49230E3AE8F5EFFB6C20FCFF068FDD FileInvalid=False detector='execution_control' score=1000 prev_dectector='unknown' prev_score=0
  858. 17:46:20 CylanceSvc(68)[58] Information: [Cylance.Host.KernelDriver.Driver] Driver: UNKNOWN_FILE '', local: 'C:\Windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Baa2ca56b#\25d1a58ad398684c5b9f8590d778c729\Microsoft.Build.Tasks.v4.0.ni.dll', procId: 376, hash: '2D4541502952904E9FC303B05C27B8A3F7394D007A7A7BBDC8A8A0F736938098'
  859. 17:46:20 CylanceSvc(68)[58] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 2D4541502952904E9FC303B05C27B8A3F7394D007A7A7BBDC8A8A0F736938098 'C:\Windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Baa2ca56b#\25d1a58ad398684c5b9f8590d778c729\Microsoft.Build.Tasks.v4.0.ni.dll'
  860. 17:46:20 CylanceSvc(68)[58] Information: [Cylance.Host.ProcessMonitor.ProcessMonitor] OnUnknownFile(1) SendBlockResponse: Allow 'C:\Windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Baa2ca56b#\25d1a58ad398684c5b9f8590d778c729\Microsoft.Build.Tasks.v4.0.ni.dll'-2D4541502952904E9FC303B05C27B8A3F7394D007A7A7BBDC8A8A0F736938098
  861. 17:46:20 CylanceSvc(68)[58] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 2D4541502952904E9FC303B05C27B8A3F7394D007A7A7BBDC8A8A0F736938098 'C:\Windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Baa2ca56b#\25d1a58ad398684c5b9f8590d778c729\Microsoft.Build.Tasks.v4.0.ni.dll'
  862. 17:46:20 CylanceSvc(68)[58] Information: [Cylance.Host.Analyzer.Analyzer] AnalyzeFile remove from list: 'C:\Windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Baa2ca56b#\25d1a58ad398684c5b9f8590d778c729\Microsoft.Build.Tasks.v4.0.ni.dll'-2D4541502952904E9FC303B05C27B8A3F7394D007A7A7BBDC8A8A0F736938098 FileInvalid=False detector='execution_control' score=1000 prev_dectector='unknown' prev_score=0
  863. 17:46:22 CylanceSvc(68)[45] Information: [Cylance.Host.KernelDriver.Driver] Driver: UNKNOWN_FILE '', local: 'C:\Windows\assembly\NativeImages_v4.0.30319_32\Microsoft.B83e9cb53#\7be06d731b2d2790905814ab3a2dd6c9\Microsoft.Build.Utilities.v4.0.ni.dll', procId: 3404, hash: '036BF958E5C4FF617F92689CED956E56B101F8A6859CF0468AD12013ADDF7DB0'
  864. 17:46:22 CylanceSvc(68)[45] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 036BF958E5C4FF617F92689CED956E56B101F8A6859CF0468AD12013ADDF7DB0 'C:\Windows\assembly\NativeImages_v4.0.30319_32\Microsoft.B83e9cb53#\7be06d731b2d2790905814ab3a2dd6c9\Microsoft.Build.Utilities.v4.0.ni.dll'
  865. 17:46:22 CylanceSvc(68)[45] Information: [Cylance.Host.ProcessMonitor.ProcessMonitor] OnUnknownFile(1) SendBlockResponse: Allow 'C:\Windows\assembly\NativeImages_v4.0.30319_32\Microsoft.B83e9cb53#\7be06d731b2d2790905814ab3a2dd6c9\Microsoft.Build.Utilities.v4.0.ni.dll'-036BF958E5C4FF617F92689CED956E56B101F8A6859CF0468AD12013ADDF7DB0
  866. 17:46:22 CylanceSvc(68)[45] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 036BF958E5C4FF617F92689CED956E56B101F8A6859CF0468AD12013ADDF7DB0 'C:\Windows\assembly\NativeImages_v4.0.30319_32\Microsoft.B83e9cb53#\7be06d731b2d2790905814ab3a2dd6c9\Microsoft.Build.Utilities.v4.0.ni.dll'
  867. 17:46:22 CylanceSvc(68)[45] Information: [Cylance.Host.Analyzer.Analyzer] AnalyzeFile remove from list: 'C:\Windows\assembly\NativeImages_v4.0.30319_32\Microsoft.B83e9cb53#\7be06d731b2d2790905814ab3a2dd6c9\Microsoft.Build.Utilities.v4.0.ni.dll'-036BF958E5C4FF617F92689CED956E56B101F8A6859CF0468AD12013ADDF7DB0 FileInvalid=False detector='execution_control' score=1000 prev_dectector='unknown' prev_score=0
  868. 17:46:25 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 06C3B71D251A8DD47D02EDBFBE84E0B6B1D67956DE4D3996031434CBAD728929 'c:\users\admin\appdata\local\temp\fe54b690-6da0-4c09-b78a-0266332cafbd\en-us\vhdprovider.dll.mui'
  869. 17:46:25 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 33C06CC037DF1EBB72A15BCC2E09BC89DFEF7DD94441C650FD3D0C833122002A 'c:\users\admin\appdata\local\temp\fe54b690-6da0-4c09-b78a-0266332cafbd\en-us\wimprovider.dll.mui'
  870. 17:46:25 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow B187310E4FAB2515AB130C6356C9638C98113340CB4DA92D1C87655FC2644A48 'c:\users\admin\appdata\local\temp\fe54b690-6da0-4c09-b78a-0266332cafbd\ffuprovider.dll'
  871. 17:46:25 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 20366F428FE081B2AF533C8ED26F83E7869C0D39BC8E6A7DD4601AA3E79844D2 'c:\users\admin\appdata\local\temp\fe54b690-6da0-4c09-b78a-0266332cafbd\folderprovider.dll'
  872. 17:46:25 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 00E2D7AF9A5B8B03E5E3D4EA5F024117E114836D3F2966F85A408D493C095F1C 'c:\users\admin\appdata\local\temp\fe54b690-6da0-4c09-b78a-0266332cafbd\genericprovider.dll'
  873. 17:46:25 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 14CD352A4EE1BEB0B778B716A67C908973C071DEF71ACAFE9EB2042C7B87D120 'c:\users\admin\appdata\local\temp\fe54b690-6da0-4c09-b78a-0266332cafbd\ibsprovider.dll'
  874. 17:46:25 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow E72EA345FD37546AB97640E384386F9F9F2EACFADB004C0D276A75262C058614 'c:\users\admin\appdata\local\temp\fe54b690-6da0-4c09-b78a-0266332cafbd\imagingprovider.dll'
  875. 17:46:25 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 6D468BE24438CF2A53DDDE3D346E431493AF314957C839F3221258B78E9F1550 'c:\users\admin\appdata\local\temp\fe54b690-6da0-4c09-b78a-0266332cafbd\intlprovider.dll'
  876. 17:46:25 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 41CD3D6A94C0808DFB5DF63F5774EA7731952229141F5A30298D81E3FCC899A6 'c:\users\admin\appdata\local\temp\fe54b690-6da0-4c09-b78a-0266332cafbd\logprovider.dll'
  877. 17:46:25 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 0E51F98A064295296E5EC8B268EC9966CF8F041D1E5E7650F6949619384A279E 'c:\users\admin\appdata\local\temp\fe54b690-6da0-4c09-b78a-0266332cafbd\msiprovider.dll'
  878. 17:46:25 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 4AFBAC1B3443B68F4B1A2297C8F7D0382D4645EB2BD2194501A20BBE69721CB6 'c:\users\admin\appdata\local\temp\fe54b690-6da0-4c09-b78a-0266332cafbd\offlinesetupprovider.dll'
  879. 17:46:25 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 9C08076635442D8A7DC0FEAF22FDD812C7105671F3129CDC8AA6955D8C3F5FA1 'c:\users\admin\appdata\local\temp\fe54b690-6da0-4c09-b78a-0266332cafbd\osprovider.dll'
  880. 17:46:25 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow C66D8B54AD8C6C87E4BE294BFCA7B66F795BF7847B9D1A75DF035A97657120AE 'c:\users\admin\appdata\local\temp\fe54b690-6da0-4c09-b78a-0266332cafbd\provprovider.dll'
  881. 17:46:25 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 63774055732CE99B8CF2FEE6D96DBA347F34A9DBB682FD306AD41F88B932FF43 'c:\users\admin\appdata\local\temp\fe54b690-6da0-4c09-b78a-0266332cafbd\smiprovider.dll'
  882. 17:46:25 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 9C2B768512E5D24C85AE414DC0B4F905B65C86D96BF08DEBF9253B62E1451892 'c:\users\admin\appdata\local\temp\fe54b690-6da0-4c09-b78a-0266332cafbd\transmogprovider.dll'
  883. 17:46:25 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 327D28992BA9A37368CBD716C8F08341575393A05226B503EE1B10CF068233AE 'c:\users\admin\appdata\local\temp\fe54b690-6da0-4c09-b78a-0266332cafbd\unattendprovider.dll'
  884. 17:46:25 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 87B24EC4C550A6353B6A780D036CC63B59016BAE6E4A672AD2726E2068DF28BC 'c:\users\admin\appdata\local\temp\fe54b690-6da0-4c09-b78a-0266332cafbd\vhdprovider.dll'
  885. 17:46:25 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow CD3A6231FED3EE809BA3BA02F879EE144C1FC92A6EBA1633E1513E3CC45846EA 'c:\users\admin\appdata\local\temp\fe54b690-6da0-4c09-b78a-0266332cafbd\wimprovider.dll'
  886. 17:46:25 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow B97C475AA8241C9B674E8C51C387AFAAA7977B036D9E2F7FAFB6CACC11D985BE 'c:\users\admin\appdata\local\temp\fe54b690-6da0-4c09-b78a-0266332cafbd\api-ms-win-base-util-l1-1-0.dll'
  887. 17:46:25 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 3C6549832275052BCC2234CC4433D95407800ED65359F5147C4762EE0C71F712 'c:\users\admin\appdata\local\temp\fe54b690-6da0-4c09-b78a-0266332cafbd\api-ms-win-core-com-l1-1-0.dll'
  888. 17:46:25 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 768E17ED08111FD22BAAC8FAC00C7DD87F0E57FEFCDAC58CE04B868528B2FDFC 'c:\users\admin\appdata\local\temp\fe54b690-6da0-4c09-b78a-0266332cafbd\api-ms-win-core-comm-l1-1-0.dll'
  889. 17:46:25 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 17D17AC0383117E9A14D7687ECAA3B27AF1C71B89687A5C3E5B8761B2E64EDFC 'c:\users\admin\appdata\local\temp\fe54b690-6da0-4c09-b78a-0266332cafbd\api-ms-win-core-console-l1-1-0.dll'
  890. 17:46:25 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow A7A23DC37F028D38D2836CE881FCFF1FD066538588B207BBBCC3B1AB96E3AB62 'c:\users\admin\appdata\local\temp\fe54b690-6da0-4c09-b78a-0266332cafbd\api-ms-win-core-datetime-l1-1-0.dll'
  891. 17:46:25 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 44A696C4626AF85EA565D651D7FAF5E21B6EB0C6EE47EE93419D8A7BAD565278 'c:\users\admin\appdata\local\temp\fe54b690-6da0-4c09-b78a-0266332cafbd\api-ms-win-core-datetime-l1-1-1.dll'
  892. 17:46:25 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 4C0F43EAC3834878F16175B17427C0195A3213B7CDF9702447667D703AA29B54 'c:\users\admin\appdata\local\temp\fe54b690-6da0-4c09-b78a-0266332cafbd\api-ms-win-core-debug-l1-1-0.dll'
  893. 17:46:25 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 0362AFCDFB6CA89CDEE0DACEC94A5E45D6910B5337343149007DE2443050D154 'c:\users\admin\appdata\local\temp\fe54b690-6da0-4c09-b78a-0266332cafbd\api-ms-win-core-debug-l1-1-1.dll'
  894. 17:46:25 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 53238588E10FFAABA96C751D34181BA04A869A0474757E79D9FE82ABC3DC7CFE 'c:\users\admin\appdata\local\temp\fe54b690-6da0-4c09-b78a-0266332cafbd\api-ms-win-core-delayload-l1-1-0.dll'
  895. 17:46:25 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 1FCB6E1908C13B5184373E83B3C13FCF96B55E4FBBC8AAF4D6E9DA604DB75848 'c:\users\admin\appdata\local\temp\fe54b690-6da0-4c09-b78a-0266332cafbd\api-ms-win-core-errorhandling-l1-1-0.dll'
  896. 17:46:25 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 7BDA00F42BE64BCC1022EC3000FE2582CDF4CC89083D868ACA9DCE982C98C52C 'c:\users\admin\appdata\local\temp\fe54b690-6da0-4c09-b78a-0266332cafbd\api-ms-win-core-errorhandling-l1-1-1.dll'
  897. 17:46:25 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow A95088251923F1233CA4F5675457D6D6B2A1601734D4B5451420298491864746 'c:\users\admin\appdata\local\temp\fe54b690-6da0-4c09-b78a-0266332cafbd\api-ms-win-core-fibers-l1-1-0.dll'
  898. 17:46:25 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 7392027920D102DBE4C2C15590CC471063D6B1456CAA797BB71F8973C60B47FC 'c:\users\admin\appdata\local\temp\fe54b690-6da0-4c09-b78a-0266332cafbd\api-ms-win-core-fibers-l1-1-1.dll'
  899. 17:46:32 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow CF84455BC2AADF2960F0AE4D3691BF3032F412578CB2730A27848C6B26D00225 'c:\users\admin\appdata\local\temp\fe54b690-6da0-4c09-b78a-0266332cafbd\api-ms-win-core-file-l1-1-0.dll'
  900. 17:46:32 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 1C4FA5120E310E49C8112ACB6E594DB2F581AE4B6BA6241EEA4301E0E373959F 'c:\users\admin\appdata\local\temp\fe54b690-6da0-4c09-b78a-0266332cafbd\api-ms-win-core-file-l1-2-0.dll'
  901. 17:46:32 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow D4FD5081924D4B544188A687BD37127E0A38AF310E77C55F6EC22896B95B3C9C 'c:\users\admin\appdata\local\temp\fe54b690-6da0-4c09-b78a-0266332cafbd\api-ms-win-core-file-l1-2-1.dll'
  902. 17:46:32 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow DB95D8AA71A8E0A54852C1A83E42267C72E26F2A111AD41146096BF26825FF62 'c:\users\admin\appdata\local\temp\fe54b690-6da0-4c09-b78a-0266332cafbd\api-ms-win-core-file-l2-1-0.dll'
  903. 17:46:32 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow EE600140599138132439FA9FB9FA6B028A9BF2A206A856CCB1106EFF45459C13 'c:\users\admin\appdata\local\temp\fe54b690-6da0-4c09-b78a-0266332cafbd\api-ms-win-core-file-l2-1-1.dll'
  904. 17:46:32 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 495A9EC7C50D6D72F209E1F69C9B0C292D8D32FBE79FE675128786F8E351B988 'c:\users\admin\appdata\local\temp\fe54b690-6da0-4c09-b78a-0266332cafbd\api-ms-win-core-handle-l1-1-0.dll'
  905. 17:46:32 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 0091D6C33047D8EF6E0F09E049DF2CABA5EE6B4F5B1870E0A369D3BF6DB72330 'c:\users\admin\appdata\local\temp\fe54b690-6da0-4c09-b78a-0266332cafbd\api-ms-win-core-heap-l1-1-0.dll'
  906. 17:46:32 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow D08261783A1749B08F7423923B00FD77E3B44265889B1F550A64239586BC8FC7 'c:\users\admin\appdata\local\temp\fe54b690-6da0-4c09-b78a-0266332cafbd\api-ms-win-core-heap-obsolete-l1-1-0.dll'
  907. 17:46:32 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 262D2C2EBAFFA4276F54B05A5A1DA125CC9DCCAF76EAAD3AAF7B23D54EC33C8E 'c:\users\admin\appdata\local\temp\fe54b690-6da0-4c09-b78a-0266332cafbd\api-ms-win-core-interlocked-l1-1-0.dll'
  908. 17:46:32 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 17BE2709D85E6B922BDF5D357FB4CD9416234F8E6685226F5EC776E8B3B5A678 'c:\users\admin\appdata\local\temp\fe54b690-6da0-4c09-b78a-0266332cafbd\api-ms-win-core-io-l1-1-0.dll'
  909. 17:46:32 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow ABDC082DAA40FCAF14E4E554DF23CFC48533F5A2157BD540BFEC49EB8E31E403 'c:\users\admin\appdata\local\temp\fe54b690-6da0-4c09-b78a-0266332cafbd\api-ms-win-core-io-l1-1-1.dll'
  910. 17:46:32 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 5604FCC803BE14AD10C7A2372FB19BC80D43AD850109A670676982A4EC961473 'c:\users\admin\appdata\local\temp\fe54b690-6da0-4c09-b78a-0266332cafbd\api-ms-win-core-kernel32-legacy-l1-1-0.dll'
  911. 17:46:32 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 0B94CB7472E0777AEFC1B3208ADDE41B893B78B3223F515FB86348D3362624C3 'c:\users\admin\appdata\local\temp\fe54b690-6da0-4c09-b78a-0266332cafbd\api-ms-win-core-kernel32-legacy-l1-1-1.dll'
  912. 17:46:32 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow C366B92E7048081C7B336CEAB970BAA20AFDAEE2456820AA38360D1429C27669 'c:\users\admin\appdata\local\temp\fe54b690-6da0-4c09-b78a-0266332cafbd\api-ms-win-core-kernel32-private-l1-1-0.dll'
  913. 17:46:32 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 41437C84BF757CC5758BF381600D0DECB00E8F8F56F11765203B7880AC4CDDD0 'c:\users\admin\appdata\local\temp\fe54b690-6da0-4c09-b78a-0266332cafbd\api-ms-win-core-kernel32-private-l1-1-1.dll'
  914. 17:46:32 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 2DA68FCBCE619BE5A90501F971467B7A894C6A705659346729E1E4E306EEB7D7 'c:\users\admin\appdata\local\temp\fe54b690-6da0-4c09-b78a-0266332cafbd\api-ms-win-core-libraryloader-l1-1-0.dll'
  915. 17:46:32 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 91A7DEC7B636C00032D122CA04D4B8653B13E1211C54A4184F3955D2398C2E2E 'c:\users\admin\appdata\local\temp\fe54b690-6da0-4c09-b78a-0266332cafbd\api-ms-win-core-libraryloader-l1-1-1.dll'
  916. 17:46:32 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 2E93EA8BB070C07C39B7F042B7D9843C4B74B3D4E69C8E33D89B0574B2D1D43D 'c:\users\admin\appdata\local\temp\fe54b690-6da0-4c09-b78a-0266332cafbd\api-ms-win-core-localization-l1-2-0.dll'
  917. 17:46:32 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 2FEF21096468EE5C6BFC88971AFDB4CC07F6C4669375561863B85023C15684AF 'c:\users\admin\appdata\local\temp\fe54b690-6da0-4c09-b78a-0266332cafbd\api-ms-win-core-localization-l1-2-1.dll'
  918. 17:46:32 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow C0E101B6BCDDC28A9BA24C7796BBDAAEFC14459E402FD53053F3C23E0D84D040 'c:\users\admin\appdata\local\temp\fe54b690-6da0-4c09-b78a-0266332cafbd\api-ms-win-core-localization-obsolete-l1-2-0.dll'
  919. 17:46:32 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow AA433713D5D1DB4413E9F5D938C0C452BAE8EB1BF8CD011803464BBD893BBB08 'c:\users\admin\appdata\local\temp\fe54b690-6da0-4c09-b78a-0266332cafbd\api-ms-win-core-memory-l1-1-0.dll'
  920. 17:46:32 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow A2B17F63065CC760FA9CF5D2950D0E13613997546C90CFA1C094CF32171D49ED 'c:\users\admin\appdata\local\temp\fe54b690-6da0-4c09-b78a-0266332cafbd\api-ms-win-core-memory-l1-1-1.dll'
  921. 17:46:32 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 26425008D97A2EA8B95AF52BFE47CF5DE1DE9BB3E25DF77123B85C895192D7D6 'c:\users\admin\appdata\local\temp\fe54b690-6da0-4c09-b78a-0266332cafbd\api-ms-win-core-memory-l1-1-2.dll'
  922. 17:46:32 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 0D9C3D6A6DF364F812D370258C1B3D3F97584E9F7D36569D06746EBA1695D368 'c:\users\admin\appdata\local\temp\fe54b690-6da0-4c09-b78a-0266332cafbd\api-ms-win-core-namedpipe-l1-1-0.dll'
  923. 17:46:32 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 85F3FE5E802843596F466D479111658B08271E48CC1821EB17E6D299D523C95E 'c:\users\admin\appdata\local\temp\fe54b690-6da0-4c09-b78a-0266332cafbd\api-ms-win-core-privateprofile-l1-1-0.dll'
  924. 17:46:32 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 835F086B0884E8E1689D661657F258FA1E71439672E9F0CC0140D614DAB6FA6F 'c:\users\admin\appdata\local\temp\fe54b690-6da0-4c09-b78a-0266332cafbd\api-ms-win-core-privateprofile-l1-1-1.dll'
  925. 17:46:32 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 35CDE2048D4EC8D5D02B1CA57B81B8D5F579541EDBAF5DA4485A6323B8C3A805 'c:\users\admin\appdata\local\temp\fe54b690-6da0-4c09-b78a-0266332cafbd\api-ms-win-core-processenvironment-l1-1-0.dll'
  926. 17:46:32 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 23E758C4F7646AACC2DE8B8930BB272115F726F27E5437DF606E1C2328FA48F4 'c:\users\admin\appdata\local\temp\fe54b690-6da0-4c09-b78a-0266332cafbd\api-ms-win-core-processenvironment-l1-2-0.dll'
  927. 17:46:32 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow D43535460D9CF2F2D348E9F2027DAF9FC0C0C906D5066E15F86332C839C94651 'c:\users\admin\appdata\local\temp\fe54b690-6da0-4c09-b78a-0266332cafbd\api-ms-win-core-processthreads-l1-1-0.dll'
  928. 17:46:32 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow BE42C78E3F21CD6E74811F27E1B76C4FE8537FB149EF34EA455F22AAA29720ED 'c:\users\admin\appdata\local\temp\fe54b690-6da0-4c09-b78a-0266332cafbd\api-ms-win-core-processthreads-l1-1-1.dll'
  929. 17:46:32 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 3070505B0B060D9EE9C2B699A518481A22DC15ECAF9603089FCF9EBC022179C3 'c:\users\admin\appdata\local\temp\fe54b690-6da0-4c09-b78a-0266332cafbd\api-ms-win-core-processthreads-l1-1-2.dll'
  930. 17:46:36 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow AD01524D3FDDC25C91292808E7B333B587C902E996E557885E79CC10F9A66214 'c:\users\admin\appdata\local\temp\fe54b690-6da0-4c09-b78a-0266332cafbd\api-ms-win-core-processtopology-obsolete-l1-1-0.dll'
  931. 17:46:36 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 320A6138FE915BE7E83F4CDC2024531948185C3BFC939CB367A53F1AA74BFB2C 'c:\users\admin\appdata\local\temp\fe54b690-6da0-4c09-b78a-0266332cafbd\api-ms-win-core-profile-l1-1-0.dll'
  932. 17:46:36 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 1E3B3505560AB3E641C386473A83AA194D94CD5BC6CC4FA718D003D1FF899601 'c:\users\admin\appdata\local\temp\fe54b690-6da0-4c09-b78a-0266332cafbd\api-ms-win-core-realtime-l1-1-0.dll'
  933. 17:46:36 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow E6F51C07641EF931C4F97E5D966242BB96A156A603A7769BEAE0EA61E9E25486 'c:\users\admin\appdata\local\temp\fe54b690-6da0-4c09-b78a-0266332cafbd\api-ms-win-core-registry-l1-1-0.dll'
  934. 17:46:36 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 1ED3511DC98353CA8E9B22A40C318BBD24484C25C171886B06B22AFD396ACFE8 'c:\users\admin\appdata\local\temp\fe54b690-6da0-4c09-b78a-0266332cafbd\api-ms-win-core-registry-l2-1-0.dll'
  935. 17:46:36 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow C5938839A3DFFBFBFEF432D0A95D0773375B4758FC160EDD04383A4B4273A18B 'c:\users\admin\appdata\local\temp\fe54b690-6da0-4c09-b78a-0266332cafbd\api-ms-win-core-rtlsupport-l1-1-0.dll'
  936. 17:46:36 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 6212B2B8CF5533F9DB6E366BBADED7A8D6EAD6667EA6A425B6987102669D8D96 'c:\users\admin\appdata\local\temp\fe54b690-6da0-4c09-b78a-0266332cafbd\api-ms-win-core-shlwapi-legacy-l1-1-0.dll'
  937. 17:46:36 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 24B3FA4C5E8AB463BD2CFB704D7BFA7E8429726852EF582F94E44D7691BDD1FB 'c:\users\admin\appdata\local\temp\fe54b690-6da0-4c09-b78a-0266332cafbd\api-ms-win-core-shlwapi-obsolete-l1-1-0.dll'
  938. 17:46:36 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 21BF3432160DD9851CAAC716DF3A41E39428A84BA9B9D3C63CDD300CB6928300 'c:\users\admin\appdata\local\temp\fe54b690-6da0-4c09-b78a-0266332cafbd\api-ms-win-core-shutdown-l1-1-0.dll'
  939. 17:46:36 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow DFE66C8C205C95274565BADB7B3C19043917F6CD07A8DE34CE241EFFF9EA6676 'c:\users\admin\appdata\local\temp\fe54b690-6da0-4c09-b78a-0266332cafbd\api-ms-win-core-string-l1-1-0.dll'
  940. 17:46:36 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 503443DBF6E6E481EA1C661109CE17B3D55C4FEA001D77F11CD032BDDF64FD29 'c:\users\admin\appdata\local\temp\fe54b690-6da0-4c09-b78a-0266332cafbd\api-ms-win-core-string-l2-1-0.dll'
  941. 17:46:36 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 5191E82E921398310FE9FD333F5CA44E6233358499EDD5B33BF8E9F0C9D3B88E 'c:\users\admin\appdata\local\temp\fe54b690-6da0-4c09-b78a-0266332cafbd\api-ms-win-core-string-obsolete-l1-1-0.dll'
  942. 17:46:36 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 1B9FA225A474D42FF8360141C8BC1EE1E7310958910931AC8E5A213E957700BD 'c:\users\admin\appdata\local\temp\fe54b690-6da0-4c09-b78a-0266332cafbd\api-ms-win-core-stringansi-l1-1-0.dll'
  943. 17:46:36 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow D726F32AEB323F4DEA55D35441D1FF06BF3E212846A6B86D9ADC8F9DD1307B57 'c:\users\admin\appdata\local\temp\fe54b690-6da0-4c09-b78a-0266332cafbd\api-ms-win-core-stringloader-l1-1-1.dll'
  944. 17:46:36 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow E4938C16CA5FC7A8C9D87E4201FA2F28992026F5858F36A2A44EA22B5BD0889F 'c:\users\admin\appdata\local\temp\fe54b690-6da0-4c09-b78a-0266332cafbd\api-ms-win-core-synch-l1-1-0.dll'
  945. 17:46:36 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 386F6CC0C3CE0C904A44A2FDDD11B2E5EA7782B08E69FD961DA5BE3C32BA5C26 'c:\users\admin\appdata\local\temp\fe54b690-6da0-4c09-b78a-0266332cafbd\api-ms-win-core-synch-l1-2-0.dll'
  946. 17:46:36 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 5285A11016967E2017A8187882579CBD722371D0B7497B356149FC447160A521 'c:\users\admin\appdata\local\temp\fe54b690-6da0-4c09-b78a-0266332cafbd\api-ms-win-core-sysinfo-l1-1-0.dll'
  947. 17:46:36 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 808C22A733B5F6A4E601605DCF4043C9952CEBE825FF2622097FC5B4FACF682A 'c:\users\admin\appdata\local\temp\fe54b690-6da0-4c09-b78a-0266332cafbd\api-ms-win-core-sysinfo-l1-2-0.dll'
  948. 17:46:36 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 69FA978126192DBAB6AF11C9878D9C2BD1FD7E3FC899300244DFA4A1AC7ACA31 'c:\users\admin\appdata\local\temp\fe54b690-6da0-4c09-b78a-0266332cafbd\api-ms-win-core-sysinfo-l1-2-1.dll'
  949. 17:46:36 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow E2F0F0D46082ED40D042BCCD47F4E917707CF884672C5919116126914FAD4572 'c:\users\admin\appdata\local\temp\fe54b690-6da0-4c09-b78a-0266332cafbd\api-ms-win-core-threadpool-l1-2-0.dll'
  950. 17:46:36 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 1D99842180A612D63F1A8B137A9BF0375B7113AAB325916BA4781AB8A7B68E7D 'c:\users\admin\appdata\local\temp\fe54b690-6da0-4c09-b78a-0266332cafbd\api-ms-win-core-threadpool-legacy-l1-1-0.dll'
  951. 17:46:36 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow A30003AB0C020E433CC5296E7E150BB11820395D439062FF7FD6D7F449C4C5B3 'c:\users\admin\appdata\local\temp\fe54b690-6da0-4c09-b78a-0266332cafbd\api-ms-win-core-threadpool-private-l1-1-0.dll'
  952. 17:46:36 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 58A65C1938DCDF64D2930B037E9D133A5ACDF46365835782869D3216D3CF2CED 'c:\users\admin\appdata\local\temp\fe54b690-6da0-4c09-b78a-0266332cafbd\api-ms-win-core-timezone-l1-1-0.dll'
  953. 17:46:36 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 86F6DA0F1D075B7E1678DF71689948FEC334CFB10316FEB40E5107135548F9B4 'c:\users\admin\appdata\local\temp\fe54b690-6da0-4c09-b78a-0266332cafbd\api-ms-win-core-url-l1-1-0.dll'
  954. 17:46:36 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 01291D3895EC5BB0E658F91FE1512AADCBB6D8F1154BC6023076554AFA05AC1D 'c:\users\admin\appdata\local\temp\fe54b690-6da0-4c09-b78a-0266332cafbd\api-ms-win-core-util-l1-1-0.dll'
  955. 17:46:36 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow E45B73AF0C35F05B01CADF6BD4F67C1497586F4C4F9A16F0448BA751E16C4596 'c:\users\admin\appdata\local\temp\fe54b690-6da0-4c09-b78a-0266332cafbd\api-ms-win-core-version-l1-1-0.dll'
  956. 17:46:36 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 59A473D1AD7C181C89AF00B966CD107F1846CDC526009C4807A1EAE3DCB3731D 'c:\users\admin\appdata\local\temp\fe54b690-6da0-4c09-b78a-0266332cafbd\api-ms-win-core-wow64-l1-1-0.dll'
  957. 17:46:36 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 3617DBCADFE370463B4DBB91C1C6222923F16EC362DE29C2CA3AE4E72C9ABB64 'c:\users\admin\appdata\local\temp\fe54b690-6da0-4c09-b78a-0266332cafbd\api-ms-win-core-xstate-l1-1-0.dll'
  958. 17:46:36 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow A5BE1E3C71A3A5C8EEF4BFAD9D0BADC97BA47B2B9911CED4BD1B8F65BB8DCB77 'c:\users\admin\appdata\local\temp\fe54b690-6da0-4c09-b78a-0266332cafbd\api-ms-win-core-xstate-l2-1-0.dll'
  959. 17:46:36 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 66807B95E13944D52E9A7AA1F1A41E632FAA46F6B48F98451618DB3845622577 'c:\users\admin\appdata\local\temp\fe54b690-6da0-4c09-b78a-0266332cafbd\api-ms-win-devices-config-l1-1-0.dll'
  960. 17:46:36 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow C914CD6FE6C7B16533763BC789EDAF67D7A19C26514C927572051C4379C79FC0 'c:\users\admin\appdata\local\temp\fe54b690-6da0-4c09-b78a-0266332cafbd\api-ms-win-devices-config-l1-1-1.dll'
  961. 17:46:44 CylanceSvc(68)[52] Information: [ProcessStatistics] Stats|466556|3|35|1078|90328|684760|1089804|1225280|466556|778248|526|124|2|5|1812|84116|829348|1216|112|259|10
  962. 17:47:06 CylanceSvc(68)[16] Information: [Cylance.Host.Analyzer.FileProcessor] Set item to 'invalid' - GetFileStatus(0) 'c:\users\admin\appdata\local\temp\fe54b690-6da0-4c09-b78a-0266332cafbd\api-ms-win-eventing-classicprovider-l1-1-0.dll'-99E2CD36104D3EFD4DEC88AD0F4BED1FD1BBFA97CC4FB29DB7F7136290DD6B70 file does not exist and is not quarantined
  963. 17:47:06 CylanceSvc(68)[16] Information: [Cylance.Host.Analyzer.FileProcessor] Set item to 'invalid' - GetFileStatus(0) 'c:\users\admin\appdata\local\temp\fe54b690-6da0-4c09-b78a-0266332cafbd\api-ms-win-eventing-consumer-l1-1-0.dll'-3B7CB5622BEAC7D633A84EE2F7336C8DE1D3D1AA10577D98020081AB67761FAD file does not exist and is not quarantined
  964. 17:47:06 CylanceSvc(68)[16] Information: [Cylance.Host.Analyzer.FileProcessor] Set item to 'invalid' - GetFileStatus(0) 'c:\users\admin\appdata\local\temp\fe54b690-6da0-4c09-b78a-0266332cafbd\api-ms-win-eventing-controller-l1-1-0.dll'-DC4EE086FC046E1D7A291EA3B8B13E77B7A252B5C283B8F6C9CEC729070B7822 file does not exist and is not quarantined
  965. 17:47:06 CylanceSvc(68)[16] Information: [Cylance.Host.Analyzer.FileProcessor] Set item to 'invalid' - GetFileStatus(0) 'c:\users\admin\appdata\local\temp\fe54b690-6da0-4c09-b78a-0266332cafbd\api-ms-win-eventing-legacy-l1-1-0.dll'-312B6BFC89B551F2C4E8FEDAB316DBE01F190CD5E67091AAFB0E6F67616DC745 file does not exist and is not quarantined
  966. 17:47:06 CylanceSvc(68)[16] Information: [Cylance.Host.Analyzer.FileProcessor] Set item to 'invalid' - GetFileStatus(0) 'c:\users\admin\appdata\local\temp\fe54b690-6da0-4c09-b78a-0266332cafbd\api-ms-win-eventing-provider-l1-1-0.dll'-31A4AE262E179DF4CA406E1AF90F651935657BB5FD990C675C67E37D5B834CFE file does not exist and is not quarantined
  967. 17:47:06 CylanceSvc(68)[16] Information: [Cylance.Host.Analyzer.FileProcessor] Set item to 'invalid' - GetFileStatus(0) 'c:\users\admin\appdata\local\temp\fe54b690-6da0-4c09-b78a-0266332cafbd\api-ms-win-eventlog-legacy-l1-1-0.dll'-5D1103E89199731DFFF7BF89D7F6484C038D47CC04F730CD5233EDE488272E6A file does not exist and is not quarantined
  968. 17:47:06 CylanceSvc(68)[16] Information: [Cylance.Host.Analyzer.FileProcessor] Set item to 'invalid' - GetFileStatus(0) 'c:\users\admin\appdata\local\temp\fe54b690-6da0-4c09-b78a-0266332cafbd\api-ms-win-security-base-l1-1-0.dll'-B4018F8F249CE087DB46F61A0C2E947248A5B71576F511F0B3650433607BC663 file does not exist and is not quarantined
  969. 17:47:06 CylanceSvc(68)[16] Information: [Cylance.Host.Analyzer.FileProcessor] Set item to 'invalid' - GetFileStatus(0) 'c:\users\admin\appdata\local\temp\fe54b690-6da0-4c09-b78a-0266332cafbd\api-ms-win-security-cryptoapi-l1-1-0.dll'-AB12FEAF15CB313812B01AFE1198B62E72F7702D140830ABAD2CFB6251E82A7C file does not exist and is not quarantined
  970. 17:47:06 CylanceSvc(68)[16] Information: [Cylance.Host.Analyzer.FileProcessor] Set item to 'invalid' - GetFileStatus(0) 'c:\users\admin\appdata\local\temp\fe54b690-6da0-4c09-b78a-0266332cafbd\api-ms-win-security-lsalookup-l2-1-0.dll'-F7A34B793AACF75DA4EAE843B6088C0BAAA8B835EA5F6A65E72EBD9A1479C8A8 file does not exist and is not quarantined
  971. 17:47:06 CylanceSvc(68)[16] Information: [Cylance.Host.Analyzer.FileProcessor] Set item to 'invalid' - GetFileStatus(0) 'c:\users\admin\appdata\local\temp\fe54b690-6da0-4c09-b78a-0266332cafbd\api-ms-win-security-lsalookup-l2-1-1.dll'-F519C7AA6930DAC83A3045CEEE42F64F26FFC54254D5ABD1B0F7D99C47569A30 file does not exist and is not quarantined
  972. 17:47:06 CylanceSvc(68)[16] Information: [Cylance.Host.Analyzer.FileProcessor] Set item to 'invalid' - GetFileStatus(0) 'c:\users\admin\appdata\local\temp\fe54b690-6da0-4c09-b78a-0266332cafbd\api-ms-win-security-lsapolicy-l1-1-0.dll'-4D231AC65F0F54BFF45CACFFE7DF3109CF87F78D14960EC8F03654E605AC8ABF file does not exist and is not quarantined
  973. 17:47:06 CylanceSvc(68)[16] Information: [Cylance.Host.Analyzer.FileProcessor] Set item to 'invalid' - GetFileStatus(0) 'c:\users\admin\appdata\local\temp\fe54b690-6da0-4c09-b78a-0266332cafbd\api-ms-win-security-provider-l1-1-0.dll'-BE6E6284F69C76BE6366EA8D44D85BDBAB6A71DD42E8B5575CFDF671AD58DCA2 file does not exist and is not quarantined
  974. 17:47:06 CylanceSvc(68)[16] Information: [Cylance.Host.Analyzer.FileProcessor] Set item to 'invalid' - GetFileStatus(0) 'c:\users\admin\appdata\local\temp\fe54b690-6da0-4c09-b78a-0266332cafbd\api-ms-win-security-sddl-l1-1-0.dll'-6E274ABE823EF8B30629A99D9F942794C9FE6D003021A0C5085B49A7D8611DDE file does not exist and is not quarantined
  975. 17:47:06 CylanceSvc(68)[16] Information: [Cylance.Host.Analyzer.FileProcessor] Set item to 'invalid' - GetFileStatus(0) 'c:\users\admin\appdata\local\temp\fe54b690-6da0-4c09-b78a-0266332cafbd\api-ms-win-service-core-l1-1-0.dll'-5071AA303D436407D195EF37889F018BE7E350DA5E690793587458D4C6D308DB file does not exist and is not quarantined
  976. 17:47:06 CylanceSvc(68)[16] Information: [Cylance.Host.Analyzer.FileProcessor] Set item to 'invalid' - GetFileStatus(0) 'c:\users\admin\appdata\local\temp\fe54b690-6da0-4c09-b78a-0266332cafbd\api-ms-win-service-core-l1-1-1.dll'-AB5CC1B14D6BB708B5C87C2622DA886E2119A6997E08108CCE36080385DAEE71 file does not exist and is not quarantined
  977. 17:47:06 CylanceSvc(68)[16] Information: [Cylance.Host.Analyzer.FileProcessor] Set item to 'invalid' - GetFileStatus(0) 'c:\users\admin\appdata\local\temp\fe54b690-6da0-4c09-b78a-0266332cafbd\api-ms-win-service-management-l1-1-0.dll'-D737A832C0D595E8E52846C2D748B911D7155E372F43FBB10513CFDE0BBF83B7 file does not exist and is not quarantined
  978. 17:47:06 CylanceSvc(68)[16] Information: [Cylance.Host.Analyzer.FileProcessor] Set item to 'invalid' - GetFileStatus(0) 'c:\users\admin\appdata\local\temp\fe54b690-6da0-4c09-b78a-0266332cafbd\api-ms-win-service-management-l2-1-0.dll'-F44E2A85D7507159AE115C85C3497C57BE4ECB2D6ADDB30A534110266D56F92F file does not exist and is not quarantined
  979. 17:47:06 CylanceSvc(68)[16] Information: [Cylance.Host.Analyzer.FileProcessor] Set item to 'invalid' - GetFileStatus(0) 'c:\users\admin\appdata\local\temp\fe54b690-6da0-4c09-b78a-0266332cafbd\api-ms-win-service-private-l1-1-0.dll'-CD51DF334A600117133C9C8100DDE766D980456988FD333A40BE5A81C8092340 file does not exist and is not quarantined
  980. 17:47:06 CylanceSvc(68)[16] Information: [Cylance.Host.Analyzer.FileProcessor] Set item to 'invalid' - GetFileStatus(0) 'c:\users\admin\appdata\local\temp\fe54b690-6da0-4c09-b78a-0266332cafbd\api-ms-win-service-private-l1-1-1.dll'-00E14515FE6FEBBF3C2CFC89A6F1A3D6F48B3E7A5EB08D50DADF69CE3F34CC47 file does not exist and is not quarantined
  981. 17:47:06 CylanceSvc(68)[16] Information: [Cylance.Host.Analyzer.FileProcessor] Set item to 'invalid' - GetFileStatus(0) 'c:\users\admin\appdata\local\temp\fe54b690-6da0-4c09-b78a-0266332cafbd\api-ms-win-service-winsvc-l1-1-0.dll'-CBE408A0AFF90986A6A7DDF022F96302B4FADD08A0C3C166CAC7A64D6ABF041D file does not exist and is not quarantined
  982. 17:47:07 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow D74F5F60636005E1FE43808D2915ED9CA804CA0FABE3A9ABE6699C7B5B3DAD43 'c:\windows\assembly\nativeimages_v4.0.30319_32\microsoft.b3325a29b#\9e6f1308b1bf239e934555444c1b8e0c\microsoft.build.framework.ni.dll'
  983. 17:47:07 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 2AF9AA7A568237B27392952FDD35C3AA8CE12695D5EF8691E9F56986119B0E26 'c:\windows\assembly\nativeimages_v4.0.30319_32\microsoft.build\d5398d93a9bd4763b092da9c25e49fdd\microsoft.build.ni.dll'
  984. 17:47:07 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow B7DD596358C63D0A1D0AC924B74D387E2A49230E3AE8F5EFFB6C20FCFF068FDD 'c:\windows\assembly\nativeimages_v4.0.30319_32\microsoft.ifcaec084#\3d10d161efe7630d41e33e255c4db7e0\microsoft.internal.tasks.dataflow.ni.dll'
  985. 17:47:07 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 2D4541502952904E9FC303B05C27B8A3F7394D007A7A7BBDC8A8A0F736938098 'c:\windows\assembly\nativeimages_v4.0.30319_32\microsoft.baa2ca56b#\25d1a58ad398684c5b9f8590d778c729\microsoft.build.tasks.v4.0.ni.dll'
  986. 17:47:07 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 036BF958E5C4FF617F92689CED956E56B101F8A6859CF0468AD12013ADDF7DB0 'c:\windows\assembly\nativeimages_v4.0.30319_32\microsoft.b83e9cb53#\7be06d731b2d2790905814ab3a2dd6c9\microsoft.build.utilities.v4.0.ni.dll'
  987. 17:47:07 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 7774E42F3F692BDC61D228BE216B3F6D6EB73F754FE9CA0B1A7FE370D11BDC6B 'c:\windows\assembly\temp\a5r7z1b2if\smdiagnostics.ni.dll'
  988. 17:47:07 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 90E8DE4EEE74961CB50AE6E4EF3FB246B4B1F608D06446596D4C44DE0145464B 'c:\windows\assembly\temp\z9rcztv57f\system.componentmodel.dataannotations.ni.dll'
  989. 17:47:07 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow D4303700E8959BACDD5B4EB8D1C29C1F045F35E477D01991075F11C7227BD2DB 'c:\windows\assembly\temp\skg7z073h8\system.directoryservices.accountmanagement.ni.dll'
  990. 17:47:07 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow C2B155C1813C6AFF46984BB63E08004FB6E770D7FD66EACB7A383AA56C9CC037 'c:\windows\assembly\temp\s53var9ica\system.enterpriseservices.ni.dll'
  991. 17:47:07 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 9BFE25009ACC9D5A546729AC0B9B7721C572BD9E8EBEA1C18955253D820CDD21 'c:\windows\assembly\temp\s53var9ica\system.enterpriseservices.wrapper.dll'
  992. 17:47:07 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 4DF25E60D251B8FE4CACA15F8CCE4030E518A059F09A203220FD12C2A769E33F 'c:\windows\assembly\temp\f8o9nyryyq\system.servicemodel.internals.ni.dll'
  993. 17:47:38 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow A1D89D77683D4D4F1EC0508DAE550A7AE4AF93B046DFE1B9FAA51BE783F4DA94 'c:\windows\assembly\temp\2pik5xfult\system.servicemodel.web.ni.dll'
  994. 17:47:38 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 407AE5F91F622207DBC2903A9E029BF8945EDACF7A9EE2A8AD6C5FC65A10E858 'c:\windows\assembly\temp\uf4op8ncqs\system.workflowservices.ni.dll'
  995. 17:47:38 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow A7849E9DFA8E22A30598C1A6532FC865E91E2A9268EABCB8E0711FA58AA49A1C 'c:\windows\assembly\temp\urhg6zlkqz\system.management.ni.dll'
  996. 17:47:38 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 036BF958E5C4FF617F92689CED956E56B101F8A6859CF0468AD12013ADDF7DB0 'c:\windows\assembly\nativeimages_v4.0.30319_32\microsoft.b83e9cb53#\7be06d731b2d2790905814ab3a2dd6c9\microsoft.build.utilities.v4.0.ni.dll'
  997. 17:47:38 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 2D4541502952904E9FC303B05C27B8A3F7394D007A7A7BBDC8A8A0F736938098 'c:\windows\assembly\nativeimages_v4.0.30319_32\microsoft.baa2ca56b#\25d1a58ad398684c5b9f8590d778c729\microsoft.build.tasks.v4.0.ni.dll'
  998. 17:47:38 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow B7DD596358C63D0A1D0AC924B74D387E2A49230E3AE8F5EFFB6C20FCFF068FDD 'c:\windows\assembly\nativeimages_v4.0.30319_32\microsoft.ifcaec084#\3d10d161efe7630d41e33e255c4db7e0\microsoft.internal.tasks.dataflow.ni.dll'
  999. 17:47:38 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow 2AF9AA7A568237B27392952FDD35C3AA8CE12695D5EF8691E9F56986119B0E26 'c:\windows\assembly\nativeimages_v4.0.30319_32\microsoft.build\d5398d93a9bd4763b092da9c25e49fdd\microsoft.build.ni.dll'
  1000. 17:47:38 CylanceSvc(68)[16] Information: [Cylance.Host.KernelDriver.Driver] SetCache allow D74F5F60636005E1FE43808D2915ED9CA804CA0FABE3A9ABE6699C7B5B3DAD43 'c:\windows\assembly\nativeimages_v4.0.30319_32\microsoft.b3325a29b#\9e6f1308b1bf239e934555444c1b8e0c\microsoft.build.framework.ni.dll'
  1001. 17:47:44 CylanceSvc(68)[41] Information: [ProcessStatistics] Stats|466556|0|35|1174|71716|684760|1089804|1225280|466556|778248|526|124|0|1|1872|59464|212432|104|114|260|10
  1002. 17:48:44 CylanceSvc(68)[41] Information: [ProcessStatistics] Stats|467592|0|36|1238|76344|684760|1090828|1225280|467592|778248|524|124|0|0|1932|63432|334|24|116|261|10
  1003. 17:49:44 CylanceSvc(68)[31] Information: [ProcessStatistics] Stats|462436|0|31|1142|81892|684760|1085708|1225280|462436|778248|520|123|0|0|1992|69848|580|31|117|261|10
  1004. 17:50:45 CylanceSvc(68)[5] Information: [ProcessStatistics] Stats|463460|0|32|1229|82020|684760|1086732|1225280|463460|778248|520|123|0|0|2052|70320|337|15|121|262|10
  1005. 17:51:45 CylanceSvc(68)[5] Information: [ProcessStatistics] Stats|463464|0|32|1312|82140|684760|1086732|1225280|463464|778248|520|123|0|0|2112|70328|379|3|123|263|10
  1006. 17:52:45 CylanceSvc(68)[14] Information: [ProcessStatistics] Stats|465524|0|34|1191|81148|684760|1088780|1225280|465524|778248|519|123|0|0|2172|70432|417|18|125|263|10
  1007. 17:53:45 CylanceSvc(68)[6] Information: [ProcessStatistics] Stats|465524|0|34|1266|81500|684760|1088780|1225280|465524|778248|521|123|0|0|2232|70436|296|5|127|264|10
  1008. 17:54:45 CylanceSvc(68)[5] Information: [ProcessStatistics] Stats|465528|0|34|1328|81380|684760|1088780|1225280|465528|778248|521|123|0|0|2292|70444|296|8|128|265|10
  1009. 17:55:45 CylanceSvc(68)[40] Information: [ProcessStatistics] Stats|465528|0|34|1411|81456|684760|1088780|1225280|465528|778248|521|123|0|0|2352|71020|378|4|130|265|10
  1010. 17:56:45 CylanceSvc(68)[40] Information: [ProcessStatistics] Stats|465492|0|33|1259|82112|684760|1087756|1225280|465492|778248|519|123|0|0|2412|71380|296|5|132|266|10
  1011. 17:57:45 CylanceSvc(68)[14] Information: [ProcessStatistics] Stats|464492|0|33|1329|82728|684760|1087756|1225280|464492|778248|521|123|0|0|2472|72264|296|6|134|266|10
  1012. 17:58:45 CylanceSvc(68)[40] Information: [ProcessStatistics] Stats|464492|0|33|1415|83300|684760|1087756|1225280|464492|778248|522|123|0|0|2532|72704|379|3|136|267|10
  1013. 17:59:45 CylanceSvc(68)[40] Information: [ProcessStatistics] Stats|464492|0|33|1276|83544|684760|1087756|1225280|464492|778248|522|123|0|0|2592|72936|378|3|138|267|10
  1014. 18:00:45 CylanceSvc(68)[5] Information: [ProcessStatistics] Stats|462432|0|31|1377|83552|684760|1085708|1225280|462432|778248|519|123|0|0|2652|73200|544|4|140|268|10
  1015. 18:01:45 CylanceSvc(68)[40] Information: [ProcessStatistics] Stats|463460|0|32|1469|84160|684760|1086732|1225280|463460|778248|520|123|0|0|2712|74036|381|5|141|269|10
  1016. 18:01:46 CylanceSvc(68)[56] Information: [Cylance.Host.Agent.Updater.UpdateManager] RunCheckForUpdates: runCheckNow: True, justRan: False, onDemand: True, updateContinue: False
  1017. 18:01:46 CyUpdate(4600)[1] Information: Logging Started: Tuesday, February 27, 2018 6:01:46 PM (Wed, 28 Feb 2018 00:01:46 GMT) Machine Name: AEP-S23-V100 FQDN: AEP-S23-V100 Product Version: 2.0.1450.8
  1018. 18:01:46 CyUpdate(4600)[1] Information: Log level set to 'Information'
  1019. 18:01:46 CyUpdate(4600)[1] Information: CyUpdate starting, PID = 4600...
  1020. 18:01:46 CyUpdate(4600)[1] Information: Last updater runtime:'0001/01/01 00:00:00' - can run after:'0001/01/01 00:45:00'
  1021. 18:01:46 CyUpdate(4600)[1] Information: CyUpdate starting, PID = 4600...
  1022. 18:01:46 CyUpdate(4600)[1] Information: Current Cylance Protect: Pre1280 = False, PreOptics = True
  1023. 18:01:46 CyUpdate(4600)[1] Information: Updater 2.0.1450.8. Checking for updates to the updater mechanism
  1024. 18:01:47 CyUpdate(4600)[1] Information: Endpoint URL: 'https://update.cylance.com/updates'
  1025. 18:01:47 CyUpdate(4600)[1] Information: GetFiles Request = '{"TenantId":"XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXb09c","Bitness":64,"DeviceId":"XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXX9eb3","FileVersions":[{"FileName":"CommonUtils.dll","Version":"5.0.0.2598"},{"FileName":"CyDevFlt64.sys","Version":"1.1.1.1"},{"FileName":"CyHelper64.dll","Version":"2.0.1450.8"},{"FileName":"CyKNPHDOJQHQZ.dll","Version":"2.0.1450.8"},{"FileName":"Cylance.Engine.Utils.dll","Version":"1.0.1.0"},{"FileName":"Cylance.Host.Analysis.dll","Version":"2.0.1450.8"},{"FileName":"Cylance.Host.CCUI.Interfaces.dll","Version":"2.0.1450.8"},{"FileName":"Cylance.Host.CommandControlUI.dll","Version":"2.0.1450.8"},{"FileName":"Cylance.Host.Controller.dll","Version":"2.0.1450.8"},{"FileName":"Cylance.Host.CylanceOptics.dll","Version":"2.0.1450.8"},{"FileName":"Cylance.Host.CylanceVenue.dll","Version":"2.0.1450.8"},{"FileName":"Cylance.Host.CylanceVenueModule.dll","Version":"2.0.1450.8"},{"FileName":"Cylance.Host.InfinityModel.dll","Version":"2.0.1450.628"},{"FileName":"Cylance.Host.InfinityModelOLE.dll","Version":"2.0.1450.628"},{"FileName":"Cylance.Host.InfinityModelPDF.dll","Version":"2.0.1450.628"},{"FileName":"Cylance.Host.MemDefPS_GAC.dll","Version":"2.0.1450.8"},{"FileName":"Cylance.Host.SystemInformation.dll","Version":"2.0.1450.8"},{"FileName":"Cylance.Host.Updater.dll","Version":"2.0.1450.8"},{"FileName":"Cylance.Host.Versions.dll","Version":"2.0.1450.8"},{"FileName":"Cylance.Host.WindowsEventLogWriter.dll","Version":"2.0.1450.8"},{"FileName":"Cylance.Host.WMIProvider_GAC.dll","Version":"2.0.1450.8"},{"FileName":"Cylance.Interfaces.dll","Version":"2.0.1450.8"},{"FileName":"Cylance.UpdateMgr.Interfaces.dll","Version":"2.0.1450.8"},{"FileName":"CylanceSvc64.exe","Version":"2.0.1450.8"},{"FileName":"CylanceUI.exe","Version":"2.0.1450.8"},{"FileName":"CyMemDef.dll","Version":"2.0.1450.8"},{"FileName":"CyMemDef64.dll","Version":"2.0.1450.8"},{"FileName":"CyMemDefPS.dll","Version":"2.0.1450.8"},{"FileName":"CyMemDefPS64.dll","Version":"2.0.1450.8"},{"FileName":"CyNTFMIHYBLXA.dll","Version":"2.0.1450.8"},{"FileName":"CyProtect.exe","Version":"2.0.1450.8"},{"FileName":"CyProtectDrv64.sys","Version":"2.0.1450.2"},{"FileName":"CyUpdate.exe","Version":"2.0.1450.8"},{"FileName":"InfinityDotNet.dll","Version":"1.1.1.0"},{"FileName":"ISampleScoring.dll","Version":"1.2.8.1"},{"FileName":"LocalePkg.exe","Version":"2.0.1450.8"},{"FileName":"Newtonsoft.Json.dll","Version":"6.0.2.16931"},{"FileName":"SampleScoring2OLE.dll","Version":"1.2.7.2009"},{"FileName":"SampleScoring2PDF.dll","Version":"1.2.7.2007"},{"FileName":"SampleScoring2PE.dll","Version":"4.3.3.0"},{"FileName":"SharedDefinitions.dll","Version":"5.0.3.2704"}]}'
  1026. 18:01:47 CyUpdate(4600)[1] Information: GetFiles Response = '[]'
  1027. 18:01:47 CyUpdate(4600)[1] Information: No items were retrieved from the update site.
  1028. 18:01:47 CyUpdate(4600)[1] Information: No updates found.
  1029. 18:01:47 CyUpdate(4600)[1] Information: Update says it's done, checking for more products.
  1030. 18:01:47 CyUpdate(4600)[1] Information: Next url is: 'v1/updates/protect', and our current url is: ''
  1031. 18:01:47 CyUpdate(4600)[1] Information: More products so scheduling update again.
  1032. 18:01:50 CyUpdate(4600)[1] Information: Exiting CyUpdate.
  1033. 18:01:55 CyUpdate(4600)[1] Information: CyUpdate exit, PID = 4600
  1034. 18:01:55 CyUpdate(4600)[1] Information: CyUpdate releasing mutex handle.
  1035. 18:01:56 CylanceSvc(68)[56] Information: [Cylance.Host.Agent.Updater.UpdateManager] RunCheckForUpdates: runCheckNow: True, justRan: True, onDemand: True, updateContinue: True
  1036. 18:02:45 CylanceSvc(68)[14] Information: [ProcessStatistics] Stats|463368|0|33|1204|86788|684760|1087756|1225280|463368|778248|522|123|0|1|2772|75016|10567|34|143|269|10
  1037. 18:02:46 CylanceSvc(68)[5] Information: [Cylance.Host.Agent.Updater.UpdateManager] RunCheckForUpdates: runCheckNow: True, justRan: False, onDemand: False, updateContinue: False
  1038. 18:02:46 CyUpdate(5480)[1] Information: Logging Started: Tuesday, February 27, 2018 6:02:46 PM (Wed, 28 Feb 2018 00:02:46 GMT) Machine Name: AEP-S23-V100 FQDN: AEP-S23-V100 Product Version: 2.0.1450.8
  1039. 18:02:46 CyUpdate(5480)[1] Information: Log level set to 'Information'
  1040. 18:02:46 CyUpdate(5480)[1] Information: CyUpdate starting, PID = 5480...
  1041. 18:02:46 CyUpdate(5480)[1] Information: Last updater runtime:'0001/01/01 00:00:00' - can run after:'0001/01/01 01:09:00'
  1042. 18:02:46 CyUpdate(5480)[1] Information: CyUpdate starting, PID = 5480...
  1043. 18:02:46 CyUpdate(5480)[1] Information: Current Cylance Protect: Pre1280 = False, PreOptics = True
  1044. 18:02:46 CyUpdate(5480)[1] Information: Updater 2.0.1450.8. Checking for updates to the updater mechanism
  1045. 18:02:47 CyUpdate(5480)[1] Information: Endpoint URL: 'https://update.cylance.com/updates'
  1046. 18:02:47 CyUpdate(5480)[1] Information: GetFiles Request = '{"TenantId":"XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXb09c","Bitness":64,"DeviceId":"XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXX9eb3","FileVersions":[{"FileName":"CommonUtils.dll","Version":"5.0.0.2598"},{"FileName":"CyDevFlt64.sys","Version":"1.1.1.1"},{"FileName":"CyHelper64.dll","Version":"2.0.1450.8"},{"FileName":"CyKNPHDOJQHQZ.dll","Version":"2.0.1450.8"},{"FileName":"Cylance.Engine.Utils.dll","Version":"1.0.1.0"},{"FileName":"Cylance.Host.Analysis.dll","Version":"2.0.1450.8"},{"FileName":"Cylance.Host.CCUI.Interfaces.dll","Version":"2.0.1450.8"},{"FileName":"Cylance.Host.CommandControlUI.dll","Version":"2.0.1450.8"},{"FileName":"Cylance.Host.Controller.dll","Version":"2.0.1450.8"},{"FileName":"Cylance.Host.CylanceOptics.dll","Version":"2.0.1450.8"},{"FileName":"Cylance.Host.CylanceVenue.dll","Version":"2.0.1450.8"},{"FileName":"Cylance.Host.CylanceVenueModule.dll","Version":"2.0.1450.8"},{"FileName":"Cylance.Host.InfinityModel.dll","Version":"2.0.1450.628"},{"FileName":"Cylance.Host.InfinityModelOLE.dll","Version":"2.0.1450.628"},{"FileName":"Cylance.Host.InfinityModelPDF.dll","Version":"2.0.1450.628"},{"FileName":"Cylance.Host.MemDefPS_GAC.dll","Version":"2.0.1450.8"},{"FileName":"Cylance.Host.SystemInformation.dll","Version":"2.0.1450.8"},{"FileName":"Cylance.Host.Updater.dll","Version":"2.0.1450.8"},{"FileName":"Cylance.Host.Versions.dll","Version":"2.0.1450.8"},{"FileName":"Cylance.Host.WindowsEventLogWriter.dll","Version":"2.0.1450.8"},{"FileName":"Cylance.Host.WMIProvider_GAC.dll","Version":"2.0.1450.8"},{"FileName":"Cylance.Interfaces.dll","Version":"2.0.1450.8"},{"FileName":"Cylance.UpdateMgr.Interfaces.dll","Version":"2.0.1450.8"},{"FileName":"CylanceSvc64.exe","Version":"2.0.1450.8"},{"FileName":"CylanceUI.exe","Version":"2.0.1450.8"},{"FileName":"CyMemDef.dll","Version":"2.0.1450.8"},{"FileName":"CyMemDef64.dll","Version":"2.0.1450.8"},{"FileName":"CyMemDefPS.dll","Version":"2.0.1450.8"},{"FileName":"CyMemDefPS64.dll","Version":"2.0.1450.8"},{"FileName":"CyNTFMIHYBLXA.dll","Version":"2.0.1450.8"},{"FileName":"CyProtect.exe","Version":"2.0.1450.8"},{"FileName":"CyProtectDrv64.sys","Version":"2.0.1450.2"},{"FileName":"CyUpdate.exe","Version":"2.0.1450.8"},{"FileName":"InfinityDotNet.dll","Version":"1.1.1.0"},{"FileName":"ISampleScoring.dll","Version":"1.2.8.1"},{"FileName":"LocalePkg.exe","Version":"2.0.1450.8"},{"FileName":"Newtonsoft.Json.dll","Version":"6.0.2.16931"},{"FileName":"SampleScoring2OLE.dll","Version":"1.2.7.2009"},{"FileName":"SampleScoring2PDF.dll","Version":"1.2.7.2007"},{"FileName":"SampleScoring2PE.dll","Version":"4.3.3.0"},{"FileName":"SharedDefinitions.dll","Version":"5.0.3.2704"}]}'
  1047. 18:02:47 CyUpdate(5480)[1] Information: GetFiles Response = '[]'
  1048. 18:02:47 CyUpdate(5480)[1] Information: No items were retrieved from the update site.
  1049. 18:02:47 CyUpdate(5480)[1] Information: No updates found.
  1050. 18:02:47 CyUpdate(5480)[1] Information: Update says it's done, checking for more products.
  1051. 18:02:47 CyUpdate(5480)[1] Information: Next url is: 'v1/updates/protect', and our current url is: ''
  1052. 18:02:47 CyUpdate(5480)[1] Information: More products so scheduling update again.
  1053. 18:02:50 CyUpdate(5480)[1] Information: Exiting CyUpdate.
  1054. 18:02:55 CyUpdate(5480)[1] Information: CyUpdate exit, PID = 5480
  1055. 18:02:55 CyUpdate(5480)[1] Information: CyUpdate releasing mutex handle.
  1056. 18:03:45 CylanceSvc(68)[40] Information: [ProcessStatistics] Stats|464056|0|33|1406|89588|684760|1087756|1225280|464056|778248|521|123|0|0|2832|76736|10073|30|145|270|10
  1057. 18:03:46 CylanceSvc(68)[5] Information: [Cylance.Host.Agent.Updater.UpdateManager] RunCheckForUpdates: runCheckNow: True, justRan: True, onDemand: False, updateContinue: True
  1058. 18:04:45 CylanceSvc(68)[5] Information: [ProcessStatistics] Stats|466156|0|35|1238|90736|684760|1089804|1225280|466156|778248|522|123|0|0|2892|77484|606|5|147|270|10
  1059. 18:04:46 CylanceUI(4472)[1] Information: Logging Started: Tuesday, February 27, 2018 6:04:46 PM (Wed, 28 Feb 2018 00:04:46 GMT) Machine Name: AEP-S23-V100 FQDN: AEP-S23-V100 Product Version: 2.0.1450.8
  1060. 18:04:46 CylanceUI(4472)[1] Information: Log level set to 'Information'
  1061. 18:04:46 CylanceUI(4472)[1] Information: Initializing...
  1062. 18:05:45 CylanceSvc(68)[40] Information: [ProcessStatistics] Stats|468240|0|37|1305|92332|684760|1091852|1225280|468240|778248|524|124|0|0|2952|78388|6752|9|151|271|10
  1063. 18:06:45 CylanceSvc(68)[40] Information: [ProcessStatistics] Stats|466180|0|35|1407|92920|684760|1089804|1225280|466180|778248|524|123|0|0|3012|79212|500|4|152|272|10
  1064. 18:07:45 CylanceSvc(68)[14] Information: [ProcessStatistics] Stats|462052|0|31|1224|93560|684760|1085708|1225280|462052|778248|524|123|0|0|3072|79336|381|3|154|273|10
  1065. 18:08:45 CylanceSvc(68)[14] Information: [ProcessStatistics] Stats|462048|0|31|1341|93840|684760|1085708|1225280|462048|778248|524|123|0|0|3133|79768|585|3|156|273|10
  1066. 18:09:45 CylanceSvc(68)[34] Information: [ProcessStatistics] Stats|462052|0|31|1447|94252|684760|1085708|1225280|462052|778248|523|123|0|0|3193|80340|500|5|158|274|10
  1067. 18:10:45 CylanceSvc(68)[34] Information: [ProcessStatistics] Stats|462052|0|31|1318|94968|684760|1085708|1225280|462052|778248|524|123|0|0|3253|81068|341|4|160|274|10
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!