|
An error has occurred during program execution. Please read the following information for further details. EurekaLog 6.1.04 Application: --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- 1.1 Start Date : Sat, 20 Apr 2024 08:02:22 +0100 1.2 Name/Description: w3wp.exe - (IIS Worker Process) 1.3 Version Number : 10.0.20348.1 1.4 Parameters : -ap "FormidableCA" -v "v4.0" -l "webengine4.dll" -a \\.\pipe\iisipmb0089da5-10ff-4668-a6f8-b198d17e3218 -h "C:\inetpub\temp\apppools\FormidableCA\FormidableCA.config" -w "" -m 0 -t 20 -ta 0 1.5 Compilation Date: Wed, 13 Nov 2013 13:16:49 +0100 1.6 Up Time : 0 second Exception: ---------------------------------------------------------------------------------------------------- 2.1 Date : Sat, 20 Apr 2024 08:02:23 +0100 2.2 Address : 066BB4EC 2.3 Module Name : FMLic.dll 2.4 Module Version: 2.5 Type : EOleException 2.6 Message : Cannot open database "WEBStore_LIVE" requested by the login. The login failed. 2.7 ID : D06C 2.8 Count : 1 2.9 Status : New 2.10 Note : User: ------------------------------------------------------- 3.1 ID : FormidableCA 3.2 Name : Windows User 3.3 Email : 3.4 Company : 3.5 Privileges: SeAssignPrimaryTokenPrivilege - OFF SeIncreaseQuotaPrivilege - OFF SeAuditPrivilege - OFF SeChangeNotifyPrivilege - ON SeImpersonatePrivilege - ON SeCreateGlobalPrivilege - ON SeIncreaseWorkingSetPrivilege - OFF Computer: --------------------------------------------------------------------- 5.1 Name : PROD-WEB-01 5.2 Total Memory : 4095 Mb 5.3 Free Memory : 742 Mb 5.4 Total Disk : 49,45 Gb 5.5 Free Disk : 16,81 Gb 5.6 System Up Time: 25 days, 21 hours, 28 minutes, 20 seconds 5.7 Processor : Intel Core Processor (Broadwell) 5.8 Display Mode : 1024 x 768, 32 bit 5.9 Display DPI : 96 5.10 Video Card : (driver ) 5.11 Printer : Microsoft Print To PDF (driver 10.0.20348.2322) Operating System: ----------------------------------------------- 6.1 Type : Microsoft Windows 10.0 (64 bit) 6.2 Build # : 20348 6.3 Update : 6.4 Language: English 6.5 Charset : 0 Network: --------------------------------- 7.1 IP Address: 192.168.000.012 7.2 Submask : 255.255.255.000 7.3 Gateway : 192.168.000.001 7.4 DNS 1 : 192.168.000.013 7.5 DNS 2 : 000.000.000.000 7.6 DHCP : ON Call Stack Information: ----------------------------------------------------------------------------------------- |Address |Module |Unit |Class |Procedure/Method |Line | ----------------------------------------------------------------------------------------- |*Exception Thread: ID=6212; Priority=0; Class= | |---------------------------------------------------------------------------------------| |066BB4EC|FMLic.dll | | | | | |067AD8B7|FMLic.dll |Main.pas|TwaFMLic|ppWHTMLTag |592[27] | |067BE8A8|FMLic.dll |Main.pas|TwaFMLic|waFMLicwaShowPageAction |2632[20]| |761867F7|KERNEL32.DLL | | |BaseThreadInitThunk | | |---------------------------------------------------------------------------------------| |Calling Thread: ID=9448; Priority=0; Class=; [Main] | |---------------------------------------------------------------------------------------| |064F13C5|FMLic.dll | | |HttpExtensionProc | | |77641560|ntdll.dll | | |RtlTryEnterCriticalSection | | |77624F20|ntdll.dll | | |RtlGetCurrentServiceSessionId | | |77617270|ntdll.dll | | |RtlQueryInformationActivationContext| | |77627589|ntdll.dll | | |RtlAllocateHeap | | |761867F7|KERNEL32.DLL | | |BaseThreadInitThunk | | |---------------------------------------------------------------------------------------| | | |Running Thread: ID=9448; Priority=0; Class=; [Main] | |---------------------------------------------------------------------------------------| |756B1464|KERNELBASE.dll| | |GetQueuedCompletionStatus | | |761867F7|KERNEL32.DLL | | |BaseThreadInitThunk | | |---------------------------------------------------------------------------------------| | | |Running Thread: ID=9692; Priority=0; Class= | |---------------------------------------------------------------------------------------| |756B1464|KERNELBASE.dll| | |GetQueuedCompletionStatus | | |76181CD0|KERNEL32.DLL | | |TlsGetValue | | |76192AE0|KERNEL32.DLL | | |PostQueuedCompletionStatus | | |76193870|KERNEL32.DLL | | |BaseFormatObjectAttributes | | |761867F7|KERNEL32.DLL | | |BaseThreadInitThunk | | |---------------------------------------------------------------------------------------| |Calling Thread: ID=9448; Priority=0; Class=; [Main] | |---------------------------------------------------------------------------------------| |064F13C5|FMLic.dll | | |HttpExtensionProc | | |77641560|ntdll.dll | | |RtlTryEnterCriticalSection | | |77624F20|ntdll.dll | | |RtlGetCurrentServiceSessionId | | |77617270|ntdll.dll | | |RtlQueryInformationActivationContext| | |77627589|ntdll.dll | | |RtlAllocateHeap | | |761867F7|KERNEL32.DLL | | |BaseThreadInitThunk | | |---------------------------------------------------------------------------------------| | | |Running Thread: ID=4816; Priority=0; Class= | |---------------------------------------------------------------------------------------| |756B1464|KERNELBASE.dll| | |GetQueuedCompletionStatus | | |76181CD0|KERNEL32.DLL | | |TlsGetValue | | |76192AE0|KERNEL32.DLL | | |PostQueuedCompletionStatus | | |76193870|KERNEL32.DLL | | |BaseFormatObjectAttributes | | |761867F7|KERNEL32.DLL | | |BaseThreadInitThunk | | |---------------------------------------------------------------------------------------| |Calling Thread: ID=9448; Priority=0; Class=; [Main] | |---------------------------------------------------------------------------------------| |064F13C5|FMLic.dll | | |HttpExtensionProc | | |77641560|ntdll.dll | | |RtlTryEnterCriticalSection | | |77624F20|ntdll.dll | | |RtlGetCurrentServiceSessionId | | |77617270|ntdll.dll | | |RtlQueryInformationActivationContext| | |77627589|ntdll.dll | | |RtlAllocateHeap | | |761867F7|KERNEL32.DLL | | |BaseThreadInitThunk | | |---------------------------------------------------------------------------------------| | | |Running Thread: ID=6512; Priority=0; Class= | |---------------------------------------------------------------------------------------| |756B1464|KERNELBASE.dll| | |GetQueuedCompletionStatus | | |76181CD0|KERNEL32.DLL | | |TlsGetValue | | |76192AE0|KERNEL32.DLL | | |PostQueuedCompletionStatus | | |76193870|KERNEL32.DLL | | |BaseFormatObjectAttributes | | |761867F7|KERNEL32.DLL | | |BaseThreadInitThunk | | |---------------------------------------------------------------------------------------| |Calling Thread: ID=9448; Priority=0; Class=; [Main] | |---------------------------------------------------------------------------------------| |064F13C5|FMLic.dll | | |HttpExtensionProc | | |77641560|ntdll.dll | | |RtlTryEnterCriticalSection | | |77624F20|ntdll.dll | | |RtlGetCurrentServiceSessionId | | |77617270|ntdll.dll | | |RtlQueryInformationActivationContext| | |77627589|ntdll.dll | | |RtlAllocateHeap | | |761867F7|KERNEL32.DLL | | |BaseThreadInitThunk | | |---------------------------------------------------------------------------------------| | | |Running Thread: ID=5272; Priority=0; Class= | |---------------------------------------------------------------------------------------| |756B1464|KERNELBASE.dll| | |GetQueuedCompletionStatus | | |76181CD0|KERNEL32.DLL | | |TlsGetValue | | |76192AE0|KERNEL32.DLL | | |PostQueuedCompletionStatus | | |76193870|KERNEL32.DLL | | |BaseFormatObjectAttributes | | |761867F7|KERNEL32.DLL | | |BaseThreadInitThunk | | |---------------------------------------------------------------------------------------| |Calling Thread: ID=9448; Priority=0; Class=; [Main] | |---------------------------------------------------------------------------------------| |064F13C5|FMLic.dll | | |HttpExtensionProc | | |77641560|ntdll.dll | | |RtlTryEnterCriticalSection | | |77624F20|ntdll.dll | | |RtlGetCurrentServiceSessionId | | |77617270|ntdll.dll | | |RtlQueryInformationActivationContext| | |77627589|ntdll.dll | | |RtlAllocateHeap | | |761867F7|KERNEL32.DLL | | |BaseThreadInitThunk | | |---------------------------------------------------------------------------------------| | | |Running Thread: ID=8784; Priority=0; Class= | |---------------------------------------------------------------------------------------| |756B1464|KERNELBASE.dll| | |GetQueuedCompletionStatus | | |76181CD0|KERNEL32.DLL | | |TlsGetValue | | |76192AE0|KERNEL32.DLL | | |PostQueuedCompletionStatus | | |76193870|KERNEL32.DLL | | |BaseFormatObjectAttributes | | |761867F7|KERNEL32.DLL | | |BaseThreadInitThunk | | |---------------------------------------------------------------------------------------| |Calling Thread: ID=9448; Priority=0; Class=; [Main] | |---------------------------------------------------------------------------------------| |064F13C5|FMLic.dll | | |HttpExtensionProc | | |77641560|ntdll.dll | | |RtlTryEnterCriticalSection | | |77624F20|ntdll.dll | | |RtlGetCurrentServiceSessionId | | |77617270|ntdll.dll | | |RtlQueryInformationActivationContext| | |77627589|ntdll.dll | | |RtlAllocateHeap | | |761867F7|KERNEL32.DLL | | |BaseThreadInitThunk | | |---------------------------------------------------------------------------------------| | | |Running Thread: ID=5028; Priority=0; Class= | |---------------------------------------------------------------------------------------| |756B1464|KERNELBASE.dll| | |GetQueuedCompletionStatus | | |76181CD0|KERNEL32.DLL | | |TlsGetValue | | |76192AE0|KERNEL32.DLL | | |PostQueuedCompletionStatus | | |76193870|KERNEL32.DLL | | |BaseFormatObjectAttributes | | |761867F7|KERNEL32.DLL | | |BaseThreadInitThunk | | |---------------------------------------------------------------------------------------| |Calling Thread: ID=9448; Priority=0; Class=; [Main] | |---------------------------------------------------------------------------------------| |064F13C5|FMLic.dll | | |HttpExtensionProc | | |77641560|ntdll.dll | | |RtlTryEnterCriticalSection | | |77624F20|ntdll.dll | | |RtlGetCurrentServiceSessionId | | |77617270|ntdll.dll | | |RtlQueryInformationActivationContext| | |77627589|ntdll.dll | | |RtlAllocateHeap | | |761867F7|KERNEL32.DLL | | |BaseThreadInitThunk | | |---------------------------------------------------------------------------------------| | | |Running Thread: ID=2164; Priority=0; Class= | |---------------------------------------------------------------------------------------| |756B1464|KERNELBASE.dll| | |GetQueuedCompletionStatus | | |76181CD0|KERNEL32.DLL | | |TlsGetValue | | |76192AE0|KERNEL32.DLL | | |PostQueuedCompletionStatus | | |76193870|KERNEL32.DLL | | |BaseFormatObjectAttributes | | |761867F7|KERNEL32.DLL | | |BaseThreadInitThunk | | |---------------------------------------------------------------------------------------| |Calling Thread: ID=9448; Priority=0; Class=; [Main] | |---------------------------------------------------------------------------------------| |064F13C5|FMLic.dll | | |HttpExtensionProc | | |77641560|ntdll.dll | | |RtlTryEnterCriticalSection | | |77624F20|ntdll.dll | | |RtlGetCurrentServiceSessionId | | |77617270|ntdll.dll | | |RtlQueryInformationActivationContext| | |77627589|ntdll.dll | | |RtlAllocateHeap | | |761867F7|KERNEL32.DLL | | |BaseThreadInitThunk | | |---------------------------------------------------------------------------------------| | | |Running Thread: ID=7464; Priority=0; Class= | |---------------------------------------------------------------------------------------| |756B1464|KERNELBASE.dll| | |GetQueuedCompletionStatus | | |76181CD0|KERNEL32.DLL | | |TlsGetValue | | |76192AE0|KERNEL32.DLL | | |PostQueuedCompletionStatus | | |76193870|KERNEL32.DLL | | |BaseFormatObjectAttributes | | |761867F7|KERNEL32.DLL | | |BaseThreadInitThunk | | |---------------------------------------------------------------------------------------| |Calling Thread: ID=9448; Priority=0; Class=; [Main] | |---------------------------------------------------------------------------------------| |064F13C5|FMLic.dll | | |HttpExtensionProc | | |77641560|ntdll.dll | | |RtlTryEnterCriticalSection | | |77624F20|ntdll.dll | | |RtlGetCurrentServiceSessionId | | |77617270|ntdll.dll | | |RtlQueryInformationActivationContext| | |77627589|ntdll.dll | | |RtlAllocateHeap | | |761867F7|KERNEL32.DLL | | |BaseThreadInitThunk | | |---------------------------------------------------------------------------------------| | | |Running Thread: ID=5264; Priority=0; Class= | |---------------------------------------------------------------------------------------| |756B1464|KERNELBASE.dll| | |GetQueuedCompletionStatus | | |76181CD0|KERNEL32.DLL | | |TlsGetValue | | |76192AE0|KERNEL32.DLL | | |PostQueuedCompletionStatus | | |76193870|KERNEL32.DLL | | |BaseFormatObjectAttributes | | |761867F7|KERNEL32.DLL | | |BaseThreadInitThunk | | |---------------------------------------------------------------------------------------| |Calling Thread: ID=9448; Priority=0; Class=; [Main] | |---------------------------------------------------------------------------------------| |064F13C5|FMLic.dll | | |HttpExtensionProc | | |77641560|ntdll.dll | | |RtlTryEnterCriticalSection | | |77624F20|ntdll.dll | | |RtlGetCurrentServiceSessionId | | |77617270|ntdll.dll | | |RtlQueryInformationActivationContext| | |77627589|ntdll.dll | | |RtlAllocateHeap | | |761867F7|KERNEL32.DLL | | |BaseThreadInitThunk | | |---------------------------------------------------------------------------------------| | | |Running Thread: ID=8600; Priority=0; Class= | |---------------------------------------------------------------------------------------| |756B1464|KERNELBASE.dll| | |GetQueuedCompletionStatus | | |76181CD0|KERNEL32.DLL | | |TlsGetValue | | |76192AE0|KERNEL32.DLL | | |PostQueuedCompletionStatus | | |76193870|KERNEL32.DLL | | |BaseFormatObjectAttributes | | |761867F7|KERNEL32.DLL | | |BaseThreadInitThunk | | |---------------------------------------------------------------------------------------| |Calling Thread: ID=9448; Priority=0; Class=; [Main] | |---------------------------------------------------------------------------------------| |064F13C5|FMLic.dll | | |HttpExtensionProc | | |77641560|ntdll.dll | | |RtlTryEnterCriticalSection | | |77624F20|ntdll.dll | | |RtlGetCurrentServiceSessionId | | |77617270|ntdll.dll | | |RtlQueryInformationActivationContext| | |77627589|ntdll.dll | | |RtlAllocateHeap | | |761867F7|KERNEL32.DLL | | |BaseThreadInitThunk | | |---------------------------------------------------------------------------------------| | | |Running Thread: ID=388; Priority=0; Class= | |---------------------------------------------------------------------------------------| |756B1464|KERNELBASE.dll| | |GetQueuedCompletionStatus | | |76181CD0|KERNEL32.DLL | | |TlsGetValue | | |76192AE0|KERNEL32.DLL | | |PostQueuedCompletionStatus | | |76193870|KERNEL32.DLL | | |BaseFormatObjectAttributes | | |761867F7|KERNEL32.DLL | | |BaseThreadInitThunk | | |---------------------------------------------------------------------------------------| |Calling Thread: ID=9448; Priority=0; Class=; [Main] | |---------------------------------------------------------------------------------------| |064F13C5|FMLic.dll | | |HttpExtensionProc | | |77641560|ntdll.dll | | |RtlTryEnterCriticalSection | | |77624F20|ntdll.dll | | |RtlGetCurrentServiceSessionId | | |77617270|ntdll.dll | | |RtlQueryInformationActivationContext| | |77627589|ntdll.dll | | |RtlAllocateHeap | | |761867F7|KERNEL32.DLL | | |BaseThreadInitThunk | | |---------------------------------------------------------------------------------------| | | |Running Thread: ID=7704; Priority=0; Class= | |---------------------------------------------------------------------------------------| |756B1464|KERNELBASE.dll| | |GetQueuedCompletionStatus | | |76181CD0|KERNEL32.DLL | | |TlsGetValue | | |76192AE0|KERNEL32.DLL | | |PostQueuedCompletionStatus | | |76193870|KERNEL32.DLL | | |BaseFormatObjectAttributes | | |761867F7|KERNEL32.DLL | | |BaseThreadInitThunk | | |---------------------------------------------------------------------------------------| |Calling Thread: ID=9448; Priority=0; Class=; [Main] | |---------------------------------------------------------------------------------------| |064F13C5|FMLic.dll | | |HttpExtensionProc | | |77641560|ntdll.dll | | |RtlTryEnterCriticalSection | | |77624F20|ntdll.dll | | |RtlGetCurrentServiceSessionId | | ----------------------------------------------------------------------------------------- Modules Information: ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |Handle |Name |Description |Version |Size |Modified |Path | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |00800000|IISRES.DLL |IIS Resource DLL |10.0.20348.825 |231936 |2022-08-05 10:00:50|C:\WINDOWS\System32\inetsrv | |00870000|w3wp.exe |IIS Worker Process |10.0.20348.1 |24576 |2022-08-05 10:00:46|C:\WINDOWS\SysWOW64\inetsrv | |05BC0000|CDEContent.dll | | |1353216|2022-08-12 17:38:00|C:\WebSites\scripts | |060D0000|security.dll |Security Support Provider Interface |10.0.20348.1 |5120 |2021-05-08 09:14:02|C:\WINDOWS\SYSTEM32 | |060E0000|msadcer.dll |OLE DB Cursor Engine Resources |10.0.20348.1 |2560 |2021-05-08 09:13:58|C:\Program Files (x86)\Common Files\System\msadc | |06460000|FMLic.dll | | |4799488|2022-08-12 11:42:54|C:\WebSites\formidableca | |074F0000|SQLOLEDB.RLL |OLE DB Provider for SQL Server Resources |10.0.20348.1 |4608 |2021-05-08 09:13:58|C:\Program Files (x86)\Common Files\System\Ole DB | |71E10000|wininet.dll |Internet Extensions for Win32 |11.0.20348.1850 |4666120|2023-07-18 09:03:16|C:\WINDOWS\SYSTEM32 | |72540000|MSASN1.dll |ASN.1 Runtime APIs |10.0.20348.1249 |52168 |2022-11-10 09:24:26|C:\WINDOWS\SYSTEM32 | |725E0000|cryptnet.dll |Crypto Network Related API |10.0.20348.1 |137728 |2021-05-08 09:14:04|C:\WINDOWS\SYSTEM32 | |726E0000|ncryptsslp.dll |Microsoft SChannel Provider |10.0.20348.1668 |120336 |2023-06-05 13:43:12|C:\WINDOWS\system32 | |72700000|mskeyprotect.dll |Microsoft Key Protection Provider |10.0.20348.2031 |50688 |2023-10-17 11:38:04|C:\WINDOWS\SYSTEM32 | |72730000|schannel.dll |TLS / SSL Security Provider |10.0.20348.2322 |526336 |2024-02-22 11:12:12|C:\WINDOWS\System32 | |729E0000|msadce.dll |OLE DB Cursor Engine |10.0.20348.1 |619520 |2021-05-08 09:15:12|C:\Program Files (x86)\Common Files\System\msadc | |72A80000|msv1_0.DLL |Microsoft Authentication Package v1.0 |10.0.20348.2340 |455136 |2024-03-18 09:06:28|C:\WINDOWS\System32 | |72B00000|Comctl32.dll |User Experience Controls Library |6.10.20348.2110 |2227688|2023-12-02 07:47:36|C:\WINDOWS\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.20348.2110_none_dc2187af036fbf03 | |72D30000|dssenh.dll |Microsoft Enhanced DSS and Diffie-Hellman Cryptographic Provider|10.0.20348.169 |135816 |2022-07-04 18:50:10|C:\WINDOWS\system32 | |72D60000|dwmapi.dll |Microsoft Desktop Window Manager API |10.0.20348.2110 |139096 |2023-12-14 08:51:26|C:\WINDOWS\SYSTEM32 | |72D90000|sqloledb.dll |OLE DB Provider for SQL Server |10.0.20348.2340 |832000 |2024-03-18 09:06:34|C:\Program Files (x86)\Common Files\System\Ole DB | |72E60000|comsvcs.dll |COM+ Services |2001.12.10941.16384|1409024|2024-03-18 09:06:26|C:\Windows\System32 | |72FD0000|oledb32.dll |OLE DB Core Services |10.0.20348.2322 |865280 |2024-02-22 11:12:12|C:\Program Files (x86)\Common Files\System\Ole DB | |73710000|clr.dll |Microsoft .NET Runtime Common Language Runtime - WorkStation |4.8.4645.0 |8658824|2023-06-18 23:56:50|C:\Windows\Microsoft.NET\Framework\v4.0.30319 | |73FC0000|msado15.dll |ActiveX Data Objects |10.0.20348.2322 |1124864|2024-02-22 11:12:18|C:\Program Files (x86)\Common Files\System\ado | |740E0000|comctl32.dll |Common Controls Library |5.82.20348.2110 |581096 |2023-12-02 07:47:36|C:\WINDOWS\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.20348.2110_none_7f20e14a2add3406| |74180000|msimg32.dll |GDIEXT Client DLL |10.0.20348.469 |7168 |2022-07-04 18:50:12|C:\WINDOWS\SYSTEM32 | |74280000|wsock32.dll |Windows Socket 32-Bit DLL |10.0.20348.1 |16896 |2021-05-08 09:14:02|C:\WINDOWS\SYSTEM32 | |74290000|DSPARSE.DLL |Active Directory Domain Services API |10.0.20348.1487 |23552 |2023-01-16 10:04:42|C:\WINDOWS\SYSTEM32 | |742B0000|ntdsapi.dll |Active Directory Domain Services API |10.0.20348.1487 |99328 |2023-01-16 10:04:40|C:\WINDOWS\SYSTEM32 | |742D0000|cryptdll.dll |Cryptography Manager |10.0.20348.1 |57336 |2021-05-08 09:14:04|C:\WINDOWS\SYSTEM32 | |742F0000|UxTheme.dll |Microsoft UxTheme Library |10.0.20348.2227 |486912 |2024-01-16 09:39:54|C:\WINDOWS\SYSTEM32 | |743F0000|fwpuclnt.dll |FWP/IPsec User-Mode API |10.0.20348.2340 |358400 |2024-03-18 09:06:26|C:\WINDOWS\System32 | |74450000|rasadhlp.dll |Remote Access AutoDial Helper |10.0.20348.1 |13312 |2021-05-08 09:15:10|C:\Windows\System32 | |74460000|CRYPTBASE.dll |Base cryptographic API DLL |10.0.20348.1 |32064 |2021-05-08 09:14:00|C:\WINDOWS\SYSTEM32 | |74470000|rsaenh.dll |Microsoft Enhanced Cryptographic Provider |10.0.20348.169 |186936 |2022-07-04 18:50:10|C:\WINDOWS\system32 | |744A0000|CRYPTSP.dll |Cryptographic Service Provider API |10.0.20348.2110 |82768 |2023-12-14 08:51:26|C:\WINDOWS\SYSTEM32 | |744C0000|mswsock.dll |Microsoft Windows Sockets 2.0 Service Provider |10.0.20348.1 |323400 |2021-05-08 09:14:00|C:\WINDOWS\System32 | |74520000|kernel.appcore.dll |AppModel API Host |10.0.20348.1 |67632 |2021-05-08 09:14:02|C:\WINDOWS\SYSTEM32 | |74540000|DNSAPI.dll |DNS Client API DLL |10.0.20348.2322 |669416 |2024-02-22 11:12:10|C:\WINDOWS\SYSTEM32 | |745F0000|IPHLPAPI.DLL |IP Helper API |10.0.20348.2227 |142064 |2024-01-16 09:39:58|C:\WINDOWS\SYSTEM32 | |74670000|NtlmShared.dll |NTLM Shared Functionality |10.0.20348.1668 |34680 |2023-06-05 13:43:12|C:\WINDOWS\SYSTEM32 | |74680000|SECUR32.DLL |Security Support Provider Interface |10.0.20348.2110 |20480 |2023-12-14 08:51:28|C:\WINDOWS\SYSTEM32 | |74690000|DBNETLIB.DLL |Winsock Oriented Net DLL for SQL Clients |10.0.20348.1 |109568 |2021-05-08 09:13:58|C:\WINDOWS\SYSTEM32 | |746B0000|NETAPI32.dll |Net Win32 API DLL |10.0.20348.1129 |74872 |2022-10-18 10:12:32|C:\WINDOWS\SYSTEM32 | |746F0000|DPAPI.DLL |Data Protection API |10.0.20348.2110 |13312 |2023-12-14 08:51:26|C:\WINDOWS\SYSTEM32 | |74700000|netbios.dll |NetBIOS Interface Library |10.0.20348.1 |15872 |2021-05-08 09:14:00|C:\WINDOWS\SYSTEM32 | |74710000|MSDATL3.dll |OLE DB Implementation Support Routines |10.0.20348.1 |101888 |2021-05-08 09:13:58|C:\Program Files (x86)\Common Files\System\Ole DB | |74730000|MSDART.DLL |OLE DB Runtime Routines |10.0.20348.1 |136192 |2021-05-08 09:13:58|C:\WINDOWS\SYSTEM32 | |74760000|gzip.dll |GZIP Compression DLL |10.0.20348.1 |29184 |2022-08-05 10:00:58|C:\WINDOWS\system32\inetsrv | |74770000|validcfg.dll |Configuration Validation Module |10.0.20348.1 |17920 |2022-08-22 17:05:16|C:\WINDOWS\System32\inetsrv | |74780000|warmup.dll |HTTP Application Warmup Handler |10.0.20348.1 |28672 |2022-08-05 10:00:48|C:\WINDOWS\System32\inetsrv | |74790000|iisfcgi.dll |FastCGI handler |10.0.20348.1 |74240 |2022-08-05 10:00:50|C:\WINDOWS\System32\inetsrv | |747B0000|cgi.dll |CGI handler |10.0.20348.1 |38912 |2022-08-05 10:00:50|C:\WINDOWS\System32\inetsrv | |747C0000|filter.dll |ISAPI filter module |10.0.20348.1 |56832 |2022-08-05 10:00:48|C:\WINDOWS\System32\inetsrv | |747E0000|isapi.dll |IIS ISAPI Handler |10.0.20348.2031 |111616 |2023-10-17 11:38:18|C:\WINDOWS\System32\inetsrv | |74800000|iisreqs.dll |IIS request monitor |10.0.20348.1 |15872 |2022-08-05 10:00:40|C:\WINDOWS\System32\inetsrv | |74810000|iisfreb.dll |Failed requests event buffering module |10.0.20348.1 |161280 |2022-08-05 10:00:54|C:\WINDOWS\System32\inetsrv | |74840000|iisetw.dll |ETW tracing support module |10.0.20348.1 |131072 |2022-08-05 10:00:54|C:\WINDOWS\System32\inetsrv | |74870000|netutils.dll |Net Win32 API Helpers DLL |10.0.20348.469 |38184 |2022-07-04 18:50:10|C:\WINDOWS\SYSTEM32 | |74880000|custerr.dll |Custom error handler |10.0.20348.1 |40448 |2022-08-05 10:01:00|C:\WINDOWS\System32\inetsrv | |74890000|logcust.dll |IIS custom logging module |10.0.20348.1 |21504 |2022-08-05 10:00:54|C:\WINDOWS\System32\inetsrv | |748A0000|modrqflt.dll |Request filtering handler |10.0.20348.1 |39936 |2022-08-05 10:00:50|C:\WINDOWS\System32\inetsrv | |748B0000|diprestr.dll |Dynamic IP Restriction Module |10.0.20348.1 |33280 |2022-08-05 10:00:42|C:\WINDOWS\System32\inetsrv | |748C0000|iprestr.dll |IP restriction module |10.0.20348.1 |25600 |2022-08-05 10:00:42|C:\WINDOWS\System32\inetsrv | |748D0000|authmap.dll |IIS certmap authentication provider |10.0.20348.2031 |40448 |2023-10-17 11:38:18|C:\WINDOWS\System32\inetsrv | |748E0000|authmd5.dll |Digest authentication provider |10.0.20348.1 |35840 |2022-08-05 10:00:44|C:\WINDOWS\System32\inetsrv | |748F0000|wkscli.dll |Workstation Service Client DLL |10.0.20348.2340 |68296 |2024-03-18 09:06:28|C:\WINDOWS\SYSTEM32 | |74910000|authsspi.dll |SSPI authentication provider |10.0.20348.1 |47616 |2022-08-05 10:00:50|C:\WINDOWS\System32\inetsrv | |74920000|authbas.dll |basic authentication provider |10.0.20348.2031 |33792 |2023-10-17 11:38:18|C:\WINDOWS\System32\inetsrv | |74930000|urlauthz.dll |Url Authorization Module |10.0.20348.1 |20992 |2022-08-05 10:00:48|C:\WINDOWS\System32\inetsrv | |74940000|authcert.dll |AD certmap authentication provider |10.0.20348.2031 |24064 |2023-10-17 11:38:18|C:\WINDOWS\System32\inetsrv | |74950000|authanon.dll |anonymous authentication provider |10.0.20348.2031 |32256 |2023-10-17 11:38:18|C:\WINDOWS\System32\inetsrv | |74960000|static.dll |Static file handler |10.0.20348.1 |32768 |2022-08-05 10:00:40|C:\WINDOWS\System32\inetsrv | |74970000|iis_ssi.dll |Microsoft Server Side Include Extension |10.0.20348.1 |29696 |2022-08-05 10:00:56|C:\WINDOWS\System32\inetsrv | |74980000|redirect.dll |http redirection |10.0.20348.1 |19456 |2022-08-05 10:00:40|C:\WINDOWS\System32\inetsrv | |74990000|protsup.dll |Protocol Support handler |10.0.20348.1 |22528 |2022-08-05 10:00:50|C:\WINDOWS\System32\inetsrv | |749A0000|dirlist.dll |Directory Listing handler |10.0.20348.1 |21504 |2022-08-05 10:00:50|C:\WINDOWS\System32\inetsrv | |749B0000|defdoc.dll |Default Document handler |10.0.20348.1 |17920 |2022-08-05 10:00:58|C:\WINDOWS\System32\inetsrv | |749C0000|compstat.dll |Static compression module |10.0.20348.1 |44032 |2022-08-05 10:00:56|C:\WINDOWS\System32\inetsrv | |749D0000|compdyn.dll |Dynamic compression module |10.0.20348.1 |34304 |2022-08-05 10:00:54|C:\WINDOWS\System32\inetsrv | |749E0000|cachhttp.dll |Http cache provider |10.0.20348.825 |44544 |2022-08-05 10:00:50|C:\WINDOWS\System32\inetsrv | |749F0000|cachtokn.dll |token cache provider |10.0.20348.2031 |13312 |2023-10-17 11:38:18|C:\WINDOWS\System32\inetsrv | |74A00000|cachfile.dll |File cache provider |10.0.20348.2031 |19456 |2023-10-17 11:38:18|C:\WINDOWS\System32\inetsrv | |74A10000|cachuri.dll |URI cache provider |10.0.20348.2031 |11776 |2023-10-17 11:38:18|C:\WINDOWS\System32\inetsrv | |74A20000|loghttp.dll |HTTP Logging module |10.0.20348.1 |31232 |2022-08-05 10:00:46|C:\WINDOWS\System32\inetsrv | |74A30000|wshbth.dll |Windows Sockets Helper DLL |10.0.20348.1 |51712 |2021-05-08 09:15:06|C:\WINDOWS\system32 | |74A50000|nlansp_c.dll |NLA Namespace Service Provider DLL |10.0.20348.1 |84480 |2021-05-08 09:14:02|C:\WINDOWS\system32 | |74A70000|SspiCli.dll |Security Support Provider Interface |10.0.20348.2340 |166880 |2024-03-18 09:06:36|C:\WINDOWS\SYSTEM32 | |74AA0000|winrnr.dll |LDAP RnR Provider DLL |10.0.20348.1 |44440 |2021-05-08 09:15:08|C:\WINDOWS\System32 | |74AB0000|napinsp.dll |E-mail Naming Shim Provider |10.0.20348.1 |67632 |2021-05-08 09:15:02|C:\WINDOWS\system32 | |74AD0000|HTTPAPI.dll |HTTP Protocol Stack API |10.0.20348.2031 |40424 |2023-10-17 11:38:06|C:\WINDOWS\SYSTEM32 | |74AE0000|w3dt.dll |IIS Worker Process/Http.sys Interface |10.0.20348.2322 |96256 |2024-02-22 11:12:34|C:\WINDOWS\System32\inetsrv | |74B00000|W3TP.dll |IIS Thread Pool Library |10.0.20348.1 |22528 |2022-08-05 10:00:58|C:\WINDOWS\System32\inetsrv | |74B10000|iiscore.dll |IIS Web Server Core |10.0.20348.2322 |260608 |2024-02-22 11:12:34|C:\WINDOWS\system32\inetsrv | |74B60000|mscoreei.dll |Microsoft .NET Runtime Execution Engine |4.8.4380.0 |574344 |2022-07-04 18:43:28|C:\Windows\Microsoft.NET\Framework\v4.0.30319 | |74BF0000|mscoree.dll |Microsoft .NET Runtime Execution Engine |10.0.20348.1 |323072 |2021-05-08 09:13:58|C:\WINDOWS\SYSTEM32 | |74C50000|ucrtbase_clr0400.dll |Microsoft® C Runtime Library |14.10.25028.0 |702400 |2021-05-08 09:16:08|C:\WINDOWS\SYSTEM32 | |74D00000|VCRUNTIME140_CLR0400.dll|Microsoft® C Runtime Library |14.10.25028.0 |83768 |2021-05-08 09:16:08|C:\WINDOWS\SYSTEM32 | |74D20000|webengine4.dll |Microsoft ASP.NET Support DLL |4.8.4700.0 |565680 |2023-12-28 02:56:40|C:\Windows\Microsoft.NET\Framework\v4.0.30319 | |74DB0000|mlang.dll |Multi Language Support DLL |10.0.20348.1 |202240 |2021-05-08 09:14:02|C:\WINDOWS\system32 | |74DF0000|NTASN1.dll |Microsoft ASN.1 API |10.0.20348.1 |162632 |2021-05-08 09:14:04|C:\WINDOWS\SYSTEM32 | |74E20000|ktmw32.dll |Windows KTM Win32 Client DLL |10.0.20348.1 |21504 |2021-05-08 09:14:00|C:\WINDOWS\SYSTEM32 | |74E30000|XmlLite.dll |Microsoft XmlLite Library |10.0.20348.143 |175080 |2022-07-04 18:50:12|C:\WINDOWS\SYSTEM32 | |74E60000|ncrypt.dll |Windows NCrypt Router |10.0.20348.2340 |150424 |2024-03-18 09:06:28|C:\WINDOWS\SYSTEM32 | |74E90000|nativerd.dll |Native Code Configuration Reader |10.0.20348.825 |387072 |2022-08-05 10:00:50|C:\WINDOWS\System32\inetsrv | |74F00000|w3wphost.dll |WAS App Hosting library |10.0.20348.1 |64512 |2022-08-05 10:00:58|C:\WINDOWS\System32\inetsrv | |74F20000|ntmarta.dll |Windows NT MARTA provider |10.0.20348.1 |155976 |2021-05-08 09:14:04|C:\WINDOWS\SYSTEM32 | |74F50000|iisutil.dll |IISUTIL |10.0.20348.825 |243200 |2022-08-05 10:00:50|C:\WINDOWS\System32\inetsrv | |74FA0000|VERSION.dll |Version Checking and File Installation Libraries |10.0.20348.2110 |29032 |2023-12-14 08:51:28|C:\WINDOWS\SYSTEM32 | |75050000|USERENV.dll |Userenv |10.0.20348.1850 |148264 |2023-07-18 09:03:16|C:\WINDOWS\SYSTEM32 | |753D0000|shcore.dll |SHCORE |10.0.20348.643 |729840 |2022-07-04 18:50:10|C:\WINDOWS\System32 | |75490000|sechost.dll |Host for SCM/SDDL/LSA Lookup APIs |10.0.20348.2340 |509840 |2024-03-18 09:06:36|C:\WINDOWS\System32 | |75510000|SHLWAPI.dll |Shell Light-weight Utility Library |10.0.20348.2110 |307952 |2023-12-14 08:51:28|C:\WINDOWS\System32 | |75560000|KERNELBASE.dll |Windows NT BASE API Client DLL |10.0.20348.2340 |2432232|2024-03-18 09:06:04|C:\WINDOWS\System32 | |757C0000|RPCRT4.dll |Remote Procedure Call Runtime |10.0.20348.2322 |770632 |2024-02-22 11:12:20|C:\WINDOWS\System32 | |75880000|combase.dll |Microsoft COM for Windows |10.0.20348.2340 |2662024|2024-03-18 09:06:26|C:\WINDOWS\System32 | |75B10000|msvcrt.dll |Windows NT CRT DLL |7.0.20348.1 |787136 |2021-05-08 09:14:00|C:\WINDOWS\System32 | |75C90000|bcryptPrimitives.dll |Windows Cryptographic Primitives Library |10.0.20348.2340 |407560 |2024-03-18 09:06:02|C:\WINDOWS\System32 | |75D00000|advapi32.dll |Advanced Windows 32 Base API |10.0.20348.2340 |510312 |2024-03-18 09:06:36|C:\WINDOWS\System32 | |75E40000|win32u.dll |Win32u |10.0.20348.2322 |102304 |2024-02-22 11:12:08|C:\WINDOWS\System32 | |75E60000|GDI32.dll |GDI Client DLL |10.0.20348.2322 |139600 |2024-02-22 11:12:08|C:\WINDOWS\System32 | |75E90000|clbcatq.dll |COM+ Configuration Catalog |2001.12.10941.16384|520080 |2023-01-16 10:04:42|C:\WINDOWS\System32 | |75FB0000|OLEAUT32.dll |OLEAUT32.DLL |10.0.20348.1850 |630656 |2023-07-18 09:03:16|C:\WINDOWS\System32 | |76060000|CRYPT32.dll |Crypto API32 |10.0.20348.2227 |1050584|2024-01-16 09:40:00|C:\WINDOWS\System32 | |76170000|KERNEL32.DLL |Windows NT BASE API Client DLL |10.0.20348.2340 |641896 |2024-03-18 09:06:22|C:\WINDOWS\System32 | |76260000|bcrypt.dll |Windows Cryptographic Primitives Library |10.0.20348.2340 |99280 |2024-03-18 09:06:26|C:\WINDOWS\System32 | |76280000|NSI.dll |NSI User-mode interface DLL |10.0.20348.2113 |21864 |2023-12-14 08:51:02|C:\WINDOWS\System32 | |76290000|WS2_32.dll |Windows Socket 2.0 32-Bit DLL |10.0.20348.261 |410104 |2022-07-04 18:50:20|C:\WINDOWS\System32 | |76440000|ole32.dll |Microsoft OLE for Windows |10.0.20348.2031 |953104 |2023-10-17 11:38:04|C:\WINDOWS\System32 | |76530000|shell32.dll |Windows Shell Common Dll |10.0.20348.2340 |6150616|2024-03-18 09:06:28|C:\WINDOWS\System32 | |76B10000|PSAPI.DLL |Process Status Helper |10.0.20348.2110 |18192 |2023-12-14 08:51:24|C:\WINDOWS\System32 | |77130000|msvcp_win.dll |Microsoft® C Runtime Library |10.0.20348.1 |508744 |2021-05-08 09:14:04|C:\WINDOWS\System32 | |77210000|gdi32full.dll |GDI Client DLL |10.0.20348.2340 |938624 |2024-03-18 09:06:28|C:\WINDOWS\System32 | |77300000|ucrtbase.dll |Microsoft® C Runtime Library |10.0.20348.1 |1126976|2021-05-08 09:14:04|C:\WINDOWS\System32 | |77420000|user32.dll |Multi-User Windows USER API Client DLL |10.0.20348.2340 |1723600|2024-03-18 09:06:26|C:\WINDOWS\System32 | |775E0000|ntdll.dll |NT Layer DLL |10.0.20348.2340 |1719672|2024-03-18 09:06:28|C:\WINDOWS\SYSTEM32 | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- Processes Information: -------------------------------------------------------------------------------------------------------------------------------------------------- |ID |Name |Description |Version |Memory|Priority |Threads|Path | -------------------------------------------------------------------------------------------------------------------------------------------------- |0 |[System Process] | | |0 | |4 | | |4 |System | | |0 |Normal |140 | | |84 |LogonUI.exe | | |0 |High |9 | | |120 |Registry | | |0 |Normal |4 | | |240 |taskhostw.exe | | |0 |Normal |4 | | |340 |smss.exe | | |0 |Above-Normal|2 | | |380 |SecurityHealthService.exe | | |0 |Normal |3 | | |448 |rdpclip.exe | | |0 |Normal |6 | | |460 |dwm.exe | | |0 |High |15 | | |464 |csrss.exe | | |0 |High |10 | | |536 |wininit.exe | | |0 |High |1 | | |544 |csrss.exe | | |0 |High |9 | | |628 |winlogon.exe | | |0 |High |2 | | |636 |rdpclip.exe | | |0 |Normal |6 | | |644 |services.exe | | |0 |Normal |5 | | |676 |lsass.exe | | |0 |Normal |11 | | |796 |svchost.exe |Host Process for Windows Services |10.0.20348.558 |0 |Normal |10 | | |824 |fontdrvhost.exe |Usermode Font Driver Host |10.0.20348.2322|0 |Normal |5 | | |828 |fontdrvhost.exe |Usermode Font Driver Host |10.0.20348.2322|0 |Normal |5 | | |900 |svchost.exe |Host Process for Windows Services |10.0.20348.558 |0 |Normal |8 | | |964 |svchost.exe |Host Process for Windows Services |10.0.20348.558 |0 |Normal |4 | | |1036 |svchost.exe |Host Process for Windows Services |10.0.20348.558 |0 |Normal |31 | | |1048 |svchost.exe |Host Process for Windows Services |10.0.20348.558 |0 |Normal |9 | | |1080 |fontdrvhost.exe |Usermode Font Driver Host |10.0.20348.2322|0 |Normal |5 | | |1088 |svchost.exe |Host Process for Windows Services |10.0.20348.558 |0 |Normal |2 | | |1096 |svchost.exe |Host Process for Windows Services |10.0.20348.558 |0 |Normal |4 | | |1104 |svchost.exe |Host Process for Windows Services |10.0.20348.558 |0 |Normal |1 | | |1112 |svchost.exe |Host Process for Windows Services |10.0.20348.558 |0 |Normal |3 | | |1168 |svchost.exe |Host Process for Windows Services |10.0.20348.558 |0 |Normal |1 | | |1196 |svchost.exe |Host Process for Windows Services |10.0.20348.558 |0 |Normal |1 | | |1204 |svchost.exe |Host Process for Windows Services |10.0.20348.558 |0 |Normal |2 | | |1240 |svchost.exe |Host Process for Windows Services |10.0.20348.558 |0 |Normal |5 | | |1252 |taskhostw.exe | | |0 |Normal |3 | | |1264 |svchost.exe |Host Process for Windows Services |10.0.20348.558 |0 |Normal |3 | | |1316 |svchost.exe |Host Process for Windows Services |10.0.20348.558 |0 |Normal |3 | | |1380 |svchost.exe |Host Process for Windows Services |10.0.20348.558 |0 |Normal |6 | | |1424 |svchost.exe |Host Process for Windows Services |10.0.20348.558 |0 |Normal |10 | | |1448 |svchost.exe |Host Process for Windows Services |10.0.20348.558 |0 |Normal |8 | | |1496 |explorer.exe |Windows Explorer |10.0.20348.1970|0 |Normal |32 | | |1536 |svchost.exe |Host Process for Windows Services |10.0.20348.558 |0 |Normal |1 | | |1548 |svchost.exe |Host Process for Windows Services |10.0.20348.558 |0 |Normal |2 | | |1576 |svchost.exe |Host Process for Windows Services |10.0.20348.558 |0 |Normal |2 | | |1592 |svchost.exe |Host Process for Windows Services |10.0.20348.558 |0 |Normal |4 | | |1620 |svchost.exe |Host Process for Windows Services |10.0.20348.558 |0 |Normal |4 | | |1632 |svchost.exe |Host Process for Windows Services |10.0.20348.558 |0 |Normal |2 | | |1712 |svchost.exe |Host Process for Windows Services |10.0.20348.558 |0 |Normal |4 | | |1736 |svchost.exe |Host Process for Windows Services |10.0.20348.558 |0 |Normal |22 | | |1752 |w3wp.exe |IIS Worker Process |10.0.20348.1 |0 |Normal |16 | | |1804 |svchost.exe |Host Process for Windows Services |10.0.20348.558 |0 |Normal |2 | | |1812 |ctfmon.exe |CTF Loader |10.0.20348.1 |0 |High |8 | | |1888 |svchost.exe |Host Process for Windows Services |10.0.20348.558 |0 |Normal |3 | | |1896 |svchost.exe |Host Process for Windows Services |10.0.20348.558 |0 |Normal |13 | | |1908 |svchost.exe |Host Process for Windows Services |10.0.20348.558 |0 |Normal |8 | | |1920 |svchost.exe |Host Process for Windows Services |10.0.20348.558 |0 |Normal |3 | | |1956 |svchost.exe |Host Process for Windows Services |10.0.20348.558 |0 |Normal |5 | | |1988 |svchost.exe |Host Process for Windows Services |10.0.20348.558 |0 |Normal |2 | | |2020 |svchost.exe |Host Process for Windows Services |10.0.20348.558 |0 |Normal |3 | | |2076 |svchost.exe |Host Process for Windows Services |10.0.20348.558 |0 |Normal |1 | | |2292 |svchost.exe |Host Process for Windows Services |10.0.20348.558 |0 |Normal |3 | | |2348 |svchost.exe |Host Process for Windows Services |10.0.20348.558 |0 |Normal |5 | | |2392 |svchost.exe |Host Process for Windows Services |10.0.20348.558 |0 |Normal |5 | | |2420 |msdtc.exe | | |0 |Normal |9 | | |2448 |svchost.exe |Host Process for Windows Services |10.0.20348.558 |0 |Normal |4 | | |2452 |svchost.exe |Host Process for Windows Services |10.0.20348.558 |0 |Normal |2 | | |2508 |spoolsv.exe | | |0 |Normal |7 | | |2544 |svchost.exe |Host Process for Windows Services |10.0.20348.558 |0 |Normal |3 | | |2564 |LogonUI.exe | | |0 |High |6 | | |2636 |svchost.exe |Host Process for Windows Services |10.0.20348.558 |0 |Normal |7 | | |2648 |armsvc.exe | | |0 |Normal |3 | | |2668 |svchost.exe |Host Process for Windows Services |10.0.20348.558 |0 |Normal |5 | | |2732 |svchost.exe |Host Process for Windows Services |10.0.20348.558 |0 |Normal |10 | | |2744 |svchost.exe |Host Process for Windows Services |10.0.20348.558 |0 |Normal |3 | | |2764 |svchost.exe |Host Process for Windows Services |10.0.20348.558 |0 |Normal |1 | | |2776 |RuntimeBroker.exe | | |0 |Normal |1 | | |2780 |svchost.exe |Host Process for Windows Services |10.0.20348.558 |0 |Normal |3 | | |2816 |inetinfo.exe | | |0 |Normal |3 | | |2852 |svchost.exe |Host Process for Windows Services |10.0.20348.558 |0 |Normal |4 | | |2912 |InstantDataService.exe | | |0 |Normal |27 | | |2936 |svchost.exe |Host Process for Windows Services |10.0.20348.558 |0 |Normal |3 | | |2940 |svchost.exe |Host Process for Windows Services |10.0.20348.558 |0 |Normal |7 | | |2968 |svchost.exe |Host Process for Windows Services |10.0.20348.558 |0 |Normal |7 | | |2976 |svchost.exe |Host Process for Windows Services |10.0.20348.558 |0 |Normal |1 | | |2992 |qemu-ga.exe | | |0 |Normal |3 | | |3004 |taskhostw.exe | | |0 |Normal |4 | | |3060 |TCPSVCS.EXE |TCP/IP Services Application |10.0.20348.1 |0 |Normal |2 | | |3128 |svchost.exe |Host Process for Windows Services |10.0.20348.558 |0 |Normal |15 | | |3152 |svchost.exe |Host Process for Windows Services |10.0.20348.558 |0 |Normal |10 | | |3176 |svchost.exe |Host Process for Windows Services |10.0.20348.558 |0 |Normal |5 | | |3192 |svchost.exe |Host Process for Windows Services |10.0.20348.558 |0 |Normal |1 | | |3264 |zabbix_agentd.exe | | |0 |Normal |11 | | |3320 |svchost.exe |Host Process for Windows Services |10.0.20348.558 |0 |Normal |8 | | |3776 |svchost.exe |Host Process for Windows Services |10.0.20348.558 |0 |Normal |11 | | |3804 |AggregatorHost.exe | | |0 |Normal |2 | | |3836 |TextInputHost.exe | | |0 |Normal |8 | | |3908 |winlogon.exe | | |0 |High |2 | | |3920 |NisSrv.exe | | |0 |Normal |12 | | |4076 |csrss.exe | | |0 |High |10 | | |4116 |svchost.exe |Host Process for Windows Services |10.0.20348.558 |0 |Normal |3 | | |4136 |w3wp.exe |IIS Worker Process |10.0.20348.1 |0 |Normal |48 |C:\WINDOWS\SysWOW64\inetsrv| |4200 |explorer.exe |Windows Explorer |10.0.20348.1970|0 |Normal |49 | | |4328 |dwm.exe | | |0 |High |16 | | |4384 |fontdrvhost.exe |Usermode Font Driver Host |10.0.20348.2322|0 |Normal |5 | | |4632 |Trace32.exe | | |0 |Normal |1 | | |4712 |svchost.exe |Host Process for Windows Services |10.0.20348.558 |0 |Normal |4 | | |4864 |svchost.exe |Host Process for Windows Services |10.0.20348.558 |0 |Normal |10 | | |5008 |svchost.exe |Host Process for Windows Services |10.0.20348.558 |0 |Normal |2 | | |5176 |svchost.exe |Host Process for Windows Services |10.0.20348.558 |0 |Normal |2 | | |5216 |svchost.exe |Host Process for Windows Services |10.0.20348.558 |0 |Normal |2 | | |5300 |SearchProtocolHost.exe |Microsoft Windows Search Protocol Host|7.0.20348.2340 |0 |Low |5 | | |5376 |sihost.exe | | |0 |Normal |8 | | |5864 |svchost.exe |Host Process for Windows Services |10.0.20348.558 |0 |Normal |3 | | |5900 |svchost.exe |Host Process for Windows Services |10.0.20348.558 |0 |Normal |2 | | |6040 |jusched.exe | | |0 |Normal |2 | | |6072 |SearchApp.exe | | |0 |Normal |13 | | |6292 |StartMenuExperienceHost.exe| | |0 |Normal |10 | | |6304 |TextInputHost.exe | | |0 |Normal |8 | | |6324 |jusched.exe | | |0 |Normal |2 | | |6432 |RuntimeBroker.exe | | |0 |Normal |1 | | |6540 |svchost.exe |Host Process for Windows Services |10.0.20348.558 |0 |Normal |2 | | |6664 |SearchApp.exe | | |0 |Normal |13 | | |6768 |RuntimeBroker.exe | | |0 |Normal |1 | | |6832 |ShellExperienceHost.exe | | |0 |Normal |14 | | |6904 |sihost.exe | | |0 |Normal |9 | | |6960 |RuntimeBroker.exe | | |0 |Normal |1 | | |7048 |InetMgr.exe | | |0 |Normal |10 | | |7064 |csrss.exe | | |0 |High |10 | | |7072 |RuntimeBroker.exe | | |0 |Normal |2 | | |7164 |tray.exe | | |0 |Normal |2 | | |7388 |dllhost.exe |COM Surrogate |10.0.20348.1 |0 |Normal |10 | | |7420 |ShellExperienceHost.exe | | |0 |Normal |14 | | |7876 |winlogon.exe | | |0 |High |2 | | |7888 |regedit.exe |Registry Editor |10.0.20348.1 |0 |Normal |1 | | |7980 |svchost.exe |Host Process for Windows Services |10.0.20348.558 |0 |Normal |2 | | |8284 |StartMenuExperienceHost.exe| | |0 |Normal |10 | | |8348 |dwm.exe | | |0 |High |14 | | |8484 |tray.exe | | |0 |Normal |2 | | |8708 |svchost.exe |Host Process for Windows Services |10.0.20348.558 |0 |Normal |3 | | |8796 |SearchIndexer.exe |Microsoft Windows Search Indexer |7.0.20348.2340 |0 |Normal |14 | | |8804 |ctfmon.exe |CTF Loader |10.0.20348.1 |0 |High |8 | | |8824 |w3wp.exe |IIS Worker Process |10.0.20348.1 |0 |Normal |43 | | |8864 |RuntimeBroker.exe | | |0 |Normal |1 | | |8912 |MsMpEng.exe | | |0 |Normal |25 | | |9200 |LogonUI.exe | | |0 |High |6 | | |9276 |jucheck.exe | | |0 |Normal |3 | | |9376 |a5backup64.exe | | |0 |Normal |71 | | |9496 |InetMgr.exe | | |0 |Normal |8 | | |9652 |RuntimeBroker.exe | | |0 |Normal |2 | | |9672 |ServerManager.exe | | |0 |Normal |7 | | |9720 |taskhostw.exe | | |0 |Normal |4 | | |9796 |w3wp.exe |IIS Worker Process |10.0.20348.1 |0 |Normal |43 | | |10080|svchost.exe |Host Process for Windows Services |10.0.20348.558 |0 |Normal |13 | | |10104|RuntimeBroker.exe | | |0 |Normal |1 | | -------------------------------------------------------------------------------------------------------------------------------------------------- Assembler Information: ------------------------------------------------------ 066BB4D4 push eax 066BB4D5 mov eax, [eax] 066BB4D7 call dword ptr [eax+$20] 066BB4DA call -$002537C3 066BB4DF mov eax, [ebp-$04] 066BB4E2 push eax 066BB4E3 mov eax, [ebx+$6C] 066BB4E6 push eax 066BB4E7 mov eax, [eax] 066BB4E9 call dword ptr [eax+$50] 066BB4EC call -$002537D5 ; <-- EXCEPTION 066BB4F1 mov eax, [ebx+$78] 066BB4F4 xor edx, edx 066BB4F6 call -$002550F7 066BB4FB jz +$12 066BB4FD mov eax, [ebx+$78] 066BB500 push eax 066BB501 mov eax, [ebx+$6C] 066BB504 push eax 066BB505 mov eax, [eax] 066BB507 call dword ptr [eax+$5C] Registers: ----------------------------- EAX: 06E50F10 EDI: 00000001 EBX: 80004005 ESI: 066BB4F1 ECX: 00340000 ESP: 080DF380 EDX: 066BB4F1 EIP: 066BB4EC Stack: Memory Dump: ------------------ --------------------------------------------------------------------------- 080DF380: 080DF3C0 06E2FFF0: E8 2B C8 DA FF 8B 43 78 33 D2 E8 09 AF DA FF 74 .+....Cx3......t 080DF384: 06464FE8 06E30000: 12 8B 43 78 50 8B 43 6C 50 8B 00 FF 50 5C E8 0D ..CxP.ClP...P\.. 080DF388: 080DF3B4 06E30010: C8 DA FF 33 C0 5A 59 59 64 89 10 68 2C B5 6B 06 ...3.ZYYd..h,.k. 080DF38C: 06E29200 06E30020: 8D 45 FC E8 60 AB DA FF C3 E9 3E 9A DA FF EB F0 .E..`.....>..... 080DF390: 06E29200 06E30030: 5B 59 5D C3 53 8B D8 83 7B 6C 00 74 22 EB 07 8B [Y].S...{l.t"... 080DF394: 00000000 06E30040: C3 E8 F6 FE FF FF 8B C3 E8 8F 0E 00 00 84 C0 75 ...............u 080DF398: 00000000 06E30050: EE 8B 43 6C 50 8B 00 FF 50 3C E8 C1 C7 DA FF 5B ..ClP...P<.....[ 080DF39C: 00000000 06E30060: C3 8D 40 00 53 56 57 8B D8 8B C3 8B 10 FF 52 38 ..@.SVW.......R8 080DF3A0: 00000000 06E30070: 84 C0 74 48 80 BB 8C 00 00 00 00 75 3F 8B C3 E8 ..tH.......u?... 080DF3A4: 00000000 06E30080: 58 0E 00 00 84 C0 75 34 F6 43 1C 01 75 2E 8B C3 X.....u4.C..u... 080DF3A8: 00000000 06E30090: 8B 10 FF 52 40 8B F0 4E 85 F6 7C 19 46 33 FF 8B ...R@..N..|.F3.. 080DF3AC: 00000000 06E300A0: D7 8B C3 E8 28 0D 00 00 80 B8 9D 00 00 00 00 75 ....(..........u 080DF3B0: 00000000 06E300B0: 0B 47 4E 75 EA 8B C3 E8 F8 AC FE FF 5F 5E 5B C3 .GNu........_^[. 080DF3B4: 080DF3D4 06E300C0: 55 8B EC 6A 00 6A 00 6A 00 6A 00 53 56 57 8B D9 U..j.j.j.j.SVW.. 080DF3B8: 06467D2F 06E300D0: 8B F2 8B F8 33 C0 55 68 30 B6 6B 06 64 FF 30 64 ....3.Uh0.k.d.0d 080DF3BC: 066BB4F1 06E300E0: 89 20 8B C7 E8 7F FD FF FF 8B 45 08 E8 AB C5 DA . ........E..... |