|
An error has occurred during program execution. Please read the following information for further details. EurekaLog 6.1.04 Application: --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- 1.1 Start Date : Tue, 14 Oct 2025 08:36:55 +0100 1.2 Name/Description: w3wp.exe - (IIS Worker Process) 1.3 Version Number : 10.0.20348.1 1.4 Parameters : -ap "FormidableCA" -v "v4.0" -l "webengine4.dll" -a \\.\pipe\iisipm55be219b-280b-4525-ba69-9422e1d666ed -h "C:\inetpub\temp\apppools\FormidableCA\FormidableCA.config" -w "" -m 0 -t 20 -ta 0 1.5 Compilation Date: Wed, 13 Nov 2013 13:16:49 +0100 1.6 Up Time : 21 minutes, 54 seconds Exception: ---------------------------------------------------------------------------------------------------- 2.1 Date : Tue, 14 Oct 2025 08:58:50 +0100 2.2 Address : 0065B4EC 2.3 Module Name : FMLic.dll 2.4 Module Version: 2.5 Type : EOleException 2.6 Message : Cannot open database "WEBStore_LIVE" requested by the login. The login failed. 2.7 ID : D06C 2.8 Count : 1 2.9 Status : New 2.10 Note : User: ------------------------------------------------------- 3.1 ID : FormidableCA 3.2 Name : Windows User 3.3 Email : 3.4 Company : 3.5 Privileges: SeAssignPrimaryTokenPrivilege - OFF SeIncreaseQuotaPrivilege - OFF SeAuditPrivilege - OFF SeChangeNotifyPrivilege - ON SeImpersonatePrivilege - ON SeCreateGlobalPrivilege - ON SeIncreaseWorkingSetPrivilege - OFF Computer: --------------------------------------------------------------------- 5.1 Name : PROD-WEB-01 5.2 Total Memory : 4095 Mb 5.3 Free Memory : 740 Mb 5.4 Total Disk : 49,45 Gb 5.5 Free Disk : 7,96 Gb 5.6 System Up Time: 12 days, 22 hours, 42 minutes, 23 seconds 5.7 Processor : Intel Core Processor (Broadwell) 5.8 Display Mode : 1024 x 768, 32 bit 5.9 Display DPI : 96 5.10 Video Card : (driver ) 5.11 Printer : Microsoft Print To PDF (driver 10.0.20348.4050) Operating System: ----------------------------------------------- 6.1 Type : Microsoft Windows 10.0 (64 bit) 6.2 Build # : 20348 6.3 Update : 6.4 Language: English 6.5 Charset : 0 Network: --------------------------------- 7.1 IP Address: 192.168.000.012 7.2 Submask : 255.255.255.000 7.3 Gateway : 192.168.000.001 7.4 DNS 1 : 192.168.000.013 7.5 DNS 2 : 000.000.000.000 7.6 DHCP : ON Call Stack Information: ----------------------------------------------------------------------------------------- |Address |Module |Unit |Class |Procedure/Method |Line | ----------------------------------------------------------------------------------------- |*Exception Thread: ID=6120; Priority=0; Class= | |---------------------------------------------------------------------------------------| |0065B4EC|FMLic.dll | | | | | |0074D8B7|FMLic.dll |Main.pas|TwaFMLic|ppWHTMLTag |592[27] | |0075E8A8|FMLic.dll |Main.pas|TwaFMLic|waFMLicwaShowPageAction |2632[20]| |75B867F7|KERNEL32.DLL | | |BaseThreadInitThunk | | |---------------------------------------------------------------------------------------| |Calling Thread: ID=6064; Priority=0; Class=; [Main] | |---------------------------------------------------------------------------------------| |004913C5|FMLic.dll | | |HttpExtensionProc | | |77DE1560|ntdll.dll | | |RtlTryEnterCriticalSection | | |77DC4EB0|ntdll.dll | | |RtlGetCurrentServiceSessionId | | |77DB77B0|ntdll.dll | | |RtlReleaseSRWLockShared | | |77DB7210|ntdll.dll | | |RtlQueryInformationActivationContext| | |77DC3BE0|ntdll.dll | | |RtlReleaseSRWLockExclusive | | |77DF476A|ntdll.dll | | |ZwAssociateWaitCompletionPacket | | |77DC7519|ntdll.dll | | |RtlAllocateHeap | | |75B867F7|KERNEL32.DLL | | |BaseThreadInitThunk | | |---------------------------------------------------------------------------------------| | | |Running Thread: ID=6064; Priority=0; Class=; [Main] | |---------------------------------------------------------------------------------------| |76152C54|KERNELBASE.dll| | |GetQueuedCompletionStatus | | |75B867F7|KERNEL32.DLL | | |BaseThreadInitThunk | | |---------------------------------------------------------------------------------------| | | |Running Thread: ID=3080; Priority=0; Class= | |---------------------------------------------------------------------------------------| |76152C54|KERNELBASE.dll| | |GetQueuedCompletionStatus | | |75B81CD0|KERNEL32.DLL | | |TlsGetValue | | |75B92C50|KERNEL32.DLL | | |PostQueuedCompletionStatus | | |75B939E0|KERNEL32.DLL | | |BaseFormatObjectAttributes | | |75B867F7|KERNEL32.DLL | | |BaseThreadInitThunk | | |---------------------------------------------------------------------------------------| |Calling Thread: ID=6064; Priority=0; Class=; [Main] | |---------------------------------------------------------------------------------------| |004913C5|FMLic.dll | | |HttpExtensionProc | | |77DE1560|ntdll.dll | | |RtlTryEnterCriticalSection | | |77DC4EB0|ntdll.dll | | |RtlGetCurrentServiceSessionId | | |77DB77B0|ntdll.dll | | |RtlReleaseSRWLockShared | | |77DB7210|ntdll.dll | | |RtlQueryInformationActivationContext| | |77DC3BE0|ntdll.dll | | |RtlReleaseSRWLockExclusive | | |77DF476A|ntdll.dll | | |ZwAssociateWaitCompletionPacket | | |77DC7519|ntdll.dll | | |RtlAllocateHeap | | |75B867F7|KERNEL32.DLL | | |BaseThreadInitThunk | | |---------------------------------------------------------------------------------------| | | |Running Thread: ID=5132; Priority=0; Class= | |---------------------------------------------------------------------------------------| |76152C54|KERNELBASE.dll| | |GetQueuedCompletionStatus | | |75B81CD0|KERNEL32.DLL | | |TlsGetValue | | |75B92C50|KERNEL32.DLL | | |PostQueuedCompletionStatus | | |75B939E0|KERNEL32.DLL | | |BaseFormatObjectAttributes | | |75B867F7|KERNEL32.DLL | | |BaseThreadInitThunk | | |---------------------------------------------------------------------------------------| |Calling Thread: ID=6064; Priority=0; Class=; [Main] | |---------------------------------------------------------------------------------------| |004913C5|FMLic.dll | | |HttpExtensionProc | | |77DE1560|ntdll.dll | | |RtlTryEnterCriticalSection | | |77DC4EB0|ntdll.dll | | |RtlGetCurrentServiceSessionId | | |77DB77B0|ntdll.dll | | |RtlReleaseSRWLockShared | | |77DB7210|ntdll.dll | | |RtlQueryInformationActivationContext| | |77DC3BE0|ntdll.dll | | |RtlReleaseSRWLockExclusive | | |77DF476A|ntdll.dll | | |ZwAssociateWaitCompletionPacket | | |77DC7519|ntdll.dll | | |RtlAllocateHeap | | |75B867F7|KERNEL32.DLL | | |BaseThreadInitThunk | | |---------------------------------------------------------------------------------------| | | |Running Thread: ID=1004; Priority=0; Class= | |---------------------------------------------------------------------------------------| |76152C54|KERNELBASE.dll| | |GetQueuedCompletionStatus | | |75B81CD0|KERNEL32.DLL | | |TlsGetValue | | |75B92C50|KERNEL32.DLL | | |PostQueuedCompletionStatus | | |75B939E0|KERNEL32.DLL | | |BaseFormatObjectAttributes | | |75B867F7|KERNEL32.DLL | | |BaseThreadInitThunk | | |---------------------------------------------------------------------------------------| |Calling Thread: ID=6064; Priority=0; Class=; [Main] | |---------------------------------------------------------------------------------------| |004913C5|FMLic.dll | | |HttpExtensionProc | | |77DE1560|ntdll.dll | | |RtlTryEnterCriticalSection | | |77DC4EB0|ntdll.dll | | |RtlGetCurrentServiceSessionId | | |77DB77B0|ntdll.dll | | |RtlReleaseSRWLockShared | | |77DB7210|ntdll.dll | | |RtlQueryInformationActivationContext| | |77DC3BE0|ntdll.dll | | |RtlReleaseSRWLockExclusive | | |77DF476A|ntdll.dll | | |ZwAssociateWaitCompletionPacket | | |77DC7519|ntdll.dll | | |RtlAllocateHeap | | |75B867F7|KERNEL32.DLL | | |BaseThreadInitThunk | | |---------------------------------------------------------------------------------------| | | |Running Thread: ID=3284; Priority=0; Class= | |---------------------------------------------------------------------------------------| |76152C54|KERNELBASE.dll| | |GetQueuedCompletionStatus | | |75B81CD0|KERNEL32.DLL | | |TlsGetValue | | |75B92C50|KERNEL32.DLL | | |PostQueuedCompletionStatus | | |75B939E0|KERNEL32.DLL | | |BaseFormatObjectAttributes | | |75B867F7|KERNEL32.DLL | | |BaseThreadInitThunk | | |---------------------------------------------------------------------------------------| |Calling Thread: ID=6064; Priority=0; Class=; [Main] | |---------------------------------------------------------------------------------------| |004913C5|FMLic.dll | | |HttpExtensionProc | | |77DE1560|ntdll.dll | | |RtlTryEnterCriticalSection | | |77DC4EB0|ntdll.dll | | |RtlGetCurrentServiceSessionId | | |77DB77B0|ntdll.dll | | |RtlReleaseSRWLockShared | | |77DB7210|ntdll.dll | | |RtlQueryInformationActivationContext| | |77DC3BE0|ntdll.dll | | |RtlReleaseSRWLockExclusive | | |77DF476A|ntdll.dll | | |ZwAssociateWaitCompletionPacket | | |77DC7519|ntdll.dll | | |RtlAllocateHeap | | |75B867F7|KERNEL32.DLL | | |BaseThreadInitThunk | | |---------------------------------------------------------------------------------------| | | |Running Thread: ID=4692; Priority=0; Class= | |---------------------------------------------------------------------------------------| |76152C54|KERNELBASE.dll| | |GetQueuedCompletionStatus | | |75B81CD0|KERNEL32.DLL | | |TlsGetValue | | |75B92C50|KERNEL32.DLL | | |PostQueuedCompletionStatus | | |75B939E0|KERNEL32.DLL | | |BaseFormatObjectAttributes | | |75B867F7|KERNEL32.DLL | | |BaseThreadInitThunk | | |---------------------------------------------------------------------------------------| |Calling Thread: ID=6064; Priority=0; Class=; [Main] | |---------------------------------------------------------------------------------------| |004913C5|FMLic.dll | | |HttpExtensionProc | | |77DE1560|ntdll.dll | | |RtlTryEnterCriticalSection | | |77DC4EB0|ntdll.dll | | |RtlGetCurrentServiceSessionId | | |77DB77B0|ntdll.dll | | |RtlReleaseSRWLockShared | | |77DB7210|ntdll.dll | | |RtlQueryInformationActivationContext| | |77DC3BE0|ntdll.dll | | |RtlReleaseSRWLockExclusive | | |77DF476A|ntdll.dll | | |ZwAssociateWaitCompletionPacket | | |77DC7519|ntdll.dll | | |RtlAllocateHeap | | |75B867F7|KERNEL32.DLL | | |BaseThreadInitThunk | | |---------------------------------------------------------------------------------------| | | |Running Thread: ID=3004; Priority=0; Class= | |---------------------------------------------------------------------------------------| |76152C54|KERNELBASE.dll| | |GetQueuedCompletionStatus | | |75B81CD0|KERNEL32.DLL | | |TlsGetValue | | |75B92C50|KERNEL32.DLL | | |PostQueuedCompletionStatus | | |75B939E0|KERNEL32.DLL | | |BaseFormatObjectAttributes | | |75B867F7|KERNEL32.DLL | | |BaseThreadInitThunk | | |---------------------------------------------------------------------------------------| |Calling Thread: ID=6064; Priority=0; Class=; [Main] | |---------------------------------------------------------------------------------------| |004913C5|FMLic.dll | | |HttpExtensionProc | | |77DE1560|ntdll.dll | | |RtlTryEnterCriticalSection | | |77DC4EB0|ntdll.dll | | |RtlGetCurrentServiceSessionId | | |77DB77B0|ntdll.dll | | |RtlReleaseSRWLockShared | | |77DB7210|ntdll.dll | | |RtlQueryInformationActivationContext| | |77DC3BE0|ntdll.dll | | |RtlReleaseSRWLockExclusive | | |77DF476A|ntdll.dll | | |ZwAssociateWaitCompletionPacket | | |77DC7519|ntdll.dll | | |RtlAllocateHeap | | |75B867F7|KERNEL32.DLL | | |BaseThreadInitThunk | | |---------------------------------------------------------------------------------------| | | |Running Thread: ID=3416; Priority=0; Class= | |---------------------------------------------------------------------------------------| |76152C54|KERNELBASE.dll| | |GetQueuedCompletionStatus | | |75B81CD0|KERNEL32.DLL | | |TlsGetValue | | |75B92C50|KERNEL32.DLL | | |PostQueuedCompletionStatus | | |75B939E0|KERNEL32.DLL | | |BaseFormatObjectAttributes | | |75B867F7|KERNEL32.DLL | | |BaseThreadInitThunk | | |---------------------------------------------------------------------------------------| |Calling Thread: ID=6064; Priority=0; Class=; [Main] | |---------------------------------------------------------------------------------------| |004913C5|FMLic.dll | | |HttpExtensionProc | | |77DE1560|ntdll.dll | | |RtlTryEnterCriticalSection | | |77DC4EB0|ntdll.dll | | |RtlGetCurrentServiceSessionId | | |77DB77B0|ntdll.dll | | |RtlReleaseSRWLockShared | | |77DB7210|ntdll.dll | | |RtlQueryInformationActivationContext| | |77DC3BE0|ntdll.dll | | |RtlReleaseSRWLockExclusive | | |77DF476A|ntdll.dll | | |ZwAssociateWaitCompletionPacket | | |77DC7519|ntdll.dll | | |RtlAllocateHeap | | |75B867F7|KERNEL32.DLL | | |BaseThreadInitThunk | | |---------------------------------------------------------------------------------------| | | |Running Thread: ID=7640; Priority=0; Class= | |---------------------------------------------------------------------------------------| |76152C54|KERNELBASE.dll| | |GetQueuedCompletionStatus | | |75B81CD0|KERNEL32.DLL | | |TlsGetValue | | |75B92C50|KERNEL32.DLL | | |PostQueuedCompletionStatus | | |75B939E0|KERNEL32.DLL | | |BaseFormatObjectAttributes | | |75B867F7|KERNEL32.DLL | | |BaseThreadInitThunk | | |---------------------------------------------------------------------------------------| |Calling Thread: ID=6064; Priority=0; Class=; [Main] | |---------------------------------------------------------------------------------------| |004913C5|FMLic.dll | | |HttpExtensionProc | | |77DE1560|ntdll.dll | | |RtlTryEnterCriticalSection | | |77DC4EB0|ntdll.dll | | |RtlGetCurrentServiceSessionId | | |77DB77B0|ntdll.dll | | |RtlReleaseSRWLockShared | | |77DB7210|ntdll.dll | | |RtlQueryInformationActivationContext| | |77DC3BE0|ntdll.dll | | |RtlReleaseSRWLockExclusive | | |77DF476A|ntdll.dll | | |ZwAssociateWaitCompletionPacket | | |77DC7519|ntdll.dll | | |RtlAllocateHeap | | |75B867F7|KERNEL32.DLL | | |BaseThreadInitThunk | | |---------------------------------------------------------------------------------------| | | |Running Thread: ID=4128; Priority=0; Class= | |---------------------------------------------------------------------------------------| |76152C54|KERNELBASE.dll| | |GetQueuedCompletionStatus | | |75B81CD0|KERNEL32.DLL | | |TlsGetValue | | |75B92C50|KERNEL32.DLL | | |PostQueuedCompletionStatus | | |75B939E0|KERNEL32.DLL | | |BaseFormatObjectAttributes | | |75B867F7|KERNEL32.DLL | | |BaseThreadInitThunk | | |---------------------------------------------------------------------------------------| |Calling Thread: ID=6064; Priority=0; Class=; [Main] | |---------------------------------------------------------------------------------------| |004913C5|FMLic.dll | | |HttpExtensionProc | | |77DE1560|ntdll.dll | | |RtlTryEnterCriticalSection | | |77DC4EB0|ntdll.dll | | |RtlGetCurrentServiceSessionId | | |77DB77B0|ntdll.dll | | |RtlReleaseSRWLockShared | | |77DB7210|ntdll.dll | | |RtlQueryInformationActivationContext| | |77DC3BE0|ntdll.dll | | |RtlReleaseSRWLockExclusive | | |77DF476A|ntdll.dll | | |ZwAssociateWaitCompletionPacket | | |77DC7519|ntdll.dll | | |RtlAllocateHeap | | |75B867F7|KERNEL32.DLL | | |BaseThreadInitThunk | | |---------------------------------------------------------------------------------------| | | |Running Thread: ID=2476; Priority=0; Class= | |---------------------------------------------------------------------------------------| |76152C54|KERNELBASE.dll| | |GetQueuedCompletionStatus | | |75B81CD0|KERNEL32.DLL | | |TlsGetValue | | |75B92C50|KERNEL32.DLL | | |PostQueuedCompletionStatus | | |75B939E0|KERNEL32.DLL | | |BaseFormatObjectAttributes | | |75B867F7|KERNEL32.DLL | | |BaseThreadInitThunk | | |---------------------------------------------------------------------------------------| |Calling Thread: ID=6064; Priority=0; Class=; [Main] | |---------------------------------------------------------------------------------------| |004913C5|FMLic.dll | | |HttpExtensionProc | | |77DE1560|ntdll.dll | | |RtlTryEnterCriticalSection | | |77DC4EB0|ntdll.dll | | |RtlGetCurrentServiceSessionId | | |77DB77B0|ntdll.dll | | |RtlReleaseSRWLockShared | | |77DB7210|ntdll.dll | | |RtlQueryInformationActivationContext| | |77DC3BE0|ntdll.dll | | |RtlReleaseSRWLockExclusive | | |77DF476A|ntdll.dll | | |ZwAssociateWaitCompletionPacket | | |77DC7519|ntdll.dll | | |RtlAllocateHeap | | |75B867F7|KERNEL32.DLL | | |BaseThreadInitThunk | | |---------------------------------------------------------------------------------------| | | |Running Thread: ID=8408; Priority=0; Class= | |---------------------------------------------------------------------------------------| |76152C54|KERNELBASE.dll| | |GetQueuedCompletionStatus | | |75B81CD0|KERNEL32.DLL | | |TlsGetValue | | |75B92C50|KERNEL32.DLL | | |PostQueuedCompletionStatus | | |75B939E0|KERNEL32.DLL | | |BaseFormatObjectAttributes | | |75B867F7|KERNEL32.DLL | | |BaseThreadInitThunk | | |---------------------------------------------------------------------------------------| |Calling Thread: ID=6064; Priority=0; Class=; [Main] | |---------------------------------------------------------------------------------------| |004913C5|FMLic.dll | | |HttpExtensionProc | | |77DE1560|ntdll.dll | | |RtlTryEnterCriticalSection | | |77DC4EB0|ntdll.dll | | |RtlGetCurrentServiceSessionId | | |77DB77B0|ntdll.dll | | |RtlReleaseSRWLockShared | | |77DB7210|ntdll.dll | | |RtlQueryInformationActivationContext| | |77DC3BE0|ntdll.dll | | |RtlReleaseSRWLockExclusive | | |77DF476A|ntdll.dll | | |ZwAssociateWaitCompletionPacket | | |77DC7519|ntdll.dll | | |RtlAllocateHeap | | ----------------------------------------------------------------------------------------- Modules Information: ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |Handle |Name |Description |Version |Size |Modified |Path | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |00400000|FMLic.dll | | |4799488|2022-08-12 11:42:54|C:\WebSites\formidableca | |00DE0000|w3wp.exe |IIS Worker Process |10.0.20348.1 |24576 |2022-08-05 10:00:46|C:\WINDOWS\SysWOW64\inetsrv | |05300000|IISRES.DLL |IIS Resource DLL |10.0.20348.3451 |231936 |2025-05-07 15:26:04|C:\WINDOWS\System32\inetsrv | |06C90000|msadcer.dll |OLE DB Cursor Engine Resources |10.0.20348.1 |2560 |2021-05-08 09:13:58|C:\Program Files (x86)\Common Files\System\msadc | |071B0000|security.dll |Security Support Provider Interface |10.0.20348.1 |5120 |2021-05-08 09:14:02|C:\WINDOWS\SYSTEM32 | |080F0000|SQLOLEDB.RLL |OLE DB Provider for SQL Server Resources |10.0.20348.1 |4608 |2021-05-08 09:13:58|C:\Program Files (x86)\Common Files\System\Ole DB | |08A80000|CDEContent.dll | | |1353216|2022-08-12 17:38:00|C:\WebSites\scripts | |71D00000|WINNSI.DLL |Network Store Information RPC interface |10.0.20348.2849 |31184 |2024-12-09 14:34:44|C:\WINDOWS\SYSTEM32 | |727A0000|cryptnet.dll |Crypto Network Related API |10.0.20348.1 |137728 |2021-05-08 09:14:04|C:\WINDOWS\SYSTEM32 | |727D0000|MSASN1.dll |ASN.1 Runtime APIs |10.0.20348.2849 |52328 |2024-12-09 14:37:16|C:\WINDOWS\SYSTEM32 | |72E80000|UxTheme.dll |Microsoft UxTheme Library |10.0.20348.3451 |486912 |2025-05-07 15:24:46|C:\WINDOWS\SYSTEM32 | |73160000|dwmapi.dll |Microsoft Desktop Window Manager API |10.0.20348.3932 |138480 |2025-08-15 16:47:42|C:\WINDOWS\SYSTEM32 | |731C0000|ncryptsslp.dll |Microsoft SChannel Provider |10.0.20348.2849 |120504 |2024-12-09 14:37:16|C:\WINDOWS\system32 | |731E0000|mskeyprotect.dll |Microsoft Key Protection Provider |10.0.20348.2849 |50688 |2024-12-09 14:37:04|C:\WINDOWS\SYSTEM32 | |73200000|schannel.dll |TLS / SSL Security Provider |10.0.20348.3932 |525824 |2025-08-15 16:47:44|C:\WINDOWS\System32 | |732A0000|msimg32.dll |GDIEXT Client DLL |10.0.20348.2849 |7168 |2024-12-09 14:37:18|C:\WINDOWS\SYSTEM32 | |732B0000|dssenh.dll |Microsoft Enhanced DSS and Diffie-Hellman Cryptographic Provider|10.0.20348.2849 |137032 |2024-12-09 14:37:14|C:\WINDOWS\system32 | |73410000|wsock32.dll |Windows Socket 32-Bit DLL |10.0.20348.1 |16896 |2021-05-08 09:14:02|C:\WINDOWS\SYSTEM32 | |734B0000|msadce.dll |OLE DB Cursor Engine |10.0.20348.3089 |619520 |2025-03-04 10:47:28|C:\Program Files (x86)\Common Files\System\msadc | |73550000|ntdsapi.dll |Active Directory Domain Services API |10.0.20348.2849 |99328 |2024-12-09 14:36:36|C:\WINDOWS\SYSTEM32 | |73570000|cryptdll.dll |Cryptography Manager |10.0.20348.1 |57336 |2021-05-08 09:14:04|C:\WINDOWS\SYSTEM32 | |73590000|msv1_0.DLL |Microsoft Authentication Package v1.0 |10.0.20348.4050 |459696 |2025-08-15 16:47:44|C:\WINDOWS\System32 | |73610000|Comctl32.dll |User Experience Controls Library |6.10.20348.4050 |2229168|2025-08-04 22:21:58|C:\WINDOWS\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.20348.4050_none_dc258cc7036c1e5c | |73840000|DSPARSE.DLL |Active Directory Domain Services API |10.0.20348.2849 |23552 |2024-12-09 14:37:14|C:\WINDOWS\SYSTEM32 | |73850000|NtlmShared.dll |NTLM Shared Functionality |10.0.20348.2849 |34816 |2024-12-09 14:37:16|C:\WINDOWS\SYSTEM32 | |73860000|SECUR32.DLL |Security Support Provider Interface |10.0.20348.2849 |20480 |2024-12-09 14:37:28|C:\WINDOWS\SYSTEM32 | |73870000|sqloledb.dll |OLE DB Provider for SQL Server |10.0.20348.3451 |813568 |2025-05-07 15:25:26|C:\Program Files (x86)\Common Files\System\Ole DB | |73940000|comsvcs.dll |COM+ Services |2001.12.10941.16384|1386496|2024-12-09 14:37:14|C:\Windows\System32 | |73AA0000|oledb32.dll |OLE DB Core Services |10.0.20348.2849 |830976 |2024-12-09 14:37:26|C:\Program Files (x86)\Common Files\System\Ole DB | |73B80000|msado15.dll |ActiveX Data Objects |10.0.20348.3089 |1094144|2025-03-04 10:47:28|C:\Program Files (x86)\Common Files\System\ado | |73C90000|comctl32.dll |Common Controls Library |5.82.20348.3804 |581048 |2025-08-04 22:21:58|C:\WINDOWS\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.20348.3804_none_7f28018c2ad6c0b3| |73D20000|wininet.dll |Internet Extensions for Win32 |11.0.20348.3451 |4661112|2025-05-07 15:25:12|C:\WINDOWS\SYSTEM32 | |74190000|DBNETLIB.DLL |Winsock Oriented Net DLL for SQL Clients |10.0.20348.1 |109568 |2021-05-08 09:13:58|C:\WINDOWS\SYSTEM32 | |741B0000|MSDATL3.dll |OLE DB Implementation Support Routines |10.0.20348.1 |101888 |2021-05-08 09:13:58|C:\Program Files (x86)\Common Files\System\Ole DB | |741D0000|DPAPI.DLL |Data Protection API |10.0.20348.2849 |13312 |2024-12-09 14:37:14|C:\WINDOWS\SYSTEM32 | |741E0000|netbios.dll |NetBIOS Interface Library |10.0.20348.1 |15872 |2021-05-08 09:14:00|C:\WINDOWS\SYSTEM32 | |741F0000|NETAPI32.dll |Net Win32 API DLL |10.0.20348.2849 |75064 |2024-12-09 14:36:36|C:\WINDOWS\SYSTEM32 | |74210000|MSDART.DLL |OLE DB Runtime Routines |10.0.20348.3089 |136192 |2025-03-04 10:47:18|C:\WINDOWS\SYSTEM32 | |74240000|gzip.dll |GZIP Compression DLL |10.0.20348.1 |29184 |2022-08-05 10:00:58|C:\WINDOWS\system32\inetsrv | |74250000|validcfg.dll |Configuration Validation Module |10.0.20348.2849 |17920 |2024-12-09 14:38:08|C:\WINDOWS\System32\inetsrv | |74260000|warmup.dll |HTTP Application Warmup Handler |10.0.20348.1 |28672 |2022-08-05 10:00:48|C:\WINDOWS\System32\inetsrv | |74270000|iisfcgi.dll |FastCGI handler |10.0.20348.1 |74240 |2022-08-05 10:00:50|C:\WINDOWS\System32\inetsrv | |74290000|cgi.dll |CGI handler |10.0.20348.1 |38912 |2022-08-05 10:00:50|C:\WINDOWS\System32\inetsrv | |742A0000|filter.dll |ISAPI filter module |10.0.20348.1 |56832 |2022-08-05 10:00:48|C:\WINDOWS\System32\inetsrv | |742C0000|isapi.dll |IIS ISAPI Handler |10.0.20348.2849 |111616 |2024-12-09 14:38:12|C:\WINDOWS\System32\inetsrv | |742E0000|iisreqs.dll |IIS request monitor |10.0.20348.1 |15872 |2022-08-05 10:00:40|C:\WINDOWS\System32\inetsrv | |742F0000|iisfreb.dll |Failed requests event buffering module |10.0.20348.1 |161280 |2022-08-05 10:00:54|C:\WINDOWS\System32\inetsrv | |74320000|iisetw.dll |ETW tracing support module |10.0.20348.1 |131072 |2022-08-05 10:00:54|C:\WINDOWS\System32\inetsrv | |74350000|netutils.dll |Net Win32 API Helpers DLL |10.0.20348.2849 |39416 |2024-12-09 14:37:16|C:\WINDOWS\SYSTEM32 | |74360000|custerr.dll |Custom error handler |10.0.20348.1 |40448 |2022-08-05 10:01:00|C:\WINDOWS\System32\inetsrv | |74370000|logcust.dll |IIS custom logging module |10.0.20348.1 |21504 |2022-08-05 10:00:54|C:\WINDOWS\System32\inetsrv | |74380000|modrqflt.dll |Request filtering handler |10.0.20348.3804 |39936 |2025-08-15 16:47:58|C:\WINDOWS\System32\inetsrv | |74390000|diprestr.dll |Dynamic IP Restriction Module |10.0.20348.1 |33280 |2022-08-05 10:00:42|C:\WINDOWS\System32\inetsrv | |743A0000|iprestr.dll |IP restriction module |10.0.20348.1 |25600 |2022-08-05 10:00:42|C:\WINDOWS\System32\inetsrv | |743B0000|authmap.dll |IIS certmap authentication provider |10.0.20348.2849 |40448 |2024-12-09 14:38:12|C:\WINDOWS\System32\inetsrv | |743C0000|authmd5.dll |Digest authentication provider |10.0.20348.1 |35840 |2022-08-05 10:00:44|C:\WINDOWS\System32\inetsrv | |743D0000|wkscli.dll |Workstation Service Client DLL |10.0.20348.3207 |68296 |2025-03-04 10:47:16|C:\WINDOWS\SYSTEM32 | |743F0000|authsspi.dll |SSPI authentication provider |10.0.20348.1 |47616 |2022-08-05 10:00:50|C:\WINDOWS\System32\inetsrv | |74400000|authbas.dll |basic authentication provider |10.0.20348.2849 |33792 |2024-12-09 14:38:12|C:\WINDOWS\System32\inetsrv | |74410000|urlauthz.dll |Url Authorization Module |10.0.20348.1 |20992 |2022-08-05 10:00:48|C:\WINDOWS\System32\inetsrv | |74420000|authcert.dll |AD certmap authentication provider |10.0.20348.2849 |24064 |2024-12-09 14:38:12|C:\WINDOWS\System32\inetsrv | |74430000|authanon.dll |anonymous authentication provider |10.0.20348.2849 |32256 |2024-12-09 14:38:12|C:\WINDOWS\System32\inetsrv | |74440000|static.dll |Static file handler |10.0.20348.1 |32768 |2022-08-05 10:00:40|C:\WINDOWS\System32\inetsrv | |74450000|iis_ssi.dll |Microsoft Server Side Include Extension |10.0.20348.1 |29696 |2022-08-05 10:00:56|C:\WINDOWS\System32\inetsrv | |74460000|redirect.dll |http redirection |10.0.20348.1 |19456 |2022-08-05 10:00:40|C:\WINDOWS\System32\inetsrv | |74470000|protsup.dll |Protocol Support handler |10.0.20348.1 |22528 |2022-08-05 10:00:50|C:\WINDOWS\System32\inetsrv | |74480000|dirlist.dll |Directory Listing handler |10.0.20348.1 |21504 |2022-08-05 10:00:50|C:\WINDOWS\System32\inetsrv | |74490000|defdoc.dll |Default Document handler |10.0.20348.1 |17920 |2022-08-05 10:00:58|C:\WINDOWS\System32\inetsrv | |744A0000|compstat.dll |Static compression module |10.0.20348.1 |44032 |2022-08-05 10:00:56|C:\WINDOWS\System32\inetsrv | |744B0000|compdyn.dll |Dynamic compression module |10.0.20348.1 |34304 |2022-08-05 10:00:54|C:\WINDOWS\System32\inetsrv | |744C0000|cachhttp.dll |Http cache provider |10.0.20348.2849 |44544 |2024-12-09 14:38:12|C:\WINDOWS\System32\inetsrv | |744D0000|cachtokn.dll |token cache provider |10.0.20348.2849 |13312 |2024-12-09 14:38:12|C:\WINDOWS\System32\inetsrv | |744E0000|cachfile.dll |File cache provider |10.0.20348.2849 |19456 |2024-12-09 14:38:12|C:\WINDOWS\System32\inetsrv | |744F0000|cachuri.dll |URI cache provider |10.0.20348.2849 |11776 |2024-12-09 14:38:12|C:\WINDOWS\System32\inetsrv | |74500000|loghttp.dll |HTTP Logging module |10.0.20348.1 |31232 |2022-08-05 10:00:46|C:\WINDOWS\System32\inetsrv | |74510000|SspiCli.dll |Security Support Provider Interface |10.0.20348.3804 |167464 |2025-08-15 16:47:56|C:\WINDOWS\SYSTEM32 | |74540000|wshbth.dll |Windows Sockets Helper DLL |10.0.20348.4050 |51712 |2025-08-15 16:47:42|C:\WINDOWS\system32 | |74560000|nlansp_c.dll |NLA Namespace Service Provider DLL |10.0.20348.3692 |84480 |2025-08-15 16:47:46|C:\WINDOWS\system32 | |74580000|winrnr.dll |LDAP RnR Provider DLL |10.0.20348.1 |44440 |2021-05-08 09:15:08|C:\WINDOWS\System32 | |74590000|napinsp.dll |E-mail Naming Shim Provider |10.0.20348.1 |67632 |2021-05-08 09:15:02|C:\WINDOWS\system32 | |745B0000|HTTPAPI.dll |HTTP Protocol Stack API |10.0.20348.3804 |40400 |2025-08-15 16:47:44|C:\WINDOWS\SYSTEM32 | |745C0000|w3dt.dll |IIS Worker Process/Http.sys Interface |10.0.20348.3451 |96256 |2025-05-07 15:26:04|C:\WINDOWS\System32\inetsrv | |745E0000|W3TP.dll |IIS Thread Pool Library |10.0.20348.1 |22528 |2022-08-05 10:00:58|C:\WINDOWS\System32\inetsrv | |745F0000|iiscore.dll |IIS Web Server Core |10.0.20348.3451 |235520 |2025-05-07 15:26:04|C:\WINDOWS\system32\inetsrv | |74630000|clr.dll |Microsoft .NET Runtime Common Language Runtime - WorkStation |4.8.4795.0 |8661576|2025-05-29 10:00:58|C:\Windows\Microsoft.NET\Framework\v4.0.30319 | |74E80000|mscoreei.dll |Microsoft .NET Runtime Execution Engine |4.8.4380.0 |574344 |2022-07-04 18:43:28|C:\Windows\Microsoft.NET\Framework\v4.0.30319 | |74F10000|mscoree.dll |Microsoft .NET Runtime Execution Engine |10.0.20348.1 |323072 |2021-05-08 09:13:58|C:\WINDOWS\SYSTEM32 | |74F70000|ucrtbase_clr0400.dll |Microsoft� C Runtime Library |14.10.25028.0 |702400 |2021-05-08 09:16:08|C:\WINDOWS\SYSTEM32 | |75020000|VCRUNTIME140_CLR0400.dll|Microsoft� C Runtime Library |14.10.25028.0 |83768 |2021-05-08 09:16:08|C:\WINDOWS\SYSTEM32 | |75040000|webengine4.dll |Microsoft ASP.NET Support DLL |4.8.4770.0 |566304 |2024-09-25 01:54:24|C:\Windows\Microsoft.NET\Framework\v4.0.30319 | |750D0000|mlang.dll |Multi Language Support DLL |10.0.20348.1 |202240 |2021-05-08 09:14:02|C:\WINDOWS\system32 | |75110000|NTASN1.dll |Microsoft ASN.1 API |10.0.20348.1 |162632 |2021-05-08 09:14:04|C:\WINDOWS\SYSTEM32 | |75140000|XmlLite.dll |Microsoft XmlLite Library |10.0.20348.2849 |176280 |2024-12-09 14:37:18|C:\WINDOWS\SYSTEM32 | |75170000|ncrypt.dll |Windows NCrypt Router |10.0.20348.3451 |153576 |2025-05-07 15:25:08|C:\WINDOWS\SYSTEM32 | |751A0000|ktmw32.dll |Windows KTM Win32 Client DLL |10.0.20348.1 |21504 |2021-05-08 09:14:00|C:\WINDOWS\SYSTEM32 | |751B0000|nativerd.dll |Native Code Configuration Reader |10.0.20348.3451 |387072 |2025-05-07 15:26:04|C:\WINDOWS\System32\inetsrv | |75220000|w3wphost.dll |WAS App Hosting library |10.0.20348.1 |64512 |2022-08-05 10:00:58|C:\WINDOWS\System32\inetsrv | |75240000|ntmarta.dll |Windows NT MARTA provider |10.0.20348.1 |155976 |2021-05-08 09:14:04|C:\WINDOWS\SYSTEM32 | |75270000|iisutil.dll |IISUTIL |10.0.20348.3451 |243200 |2025-05-07 15:26:04|C:\WINDOWS\System32\inetsrv | |752C0000|dhcpcsvc.DLL |DHCP Client Service |10.0.20348.2849 |79328 |2024-12-09 14:37:14|C:\WINDOWS\SYSTEM32 | |752E0000|dhcpcsvc6.DLL |DHCPv6 Client |10.0.20348.2849 |74248 |2024-12-09 14:37:14|C:\WINDOWS\SYSTEM32 | |75300000|VERSION.dll |Version Checking and File Installation Libraries |10.0.20348.2849 |29048 |2024-12-09 14:37:32|C:\WINDOWS\SYSTEM32 | |753C0000|USERENV.dll |Userenv |10.0.20348.3451 |148960 |2025-05-07 15:25:08|C:\WINDOWS\SYSTEM32 | |75660000|fwpuclnt.dll |FWP/IPsec User-Mode API |10.0.20348.4050 |358400 |2025-08-15 16:47:40|C:\WINDOWS\System32 | |756C0000|rasadhlp.dll |Remote Access AutoDial Helper |10.0.20348.1 |13312 |2021-05-08 09:15:10|C:\Windows\System32 | |756D0000|CRYPTBASE.dll |Base cryptographic API DLL |10.0.20348.3089 |33272 |2025-03-04 10:47:30|C:\WINDOWS\SYSTEM32 | |756E0000|rsaenh.dll |Microsoft Enhanced Cryptographic Provider |10.0.20348.3932 |197384 |2025-08-15 16:47:44|C:\WINDOWS\system32 | |75720000|CRYPTSP.dll |Cryptographic Service Provider API |10.0.20348.3692 |83792 |2025-08-15 16:47:44|C:\WINDOWS\SYSTEM32 | |75740000|mswsock.dll |Microsoft Windows Sockets 2.0 Service Provider |10.0.20348.3692 |324552 |2025-08-15 16:47:42|C:\WINDOWS\System32 | |75970000|DNSAPI.dll |DNS Client API DLL |10.0.20348.3692 |666888 |2025-08-15 16:47:42|C:\WINDOWS\SYSTEM32 | |75A20000|IPHLPAPI.DLL |IP Helper API |10.0.20348.2849 |142184 |2024-12-09 14:37:14|C:\WINDOWS\SYSTEM32 | |75B50000|kernel.appcore.dll |AppModel API Host |10.0.20348.1 |67632 |2021-05-08 09:14:02|C:\WINDOWS\SYSTEM32 | |75B70000|KERNEL32.DLL |Windows NT BASE API Client DLL |10.0.20348.3692 |641928 |2025-08-15 16:47:34|C:\WINDOWS\System32 | |75C60000|clbcatq.dll |COM+ Configuration Catalog |2001.12.10941.16384|520248 |2024-12-09 14:37:14|C:\WINDOWS\System32 | |75CF0000|user32.dll |Multi-User Windows USER API Client DLL |10.0.20348.4050 |1724184|2025-08-15 16:47:42|C:\WINDOWS\System32 | |75F10000|gdi32full.dll |GDI Client DLL |10.0.20348.4050 |946304 |2025-08-15 16:47:44|C:\WINDOWS\System32 | |76000000|KERNELBASE.dll |Windows NT BASE API Client DLL |10.0.20348.4050 |2435896|2025-08-15 16:47:08|C:\WINDOWS\System32 | |767F0000|NSI.dll |NSI User-mode interface DLL |10.0.20348.2849 |21864 |2024-12-09 14:34:44|C:\WINDOWS\System32 | |76800000|msvcrt.dll |Windows NT CRT DLL |7.0.20348.3089 |788336 |2025-03-04 10:47:30|C:\WINDOWS\System32 | |769B0000|WS2_32.dll |Windows Socket 2.0 32-Bit DLL |10.0.20348.2849 |411304 |2024-12-09 14:38:00|C:\WINDOWS\System32 | |76A20000|bcryptPrimitives.dll |Windows Cryptographic Primitives Library |10.0.20348.2849 |409776 |2024-12-09 14:34:44|C:\WINDOWS\System32 | |76A90000|win32u.dll |Win32u |10.0.20348.4050 |102376 |2025-08-15 16:47:42|C:\WINDOWS\System32 | |76AB0000|msvcp_win.dll |Microsoft� C Runtime Library |10.0.20348.2849 |509968 |2024-12-09 14:37:14|C:\WINDOWS\System32 | |76B30000|ucrtbase.dll |Microsoft� C Runtime Library |10.0.20348.2849 |1128200|2024-12-09 14:37:14|C:\WINDOWS\System32 | |76C50000|RPCRT4.dll |Remote Procedure Call Runtime |10.0.20348.4050 |771208 |2025-08-15 16:47:56|C:\WINDOWS\System32 | |76D10000|sechost.dll |Host for SCM/SDDL/LSA Lookup APIs |10.0.20348.3804 |508848 |2025-08-15 16:47:58|C:\WINDOWS\System32 | |76D90000|GDI32.dll |GDI Client DLL |10.0.20348.3932 |139568 |2025-08-15 16:47:38|C:\WINDOWS\System32 | |76DC0000|SHLWAPI.dll |Shell Light-weight Utility Library |10.0.20348.3804 |308400 |2025-08-15 16:47:46|C:\WINDOWS\System32 | |76E10000|OLEAUT32.dll |OLEAUT32.DLL |10.0.20348.3932 |635376 |2025-08-15 16:47:44|C:\WINDOWS\System32 | |76EB0000|advapi32.dll |Advanced Windows 32 Base API |10.0.20348.3932 |510360 |2025-08-15 16:47:54|C:\WINDOWS\System32 | |771B0000|bcrypt.dll |Windows Cryptographic Primitives Library |10.0.20348.3089 |99272 |2025-03-04 10:47:16|C:\WINDOWS\System32 | |77230000|CRYPT32.dll |Crypto API32 |10.0.20348.4050 |1056336|2025-08-15 16:47:44|C:\WINDOWS\System32 | |77340000|combase.dll |Microsoft COM for Windows |10.0.20348.3932 |2660048|2025-08-15 16:47:44|C:\WINDOWS\System32 | |775D0000|shell32.dll |Windows Shell Common Dll |10.0.20348.3804 |6151096|2025-08-15 16:47:48|C:\WINDOWS\System32 | |77BB0000|shcore.dll |SHCORE |10.0.20348.3451 |728944 |2025-05-07 15:25:06|C:\WINDOWS\System32 | |77C70000|ole32.dll |Microsoft OLE for Windows |10.0.20348.3804 |953056 |2025-08-15 16:47:42|C:\WINDOWS\System32 | |77D60000|PSAPI.DLL |Process Status Helper |10.0.20348.2849 |18216 |2024-12-09 14:37:12|C:\WINDOWS\System32 | |77D80000|ntdll.dll |NT Layer DLL |10.0.20348.3932 |1719096|2025-08-15 16:47:44|C:\WINDOWS\SYSTEM32 | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- Processes Information: -------------------------------------------------------------------------------------------------------------------------------------------- |ID |Name |Description |Version |Memory|Priority |Threads|Path | -------------------------------------------------------------------------------------------------------------------------------------------- |0 |[System Process] | | |0 | |4 | | |4 |System | | |0 |Normal |143 | | |120 |Registry | | |0 |Normal |4 | | |304 |LogonUI.exe | | |0 |High |9 | | |344 |smss.exe | | |0 |Above-Normal|2 | | |408 |dwm.exe | | |0 |High |15 | | |412 |svchost.exe |Host Process for Windows Services|10.0.20348.3451|0 |Normal |31 | | |464 |csrss.exe | | |0 |High |10 | | |476 |SearchIndexer.exe |Microsoft Windows Search Indexer |7.0.20348.3932 |0 |Normal |13 | | |536 |wininit.exe | | |0 |High |1 | | |544 |csrss.exe | | |0 |High |9 | | |604 |winlogon.exe | | |0 |High |2 | | |668 |services.exe | | |0 |Normal |5 | | |676 |lsass.exe | | |0 |Normal |10 | | |792 |svchost.exe |Host Process for Windows Services|10.0.20348.3451|0 |Normal |9 | | |812 |fontdrvhost.exe |Usermode Font Driver Host |10.0.20348.3451|0 |Normal |5 | | |820 |fontdrvhost.exe |Usermode Font Driver Host |10.0.20348.3451|0 |Normal |5 | | |832 |dwm.exe | | |0 |High |15 | | |892 |svchost.exe |Host Process for Windows Services|10.0.20348.3451|0 |Normal |9 | | |956 |svchost.exe |Host Process for Windows Services|10.0.20348.3451|0 |Normal |2 | | |1060|svchost.exe |Host Process for Windows Services|10.0.20348.3451|0 |Normal |3 | | |1068|svchost.exe |Host Process for Windows Services|10.0.20348.3451|0 |Normal |2 | | |1080|svchost.exe |Host Process for Windows Services|10.0.20348.3451|0 |Normal |1 | | |1088|svchost.exe |Host Process for Windows Services|10.0.20348.3451|0 |Normal |4 | | |1152|svchost.exe |Host Process for Windows Services|10.0.20348.3451|0 |Normal |1 | | |1160|svchost.exe |Host Process for Windows Services|10.0.20348.3451|0 |Normal |1 | | |1172|svchost.exe |Host Process for Windows Services|10.0.20348.3451|0 |Normal |5 | | |1200|svchost.exe |Host Process for Windows Services|10.0.20348.3451|0 |Normal |6 | | |1220|svchost.exe |Host Process for Windows Services|10.0.20348.3451|0 |Normal |5 | | |1240|w3wp.exe |IIS Worker Process |10.0.20348.1 |0 |Normal |44 | | |1308|svchost.exe |Host Process for Windows Services|10.0.20348.3451|0 |Normal |11 | | |1332|svchost.exe |Host Process for Windows Services|10.0.20348.3451|0 |Normal |6 | | |1388|TextInputHost.exe | | |0 |Normal |10 | | |1444|svchost.exe |Host Process for Windows Services|10.0.20348.3451|0 |Normal |1 | | |1456|svchost.exe |Host Process for Windows Services|10.0.20348.3451|0 |Normal |7 | | |1504|svchost.exe |Host Process for Windows Services|10.0.20348.3451|0 |Normal |13 | | |1620|svchost.exe |Host Process for Windows Services|10.0.20348.3451|0 |Normal |3 | | |1656|svchost.exe |Host Process for Windows Services|10.0.20348.3451|0 |Normal |4 | | |1676|svchost.exe |Host Process for Windows Services|10.0.20348.3451|0 |Normal |4 | | |1728|svchost.exe |Host Process for Windows Services|10.0.20348.3451|0 |Normal |4 | | |1752|svchost.exe |Host Process for Windows Services|10.0.20348.3451|0 |Normal |4 | | |1760|svchost.exe |Host Process for Windows Services|10.0.20348.3451|0 |Normal |2 | | |1772|RuntimeBroker.exe | | |0 |Normal |3 | | |1788|svchost.exe |Host Process for Windows Services|10.0.20348.3451|0 |Normal |3 | | |1796|svchost.exe |Host Process for Windows Services|10.0.20348.3451|0 |Normal |2 | | |1828|TCPSVCS.EXE |TCP/IP Services Application |10.0.20348.2849|0 |Normal |2 | | |1888|svchost.exe |Host Process for Windows Services|10.0.20348.3451|0 |Normal |4 | | |1900|svchost.exe |Host Process for Windows Services|10.0.20348.3451|0 |Normal |2 | | |1980|svchost.exe |Host Process for Windows Services|10.0.20348.3451|0 |Normal |2 | | |2008|svchost.exe |Host Process for Windows Services|10.0.20348.3451|0 |Normal |3 | | |2016|explorer.exe |Windows Explorer |10.0.20348.3692|0 |Normal |28 | | |2104|svchost.exe |Host Process for Windows Services|10.0.20348.3451|0 |Normal |5 | | |2132|svchost.exe |Host Process for Windows Services|10.0.20348.3451|0 |Normal |2 | | |2260|svchost.exe |Host Process for Windows Services|10.0.20348.3451|0 |Normal |5 | | |2296|RuntimeBroker.exe | | |0 |Normal |1 | | |2400|svchost.exe |Host Process for Windows Services|10.0.20348.3451|0 |Normal |6 | | |2416|rdpclip.exe | | |0 |Normal |6 | | |2508|spoolsv.exe | | |0 |Normal |7 | | |2580|svchost.exe |Host Process for Windows Services|10.0.20348.3451|0 |Normal |2 | | |2584|svchost.exe |Host Process for Windows Services|10.0.20348.3451|0 |Normal |4 | | |2656|svchost.exe |Host Process for Windows Services|10.0.20348.3451|0 |Normal |7 | | |2664|svchost.exe |Host Process for Windows Services|10.0.20348.3451|0 |Normal |5 | | |2676|armsvc.exe | | |0 |Normal |3 | | |2708|svchost.exe |Host Process for Windows Services|10.0.20348.3451|0 |Normal |8 | | |2752|inetinfo.exe | | |0 |Normal |3 | | |2808|svchost.exe |Host Process for Windows Services|10.0.20348.3451|0 |Normal |4 | | |2816|svchost.exe |Host Process for Windows Services|10.0.20348.3451|0 |Normal |4 | | |2828|svchost.exe |Host Process for Windows Services|10.0.20348.3451|0 |Normal |4 | | |2844|w3wp.exe |IIS Worker Process |10.0.20348.1 |0 |Normal |45 | | |2860|sihost.exe | | |0 |Normal |9 | | |2884|ctfmon.exe |CTF Loader |10.0.20348.1 |0 |High |8 | | |2892|svchost.exe |Host Process for Windows Services|10.0.20348.3451|0 |Normal |3 | | |2900|InstantDataService.exe | | |0 |Normal |30 | | |2920|svchost.exe |Host Process for Windows Services|10.0.20348.3451|0 |Normal |5 | | |2936|MpDefenderCoreService.exe | | |0 |Normal |10 | | |2964|qemu-ga.exe | | |0 |Normal |3 | | |2976|svchost.exe |Host Process for Windows Services|10.0.20348.3451|0 |Normal |1 | | |2992|a5backup64.exe | | |0 |Normal |61 | | |3108|svchost.exe |Host Process for Windows Services|10.0.20348.3451|0 |Normal |2 | | |3124|svchost.exe |Host Process for Windows Services|10.0.20348.3451|0 |Normal |3 | | |3152|svchost.exe |Host Process for Windows Services|10.0.20348.3451|0 |Normal |3 | | |3184|svchost.exe |Host Process for Windows Services|10.0.20348.3451|0 |Normal |16 | | |3208|svchost.exe |Host Process for Windows Services|10.0.20348.3451|0 |Normal |4 | | |3244|MsMpEng.exe | | |0 |Normal |25 | | |3288|svchost.exe |Host Process for Windows Services|10.0.20348.3451|0 |Normal |9 | | |3324|fontdrvhost.exe |Usermode Font Driver Host |10.0.20348.3451|0 |Normal |5 | | |3408|svchost.exe |Host Process for Windows Services|10.0.20348.3451|0 |Normal |5 | | |3428|svchost.exe |Host Process for Windows Services|10.0.20348.3451|0 |Normal |1 | | |3492|zabbix_agentd.exe | | |0 |Normal |11 | | |3532|svchost.exe |Host Process for Windows Services|10.0.20348.3451|0 |Normal |2 | | |3604|svchost.exe |Host Process for Windows Services|10.0.20348.3451|0 |Normal |11 | | |3748|dllhost.exe |COM Surrogate |10.0.20348.1 |0 |Normal |10 | | |4024|AggregatorHost.exe | | |0 |Normal |2 | | |4048|NisSrv.exe | | |0 |Normal |11 | | |4056|svchost.exe |Host Process for Windows Services|10.0.20348.3451|0 |Normal |3 | | |4420|csrss.exe | | |0 |High |10 | | |4432|dllhost.exe |COM Surrogate |10.0.20348.1 |0 |Normal |4 | | |4528|SecurityHealthService.exe | | |0 |Normal |3 | | |4576|RuntimeBroker.exe | | |0 |Normal |2 | | |4608|RuntimeBroker.exe | | |0 |Normal |2 | | |4668|sihost.exe | | |0 |Normal |9 | | |4920|svchost.exe |Host Process for Windows Services|10.0.20348.3451|0 |Normal |5 | | |5148|winlogon.exe | | |0 |High |2 | | |5188|rdpclip.exe | | |0 |Normal |6 | | |5276|svchost.exe |Host Process for Windows Services|10.0.20348.3451|0 |Normal |21 | | |5500|csrss.exe | | |0 |High |10 | | |5504|msdtc.exe | | |0 |Normal |9 | | |5524|svchost.exe |Host Process for Windows Services|10.0.20348.3451|0 |Normal |2 | | |5612|taskhostw.exe | | |0 |Normal |4 | | |5624|svchost.exe |Host Process for Windows Services|10.0.20348.3451|0 |Normal |10 | | |5748|SearchApp.exe | | |0 |Normal |15 | | |5828|dwm.exe | | |0 |High |14 | | |5888|StartMenuExperienceHost.exe| | |0 |Normal |9 | | |5912|svchost.exe |Host Process for Windows Services|10.0.20348.3451|0 |Normal |4 | | |5916|svchost.exe |Host Process for Windows Services|10.0.20348.3451|0 |Normal |5 | | |6116|winlogon.exe | | |0 |High |2 | | |6224|explorer.exe |Windows Explorer |10.0.20348.3692|0 |Normal |29 | | |6604|ShellExperienceHost.exe | | |0 |Normal |14 | | |6684|taskhostw.exe | | |0 |Normal |4 | | |6696|svchost.exe |Host Process for Windows Services|10.0.20348.3451|0 |Normal |3 | | |6760|StartMenuExperienceHost.exe| | |0 |Normal |17 | | |6768|TextInputHost.exe | | |0 |Normal |10 | | |6928|RuntimeBroker.exe | | |0 |Normal |3 | | |7000|svchost.exe |Host Process for Windows Services|10.0.20348.3451|0 |Normal |3 | | |7060|SearchApp.exe | | |0 |Normal |15 | | |7108|LogonUI.exe | | |0 |High |6 | | |7180|svchost.exe |Host Process for Windows Services|10.0.20348.3451|0 |Normal |7 | | |7452|tray.exe | | |0 |Normal |2 | | |7596|jusched.exe | | |0 |Normal |4 | | |7732|svchost.exe |Host Process for Windows Services|10.0.20348.3451|0 |Normal |9 | | |7752|w3wp.exe |IIS Worker Process |10.0.20348.1 |0 |Normal |16 | | |7808|LogonUI.exe | | |0 |High |6 | | |7852|RuntimeBroker.exe | | |0 |Normal |2 | | |7992|ctfmon.exe |CTF Loader |10.0.20348.1 |0 |High |8 | | |8016|svchost.exe |Host Process for Windows Services|10.0.20348.3451|0 |Normal |8 | | |8032|fontdrvhost.exe |Usermode Font Driver Host |10.0.20348.3451|0 |Normal |5 | | |8208|w3wp.exe |IIS Worker Process |10.0.20348.1 |0 |Normal |45 |C:\WINDOWS\SysWOW64\inetsrv| |8428|RuntimeBroker.exe | | |0 |Normal |1 | | |8544|ShellExperienceHost.exe | | |0 |Normal |14 | | |8600|svchost.exe |Host Process for Windows Services|10.0.20348.3451|0 |Normal |2 | | |8832|InetMgr.exe | | |0 |Normal |6 | | |8924|tray.exe | | |0 |Normal |2 | | |9016|jusched.exe | | |0 |Normal |4 | | |9044|w3wp.exe |IIS Worker Process |10.0.20348.1 |0 |Normal |16 | | |9120|RuntimeBroker.exe | | |0 |Normal |2 | | -------------------------------------------------------------------------------------------------------------------------------------------- Assembler Information: ------------------------------------------------------ 0065B4D4 push eax 0065B4D5 mov eax, [eax] 0065B4D7 call dword ptr [eax+$20] 0065B4DA call -$002537C3 0065B4DF mov eax, [ebp-$04] 0065B4E2 push eax 0065B4E3 mov eax, [ebx+$6C] 0065B4E6 push eax 0065B4E7 mov eax, [eax] 0065B4E9 call dword ptr [eax+$50] 0065B4EC call -$002537D5 ; <-- EXCEPTION 0065B4F1 mov eax, [ebx+$78] 0065B4F4 xor edx, edx 0065B4F6 call -$002550F7 0065B4FB jz +$12 0065B4FD mov eax, [ebx+$78] 0065B500 push eax 0065B501 mov eax, [ebx+$6C] 0065B504 push eax 0065B505 mov eax, [eax] 0065B507 call dword ptr [eax+$5C] Registers: ----------------------------- EAX: 0665DA70 EDI: 00000001 EBX: 80004005 ESI: 0065B4F1 ECX: 04F36000 ESP: 0730F384 EDX: 0065B4F1 EIP: 0065B4EC Stack: Memory Dump: ------------------ --------------------------------------------------------------------------- 0730F384: 0730F3C4 06C76210: E8 2B C8 DA FF 8B 43 78 33 D2 E8 09 AF DA FF 74 .+....Cx3......t 0730F388: 00404FE8 06C76220: 12 8B 43 78 50 8B 43 6C 50 8B 00 FF 50 5C E8 0D ..CxP.ClP...P\.. 0730F38C: 0730F3B8 06C76230: C8 DA FF 33 C0 5A 59 59 64 89 10 68 2C B5 65 00 ...3.ZYYd..h,.e. 0730F390: 06BCB9B0 06C76240: 8D 45 FC E8 60 AB DA FF C3 E9 3E 9A DA FF EB F0 .E..`.....>..... 0730F394: 06BCB9B0 06C76250: 5B 59 5D C3 53 8B D8 83 7B 6C 00 74 22 EB 07 8B [Y].S...{l.t"... 0730F398: 00000000 06C76260: C3 E8 F6 FE FF FF 8B C3 E8 8F 0E 00 00 84 C0 75 ...............u 0730F39C: 00000000 06C76270: EE 8B 43 6C 50 8B 00 FF 50 3C E8 C1 C7 DA FF 5B ..ClP...P<.....[ 0730F3A0: 00000000 06C76280: C3 8D 40 00 53 56 57 8B D8 8B C3 8B 10 FF 52 38 [email protected] 0730F3A4: 00000000 06C76290: 84 C0 74 48 80 BB 8C 00 00 00 00 75 3F 8B C3 E8 ..tH.......u?... 0730F3A8: 00000000 06C762A0: 58 0E 00 00 84 C0 75 34 F6 43 1C 01 75 2E 8B C3 X.....u4.C..u... 0730F3AC: 00000000 06C762B0: 8B 10 FF 52 40 8B F0 4E 85 F6 7C 19 46 33 FF 8B [email protected]..|.F3.. 0730F3B0: 00000000 06C762C0: D7 8B C3 E8 28 0D 00 00 80 B8 9D 00 00 00 00 75 ....(..........u 0730F3B4: 00000000 06C762D0: 0B 47 4E 75 EA 8B C3 E8 F8 AC FE FF 5F 5E 5B C3 .GNu........_^[. 0730F3B8: 0730F3D8 06C762E0: 55 8B EC 6A 00 6A 00 6A 00 6A 00 53 56 57 8B D9 U..j.j.j.j.SVW.. 0730F3BC: 00407D2F 06C762F0: 8B F2 8B F8 33 C0 55 68 30 B6 65 00 64 FF 30 64 ....3.Uh0.e.d.0d 0730F3C0: 0065B4F1 06C76300: 89 20 8B C7 E8 7F FD FF FF 8B 45 08 E8 AB C5 DA . ........E..... |