Module: sihost.exe, 64-bit Full path: C:\Windows\system32\sihost.exe File version: 10.0.22621.1 (WinBuild.160101.0800) Description: Shell Infrastructure Host PID: 10952 Parent PID: 2844 (svchost.exe) Priority: 8 Threads: 18 Owner: AGRYNCO-NB\agrynco (S-1-5-21-4255264900-3681165211-3101920415-1001) Session: 1 Started at: 04.12.2023 20:38:13 Uptime: 09:43:39.2090609 Command Line: sihost.exe Current Directory: C:\Windows\system32\ Environment: ALLUSERSPROFILE=C:\ProgramData APPDATA=C:\Users\agrynco\AppData\Roaming CommonProgramFiles=C:\Program Files\Common Files CommonProgramFiles(x86)=C:\Program Files (x86)\Common Files CommonProgramW6432=C:\Program Files\Common Files COMPUTERNAME=AGRYNCO-NB ComSpec=C:\Windows\system32\cmd.exe DriverData=C:\Windows\System32\Drivers\DriverData HOMEDRIVE=C: HOMEPATH=\Users\agrynco IGCCSVC_DB=AQAAANCMnd8BFdERjHoAwE/Cl+sBAAAAOJ66MrrVw0+QBhqk5hoEKwQAAAACAAAAAAAQZgAAAAEAACAAAADnIlH5GScq5R1YwQo2Cdo8Ywd0ZnJUWgTOe7r4V5F63wAAAAAOgAAAAAIAACAAAAAlDR5jYnr48atTqrib8QkVE8gaMuCWSNJWtk+jRzAnqmAAAAALixtyTpkBnS9kEaVJMR5ea2pX1V5u/MVPU0mJfqqQjVqIIvyG3dc/oZ+f7BajWsnfH7FhM0r+7l9Y5zMMoZkm2KAtRIvw/7Ty5HukYLvfOe223gFueFWm34eioL7L3xRAAAAAJzbevzwd+31hEaN3Oa+gjRBOMxyfyX5U0mEeaqvaPv/Ds59UhBmINpbz6//2aDTGdkpe40Lp2WLhU71srp61hw== JetBrains Rider=C:\Program Files\JetBrains\JetBrains Rider 2023.2.3\bin; LOCALAPPDATA=C:\Users\agrynco\AppData\Local LOGONSERVER=\\AGRYNCO-NB NUMBER_OF_PROCESSORS=20 NVM_HOME=C:\Users\agrynco\AppData\Roaming\nvm NVM_SYMLINK=C:\Program Files\nodejs OneDrive=C:\Users\agrynco\OneDrive OneDriveConsumer=C:\Users\agrynco\OneDrive OS=Windows_NT Path=C:\Program Files\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files\Git\cmd;C:\Program Files\dotnet\;C:\Program Files\LINQPad7;C:\Program Files\Microsoft SQL Server\Client SDK\ODBC\170\Tools\Binn\;C:\Program Files\Microsoft SQL Server\150\Tools\Binn\;C:\Users\agrynco\AppData\Roaming\nvm;C:\Program Files\nodejs;C:\Program Files\WireGuard\;C:\Program Files (x86)\Microsoft SQL Server\160\DTS\Binn\;C:\Program Files\TortoiseGit\bin;C:\Program Files\Docker\Docker\resources\bin;C:\Program Files\PowerShell\7\;C:\Users\agrynco\AppData\Local\Microsoft\WindowsApps;C:\Users\agrynco\AppData\Local\Programs\Microsoft VS Code\bin;C:\Users\agrynco\.dotnet\tools;C:\Program Files\JetBrains\JetBrains Rider 2023.2.3\bin;C:\Program Files\Azure Data Studio\bin PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC POWERSHELL_DISTRIBUTION_CHANNEL=MSI:Windows 10 Pro PROCESSOR_ARCHITECTURE=AMD64 PROCESSOR_IDENTIFIER=Intel64 Family 6 Model 154 Stepping 3, GenuineIntel PROCESSOR_LEVEL=6 PROCESSOR_REVISION=9a03 ProgramData=C:\ProgramData ProgramFiles=C:\Program Files ProgramFiles(x86)=C:\Program Files (x86) ProgramW6432=C:\Program Files PSModulePath=%ProgramFiles%\WindowsPowerShell\Modules;C:\Windows\system32\WindowsPowerShell\v1.0\Modules PUBLIC=C:\Users\Public SONAR_TOKEN=sqp_4ba776407397ab3d628d0eea2a02bc040832cad0 SystemDrive=C: SystemRoot=C:\Windows TEMP=C:\Users\agrynco\AppData\Local\Temp TMP=C:\Users\agrynco\AppData\Local\Temp USERDOMAIN=AGRYNCO-NB USERDOMAIN_ROAMINGPROFILE=AGRYNCO-NB USERNAME=agrynco USERPROFILE=C:\Users\agrynco windir=C:\Windows ZES_ENABLE_SYSMAN=1 USER Objects: 12 Processor Time: 00:00:03.5781250 0% Privileged Time: 00:00:02.2187500 0% User Time: 00:00:01.3593750 0% Handle Count: 730 Page File Bytes: 7389184 Page File Bytes Peak: 7811072 Working Set: 35123200 Working Set Peak: 35430400 Pool Nonpaged Bytes: 21816 Pool Paged Bytes: 328504 Private Bytes: 7389184 Page Faults: 15181 0/sec Virtual Bytes: 2203519238144 Virtual Bytes Peak: 2203672059904 IO Data Bytes: 131220 0/sec IO Read Bytes: 131220 0/sec IO Write Bytes: 0 0/sec IO Other Bytes: 1051394 0/sec IO Data Operations: 257 0/sec IO Read Operations: 257 0/sec IO Write Operations: 0 0/sec IO Other Operations: 48592 0/sec Modules: Base Size Path (version info is not displayed) 00007FF6E3980000 24000 C:\Windows\system32\sihost.exe 00007FF87BE10000 217000 C:\Windows\SYSTEM32\ntdll.dll 00007FF87AD80000 C4000 C:\Windows\System32\KERNEL32.DLL 00007FF879480000 3A5000 C:\Windows\System32\KERNELBASE.dll 00007FF879270000 9A000 C:\Windows\System32\msvcp_win.dll 00007FF879950000 111000 C:\Windows\System32\ucrtbase.dll 00007FF87A5E0000 389000 C:\Windows\System32\combase.dll 00007FF87AF00000 117000 C:\Windows\System32\RPCRT4.dll 00007FF87ABD0000 A6000 C:\Windows\System32\sechost.dll 00007FF87A980000 B1000 C:\Windows\System32\advapi32.dll 00007FF87ACA0000 A7000 C:\Windows\System32\msvcrt.dll 00007FF875E60000 133000 C:\Windows\system32\CoreMessaging.dll 00007FF878250000 34000 C:\Windows\SYSTEM32\ntmarta.dll 00007FF878190000 18000 C:\Windows\SYSTEM32\kernel.appcore.dll 00007FF879A70000 7A000 C:\Windows\System32\bcryptPrimitives.dll 00007FF87BA00000 1AE000 C:\Windows\System32\user32.dll 00007FF879240000 26000 C:\Windows\System32\win32u.dll 00007FF87AD50000 29000 C:\Windows\System32\GDI32.dll 00007FF879830000 119000 C:\Windows\System32\gdi32full.dll 00007FF87BBB0000 31000 C:\Windows\System32\IMM32.DLL 00007FF87AE50000 B0000 C:\Windows\System32\clbcatq.dll 00007FF83F160000 41000 C:\Windows\system32\desktopshellext.dll 00007FF87AAD0000 F3000 C:\Windows\System32\shcore.dll 00007FF87B8A0000 5E000 C:\Windows\System32\shlwapi.dll 00007FF87B500000 D7000 C:\Windows\System32\OLEAUT32.dll 00007FF877FE0000 14000 C:\Windows\SYSTEM32\wtsapi32.dll 00007FF877BB0000 66000 C:\Windows\SYSTEM32\WINSTA.dll 00007FF851D80000 67000 C:\Windows\System32\fcon.dll 00007FF869720000 21000 C:\Windows\System32\Windows.Shell.ServiceHostBuilder.dll 00007FF876210000 AB000 C:\Windows\system32\uxtheme.dll 00007FF83F070000 3C000 C:\Windows\System32\ClipboardServer.dll 00007FF876BB0000 38000 C:\Windows\System32\RMCLIENT.dll 00007FF83EF70000 F4000 C:\Windows\system32\activationmanager.dll 00007FF8692D0000 2B000 C:\Windows\System32\AppointmentActivation.dll 00007FF8705C0000 1A000 C:\Windows\SYSTEM32\windows.staterepositorycore.dll 00007FF83E650000 93000 C:\Windows\System32\modernexecserver.dll 00007FF86C530000 285000 C:\Windows\SYSTEM32\twinapi.appcore.dll 00007FF876F20000 13E000 C:\Windows\SYSTEM32\wintypes.dll 00007FF869780000 6F000 C:\Windows\System32\usermgrproxy.dll 00007FF8734C0000 17000 C:\Windows\SYSTEM32\usermgrcli.dll 00007FF86BB50000 625000 C:\Windows\System32\OneCoreUAPCommonProxyStub.dll 00007FF86F5C0000 36C000 C:\Windows\system32\CoreUIComponents.dll 00007FF83E180000 8B000 C:\Windows\system32\ExecModelClient.dll 00007FF83DDD0000 2C2000 C:\Windows\System32\windowmanagement.dll 00007FF862970000 AB000 C:\Windows\System32\OneCoreCommonProxyStub.dll 00007FF83DD70000 14000 C:\Windows\system32\execmodelproxy.dll 00007FF83E2C0000 12000 C:\Windows\System32\NotificationPlatformComponent.dll 00007FF83DB70000 F8000 C:\Windows\System32\AppContracts.dll 00007FF8705E0000 135000 C:\Windows\System32\windows.system.launcher.dll 00007FF877060000 8F4000 C:\Windows\System32\Windows.Storage.dll 00007FF874520000 93000 C:\Windows\System32\msvcp110_win.dll 00007FF83DD20000 19000 C:\Windows\system32\PackageStateChangeHandler.dll 00007FF843970000 F2000 C:\Windows\System32\UiaManager.dll 00007FF83DA30000 A5000 C:\Windows\system32\ShareHost.dll 00007FF83D960000 C6000 C:\Windows\system32\twinui.appcore.dll 00007FF862B80000 1EC000 C:\Windows\System32\AudioSes.dll 00007FF85B950000 103000 C:\Windows\System32\daxexec.dll 00007FF878740000 2C000 C:\Windows\System32\USERENV.dll 00007FF85B900000 44000 C:\Windows\System32\container.dll 00007FF83D680000 2D6000 C:\Windows\system32\mssrch.dll 00007FF879B60000 71000 C:\Windows\System32\WS2_32.dll 00007FF83D360000 318000 C:\Windows\system32\TQUERY.DLL 00007FF83D290000 C4000 C:\Windows\system32\SearchIndexerCore.dll 00007FF878A10000 15000 C:\Windows\system32\cryptdll.dll 00007FF83D260000 22000 C:\Windows\system32\CoreShellExtFramework.dll 00007FF83C880000 9D6000 C:\Windows\system32\twinui.pcshell.dll 00007FF877F90000 4D000 C:\Windows\SYSTEM32\powrprof.dll 00007FF86C180000 73000 C:\Windows\system32\wincorlib.DLL 00007FF863E40000 2BC000 C:\Windows\system32\iertutil.dll 00007FF8764C0000 2B000 C:\Windows\system32\dwmapi.dll 00007FF877F70000 13000 C:\Windows\SYSTEM32\UMPDC.dll 00007FF8789D0000 C000 C:\Windows\system32\CRYPTBASE.DLL 00007FF868D40000 20A000 C:\Windows\System32\InputHost.dll 00007FF83F950000 30000 C:\Windows\system32\activationclient.dll 00007FF871230000 135000 C:\Windows\system32\AppXDeploymentClient.dll 00007FF870580000 3D000 C:\Windows\SYSTEM32\windows.staterepositoryclient.dll 00007FF87A440000 1A0000 C:\Windows\System32\ole32.dll 00007FF8745C0000 A5000 C:\Windows\SYSTEM32\policymanager.dll 00007FF85D420000 60000 C:\Windows\SYSTEM32\capauthz.dll 00007FF856840000 1F000 C:\Windows\SYSTEM32\licensemanagerapi.dll 00007FF874260000 101000 C:\Windows\System32\PROPSYS.dll 00007FF8790B0000 26000 C:\Windows\System32\profapi.dll 00007FF878EA0000 4E000 C:\Windows\System32\CFGMGR32.dll 00007FF876140000 97000 C:\Windows\SYSTEM32\apphelp.dll 00007FF879BE0000 859000 C:\Windows\System32\SHELL32.dll 00007FF8579A0000 28000 C:\Windows\System32\edputil.dll 00007FF859480000 1F0000 C:\Windows\System32\urlmon.dll 00007FF86D0F0000 28000 C:\Windows\System32\srvcli.dll 00007FF877C20000 C000 C:\Windows\System32\netutils.dll 00007FF86D1B0000 1E000 C:\Windows\System32\MPR.dll 00007FF864100000 118000 C:\Windows\SYSTEM32\mrmcorer.dll 00007FF850B80000 32000 C:\Windows\SYSTEM32\bcp47mrm.dll 00007FF870560000 1D000 C:\Windows\System32\Windows.Security.Integrity.dll 00007FF862D70000 EB000 C:\Windows\System32\Windows.StateRepositoryPS.dll 00007FF83C6F0000 26000 C:\Windows\system32\mssprxy.dll