I have been getting events such as these every once in a while and i wanted to know if anyone knew exactly what they mean. After talking to tech support they suggested something was trying to overwrite the program..
|Event Display Name||Execution Denied|
|Event File Name||c:\solidcore\ntdl_c__.dll|
|Event Generated Time||Apr 12, 2012 4:36:29 PM Eastern Standard Time|
|Event Seq No||1,235,112|
|Generated by an Updater||No|
|Generated in an Update Window||No|
Solved! Go to Solution.
anyone know what it means when c:\solidcore\ntdl_c__.dll or c:\solidcore\k32_c___.dll appears as the object name in an execution denied event
If something was trying to overwrite the file this would be a File Write Denied event. Not an Execution Denied. If the file had already been overwritten by something that is not an Updater then the file is no longer solidified. Subsequent executions would then generate an Execution Denied event. Maybe this is what's happening?
I ran sadmin lu to get a list of non solidified files and none of the mentioned where listed. The overwrite didn't sound good to me either but i didn't think about how it should be File Write Denied so thankyou for that. Currently i have an open ticket with tier 2 which should be going to tier 3 soon. They are now saying the events are being generated because my point of sale binaries are trying to access solidcore files. I am guessing it has to do something with how solidcore injects itself into the kernal.. we will see