I've been trying to determine, via the Event Viewer in Windows 10, if a program was intentionally force quit through the taskmanager rather than a software error.
When I replicate the sequence, I'm unable to directly see an instance of taskmanager.
However, when repeating the sequence I do see, under security, events that appear right before the force quit that very closely match events right before the original incident - so there are strong similarities both under the app log and the security log. Would anyone be able to read these with me and tell me if the data indicate a force quit rather than a program error?
Here is a link for a side by side comparing the app closing in two parts on the original day then the replication, as well as suspicious security events before each; I highlighted the fields that show differences. Are these differences relevant?
My only caveat is that the app, FG64.exe, was since upgraded after the incident, so had to be uninstalled then reinstalled as the older version. I'm not sure if that would change any designations here.
Thank you for any help and insight!
Edited by thequietman, 20 September 2017 - 02:05 AM.