Today, 13/03/2023 05:18:31 Application placed in restricted group VNC server winvnc.exe C:\Program Files\uvnc bvba\UltraVNC 0 IB-11-0322758\Iain Active user Application placed in group Low Low Restricted Group of applications Trust group cannot be defined Today, 13/03/2023 05:18:30 Task started avp.exe C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.9 IB-11-0322758\Iain Active user Today, 13/03/2023 04:46:39 Object deleted 0 IB-11-0322758\Iain Active user Deleted: HEUR:Trojan.VBS.Agent.gen Deleted HEUR:Trojan.VBS.Agent.gen Trojan High Heuristic Analysis GetIP.vbs D:\Websites\public_html\vantage\ip File Today, 13/03/2023 04:46:39 A backup copy of the object was created 0 IB-11-0322758\Iain Active user Backup copy created: HEUR:Trojan.VBS.Agent.gen Backup copy created HEUR:Trojan.VBS.Agent.gen Trojan High Heuristic Analysis GetIP.vbs D:\Websites\public_html\vantage\ip File Today, 13/03/2023 04:46:38 Object deleted 0 IB-11-0322758\Iain Active user Deleted: HEUR:Trojan.VBS.Agent.gen Deleted HEUR:Trojan.VBS.Agent.gen Trojan High Heuristic Analysis 11_GetIP C:\Windows\System32\Tasks File Today, 13/03/2023 04:46:38 Object deleted 0 IB-11-0322758\Iain Active user Deleted: HEUR:Trojan.VBS.Agent.gen Deleted HEUR:Trojan.VBS.Agent.gen Trojan High Heuristic Analysis GetIPaddress C:\Windows\System32\Tasks File Today, 13/03/2023 04:46:34 Object deleted 0 IB-11-0322758\Iain Active user Deleted: HEUR:Trojan.VBS.Agent.gen Deleted HEUR:Trojan.VBS.Agent.gen Trojan High Heuristic Analysis {A2F477F6-BD0A-4002-986C-5F9F5832270E} HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot File Today, 13/03/2023 04:46:34 Object deleted 0 IB-11-0322758\Iain Active user Deleted: HEUR:Trojan.VBS.Agent.gen Deleted HEUR:Trojan.VBS.Agent.gen Trojan High Heuristic Analysis GetIPaddress HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree File Today, 13/03/2023 04:46:34 Object deleted 0 IB-11-0322758\Iain Active user Deleted: HEUR:Trojan.VBS.Agent.gen Deleted HEUR:Trojan.VBS.Agent.gen Trojan High Heuristic Analysis {A2F477F6-BD0A-4002-986C-5F9F5832270E} HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks File Today, 13/03/2023 04:46:34 Object deleted 0 IB-11-0322758\Iain Active user Deleted: HEUR:Trojan.VBS.Agent.gen Deleted HEUR:Trojan.VBS.Agent.gen Trojan High Heuristic Analysis {9AD89723-ABC3-4C9F-A79A-C38D5C5679AF} HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot File Today, 13/03/2023 04:46:34 Object deleted 0 IB-11-0322758\Iain Active user Deleted: HEUR:Trojan.VBS.Agent.gen Deleted HEUR:Trojan.VBS.Agent.gen Trojan High Heuristic Analysis 11_GetIP HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree File Today, 13/03/2023 04:46:34 Object deleted 0 IB-11-0322758\Iain Active user Deleted: HEUR:Trojan.VBS.Agent.gen Deleted HEUR:Trojan.VBS.Agent.gen Trojan High Heuristic Analysis {9AD89723-ABC3-4C9F-A79A-C38D5C5679AF} HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks File Today, 13/03/2023 04:45:55 Task stopped avp.exe C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.9 IB-11-0322758\Iain Active user Today, 13/03/2023 04:43:55 Application placed in restricted group VNC server winvnc.exe C:\Program Files\uvnc bvba\UltraVNC 0 IB-11-0322758\Iain Active user Application placed in group Low Low Restricted Group of applications Trust group cannot be defined Today, 13/03/2023 04:43:54 Malicious object detected 0 IB-11-0322758\Iain Active user Detected: HEUR:Trojan.VBS.Agent.gen Detected HEUR:Trojan.VBS.Agent.gen Trojan High Heuristic Analysis GetIP.vbs D:\Websites\public_html\vantage\ip File Machine learning Today, 13/03/2023 04:43:54 Application placed in Trusted group Zulu Platform x64 Architecture javaw.exe C:\Program Files\Crucial\Crucial Storage Executive\java\bin 0 IB-11-0322758\Iain Active user Application placed in group Low AZUL SYSTEMS Group of applications Signed by the digital signature of trusted vendors Today, 13/03/2023 04:43:54 Application placed in Trusted group StorageExecutiveClientStop.exe StorageExecutiveClientStop.exe C:\Program Files\Crucial\Crucial Storage Executive 0 IB-11-0322758\Iain Active user Application placed in group Low MICRON TECHNOLOGY Group of applications Signed by the digital signature of trusted vendors Today, 13/03/2023 04:43:54 Application placed in Trusted group Micron Momentum Cache Utility mticache.exe C:\Program Files\Crucial\Crucial Storage Executive 0 IB-11-0322758\Iain Active user Application placed in group Low MICRON TECHNOLOGY Group of applications Signed by the digital signature of trusted vendors Today, 13/03/2023 04:43:54 Application placed in Trusted group Chromium chromium.exe C:\Users\Iain\AppData\Local\JxBrowser\7.17 0 IB-11-0322758\Iain Active user Application placed in group Low TEAMDEV Group of applications Signed by the digital signature of trusted vendors Today, 13/03/2023 04:43:54 Application placed in Trusted group Switch Sound File Converter switch.exe C:\Program Files (x86)\NCH Software\Switch 0 IB-11-0322758\Iain Active user Application placed in group Low NCH Group of applications Signed by the digital signature of trusted vendors Today, 13/03/2023 04:43:54 Application placed in Trusted group Opera auto-updater opera_autoupdate.exe C:\Users\Iain\AppData\Local\Programs\Opera\96.0.4693.50 0 IB-11-0322758\Iain Active user Application placed in group Low OPERA NORWAY AS Group of applications Signed by the digital signature of trusted vendors Today, 13/03/2023 04:43:54 Application placed in Trusted group Opera Browser Assistant browser_assistant.exe C:\Users\Iain\AppData\Local\Programs\Opera\assistant 0 IB-11-0322758\Iain Active user Application placed in group Low OPERA NORWAY AS Group of applications Signed by the digital signature of trusted vendors Today, 13/03/2023 04:43:54 Application placed in Trusted group fzshellext Dynamic Link Library fzshellext_64.dll C:\Program Files\FileZilla FTP Client 0 IB-11-0322758\Iain Active user Application placed in group Low TIM KOSSE Group of applications Signed by the digital signature of trusted vendors Today, 13/03/2023 04:43:54 Application placed in Trusted group SimpleSolitaire.UWP SimpleSolitaire.UWP.exe C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.SimpleSolitaire_7.4.14.0_x64__kx24dqmazqk8j 0 IB-11-0322758\Iain Active user Application placed in group Low B632805B 8D75 4FF1 9AFC 011EDCEDF50C Group of applications Signed by the digital signature of trusted vendors Today, 13/03/2023 04:43:53 Application placed in Trusted group Kaspersky Anti-Virus avpvk.exe C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.9\x64 0 IB-11-0322758\Iain Active user Application placed in group Low KASPERSKY LAB Group of applications Signed by the digital signature of trusted vendors Today, 13/03/2023 04:43:53 Application placed in Trusted group Kaspersky Upgrade Launcher upgrade_launcher.exe C:\Program Files\Common Files\AV\Kaspersky Lab 0 IB-11-0322758\Iain Active user Application placed in group Low KASPERSKY LAB Group of applications Signed by the digital signature of trusted vendors Today, 13/03/2023 04:43:53 Application placed in Trusted group XtuService XtuService.exe C:\Windows\SysWOW64 0 IB-11-0322758\Iain Active user Application placed in group Low INTEL Group of applications Signed by the digital signature of trusted vendors Today, 13/03/2023 04:43:53 Application placed in Trusted group SysInfoCap.exe SysInfoCap.exe C:\Program Files\HP\HP Enabling Services 0 IB-11-0322758\Iain Active user Application placed in group Low HP Group of applications Signed by the digital signature of trusted vendors Today, 13/03/2023 04:43:53 Application placed in Trusted group AppHelperCap.exe AppHelperCap.exe C:\Program Files\HP\HP Enabling Services 0 IB-11-0322758\Iain Active user Application placed in group Low HP Group of applications Signed by the digital signature of trusted vendors Today, 13/03/2023 04:43:53 Application placed in Trusted group Google Update GoogleUpdateOnDemand.exe C:\Program Files (x86)\Google\Update\1.3.36.152 0 IB-11-0322758\Iain Active user Application placed in group Low GOOGLE Group of applications Signed by the digital signature of trusted vendors Today, 13/03/2023 04:43:53 Application placed in Trusted group Google Crash Handler GoogleCrashHandler64.exe C:\Program Files (x86)\Google\Update\1.3.36.152 0 IB-11-0322758\Iain Active user Application placed in group Low GOOGLE Group of applications Signed by the digital signature of trusted vendors Today, 13/03/2023 04:43:53 Application placed in Trusted group Google Crash Handler GoogleCrashHandler.exe C:\Program Files (x86)\Google\Update\1.3.36.152 0 IB-11-0322758\Iain Active user Application placed in group Low GOOGLE Group of applications Signed by the digital signature of trusted vendors Today, 13/03/2023 04:43:53 Application placed in Trusted group Windows Security Health Service SecurityHealthService.exe C:\Windows\System32 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Today, 13/03/2023 04:43:53 Application placed in Trusted group SecureBootEncodeUEFI.exe SecureBootEncodeUEFI.exe C:\Windows\System32 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Today, 13/03/2023 04:43:53 Application placed in Trusted group Microsoft Edge Installer MicrosoftEdge_X64_110.0.1587.69_110.0.1587.63.exe C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{9217CC9D-7922-43EB-BFFB-9F841E506F9A} 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Today, 13/03/2023 04:43:53 Application placed in Trusted group Microsoft® Windows Backup sdclt.exe C:\Windows\System32 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Today, 13/03/2023 04:43:53 Application placed in Trusted group taskschd.msc taskschd.msc C:\Windows\System32 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Today, 13/03/2023 04:43:53 Application placed in Trusted group Microsoft Edge msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Today, 13/03/2023 04:43:53 Application placed in Trusted group System Settings Broker SystemSettingsBroker.exe C:\Windows\System32 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Today, 13/03/2023 04:43:53 Application placed in Trusted group Task Manager Launcher LaunchTM.exe C:\Windows\System32 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Today, 13/03/2023 04:43:53 Application placed in Trusted group Windows Update wuauclt.exe C:\Windows\UUS\amd64 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Today, 13/03/2023 04:43:53 Application placed in Trusted group Microsoft Windows Search Filter Host SearchFilterHost.exe C:\Windows\System32 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Today, 13/03/2023 04:43:53 Application placed in Trusted group Driver Installation Module drvinst.exe C:\Windows\System32 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Today, 13/03/2023 04:43:53 Application placed in Trusted group Windows StateRepository Client API Windows.StateRepositoryClient.dll C:\Windows\System32 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Today, 13/03/2023 04:43:53 Application placed in Trusted group Print driver host for applications splwow64.exe C:\Windows 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Today, 13/03/2023 04:43:53 Application placed in Trusted group SIH Client SIHClient.exe C:\Windows\System32 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Today, 13/03/2023 04:43:53 Application placed in Trusted group Program Compatibility Assistant Service pcasvc.dll C:\Windows\System32 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Today, 13/03/2023 04:43:53 Application placed in Trusted group Windows Shell Common Dll shell32.dll C:\Windows\System32 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Today, 13/03/2023 04:43:53 Application placed in Trusted group User OOBE Broker UserOOBEBroker.exe C:\Windows\System32\oobe 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Today, 13/03/2023 04:43:53 Application placed in Trusted group Notifications host process MoNotificationUx.exe C:\Windows\UUS\amd64 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Today, 13/03/2023 04:43:53 Application placed in Trusted group LockApp.exe LockApp.exe C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Today, 13/03/2023 04:43:53 Application placed in Trusted group TextInputHost.exe TextInputHost.exe C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Today, 13/03/2023 04:43:53 Application placed in Trusted group Windows Problem Reporting wermgr.exe C:\Windows\System32 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Today, 13/03/2023 04:43:53 Application placed in Trusted group Windows Start Experience Host StartMenuExperienceHost.exe C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Today, 13/03/2023 04:43:52 Application placed in Trusted group Application Compatibility Database Installer sdbinst.exe C:\Windows\System32 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Today, 13/03/2023 04:43:52 Application placed in Trusted group Spooler SubSystem App spoolsv.exe C:\Windows\System32 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Today, 13/03/2023 04:43:52 Application placed in Trusted group Windows Logon Application winlogon.exe C:\Windows\System32 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Today, 13/03/2023 04:43:52 Application placed in Trusted group Primitive Operations Queue Executor poqexec.exe C:\Windows\System32 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Today, 13/03/2023 04:43:52 Application placed in Trusted group Windows Problem Reporting WerFault.exe C:\Windows\System32 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Today, 13/03/2023 04:43:52 Application placed in Trusted group Windows Calculator calc.exe C:\Windows\System32 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Today, 13/03/2023 04:43:52 Application placed in Trusted group Microsoft Edge Update COM Registration Helper MicrosoftEdgeUpdateComRegisterShell64.exe C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.173.49 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Today, 13/03/2023 04:43:52 Application placed in Trusted group Windows Problem Reporting WerFault.exe C:\Windows\SysWOW64 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Today, 13/03/2023 04:43:52 Application placed in Trusted group Autochk Proxy DLL acproxy.dll C:\Windows\System32 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Today, 13/03/2023 04:43:52 Application placed in Trusted group Provisioning package runtime processing tool provtool.exe C:\Windows\System32 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Today, 13/03/2023 04:43:52 Application placed in Trusted group Windows Shell Experience Host ShellExperienceHost.exe C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Today, 13/03/2023 04:43:52 Application placed in Trusted group Application Frame Host ApplicationFrameHost.exe C:\Windows\System32 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Today, 13/03/2023 04:43:52 Application placed in Trusted group WMI Reverse Performance Adapter Maintenance Utility WMIADAP.exe C:\Windows\System32\wbem 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Today, 13/03/2023 04:43:52 Application placed in Trusted group Microsoft Malware Protection Command Line Utility MpCmdRun.exe C:\Program Files\Windows Defender 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Today, 13/03/2023 04:43:52 Application placed in Trusted group System Guard Runtime Monitor Broker Service SgrmBroker.exe C:\Windows\System32\Sgrm 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Today, 13/03/2023 04:43:52 Application placed in Trusted group DXGI Adapter Cache dxgiadaptercache.exe C:\Windows\System32 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Today, 13/03/2023 04:43:52 Application placed in Trusted group Windows logon reminder wlrmdr.exe C:\Windows\System32 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Today, 13/03/2023 04:43:52 Application placed in Trusted group Program Compatibility Assistant User Interface pcaui.exe C:\Windows\System32 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Today, 13/03/2023 04:43:52 Application placed in Trusted group Task Scheduler Configuration Tool schtasks.exe C:\Windows\System32 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Today, 13/03/2023 04:43:52 Application placed in Trusted group Run Once Wrapper runonce.exe C:\Windows\SysWOW64 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Today, 13/03/2023 04:43:52 Application placed in Trusted group BDE UI Launcher BdeUISrv.exe C:\Windows\System32 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Today, 13/03/2023 04:43:52 Application placed in Trusted group Casting protocol connection listener CastSrv.exe C:\Windows\System32 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Today, 13/03/2023 04:43:52 Application placed in Trusted group Service Control Manager Configuration Tool sc.exe C:\Windows\SysWOW64 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Today, 13/03/2023 04:43:52 Application placed in Trusted group Network Command Shell netsh.exe C:\Windows\SysWOW64 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Today, 13/03/2023 04:43:52 Application placed in Trusted group Widgets.exe Widgets.exe C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_423.3400.0.0_x64__cw5n1h2txyewy\Dashboard 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Today, 13/03/2023 04:43:52 Application placed in Trusted group Userinit Logon Application userinit.exe C:\Windows\System32 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Today, 13/03/2023 04:43:52 Application placed in Trusted group MDMAgent MDMAgent.exe C:\Windows\System32 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Today, 13/03/2023 04:43:52 Application placed in Trusted group Windows Driver Foundation - User-mode Driver Framework Host Process WUDFHost.exe C:\Windows\System32 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Today, 13/03/2023 04:43:52 Application placed in Trusted group Services and Controller app services.exe C:\Windows\System32 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Today, 13/03/2023 04:43:52 Application placed in Trusted group Windows Session Manager smss.exe C:\Windows\System32 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Today, 13/03/2023 04:43:52 Application placed in Trusted group Desktop Window Manager dwm.exe C:\Windows\System32 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Today, 13/03/2023 04:43:52 Application placed in Trusted group Windows Application Data API Server Windows.Storage.ApplicationData.dll C:\Windows\System32 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Today, 13/03/2023 04:43:52 Application placed in Trusted group FaceFodUninstaller.exe FaceFodUninstaller.exe C:\Windows\System32\WinBioPlugIns 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Today, 13/03/2023 04:43:52 Application placed in Trusted group Disk Defragmenter Module Defrag.exe C:\Windows\System32 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Today, 13/03/2023 04:43:52 Application placed in Trusted group Resource cache builder tool mcbuilder.exe C:\Windows\System32 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Today, 13/03/2023 04:43:52 Application placed in Trusted group Sink to receive asynchronous callbacks for WMI client application unsecapp.exe C:\Windows\System32\wbem 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Today, 13/03/2023 04:43:52 Application placed in Trusted group Startup scan task DLL Startupscan.dll C:\Windows\System32 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Today, 13/03/2023 04:43:52 Application placed in Trusted group Attribute Utility attrib.exe C:\Windows\System32 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Today, 13/03/2023 04:43:52 Application placed in Trusted group ForFiles - Executes a command on selected files forfiles.exe C:\Windows\System32 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Today, 13/03/2023 04:43:52 Application placed in Trusted group Data Exchange Host DataExchangeHost.exe C:\Windows\System32 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Today, 13/03/2023 04:43:52 Application placed in Trusted group Windows Portable Device Shell Extension Autoplay Handler WPDShextAutoplay.exe C:\Windows\System32 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Today, 13/03/2023 04:43:52 Application placed in Trusted group Microsoft Management Console mmc.exe C:\Windows\System32 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Today, 13/03/2023 04:43:52 Application placed in Trusted group Windows Control Panel control.exe C:\Windows\System32 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Today, 13/03/2023 04:43:52 Application placed in Trusted group Microsoft® Resource File To COFF Object Conversion Utility cvtres.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Today, 13/03/2023 04:43:52 Application placed in Trusted group Visual C# Command Line Compiler csc.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Today, 13/03/2023 04:43:52 Application placed in Trusted group Diagnostics Troubleshooting Wizard msdt.exe C:\Windows\System32 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Today, 13/03/2023 04:43:51 Application placed in Trusted group Settings SystemSettings.exe C:\Windows\ImmersiveControlPanel 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Today, 13/03/2023 04:43:51 Application placed in Trusted group WaasMedic Agent Exe WaaSMedicAgent.exe C:\Windows\UUS\amd64 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Today, 13/03/2023 04:43:51 Application placed in Trusted group Windows SQM Consolidator wsqmcons.exe C:\Windows\System32 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Today, 13/03/2023 04:43:51 Application placed in Trusted group Pick an app OpenWith.exe C:\Windows\System32 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Today, 13/03/2023 04:43:51 Application placed in Trusted group Microsoft® Drive Optimizer dfrgui.exe C:\Windows\System32 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Today, 13/03/2023 04:43:51 Application placed in restricted group VNC server winvnc.exe C:\Program Files\uvnc bvba\UltraVNC 0 IB-11-0322758\Iain Active user Application placed in group Low Low Restricted Group of applications Trust group cannot be defined Today, 13/03/2023 04:43:51 Application placed in restricted group VNC server winvnc.exe C:\Program Files\uvnc bvba\UltraVNC 0 IB-11-0322758\Iain Active user Application placed in group Low Low Restricted Group of applications Trust group cannot be defined Today, 13/03/2023 04:43:50 Application placed in Trusted group Virtual Disk Service vds.exe C:\Windows\System32 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Today, 13/03/2023 04:43:50 Application placed in restricted group usb_special_backup.bat usb_special_backup.bat D:\ 10876 IB-11-0322758\Iain Initiator Application placed in group Low Low Restricted Group of applications Trust group cannot be defined Today, 13/03/2023 04:43:50 Task started avp.exe C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.9 IB-11-0322758\Iain Active user Today, 13/03/2023 02:41:37 Task stopped avp.exe C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.9 IB-11-0322758\Iain Active user Yesterday, 12/03/2023 22:04:55 Application placed in Trusted group SecureBootEncodeUEFI.exe SecureBootEncodeUEFI.exe C:\Windows\System32 9656 IB-11-0322758\Iain Initiator Application placed in group Low Trusted Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 21:41:35 Application placed in restricted group VNC server winvnc.exe C:\Program Files\uvnc bvba\UltraVNC 0 IB-11-0322758\Iain Active user Application placed in group Low Low Restricted Group of applications Trust group cannot be defined Yesterday, 12/03/2023 21:41:34 Application placed in Trusted group Zulu Platform x64 Architecture javaw.exe C:\Program Files\Crucial\Crucial Storage Executive\java\bin 0 IB-11-0322758\Iain Active user Application placed in group Low AZUL SYSTEMS Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 21:41:34 Application placed in Trusted group StorageExecutiveClientStop.exe StorageExecutiveClientStop.exe C:\Program Files\Crucial\Crucial Storage Executive 0 IB-11-0322758\Iain Active user Application placed in group Low MICRON TECHNOLOGY Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 21:41:34 Application placed in Trusted group Micron Momentum Cache Utility mticache.exe C:\Program Files\Crucial\Crucial Storage Executive 0 IB-11-0322758\Iain Active user Application placed in group Low MICRON TECHNOLOGY Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 21:41:34 Application placed in Trusted group Chromium chromium.exe C:\Users\Iain\AppData\Local\JxBrowser\7.17 0 IB-11-0322758\Iain Active user Application placed in group Low TEAMDEV Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 21:41:34 Application placed in Trusted group Switch Sound File Converter switch.exe C:\Program Files (x86)\NCH Software\Switch 0 IB-11-0322758\Iain Active user Application placed in group Low NCH Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 21:41:34 Application placed in Trusted group Opera auto-updater opera_autoupdate.exe C:\Users\Iain\AppData\Local\Programs\Opera\96.0.4693.50 0 IB-11-0322758\Iain Active user Application placed in group Low OPERA NORWAY AS Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 21:41:34 Application placed in Trusted group Opera Browser Assistant browser_assistant.exe C:\Users\Iain\AppData\Local\Programs\Opera\assistant 0 IB-11-0322758\Iain Active user Application placed in group Low OPERA NORWAY AS Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 21:41:34 Application placed in Trusted group fzshellext Dynamic Link Library fzshellext_64.dll C:\Program Files\FileZilla FTP Client 0 IB-11-0322758\Iain Active user Application placed in group Low TIM KOSSE Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 21:41:34 Application placed in Trusted group SimpleSolitaire.UWP SimpleSolitaire.UWP.exe C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.SimpleSolitaire_7.4.14.0_x64__kx24dqmazqk8j 0 IB-11-0322758\Iain Active user Application placed in group Low B632805B 8D75 4FF1 9AFC 011EDCEDF50C Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 21:41:34 Application placed in Trusted group Kaspersky Anti-Virus avpvk.exe C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.9\x64 0 IB-11-0322758\Iain Active user Application placed in group Low KASPERSKY LAB Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 21:41:34 Application placed in Trusted group Kaspersky Upgrade Launcher upgrade_launcher.exe C:\Program Files\Common Files\AV\Kaspersky Lab 0 IB-11-0322758\Iain Active user Application placed in group Low KASPERSKY LAB Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 21:41:34 Application placed in Trusted group XtuService XtuService.exe C:\Windows\SysWOW64 0 IB-11-0322758\Iain Active user Application placed in group Low INTEL Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 21:41:34 Application placed in Trusted group SysInfoCap.exe SysInfoCap.exe C:\Program Files\HP\HP Enabling Services 0 IB-11-0322758\Iain Active user Application placed in group Low HP Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 21:41:34 Application placed in Trusted group AppHelperCap.exe AppHelperCap.exe C:\Program Files\HP\HP Enabling Services 0 IB-11-0322758\Iain Active user Application placed in group Low HP Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 21:41:34 Application placed in Trusted group Google Update GoogleUpdateOnDemand.exe C:\Program Files (x86)\Google\Update\1.3.36.152 0 IB-11-0322758\Iain Active user Application placed in group Low GOOGLE Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 21:41:34 Application placed in Trusted group Google Crash Handler GoogleCrashHandler64.exe C:\Program Files (x86)\Google\Update\1.3.36.152 0 IB-11-0322758\Iain Active user Application placed in group Low GOOGLE Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 21:41:34 Application placed in Trusted group Google Crash Handler GoogleCrashHandler.exe C:\Program Files (x86)\Google\Update\1.3.36.152 0 IB-11-0322758\Iain Active user Application placed in group Low GOOGLE Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 21:41:34 Application placed in Trusted group Microsoft Edge Installer MicrosoftEdge_X64_110.0.1587.69_110.0.1587.63.exe C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{9217CC9D-7922-43EB-BFFB-9F841E506F9A} 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 21:41:34 Application placed in Trusted group Microsoft® Windows Backup sdclt.exe C:\Windows\System32 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 21:41:34 Application placed in Trusted group taskschd.msc taskschd.msc C:\Windows\System32 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 21:41:34 Application placed in Trusted group Microsoft Edge msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 21:41:34 Application placed in Trusted group System Settings Broker SystemSettingsBroker.exe C:\Windows\System32 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 21:41:33 Application placed in Trusted group Windows Update wuauclt.exe C:\Windows\UUS\amd64 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 21:41:33 Application placed in Trusted group Microsoft Windows Search Filter Host SearchFilterHost.exe C:\Windows\System32 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 21:41:33 Application placed in Trusted group Driver Installation Module drvinst.exe C:\Windows\System32 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 21:41:33 Application placed in Trusted group Windows StateRepository Client API Windows.StateRepositoryClient.dll C:\Windows\System32 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 21:41:33 Application placed in Trusted group Print driver host for applications splwow64.exe C:\Windows 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 21:41:33 Application placed in Trusted group SIH Client SIHClient.exe C:\Windows\System32 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 21:41:33 Application placed in Trusted group Program Compatibility Assistant Service pcasvc.dll C:\Windows\System32 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 21:41:33 Application placed in Trusted group Windows Shell Common Dll shell32.dll C:\Windows\System32 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 21:41:33 Application placed in Trusted group User OOBE Broker UserOOBEBroker.exe C:\Windows\System32\oobe 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 21:41:33 Application placed in Trusted group Notifications host process MoNotificationUx.exe C:\Windows\UUS\amd64 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 21:41:33 Application placed in Trusted group LockApp.exe LockApp.exe C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 21:41:33 Application placed in Trusted group TextInputHost.exe TextInputHost.exe C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 21:41:33 Application placed in Trusted group Windows Problem Reporting wermgr.exe C:\Windows\System32 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 21:41:33 Application placed in Trusted group Windows Start Experience Host StartMenuExperienceHost.exe C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 21:41:33 Application placed in Trusted group Application Compatibility Database Installer sdbinst.exe C:\Windows\System32 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 21:41:33 Application placed in Trusted group Spooler SubSystem App spoolsv.exe C:\Windows\System32 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 21:41:33 Application placed in Trusted group Windows Logon Application winlogon.exe C:\Windows\System32 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 21:41:33 Application placed in Trusted group Primitive Operations Queue Executor poqexec.exe C:\Windows\System32 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 21:41:33 Application placed in Trusted group Windows Problem Reporting WerFault.exe C:\Windows\System32 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 21:41:33 Application placed in Trusted group Windows Calculator calc.exe C:\Windows\System32 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 21:41:33 Application placed in Trusted group Microsoft Edge Update COM Registration Helper MicrosoftEdgeUpdateComRegisterShell64.exe C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.173.49 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 21:41:33 Application placed in Trusted group Windows Problem Reporting WerFault.exe C:\Windows\SysWOW64 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 21:41:33 Application placed in Trusted group Autochk Proxy DLL acproxy.dll C:\Windows\System32 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 21:41:33 Application placed in Trusted group Provisioning package runtime processing tool provtool.exe C:\Windows\System32 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 21:41:33 Application placed in Trusted group Windows Shell Experience Host ShellExperienceHost.exe C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 21:41:33 Application placed in Trusted group Application Frame Host ApplicationFrameHost.exe C:\Windows\System32 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 21:41:33 Application placed in Trusted group WMI Reverse Performance Adapter Maintenance Utility WMIADAP.exe C:\Windows\System32\wbem 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 21:41:33 Application placed in Trusted group Microsoft Malware Protection Command Line Utility MpCmdRun.exe C:\Program Files\Windows Defender 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 21:41:33 Application placed in Trusted group System Guard Runtime Monitor Broker Service SgrmBroker.exe C:\Windows\System32\Sgrm 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 21:41:33 Application placed in Trusted group DXGI Adapter Cache dxgiadaptercache.exe C:\Windows\System32 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 21:41:33 Application placed in Trusted group Windows logon reminder wlrmdr.exe C:\Windows\System32 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 21:41:33 Application placed in Trusted group Program Compatibility Assistant User Interface pcaui.exe C:\Windows\System32 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 21:41:33 Application placed in Trusted group Task Scheduler Configuration Tool schtasks.exe C:\Windows\System32 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 21:41:33 Application placed in Trusted group Run Once Wrapper runonce.exe C:\Windows\SysWOW64 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 21:41:33 Application placed in Trusted group Casting protocol connection listener CastSrv.exe C:\Windows\System32 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 21:41:33 Application placed in Trusted group Service Control Manager Configuration Tool sc.exe C:\Windows\SysWOW64 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 21:41:33 Application placed in Trusted group Network Command Shell netsh.exe C:\Windows\SysWOW64 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 21:41:33 Application placed in Trusted group Widgets.exe Widgets.exe C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_423.3400.0.0_x64__cw5n1h2txyewy\Dashboard 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 21:41:33 Application placed in Trusted group Userinit Logon Application userinit.exe C:\Windows\System32 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 21:41:33 Application placed in Trusted group MDMAgent MDMAgent.exe C:\Windows\System32 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 21:41:33 Application placed in Trusted group Windows Driver Foundation - User-mode Driver Framework Host Process WUDFHost.exe C:\Windows\System32 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 21:41:33 Application placed in Trusted group Services and Controller app services.exe C:\Windows\System32 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 21:41:33 Application placed in Trusted group Windows Session Manager smss.exe C:\Windows\System32 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 21:41:33 Application placed in Trusted group Desktop Window Manager dwm.exe C:\Windows\System32 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 21:41:33 Application placed in Trusted group Windows Application Data API Server Windows.Storage.ApplicationData.dll C:\Windows\System32 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 21:41:33 Application placed in Trusted group FaceFodUninstaller.exe FaceFodUninstaller.exe C:\Windows\System32\WinBioPlugIns 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 21:41:33 Application placed in Trusted group Disk Defragmenter Module Defrag.exe C:\Windows\System32 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 21:41:33 Application placed in Trusted group Resource cache builder tool mcbuilder.exe C:\Windows\System32 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 21:41:33 Application placed in Trusted group Sink to receive asynchronous callbacks for WMI client application unsecapp.exe C:\Windows\System32\wbem 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 21:41:33 Application placed in Trusted group Startup scan task DLL Startupscan.dll C:\Windows\System32 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 21:41:33 Application placed in Trusted group Attribute Utility attrib.exe C:\Windows\System32 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 21:41:33 Application placed in Trusted group ForFiles - Executes a command on selected files forfiles.exe C:\Windows\System32 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 21:41:33 Application placed in Trusted group Data Exchange Host DataExchangeHost.exe C:\Windows\System32 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 21:41:33 Application placed in Trusted group Windows Portable Device Shell Extension Autoplay Handler WPDShextAutoplay.exe C:\Windows\System32 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 21:41:33 Application placed in Trusted group Microsoft Management Console mmc.exe C:\Windows\System32 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 21:41:33 Application placed in Trusted group Windows Control Panel control.exe C:\Windows\System32 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 21:41:33 Application placed in Trusted group Microsoft® Resource File To COFF Object Conversion Utility cvtres.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 21:41:33 Application placed in Trusted group Visual C# Command Line Compiler csc.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 21:41:33 Application placed in Trusted group Diagnostics Troubleshooting Wizard msdt.exe C:\Windows\System32 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 21:41:33 Application placed in Trusted group Settings SystemSettings.exe C:\Windows\ImmersiveControlPanel 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 21:41:33 Application placed in Trusted group WaasMedic Agent Exe WaaSMedicAgent.exe C:\Windows\UUS\amd64 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 21:41:33 Application placed in Trusted group Windows SQM Consolidator wsqmcons.exe C:\Windows\System32 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 21:41:33 Application placed in Trusted group Pick an app OpenWith.exe C:\Windows\System32 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 21:41:33 Application placed in Trusted group Microsoft® Drive Optimizer dfrgui.exe C:\Windows\System32 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 21:41:33 Application placed in Trusted group Virtual Disk Service vds.exe C:\Windows\System32 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 19:19:28 Application placed in Trusted group Microsoft Edge Installer setup.exe C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{9217CC9D-7922-43EB-BFFB-9F841E506F9A}\EDGEMITMP_323AE.tmp 19384 NT AUTHORITY\SYSTEM System user Application placed in group Low Trusted Group of applications KSN Yesterday, 12/03/2023 19:19:27 Application placed in Trusted group Microsoft Edge Installer MicrosoftEdge_X64_110.0.1587.69_110.0.1587.63.exe C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{9217CC9D-7922-43EB-BFFB-9F841E506F9A} 18384 NT AUTHORITY\SYSTEM System user Application placed in group Low Trusted Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 18:30:01 Application placed in restricted group DelBackupFiles.bat DelBackupFiles.bat C:\Users\Iain 22932 NT AUTHORITY\SYSTEM System user Application placed in group Low Low Restricted Group of applications Trust group cannot be defined Yesterday, 12/03/2023 15:41:35 Application placed in restricted group VNC server winvnc.exe C:\Program Files\uvnc bvba\UltraVNC 0 IB-11-0322758\Iain Active user Application placed in group Low Low Restricted Group of applications Trust group cannot be defined Yesterday, 12/03/2023 15:41:35 Application placed in Trusted group Zulu Platform x64 Architecture javaw.exe C:\Program Files\Crucial\Crucial Storage Executive\java\bin 0 IB-11-0322758\Iain Active user Application placed in group Low AZUL SYSTEMS Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 15:41:35 Application placed in Trusted group StorageExecutiveClientStop.exe StorageExecutiveClientStop.exe C:\Program Files\Crucial\Crucial Storage Executive 0 IB-11-0322758\Iain Active user Application placed in group Low MICRON TECHNOLOGY Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 15:41:35 Application placed in Trusted group Micron Momentum Cache Utility mticache.exe C:\Program Files\Crucial\Crucial Storage Executive 0 IB-11-0322758\Iain Active user Application placed in group Low MICRON TECHNOLOGY Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 15:41:35 Application placed in Trusted group Chromium chromium.exe C:\Users\Iain\AppData\Local\JxBrowser\7.17 0 IB-11-0322758\Iain Active user Application placed in group Low TEAMDEV Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 15:41:34 Application placed in Trusted group Switch Sound File Converter switch.exe C:\Program Files (x86)\NCH Software\Switch 0 IB-11-0322758\Iain Active user Application placed in group Low NCH Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 15:41:34 Application placed in Trusted group Opera auto-updater opera_autoupdate.exe C:\Users\Iain\AppData\Local\Programs\Opera\96.0.4693.50 0 IB-11-0322758\Iain Active user Application placed in group Low OPERA NORWAY AS Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 15:41:34 Application placed in Trusted group Opera Browser Assistant browser_assistant.exe C:\Users\Iain\AppData\Local\Programs\Opera\assistant 0 IB-11-0322758\Iain Active user Application placed in group Low OPERA NORWAY AS Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 15:41:34 Application placed in Trusted group fzshellext Dynamic Link Library fzshellext_64.dll C:\Program Files\FileZilla FTP Client 0 IB-11-0322758\Iain Active user Application placed in group Low TIM KOSSE Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 15:41:34 Application placed in Trusted group SimpleSolitaire.UWP SimpleSolitaire.UWP.exe C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.SimpleSolitaire_7.4.14.0_x64__kx24dqmazqk8j 0 IB-11-0322758\Iain Active user Application placed in group Low B632805B 8D75 4FF1 9AFC 011EDCEDF50C Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 15:41:34 Application placed in Trusted group Kaspersky Anti-Virus avpvk.exe C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.9\x64 0 IB-11-0322758\Iain Active user Application placed in group Low KASPERSKY LAB Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 15:41:34 Application placed in Trusted group Kaspersky Upgrade Launcher upgrade_launcher.exe C:\Program Files\Common Files\AV\Kaspersky Lab 0 IB-11-0322758\Iain Active user Application placed in group Low KASPERSKY LAB Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 15:41:34 Application placed in Trusted group XtuService XtuService.exe C:\Windows\SysWOW64 0 IB-11-0322758\Iain Active user Application placed in group Low INTEL Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 15:41:34 Application placed in Trusted group SysInfoCap.exe SysInfoCap.exe C:\Program Files\HP\HP Enabling Services 0 IB-11-0322758\Iain Active user Application placed in group Low HP Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 15:41:34 Application placed in Trusted group AppHelperCap.exe AppHelperCap.exe C:\Program Files\HP\HP Enabling Services 0 IB-11-0322758\Iain Active user Application placed in group Low HP Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 15:41:34 Application placed in Trusted group Google Update GoogleUpdateOnDemand.exe C:\Program Files (x86)\Google\Update\1.3.36.152 0 IB-11-0322758\Iain Active user Application placed in group Low GOOGLE Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 15:41:34 Application placed in Trusted group Google Crash Handler GoogleCrashHandler64.exe C:\Program Files (x86)\Google\Update\1.3.36.152 0 IB-11-0322758\Iain Active user Application placed in group Low GOOGLE Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 15:41:34 Application placed in Trusted group Google Crash Handler GoogleCrashHandler.exe C:\Program Files (x86)\Google\Update\1.3.36.152 0 IB-11-0322758\Iain Active user Application placed in group Low GOOGLE Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 15:41:34 Application placed in Trusted group Microsoft® Windows Backup sdclt.exe C:\Windows\System32 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 15:41:34 Application placed in Trusted group taskschd.msc taskschd.msc C:\Windows\System32 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 15:41:34 Application placed in Trusted group Microsoft Edge msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 15:41:34 Application placed in Trusted group System Settings Broker SystemSettingsBroker.exe C:\Windows\System32 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 15:41:34 Application placed in Trusted group Task Manager Launcher LaunchTM.exe C:\Windows\System32 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications KSN Yesterday, 12/03/2023 15:41:34 Application placed in Trusted group Windows Update wuauclt.exe C:\Windows\UUS\amd64 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 15:41:34 Application placed in Trusted group Microsoft Windows Search Filter Host SearchFilterHost.exe C:\Windows\System32 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 15:41:34 Application placed in Trusted group Driver Installation Module drvinst.exe C:\Windows\System32 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 15:41:34 Application placed in Trusted group Windows StateRepository Client API Windows.StateRepositoryClient.dll C:\Windows\System32 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 15:41:34 Application placed in Trusted group Print driver host for applications splwow64.exe C:\Windows 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 15:41:34 Application placed in Trusted group SIH Client SIHClient.exe C:\Windows\System32 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 15:41:34 Application placed in Trusted group Program Compatibility Assistant Service pcasvc.dll C:\Windows\System32 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 15:41:34 Application placed in Trusted group Windows Shell Common Dll shell32.dll C:\Windows\System32 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 15:41:34 Application placed in Trusted group User OOBE Broker UserOOBEBroker.exe C:\Windows\System32\oobe 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 15:41:34 Application placed in Trusted group Notifications host process MoNotificationUx.exe C:\Windows\UUS\amd64 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 15:41:34 Application placed in Trusted group LockApp.exe LockApp.exe C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 15:41:34 Application placed in Trusted group TextInputHost.exe TextInputHost.exe C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 15:41:34 Application placed in Trusted group Windows Problem Reporting wermgr.exe C:\Windows\System32 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 15:41:34 Application placed in Trusted group Windows Start Experience Host StartMenuExperienceHost.exe C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 15:41:34 Application placed in Trusted group Application Compatibility Database Installer sdbinst.exe C:\Windows\System32 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 15:41:34 Application placed in Trusted group Spooler SubSystem App spoolsv.exe C:\Windows\System32 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 15:41:34 Application placed in Trusted group Windows Logon Application winlogon.exe C:\Windows\System32 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 15:41:34 Application placed in Trusted group Primitive Operations Queue Executor poqexec.exe C:\Windows\System32 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 15:41:34 Application placed in Trusted group Windows Problem Reporting WerFault.exe C:\Windows\System32 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 15:41:34 Application placed in Trusted group Windows Calculator calc.exe C:\Windows\System32 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 15:41:33 Application placed in Trusted group Microsoft Edge Update COM Registration Helper MicrosoftEdgeUpdateComRegisterShell64.exe C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.173.49 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 15:41:33 Application placed in Trusted group Windows Problem Reporting WerFault.exe C:\Windows\SysWOW64 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 15:41:33 Application placed in Trusted group Autochk Proxy DLL acproxy.dll C:\Windows\System32 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 15:41:33 Application placed in Trusted group Provisioning package runtime processing tool provtool.exe C:\Windows\System32 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 15:41:33 Application placed in Trusted group Windows Shell Experience Host ShellExperienceHost.exe C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 15:41:33 Application placed in Trusted group Application Frame Host ApplicationFrameHost.exe C:\Windows\System32 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 15:41:33 Application placed in Trusted group WMI Reverse Performance Adapter Maintenance Utility WMIADAP.exe C:\Windows\System32\wbem 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 15:41:33 Application placed in Trusted group Microsoft Malware Protection Command Line Utility MpCmdRun.exe C:\Program Files\Windows Defender 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 15:41:33 Application placed in Trusted group System Guard Runtime Monitor Broker Service SgrmBroker.exe C:\Windows\System32\Sgrm 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 15:41:33 Application placed in Trusted group DXGI Adapter Cache dxgiadaptercache.exe C:\Windows\System32 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 15:41:33 Application placed in Trusted group Windows logon reminder wlrmdr.exe C:\Windows\System32 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 15:41:33 Application placed in Trusted group Program Compatibility Assistant User Interface pcaui.exe C:\Windows\System32 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 15:41:33 Application placed in Trusted group Task Scheduler Configuration Tool schtasks.exe C:\Windows\System32 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 15:41:33 Application placed in Trusted group Run Once Wrapper runonce.exe C:\Windows\SysWOW64 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 15:41:33 Application placed in Trusted group BDE UI Launcher BdeUISrv.exe C:\Windows\System32 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications KSN Yesterday, 12/03/2023 15:41:33 Application placed in Trusted group Casting protocol connection listener CastSrv.exe C:\Windows\System32 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 15:41:33 Application placed in Trusted group Service Control Manager Configuration Tool sc.exe C:\Windows\SysWOW64 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 15:41:33 Application placed in Trusted group Network Command Shell netsh.exe C:\Windows\SysWOW64 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 15:41:33 Application placed in Trusted group Widgets.exe Widgets.exe C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_423.3400.0.0_x64__cw5n1h2txyewy\Dashboard 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 15:41:33 Application placed in Trusted group Userinit Logon Application userinit.exe C:\Windows\System32 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 15:41:33 Application placed in Trusted group MDMAgent MDMAgent.exe C:\Windows\System32 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 15:41:33 Application placed in Trusted group Windows Driver Foundation - User-mode Driver Framework Host Process WUDFHost.exe C:\Windows\System32 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 15:41:33 Application placed in Trusted group Services and Controller app services.exe C:\Windows\System32 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 15:41:33 Application placed in Trusted group Windows Session Manager smss.exe C:\Windows\System32 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 15:41:33 Application placed in Trusted group Desktop Window Manager dwm.exe C:\Windows\System32 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 15:41:33 Application placed in Trusted group Windows Application Data API Server Windows.Storage.ApplicationData.dll C:\Windows\System32 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 15:41:33 Application placed in Trusted group FaceFodUninstaller.exe FaceFodUninstaller.exe C:\Windows\System32\WinBioPlugIns 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 15:41:33 Application placed in Trusted group Disk Defragmenter Module Defrag.exe C:\Windows\System32 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 15:41:33 Application placed in Trusted group Resource cache builder tool mcbuilder.exe C:\Windows\System32 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 15:41:33 Application placed in Trusted group Sink to receive asynchronous callbacks for WMI client application unsecapp.exe C:\Windows\System32\wbem 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 15:41:33 Application placed in Trusted group Startup scan task DLL Startupscan.dll C:\Windows\System32 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 15:41:33 Application placed in Trusted group Attribute Utility attrib.exe C:\Windows\System32 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 15:41:33 Application placed in Trusted group ForFiles - Executes a command on selected files forfiles.exe C:\Windows\System32 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 15:41:33 Application placed in Trusted group Data Exchange Host DataExchangeHost.exe C:\Windows\System32 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 15:41:33 Application placed in Trusted group Windows Portable Device Shell Extension Autoplay Handler WPDShextAutoplay.exe C:\Windows\System32 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 15:41:33 Application placed in Trusted group Microsoft Management Console mmc.exe C:\Windows\System32 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 15:41:33 Application placed in Trusted group Windows Control Panel control.exe C:\Windows\System32 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 15:41:33 Application placed in Trusted group Microsoft® Resource File To COFF Object Conversion Utility cvtres.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 15:41:33 Application placed in Trusted group Visual C# Command Line Compiler csc.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 15:41:33 Application placed in Trusted group Diagnostics Troubleshooting Wizard msdt.exe C:\Windows\System32 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 15:41:33 Application placed in Trusted group Settings SystemSettings.exe C:\Windows\ImmersiveControlPanel 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 15:41:33 Application placed in Trusted group WaasMedic Agent Exe WaaSMedicAgent.exe C:\Windows\UUS\amd64 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 15:41:33 Application placed in Trusted group Windows SQM Consolidator wsqmcons.exe C:\Windows\System32 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 15:41:33 Application placed in Trusted group Pick an app OpenWith.exe C:\Windows\System32 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 15:41:33 Application placed in Trusted group Microsoft® Drive Optimizer dfrgui.exe C:\Windows\System32 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 15:41:33 Application placed in Trusted group Virtual Disk Service vds.exe C:\Windows\System32 0 IB-11-0322758\Iain Active user Application placed in group Low MICROSOFT Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 13:29:32 Object deleted 0 IB-11-0322758\Iain Active user Deleted: UDS:Trojan.VBS.Agent.gen Deleted UDS:Trojan.VBS.Agent.gen Trojan High Exactly GetIP.vbs D:\Websites\public_html\vantage\ip File Yesterday, 12/03/2023 13:29:32 A backup copy of the object was created 0 IB-11-0322758\Iain Active user Backup copy created: UDS:Trojan.VBS.Agent.gen Backup copy created UDS:Trojan.VBS.Agent.gen Trojan High Exactly GetIP.vbs D:\Websites\public_html\vantage\ip File Yesterday, 12/03/2023 13:29:31 Object deleted 0 IB-11-0322758\Iain Active user Deleted: UDS:Trojan.VBS.Agent.gen Deleted UDS:Trojan.VBS.Agent.gen Trojan High Exactly 11IP_ReDo C:\Windows\System32\Tasks File Yesterday, 12/03/2023 13:29:29 Object deleted 0 IB-11-0322758\Iain Active user Deleted: UDS:Trojan.VBS.Agent.gen Deleted UDS:Trojan.VBS.Agent.gen Trojan High Exactly {D8733BFF-75DA-4698-B751-57F8D1491970} HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain File Yesterday, 12/03/2023 13:29:29 Object deleted 0 IB-11-0322758\Iain Active user Deleted: UDS:Trojan.VBS.Agent.gen Deleted UDS:Trojan.VBS.Agent.gen Trojan High Exactly 11IP_ReDo HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree File Yesterday, 12/03/2023 13:29:29 Object deleted 0 IB-11-0322758\Iain Active user Deleted: UDS:Trojan.VBS.Agent.gen Deleted UDS:Trojan.VBS.Agent.gen Trojan High Exactly {D8733BFF-75DA-4698-B751-57F8D1491970} HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks File Yesterday, 12/03/2023 13:25:03 Application startup was blocked GetIP.vbs GetIP.vbs D:\Websites\public_html\vantage\ip 3948 NT AUTHORITY\SYSTEM System user Start Blocked Blocked Rights Security settings access High Rights Yesterday, 12/03/2023 13:24:53 Malicious object detected 0 IB-11-0322758\Iain Active user Detected: UDS:Trojan.VBS.Agent.gen Detected UDS:Trojan.VBS.Agent.gen Trojan High Exactly GetIP.vbs D:\Websites\public_html\vantage\ip File Cloud Protection Yesterday, 12/03/2023 13:24:53 Application placed in restricted group GetIP.vbs GetIP.vbs D:\Websites\public_html\vantage\ip 0 IB-11-0322758\Iain Active user Application placed in group : UDS:Trojan.VBS.Agent.gen UDS:Trojan.VBS.Agent.gen Low Untrusted Group of applications Detected: UDS:Trojan.VBS.Agent.gen Yesterday, 12/03/2023 13:17:12 Application placed in Trusted group Microsoft® Windows Backup sdclt.exe C:\Windows\System32 19428 IB-11-0322758\Iain Initiator Application placed in group Low Trusted Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 13:00:00 Application placed in Trusted group taskschd.msc taskschd.msc C:\Windows\System32 20960 IB-11-0322758\Iain Initiator Application placed in group Low Trusted Group of applications Signed by the digital signature of trusted vendors Yesterday, 12/03/2023 11:20:01 Application placed in restricted group GetIP.vbs GetIP.vbs D:\Websites\public_html\vantage\ip 0 IB-11-0322758\Iain Active user Application placed in group Low Low Restricted Group of applications Trust group cannot be defined