COMODO Client - Security 12 Logs
   

Table

:

Containment Events
   

Date Created

:

2023-06-29 09:32:24
   

Records count

:

22
Date & TimeApplicationStatusRatingActionContained byParent Process PathParent Process IDParent Process HashParent Processes Tree DetailsUser NameDomainUser SID
2023-06-29 09:24:55C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21480.0_x64__8wekyb3d8bbwe\HxTsr.execompletedTrustedIgnoredContainment Policy0<parents><proc pid="10112" parentPid="1312" path="C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21480.0_x64__8wekyb3d8bbwe\HxTsr.exe" cmdline="&quot;C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21480.0_x64__8wekyb3d8bbwe\HxTsr.exe&quot; -ServerName:Hx.IPC.Server" name="HxTsr.exe" interpreter="false" fls="1" date="2023-06-29T01:24:20Z" domainname="GUHUIQING" username="guhuiqing" sha1="12B49262A40F8BE7D8B3A0A2EF10C7FC1C39128A" prcsCreationTime="2023-06-29T01:24:20.453Z" /><proc pid="1312" parentPid="1152" path="C:\Windows\System32\svchost.exe" cmdline="C:\Windows\system32\svchost.exe -k DcomLaunch -p" name="svchost.exe" interpreter="false" fls="1" date="2023-06-28T06:08:30Z" domainname="NT AUTHORITY" username="SYSTEM" sha1="3F64C98F22DA277A07CAB248C44C56EEDB796A81" prcsCreationTime="2023-06-28T06:08:30.177Z" /><proc pid="1152" parentPid="784" path="C:\Windows\System32\services.exe" cmdline="" name="services.exe" interpreter="false" fls="1" date="2023-06-28T06:08:30Z" domainname="NT AUTHORITY" username="SYSTEM" sha1="16D12A866C716390AF9CA4D87BD7674D6E478F42" prcsCreationTime="2023-06-28T06:08:30.036Z" /><proc pid="784" parentPid="0" path="C:\Windows\System32\wininit.exe" cmdline="" name="wininit.exe" interpreter="false" fls="1" date="2023-06-28T06:08:30Z" domainname="NT AUTHORITY" username="SYSTEM" sha1="6BAA5CDECD1450CC37E516468F97201ECDE002A2" prcsCreationTime="2023-06-28T06:08:30.036Z" /></parents>
2023-06-29 09:24:20C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21480.0_x64__8wekyb3d8bbwe\HxTsr.exerunningTrustedIgnoredContainment PolicyC:\Windows\System32\svchost.exe13123F64C98F22DA277A07CAB248C44C56EEDB796A81<parents><proc pid="10112" parentPid="1312" path="C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21480.0_x64__8wekyb3d8bbwe\HxTsr.exe" cmdline="&quot;C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21480.0_x64__8wekyb3d8bbwe\HxTsr.exe&quot; -ServerName:Hx.IPC.Server" name="HxTsr.exe" interpreter="false" fls="1" date="2023-06-29T01:24:20Z" domainname="GUHUIQING" username="guhuiqing" sha1="12B49262A40F8BE7D8B3A0A2EF10C7FC1C39128A" prcsCreationTime="2023-06-29T01:24:20.453Z" /><proc pid="1312" parentPid="1152" path="C:\Windows\System32\svchost.exe" cmdline="C:\Windows\system32\svchost.exe -k DcomLaunch -p" name="svchost.exe" interpreter="false" fls="1" date="2023-06-28T06:08:30Z" domainname="NT AUTHORITY" username="SYSTEM" sha1="3F64C98F22DA277A07CAB248C44C56EEDB796A81" prcsCreationTime="2023-06-28T06:08:30.177Z" /><proc pid="1152" parentPid="784" path="C:\Windows\System32\services.exe" cmdline="" name="services.exe" interpreter="false" fls="1" date="2023-06-28T06:08:30Z" domainname="NT AUTHORITY" username="SYSTEM" sha1="16D12A866C716390AF9CA4D87BD7674D6E478F42" prcsCreationTime="2023-06-28T06:08:30.036Z" /><proc pid="784" parentPid="0" path="C:\Windows\System32\wininit.exe" cmdline="" name="wininit.exe" interpreter="false" fls="1" date="2023-06-28T06:08:30Z" domainname="NT AUTHORITY" username="SYSTEM" sha1="6BAA5CDECD1450CC37E516468F97201ECDE002A2" prcsCreationTime="2023-06-28T06:08:30.036Z" /></parents>guhuiqingGUHUIQINGS-1-5-21-2701200056-3725024385-2075039037-1001
2023-06-29 09:05:45C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21480.0_x64__8wekyb3d8bbwe\HxTsr.execompletedTrustedIgnoredContainment Policy0<parents><proc pid="11184" parentPid="1312" path="C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21480.0_x64__8wekyb3d8bbwe\HxTsr.exe" cmdline="&quot;C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21480.0_x64__8wekyb3d8bbwe\HxTsr.exe&quot; -ServerName:Hx.IPC.Server" name="HxTsr.exe" interpreter="false" fls="1" date="2023-06-29T01:05:35Z" domainname="GUHUIQING" username="guhuiqing" sha1="12B49262A40F8BE7D8B3A0A2EF10C7FC1C39128A" prcsCreationTime="2023-06-29T01:05:35.081Z" /><proc pid="1312" parentPid="1152" path="C:\Windows\System32\svchost.exe" cmdline="C:\Windows\system32\svchost.exe -k DcomLaunch -p" name="svchost.exe" interpreter="false" fls="1" date="2023-06-28T06:08:30Z" domainname="NT AUTHORITY" username="SYSTEM" sha1="3F64C98F22DA277A07CAB248C44C56EEDB796A81" prcsCreationTime="2023-06-28T06:08:30.177Z" /><proc pid="1152" parentPid="784" path="C:\Windows\System32\services.exe" cmdline="" name="services.exe" interpreter="false" fls="1" date="2023-06-28T06:08:30Z" domainname="NT AUTHORITY" username="SYSTEM" sha1="16D12A866C716390AF9CA4D87BD7674D6E478F42" prcsCreationTime="2023-06-28T06:08:30.036Z" /><proc pid="784" parentPid="0" path="C:\Windows\System32\wininit.exe" cmdline="" name="wininit.exe" interpreter="false" fls="1" date="2023-06-28T06:08:30Z" domainname="NT AUTHORITY" username="SYSTEM" sha1="6BAA5CDECD1450CC37E516468F97201ECDE002A2" prcsCreationTime="2023-06-28T06:08:30.036Z" /></parents>
2023-06-29 09:05:35C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21480.0_x64__8wekyb3d8bbwe\HxTsr.exerunningTrustedIgnoredContainment PolicyC:\Windows\System32\svchost.exe13123F64C98F22DA277A07CAB248C44C56EEDB796A81<parents><proc pid="11184" parentPid="1312" path="C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21480.0_x64__8wekyb3d8bbwe\HxTsr.exe" cmdline="&quot;C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21480.0_x64__8wekyb3d8bbwe\HxTsr.exe&quot; -ServerName:Hx.IPC.Server" name="HxTsr.exe" interpreter="false" fls="1" date="2023-06-29T01:05:35Z" domainname="GUHUIQING" username="guhuiqing" sha1="12B49262A40F8BE7D8B3A0A2EF10C7FC1C39128A" prcsCreationTime="2023-06-29T01:05:35.081Z" /><proc pid="1312" parentPid="1152" path="C:\Windows\System32\svchost.exe" cmdline="C:\Windows\system32\svchost.exe -k DcomLaunch -p" name="svchost.exe" interpreter="false" fls="1" date="2023-06-28T06:08:30Z" domainname="NT AUTHORITY" username="SYSTEM" sha1="3F64C98F22DA277A07CAB248C44C56EEDB796A81" prcsCreationTime="2023-06-28T06:08:30.177Z" /><proc pid="1152" parentPid="784" path="C:\Windows\System32\services.exe" cmdline="" name="services.exe" interpreter="false" fls="1" date="2023-06-28T06:08:30Z" domainname="NT AUTHORITY" username="SYSTEM" sha1="16D12A866C716390AF9CA4D87BD7674D6E478F42" prcsCreationTime="2023-06-28T06:08:30.036Z" /><proc pid="784" parentPid="0" path="C:\Windows\System32\wininit.exe" cmdline="" name="wininit.exe" interpreter="false" fls="1" date="2023-06-28T06:08:30Z" domainname="NT AUTHORITY" username="SYSTEM" sha1="6BAA5CDECD1450CC37E516468F97201ECDE002A2" prcsCreationTime="2023-06-28T06:08:30.036Z" /></parents>guhuiqingGUHUIQINGS-1-5-21-2701200056-3725024385-2075039037-1001
2023-06-29 09:03:44C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2023.11050.16005.0_x64__8wekyb3d8bbwe\PhotosService\PhotosService.execompletedTrustedIgnoredContainment Policy0<parents><proc pid="2264" parentPid="6772" path="C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2023.11050.16005.0_x64__8wekyb3d8bbwe\PhotosService\PhotosService.exe" cmdline="&quot;C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2023.11050.16005.0_x64__8wekyb3d8bbwe\PhotosService\PhotosService.exe&quot; /InvokerPRAID: App " name="PhotosService.exe" interpreter="false" fls="1" date="2023-06-29T01:02:47Z" domainname="GUHUIQING" username="guhuiqing" sha1="88E51BCE9FA8CF868168091C7813BD53433E7D8F" prcsCreationTime="2023-06-29T01:02:47.839Z" /><proc pid="6772" parentPid="1268" path="C:\Windows\system32\sihost.exe" cmdline="sihost.exe" name="sihost.exe" interpreter="false" fls="1" date="2023-06-29T00:45:34Z" domainname="GUHUIQING" username="guhuiqing" sha1="E8D9750E757E5B580C56521A81ED0CC41D327D82" prcsCreationTime="2023-06-29T00:45:34.059Z" /><proc pid="1268" parentPid="1152" path="C:\Windows\System32\svchost.exe" cmdline="C:\Windows\system32\svchost.exe -k netsvcs -p -s UserManager" name="svchost.exe" interpreter="false" fls="1" date="2023-06-28T06:08:30Z" domainname="NT AUTHORITY" username="SYSTEM" sha1="3F64C98F22DA277A07CAB248C44C56EEDB796A81" prcsCreationTime="2023-06-28T06:08:30.192Z" /><proc pid="1152" parentPid="784" path="C:\Windows\System32\services.exe" cmdline="" name="services.exe" interpreter="false" fls="1" date="2023-06-28T06:08:30Z" domainname="NT AUTHORITY" username="SYSTEM" sha1="16D12A866C716390AF9CA4D87BD7674D6E478F42" prcsCreationTime="2023-06-28T06:08:30.036Z" /><proc pid="784" parentPid="0" path="C:\Windows\System32\wininit.exe" cmdline="" name="wininit.exe" interpreter="false" fls="1" date="2023-06-28T06:08:30Z" domainname="NT AUTHORITY" username="SYSTEM" sha1="6BAA5CDECD1450CC37E516468F97201ECDE002A2" prcsCreationTime="2023-06-28T06:08:30.036Z" /></parents>
2023-06-29 09:03:44C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2023.11050.16005.0_x64__8wekyb3d8bbwe\PhotosApp.execompletedTrustedIgnoredContainment Policy0<parents><proc pid="13028" parentPid="1312" path="C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2023.11050.16005.0_x64__8wekyb3d8bbwe\PhotosApp.exe" cmdline="&quot;C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2023.11050.16005.0_x64__8wekyb3d8bbwe\PhotosApp.exe&quot; -ServerName:App.AppXrsrmxw2kqfxg8qs234ywwm8hk94nw24k.mca" name="PhotosApp.exe" interpreter="false" fls="1" date="2023-06-29T01:02:45Z" domainname="GUHUIQING" username="guhuiqing" sha1="E991C27632E8D4D7073EFC09AEEE09C3E6598076" prcsCreationTime="2023-06-29T01:02:45.386Z" /><proc pid="1312" parentPid="1152" path="C:\Windows\System32\svchost.exe" cmdline="C:\Windows\system32\svchost.exe -k DcomLaunch -p" name="svchost.exe" interpreter="false" fls="1" date="2023-06-28T06:08:30Z" domainname="NT AUTHORITY" username="SYSTEM" sha1="3F64C98F22DA277A07CAB248C44C56EEDB796A81" prcsCreationTime="2023-06-28T06:08:30.177Z" /><proc pid="1152" parentPid="784" path="C:\Windows\System32\services.exe" cmdline="" name="services.exe" interpreter="false" fls="1" date="2023-06-28T06:08:30Z" domainname="NT AUTHORITY" username="SYSTEM" sha1="16D12A866C716390AF9CA4D87BD7674D6E478F42" prcsCreationTime="2023-06-28T06:08:30.036Z" /><proc pid="784" parentPid="0" path="C:\Windows\System32\wininit.exe" cmdline="" name="wininit.exe" interpreter="false" fls="1" date="2023-06-28T06:08:30Z" domainname="NT AUTHORITY" username="SYSTEM" sha1="6BAA5CDECD1450CC37E516468F97201ECDE002A2" prcsCreationTime="2023-06-28T06:08:30.036Z" /></parents>
2023-06-29 09:02:47C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2023.11050.16005.0_x64__8wekyb3d8bbwe\PhotosService\PhotosService.exerunningTrustedIgnoredContainment PolicyC:\Windows\system32\sihost.exe6772E8D9750E757E5B580C56521A81ED0CC41D327D82<parents><proc pid="2264" parentPid="6772" path="C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2023.11050.16005.0_x64__8wekyb3d8bbwe\PhotosService\PhotosService.exe" cmdline="&quot;C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2023.11050.16005.0_x64__8wekyb3d8bbwe\PhotosService\PhotosService.exe&quot; /InvokerPRAID: App " name="PhotosService.exe" interpreter="false" fls="1" date="2023-06-29T01:02:47Z" domainname="GUHUIQING" username="guhuiqing" sha1="88E51BCE9FA8CF868168091C7813BD53433E7D8F" prcsCreationTime="2023-06-29T01:02:47.839Z" /><proc pid="6772" parentPid="1268" path="C:\Windows\system32\sihost.exe" cmdline="sihost.exe" name="sihost.exe" interpreter="false" fls="1" date="2023-06-29T00:45:34Z" domainname="GUHUIQING" username="guhuiqing" sha1="E8D9750E757E5B580C56521A81ED0CC41D327D82" prcsCreationTime="2023-06-29T00:45:34.059Z" /><proc pid="1268" parentPid="1152" path="C:\Windows\System32\svchost.exe" cmdline="C:\Windows\system32\svchost.exe -k netsvcs -p -s UserManager" name="svchost.exe" interpreter="false" fls="1" date="2023-06-28T06:08:30Z" domainname="NT AUTHORITY" username="SYSTEM" sha1="3F64C98F22DA277A07CAB248C44C56EEDB796A81" prcsCreationTime="2023-06-28T06:08:30.192Z" /><proc pid="1152" parentPid="784" path="C:\Windows\System32\services.exe" cmdline="" name="services.exe" interpreter="false" fls="1" date="2023-06-28T06:08:30Z" domainname="NT AUTHORITY" username="SYSTEM" sha1="16D12A866C716390AF9CA4D87BD7674D6E478F42" prcsCreationTime="2023-06-28T06:08:30.036Z" /><proc pid="784" parentPid="0" path="C:\Windows\System32\wininit.exe" cmdline="" name="wininit.exe" interpreter="false" fls="1" date="2023-06-28T06:08:30Z" domainname="NT AUTHORITY" username="SYSTEM" sha1="6BAA5CDECD1450CC37E516468F97201ECDE002A2" prcsCreationTime="2023-06-28T06:08:30.036Z" /></parents>guhuiqingGUHUIQINGS-1-5-21-2701200056-3725024385-2075039037-1001
2023-06-29 09:02:45C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2023.11050.16005.0_x64__8wekyb3d8bbwe\PhotosApp.exerunningTrustedIgnoredContainment PolicyC:\Windows\System32\svchost.exe13123F64C98F22DA277A07CAB248C44C56EEDB796A81<parents><proc pid="13028" parentPid="1312" path="C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2023.11050.16005.0_x64__8wekyb3d8bbwe\PhotosApp.exe" cmdline="&quot;C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2023.11050.16005.0_x64__8wekyb3d8bbwe\PhotosApp.exe&quot; -ServerName:App.AppXrsrmxw2kqfxg8qs234ywwm8hk94nw24k.mca" name="PhotosApp.exe" interpreter="false" fls="1" date="2023-06-29T01:02:45Z" domainname="GUHUIQING" username="guhuiqing" sha1="E991C27632E8D4D7073EFC09AEEE09C3E6598076" prcsCreationTime="2023-06-29T01:02:45.386Z" /><proc pid="1312" parentPid="1152" path="C:\Windows\System32\svchost.exe" cmdline="C:\Windows\system32\svchost.exe -k DcomLaunch -p" name="svchost.exe" interpreter="false" fls="1" date="2023-06-28T06:08:30Z" domainname="NT AUTHORITY" username="SYSTEM" sha1="3F64C98F22DA277A07CAB248C44C56EEDB796A81" prcsCreationTime="2023-06-28T06:08:30.177Z" /><proc pid="1152" parentPid="784" path="C:\Windows\System32\services.exe" cmdline="" name="services.exe" interpreter="false" fls="1" date="2023-06-28T06:08:30Z" domainname="NT AUTHORITY" username="SYSTEM" sha1="16D12A866C716390AF9CA4D87BD7674D6E478F42" prcsCreationTime="2023-06-28T06:08:30.036Z" /><proc pid="784" parentPid="0" path="C:\Windows\System32\wininit.exe" cmdline="" name="wininit.exe" interpreter="false" fls="1" date="2023-06-28T06:08:30Z" domainname="NT AUTHORITY" username="SYSTEM" sha1="6BAA5CDECD1450CC37E516468F97201ECDE002A2" prcsCreationTime="2023-06-28T06:08:30.036Z" /></parents>guhuiqingGUHUIQINGS-1-5-21-2701200056-3725024385-2075039037-1001
2023-06-29 08:55:30C:\Windows\system32\DllHost.execompletedTrustedRun VirtuallyContained Process0<parents><proc pid="14196" parentPid="7992" path="C:\Windows\system32\DllHost.exe" cmdline="C:\Windows\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}" name="DllHost.exe" interpreter="false" fls="1" date="2023-06-29T00:55:03Z" domainname="GUHUIQING" username="guhuiqing" sha1="C521025C55687C1F29B1F3A3C69B3D152CE84981" prcsCreationTime="2023-06-29T00:55:03.914Z" /><proc pid="7992" parentPid="9256" path="C:\Windows\system32\svchost.exe" cmdline="C:\Windows\system32\svchost.exe -k DcomLaunch" name="svchost.exe" interpreter="false" fls="1" date="2023-06-28T06:08:56Z" domainname="NT AUTHORITY" username="SYSTEM" sha1="3F64C98F22DA277A07CAB248C44C56EEDB796A81" prcsCreationTime="2023-06-28T06:08:56.919Z" /><proc pid="9256" parentPid="1152" path="C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe" cmdline="&quot;C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe&quot;" name="cmdvirth.exe" interpreter="false" fls="1" date="2023-06-28T06:08:56Z" domainname="NT AUTHORITY" username="SYSTEM" sha1="943E78FB35DFEFDD411EC38DE0393C70B630B703" prcsCreationTime="2023-06-28T06:08:56.826Z" /><proc pid="1152" parentPid="784" path="C:\Windows\System32\services.exe" cmdline="" name="services.exe" interpreter="false" fls="1" date="2023-06-28T06:08:30Z" domainname="NT AUTHORITY" username="SYSTEM" sha1="16D12A866C716390AF9CA4D87BD7674D6E478F42" prcsCreationTime="2023-06-28T06:08:30.036Z" /><proc pid="784" parentPid="0" path="C:\Windows\System32\wininit.exe" cmdline="" name="wininit.exe" interpreter="false" fls="1" date="2023-06-28T06:08:30Z" domainname="NT AUTHORITY" username="SYSTEM" sha1="6BAA5CDECD1450CC37E516468F97201ECDE002A2" prcsCreationTime="2023-06-28T06:08:30.036Z" /></parents>
2023-06-29 08:55:15C:\Program Files\COMODO\COMODO Internet Security\virtkiosk.exerunningTrustedRun VirtuallyVirtual Desktop ShellC:\Program Files\COMODO\COMODO Internet Security\cis.exe67880751108C054EB9E8596319466E7E0F136A7110D1<parents><proc pid="11652" parentPid="6788" path="C:\Program Files\COMODO\COMODO Internet Security\virtkiosk.exe" cmdline="&quot;C:\Program Files\COMODO\COMODO Internet Security\virtkiosk.exe&quot; -v &quot;C:\Program Files\Internet Explorer\iexplore.exe&quot;" name="virtkiosk.exe" interpreter="false" fls="1" date="2023-06-29T00:55:15Z" domainname="GUHUIQING" username="guhuiqing" sha1="F6DBEA77EA7BEA8105BE221E9FC6DFEBB900EAB3" prcsCreationTime="2023-06-29T00:55:15.138Z" /><proc pid="6788" parentPid="4980" path="C:\Program Files\COMODO\COMODO Internet Security\cis.exe" cmdline="&quot;C:\Program Files\COMODO\COMODO Internet Security\cis.exe&quot; --cistrayUI" name="cis.exe" interpreter="false" fls="1" date="2023-06-29T00:45:37Z" domainname="GUHUIQING" username="guhuiqing" sha1="0751108C054EB9E8596319466E7E0F136A7110D1" prcsCreationTime="2023-06-29T00:45:37.204Z" /><proc pid="4980" parentPid="1152" path="C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe" cmdline="&quot;C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe&quot;" name="cmdagent.exe" interpreter="false" fls="1" date="2023-06-28T06:08:37Z" domainname="NT AUTHORITY" username="SYSTEM" sha1="5EECD4B1619A547A4E0FFB02B52E8F5180FFC9C6" prcsCreationTime="2023-06-28T06:08:37.865Z" /><proc pid="1152" parentPid="784" path="C:\Windows\System32\services.exe" cmdline="" name="services.exe" interpreter="false" fls="1" date="2023-06-28T06:08:30Z" domainname="NT AUTHORITY" username="SYSTEM" sha1="16D12A866C716390AF9CA4D87BD7674D6E478F42" prcsCreationTime="2023-06-28T06:08:30.036Z" /><proc pid="784" parentPid="0" path="C:\Windows\System32\wininit.exe" cmdline="" name="wininit.exe" interpreter="false" fls="1" date="2023-06-28T06:08:30Z" domainname="NT AUTHORITY" username="SYSTEM" sha1="6BAA5CDECD1450CC37E516468F97201ECDE002A2" prcsCreationTime="2023-06-28T06:08:30.036Z" /></parents>guhuiqingGUHUIQINGS-1-5-21-2701200056-3725024385-2075039037-1001
2023-06-29 08:55:15C:\Program Files\Internet Explorer\iexplore.exerunningTrustedRun VirtuallyUserC:\Program Files\COMODO\COMODO Internet Security\virtkiosk.exe11652F6DBEA77EA7BEA8105BE221E9FC6DFEBB900EAB3<parents><proc pid="11348" parentPid="11652" path="C:\Program Files\Internet Explorer\iexplore.exe" cmdline="&quot;C:\Program Files\Internet Explorer\iexplore.exe&quot; " name="iexplore.exe" interpreter="false" fls="1" date="2023-06-29T00:55:15Z" domainname="GUHUIQING" username="guhuiqing" sha1="913099C37EFFBB55343C1B5342007B0AC1E6878B" prcsCreationTime="2023-06-29T00:55:15.265Z" /><proc pid="11652" parentPid="6788" path="C:\Program Files\COMODO\COMODO Internet Security\virtkiosk.exe" cmdline="&quot;C:\Program Files\COMODO\COMODO Internet Security\virtkiosk.exe&quot; -v &quot;C:\Program Files\Internet Explorer\iexplore.exe&quot;" name="virtkiosk.exe" interpreter="false" fls="1" date="2023-06-29T00:55:15Z" domainname="GUHUIQING" username="guhuiqing" sha1="F6DBEA77EA7BEA8105BE221E9FC6DFEBB900EAB3" prcsCreationTime="2023-06-29T00:55:15.138Z" /><proc pid="6788" parentPid="4980" path="C:\Program Files\COMODO\COMODO Internet Security\cis.exe" cmdline="&quot;C:\Program Files\COMODO\COMODO Internet Security\cis.exe&quot; --cistrayUI" name="cis.exe" interpreter="false" fls="1" date="2023-06-29T00:45:37Z" domainname="GUHUIQING" username="guhuiqing" sha1="0751108C054EB9E8596319466E7E0F136A7110D1" prcsCreationTime="2023-06-29T00:45:37.204Z" /><proc pid="4980" parentPid="1152" path="C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe" cmdline="&quot;C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe&quot;" name="cmdagent.exe" interpreter="false" fls="1" date="2023-06-28T06:08:37Z" domainname="NT AUTHORITY" username="SYSTEM" sha1="5EECD4B1619A547A4E0FFB02B52E8F5180FFC9C6" prcsCreationTime="2023-06-28T06:08:37.865Z" /><proc pid="1152" parentPid="784" path="C:\Windows\System32\services.exe" cmdline="" name="services.exe" interpreter="false" fls="1" date="2023-06-28T06:08:30Z" domainname="NT AUTHORITY" username="SYSTEM" sha1="16D12A866C716390AF9CA4D87BD7674D6E478F42" prcsCreationTime="2023-06-28T06:08:30.036Z" /><proc pid="784" parentPid="0" path="C:\Windows\System32\wininit.exe" cmdline="" name="wininit.exe" interpreter="false" fls="1" date="2023-06-28T06:08:30Z" domainname="NT AUTHORITY" username="SYSTEM" sha1="6BAA5CDECD1450CC37E516468F97201ECDE002A2" prcsCreationTime="2023-06-28T06:08:30.036Z" /></parents>guhuiqingGUHUIQINGS-1-5-21-2701200056-3725024385-2075039037-1001
2023-06-29 08:55:15C:\Program Files\COMODO\COMODO Internet Security\virtkiosk.execompletedTrustedRun VirtuallyVirtual Desktop Shell0<parents><proc pid="11652" parentPid="6788" path="C:\Program Files\COMODO\COMODO Internet Security\virtkiosk.exe" cmdline="&quot;C:\Program Files\COMODO\COMODO Internet Security\virtkiosk.exe&quot; -v &quot;C:\Program Files\Internet Explorer\iexplore.exe&quot;" name="virtkiosk.exe" interpreter="false" fls="1" date="2023-06-29T00:55:15Z" domainname="GUHUIQING" username="guhuiqing" sha1="F6DBEA77EA7BEA8105BE221E9FC6DFEBB900EAB3" prcsCreationTime="2023-06-29T00:55:15.138Z" /><proc pid="6788" parentPid="4980" path="C:\Program Files\COMODO\COMODO Internet Security\cis.exe" cmdline="&quot;C:\Program Files\COMODO\COMODO Internet Security\cis.exe&quot; --cistrayUI" name="cis.exe" interpreter="false" fls="1" date="2023-06-29T00:45:37Z" domainname="GUHUIQING" username="guhuiqing" sha1="0751108C054EB9E8596319466E7E0F136A7110D1" prcsCreationTime="2023-06-29T00:45:37.204Z" /><proc pid="4980" parentPid="1152" path="C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe" cmdline="&quot;C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe&quot;" name="cmdagent.exe" interpreter="false" fls="1" date="2023-06-28T06:08:37Z" domainname="NT AUTHORITY" username="SYSTEM" sha1="5EECD4B1619A547A4E0FFB02B52E8F5180FFC9C6" prcsCreationTime="2023-06-28T06:08:37.865Z" /><proc pid="1152" parentPid="784" path="C:\Windows\System32\services.exe" cmdline="" name="services.exe" interpreter="false" fls="1" date="2023-06-28T06:08:30Z" domainname="NT AUTHORITY" username="SYSTEM" sha1="16D12A866C716390AF9CA4D87BD7674D6E478F42" prcsCreationTime="2023-06-28T06:08:30.036Z" /><proc pid="784" parentPid="0" path="C:\Windows\System32\wininit.exe" cmdline="" name="wininit.exe" interpreter="false" fls="1" date="2023-06-28T06:08:30Z" domainname="NT AUTHORITY" username="SYSTEM" sha1="6BAA5CDECD1450CC37E516468F97201ECDE002A2" prcsCreationTime="2023-06-28T06:08:30.036Z" /></parents>
2023-06-29 08:55:15C:\Program Files\Internet Explorer\iexplore.execompletedTrustedRun VirtuallyUser0<parents><proc pid="11348" parentPid="11652" path="C:\Program Files\Internet Explorer\iexplore.exe" cmdline="&quot;C:\Program Files\Internet Explorer\iexplore.exe&quot; " name="iexplore.exe" interpreter="false" fls="1" date="2023-06-29T00:55:15Z" domainname="GUHUIQING" username="guhuiqing" sha1="913099C37EFFBB55343C1B5342007B0AC1E6878B" prcsCreationTime="2023-06-29T00:55:15.265Z" /><proc pid="11652" parentPid="6788" path="C:\Program Files\COMODO\COMODO Internet Security\virtkiosk.exe" cmdline="&quot;C:\Program Files\COMODO\COMODO Internet Security\virtkiosk.exe&quot; -v &quot;C:\Program Files\Internet Explorer\iexplore.exe&quot;" name="virtkiosk.exe" interpreter="false" fls="1" date="2023-06-29T00:55:15Z" domainname="GUHUIQING" username="guhuiqing" sha1="F6DBEA77EA7BEA8105BE221E9FC6DFEBB900EAB3" prcsCreationTime="2023-06-29T00:55:15.138Z" /><proc pid="6788" parentPid="4980" path="C:\Program Files\COMODO\COMODO Internet Security\cis.exe" cmdline="&quot;C:\Program Files\COMODO\COMODO Internet Security\cis.exe&quot; --cistrayUI" name="cis.exe" interpreter="false" fls="1" date="2023-06-29T00:45:37Z" domainname="GUHUIQING" username="guhuiqing" sha1="0751108C054EB9E8596319466E7E0F136A7110D1" prcsCreationTime="2023-06-29T00:45:37.204Z" /><proc pid="4980" parentPid="1152" path="C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe" cmdline="&quot;C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe&quot;" name="cmdagent.exe" interpreter="false" fls="1" date="2023-06-28T06:08:37Z" domainname="NT AUTHORITY" username="SYSTEM" sha1="5EECD4B1619A547A4E0FFB02B52E8F5180FFC9C6" prcsCreationTime="2023-06-28T06:08:37.865Z" /><proc pid="1152" parentPid="784" path="C:\Windows\System32\services.exe" cmdline="" name="services.exe" interpreter="false" fls="1" date="2023-06-28T06:08:30Z" domainname="NT AUTHORITY" username="SYSTEM" sha1="16D12A866C716390AF9CA4D87BD7674D6E478F42" prcsCreationTime="2023-06-28T06:08:30.036Z" /><proc pid="784" parentPid="0" path="C:\Windows\System32\wininit.exe" cmdline="" name="wininit.exe" interpreter="false" fls="1" date="2023-06-28T06:08:30Z" domainname="NT AUTHORITY" username="SYSTEM" sha1="6BAA5CDECD1450CC37E516468F97201ECDE002A2" prcsCreationTime="2023-06-28T06:08:30.036Z" /></parents>
2023-06-29 08:55:10C:\Program Files\COMODO\COMODO Internet Security\virtkiosk.exerunningTrustedRun VirtuallyVirtual Desktop ShellC:\Program Files\COMODO\COMODO Internet Security\cis.exe67880751108C054EB9E8596319466E7E0F136A7110D1<parents><proc pid="8904" parentPid="6788" path="C:\Program Files\COMODO\COMODO Internet Security\virtkiosk.exe" cmdline="&quot;C:\Program Files\COMODO\COMODO Internet Security\virtkiosk.exe&quot; -v &quot;C:\Program Files\Internet Explorer\iexplore.exe&quot;" name="virtkiosk.exe" interpreter="false" fls="1" date="2023-06-29T00:55:10Z" domainname="GUHUIQING" username="guhuiqing" sha1="F6DBEA77EA7BEA8105BE221E9FC6DFEBB900EAB3" prcsCreationTime="2023-06-29T00:55:10.395Z" /><proc pid="6788" parentPid="4980" path="C:\Program Files\COMODO\COMODO Internet Security\cis.exe" cmdline="&quot;C:\Program Files\COMODO\COMODO Internet Security\cis.exe&quot; --cistrayUI" name="cis.exe" interpreter="false" fls="1" date="2023-06-29T00:45:37Z" domainname="GUHUIQING" username="guhuiqing" sha1="0751108C054EB9E8596319466E7E0F136A7110D1" prcsCreationTime="2023-06-29T00:45:37.204Z" /><proc pid="4980" parentPid="1152" path="C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe" cmdline="&quot;C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe&quot;" name="cmdagent.exe" interpreter="false" fls="1" date="2023-06-28T06:08:37Z" domainname="NT AUTHORITY" username="SYSTEM" sha1="5EECD4B1619A547A4E0FFB02B52E8F5180FFC9C6" prcsCreationTime="2023-06-28T06:08:37.865Z" /><proc pid="1152" parentPid="784" path="C:\Windows\System32\services.exe" cmdline="" name="services.exe" interpreter="false" fls="1" date="2023-06-28T06:08:30Z" domainname="NT AUTHORITY" username="SYSTEM" sha1="16D12A866C716390AF9CA4D87BD7674D6E478F42" prcsCreationTime="2023-06-28T06:08:30.036Z" /><proc pid="784" parentPid="0" path="C:\Windows\System32\wininit.exe" cmdline="" name="wininit.exe" interpreter="false" fls="1" date="2023-06-28T06:08:30Z" domainname="NT AUTHORITY" username="SYSTEM" sha1="6BAA5CDECD1450CC37E516468F97201ECDE002A2" prcsCreationTime="2023-06-28T06:08:30.036Z" /></parents>guhuiqingGUHUIQINGS-1-5-21-2701200056-3725024385-2075039037-1001
2023-06-29 08:55:10C:\Program Files\Internet Explorer\iexplore.exerunningTrustedRun VirtuallyUserC:\Program Files\COMODO\COMODO Internet Security\virtkiosk.exe8904F6DBEA77EA7BEA8105BE221E9FC6DFEBB900EAB3<parents><proc pid="5520" parentPid="8904" path="C:\Program Files\Internet Explorer\iexplore.exe" cmdline="&quot;C:\Program Files\Internet Explorer\iexplore.exe&quot; " name="iexplore.exe" interpreter="false" fls="1" date="2023-06-29T00:55:10Z" domainname="GUHUIQING" username="guhuiqing" sha1="913099C37EFFBB55343C1B5342007B0AC1E6878B" prcsCreationTime="2023-06-29T00:55:10.524Z" /><proc pid="8904" parentPid="6788" path="C:\Program Files\COMODO\COMODO Internet Security\virtkiosk.exe" cmdline="&quot;C:\Program Files\COMODO\COMODO Internet Security\virtkiosk.exe&quot; -v &quot;C:\Program Files\Internet Explorer\iexplore.exe&quot;" name="virtkiosk.exe" interpreter="false" fls="1" date="2023-06-29T00:55:10Z" domainname="GUHUIQING" username="guhuiqing" sha1="F6DBEA77EA7BEA8105BE221E9FC6DFEBB900EAB3" prcsCreationTime="2023-06-29T00:55:10.395Z" /><proc pid="6788" parentPid="4980" path="C:\Program Files\COMODO\COMODO Internet Security\cis.exe" cmdline="&quot;C:\Program Files\COMODO\COMODO Internet Security\cis.exe&quot; --cistrayUI" name="cis.exe" interpreter="false" fls="1" date="2023-06-29T00:45:37Z" domainname="GUHUIQING" username="guhuiqing" sha1="0751108C054EB9E8596319466E7E0F136A7110D1" prcsCreationTime="2023-06-29T00:45:37.204Z" /><proc pid="4980" parentPid="1152" path="C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe" cmdline="&quot;C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe&quot;" name="cmdagent.exe" interpreter="false" fls="1" date="2023-06-28T06:08:37Z" domainname="NT AUTHORITY" username="SYSTEM" sha1="5EECD4B1619A547A4E0FFB02B52E8F5180FFC9C6" prcsCreationTime="2023-06-28T06:08:37.865Z" /><proc pid="1152" parentPid="784" path="C:\Windows\System32\services.exe" cmdline="" name="services.exe" interpreter="false" fls="1" date="2023-06-28T06:08:30Z" domainname="NT AUTHORITY" username="SYSTEM" sha1="16D12A866C716390AF9CA4D87BD7674D6E478F42" prcsCreationTime="2023-06-28T06:08:30.036Z" /><proc pid="784" parentPid="0" path="C:\Windows\System32\wininit.exe" cmdline="" name="wininit.exe" interpreter="false" fls="1" date="2023-06-28T06:08:30Z" domainname="NT AUTHORITY" username="SYSTEM" sha1="6BAA5CDECD1450CC37E516468F97201ECDE002A2" prcsCreationTime="2023-06-28T06:08:30.036Z" /></parents>guhuiqingGUHUIQINGS-1-5-21-2701200056-3725024385-2075039037-1001
2023-06-29 08:55:10C:\Program Files\COMODO\COMODO Internet Security\virtkiosk.execompletedTrustedRun VirtuallyVirtual Desktop Shell0<parents><proc pid="8904" parentPid="6788" path="C:\Program Files\COMODO\COMODO Internet Security\virtkiosk.exe" cmdline="&quot;C:\Program Files\COMODO\COMODO Internet Security\virtkiosk.exe&quot; -v &quot;C:\Program Files\Internet Explorer\iexplore.exe&quot;" name="virtkiosk.exe" interpreter="false" fls="1" date="2023-06-29T00:55:10Z" domainname="GUHUIQING" username="guhuiqing" sha1="F6DBEA77EA7BEA8105BE221E9FC6DFEBB900EAB3" prcsCreationTime="2023-06-29T00:55:10.395Z" /><proc pid="6788" parentPid="4980" path="C:\Program Files\COMODO\COMODO Internet Security\cis.exe" cmdline="&quot;C:\Program Files\COMODO\COMODO Internet Security\cis.exe&quot; --cistrayUI" name="cis.exe" interpreter="false" fls="1" date="2023-06-29T00:45:37Z" domainname="GUHUIQING" username="guhuiqing" sha1="0751108C054EB9E8596319466E7E0F136A7110D1" prcsCreationTime="2023-06-29T00:45:37.204Z" /><proc pid="4980" parentPid="1152" path="C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe" cmdline="&quot;C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe&quot;" name="cmdagent.exe" interpreter="false" fls="1" date="2023-06-28T06:08:37Z" domainname="NT AUTHORITY" username="SYSTEM" sha1="5EECD4B1619A547A4E0FFB02B52E8F5180FFC9C6" prcsCreationTime="2023-06-28T06:08:37.865Z" /><proc pid="1152" parentPid="784" path="C:\Windows\System32\services.exe" cmdline="" name="services.exe" interpreter="false" fls="1" date="2023-06-28T06:08:30Z" domainname="NT AUTHORITY" username="SYSTEM" sha1="16D12A866C716390AF9CA4D87BD7674D6E478F42" prcsCreationTime="2023-06-28T06:08:30.036Z" /><proc pid="784" parentPid="0" path="C:\Windows\System32\wininit.exe" cmdline="" name="wininit.exe" interpreter="false" fls="1" date="2023-06-28T06:08:30Z" domainname="NT AUTHORITY" username="SYSTEM" sha1="6BAA5CDECD1450CC37E516468F97201ECDE002A2" prcsCreationTime="2023-06-28T06:08:30.036Z" /></parents>
2023-06-29 08:55:10C:\Program Files\Internet Explorer\iexplore.execompletedTrustedRun VirtuallyUser0<parents><proc pid="5520" parentPid="8904" path="C:\Program Files\Internet Explorer\iexplore.exe" cmdline="&quot;C:\Program Files\Internet Explorer\iexplore.exe&quot; " name="iexplore.exe" interpreter="false" fls="1" date="2023-06-29T00:55:10Z" domainname="GUHUIQING" username="guhuiqing" sha1="913099C37EFFBB55343C1B5342007B0AC1E6878B" prcsCreationTime="2023-06-29T00:55:10.524Z" /><proc pid="8904" parentPid="6788" path="C:\Program Files\COMODO\COMODO Internet Security\virtkiosk.exe" cmdline="&quot;C:\Program Files\COMODO\COMODO Internet Security\virtkiosk.exe&quot; -v &quot;C:\Program Files\Internet Explorer\iexplore.exe&quot;" name="virtkiosk.exe" interpreter="false" fls="1" date="2023-06-29T00:55:10Z" domainname="GUHUIQING" username="guhuiqing" sha1="F6DBEA77EA7BEA8105BE221E9FC6DFEBB900EAB3" prcsCreationTime="2023-06-29T00:55:10.395Z" /><proc pid="6788" parentPid="4980" path="C:\Program Files\COMODO\COMODO Internet Security\cis.exe" cmdline="&quot;C:\Program Files\COMODO\COMODO Internet Security\cis.exe&quot; --cistrayUI" name="cis.exe" interpreter="false" fls="1" date="2023-06-29T00:45:37Z" domainname="GUHUIQING" username="guhuiqing" sha1="0751108C054EB9E8596319466E7E0F136A7110D1" prcsCreationTime="2023-06-29T00:45:37.204Z" /><proc pid="4980" parentPid="1152" path="C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe" cmdline="&quot;C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe&quot;" name="cmdagent.exe" interpreter="false" fls="1" date="2023-06-28T06:08:37Z" domainname="NT AUTHORITY" username="SYSTEM" sha1="5EECD4B1619A547A4E0FFB02B52E8F5180FFC9C6" prcsCreationTime="2023-06-28T06:08:37.865Z" /><proc pid="1152" parentPid="784" path="C:\Windows\System32\services.exe" cmdline="" name="services.exe" interpreter="false" fls="1" date="2023-06-28T06:08:30Z" domainname="NT AUTHORITY" username="SYSTEM" sha1="16D12A866C716390AF9CA4D87BD7674D6E478F42" prcsCreationTime="2023-06-28T06:08:30.036Z" /><proc pid="784" parentPid="0" path="C:\Windows\System32\wininit.exe" cmdline="" name="wininit.exe" interpreter="false" fls="1" date="2023-06-28T06:08:30Z" domainname="NT AUTHORITY" username="SYSTEM" sha1="6BAA5CDECD1450CC37E516468F97201ECDE002A2" prcsCreationTime="2023-06-28T06:08:30.036Z" /></parents>
2023-06-29 08:55:04C:\Program Files\Internet Explorer\iexplore.execompletedTrustedRun VirtuallyUser0<parents><proc pid="1324" parentPid="9560" path="C:\Program Files\Internet Explorer\iexplore.exe" cmdline="&quot;C:\Program Files\Internet Explorer\iexplore.exe&quot; " name="iexplore.exe" interpreter="false" fls="1" date="2023-06-29T00:55:03Z" domainname="GUHUIQING" username="guhuiqing" sha1="913099C37EFFBB55343C1B5342007B0AC1E6878B" prcsCreationTime="2023-06-29T00:55:03.802Z" /><proc pid="9560" parentPid="6788" path="C:\Program Files\COMODO\COMODO Internet Security\virtkiosk.exe" cmdline="&quot;C:\Program Files\COMODO\COMODO Internet Security\virtkiosk.exe&quot; -v &quot;C:\Program Files\Internet Explorer\iexplore.exe&quot;" name="virtkiosk.exe" interpreter="false" fls="1" date="2023-06-29T00:55:03Z" domainname="GUHUIQING" username="guhuiqing" sha1="F6DBEA77EA7BEA8105BE221E9FC6DFEBB900EAB3" prcsCreationTime="2023-06-29T00:55:03.676Z" /><proc pid="6788" parentPid="4980" path="C:\Program Files\COMODO\COMODO Internet Security\cis.exe" cmdline="&quot;C:\Program Files\COMODO\COMODO Internet Security\cis.exe&quot; --cistrayUI" name="cis.exe" interpreter="false" fls="1" date="2023-06-29T00:45:37Z" domainname="GUHUIQING" username="guhuiqing" sha1="0751108C054EB9E8596319466E7E0F136A7110D1" prcsCreationTime="2023-06-29T00:45:37.204Z" /><proc pid="4980" parentPid="1152" path="C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe" cmdline="&quot;C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe&quot;" name="cmdagent.exe" interpreter="false" fls="1" date="2023-06-28T06:08:37Z" domainname="NT AUTHORITY" username="SYSTEM" sha1="5EECD4B1619A547A4E0FFB02B52E8F5180FFC9C6" prcsCreationTime="2023-06-28T06:08:37.865Z" /><proc pid="1152" parentPid="784" path="C:\Windows\System32\services.exe" cmdline="" name="services.exe" interpreter="false" fls="1" date="2023-06-28T06:08:30Z" domainname="NT AUTHORITY" username="SYSTEM" sha1="16D12A866C716390AF9CA4D87BD7674D6E478F42" prcsCreationTime="2023-06-28T06:08:30.036Z" /><proc pid="784" parentPid="0" path="C:\Windows\System32\wininit.exe" cmdline="" name="wininit.exe" interpreter="false" fls="1" date="2023-06-28T06:08:30Z" domainname="NT AUTHORITY" username="SYSTEM" sha1="6BAA5CDECD1450CC37E516468F97201ECDE002A2" prcsCreationTime="2023-06-28T06:08:30.036Z" /></parents>
2023-06-29 08:55:03C:\Program Files\COMODO\COMODO Internet Security\virtkiosk.exerunningTrustedRun VirtuallyVirtual Desktop ShellC:\Program Files\COMODO\COMODO Internet Security\cis.exe67880751108C054EB9E8596319466E7E0F136A7110D1<parents><proc pid="9560" parentPid="6788" path="C:\Program Files\COMODO\COMODO Internet Security\virtkiosk.exe" cmdline="&quot;C:\Program Files\COMODO\COMODO Internet Security\virtkiosk.exe&quot; -v &quot;C:\Program Files\Internet Explorer\iexplore.exe&quot;" name="virtkiosk.exe" interpreter="false" fls="1" date="2023-06-29T00:55:03Z" domainname="GUHUIQING" username="guhuiqing" sha1="F6DBEA77EA7BEA8105BE221E9FC6DFEBB900EAB3" prcsCreationTime="2023-06-29T00:55:03.676Z" /><proc pid="6788" parentPid="4980" path="C:\Program Files\COMODO\COMODO Internet Security\cis.exe" cmdline="&quot;C:\Program Files\COMODO\COMODO Internet Security\cis.exe&quot; --cistrayUI" name="cis.exe" interpreter="false" fls="1" date="2023-06-29T00:45:37Z" domainname="GUHUIQING" username="guhuiqing" sha1="0751108C054EB9E8596319466E7E0F136A7110D1" prcsCreationTime="2023-06-29T00:45:37.204Z" /><proc pid="4980" parentPid="1152" path="C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe" cmdline="&quot;C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe&quot;" name="cmdagent.exe" interpreter="false" fls="1" date="2023-06-28T06:08:37Z" domainname="NT AUTHORITY" username="SYSTEM" sha1="5EECD4B1619A547A4E0FFB02B52E8F5180FFC9C6" prcsCreationTime="2023-06-28T06:08:37.865Z" /><proc pid="1152" parentPid="784" path="C:\Windows\System32\services.exe" cmdline="" name="services.exe" interpreter="false" fls="1" date="2023-06-28T06:08:30Z" domainname="NT AUTHORITY" username="SYSTEM" sha1="16D12A866C716390AF9CA4D87BD7674D6E478F42" prcsCreationTime="2023-06-28T06:08:30.036Z" /><proc pid="784" parentPid="0" path="C:\Windows\System32\wininit.exe" cmdline="" name="wininit.exe" interpreter="false" fls="1" date="2023-06-28T06:08:30Z" domainname="NT AUTHORITY" username="SYSTEM" sha1="6BAA5CDECD1450CC37E516468F97201ECDE002A2" prcsCreationTime="2023-06-28T06:08:30.036Z" /></parents>guhuiqingGUHUIQINGS-1-5-21-2701200056-3725024385-2075039037-1001
2023-06-29 08:55:03C:\Program Files\Internet Explorer\iexplore.exerunningTrustedRun VirtuallyUserC:\Program Files\COMODO\COMODO Internet Security\virtkiosk.exe9560F6DBEA77EA7BEA8105BE221E9FC6DFEBB900EAB3<parents><proc pid="1324" parentPid="9560" path="C:\Program Files\Internet Explorer\iexplore.exe" cmdline="&quot;C:\Program Files\Internet Explorer\iexplore.exe&quot; " name="iexplore.exe" interpreter="false" fls="1" date="2023-06-29T00:55:03Z" domainname="GUHUIQING" username="guhuiqing" sha1="913099C37EFFBB55343C1B5342007B0AC1E6878B" prcsCreationTime="2023-06-29T00:55:03.802Z" /><proc pid="9560" parentPid="6788" path="C:\Program Files\COMODO\COMODO Internet Security\virtkiosk.exe" cmdline="&quot;C:\Program Files\COMODO\COMODO Internet Security\virtkiosk.exe&quot; -v &quot;C:\Program Files\Internet Explorer\iexplore.exe&quot;" name="virtkiosk.exe" interpreter="false" fls="1" date="2023-06-29T00:55:03Z" domainname="GUHUIQING" username="guhuiqing" sha1="F6DBEA77EA7BEA8105BE221E9FC6DFEBB900EAB3" prcsCreationTime="2023-06-29T00:55:03.676Z" /><proc pid="6788" parentPid="4980" path="C:\Program Files\COMODO\COMODO Internet Security\cis.exe" cmdline="&quot;C:\Program Files\COMODO\COMODO Internet Security\cis.exe&quot; --cistrayUI" name="cis.exe" interpreter="false" fls="1" date="2023-06-29T00:45:37Z" domainname="GUHUIQING" username="guhuiqing" sha1="0751108C054EB9E8596319466E7E0F136A7110D1" prcsCreationTime="2023-06-29T00:45:37.204Z" /><proc pid="4980" parentPid="1152" path="C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe" cmdline="&quot;C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe&quot;" name="cmdagent.exe" interpreter="false" fls="1" date="2023-06-28T06:08:37Z" domainname="NT AUTHORITY" username="SYSTEM" sha1="5EECD4B1619A547A4E0FFB02B52E8F5180FFC9C6" prcsCreationTime="2023-06-28T06:08:37.865Z" /><proc pid="1152" parentPid="784" path="C:\Windows\System32\services.exe" cmdline="" name="services.exe" interpreter="false" fls="1" date="2023-06-28T06:08:30Z" domainname="NT AUTHORITY" username="SYSTEM" sha1="16D12A866C716390AF9CA4D87BD7674D6E478F42" prcsCreationTime="2023-06-28T06:08:30.036Z" /><proc pid="784" parentPid="0" path="C:\Windows\System32\wininit.exe" cmdline="" name="wininit.exe" interpreter="false" fls="1" date="2023-06-28T06:08:30Z" domainname="NT AUTHORITY" username="SYSTEM" sha1="6BAA5CDECD1450CC37E516468F97201ECDE002A2" prcsCreationTime="2023-06-28T06:08:30.036Z" /></parents>guhuiqingGUHUIQINGS-1-5-21-2701200056-3725024385-2075039037-1001
2023-06-29 08:55:03C:\Program Files\COMODO\COMODO Internet Security\virtkiosk.execompletedTrustedRun VirtuallyVirtual Desktop Shell0<parents><proc pid="9560" parentPid="6788" path="C:\Program Files\COMODO\COMODO Internet Security\virtkiosk.exe" cmdline="&quot;C:\Program Files\COMODO\COMODO Internet Security\virtkiosk.exe&quot; -v &quot;C:\Program Files\Internet Explorer\iexplore.exe&quot;" name="virtkiosk.exe" interpreter="false" fls="1" date="2023-06-29T00:55:03Z" domainname="GUHUIQING" username="guhuiqing" sha1="F6DBEA77EA7BEA8105BE221E9FC6DFEBB900EAB3" prcsCreationTime="2023-06-29T00:55:03.676Z" /><proc pid="6788" parentPid="4980" path="C:\Program Files\COMODO\COMODO Internet Security\cis.exe" cmdline="&quot;C:\Program Files\COMODO\COMODO Internet Security\cis.exe&quot; --cistrayUI" name="cis.exe" interpreter="false" fls="1" date="2023-06-29T00:45:37Z" domainname="GUHUIQING" username="guhuiqing" sha1="0751108C054EB9E8596319466E7E0F136A7110D1" prcsCreationTime="2023-06-29T00:45:37.204Z" /><proc pid="4980" parentPid="1152" path="C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe" cmdline="&quot;C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe&quot;" name="cmdagent.exe" interpreter="false" fls="1" date="2023-06-28T06:08:37Z" domainname="NT AUTHORITY" username="SYSTEM" sha1="5EECD4B1619A547A4E0FFB02B52E8F5180FFC9C6" prcsCreationTime="2023-06-28T06:08:37.865Z" /><proc pid="1152" parentPid="784" path="C:\Windows\System32\services.exe" cmdline="" name="services.exe" interpreter="false" fls="1" date="2023-06-28T06:08:30Z" domainname="NT AUTHORITY" username="SYSTEM" sha1="16D12A866C716390AF9CA4D87BD7674D6E478F42" prcsCreationTime="2023-06-28T06:08:30.036Z" /><proc pid="784" parentPid="0" path="C:\Windows\System32\wininit.exe" cmdline="" name="wininit.exe" interpreter="false" fls="1" date="2023-06-28T06:08:30Z" domainname="NT AUTHORITY" username="SYSTEM" sha1="6BAA5CDECD1450CC37E516468F97201ECDE002A2" prcsCreationTime="2023-06-28T06:08:30.036Z" /></parents>
2023-06-29 08:55:03C:\Windows\system32\DllHost.exerunningTrustedRun VirtuallyContained ProcessC:\Windows\system32\svchost.exe79923F64C98F22DA277A07CAB248C44C56EEDB796A81<parents><proc pid="14196" parentPid="7992" path="C:\Windows\system32\DllHost.exe" cmdline="C:\Windows\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}" name="DllHost.exe" interpreter="false" fls="1" date="2023-06-29T00:55:03Z" domainname="GUHUIQING" username="guhuiqing" sha1="C521025C55687C1F29B1F3A3C69B3D152CE84981" prcsCreationTime="2023-06-29T00:55:03.914Z" /><proc pid="7992" parentPid="9256" path="C:\Windows\system32\svchost.exe" cmdline="C:\Windows\system32\svchost.exe -k DcomLaunch" name="svchost.exe" interpreter="false" fls="1" date="2023-06-28T06:08:56Z" domainname="NT AUTHORITY" username="SYSTEM" sha1="3F64C98F22DA277A07CAB248C44C56EEDB796A81" prcsCreationTime="2023-06-28T06:08:56.919Z" /><proc pid="9256" parentPid="1152" path="C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe" cmdline="&quot;C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe&quot;" name="cmdvirth.exe" interpreter="false" fls="1" date="2023-06-28T06:08:56Z" domainname="NT AUTHORITY" username="SYSTEM" sha1="943E78FB35DFEFDD411EC38DE0393C70B630B703" prcsCreationTime="2023-06-28T06:08:56.826Z" /><proc pid="1152" parentPid="784" path="C:\Windows\System32\services.exe" cmdline="" name="services.exe" interpreter="false" fls="1" date="2023-06-28T06:08:30Z" domainname="NT AUTHORITY" username="SYSTEM" sha1="16D12A866C716390AF9CA4D87BD7674D6E478F42" prcsCreationTime="2023-06-28T06:08:30.036Z" /><proc pid="784" parentPid="0" path="C:\Windows\System32\wininit.exe" cmdline="" name="wininit.exe" interpreter="false" fls="1" date="2023-06-28T06:08:30Z" domainname="NT AUTHORITY" username="SYSTEM" sha1="6BAA5CDECD1450CC37E516468F97201ECDE002A2" prcsCreationTime="2023-06-28T06:08:30.036Z" /></parents>guhuiqingGUHUIQINGS-1-5-21-2701200056-3725024385-2075039037-1001
End of The Report