Loading built-in default control script [11-07-2023 18:34:43] DbgSVC started [11-07-2023 18:34:43] New process found: Process Name - System Process Process ID - 0 Process Identity - SYSTEM [11-07-2023 18:34:43] New process found: Process Name - System Process ID - 4 Process Identity - SYSTEM [11-07-2023 18:34:43] New process found: Process Name - smss.exe Process ID - 316 Process Identity - SYSTEM [11-07-2023 18:34:43] New process found: Process Name - csrss.exe Process ID - 424 Process Identity - SYSTEM [11-07-2023 18:34:43] New process found: Process Name - wininit.exe Process ID - 496 Process Identity - SYSTEM [11-07-2023 18:34:43] New process found: Process Name - csrss.exe Process ID - 504 Process Identity - SYSTEM [11-07-2023 18:34:43] New process found: Process Name - winlogon.exe Process ID - 568 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 18:34:43] New process found: Process Name - services.exe Process ID - 632 Process Identity - SYSTEM [11-07-2023 18:34:43] New process found: Process Name - lsass.exe Process ID - 648 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 18:34:43] New process found: Process Name - svchost.exe Process ID - 748 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 18:34:43] New process found: Process Name - svchost.exe Process ID - 808 Process Identity - NT AUTHORITY\NETWORK SERVICE [11-07-2023 18:34:43] New process found: Process Name - LogonUI.exe Process ID - 916 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 18:34:43] New process found: Process Name - dwm.exe Process ID - 936 Process Identity - Window Manager\DWM-1 [11-07-2023 18:34:43] New process found: Process Name - svchost.exe Process ID - 948 Process Identity - NT AUTHORITY\NETWORK SERVICE [11-07-2023 18:34:43] New process found: Process Name - svchost.exe Process ID - 972 Process Identity - NT AUTHORITY\LOCAL SERVICE [11-07-2023 18:34:43] New process found: Process Name - svchost.exe Process ID - 284 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 18:34:43] New process found: Process Name - svchost.exe Process ID - 768 Process Identity - NT AUTHORITY\LOCAL SERVICE [11-07-2023 18:34:43] New process found: Process Name - svchost.exe Process ID - 1068 Process Identity - NT AUTHORITY\LOCAL SERVICE [11-07-2023 18:34:43] New process found: Process Name - svchost.exe Process ID - 1120 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 18:34:43] New process found: Process Name - svchost.exe Process ID - 1296 Process Identity - NT AUTHORITY\NETWORK SERVICE [11-07-2023 18:34:43] New process found: Process Name - svchost.exe Process ID - 1308 Process Identity - NT AUTHORITY\LOCAL SERVICE [11-07-2023 18:34:43] New process found: Process Name - svchost.exe Process ID - 1600 Process Identity - NT AUTHORITY\LOCAL SERVICE [11-07-2023 18:34:43] New process found: Process Name - svchost.exe Process ID - 1720 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 18:34:43] New process found: Process Name - spoolsv.exe Process ID - 1980 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 18:34:43] New process found: Process Name - svchost.exe Process ID - 2032 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 18:34:43] New process found: Process Name - dns.exe Process ID - 2040 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 18:34:43] New process found: Process Name - svchost.exe Process ID - 1060 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 18:34:43] New process found: Process Name - svchost.exe Process ID - 1056 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 18:34:43] New process found: Process Name - ComboCleaner.WinService.exe Process ID - 1348 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 18:34:43] New process found: Process Name - ComboCleaner.Guard.exe Process ID - 1488 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 18:34:43] New process found: Process Name - MEDMS.EXE Process ID - 2108 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 18:34:43] New process found: Process Name - MEMTA.exe Process ID - 2116 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 18:34:43] New process found: Process Name - MELSC.exe Process ID - 2124 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 18:34:43] New process found: Process Name - MEIMAPS.EXE Process ID - 2132 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 18:34:43] New process found: Process Name - MEPOPS.exe Process ID - 2144 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 18:34:43] New process found: Process Name - MEPOC.exe Process ID - 2152 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 18:34:43] New process found: Process Name - MESMTPC.exe Process ID - 2160 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 18:34:43] New process found: Process Name - MBAMService.exe Process ID - 2188 Process Identity - SYSTEM [11-07-2023 18:34:43] New process found: Process Name - svchost.exe Process ID - 2200 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 18:34:43] New process found: Process Name - MsDepSvc.exe Process ID - 2336 Process Identity - NT AUTHORITY\NETWORK SERVICE [11-07-2023 18:34:43] New process found: Process Name - svchost.exe Process ID - 2348 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 18:34:43] New process found: Process Name - mqsvc.exe Process ID - 2364 Process Identity - NT AUTHORITY\NETWORK SERVICE [11-07-2023 18:34:43] New process found: Process Name - SMSvcHost.exe Process ID - 2444 Process Identity - NT AUTHORITY\LOCAL SERVICE [11-07-2023 18:34:43] New process found: Process Name - plesksrv.exe Process ID - 2520 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 18:34:43] New process found: Process Name - PopPassD.exe Process ID - 2528 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 18:34:43] New process found: Process Name - sqlbrowser.exe Process ID - 2544 Process Identity - NT AUTHORITY\LOCAL SERVICE [11-07-2023 18:34:43] New process found: Process Name - sqlwriter.exe Process ID - 2576 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 18:34:43] New process found: Process Name - svchost.exe Process ID - 2612 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 18:34:43] New process found: Process Name - MsMpEng.exe Process ID - 2628 Process Identity - SYSTEM [11-07-2023 18:34:43] New process found: Process Name - WMSvc.exe Process ID - 2708 Process Identity - NT AUTHORITY\LOCAL SERVICE [11-07-2023 18:34:43] New process found: Process Name - svchost.exe Process ID - 3320 Process Identity - NT AUTHORITY\NETWORK SERVICE [11-07-2023 18:34:43] New process found: Process Name - SMSvcHost.exe Process ID - 3888 Process Identity - NT AUTHORITY\LOCAL SERVICE [11-07-2023 18:34:43] New process found: Process Name - w3wp.exe Process ID - 3968 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [11-07-2023 18:34:43] New process found: Process Name - WmiPrvSE.exe Process ID - 4076 Process Identity - NT AUTHORITY\NETWORK SERVICE [11-07-2023 18:34:43] New process found: Process Name - SMSvcHost.exe Process ID - 4232 Process Identity - NT AUTHORITY\NETWORK SERVICE [11-07-2023 18:34:43] New process found: Process Name - mysqld.exe Process ID - 4280 Process Identity - NT SERVICE\PleskSQLServer [11-07-2023 18:34:43] New process found: Process Name - sqlservr.exe Process ID - 4296 Process Identity - NT SERVICE\MSSQL$MSSQLSERVER2017 [11-07-2023 18:34:43] New process found: Process Name - sqlceip.exe Process ID - 4304 Process Identity - NT SERVICE\SQLTELEMETRY$MSSQLSERVER2017 [11-07-2023 18:34:43] New process found: Process Name - mysqld.exe Process ID - 4316 Process Identity - NT SERVICE\MariaDB103 [11-07-2023 18:34:43] New process found: Process Name - fdlauncher.exe Process ID - 5528 Process Identity - NT SERVICE\MSSQLFDLauncher$MSSQLSERVER2017 [11-07-2023 18:34:43] New process found: Process Name - fdhost.exe Process ID - 5556 Process Identity - NT SERVICE\MSSQLFDLauncher$MSSQLSERVER2017 [11-07-2023 18:34:43] New process found: Process Name - conhost.exe Process ID - 5564 Process Identity - NT SERVICE\MSSQLFDLauncher$MSSQLSERVER2017 [11-07-2023 18:34:43] New process found: Process Name - csrss.exe Process ID - 1900 Process Identity - SYSTEM [11-07-2023 18:34:43] New process found: Process Name - winlogon.exe Process ID - 5332 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 18:34:43] New process found: Process Name - dwm.exe Process ID - 6180 Process Identity - Window Manager\DWM-2 [11-07-2023 18:34:43] New process found: Process Name - rdpclip.exe Process ID - 6660 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 18:34:43] New process found: Process Name - RuntimeBroker.exe Process ID - 6704 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 18:34:43] New process found: Process Name - sihost.exe Process ID - 6856 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 18:34:43] New process found: Process Name - svchost.exe Process ID - 6864 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 18:34:43] New process found: Process Name - taskhostw.exe Process ID - 6892 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 18:34:43] New process found: Process Name - explorer.exe Process ID - 6464 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 18:34:43] New process found: Process Name - WmiPrvSE.exe Process ID - 7284 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 18:34:43] New process found: Process Name - SearchIndexer.exe Process ID - 7344 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 18:34:43] New process found: Process Name - ShellExperienceHost.exe Process ID - 7516 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 18:34:43] New process found: Process Name - SearchUI.exe Process ID - 7648 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 18:34:43] New process found: Process Name - SearchProtocolHost.exe Process ID - 7656 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 18:34:43] New process found: Process Name - SearchFilterHost.exe Process ID - 7684 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 18:34:43] New process found: Process Name - ServerManager.exe Process ID - 8048 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 18:34:43] New process found: Process Name - GoogleCrashHandler.exe Process ID - 7228 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 18:34:43] New process found: Process Name - GoogleCrashHandler64.exe Process ID - 6964 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 18:34:43] New process found: Process Name - dllhost.exe Process ID - 8648 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 18:34:43] New process found: Process Name - w3wp.exe Process ID - 4056 Process Identity - KSHITIJSINGHAL-\IWPD_13(perfectbrea) Web application pool name - perfectbread.com(domain)(4.0)(pool) [11-07-2023 18:34:43] New process found: Process Name - mbamtray.exe Process ID - 9052 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 18:34:43] New process found: Process Name - fontdrvhost.exe Process ID - 7084 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 18:34:43] New process found: Process Name - ComboCleaner.exe Process ID - 6920 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 18:34:43] New process found: Process Name - conhost.exe Process ID - 9240 Process Identity - KSHITIJSINGHAL-\IWPD_13(perfectbrea) [11-07-2023 18:34:43] New process found: Process Name - traymonitor.exe Process ID - 9772 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 18:34:43] New process found: Process Name - METray.exe Process ID - 9804 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 18:34:43] New process found: Process Name - ApplicationFrameHost.exe Process ID - 7156 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 18:34:43] New process found: Process Name - SystemSettings.exe Process ID - 10136 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 18:34:43] New process found: Process Name - dllhost.exe Process ID - 4068 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 18:34:43] New process found: Process Name - DbgSvc.exe Process ID - 588 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 18:34:43] New process found: Process Name - dllhost.exe Process ID - 956 Process Identity - NT AUTHORITY\SYSTEM COM+ package name - System Application [11-07-2023 18:34:43] New process found: Process Name - msdtc.exe Process ID - 1132 Process Identity - NT AUTHORITY\NETWORK SERVICE [11-07-2023 18:34:43] New service found: Service Name - AJRouter Process ID - 0 Current State - SERVICE_STOPPED [11-07-2023 18:34:43] New service found: Service Name - ALG Process ID - 0 Current State - SERVICE_STOPPED [11-07-2023 18:34:43] New service found: Service Name - AppHostSvc Process ID - 1056 Current State - SERVICE_RUNNING [11-07-2023 18:34:43] New service found: Service Name - AppIDSvc Process ID - 0 Current State - SERVICE_STOPPED [11-07-2023 18:34:43] New service found: Service Name - Appinfo Process ID - 0 Current State - SERVICE_STOPPED [11-07-2023 18:34:43] New service found: Service Name - AppMgmt Process ID - 0 Current State - SERVICE_STOPPED [11-07-2023 18:34:43] New service found: Service Name - AppReadiness Process ID - 0 Current State - SERVICE_STOPPED [11-07-2023 18:34:43] New service found: Service Name - AppVClient Process ID - 0 Current State - SERVICE_STOPPED [11-07-2023 18:34:43] New service found: Service Name - AppXSvc Process ID - 0 Current State - SERVICE_STOPPED [11-07-2023 18:34:43] New service found: Service Name - aspnet_state Process ID - 0 Current State - SERVICE_STOPPED [11-07-2023 18:34:43] New service found: Service Name - AudioEndpointBuilder Process ID - 284 Current State - SERVICE_RUNNING [11-07-2023 18:34:43] New service found: Service Name - Audiosrv Process ID - 1600 Current State - SERVICE_RUNNING [11-07-2023 18:34:43] New service found: Service Name - AxInstSV Process ID - 0 Current State - SERVICE_STOPPED [11-07-2023 18:34:43] New service found: Service Name - BFE Process ID - 768 Current State - SERVICE_RUNNING [11-07-2023 18:34:43] New service found: Service Name - BITS Process ID - 0 Current State - SERVICE_STOPPED [11-07-2023 18:34:43] New service found: Service Name - BrokerInfrastructure Process ID - 748 Current State - SERVICE_RUNNING [11-07-2023 18:34:43] New service found: Service Name - Browser Process ID - 0 Current State - SERVICE_STOPPED [11-07-2023 18:34:43] New service found: Service Name - bthserv Process ID - 0 Current State - SERVICE_STOPPED [11-07-2023 18:34:43] New service found: Service Name - CDPSvc Process ID - 1068 Current State - SERVICE_RUNNING [11-07-2023 18:34:43] New service found: Service Name - CertPropSvc Process ID - 1120 Current State - SERVICE_RUNNING [11-07-2023 18:34:43] New service found: Service Name - ClipSVC Process ID - 0 Current State - SERVICE_STOPPED [11-07-2023 18:34:43] New service found: Service Name - ComboCleaner.Guard Process ID - 1488 Current State - SERVICE_RUNNING [11-07-2023 18:34:43] New service found: Service Name - ComboCleaner.WinService Process ID - 1348 Current State - SERVICE_RUNNING [11-07-2023 18:34:43] New service found: Service Name - COMSysApp Process ID - 956 Current State - SERVICE_RUNNING [11-07-2023 18:34:43] New service found: Service Name - CoreMessagingRegistrar Process ID - 768 Current State - SERVICE_RUNNING [11-07-2023 18:34:43] New service found: Service Name - CryptSvc Process ID - 1296 Current State - SERVICE_RUNNING [11-07-2023 18:34:43] New service found: Service Name - CscService Process ID - 0 Current State - SERVICE_STOPPED [11-07-2023 18:34:43] New service found: Service Name - DbgSvc Process ID - 588 Current State - SERVICE_START_PENDING [11-07-2023 18:34:43] New service found: Service Name - DcomLaunch Process ID - 748 Current State - SERVICE_RUNNING [11-07-2023 18:34:43] New service found: Service Name - DcpSvc Process ID - 0 Current State - SERVICE_STOPPED [11-07-2023 18:34:43] New service found: Service Name - defragsvc Process ID - 0 Current State - SERVICE_STOPPED [11-07-2023 18:34:43] New service found: Service Name - DeviceAssociationService Process ID - 0 Current State - SERVICE_STOPPED [11-07-2023 18:34:43] New service found: Service Name - DeviceInstall Process ID - 0 Current State - SERVICE_STOPPED [11-07-2023 18:34:43] New service found: Service Name - DevQueryBroker Process ID - 0 Current State - SERVICE_STOPPED [11-07-2023 18:34:43] New service found: Service Name - Dhcp Process ID - 972 Current State - SERVICE_RUNNING [11-07-2023 18:34:43] New service found: Service Name - diagnosticshub.standardcollector.service Process ID - 0 Current State - SERVICE_STOPPED [11-07-2023 18:34:43] New service found: Service Name - DiagTrack Process ID - 2032 Current State - SERVICE_RUNNING [11-07-2023 18:34:43] New service found: Service Name - DmEnrollmentSvc Process ID - 0 Current State - SERVICE_STOPPED [11-07-2023 18:34:43] New service found: Service Name - dmwappushservice Process ID - 0 Current State - SERVICE_STOPPED [11-07-2023 18:34:43] New service found: Service Name - DNS Process ID - 2040 Current State - SERVICE_RUNNING [11-07-2023 18:34:43] New service found: Service Name - Dnscache Process ID - 1296 Current State - SERVICE_RUNNING [11-07-2023 18:34:43] New service found: Service Name - dot3svc Process ID - 0 Current State - SERVICE_STOPPED [11-07-2023 18:34:43] New service found: Service Name - DPS Process ID - 0 Current State - SERVICE_STOPPED [11-07-2023 18:34:43] New service found: Service Name - DsmSvc Process ID - 0 Current State - SERVICE_STOPPED [11-07-2023 18:34:43] New service found: Service Name - DsSvc Process ID - 0 Current State - SERVICE_STOPPED [11-07-2023 18:34:43] New service found: Service Name - Eaphost Process ID - 0 Current State - SERVICE_STOPPED [11-07-2023 18:34:43] New service found: Service Name - EFS Process ID - 0 Current State - SERVICE_STOPPED [11-07-2023 18:34:43] New service found: Service Name - embeddedmode Process ID - 0 Current State - SERVICE_STOPPED [11-07-2023 18:34:43] New service found: Service Name - EntAppSvc Process ID - 0 Current State - SERVICE_STOPPED [11-07-2023 18:34:43] New service found: Service Name - EventLog Process ID - 972 Current State - SERVICE_RUNNING [11-07-2023 18:34:43] New service found: Service Name - EventSystem Process ID - 1068 Current State - SERVICE_RUNNING [11-07-2023 18:34:43] New service found: Service Name - fdPHost Process ID - 0 Current State - SERVICE_STOPPED [11-07-2023 18:34:43] New service found: Service Name - FDResPub Process ID - 0 Current State - SERVICE_STOPPED [11-07-2023 18:34:43] New service found: Service Name - FontCache Process ID - 1068 Current State - SERVICE_RUNNING [11-07-2023 18:34:43] New service found: Service Name - FontCache3.0.0.0 Process ID - 0 Current State - SERVICE_STOPPED [11-07-2023 18:34:43] New service found: Service Name - FrameServer Process ID - 0 Current State - SERVICE_STOPPED [11-07-2023 18:34:43] New service found: Service Name - ftpsvc Process ID - 1060 Current State - SERVICE_RUNNING [11-07-2023 18:34:43] New service found: Service Name - GoogleChromeElevationService Process ID - 0 Current State - SERVICE_STOPPED [11-07-2023 18:34:43] New service found: Service Name - gpsvc Process ID - 1120 Current State - SERVICE_RUNNING [11-07-2023 18:34:43] New service found: Service Name - gupdate Process ID - 0 Current State - SERVICE_STOPPED [11-07-2023 18:34:43] New service found: Service Name - gupdatem Process ID - 0 Current State - SERVICE_STOPPED [11-07-2023 18:34:43] New service found: Service Name - hidserv Process ID - 0 Current State - SERVICE_STOPPED [11-07-2023 18:34:43] New service found: Service Name - HvHost Process ID - 0 Current State - SERVICE_STOPPED [11-07-2023 18:34:43] New service found: Service Name - icssvc Process ID - 0 Current State - SERVICE_STOPPED [11-07-2023 18:34:43] New service found: Service Name - IKEEXT Process ID - 1120 Current State - SERVICE_RUNNING [11-07-2023 18:34:43] New service found: Service Name - iphlpsvc Process ID - 1120 Current State - SERVICE_RUNNING [11-07-2023 18:34:43] New service found: Service Name - KeyIso Process ID - 648 Current State - SERVICE_RUNNING [11-07-2023 18:34:43] New service found: Service Name - KPSSVC Process ID - 0 Current State - SERVICE_STOPPED [11-07-2023 18:34:43] New service found: Service Name - KtmRm Process ID - 0 Current State - SERVICE_STOPPED [11-07-2023 18:34:43] New service found: Service Name - LanmanServer Process ID - 2200 Current State - SERVICE_RUNNING [11-07-2023 18:34:43] New service found: Service Name - LanmanWorkstation Process ID - 1296 Current State - SERVICE_RUNNING [11-07-2023 18:34:43] New service found: Service Name - lfsvc Process ID - 1120 Current State - SERVICE_RUNNING [11-07-2023 18:34:43] New service found: Service Name - LicenseManager Process ID - 0 Current State - SERVICE_STOPPED [11-07-2023 18:34:43] New service found: Service Name - lltdsvc Process ID - 0 Current State - SERVICE_STOPPED [11-07-2023 18:34:43] New service found: Service Name - lmhosts Process ID - 972 Current State - SERVICE_RUNNING [11-07-2023 18:34:43] New service found: Service Name - LSM Process ID - 748 Current State - SERVICE_RUNNING [11-07-2023 18:34:43] New service found: Service Name - MapsBroker Process ID - 0 Current State - SERVICE_STOPPED [11-07-2023 18:34:43] New service found: Service Name - MariaDB103 Process ID - 4316 Current State - SERVICE_RUNNING [11-07-2023 18:34:43] New service found: Service Name - MBAMService Process ID - 2188 Current State - SERVICE_RUNNING [11-07-2023 18:34:43] New service found: Service Name - MEDMS Process ID - 2108 Current State - SERVICE_RUNNING [11-07-2023 18:34:43] New service found: Service Name - MEIMAPS Process ID - 2132 Current State - SERVICE_RUNNING [11-07-2023 18:34:43] New service found: Service Name - MELCS Process ID - 2124 Current State - SERVICE_RUNNING [11-07-2023 18:34:43] New service found: Service Name - MEMTAS Process ID - 2116 Current State - SERVICE_RUNNING [11-07-2023 18:34:43] New service found: Service Name - MEPOCS Process ID - 2152 Current State - SERVICE_RUNNING [11-07-2023 18:34:43] New service found: Service Name - MEPOPS Process ID - 2144 Current State - SERVICE_RUNNING [11-07-2023 18:34:43] New service found: Service Name - MESMTPCS Process ID - 2160 Current State - SERVICE_RUNNING [11-07-2023 18:34:43] New service found: Service Name - MpsSvc Process ID - 768 Current State - SERVICE_RUNNING [11-07-2023 18:34:43] New service found: Service Name - MsDepSvc Process ID - 2336 Current State - SERVICE_RUNNING [11-07-2023 18:34:43] New service found: Service Name - MSDTC Process ID - 1132 Current State - SERVICE_RUNNING [11-07-2023 18:34:43] New service found: Service Name - MSiSCSI Process ID - 1120 Current State - SERVICE_RUNNING [11-07-2023 18:34:43] New service found: Service Name - msiserver Process ID - 0 Current State - SERVICE_STOPPED [11-07-2023 18:34:43] New service found: Service Name - MSMQ Process ID - 2364 Current State - SERVICE_RUNNING [11-07-2023 18:34:43] New service found: Service Name - MSSQL$MSSQLSERVER2017 Process ID - 4296 Current State - SERVICE_RUNNING [11-07-2023 18:34:43] New service found: Service Name - MSSQLFDLauncher$MSSQLSERVER2017 Process ID - 5528 Current State - SERVICE_RUNNING [11-07-2023 18:34:43] New service found: Service Name - NcaSvc Process ID - 0 Current State - SERVICE_STOPPED [11-07-2023 18:34:43] New service found: Service Name - NcbService Process ID - 284 Current State - SERVICE_RUNNING [11-07-2023 18:34:43] New service found: Service Name - Netlogon Process ID - 0 Current State - SERVICE_STOPPED [11-07-2023 18:34:43] New service found: Service Name - Netman Process ID - 0 Current State - SERVICE_STOPPED [11-07-2023 18:34:43] New service found: Service Name - NetMsmqActivator Process ID - 4232 Current State - SERVICE_RUNNING [11-07-2023 18:34:43] New service found: Service Name - NetPipeActivator Process ID - 3888 Current State - SERVICE_RUNNING [11-07-2023 18:34:43] New service found: Service Name - netprofm Process ID - 1068 Current State - SERVICE_RUNNING [11-07-2023 18:34:43] New service found: Service Name - NetSetupSvc Process ID - 1120 Current State - SERVICE_RUNNING [11-07-2023 18:34:43] New service found: Service Name - NetTcpActivator Process ID - 2444 Current State - SERVICE_RUNNING [11-07-2023 18:34:43] New service found: Service Name - NetTcpPortSharing Process ID - 2444 Current State - SERVICE_RUNNING [11-07-2023 18:34:43] New service found: Service Name - NgcCtnrSvc Process ID - 0 Current State - SERVICE_STOPPED [11-07-2023 18:34:43] New service found: Service Name - NgcSvc Process ID - 0 Current State - SERVICE_STOPPED [11-07-2023 18:34:43] New service found: Service Name - NlaSvc Process ID - 1296 Current State - SERVICE_RUNNING [11-07-2023 18:34:43] New service found: Service Name - nsi Process ID - 1068 Current State - SERVICE_RUNNING [11-07-2023 18:34:43] New service found: Service Name - PcaSvc Process ID - 284 Current State - SERVICE_RUNNING [11-07-2023 18:34:43] New service found: Service Name - PerfHost Process ID - 0 Current State - SERVICE_STOPPED [11-07-2023 18:34:43] New service found: Service Name - PhoneSvc Process ID - 0 Current State - SERVICE_STOPPED [11-07-2023 18:34:43] New service found: Service Name - pla Process ID - 0 Current State - SERVICE_STOPPED [11-07-2023 18:34:43] New service found: Service Name - PleskSQLServer Process ID - 4280 Current State - SERVICE_RUNNING [11-07-2023 18:34:43] New service found: Service Name - plesksrv Process ID - 2520 Current State - SERVICE_RUNNING [11-07-2023 18:34:43] New service found: Service Name - PleskStartup Process ID - 0 Current State - SERVICE_STOPPED [11-07-2023 18:34:43] New service found: Service Name - PleskTaskManager Process ID - 0 Current State - SERVICE_STOPPED [11-07-2023 18:34:43] New service found: Service Name - PleskWebSocket Process ID - 0 Current State - SERVICE_STOPPED [11-07-2023 18:34:43] New service found: Service Name - PlugPlay Process ID - 748 Current State - SERVICE_RUNNING [11-07-2023 18:34:43] New service found: Service Name - PolicyAgent Process ID - 3320 Current State - SERVICE_RUNNING [11-07-2023 18:34:43] New service found: Service Name - PopPassD Process ID - 2528 Current State - SERVICE_RUNNING [11-07-2023 18:34:43] New service found: Service Name - Power Process ID - 748 Current State - SERVICE_RUNNING [11-07-2023 18:34:43] New service found: Service Name - PrintNotify Process ID - 0 Current State - SERVICE_STOPPED [11-07-2023 18:34:43] New service found: Service Name - ProfSvc Process ID - 1120 Current State - SERVICE_RUNNING [11-07-2023 18:34:43] New service found: Service Name - QWAVE Process ID - 0 Current State - SERVICE_STOPPED [11-07-2023 18:34:43] New service found: Service Name - RasAuto Process ID - 0 Current State - SERVICE_STOPPED [11-07-2023 18:34:43] New service found: Service Name - RasMan Process ID - 0 Current State - SERVICE_STOPPED [11-07-2023 18:34:43] New service found: Service Name - RemoteAccess Process ID - 0 Current State - SERVICE_STOPPED [11-07-2023 18:34:43] New service found: Service Name - RemoteRegistry Process ID - 1068 Current State - SERVICE_RUNNING [11-07-2023 18:34:43] New service found: Service Name - RmSvc Process ID - 0 Current State - SERVICE_STOPPED [11-07-2023 18:34:43] New service found: Service Name - RpcEptMapper Process ID - 808 Current State - SERVICE_RUNNING [11-07-2023 18:34:43] New service found: Service Name - RpcLocator Process ID - 0 Current State - SERVICE_STOPPED [11-07-2023 18:34:43] New service found: Service Name - RpcSs Process ID - 808 Current State - SERVICE_RUNNING [11-07-2023 18:34:43] New service found: Service Name - RSoPProv Process ID - 0 Current State - SERVICE_STOPPED [11-07-2023 18:34:43] New service found: Service Name - sacsvr Process ID - 0 Current State - SERVICE_STOPPED [11-07-2023 18:34:43] New service found: Service Name - SamSs Process ID - 648 Current State - SERVICE_RUNNING [11-07-2023 18:34:43] New service found: Service Name - SCardSvr Process ID - 0 Current State - SERVICE_STOPPED [11-07-2023 18:34:43] New service found: Service Name - ScDeviceEnum Process ID - 0 Current State - SERVICE_STOPPED [11-07-2023 18:34:43] New service found: Service Name - Schedule Process ID - 1120 Current State - SERVICE_RUNNING [11-07-2023 18:34:43] New service found: Service Name - SCPolicySvc Process ID - 0 Current State - SERVICE_STOPPED [11-07-2023 18:34:43] New service found: Service Name - seclogon Process ID - 0 Current State - SERVICE_STOPPED [11-07-2023 18:34:43] New service found: Service Name - SENS Process ID - 1120 Current State - SERVICE_RUNNING [11-07-2023 18:34:43] New service found: Service Name - SensorDataService Process ID - 0 Current State - SERVICE_STOPPED [11-07-2023 18:34:43] New service found: Service Name - SensorService Process ID - 0 Current State - SERVICE_STOPPED [11-07-2023 18:34:43] New service found: Service Name - SensrSvc Process ID - 0 Current State - SERVICE_STOPPED [11-07-2023 18:34:43] New service found: Service Name - SessionEnv Process ID - 1120 Current State - SERVICE_RUNNING [11-07-2023 18:34:43] New service found: Service Name - SharedAccess Process ID - 0 Current State - SERVICE_STOPPED [11-07-2023 18:34:43] New service found: Service Name - ShellHWDetection Process ID - 1120 Current State - SERVICE_RUNNING [11-07-2023 18:34:43] New service found: Service Name - smphost Process ID - 0 Current State - SERVICE_STOPPED [11-07-2023 18:34:43] New service found: Service Name - SNMPTRAP Process ID - 0 Current State - SERVICE_STOPPED [11-07-2023 18:34:43] New service found: Service Name - Spooler Process ID - 1980 Current State - SERVICE_RUNNING [11-07-2023 18:34:43] New service found: Service Name - sppsvc Process ID - 0 Current State - SERVICE_STOPPED [11-07-2023 18:34:43] New service found: Service Name - SQLAgent$MSSQLSERVER2017 Process ID - 0 Current State - SERVICE_STOPPED [11-07-2023 18:34:43] New service found: Service Name - SQLBrowser Process ID - 2544 Current State - SERVICE_RUNNING [11-07-2023 18:34:43] New service found: Service Name - SQLTELEMETRY$MSSQLSERVER2017 Process ID - 4304 Current State - SERVICE_RUNNING [11-07-2023 18:34:43] New service found: Service Name - SQLWriter Process ID - 2576 Current State - SERVICE_RUNNING [11-07-2023 18:34:43] New service found: Service Name - SSDPSRV Process ID - 0 Current State - SERVICE_STOPPED [11-07-2023 18:34:43] New service found: Service Name - SstpSvc Process ID - 0 Current State - SERVICE_STOPPED [11-07-2023 18:34:43] New service found: Service Name - StateRepository Process ID - 2612 Current State - SERVICE_RUNNING [11-07-2023 18:34:43] New service found: Service Name - stisvc Process ID - 0 Current State - SERVICE_STOPPED [11-07-2023 18:34:43] New service found: Service Name - StorSvc Process ID - 0 Current State - SERVICE_STOPPED [11-07-2023 18:34:43] New service found: Service Name - svsvc Process ID - 0 Current State - SERVICE_STOPPED [11-07-2023 18:34:43] New service found: Service Name - swprv Process ID - 0 Current State - SERVICE_STOPPED [11-07-2023 18:34:43] New service found: Service Name - SysMain Process ID - 0 Current State - SERVICE_STOPPED [11-07-2023 18:34:43] New service found: Service Name - SystemEventsBroker Process ID - 748 Current State - SERVICE_RUNNING [11-07-2023 18:34:43] New service found: Service Name - TabletInputService Process ID - 0 Current State - SERVICE_STOPPED [11-07-2023 18:34:43] New service found: Service Name - TapiSrv Process ID - 0 Current State - SERVICE_STOPPED [11-07-2023 18:34:43] New service found: Service Name - TermService Process ID - 948 Current State - SERVICE_RUNNING [11-07-2023 18:34:43] New service found: Service Name - Themes Process ID - 1120 Current State - SERVICE_RUNNING [11-07-2023 18:34:43] New service found: Service Name - TieringEngineService Process ID - 0 Current State - SERVICE_STOPPED [11-07-2023 18:34:43] New service found: Service Name - tiledatamodelsvc Process ID - 2612 Current State - SERVICE_RUNNING [11-07-2023 18:34:43] New service found: Service Name - TimeBrokerSvc Process ID - 972 Current State - SERVICE_RUNNING [11-07-2023 18:34:43] New service found: Service Name - TrkWks Process ID - 284 Current State - SERVICE_RUNNING [11-07-2023 18:34:43] New service found: Service Name - TrustedInstaller Process ID - 0 Current State - SERVICE_STOPPED [11-07-2023 18:34:43] New service found: Service Name - tzautoupdate Process ID - 0 Current State - SERVICE_STOPPED [11-07-2023 18:34:43] New service found: Service Name - UALSVC Process ID - 0 Current State - SERVICE_STOPPED [11-07-2023 18:34:43] New service found: Service Name - UevAgentService Process ID - 0 Current State - SERVICE_STOPPED [11-07-2023 18:34:43] New service found: Service Name - UI0Detect Process ID - 0 Current State - SERVICE_STOPPED [11-07-2023 18:34:43] New service found: Service Name - UmRdpService Process ID - 284 Current State - SERVICE_RUNNING [11-07-2023 18:34:43] New service found: Service Name - upnphost Process ID - 0 Current State - SERVICE_STOPPED [11-07-2023 18:34:43] New service found: Service Name - UserManager Process ID - 1120 Current State - SERVICE_RUNNING [11-07-2023 18:34:43] New service found: Service Name - UsoSvc Process ID - 1120 Current State - SERVICE_RUNNING [11-07-2023 18:34:43] New service found: Service Name - VaultSvc Process ID - 0 Current State - SERVICE_STOPPED [11-07-2023 18:34:43] New service found: Service Name - vds Process ID - 0 Current State - SERVICE_STOPPED [11-07-2023 18:34:43] New service found: Service Name - vmicguestinterface Process ID - 0 Current State - SERVICE_STOPPED [11-07-2023 18:34:43] New service found: Service Name - vmicheartbeat Process ID - 0 Current State - SERVICE_STOPPED [11-07-2023 18:34:43] New service found: Service Name - vmickvpexchange Process ID - 0 Current State - SERVICE_STOPPED [11-07-2023 18:34:43] New service found: Service Name - vmicrdv Process ID - 0 Current State - SERVICE_STOPPED [11-07-2023 18:34:43] New service found: Service Name - vmicshutdown Process ID - 0 Current State - SERVICE_STOPPED [11-07-2023 18:34:43] New service found: Service Name - vmictimesync Process ID - 0 Current State - SERVICE_STOPPED [11-07-2023 18:34:43] New service found: Service Name - vmicvmsession Process ID - 0 Current State - SERVICE_STOPPED [11-07-2023 18:34:43] New service found: Service Name - vmicvss Process ID - 0 Current State - SERVICE_STOPPED [11-07-2023 18:34:43] New service found: Service Name - VSS Process ID - 0 Current State - SERVICE_STOPPED [11-07-2023 18:34:43] New service found: Service Name - W32Time Process ID - 1068 Current State - SERVICE_RUNNING [11-07-2023 18:34:43] New service found: Service Name - w3logsvc Process ID - 0 Current State - SERVICE_STOPPED [11-07-2023 18:34:43] New service found: Service Name - W3SVC Process ID - 2348 Current State - SERVICE_RUNNING [11-07-2023 18:34:43] New service found: Service Name - WalletService Process ID - 0 Current State - SERVICE_STOPPED [11-07-2023 18:34:43] New service found: Service Name - WAS Process ID - 2348 Current State - SERVICE_RUNNING [11-07-2023 18:34:43] New service found: Service Name - WbioSrvc Process ID - 1720 Current State - SERVICE_RUNNING [11-07-2023 18:34:43] New service found: Service Name - Wcmsvc Process ID - 1308 Current State - SERVICE_RUNNING [11-07-2023 18:34:43] New service found: Service Name - WdiServiceHost Process ID - 0 Current State - SERVICE_STOPPED [11-07-2023 18:34:43] New service found: Service Name - WdiSystemHost Process ID - 0 Current State - SERVICE_STOPPED [11-07-2023 18:34:43] New service found: Service Name - WdNisSvc Process ID - 0 Current State - SERVICE_STOPPED [11-07-2023 18:34:43] New service found: Service Name - Wecsvc Process ID - 0 Current State - SERVICE_STOPPED [11-07-2023 18:34:43] New service found: Service Name - WEPHOSTSVC Process ID - 0 Current State - SERVICE_STOPPED [11-07-2023 18:34:43] New service found: Service Name - wercplsupport Process ID - 0 Current State - SERVICE_STOPPED [11-07-2023 18:34:43] New service found: Service Name - WerSvc Process ID - 0 Current State - SERVICE_STOPPED [11-07-2023 18:34:43] New service found: Service Name - WiaRpc Process ID - 0 Current State - SERVICE_STOPPED [11-07-2023 18:34:43] New service found: Service Name - WinDefend Process ID - 2628 Current State - SERVICE_RUNNING [11-07-2023 18:34:43] New service found: Service Name - WinHttpAutoProxySvc Process ID - 1068 Current State - SERVICE_RUNNING [11-07-2023 18:34:43] New service found: Service Name - Winmgmt Process ID - 1120 Current State - SERVICE_RUNNING [11-07-2023 18:34:43] New service found: Service Name - WinRM Process ID - 1296 Current State - SERVICE_RUNNING [11-07-2023 18:34:43] New service found: Service Name - wisvc Process ID - 0 Current State - SERVICE_STOPPED [11-07-2023 18:34:43] New service found: Service Name - wlidsvc Process ID - 0 Current State - SERVICE_STOPPED [11-07-2023 18:34:43] New service found: Service Name - wmiApSrv Process ID - 0 Current State - SERVICE_STOPPED [11-07-2023 18:34:43] New service found: Service Name - WMSVC Process ID - 2708 Current State - SERVICE_RUNNING [11-07-2023 18:34:43] New service found: Service Name - WPDBusEnum Process ID - 284 Current State - SERVICE_RUNNING [11-07-2023 18:34:43] New service found: Service Name - WpnService Process ID - 1120 Current State - SERVICE_RUNNING [11-07-2023 18:34:43] New service found: Service Name - WSearch Process ID - 7344 Current State - SERVICE_RUNNING [11-07-2023 18:34:43] New service found: Service Name - wuauserv Process ID - 1120 Current State - SERVICE_RUNNING [11-07-2023 18:34:43] New service found: Service Name - wudfsvc Process ID - 284 Current State - SERVICE_RUNNING [11-07-2023 18:34:43] New service found: Service Name - XblAuthManager Process ID - 0 Current State - SERVICE_STOPPED [11-07-2023 18:34:43] New service found: Service Name - XblGameSave Process ID - 0 Current State - SERVICE_STOPPED [11-07-2023 18:34:43] New service found: Service Name - CDPUserSvc_4e18e Process ID - 6864 Current State - SERVICE_RUNNING [11-07-2023 18:34:43] New service found: Service Name - OneSyncSvc_4e18e Process ID - 0 Current State - SERVICE_STOPPED [11-07-2023 18:34:43] New service found: Service Name - PimIndexMaintenanceSvc_4e18e Process ID - 0 Current State - SERVICE_STOPPED [11-07-2023 18:34:43] New service found: Service Name - UnistoreSvc_4e18e Process ID - 0 Current State - SERVICE_STOPPED [11-07-2023 18:34:43] New service found: Service Name - UserDataSvc_4e18e Process ID - 0 Current State - SERVICE_STOPPED [11-07-2023 18:34:43] New service found: Service Name - WpnUserService_4e18e Process ID - 0 Current State - SERVICE_STOPPED [11-07-2023 18:34:44] New process found: Process Name - svchost.exe Process ID - 2812 Process Identity - NT AUTHORITY\NETWORK SERVICE [11-07-2023 18:34:44] New process found: Process Name - pleskstartup.exe Process ID - 3376 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 18:34:44] New process found: Process Name - conhost.exe Process ID - 3988 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 18:34:44] New process found: Process Name - pleskstartuphandler.exe Process ID - 4340 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 18:34:44] Service state changed: Service Name - DbgSvc Process ID - 588 Current State - SERVICE_RUNNING [11-07-2023 18:34:44] Service state changed: Service Name - DPS Process ID - 768 Current State - SERVICE_RUNNING [11-07-2023 18:34:44] Service state changed: Service Name - MapsBroker Process ID - 2812 Current State - SERVICE_RUNNING [11-07-2023 18:34:44] Service state changed: Service Name - PleskStartup Process ID - 3376 Current State - SERVICE_START_PENDING [11-07-2023 18:34:44] Service state changed: Service Name - WdiSystemHost Process ID - 284 Current State - SERVICE_RUNNING [11-07-2023 18:34:46] New process found: Process Name - dllhost.exe Process ID - 6232 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 18:34:46] New process found: Process Name - nssm.exe Process ID - 6872 Process Identity - NT SERVICE\PleskTaskManager [11-07-2023 18:34:46] Process Exited: Process Name - pleskstartup.exe Process ID - 3376 [11-07-2023 18:34:46] Process Exited: Process Name - conhost.exe Process ID - 3988 [11-07-2023 18:34:46] Process Exited: Process Name - pleskstartuphandler.exe Process ID - 4340 [11-07-2023 18:34:46] Service state changed: Service Name - PleskStartup Process ID - 0 Current State - SERVICE_STOPPED [11-07-2023 18:34:46] Service state changed: Service Name - PleskTaskManager Process ID - 6872 Current State - SERVICE_START_PENDING [11-07-2023 18:34:47] New process found: Process Name - task-manager.exe Process ID - 9404 Process Identity - NT SERVICE\PleskTaskManager [11-07-2023 18:34:47] New process found: Process Name - conhost.exe Process ID - 9140 Process Identity - NT SERVICE\PleskTaskManager [11-07-2023 18:34:47] Process Exited: Process Name - SearchProtocolHost.exe Process ID - 7656 [11-07-2023 18:34:47] Process Exited: Process Name - SearchFilterHost.exe Process ID - 7684 [11-07-2023 18:34:47] Service state changed: Service Name - VaultSvc Process ID - 648 Current State - SERVICE_RUNNING [11-07-2023 18:34:47] Service state changed: Service Name - WPDBusEnum Process ID - 0 Current State - SERVICE_STOPPED [11-07-2023 18:34:47] Service state changed: Service Name - OneSyncSvc_4e18e Process ID - 6864 Current State - SERVICE_RUNNING [11-07-2023 18:34:49] New process found: Process Name - nssm.exe Process ID - 9520 Process Identity - NT SERVICE\PleskWebSocket [11-07-2023 18:34:49] New process found: Process Name - php.exe Process ID - 9812 Process Identity - NT SERVICE\PleskWebSocket [11-07-2023 18:34:49] New process found: Process Name - conhost.exe Process ID - 516 Process Identity - NT SERVICE\PleskWebSocket [11-07-2023 18:34:49] Service state changed: Service Name - PleskTaskManager Process ID - 6872 Current State - SERVICE_RUNNING [11-07-2023 18:34:49] Service state changed: Service Name - PleskWebSocket Process ID - 9520 Current State - SERVICE_START_PENDING [11-07-2023 18:34:50] New process found: Process Name - sppsvc.exe Process ID - 5664 Process Identity - SYSTEM [11-07-2023 18:34:50] Process Exited: Process Name - dllhost.exe Process ID - 4068 [11-07-2023 18:34:50] Service state changed: Service Name - PleskWebSocket Process ID - 9520 Current State - SERVICE_RUNNING [11-07-2023 18:34:50] Service state changed: Service Name - sppsvc Process ID - 5664 Current State - SERVICE_RUNNING [11-07-2023 18:34:50] Service state changed: Service Name - UALSVC Process ID - 284 Current State - SERVICE_START_PENDING [11-07-2023 18:34:54] New process found: Process Name - ndp48-web.exe Process ID - 9604 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 18:34:54] Process Exited: Process Name - svchost.exe Process ID - 2812 [11-07-2023 18:34:54] Process Exited: Process Name - dllhost.exe Process ID - 6232 [11-07-2023 18:34:54] Service state changed: Service Name - MapsBroker Process ID - 0 Current State - SERVICE_STOPPED [11-07-2023 18:34:56] New process found: Process Name - Setup.exe Process ID - 6900 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 18:35:07] Service state changed: Service Name - UALSVC Process ID - 284 Current State - SERVICE_RUNNING [11-07-2023 18:35:18] Process Exited: Process Name - Setup.exe Process ID - 6900 [11-07-2023 18:35:18] Process Exited: Process Name - ndp48-web.exe Process ID - 9604 [11-07-2023 18:35:21] Process Exited: Process Name - sppsvc.exe Process ID - 5664 [11-07-2023 18:35:21] Service state changed: Service Name - sppsvc Process ID - 0 Current State - SERVICE_STOPPED [11-07-2023 18:35:34] New process found: Process Name - dllhost.exe Process ID - 2372 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 18:35:40] New process found: Process Name - chrome.exe Process ID - 4332 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 18:35:40] New process found: Process Name - chrome.exe Process ID - 3952 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 18:35:40] New process found: Process Name - chrome.exe Process ID - 6296 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 18:35:40] New process found: Process Name - chrome.exe Process ID - 9784 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 18:35:40] New process found: Process Name - chrome.exe Process ID - 9716 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 18:35:40] New process found: Process Name - chrome.exe Process ID - 1624 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 18:35:40] New process found: Process Name - chrome.exe Process ID - 6236 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 18:35:40] Service state changed: Service Name - NetSetupSvc Process ID - 0 Current State - SERVICE_STOPPED [11-07-2023 18:35:42] New process found: Process Name - chrome.exe Process ID - 8248 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 18:35:42] New process found: Process Name - chrome.exe Process ID - 9848 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 18:35:44] New process found: Process Name - chrome.exe Process ID - 1336 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 18:35:45] Process Exited: Process Name - dllhost.exe Process ID - 2372 [11-07-2023 18:35:47] New process found: Process Name - chrome.exe Process ID - 7828 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 18:35:47] Process Exited: Process Name - chrome.exe Process ID - 1624 [11-07-2023 18:35:47] Process Exited: Process Name - chrome.exe Process ID - 8248 [11-07-2023 18:35:50] New process found: Process Name - chrome.exe Process ID - 3992 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 18:35:51] New process found: Process Name - chrome.exe Process ID - 108 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 18:35:51] New process found: Process Name - chrome.exe Process ID - 9372 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 18:35:52] New process found: Process Name - chrome.exe Process ID - 9988 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 18:35:53] Process Exited: Process Name - svchost.exe Process ID - 1720 [11-07-2023 18:35:53] Service state changed: Service Name - WbioSrvc Process ID - 0 Current State - SERVICE_STOPPED [11-07-2023 18:35:54] Process Exited: Process Name - chrome.exe Process ID - 108 [11-07-2023 18:35:54] Process Exited: Process Name - chrome.exe Process ID - 3992 [11-07-2023 18:35:54] Process Exited: Process Name - chrome.exe Process ID - 9372 [11-07-2023 18:35:57] New process found: Process Name - w3wp.exe Process ID - 2744 Process Identity - KSHITIJSINGHAL-\IWPD_74(suryafla_aw) Web application pool name - suryaflame.com(domain)(4.0)(pool) [11-07-2023 18:35:57] New process found: Process Name - conhost.exe Process ID - 5584 Process Identity - KSHITIJSINGHAL-\IWPD_74(suryafla_aw) [11-07-2023 18:35:58] New process found: Process Name - chrome.exe Process ID - 8764 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 18:35:59] New process found: Process Name - SearchProtocolHost.exe Process ID - 6672 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 18:35:59] New process found: Process Name - SearchFilterHost.exe Process ID - 8244 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 18:35:59] New process found: Process Name - chrome.exe Process ID - 6668 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 18:35:59] New process found: Process Name - chrome.exe Process ID - 108 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 18:35:59] Process Exited: Process Name - chrome.exe Process ID - 9988 [11-07-2023 18:36:00] Process Exited: Process Name - chrome.exe Process ID - 108 [11-07-2023 18:36:00] Process Exited: Process Name - chrome.exe Process ID - 6668 [11-07-2023 18:36:06] New process found: Process Name - chrome.exe Process ID - 10004 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 18:36:06] New process found: Process Name - chrome.exe Process ID - 6948 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 18:36:10] Process Exited: Process Name - chrome.exe Process ID - 7828 [11-07-2023 18:36:10] Process Exited: Process Name - chrome.exe Process ID - 8764 [11-07-2023 18:36:10] Process Exited: Process Name - chrome.exe Process ID - 10004 [11-07-2023 18:36:15] New process found: Process Name - chrome.exe Process ID - 10140 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 18:36:15] New process found: Process Name - chrome.exe Process ID - 5460 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 18:36:17] New process found: Process Name - chrome.exe Process ID - 9752 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 18:36:17] Process Exited: Process Name - chrome.exe Process ID - 5460 [11-07-2023 18:36:22] New process found: Process Name - chrome.exe Process ID - 996 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 18:36:23] New process found: Process Name - chrome.exe Process ID - 9228 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 18:36:23] New process found: Process Name - chrome.exe Process ID - 5928 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 18:36:23] New process found: Process Name - chrome.exe Process ID - 1776 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 18:36:23] New process found: Process Name - chrome.exe Process ID - 10264 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 18:36:23] New process found: Process Name - chrome.exe Process ID - 10272 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 18:36:23] New process found: Process Name - chrome.exe Process ID - 10280 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 18:36:23] New process found: Process Name - chrome.exe Process ID - 10432 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 18:36:23] New process found: Process Name - chrome.exe Process ID - 10488 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 18:36:25] New process found: Process Name - chrome.exe Process ID - 10556 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 18:36:25] New process found: Process Name - chrome.exe Process ID - 10624 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 18:36:25] Process Exited: Process Name - chrome.exe Process ID - 10264 [11-07-2023 18:36:27] New process found: Process Name - chrome.exe Process ID - 10684 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 18:36:27] New process found: Process Name - chrome.exe Process ID - 10692 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 18:36:27] New process found: Process Name - chrome.exe Process ID - 10700 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 18:36:27] New process found: Process Name - chrome.exe Process ID - 10716 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 18:36:28] New process found: Process Name - chrome.exe Process ID - 10980 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 18:36:28] New process found: Process Name - chrome.exe Process ID - 10988 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 18:36:28] New process found: Process Name - chrome.exe Process ID - 11000 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 18:36:28] New process found: Process Name - chrome.exe Process ID - 11008 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 18:36:28] New process found: Process Name - chrome.exe Process ID - 11020 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 18:36:28] New process found: Process Name - chrome.exe Process ID - 11076 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 18:36:28] New process found: Process Name - chrome.exe Process ID - 11096 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 18:36:28] New process found: Process Name - chrome.exe Process ID - 11200 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 18:36:28] New process found: Process Name - chrome.exe Process ID - 11236 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 18:36:28] New process found: Process Name - chrome.exe Process ID - 10332 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 18:36:28] New process found: Process Name - chrome.exe Process ID - 10264 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 18:36:28] New process found: Process Name - chrome.exe Process ID - 10896 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 18:36:28] New process found: Process Name - chrome.exe Process ID - 9856 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 18:36:28] New process found: Process Name - chrome.exe Process ID - 11452 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 18:36:28] Process Exited: Process Name - chrome.exe Process ID - 996 [11-07-2023 18:36:28] Process Exited: Process Name - chrome.exe Process ID - 10692 [11-07-2023 18:36:28] Process Exited: Process Name - chrome.exe Process ID - 10700 [11-07-2023 18:36:29] Process Exited: Process Name - chrome.exe Process ID - 11000 [11-07-2023 18:36:29] Process Exited: Process Name - chrome.exe Process ID - 11008 [11-07-2023 18:36:30] New process found: Process Name - chrome.exe Process ID - 11524 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 18:36:30] New process found: Process Name - chrome.exe Process ID - 11536 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 18:36:30] New process found: Process Name - chrome.exe Process ID - 11544 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 18:36:30] New process found: Process Name - chrome.exe Process ID - 11552 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 18:36:30] New process found: Process Name - chrome.exe Process ID - 11568 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 18:36:30] New process found: Process Name - chrome.exe Process ID - 11628 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 18:36:30] New process found: Process Name - chrome.exe Process ID - 11684 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 18:36:30] New process found: Process Name - chrome.exe Process ID - 11704 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 18:36:30] New process found: Process Name - chrome.exe Process ID - 11792 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 18:36:30] New process found: Process Name - chrome.exe Process ID - 11868 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 18:36:30] Process Exited: Process Name - chrome.exe Process ID - 10980 [11-07-2023 18:36:31] New process found: Process Name - chrome.exe Process ID - 11972 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 18:36:31] New process found: Process Name - chrome.exe Process ID - 12100 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 18:36:31] New process found: Process Name - chrome.exe Process ID - 12108 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 18:36:31] New process found: Process Name - chrome.exe Process ID - 12116 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 18:36:31] New process found: Process Name - chrome.exe Process ID - 12124 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 18:36:31] New process found: Process Name - chrome.exe Process ID - 12132 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 18:36:31] New process found: Process Name - chrome.exe Process ID - 12188 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 18:36:31] New process found: Process Name - chrome.exe Process ID - 12200 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 18:36:31] New process found: Process Name - chrome.exe Process ID - 12252 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 18:36:31] New process found: Process Name - chrome.exe Process ID - 11196 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 18:36:31] Process Exited: Process Name - chrome.exe Process ID - 10684 [11-07-2023 18:36:31] Process Exited: Process Name - chrome.exe Process ID - 11524 [11-07-2023 18:36:31] Process Exited: Process Name - chrome.exe Process ID - 11536 [11-07-2023 18:36:31] Process Exited: Process Name - chrome.exe Process ID - 11544 [11-07-2023 18:36:31] Process Exited: Process Name - chrome.exe Process ID - 11552 [11-07-2023 18:36:31] Process Exited: Process Name - chrome.exe Process ID - 11568 [11-07-2023 18:36:31] Process Exited: Process Name - chrome.exe Process ID - 11628 [11-07-2023 18:36:31] Process Exited: Process Name - chrome.exe Process ID - 11684 [11-07-2023 18:36:31] Process Exited: Process Name - chrome.exe Process ID - 11704 [11-07-2023 18:36:31] Process Exited: Process Name - chrome.exe Process ID - 11792 [11-07-2023 18:36:31] Process Exited: Process Name - chrome.exe Process ID - 11868 [11-07-2023 18:36:32] Process Exited: Process Name - chrome.exe Process ID - 12100 [11-07-2023 18:36:32] Process Exited: Process Name - chrome.exe Process ID - 12188 [11-07-2023 18:36:32] Process Exited: Process Name - chrome.exe Process ID - 12200 [11-07-2023 18:36:33] Process Exited: Process Name - chrome.exe Process ID - 12252 [11-07-2023 18:36:35] New process found: Process Name - WMIADAP.exe Process ID - 12024 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 18:36:40] New process found: Process Name - chrome.exe Process ID - 11612 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 18:36:40] New process found: Process Name - chrome.exe Process ID - 11528 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 18:36:41] Process Exited: Process Name - chrome.exe Process ID - 11528 [11-07-2023 18:36:41] Process Exited: Process Name - chrome.exe Process ID - 11612 [11-07-2023 18:36:46] New process found: Process Name - w3wp.exe Process ID - 11676 Process Identity - IIS APPPOOL\DefaultAppPool Web application pool name - DefaultAppPool [11-07-2023 18:36:51] New process found: Process Name - chrome.exe Process ID - 11840 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 18:36:51] New process found: Process Name - chrome.exe Process ID - 11848 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 18:36:51] New process found: Process Name - chrome.exe Process ID - 11860 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 18:36:51] New process found: Process Name - chrome.exe Process ID - 11820 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 18:36:51] New process found: Process Name - chrome.exe Process ID - 11040 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 18:36:52] New process found: Process Name - chrome.exe Process ID - 12204 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 18:36:52] New process found: Process Name - chrome.exe Process ID - 11032 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 18:36:52] Process Exited: Process Name - chrome.exe Process ID - 11196 [11-07-2023 18:36:53] New process found: Process Name - chrome.exe Process ID - 12036 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 18:36:53] Process Exited: Process Name - chrome.exe Process ID - 11040 [11-07-2023 18:36:53] Process Exited: Process Name - chrome.exe Process ID - 12204 [11-07-2023 18:36:57] New process found: Process Name - chrome.exe Process ID - 11640 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 18:36:58] Process Exited: Process Name - chrome.exe Process ID - 11820 [11-07-2023 18:37:00] New process found: Process Name - ndp48-x86-x64-allos-enu.exe Process ID - 11980 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 18:37:05] Process Exited: Process Name - chrome.exe Process ID - 11640 [11-07-2023 18:37:15] New process found: Process Name - dllhost.exe Process ID - 2636 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 18:37:18] New process found: Process Name - dllhost.exe Process ID - 7636 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 18:37:23] Process Exited: Process Name - dllhost.exe Process ID - 2636 [11-07-2023 18:37:23] Process Exited: Process Name - dllhost.exe Process ID - 7636 [11-07-2023 18:37:31] New process found: Process Name - chrome.exe Process ID - 12356 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 18:37:32] Process Exited: Process Name - chrome.exe Process ID - 12036 [11-07-2023 18:37:39] New process found: Process Name - Setup.exe Process ID - 12544 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 18:37:44] New process found: Process Name - chrome.exe Process ID - 12688 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 18:37:46] New process found: Process Name - chrome.exe Process ID - 12752 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 18:37:46] Process Exited: Process Name - chrome.exe Process ID - 12356 [11-07-2023 18:38:33] New process found: Process Name - dllhost.exe Process ID - 13104 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 18:38:39] Process Exited: Process Name - dllhost.exe Process ID - 13104 [11-07-2023 18:38:43] New process found: Process Name - dllhost.exe Process ID - 13260 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 18:38:43] New process found: Process Name - control.exe Process ID - 13300 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 18:38:43] New process found: Process Name - dllhost.exe Process ID - 12172 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 18:38:45] Process Exited: Process Name - control.exe Process ID - 13300 [11-07-2023 18:38:47] Process Exited: Process Name - SearchProtocolHost.exe Process ID - 6672 [11-07-2023 18:38:47] Process Exited: Process Name - SearchFilterHost.exe Process ID - 8244 [11-07-2023 18:38:48] Process Exited: Process Name - dllhost.exe Process ID - 12172 [11-07-2023 18:38:48] Process Exited: Process Name - dllhost.exe Process ID - 13260 [11-07-2023 18:39:13] Process Exited: Process Name - WMIADAP.exe Process ID - 12024 [11-07-2023 18:40:13] Process Exited: Process Name - ndp48-x86-x64-allos-enu.exe Process ID - 11980 [11-07-2023 18:40:13] Process Exited: Process Name - Setup.exe Process ID - 12544 [11-07-2023 18:40:18] New process found: Process Name - w3wp.exe Process ID - 12828 Process Identity - KSHITIJSINGHAL-\IWPD_33(acwits) Web application pool name - procurementwebnew.acwits.in(domain)(4.0)(pool) [11-07-2023 18:40:18] New process found: Process Name - where.exe Process ID - 11684 Process Identity - KSHITIJSINGHAL-\IWPD_33(acwits) [11-07-2023 18:40:18] New process found: Process Name - conhost.exe Process ID - 12912 Process Identity - KSHITIJSINGHAL-\IWPD_33(acwits) [11-07-2023 18:40:19] New process found: Process Name - conhost.exe Process ID - 12940 Process Identity - KSHITIJSINGHAL-\IWPD_33(acwits) [11-07-2023 18:40:19] Process Exited: Process Name - where.exe Process ID - 11684 [11-07-2023 18:40:19] Process Exited: Process Name - conhost.exe Process ID - 12912 [11-07-2023 18:40:38] New process found: Process Name - w3wp.exe Process ID - 13204 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [11-07-2023 18:40:38] Process Exited: Process Name - w3wp.exe Process ID - 3968 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [11-07-2023 18:41:31] New process found: Process Name - WmiPrvSE.exe Process ID - 4928 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 18:41:50] New process found: Process Name - msiexec.exe Process ID - 12984 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 18:41:50] New process found: Process Name - msiexec.exe Process ID - 12832 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 18:41:50] Service state changed: Service Name - msiserver Process ID - 12984 Current State - SERVICE_RUNNING [11-07-2023 18:41:57] Process Exited: Process Name - msiexec.exe Process ID - 12832 [11-07-2023 18:41:59] New process found: Process Name - msiexec.exe Process ID - 13020 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 18:42:00] Process Exited: Process Name - sqlwriter.exe Process ID - 2576 [11-07-2023 18:42:00] Service state changed: Service Name - SQLWriter Process ID - 0 Current State - SERVICE_STOPPED [11-07-2023 18:42:01] New process found: Process Name - sqlwriter.exe Process ID - 13068 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 18:42:01] Service state changed: Service Name - SQLWriter Process ID - 13068 Current State - SERVICE_RUNNING [11-07-2023 18:42:02] Process Exited: Process Name - msiexec.exe Process ID - 13020 [11-07-2023 18:42:10] New process found: Process Name - TrustedInstaller.exe Process ID - 9196 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 18:42:10] New process found: Process Name - TiWorker.exe Process ID - 13192 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 18:42:10] Service state changed: Service Name - TrustedInstaller Process ID - 9196 Current State - SERVICE_RUNNING [11-07-2023 18:42:11] New process found: Process Name - dllhost.exe Process ID - 11684 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 18:42:16] Process Exited: Process Name - dllhost.exe Process ID - 11684 [11-07-2023 18:42:29] Process Exited: Process Name - chrome.exe Process ID - 1336 [11-07-2023 18:42:31] Process Exited: Process Name - WmiPrvSE.exe Process ID - 7284 [11-07-2023 18:42:42] Service state changed: Service Name - RemoteRegistry Process ID - 0 Current State - SERVICE_STOPPED [11-07-2023 18:42:48] Process Exited: Process Name - w3wp.exe Process ID - 11676 Web application pool name - DefaultAppPool [11-07-2023 18:42:56] New process found: Process Name - WmiPrvSE.exe Process ID - 1428 Process Identity - NT AUTHORITY\LOCAL SERVICE [11-07-2023 18:42:56] Service state changed: Service Name - wuauserv Process ID - 0 Current State - SERVICE_STOPPED [11-07-2023 18:42:58] New process found: Process Name - ndp48-x86-x64-allos-enu.exe Process ID - 12188 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 18:43:03] New process found: Process Name - SearchProtocolHost.exe Process ID - 12396 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 18:43:03] New process found: Process Name - SearchFilterHost.exe Process ID - 12860 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 18:43:35] New process found: Process Name - Setup.exe Process ID - 12892 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 18:43:57] Process Exited: Process Name - w3wp.exe Process ID - 4056 Web application pool name - perfectbread.com(domain)(4.0)(pool) [11-07-2023 18:43:57] Process Exited: Process Name - conhost.exe Process ID - 9240 [11-07-2023 18:44:13] Process Exited: Process Name - TrustedInstaller.exe Process ID - 9196 [11-07-2023 18:44:13] Process Exited: Process Name - TiWorker.exe Process ID - 13192 [11-07-2023 18:44:13] Service state changed: Service Name - TrustedInstaller Process ID - 0 Current State - SERVICE_STOPPED [11-07-2023 18:44:26] Process Exited: Process Name - WmiPrvSE.exe Process ID - 1428 [11-07-2023 18:44:26] Process Exited: Process Name - WmiPrvSE.exe Process ID - 4928 [11-07-2023 18:44:47] Process Exited: Process Name - SearchProtocolHost.exe Process ID - 12396 [11-07-2023 18:44:47] Process Exited: Process Name - SearchFilterHost.exe Process ID - 12860 [11-07-2023 18:45:20] New process found: Process Name - assistant.exe Process ID - 9348 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 18:45:20] New process found: Process Name - mbam.exe Process ID - 9332 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 18:45:26] Process Exited: Process Name - assistant.exe Process ID - 9348 [11-07-2023 18:45:32] New process found: Process Name - ndp48-x86-x64-allos-enu.exe Process ID - 5672 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 18:45:32] New process found: Process Name - ndp48-x86-x64-allos-enu.exe Process ID - 10172 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 18:45:36] New process found: Process Name - w3wp.exe Process ID - 3488 Process Identity - IIS APPPOOL\kdbps.edu.in Web application pool name - kdbps.edu.in [11-07-2023 18:45:36] New process found: Process Name - conhost.exe Process ID - 12572 Process Identity - IIS APPPOOL\kdbps.edu.in [11-07-2023 18:45:39] New process found: Process Name - w3wp.exe Process ID - 8204 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [11-07-2023 18:45:39] Process Exited: Process Name - w3wp.exe Process ID - 13204 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [11-07-2023 18:45:40] Process Exited: Process Name - ndp48-x86-x64-allos-enu.exe Process ID - 10172 [11-07-2023 18:46:07] New process found: Process Name - Setup.exe Process ID - 13300 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 18:46:41] Process Exited: Process Name - dllhost.exe Process ID - 8648 [11-07-2023 18:46:42] New process found: Process Name - ndp48-x86-x64-allos-enu.exe Process ID - 2008 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 18:46:50] New process found: Process Name - dllhost.exe Process ID - 11532 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 18:46:50] New process found: Process Name - dllhost.exe Process ID - 12024 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 18:47:02] Process Exited: Process Name - msiexec.exe Process ID - 12984 [11-07-2023 18:47:02] Service state changed: Service Name - msiserver Process ID - 0 Current State - SERVICE_STOPPED [11-07-2023 18:47:08] Process Exited: Process Name - dllhost.exe Process ID - 11532 [11-07-2023 18:47:17] New process found: Process Name - Setup.exe Process ID - 12984 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 18:47:20] Process Exited: Process Name - w3wp.exe Process ID - 12828 Web application pool name - procurementwebnew.acwits.in(domain)(4.0)(pool) [11-07-2023 18:47:20] Process Exited: Process Name - conhost.exe Process ID - 12940 [11-07-2023 18:47:24] Process Exited: Process Name - mbam.exe Process ID - 9332 [11-07-2023 18:47:37] New process found: Process Name - assistant.exe Process ID - 4940 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 18:47:37] New process found: Process Name - mbam.exe Process ID - 8300 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 18:47:42] Process Exited: Process Name - assistant.exe Process ID - 4940 [11-07-2023 18:47:46] New process found: Process Name - w3wp.exe Process ID - 12532 Process Identity - KSHITIJSINGHAL-\IWPD_33(acwits) Web application pool name - procurementwebnew.acwits.in(domain)(4.0)(pool) [11-07-2023 18:47:47] New process found: Process Name - conhost.exe Process ID - 96 Process Identity - KSHITIJSINGHAL-\IWPD_33(acwits) [11-07-2023 18:47:56] Process Exited: Process Name - ndp48-x86-x64-allos-enu.exe Process ID - 5672 [11-07-2023 18:47:56] Process Exited: Process Name - Setup.exe Process ID - 13300 [11-07-2023 18:48:13] New process found: Process Name - dllhost.exe Process ID - 11532 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 18:48:13] Process Exited: Process Name - mbam.exe Process ID - 8300 [11-07-2023 18:48:23] New process found: Process Name - dllhost.exe Process ID - 9320 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 18:48:23] Process Exited: Process Name - dllhost.exe Process ID - 11532 [11-07-2023 18:48:24] New process found: Process Name - dllhost.exe Process ID - 11796 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 18:48:28] Process Exited: Process Name - dllhost.exe Process ID - 9320 [11-07-2023 18:48:29] Process Exited: Process Name - dllhost.exe Process ID - 11796 [11-07-2023 18:49:56] New process found: Process Name - w3wp.exe Process ID - 12916 Process Identity - IIS APPPOOL\PleskControlPanel Web application pool name - PleskControlPanel [11-07-2023 18:49:56] New process found: Process Name - php-cgi.exe Process ID - 12432 Process Identity - IIS APPPOOL\PleskControlPanel [11-07-2023 18:50:14] New process found: Process Name - php-cgi.exe Process ID - 13208 Process Identity - IIS APPPOOL\PleskControlPanel [11-07-2023 18:50:41] New process found: Process Name - w3wp.exe Process ID - 12392 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [11-07-2023 18:50:41] Process Exited: Process Name - w3wp.exe Process ID - 8204 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [11-07-2023 18:52:57] New process found: Process Name - WmiPrvSE.exe Process ID - 2664 Process Identity - NT AUTHORITY\LOCAL SERVICE [11-07-2023 18:53:04] New process found: Process Name - WmiPrvSE.exe Process ID - 3032 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 18:53:29] New process found: Process Name - taskhostw.exe Process ID - 7924 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 18:53:29] New process found: Process Name - ngentask.exe Process ID - 6148 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 18:53:29] New process found: Process Name - conhost.exe Process ID - 6192 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 18:53:29] New process found: Process Name - ngen.exe Process ID - 2692 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 18:53:32] New process found: Process Name - mscorsvw.exe Process ID - 8336 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 18:53:34] New process found: Process Name - mscorsvw.exe Process ID - 3652 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 18:53:34] Process Exited: Process Name - mscorsvw.exe Process ID - 8336 [11-07-2023 18:53:35] New process found: Process Name - mscorsvw.exe Process ID - 2088 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 18:53:35] Process Exited: Process Name - mscorsvw.exe Process ID - 3652 [11-07-2023 18:53:40] New process found: Process Name - mscorsvw.exe Process ID - 8032 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 18:53:40] Process Exited: Process Name - mscorsvw.exe Process ID - 2088 [11-07-2023 18:53:42] New process found: Process Name - mscorsvw.exe Process ID - 2660 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 18:53:42] Process Exited: Process Name - mscorsvw.exe Process ID - 8032 [11-07-2023 18:53:43] New process found: Process Name - mscorsvw.exe Process ID - 3652 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 18:53:43] Process Exited: Process Name - mscorsvw.exe Process ID - 2660 [11-07-2023 18:53:45] New process found: Process Name - mscorsvw.exe Process ID - 5488 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 18:53:45] Process Exited: Process Name - mscorsvw.exe Process ID - 3652 [11-07-2023 18:53:46] New process found: Process Name - mscorsvw.exe Process ID - 2092 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 18:53:46] Process Exited: Process Name - mscorsvw.exe Process ID - 5488 [11-07-2023 18:53:48] New process found: Process Name - mscorsvw.exe Process ID - 5796 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 18:53:48] Process Exited: Process Name - conhost.exe Process ID - 96 [11-07-2023 18:53:48] Process Exited: Process Name - mscorsvw.exe Process ID - 2092 [11-07-2023 18:53:48] Process Exited: Process Name - w3wp.exe Process ID - 12532 Web application pool name - procurementwebnew.acwits.in(domain)(4.0)(pool) [11-07-2023 18:53:49] New process found: Process Name - mscorsvw.exe Process ID - 2704 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 18:53:49] Process Exited: Process Name - mscorsvw.exe Process ID - 5796 [11-07-2023 18:53:50] New process found: Process Name - mscorsvw.exe Process ID - 7644 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 18:53:50] Process Exited: Process Name - mscorsvw.exe Process ID - 2704 [11-07-2023 18:53:51] New process found: Process Name - mscorsvw.exe Process ID - 11828 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 18:53:51] Process Exited: Process Name - mscorsvw.exe Process ID - 7644 [11-07-2023 18:53:52] New process found: Process Name - mscorsvw.exe Process ID - 9376 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 18:53:52] Process Exited: Process Name - mscorsvw.exe Process ID - 11828 [11-07-2023 18:53:53] New process found: Process Name - mscorsvw.exe Process ID - 4060 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 18:53:53] Process Exited: Process Name - mscorsvw.exe Process ID - 9376 [11-07-2023 18:53:54] New process found: Process Name - mscorsvw.exe Process ID - 12512 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 18:53:54] Process Exited: Process Name - mscorsvw.exe Process ID - 4060 [11-07-2023 18:53:55] New process found: Process Name - mscorsvw.exe Process ID - 13092 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 18:53:55] Process Exited: Process Name - mscorsvw.exe Process ID - 12512 [11-07-2023 18:53:56] New process found: Process Name - mscorsvw.exe Process ID - 9332 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 18:53:56] Process Exited: Process Name - mscorsvw.exe Process ID - 13092 [11-07-2023 18:53:57] New process found: Process Name - mscorsvw.exe Process ID - 9592 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 18:53:57] Process Exited: Process Name - mscorsvw.exe Process ID - 9332 [11-07-2023 18:54:00] New process found: Process Name - mscorsvw.exe Process ID - 13108 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 18:54:00] Process Exited: Process Name - mscorsvw.exe Process ID - 9592 [11-07-2023 18:54:02] New process found: Process Name - mscorsvw.exe Process ID - 968 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 18:54:02] Process Exited: Process Name - mscorsvw.exe Process ID - 13108 [11-07-2023 18:54:03] New process found: Process Name - mscorsvw.exe Process ID - 2440 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 18:54:03] Process Exited: Process Name - mscorsvw.exe Process ID - 968 [11-07-2023 18:54:04] New process found: Process Name - mscorsvw.exe Process ID - 12412 Process Identity - SYSTEM [11-07-2023 18:54:04] Process Exited: Process Name - mscorsvw.exe Process ID - 2440 [11-07-2023 18:54:05] New process found: Process Name - mscorsvw.exe Process ID - 9584 Process Identity - SYSTEM [11-07-2023 18:54:05] Process Exited: Process Name - mscorsvw.exe Process ID - 12412 [11-07-2023 18:54:06] New process found: Process Name - mscorsvw.exe Process ID - 13232 Process Identity - SYSTEM [11-07-2023 18:54:06] Process Exited: Process Name - mscorsvw.exe Process ID - 9584 [11-07-2023 18:54:07] New process found: Process Name - mscorsvw.exe Process ID - 6616 Process Identity - SYSTEM [11-07-2023 18:54:07] Process Exited: Process Name - mscorsvw.exe Process ID - 13232 [11-07-2023 18:54:08] New process found: Process Name - mscorsvw.exe Process ID - 8680 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 18:54:08] Process Exited: Process Name - mscorsvw.exe Process ID - 6616 [11-07-2023 18:54:09] New process found: Process Name - mscorsvw.exe Process ID - 13164 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 18:54:09] Process Exited: Process Name - mscorsvw.exe Process ID - 8680 [11-07-2023 18:54:10] New process found: Process Name - mscorsvw.exe Process ID - 10144 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 18:54:10] Process Exited: Process Name - mscorsvw.exe Process ID - 13164 [11-07-2023 18:54:11] New process found: Process Name - mscorsvw.exe Process ID - 4104 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 18:54:11] Process Exited: Process Name - mscorsvw.exe Process ID - 10144 [11-07-2023 18:54:12] New process found: Process Name - mscorsvw.exe Process ID - 12512 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 18:54:12] Process Exited: Process Name - mscorsvw.exe Process ID - 4104 [11-07-2023 18:54:13] New process found: Process Name - mscorsvw.exe Process ID - 13092 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 18:54:13] Process Exited: Process Name - mscorsvw.exe Process ID - 12512 [11-07-2023 18:54:16] New process found: Process Name - mscorsvw.exe Process ID - 8664 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 18:54:16] Process Exited: Process Name - mscorsvw.exe Process ID - 13092 [11-07-2023 18:54:19] New process found: Process Name - mscorsvw.exe Process ID - 12828 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 18:54:19] Process Exited: Process Name - mscorsvw.exe Process ID - 8664 [11-07-2023 18:54:20] New process found: Process Name - mscorsvw.exe Process ID - 11608 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 18:54:20] Process Exited: Process Name - mscorsvw.exe Process ID - 12828 [11-07-2023 18:54:21] New process found: Process Name - mscorsvw.exe Process ID - 6512 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 18:54:21] Process Exited: Process Name - mscorsvw.exe Process ID - 11608 [11-07-2023 18:54:24] New process found: Process Name - mscorsvw.exe Process ID - 5348 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 18:54:24] Process Exited: Process Name - mscorsvw.exe Process ID - 6512 [11-07-2023 18:54:25] New process found: Process Name - mscorsvw.exe Process ID - 12160 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 18:54:25] Process Exited: Process Name - mscorsvw.exe Process ID - 5348 [11-07-2023 18:54:26] New process found: Process Name - mscorsvw.exe Process ID - 13056 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 18:54:26] Process Exited: Process Name - WmiPrvSE.exe Process ID - 2664 [11-07-2023 18:54:26] Process Exited: Process Name - WmiPrvSE.exe Process ID - 3032 [11-07-2023 18:54:26] Process Exited: Process Name - mscorsvw.exe Process ID - 12160 [11-07-2023 18:54:27] New process found: Process Name - mscorsvw.exe Process ID - 2700 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 18:54:27] Process Exited: Process Name - mscorsvw.exe Process ID - 13056 [11-07-2023 18:54:28] New process found: Process Name - w3wp.exe Process ID - 8588 Process Identity - IIS APPPOOL\galaxytools.in Web application pool name - galaxytools.in [11-07-2023 18:54:29] New process found: Process Name - csc.exe Process ID - 4116 Process Identity - IIS APPPOOL\galaxytools.in [11-07-2023 18:54:29] New process found: Process Name - conhost.exe Process ID - 10144 Process Identity - IIS APPPOOL\galaxytools.in [11-07-2023 18:54:30] New process found: Process Name - VBCSCompiler.exe Process ID - 2280 Process Identity - IIS APPPOOL\galaxytools.in [11-07-2023 18:54:30] New process found: Process Name - conhost.exe Process ID - 6052 Process Identity - IIS APPPOOL\galaxytools.in [11-07-2023 18:54:31] New process found: Process Name - mscorsvw.exe Process ID - 12512 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 18:54:31] Process Exited: Process Name - mscorsvw.exe Process ID - 2700 [11-07-2023 18:54:32] New process found: Process Name - mscorsvw.exe Process ID - 2944 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 18:54:32] Process Exited: Process Name - mscorsvw.exe Process ID - 12512 [11-07-2023 18:54:33] New process found: Process Name - mscorsvw.exe Process ID - 12824 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 18:54:33] Process Exited: Process Name - mscorsvw.exe Process ID - 2944 [11-07-2023 18:54:34] New process found: Process Name - mscorsvw.exe Process ID - 2700 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 18:54:34] Process Exited: Process Name - mscorsvw.exe Process ID - 12824 [11-07-2023 18:54:35] New process found: Process Name - mscorsvw.exe Process ID - 5088 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 18:54:35] Process Exited: Process Name - mscorsvw.exe Process ID - 2700 [11-07-2023 18:54:35] Process Exited: Process Name - csc.exe Process ID - 4116 [11-07-2023 18:54:35] Process Exited: Process Name - conhost.exe Process ID - 10144 [11-07-2023 18:54:36] New process found: Process Name - csc.exe Process ID - 5968 Process Identity - IIS APPPOOL\galaxytools.in [11-07-2023 18:54:36] New process found: Process Name - conhost.exe Process ID - 7820 Process Identity - IIS APPPOOL\galaxytools.in [11-07-2023 18:54:36] New process found: Process Name - mscorsvw.exe Process ID - 2700 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 18:54:36] Process Exited: Process Name - mscorsvw.exe Process ID - 5088 [11-07-2023 18:54:37] New process found: Process Name - mscorsvw.exe Process ID - 5100 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 18:54:37] Process Exited: Process Name - mscorsvw.exe Process ID - 2700 [11-07-2023 18:54:38] Process Exited: Process Name - csc.exe Process ID - 5968 [11-07-2023 18:54:38] Process Exited: Process Name - conhost.exe Process ID - 7820 [11-07-2023 18:54:39] New process found: Process Name - mscorsvw.exe Process ID - 5796 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 18:54:39] Process Exited: Process Name - w3wp.exe Process ID - 3488 Web application pool name - kdbps.edu.in [11-07-2023 18:54:39] Process Exited: Process Name - mscorsvw.exe Process ID - 5100 [11-07-2023 18:54:39] Process Exited: Process Name - conhost.exe Process ID - 12572 [11-07-2023 18:54:40] New process found: Process Name - mscorsvw.exe Process ID - 9592 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 18:54:40] Process Exited: Process Name - mscorsvw.exe Process ID - 5796 [11-07-2023 18:54:41] New process found: Process Name - mscorsvw.exe Process ID - 11016 Process Identity - SYSTEM [11-07-2023 18:54:41] Process Exited: Process Name - mscorsvw.exe Process ID - 9592 [11-07-2023 18:54:42] New process found: Process Name - mscorsvw.exe Process ID - 11968 Process Identity - SYSTEM [11-07-2023 18:54:42] Process Exited: Process Name - mscorsvw.exe Process ID - 11016 [11-07-2023 18:54:43] New process found: Process Name - mscorsvw.exe Process ID - 3500 Process Identity - SYSTEM [11-07-2023 18:54:43] Process Exited: Process Name - mscorsvw.exe Process ID - 11968 [11-07-2023 18:54:44] New process found: Process Name - mscorsvw.exe Process ID - 13044 Process Identity - SYSTEM [11-07-2023 18:54:44] Process Exited: Process Name - mscorsvw.exe Process ID - 3500 [11-07-2023 18:54:45] New process found: Process Name - mscorsvw.exe Process ID - 9584 Process Identity - SYSTEM [11-07-2023 18:54:45] Process Exited: Process Name - mscorsvw.exe Process ID - 13044 [11-07-2023 18:54:46] New process found: Process Name - mscorsvw.exe Process ID - 10188 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 18:54:46] Process Exited: Process Name - mscorsvw.exe Process ID - 9584 [11-07-2023 18:54:47] New process found: Process Name - mscorsvw.exe Process ID - 3648 Process Identity - SYSTEM [11-07-2023 18:54:47] Process Exited: Process Name - mscorsvw.exe Process ID - 10188 [11-07-2023 18:54:48] New process found: Process Name - mscorsvw.exe Process ID - 8208 Process Identity - SYSTEM [11-07-2023 18:54:48] Process Exited: Process Name - VBCSCompiler.exe Process ID - 2280 [11-07-2023 18:54:48] Process Exited: Process Name - mscorsvw.exe Process ID - 3648 [11-07-2023 18:54:48] Process Exited: Process Name - conhost.exe Process ID - 6052 [11-07-2023 18:54:49] New process found: Process Name - mscorsvw.exe Process ID - 12500 Process Identity - SYSTEM [11-07-2023 18:54:49] Process Exited: Process Name - mscorsvw.exe Process ID - 8208 [11-07-2023 18:54:52] New process found: Process Name - mscorsvw.exe Process ID - 2316 Process Identity - SYSTEM [11-07-2023 18:54:52] Process Exited: Process Name - mscorsvw.exe Process ID - 12500 [11-07-2023 18:54:53] New process found: Process Name - mscorsvw.exe Process ID - 11604 Process Identity - SYSTEM [11-07-2023 18:54:53] Process Exited: Process Name - mscorsvw.exe Process ID - 2316 [11-07-2023 18:54:54] New process found: Process Name - mscorsvw.exe Process ID - 7080 Process Identity - SYSTEM [11-07-2023 18:54:54] Process Exited: Process Name - mscorsvw.exe Process ID - 11604 [11-07-2023 18:54:55] New process found: Process Name - mscorsvw.exe Process ID - 8204 Process Identity - SYSTEM [11-07-2023 18:54:55] Process Exited: Process Name - mscorsvw.exe Process ID - 7080 [11-07-2023 18:54:56] New process found: Process Name - mscorsvw.exe Process ID - 11552 Process Identity - SYSTEM [11-07-2023 18:54:56] Process Exited: Process Name - mscorsvw.exe Process ID - 8204 [11-07-2023 18:54:56] Process Exited: Process Name - dllhost.exe Process ID - 12024 [11-07-2023 18:54:57] New process found: Process Name - mscorsvw.exe Process ID - 8212 Process Identity - SYSTEM [11-07-2023 18:54:57] Process Exited: Process Name - mscorsvw.exe Process ID - 11552 [11-07-2023 18:54:58] New process found: Process Name - mscorsvw.exe Process ID - 448 Process Identity - SYSTEM [11-07-2023 18:54:58] Process Exited: Process Name - mscorsvw.exe Process ID - 8212 [11-07-2023 18:54:59] New process found: Process Name - mscorsvw.exe Process ID - 12416 Process Identity - SYSTEM [11-07-2023 18:54:59] Process Exited: Process Name - mscorsvw.exe Process ID - 448 [11-07-2023 18:55:00] New process found: Process Name - mscorsvw.exe Process ID - 13072 Process Identity - SYSTEM [11-07-2023 18:55:00] Process Exited: Process Name - mscorsvw.exe Process ID - 12416 [11-07-2023 18:55:01] New process found: Process Name - mscorsvw.exe Process ID - 2748 Process Identity - SYSTEM [11-07-2023 18:55:01] Process Exited: Process Name - mscorsvw.exe Process ID - 13072 [11-07-2023 18:55:02] New process found: Process Name - mscorsvw.exe Process ID - 5504 Process Identity - SYSTEM [11-07-2023 18:55:02] Process Exited: Process Name - mscorsvw.exe Process ID - 2748 [11-07-2023 18:55:03] New process found: Process Name - mscorsvw.exe Process ID - 5348 Process Identity - SYSTEM [11-07-2023 18:55:03] Process Exited: Process Name - mscorsvw.exe Process ID - 5504 [11-07-2023 18:55:04] New process found: Process Name - mscorsvw.exe Process ID - 8324 Process Identity - SYSTEM [11-07-2023 18:55:04] Process Exited: Process Name - mscorsvw.exe Process ID - 5348 [11-07-2023 18:55:05] New process found: Process Name - mscorsvw.exe Process ID - 12412 Process Identity - SYSTEM [11-07-2023 18:55:05] Process Exited: Process Name - mscorsvw.exe Process ID - 8324 [11-07-2023 18:55:07] New process found: Process Name - mscorsvw.exe Process ID - 6324 Process Identity - SYSTEM [11-07-2023 18:55:07] Process Exited: Process Name - mscorsvw.exe Process ID - 12412 [11-07-2023 18:55:08] New process found: Process Name - mscorsvw.exe Process ID - 13144 Process Identity - SYSTEM [11-07-2023 18:55:08] Process Exited: Process Name - mscorsvw.exe Process ID - 6324 [11-07-2023 18:55:09] New process found: Process Name - mscorsvw.exe Process ID - 9352 Process Identity - SYSTEM [11-07-2023 18:55:09] Process Exited: Process Name - mscorsvw.exe Process ID - 13144 [11-07-2023 18:55:10] New process found: Process Name - mscorsvw.exe Process ID - 12644 Process Identity - SYSTEM [11-07-2023 18:55:10] Process Exited: Process Name - mscorsvw.exe Process ID - 9352 [11-07-2023 18:55:12] New process found: Process Name - mscorsvw.exe Process ID - 9592 Process Identity - SYSTEM [11-07-2023 18:55:12] Process Exited: Process Name - mscorsvw.exe Process ID - 12644 [11-07-2023 18:55:13] New process found: Process Name - mscorsvw.exe Process ID - 5780 Process Identity - SYSTEM [11-07-2023 18:55:13] Process Exited: Process Name - mscorsvw.exe Process ID - 9592 [11-07-2023 18:55:14] New process found: Process Name - mscorsvw.exe Process ID - 4376 Process Identity - SYSTEM [11-07-2023 18:55:14] Process Exited: Process Name - mscorsvw.exe Process ID - 5780 [11-07-2023 18:55:15] New process found: Process Name - mscorsvw.exe Process ID - 4148 Process Identity - SYSTEM [11-07-2023 18:55:15] Process Exited: Process Name - mscorsvw.exe Process ID - 4376 [11-07-2023 18:55:17] New process found: Process Name - mscorsvw.exe Process ID - 5796 Process Identity - SYSTEM [11-07-2023 18:55:17] Process Exited: Process Name - mscorsvw.exe Process ID - 4148 [11-07-2023 18:55:18] New process found: Process Name - mscorsvw.exe Process ID - 2436 Process Identity - SYSTEM [11-07-2023 18:55:18] Process Exited: Process Name - mscorsvw.exe Process ID - 5796 [11-07-2023 18:55:19] New process found: Process Name - mscorsvw.exe Process ID - 2664 Process Identity - SYSTEM [11-07-2023 18:55:19] Process Exited: Process Name - mscorsvw.exe Process ID - 2436 [11-07-2023 18:55:20] New process found: Process Name - mscorsvw.exe Process ID - 13112 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 18:55:20] Process Exited: Process Name - mscorsvw.exe Process ID - 2664 [11-07-2023 18:55:21] New process found: Process Name - mscorsvw.exe Process ID - 6820 Process Identity - SYSTEM [11-07-2023 18:55:21] Process Exited: Process Name - mscorsvw.exe Process ID - 13112 [11-07-2023 18:55:22] New process found: Process Name - mscorsvw.exe Process ID - 10104 Process Identity - SYSTEM [11-07-2023 18:55:22] Process Exited: Process Name - mscorsvw.exe Process ID - 6820 [11-07-2023 18:55:23] New process found: Process Name - mscorsvw.exe Process ID - 1304 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 18:55:23] Process Exited: Process Name - mscorsvw.exe Process ID - 10104 [11-07-2023 18:55:24] New process found: Process Name - mscorsvw.exe Process ID - 1432 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 18:55:24] Process Exited: Process Name - mscorsvw.exe Process ID - 1304 [11-07-2023 18:55:25] New process found: Process Name - mscorsvw.exe Process ID - 1724 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 18:55:25] Process Exited: Process Name - mscorsvw.exe Process ID - 1432 [11-07-2023 18:55:26] New process found: Process Name - mscorsvw.exe Process ID - 13260 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 18:55:26] Process Exited: Process Name - mscorsvw.exe Process ID - 1724 [11-07-2023 18:55:27] New process found: Process Name - mscorsvw.exe Process ID - 10984 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 18:55:27] Process Exited: Process Name - mscorsvw.exe Process ID - 13260 [11-07-2023 18:55:28] New process found: Process Name - mscorsvw.exe Process ID - 9932 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 18:55:28] Process Exited: Process Name - mscorsvw.exe Process ID - 10984 [11-07-2023 18:55:29] New process found: Process Name - mscorsvw.exe Process ID - 7636 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 18:55:29] Process Exited: Process Name - mscorsvw.exe Process ID - 9932 [11-07-2023 18:55:30] New process found: Process Name - mscorsvw.exe Process ID - 5484 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 18:55:30] Process Exited: Process Name - mscorsvw.exe Process ID - 7636 [11-07-2023 18:55:31] New process found: Process Name - mscorsvw.exe Process ID - 13108 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 18:55:31] Process Exited: Process Name - mscorsvw.exe Process ID - 5484 [11-07-2023 18:55:32] New process found: Process Name - mscorsvw.exe Process ID - 6888 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 18:55:32] Process Exited: Process Name - mscorsvw.exe Process ID - 13108 [11-07-2023 18:55:33] New process found: Process Name - mscorsvw.exe Process ID - 9692 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 18:55:33] Process Exited: Process Name - mscorsvw.exe Process ID - 6888 [11-07-2023 18:55:34] New process found: Process Name - mscorsvw.exe Process ID - 3032 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 18:55:34] Process Exited: Process Name - mscorsvw.exe Process ID - 9692 [11-07-2023 18:55:35] New process found: Process Name - mscorsvw.exe Process ID - 3328 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 18:55:35] Process Exited: Process Name - mscorsvw.exe Process ID - 3032 [11-07-2023 18:55:36] New process found: Process Name - mscorsvw.exe Process ID - 6404 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 18:55:36] Process Exited: Process Name - mscorsvw.exe Process ID - 3328 [11-07-2023 18:55:37] New process found: Process Name - mscorsvw.exe Process ID - 13296 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 18:55:37] Process Exited: Process Name - mscorsvw.exe Process ID - 6404 [11-07-2023 18:55:38] New process found: Process Name - mscorsvw.exe Process ID - 6388 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 18:55:38] Process Exited: Process Name - mscorsvw.exe Process ID - 13296 [11-07-2023 18:55:39] New process found: Process Name - mscorsvw.exe Process ID - 5668 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 18:55:39] Process Exited: Process Name - mscorsvw.exe Process ID - 6388 [11-07-2023 18:55:40] New process found: Process Name - mscorsvw.exe Process ID - 4104 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 18:55:40] Process Exited: Process Name - mscorsvw.exe Process ID - 5668 [11-07-2023 18:55:41] New process found: Process Name - mscorsvw.exe Process ID - 3464 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 18:55:41] Process Exited: Process Name - mscorsvw.exe Process ID - 4104 [11-07-2023 18:55:42] Process Exited: Process Name - mscorsvw.exe Process ID - 3464 [11-07-2023 18:55:43] New process found: Process Name - mscorsvw.exe Process ID - 5104 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 18:55:44] Process Exited: Process Name - mscorsvw.exe Process ID - 5104 [11-07-2023 18:55:45] New process found: Process Name - mscorsvw.exe Process ID - 2748 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 18:55:46] Process Exited: Process Name - mscorsvw.exe Process ID - 2748 [11-07-2023 18:55:47] New process found: Process Name - mscorsvw.exe Process ID - 11792 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 18:55:48] New process found: Process Name - mscorsvw.exe Process ID - 1504 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 18:55:48] Process Exited: Process Name - mscorsvw.exe Process ID - 11792 [11-07-2023 18:55:49] Process Exited: Process Name - mscorsvw.exe Process ID - 1504 [11-07-2023 18:55:50] New process found: Process Name - mscorsvw.exe Process ID - 6636 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 18:55:51] New process found: Process Name - mscorsvw.exe Process ID - 4148 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 18:55:51] Process Exited: Process Name - mscorsvw.exe Process ID - 6636 [11-07-2023 18:55:52] New process found: Process Name - mscorsvw.exe Process ID - 5072 Process Identity - SYSTEM [11-07-2023 18:55:52] Process Exited: Process Name - mscorsvw.exe Process ID - 4148 [11-07-2023 18:55:53] New process found: Process Name - mscorsvw.exe Process ID - 404 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 18:55:53] Process Exited: Process Name - mscorsvw.exe Process ID - 5072 [11-07-2023 18:55:54] New process found: Process Name - mscorsvw.exe Process ID - 9328 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 18:55:54] Process Exited: Process Name - mscorsvw.exe Process ID - 404 [11-07-2023 18:55:55] Process Exited: Process Name - mscorsvw.exe Process ID - 9328 [11-07-2023 18:55:56] New process found: Process Name - mscorsvw.exe Process ID - 7636 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 18:55:57] New process found: Process Name - mscorsvw.exe Process ID - 13160 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 18:55:57] Process Exited: Process Name - mscorsvw.exe Process ID - 7636 [11-07-2023 18:55:58] New process found: Process Name - mscorsvw.exe Process ID - 13292 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 18:55:58] Process Exited: Process Name - mscorsvw.exe Process ID - 13160 [11-07-2023 18:55:59] New process found: Process Name - mscorsvw.exe Process ID - 5796 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 18:55:59] Process Exited: Process Name - mscorsvw.exe Process ID - 13292 [11-07-2023 18:56:00] New process found: Process Name - w3wp.exe Process ID - 10188 Process Identity - KSHITIJSINGHAL-\IWPD_33(acwits) Web application pool name - procurementwebnew.acwits.in(domain)(4.0)(pool) [11-07-2023 18:56:00] New process found: Process Name - conhost.exe Process ID - 13136 Process Identity - KSHITIJSINGHAL-\IWPD_33(acwits) [11-07-2023 18:56:00] Process Exited: Process Name - mscorsvw.exe Process ID - 5796 [11-07-2023 18:56:01] New process found: Process Name - mscorsvw.exe Process ID - 2556 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 18:56:02] New process found: Process Name - mscorsvw.exe Process ID - 2944 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 18:56:02] Process Exited: Process Name - mscorsvw.exe Process ID - 2556 [11-07-2023 18:56:03] New process found: Process Name - mscorsvw.exe Process ID - 5952 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 18:56:03] Process Exited: Process Name - mscorsvw.exe Process ID - 2944 [11-07-2023 18:56:04] New process found: Process Name - mscorsvw.exe Process ID - 6572 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 18:56:04] Process Exited: Process Name - mscorsvw.exe Process ID - 5952 [11-07-2023 18:56:05] New process found: Process Name - mscorsvw.exe Process ID - 12436 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 18:56:05] Process Exited: Process Name - mscorsvw.exe Process ID - 6572 [11-07-2023 18:56:06] New process found: Process Name - mscorsvw.exe Process ID - 5344 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 18:56:06] Process Exited: Process Name - mscorsvw.exe Process ID - 12436 [11-07-2023 18:56:07] New process found: Process Name - mscorsvw.exe Process ID - 5348 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 18:56:07] Process Exited: Process Name - mscorsvw.exe Process ID - 5344 [11-07-2023 18:56:08] New process found: Process Name - mscorsvw.exe Process ID - 13144 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 18:56:08] Process Exited: Process Name - mscorsvw.exe Process ID - 5348 [11-07-2023 18:56:09] Process Exited: Process Name - mscorsvw.exe Process ID - 13144 [11-07-2023 18:56:10] New process found: Process Name - mscorsvw.exe Process ID - 6572 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 18:56:11] New process found: Process Name - mscorsvw.exe Process ID - 3488 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 18:56:11] Process Exited: Process Name - mscorsvw.exe Process ID - 6572 [11-07-2023 18:56:12] New process found: Process Name - mscorsvw.exe Process ID - 12332 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 18:56:12] Process Exited: Process Name - mscorsvw.exe Process ID - 3488 [11-07-2023 18:56:13] Process Exited: Process Name - ngen.exe Process ID - 2692 [11-07-2023 18:56:13] Process Exited: Process Name - ngentask.exe Process ID - 6148 [11-07-2023 18:56:13] Process Exited: Process Name - conhost.exe Process ID - 6192 [11-07-2023 18:56:13] Process Exited: Process Name - taskhostw.exe Process ID - 7924 [11-07-2023 18:56:13] Process Exited: Process Name - mscorsvw.exe Process ID - 12332 [11-07-2023 18:59:58] New process found: Process Name - w3wp.exe Process ID - 8244 Process Identity - KSHITIJSINGHAL-\IWPD_13(perfectbrea) Web application pool name - perfectbread.com(domain)(4.0)(pool) [11-07-2023 19:00:00] New process found: Process Name - conhost.exe Process ID - 5720 Process Identity - KSHITIJSINGHAL-\IWPD_13(perfectbrea) [11-07-2023 19:00:12] New process found: Process Name - w3wp.exe Process ID - 12384 Process Identity - IIS APPPOOL\adminportal.galaxytools.in Web application pool name - adminportal.galaxytools.in [11-07-2023 19:00:30] Process Exited: Process Name - w3wp.exe Process ID - 8588 Web application pool name - galaxytools.in [11-07-2023 19:00:43] New process found: Process Name - w3wp.exe Process ID - 13144 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [11-07-2023 19:00:43] Process Exited: Process Name - w3wp.exe Process ID - 12392 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [11-07-2023 19:00:59] New process found: Process Name - w3wp.exe Process ID - 724 Process Identity - KSHITIJSINGHAL-\IWPD_38(capitalbook) Web application pool name - capitalbooks-publishing.com(domain)(4.0)(pool) [11-07-2023 19:01:17] New process found: Process Name - w3wp.exe Process ID - 6616 Process Identity - IIS APPPOOL\DefaultAppPool Web application pool name - DefaultAppPool [11-07-2023 19:02:02] Process Exited: Process Name - w3wp.exe Process ID - 10188 Web application pool name - procurementwebnew.acwits.in(domain)(4.0)(pool) [11-07-2023 19:02:02] Process Exited: Process Name - conhost.exe Process ID - 13136 [11-07-2023 19:02:33] New process found: Process Name - SearchProtocolHost.exe Process ID - 3032 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 19:02:33] New process found: Process Name - SearchFilterHost.exe Process ID - 9292 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 19:02:41] New process found: Process Name - w3wp.exe Process ID - 5968 Process Identity - KSHITIJSINGHAL-\IWPD_6(cies) Web application pool name - cies.org.in(domain)(4.0)(pool) [11-07-2023 19:02:47] New process found: Process Name - w3wp.exe Process ID - 12456 Process Identity - KSHITIJSINGHAL-\IWPD_78(medblink) Web application pool name - medblinkit.com(domain)(4.0)(pool) [11-07-2023 19:02:47] New process found: Process Name - conhost.exe Process ID - 2668 Process Identity - KSHITIJSINGHAL-\IWPD_78(medblink) [11-07-2023 19:02:56] New process found: Process Name - WmiPrvSE.exe Process ID - 5164 Process Identity - NT AUTHORITY\LOCAL SERVICE [11-07-2023 19:03:03] New process found: Process Name - WmiPrvSE.exe Process ID - 6316 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 19:04:02] New process found: Process Name - w3wp.exe Process ID - 11872 Process Identity - IIS APPPOOL\kdbps.edu.in Web application pool name - kdbps.edu.in [11-07-2023 19:04:02] New process found: Process Name - where.exe Process ID - 716 Process Identity - IIS APPPOOL\kdbps.edu.in [11-07-2023 19:04:02] New process found: Process Name - conhost.exe Process ID - 12844 Process Identity - IIS APPPOOL\kdbps.edu.in [11-07-2023 19:04:03] New process found: Process Name - conhost.exe Process ID - 884 Process Identity - IIS APPPOOL\kdbps.edu.in [11-07-2023 19:04:03] Process Exited: Process Name - where.exe Process ID - 716 [11-07-2023 19:04:03] Process Exited: Process Name - conhost.exe Process ID - 12844 [11-07-2023 19:04:26] Process Exited: Process Name - WmiPrvSE.exe Process ID - 5164 [11-07-2023 19:04:26] Process Exited: Process Name - WmiPrvSE.exe Process ID - 6316 [11-07-2023 19:04:46] Process Exited: Process Name - SearchProtocolHost.exe Process ID - 3032 [11-07-2023 19:04:46] Process Exited: Process Name - SearchFilterHost.exe Process ID - 9292 [11-07-2023 19:05:45] New process found: Process Name - w3wp.exe Process ID - 10108 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [11-07-2023 19:05:45] Process Exited: Process Name - w3wp.exe Process ID - 13144 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [11-07-2023 19:06:01] Process Exited: Process Name - conhost.exe Process ID - 5720 [11-07-2023 19:06:01] Process Exited: Process Name - w3wp.exe Process ID - 8244 Web application pool name - perfectbread.com(domain)(4.0)(pool) [11-07-2023 19:06:14] Process Exited: Process Name - w3wp.exe Process ID - 12384 Web application pool name - adminportal.galaxytools.in [11-07-2023 19:07:01] Process Exited: Process Name - w3wp.exe Process ID - 724 Web application pool name - capitalbooks-publishing.com(domain)(4.0)(pool) [11-07-2023 19:07:03] New process found: Process Name - w3wp.exe Process ID - 4164 Process Identity - KSHITIJSINGHAL-\IWPD_13(perfectbrea) Web application pool name - perfectbread.com(domain)(4.0)(pool) [11-07-2023 19:07:03] New process found: Process Name - conhost.exe Process ID - 4996 Process Identity - KSHITIJSINGHAL-\IWPD_13(perfectbrea) [11-07-2023 19:07:19] Process Exited: Process Name - w3wp.exe Process ID - 6616 Web application pool name - DefaultAppPool [11-07-2023 19:08:51] New process found: Process Name - smss.exe Process ID - 2104 Process Identity - SYSTEM [11-07-2023 19:08:52] New process found: Process Name - csrss.exe Process ID - 7928 Process Identity - SYSTEM [11-07-2023 19:08:52] New process found: Process Name - winlogon.exe Process ID - 12540 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 19:08:52] New process found: Process Name - dwm.exe Process ID - 3784 Process Identity - Window Manager\DWM-3 [11-07-2023 19:08:52] New process found: Process Name - dllhost.exe Process ID - 1760 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 19:08:52] New process found: Process Name - TSTheme.exe Process ID - 9844 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 19:08:52] New process found: Process Name - mbamtray.exe Process ID - 728 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 19:08:52] New process found: Process Name - rdpclip.exe Process ID - 12512 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 19:08:52] New process found: Process Name - RuntimeBroker.exe Process ID - 4112 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 19:08:52] New process found: Process Name - sihost.exe Process ID - 3064 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 19:08:52] New process found: Process Name - svchost.exe Process ID - 644 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 19:08:52] New process found: Process Name - taskhostw.exe Process ID - 5888 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 19:08:52] New process found: Process Name - GoogleUpdate.exe Process ID - 9200 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 19:08:52] New process found: Process Name - taskhostw.exe Process ID - 2900 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 19:08:52] New process found: Process Name - ServerManagerLauncher.exe Process ID - 11536 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 19:08:52] New process found: Process Name - sppsvc.exe Process ID - 13284 Process Identity - SYSTEM [11-07-2023 19:08:52] Process Exited: Process Name - smss.exe Process ID - 2104 [11-07-2023 19:08:52] Service state changed: Service Name - sppsvc Process ID - 0 Current State - SERVICE_START_PENDING [11-07-2023 19:08:52] New service found: Service Name - CDPUserSvc_68a3f0 Process ID - 644 Current State - SERVICE_RUNNING [11-07-2023 19:08:52] New service found: Service Name - OneSyncSvc_68a3f0 Process ID - 0 Current State - SERVICE_STOPPED [11-07-2023 19:08:52] New service found: Service Name - PimIndexMaintenanceSvc_68a3f0 Process ID - 0 Current State - SERVICE_STOPPED [11-07-2023 19:08:52] New service found: Service Name - UnistoreSvc_68a3f0 Process ID - 0 Current State - SERVICE_STOPPED [11-07-2023 19:08:52] New service found: Service Name - UserDataSvc_68a3f0 Process ID - 0 Current State - SERVICE_STOPPED [11-07-2023 19:08:52] New service found: Service Name - WpnUserService_68a3f0 Process ID - 0 Current State - SERVICE_STOPPED [11-07-2023 19:08:53] New process found: Process Name - userinit.exe Process ID - 9344 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 19:08:53] New process found: Process Name - explorer.exe Process ID - 12544 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 19:08:53] New process found: Process Name - ShellExperienceHost.exe Process ID - 2568 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 19:08:53] New process found: Process Name - ServerManager.exe Process ID - 2560 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 19:08:53] New process found: Process Name - SearchUI.exe Process ID - 12600 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 19:08:53] New process found: Process Name - SppExtComObj.Exe Process ID - 188 Process Identity - NT AUTHORITY\NETWORK SERVICE [11-07-2023 19:08:53] New process found: Process Name - slui.exe Process ID - 12508 Process Identity - NT AUTHORITY\NETWORK SERVICE [11-07-2023 19:08:53] New process found: Process Name - slui.exe Process ID - 13320 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 19:08:53] Process Exited: Process Name - taskhostw.exe Process ID - 2900 [11-07-2023 19:08:53] Process Exited: Process Name - GoogleUpdate.exe Process ID - 9200 [11-07-2023 19:08:53] Process Exited: Process Name - ServerManagerLauncher.exe Process ID - 11536 [11-07-2023 19:08:53] Service state changed: Service Name - sppsvc Process ID - 13284 Current State - SERVICE_RUNNING [11-07-2023 19:08:54] New process found: Process Name - WmiPrvSE.exe Process ID - 13872 Process Identity - NT AUTHORITY\LOCAL SERVICE [11-07-2023 19:08:54] Service state changed: Service Name - NetSetupSvc Process ID - 1120 Current State - SERVICE_RUNNING [11-07-2023 19:08:56] Process Exited: Process Name - slui.exe Process ID - 12508 [11-07-2023 19:08:56] Process Exited: Process Name - slui.exe Process ID - 13320 [11-07-2023 19:08:57] New process found: Process Name - mobsync.exe Process ID - 13952 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 19:08:57] Process Exited: Process Name - dllhost.exe Process ID - 1760 [11-07-2023 19:08:58] Process Exited: Process Name - TSTheme.exe Process ID - 9844 [11-07-2023 19:09:00] New process found: Process Name - fontdrvhost.exe Process ID - 14016 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 19:09:01] New process found: Process Name - WmiPrvSE.exe Process ID - 14076 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 19:09:04] New process found: Process Name - ComboCleaner.exe Process ID - 14296 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 19:09:06] New process found: Process Name - WmiPrvSE.exe Process ID - 5336 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 19:09:07] New process found: Process Name - runonce.exe Process ID - 13056 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 19:09:07] New process found: Process Name - METray.exe Process ID - 9592 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 19:09:07] New process found: Process Name - traymonitor.exe Process ID - 13340 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 19:09:07] Process Exited: Process Name - mobsync.exe Process ID - 13952 [11-07-2023 19:09:08] Process Exited: Process Name - runonce.exe Process ID - 13056 [11-07-2023 19:09:13] Process Exited: Process Name - userinit.exe Process ID - 9344 [11-07-2023 19:09:23] New process found: Process Name - wlrmdr.exe Process ID - 13556 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 19:09:26] Process Exited: Process Name - SppExtComObj.Exe Process ID - 188 [11-07-2023 19:09:26] Process Exited: Process Name - sppsvc.exe Process ID - 13284 [11-07-2023 19:09:26] Service state changed: Service Name - sppsvc Process ID - 0 Current State - SERVICE_STOPPED [11-07-2023 19:09:53] New process found: Process Name - dllhost.exe Process ID - 12616 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 19:09:58] Process Exited: Process Name - dllhost.exe Process ID - 12616 [11-07-2023 19:10:04] New process found: Process Name - TSTheme.exe Process ID - 188 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 19:10:10] Process Exited: Process Name - TSTheme.exe Process ID - 188 [11-07-2023 19:10:11] Process Exited: Process Name - WmiPrvSE.exe Process ID - 13872 [11-07-2023 19:10:11] Process Exited: Process Name - WmiPrvSE.exe Process ID - 14076 [11-07-2023 19:10:33] Service state changed: Service Name - NetSetupSvc Process ID - 0 Current State - SERVICE_STOPPED [11-07-2023 19:10:45] New process found: Process Name - w3wp.exe Process ID - 13516 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [11-07-2023 19:10:45] Process Exited: Process Name - w3wp.exe Process ID - 10108 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [11-07-2023 19:10:56] Service state changed: Service Name - OneSyncSvc_68a3f0 Process ID - 644 Current State - SERVICE_RUNNING [11-07-2023 19:12:57] New process found: Process Name - WmiPrvSE.exe Process ID - 13912 Process Identity - NT AUTHORITY\LOCAL SERVICE [11-07-2023 19:13:04] New process found: Process Name - WmiPrvSE.exe Process ID - 13044 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 19:13:05] Process Exited: Process Name - w3wp.exe Process ID - 4164 Web application pool name - perfectbread.com(domain)(4.0)(pool) [11-07-2023 19:13:05] Process Exited: Process Name - conhost.exe Process ID - 4996 [11-07-2023 19:13:27] New process found: Process Name - TSTheme.exe Process ID - 2780 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 19:13:33] Process Exited: Process Name - TSTheme.exe Process ID - 2780 [11-07-2023 19:14:26] Process Exited: Process Name - WmiPrvSE.exe Process ID - 13044 [11-07-2023 19:14:26] Process Exited: Process Name - WmiPrvSE.exe Process ID - 13912 [11-07-2023 19:15:22] New process found: Process Name - w3wp.exe Process ID - 9376 Process Identity - KSHITIJSINGHAL-\IWPD_13(perfectbrea) Web application pool name - perfectbread.com(domain)(4.0)(pool) [11-07-2023 19:15:29] New process found: Process Name - conhost.exe Process ID - 14108 Process Identity - KSHITIJSINGHAL-\IWPD_13(perfectbrea) [11-07-2023 19:15:46] New process found: Process Name - w3wp.exe Process ID - 12032 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [11-07-2023 19:15:46] Process Exited: Process Name - w3wp.exe Process ID - 13516 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [11-07-2023 19:17:34] New process found: Process Name - SearchProtocolHost.exe Process ID - 9184 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 19:17:34] New process found: Process Name - SearchFilterHost.exe Process ID - 2280 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 19:18:47] Process Exited: Process Name - SearchFilterHost.exe Process ID - 2280 [11-07-2023 19:18:47] Process Exited: Process Name - SearchProtocolHost.exe Process ID - 9184 [11-07-2023 19:18:54] New process found: Process Name - WmiPrvSE.exe Process ID - 12908 Process Identity - NT AUTHORITY\LOCAL SERVICE [11-07-2023 19:19:01] New process found: Process Name - WmiPrvSE.exe Process ID - 14380 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 19:20:24] Process Exited: Process Name - WmiPrvSE.exe Process ID - 5336 [11-07-2023 19:20:24] Process Exited: Process Name - WmiPrvSE.exe Process ID - 12908 [11-07-2023 19:20:24] Process Exited: Process Name - WmiPrvSE.exe Process ID - 14380 [11-07-2023 19:20:48] New process found: Process Name - w3wp.exe Process ID - 14996 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [11-07-2023 19:20:48] Process Exited: Process Name - w3wp.exe Process ID - 12032 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [11-07-2023 19:21:25] Process Exited: Process Name - w3wp.exe Process ID - 9376 Web application pool name - perfectbread.com(domain)(4.0)(pool) [11-07-2023 19:21:25] Process Exited: Process Name - conhost.exe Process ID - 14108 [11-07-2023 19:21:31] New process found: Process Name - w3wp.exe Process ID - 14352 Process Identity - IIS APPPOOL\DefaultAppPool Web application pool name - DefaultAppPool [11-07-2023 19:21:44] Process Exited: Process Name - w3wp.exe Process ID - 5968 Web application pool name - cies.org.in(domain)(4.0)(pool) [11-07-2023 19:22:21] New process found: Process Name - w3wp.exe Process ID - 13596 Process Identity - IIS APPPOOL\adminportal.galaxytools.in Web application pool name - adminportal.galaxytools.in [11-07-2023 19:22:22] New process found: Process Name - w3wp.exe Process ID - 14340 Process Identity - KSHITIJSINGHAL-\IWPD_33(acwits) Web application pool name - procurementwebnew.acwits.in(domain)(4.0)(pool) [11-07-2023 19:22:22] New process found: Process Name - conhost.exe Process ID - 14684 Process Identity - KSHITIJSINGHAL-\IWPD_33(acwits) [11-07-2023 19:22:56] New process found: Process Name - WmiPrvSE.exe Process ID - 9124 Process Identity - NT AUTHORITY\LOCAL SERVICE [11-07-2023 19:23:03] New process found: Process Name - WmiPrvSE.exe Process ID - 9548 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 19:24:02] New process found: Process Name - w3wp.exe Process ID - 14816 Process Identity - KSHITIJSINGHAL-\IWPD_6(cies) Web application pool name - cies.org.in(domain)(4.0)(pool) [11-07-2023 19:24:22] New process found: Process Name - csc.exe Process ID - 9252 Process Identity - KSHITIJSINGHAL-\IWPD_6(cies) [11-07-2023 19:24:22] New process found: Process Name - conhost.exe Process ID - 15300 Process Identity - KSHITIJSINGHAL-\IWPD_6(cies) [11-07-2023 19:24:25] Process Exited: Process Name - csc.exe Process ID - 9252 [11-07-2023 19:24:25] Process Exited: Process Name - conhost.exe Process ID - 15300 [11-07-2023 19:24:27] Process Exited: Process Name - WmiPrvSE.exe Process ID - 9124 [11-07-2023 19:24:27] Process Exited: Process Name - WmiPrvSE.exe Process ID - 9548 [11-07-2023 19:25:49] New process found: Process Name - w3wp.exe Process ID - 3048 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [11-07-2023 19:25:49] Process Exited: Process Name - w3wp.exe Process ID - 14996 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [11-07-2023 19:27:33] Process Exited: Process Name - w3wp.exe Process ID - 14352 Web application pool name - DefaultAppPool [11-07-2023 19:28:23] Process Exited: Process Name - w3wp.exe Process ID - 13596 Web application pool name - adminportal.galaxytools.in [11-07-2023 19:28:54] New process found: Process Name - WmiPrvSE.exe Process ID - 14248 Process Identity - NT AUTHORITY\LOCAL SERVICE [11-07-2023 19:29:01] New process found: Process Name - WmiPrvSE.exe Process ID - 2416 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 19:29:46] Service state changed: Service Name - WdiSystemHost Process ID - 0 Current State - SERVICE_STOPPED [11-07-2023 19:30:05] Process Exited: Process Name - w3wp.exe Process ID - 14816 Web application pool name - cies.org.in(domain)(4.0)(pool) [11-07-2023 19:30:25] Process Exited: Process Name - WmiPrvSE.exe Process ID - 2416 [11-07-2023 19:30:25] Process Exited: Process Name - WmiPrvSE.exe Process ID - 14248 [11-07-2023 19:30:51] New process found: Process Name - w3wp.exe Process ID - 13472 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [11-07-2023 19:30:51] Process Exited: Process Name - w3wp.exe Process ID - 3048 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [11-07-2023 19:30:59] New process found: Process Name - w3wp.exe Process ID - 13460 Process Identity - KSHITIJSINGHAL-\IWPD_38(capitalbook) Web application pool name - capitalbooks-publishing.com(domain)(4.0)(pool) [11-07-2023 19:30:59] Process Exited: Process Name - w3wp.exe Process ID - 2744 Web application pool name - suryaflame.com(domain)(4.0)(pool) [11-07-2023 19:30:59] Process Exited: Process Name - conhost.exe Process ID - 5584 [11-07-2023 19:32:33] New process found: Process Name - SearchProtocolHost.exe Process ID - 15080 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 19:32:33] New process found: Process Name - SearchFilterHost.exe Process ID - 15284 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 19:32:56] New process found: Process Name - WmiPrvSE.exe Process ID - 15320 Process Identity - NT AUTHORITY\LOCAL SERVICE [11-07-2023 19:33:03] New process found: Process Name - WmiPrvSE.exe Process ID - 13572 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 19:33:25] New process found: Process Name - w3wp.exe Process ID - 8608 Process Identity - KSHITIJSINGHAL-\IWPD_74(suryafla_aw) Web application pool name - suryaflame.com(domain)(4.0)(pool) [11-07-2023 19:33:25] New process found: Process Name - conhost.exe Process ID - 14972 Process Identity - KSHITIJSINGHAL-\IWPD_74(suryafla_aw) [11-07-2023 19:34:26] Process Exited: Process Name - WmiPrvSE.exe Process ID - 13572 [11-07-2023 19:34:26] Process Exited: Process Name - WmiPrvSE.exe Process ID - 15320 [11-07-2023 19:34:47] Process Exited: Process Name - SearchProtocolHost.exe Process ID - 15080 [11-07-2023 19:34:47] Process Exited: Process Name - SearchFilterHost.exe Process ID - 15284 [11-07-2023 19:35:51] New process found: Process Name - w3wp.exe Process ID - 856 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [11-07-2023 19:35:51] Process Exited: Process Name - w3wp.exe Process ID - 13472 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [11-07-2023 19:36:09] New process found: Process Name - w3wp.exe Process ID - 1336 Process Identity - KSHITIJSINGHAL-\IWPD_80(acwits) Web application pool name - pharmacy.acwits.in(domain)(4.0)(pool) [11-07-2023 19:36:09] New process found: Process Name - conhost.exe Process ID - 6444 Process Identity - KSHITIJSINGHAL-\IWPD_80(acwits) [11-07-2023 19:37:05] Process Exited: Process Name - conhost.exe Process ID - 884 [11-07-2023 19:37:06] Process Exited: Process Name - w3wp.exe Process ID - 11872 Web application pool name - kdbps.edu.in [11-07-2023 19:38:54] New process found: Process Name - WmiPrvSE.exe Process ID - 1760 Process Identity - NT AUTHORITY\LOCAL SERVICE [11-07-2023 19:39:02] New process found: Process Name - WmiPrvSE.exe Process ID - 9324 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 19:39:24] Process Exited: Process Name - w3wp.exe Process ID - 14340 Web application pool name - procurementwebnew.acwits.in(domain)(4.0)(pool) [11-07-2023 19:39:24] Process Exited: Process Name - conhost.exe Process ID - 14684 [11-07-2023 19:39:57] New process found: Process Name - w3wp.exe Process ID - 13868 Process Identity - KSHITIJSINGHAL-\IWPD_33(acwits) Web application pool name - procurementwebnew.acwits.in(domain)(4.0)(pool) [11-07-2023 19:39:57] New process found: Process Name - conhost.exe Process ID - 13116 Process Identity - KSHITIJSINGHAL-\IWPD_33(acwits) [11-07-2023 19:40:01] Process Exited: Process Name - w3wp.exe Process ID - 13460 Web application pool name - capitalbooks-publishing.com(domain)(4.0)(pool) [11-07-2023 19:40:04] New process found: Process Name - w3wp.exe Process ID - 13220 Process Identity - IIS APPPOOL\kdbps.edu.in Web application pool name - kdbps.edu.in [11-07-2023 19:40:04] New process found: Process Name - conhost.exe Process ID - 4920 Process Identity - IIS APPPOOL\kdbps.edu.in [11-07-2023 19:40:24] Process Exited: Process Name - WmiPrvSE.exe Process ID - 1760 [11-07-2023 19:40:24] Process Exited: Process Name - WmiPrvSE.exe Process ID - 9324 [11-07-2023 19:40:31] New process found: Process Name - w3wp.exe Process ID - 6576 Process Identity - IIS APPPOOL\galaxytools.in Web application pool name - galaxytools.in [11-07-2023 19:40:33] New process found: Process Name - w3wp.exe Process ID - 6604 Process Identity - IIS APPPOOL\DefaultAppPool Web application pool name - DefaultAppPool [11-07-2023 19:40:53] New process found: Process Name - w3wp.exe Process ID - 15236 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [11-07-2023 19:40:53] Process Exited: Process Name - w3wp.exe Process ID - 856 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [11-07-2023 19:41:53] New process found: Process Name - ig-0.exe Process ID - 14796 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 19:41:54] New process found: Process Name - ig-3.exe Process ID - 3456 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 19:41:54] Process Exited: Process Name - ig-0.exe Process ID - 14796 [11-07-2023 19:41:55] New process found: Process Name - ig-6.exe Process ID - 13060 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 19:41:55] Process Exited: Process Name - ig-3.exe Process ID - 3456 [11-07-2023 19:41:56] New process found: Process Name - ig-9.exe Process ID - 1740 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 19:41:56] Process Exited: Process Name - ig-6.exe Process ID - 13060 [11-07-2023 19:41:57] New process found: Process Name - ig-12.exe Process ID - 2640 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 19:41:57] Process Exited: Process Name - ig-9.exe Process ID - 1740 [11-07-2023 19:41:58] New process found: Process Name - ig-15.exe Process ID - 14256 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 19:41:58] Process Exited: Process Name - ig-12.exe Process ID - 2640 [11-07-2023 19:41:59] New process found: Process Name - ig-18.exe Process ID - 14004 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 19:41:59] Process Exited: Process Name - ig-15.exe Process ID - 14256 [11-07-2023 19:42:00] Process Exited: Process Name - ig-18.exe Process ID - 14004 [11-07-2023 19:42:12] Process Exited: Process Name - w3wp.exe Process ID - 1336 Web application pool name - pharmacy.acwits.in(domain)(4.0)(pool) [11-07-2023 19:42:12] Process Exited: Process Name - conhost.exe Process ID - 6444 [11-07-2023 19:42:56] New process found: Process Name - WmiPrvSE.exe Process ID - 15008 Process Identity - NT AUTHORITY\LOCAL SERVICE [11-07-2023 19:43:03] New process found: Process Name - WmiPrvSE.exe Process ID - 8312 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 19:44:27] Process Exited: Process Name - WmiPrvSE.exe Process ID - 8312 [11-07-2023 19:44:27] Process Exited: Process Name - WmiPrvSE.exe Process ID - 15008 [11-07-2023 19:44:57] Process Exited: Process Name - php-cgi.exe Process ID - 12432 [11-07-2023 19:44:57] Process Exited: Process Name - php-cgi.exe Process ID - 13208 [11-07-2023 19:44:58] Process Exited: Process Name - w3wp.exe Process ID - 12916 Web application pool name - PleskControlPanel [11-07-2023 19:45:42] New process found: Process Name - w3wp.exe Process ID - 6620 Process Identity - KSHITIJSINGHAL-\IWPD_6(cies) Web application pool name - cies.org.in(domain)(4.0)(pool) [11-07-2023 19:45:54] New process found: Process Name - w3wp.exe Process ID - 6568 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [11-07-2023 19:45:54] Process Exited: Process Name - w3wp.exe Process ID - 15236 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [11-07-2023 19:46:33] Process Exited: Process Name - w3wp.exe Process ID - 6576 Web application pool name - galaxytools.in [11-07-2023 19:46:35] Process Exited: Process Name - w3wp.exe Process ID - 6604 Web application pool name - DefaultAppPool [11-07-2023 19:47:13] New process found: Process Name - w3wp.exe Process ID - 14748 Process Identity - IIS APPPOOL\galaxytools.in Web application pool name - galaxytools.in [11-07-2023 19:47:33] New process found: Process Name - SearchProtocolHost.exe Process ID - 14980 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 19:47:33] New process found: Process Name - SearchFilterHost.exe Process ID - 10680 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 19:48:47] Process Exited: Process Name - SearchFilterHost.exe Process ID - 10680 [11-07-2023 19:48:47] Process Exited: Process Name - SearchProtocolHost.exe Process ID - 14980 [11-07-2023 19:48:54] New process found: Process Name - WmiPrvSE.exe Process ID - 2680 Process Identity - NT AUTHORITY\LOCAL SERVICE [11-07-2023 19:49:01] New process found: Process Name - WmiPrvSE.exe Process ID - 2056 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 19:49:06] Process Exited: Process Name - conhost.exe Process ID - 4920 [11-07-2023 19:49:06] Process Exited: Process Name - w3wp.exe Process ID - 13220 Web application pool name - kdbps.edu.in [11-07-2023 19:49:57] New process found: Process Name - w3wp.exe Process ID - 8092 Process Identity - IIS APPPOOL\kdbps.edu.in Web application pool name - kdbps.edu.in [11-07-2023 19:49:57] New process found: Process Name - conhost.exe Process ID - 14264 Process Identity - IIS APPPOOL\kdbps.edu.in [11-07-2023 19:50:25] Process Exited: Process Name - WmiPrvSE.exe Process ID - 2056 [11-07-2023 19:50:25] Process Exited: Process Name - WmiPrvSE.exe Process ID - 2680 [11-07-2023 19:50:56] New process found: Process Name - w3wp.exe Process ID - 15052 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [11-07-2023 19:50:56] Process Exited: Process Name - w3wp.exe Process ID - 6568 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [11-07-2023 19:51:45] Process Exited: Process Name - w3wp.exe Process ID - 6620 Web application pool name - cies.org.in(domain)(4.0)(pool) [11-07-2023 19:52:00] New process found: Process Name - w3wp.exe Process ID - 732 Process Identity - KSHITIJSINGHAL-\IWPD_38(capitalbook) Web application pool name - capitalbooks-publishing.com(domain)(4.0)(pool) [11-07-2023 19:52:56] New process found: Process Name - WmiPrvSE.exe Process ID - 13624 Process Identity - NT AUTHORITY\LOCAL SERVICE [11-07-2023 19:53:03] New process found: Process Name - WmiPrvSE.exe Process ID - 14984 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 19:53:15] Process Exited: Process Name - w3wp.exe Process ID - 14748 Web application pool name - galaxytools.in [11-07-2023 19:53:54] New process found: Process Name - w3wp.exe Process ID - 4752 Process Identity - IIS APPPOOL\DefaultAppPool Web application pool name - DefaultAppPool [11-07-2023 19:53:55] New process found: Process Name - w3wp.exe Process ID - 8032 Process Identity - KSHITIJSINGHAL-\IWPD_80(acwits) Web application pool name - pharmacy.acwits.in(domain)(4.0)(pool) [11-07-2023 19:53:55] New process found: Process Name - conhost.exe Process ID - 8040 Process Identity - KSHITIJSINGHAL-\IWPD_80(acwits) [11-07-2023 19:54:26] Process Exited: Process Name - WmiPrvSE.exe Process ID - 13624 [11-07-2023 19:54:26] Process Exited: Process Name - WmiPrvSE.exe Process ID - 14984 [11-07-2023 19:54:55] New process found: Process Name - w3wp.exe Process ID - 11916 Process Identity - KSHITIJSINGHAL-\IWPD_13(perfectbrea) Web application pool name - perfectbread.com(domain)(4.0)(pool) [11-07-2023 19:54:57] New process found: Process Name - conhost.exe Process ID - 15264 Process Identity - KSHITIJSINGHAL-\IWPD_13(perfectbrea) [11-07-2023 19:54:59] Process Exited: Process Name - conhost.exe Process ID - 13116 [11-07-2023 19:54:59] Process Exited: Process Name - w3wp.exe Process ID - 13868 Web application pool name - procurementwebnew.acwits.in(domain)(4.0)(pool) [11-07-2023 19:55:56] New process found: Process Name - w3wp.exe Process ID - 14092 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [11-07-2023 19:55:56] Process Exited: Process Name - w3wp.exe Process ID - 15052 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [11-07-2023 19:56:39] New process found: Process Name - w3wp.exe Process ID - 9068 Process Identity - IIS APPPOOL\PleskControlPanel Web application pool name - PleskControlPanel [11-07-2023 19:56:40] New process found: Process Name - php-cgi.exe Process ID - 14464 Process Identity - IIS APPPOOL\PleskControlPanel [11-07-2023 19:58:03] Process Exited: Process Name - w3wp.exe Process ID - 732 Web application pool name - capitalbooks-publishing.com(domain)(4.0)(pool) [11-07-2023 19:58:13] New process found: Process Name - csrss.exe Process ID - 2092 Process Identity - SYSTEM [11-07-2023 19:58:13] New process found: Process Name - winlogon.exe Process ID - 15196 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 19:58:14] New process found: Process Name - LogonUI.exe Process ID - 14480 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 19:58:14] New process found: Process Name - dwm.exe Process ID - 13888 Process Identity - Window Manager\DWM-4 [11-07-2023 19:58:54] New process found: Process Name - WmiPrvSE.exe Process ID - 11636 Process Identity - NT AUTHORITY\LOCAL SERVICE [11-07-2023 19:59:01] New process found: Process Name - WmiPrvSE.exe Process ID - 6828 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 19:59:02] New process found: Process Name - csrss.exe Process ID - 8300 Process Identity - SYSTEM [11-07-2023 19:59:02] New process found: Process Name - winlogon.exe Process ID - 15284 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 19:59:02] New process found: Process Name - LogonUI.exe Process ID - 14468 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 19:59:02] New process found: Process Name - dwm.exe Process ID - 14080 Process Identity - Window Manager\DWM-5 [11-07-2023 19:59:03] New process found: Process Name - TSTheme.exe Process ID - 12976 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 19:59:03] New process found: Process Name - rdpclip.exe Process ID - 15092 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 19:59:04] New process found: Process Name - taskhostw.exe Process ID - 15296 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 19:59:04] New process found: Process Name - dllhost.exe Process ID - 5708 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 19:59:04] Process Exited: Process Name - csrss.exe Process ID - 8300 [11-07-2023 19:59:04] Process Exited: Process Name - dwm.exe Process ID - 14080 [11-07-2023 19:59:04] Process Exited: Process Name - LogonUI.exe Process ID - 14468 [11-07-2023 19:59:04] Process Exited: Process Name - rdpclip.exe Process ID - 15092 [11-07-2023 19:59:04] Process Exited: Process Name - winlogon.exe Process ID - 15284 [11-07-2023 19:59:04] Service state changed: Service Name - ScDeviceEnum Process ID - 284 Current State - SERVICE_RUNNING [11-07-2023 19:59:09] Process Exited: Process Name - TSTheme.exe Process ID - 12976 [11-07-2023 19:59:14] Process Exited: Process Name - Setup.exe Process ID - 12892 [11-07-2023 19:59:15] Process Exited: Process Name - ServerManager.exe Process ID - 8048 [11-07-2023 19:59:15] Process Exited: Process Name - ndp48-x86-x64-allos-enu.exe Process ID - 12188 [11-07-2023 19:59:16] New process found: Process Name - dllhost.exe Process ID - 6484 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 19:59:16] New process found: Process Name - dllhost.exe Process ID - 14428 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 19:59:20] Process Exited: Process Name - dwm.exe Process ID - 13888 [11-07-2023 19:59:20] Process Exited: Process Name - LogonUI.exe Process ID - 14480 [11-07-2023 19:59:20] Process Exited: Process Name - winlogon.exe Process ID - 15196 [11-07-2023 19:59:21] New process found: Process Name - dllhost.exe Process ID - 12824 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 19:59:21] Process Exited: Process Name - csrss.exe Process ID - 2092 [11-07-2023 19:59:26] Process Exited: Process Name - dllhost.exe Process ID - 6484 [11-07-2023 19:59:26] Process Exited: Process Name - dllhost.exe Process ID - 12824 [11-07-2023 19:59:34] Process Exited: Process Name - taskhostw.exe Process ID - 15296 [11-07-2023 19:59:39] Process Exited: Process Name - dllhost.exe Process ID - 5708 [11-07-2023 19:59:56] Process Exited: Process Name - w3wp.exe Process ID - 4752 Web application pool name - DefaultAppPool [11-07-2023 20:00:24] Process Exited: Process Name - WmiPrvSE.exe Process ID - 6828 [11-07-2023 20:00:24] Process Exited: Process Name - WmiPrvSE.exe Process ID - 11636 [11-07-2023 20:00:25] New process found: Process Name - ndp48-x86-x64-allos-enu.exe Process ID - 13260 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 20:00:57] Process Exited: Process Name - w3wp.exe Process ID - 8032 Web application pool name - pharmacy.acwits.in(domain)(4.0)(pool) [11-07-2023 20:00:57] Process Exited: Process Name - conhost.exe Process ID - 8040 [11-07-2023 20:00:58] New process found: Process Name - w3wp.exe Process ID - 5348 Process Identity - KSHITIJSINGHAL-\IWPD_38(capitalbook) Web application pool name - capitalbooks-publishing.com(domain)(4.0)(pool) [11-07-2023 20:00:58] New process found: Process Name - w3wp.exe Process ID - 9568 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [11-07-2023 20:00:58] Process Exited: Process Name - w3wp.exe Process ID - 11916 Web application pool name - perfectbread.com(domain)(4.0)(pool) [11-07-2023 20:00:58] Process Exited: Process Name - w3wp.exe Process ID - 14092 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [11-07-2023 20:00:58] Process Exited: Process Name - conhost.exe Process ID - 15264 [11-07-2023 20:01:02] New process found: Process Name - Setup.exe Process ID - 10120 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 20:01:02] Service state changed: Service Name - WdiSystemHost Process ID - 284 Current State - SERVICE_RUNNING [11-07-2023 20:01:58] Process Exited: Process Name - ndp48-x86-x64-allos-enu.exe Process ID - 2008 [11-07-2023 20:01:58] Process Exited: Process Name - Setup.exe Process ID - 12984 [11-07-2023 20:02:00] Process Exited: Process Name - Setup.exe Process ID - 10120 [11-07-2023 20:02:00] Process Exited: Process Name - ndp48-x86-x64-allos-enu.exe Process ID - 13260 [11-07-2023 20:02:02] New process found: Process Name - Taskmgr.exe Process ID - 7060 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 20:02:11] New process found: Process Name - TSTheme.exe Process ID - 14384 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 20:02:11] New process found: Process Name - TSTheme.exe Process ID - 4752 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 20:02:12] New process found: Process Name - taskhostw.exe Process ID - 14816 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 20:02:12] New process found: Process Name - dllhost.exe Process ID - 14104 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 20:02:17] Process Exited: Process Name - TSTheme.exe Process ID - 4752 [11-07-2023 20:02:17] Process Exited: Process Name - TSTheme.exe Process ID - 14384 [11-07-2023 20:02:33] New process found: Process Name - ndp48-x86-x64-allos-enu.exe Process ID - 8040 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 20:02:34] New process found: Process Name - SearchProtocolHost.exe Process ID - 14688 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 20:02:34] New process found: Process Name - SearchFilterHost.exe Process ID - 5076 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 20:02:37] New process found: Process Name - w3wp.exe Process ID - 14604 Process Identity - KSHITIJSINGHAL-\IWPD_80(acwits) Web application pool name - pharmacy.acwits.in(domain)(4.0)(pool) [11-07-2023 20:02:37] New process found: Process Name - conhost.exe Process ID - 12356 Process Identity - KSHITIJSINGHAL-\IWPD_80(acwits) [11-07-2023 20:02:43] Process Exited: Process Name - taskhostw.exe Process ID - 14816 [11-07-2023 20:02:48] Process Exited: Process Name - dllhost.exe Process ID - 14104 [11-07-2023 20:03:08] New process found: Process Name - Setup.exe Process ID - 7008 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 20:03:45] New process found: Process Name - dllhost.exe Process ID - 13684 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 20:03:45] New process found: Process Name - dllhost.exe Process ID - 3152 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 20:03:46] New process found: Process Name - dllhost.exe Process ID - 14236 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 20:03:51] Process Exited: Process Name - dllhost.exe Process ID - 13684 [11-07-2023 20:03:51] Process Exited: Process Name - dllhost.exe Process ID - 14236 [11-07-2023 20:04:31] New process found: Process Name - w3wp.exe Process ID - 3456 Process Identity - KSHITIJSINGHAL-\IWPD_33(acwits) Web application pool name - procurementwebnew.acwits.in(domain)(4.0)(pool) [11-07-2023 20:04:31] New process found: Process Name - conhost.exe Process ID - 2676 Process Identity - KSHITIJSINGHAL-\IWPD_33(acwits) [11-07-2023 20:04:47] Process Exited: Process Name - SearchFilterHost.exe Process ID - 5076 [11-07-2023 20:04:47] Process Exited: Process Name - SearchProtocolHost.exe Process ID - 14688 [11-07-2023 20:04:52] New process found: Process Name - dllhost.exe Process ID - 6084 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 20:04:55] New process found: Process Name - TSTheme.exe Process ID - 14108 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 20:04:57] Process Exited: Process Name - dllhost.exe Process ID - 6084 [11-07-2023 20:05:01] Process Exited: Process Name - TSTheme.exe Process ID - 14108 [11-07-2023 20:05:31] New process found: Process Name - w3wp.exe Process ID - 15064 Process Identity - KSHITIJSINGHAL-\IWPD_67(justprew_2v) Web application pool name - justprewedding.com(domain)(4.0)(pool) [11-07-2023 20:05:31] New process found: Process Name - conhost.exe Process ID - 7072 Process Identity - KSHITIJSINGHAL-\IWPD_67(justprew_2v) [11-07-2023 20:05:57] Process Exited: Process Name - w3wp.exe Process ID - 8092 Web application pool name - kdbps.edu.in [11-07-2023 20:05:57] Process Exited: Process Name - conhost.exe Process ID - 14264 [11-07-2023 20:05:57] Service state changed: Service Name - ScDeviceEnum Process ID - 0 Current State - SERVICE_STOPPED [11-07-2023 20:05:59] New process found: Process Name - w3wp.exe Process ID - 9232 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [11-07-2023 20:05:59] Process Exited: Process Name - w3wp.exe Process ID - 9568 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [11-07-2023 20:06:07] New process found: Process Name - w3wp.exe Process ID - 5588 Process Identity - IIS APPPOOL\DefaultAppPool Web application pool name - DefaultAppPool [11-07-2023 20:07:00] Process Exited: Process Name - w3wp.exe Process ID - 5348 Web application pool name - capitalbooks-publishing.com(domain)(4.0)(pool) [11-07-2023 20:07:23] Process Exited: Process Name - dllhost.exe Process ID - 14428 [11-07-2023 20:07:50] New process found: Process Name - w3wp.exe Process ID - 11684 Process Identity - IIS APPPOOL\kdbps.edu.in Web application pool name - kdbps.edu.in [11-07-2023 20:07:50] New process found: Process Name - conhost.exe Process ID - 12924 Process Identity - IIS APPPOOL\kdbps.edu.in [11-07-2023 20:08:37] Process Exited: Process Name - conhost.exe Process ID - 12356 [11-07-2023 20:08:37] Process Exited: Process Name - w3wp.exe Process ID - 14604 Web application pool name - pharmacy.acwits.in(domain)(4.0)(pool) [11-07-2023 20:08:44] New process found: Process Name - w3wp.exe Process ID - 14700 Process Identity - IIS APPPOOL\galaxytools.in Web application pool name - galaxytools.in [11-07-2023 20:08:54] New process found: Process Name - WmiPrvSE.exe Process ID - 4980 Process Identity - NT AUTHORITY\LOCAL SERVICE [11-07-2023 20:09:02] New process found: Process Name - WmiPrvSE.exe Process ID - 13740 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 20:10:24] Process Exited: Process Name - WmiPrvSE.exe Process ID - 4980 [11-07-2023 20:10:24] Process Exited: Process Name - WmiPrvSE.exe Process ID - 13740 [11-07-2023 20:11:01] New process found: Process Name - w3wp.exe Process ID - 15056 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [11-07-2023 20:11:01] Process Exited: Process Name - w3wp.exe Process ID - 9232 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [11-07-2023 20:11:33] Process Exited: Process Name - conhost.exe Process ID - 7072 [11-07-2023 20:11:33] Process Exited: Process Name - w3wp.exe Process ID - 15064 Web application pool name - justprewedding.com(domain)(4.0)(pool) [11-07-2023 20:11:52] Process Exited: Process Name - dllhost.exe Process ID - 3152 [11-07-2023 20:12:09] Process Exited: Process Name - w3wp.exe Process ID - 5588 Web application pool name - DefaultAppPool [11-07-2023 20:12:25] New process found: Process Name - w3wp.exe Process ID - 12340 Process Identity - KSHITIJSINGHAL-\IWPD_69(acwits) Web application pool name - imarc.acwits.in(domain)(4.0)(pool) [11-07-2023 20:12:25] New process found: Process Name - where.exe Process ID - 7288 Process Identity - KSHITIJSINGHAL-\IWPD_69(acwits) [11-07-2023 20:12:25] New process found: Process Name - conhost.exe Process ID - 2896 Process Identity - KSHITIJSINGHAL-\IWPD_69(acwits) [11-07-2023 20:12:26] New process found: Process Name - conhost.exe Process ID - 13632 Process Identity - KSHITIJSINGHAL-\IWPD_69(acwits) [11-07-2023 20:12:26] Process Exited: Process Name - conhost.exe Process ID - 2896 [11-07-2023 20:12:26] Process Exited: Process Name - where.exe Process ID - 7288 [11-07-2023 20:13:54] Service state changed: Service Name - wuauserv Process ID - 1120 Current State - SERVICE_RUNNING [11-07-2023 20:15:08] New process found: Process Name - w3wp.exe Process ID - 7288 Process Identity - IIS APPPOOL\DefaultAppPool Web application pool name - DefaultAppPool [11-07-2023 20:15:32] Process Exited: Process Name - conhost.exe Process ID - 2676 [11-07-2023 20:15:32] Process Exited: Process Name - w3wp.exe Process ID - 3456 Web application pool name - procurementwebnew.acwits.in(domain)(4.0)(pool) [11-07-2023 20:15:38] New process found: Process Name - w3wp.exe Process ID - 4988 Process Identity - KSHITIJSINGHAL-\IWPD_33(acwits) Web application pool name - procurementwebnew.acwits.in(domain)(4.0)(pool) [11-07-2023 20:15:38] New process found: Process Name - conhost.exe Process ID - 14244 Process Identity - KSHITIJSINGHAL-\IWPD_33(acwits) [11-07-2023 20:16:02] New process found: Process Name - w3wp.exe Process ID - 7740 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [11-07-2023 20:16:02] Process Exited: Process Name - w3wp.exe Process ID - 15056 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [11-07-2023 20:17:33] New process found: Process Name - SearchProtocolHost.exe Process ID - 15208 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 20:17:33] New process found: Process Name - SearchFilterHost.exe Process ID - 2964 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 20:17:47] Process Exited: Process Name - w3wp.exe Process ID - 14700 Web application pool name - galaxytools.in [11-07-2023 20:17:52] Process Exited: Process Name - w3wp.exe Process ID - 11684 Web application pool name - kdbps.edu.in [11-07-2023 20:17:52] Process Exited: Process Name - conhost.exe Process ID - 12924 [11-07-2023 20:18:18] New process found: Process Name - w3wp.exe Process ID - 15324 Process Identity - IIS APPPOOL\kdbps.edu.in Web application pool name - kdbps.edu.in [11-07-2023 20:18:18] New process found: Process Name - where.exe Process ID - 7968 Process Identity - IIS APPPOOL\kdbps.edu.in [11-07-2023 20:18:18] New process found: Process Name - conhost.exe Process ID - 9204 Process Identity - IIS APPPOOL\kdbps.edu.in [11-07-2023 20:18:19] New process found: Process Name - conhost.exe Process ID - 7420 Process Identity - IIS APPPOOL\kdbps.edu.in [11-07-2023 20:18:19] Process Exited: Process Name - where.exe Process ID - 7968 [11-07-2023 20:18:19] Process Exited: Process Name - conhost.exe Process ID - 9204 [11-07-2023 20:18:47] Process Exited: Process Name - SearchFilterHost.exe Process ID - 2964 [11-07-2023 20:18:47] Process Exited: Process Name - SearchProtocolHost.exe Process ID - 15208 [11-07-2023 20:18:54] New process found: Process Name - WmiPrvSE.exe Process ID - 3380 Process Identity - NT AUTHORITY\LOCAL SERVICE [11-07-2023 20:19:01] New process found: Process Name - WmiPrvSE.exe Process ID - 4984 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 20:19:09] New process found: Process Name - w3wp.exe Process ID - 13384 Process Identity - IIS APPPOOL\galaxytools.in Web application pool name - galaxytools.in [11-07-2023 20:19:13] New process found: Process Name - w3wp.exe Process ID - 14364 Process Identity - KSHITIJSINGHAL-\IWPD_6(cies) Web application pool name - cies.org.in(domain)(4.0)(pool) [11-07-2023 20:19:39] New process found: Process Name - w3wp.exe Process ID - 14236 Process Identity - KSHITIJSINGHAL-\IWPD_67(justprew_2v) Web application pool name - justprewedding.com(domain)(4.0)(pool) [11-07-2023 20:19:39] New process found: Process Name - conhost.exe Process ID - 8816 Process Identity - KSHITIJSINGHAL-\IWPD_67(justprew_2v) [11-07-2023 20:20:18] New process found: Process Name - w3wp.exe Process ID - 13020 Process Identity - KSHITIJSINGHAL-\IWPD_13(perfectbrea) Web application pool name - perfectbread.com(domain)(4.0)(pool) [11-07-2023 20:20:18] New process found: Process Name - conhost.exe Process ID - 2760 Process Identity - KSHITIJSINGHAL-\IWPD_13(perfectbrea) [11-07-2023 20:20:24] Process Exited: Process Name - WmiPrvSE.exe Process ID - 3380 [11-07-2023 20:20:24] Process Exited: Process Name - WmiPrvSE.exe Process ID - 4984 [11-07-2023 20:21:03] New process found: Process Name - w3wp.exe Process ID - 5148 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [11-07-2023 20:21:03] Process Exited: Process Name - w3wp.exe Process ID - 7740 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [11-07-2023 20:21:09] Process Exited: Process Name - w3wp.exe Process ID - 7288 Web application pool name - DefaultAppPool [11-07-2023 20:23:55] Service state changed: Service Name - wuauserv Process ID - 0 Current State - SERVICE_STOPPED [11-07-2023 20:24:05] New process found: Process Name - w3wp.exe Process ID - 14700 Process Identity - IIS APPPOOL\DefaultAppPool Web application pool name - DefaultAppPool [11-07-2023 20:25:41] Process Exited: Process Name - conhost.exe Process ID - 8816 [11-07-2023 20:25:41] Process Exited: Process Name - w3wp.exe Process ID - 14236 Web application pool name - justprewedding.com(domain)(4.0)(pool) [11-07-2023 20:26:04] New process found: Process Name - w3wp.exe Process ID - 15708 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [11-07-2023 20:26:04] Process Exited: Process Name - w3wp.exe Process ID - 5148 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [11-07-2023 20:26:15] Process Exited: Process Name - w3wp.exe Process ID - 14364 Web application pool name - cies.org.in(domain)(4.0)(pool) [11-07-2023 20:26:20] Process Exited: Process Name - conhost.exe Process ID - 2760 [11-07-2023 20:26:20] Process Exited: Process Name - w3wp.exe Process ID - 13020 Web application pool name - perfectbread.com(domain)(4.0)(pool) [11-07-2023 20:27:40] Process Exited: Process Name - php-cgi.exe Process ID - 14464 [11-07-2023 20:27:41] Process Exited: Process Name - w3wp.exe Process ID - 9068 Web application pool name - PleskControlPanel [11-07-2023 20:28:12] Process Exited: Process Name - w3wp.exe Process ID - 13384 Web application pool name - galaxytools.in [11-07-2023 20:28:54] New process found: Process Name - WmiPrvSE.exe Process ID - 6656 Process Identity - NT AUTHORITY\LOCAL SERVICE [11-07-2023 20:29:01] New process found: Process Name - WmiPrvSE.exe Process ID - 15972 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 20:29:45] Service state changed: Service Name - WdiSystemHost Process ID - 0 Current State - SERVICE_STOPPED [11-07-2023 20:30:24] Process Exited: Process Name - WmiPrvSE.exe Process ID - 6656 [11-07-2023 20:30:24] Process Exited: Process Name - WmiPrvSE.exe Process ID - 15972 [11-07-2023 20:30:58] New process found: Process Name - w3wp.exe Process ID - 16296 Process Identity - KSHITIJSINGHAL-\IWPD_38(capitalbook) Web application pool name - capitalbooks-publishing.com(domain)(4.0)(pool) [11-07-2023 20:31:05] New process found: Process Name - w3wp.exe Process ID - 2236 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [11-07-2023 20:31:05] Process Exited: Process Name - w3wp.exe Process ID - 15708 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [11-07-2023 20:31:26] Process Exited: Process Name - w3wp.exe Process ID - 12340 Web application pool name - imarc.acwits.in(domain)(4.0)(pool) [11-07-2023 20:31:26] Process Exited: Process Name - conhost.exe Process ID - 13632 [11-07-2023 20:31:42] New process found: Process Name - w3wp.exe Process ID - 15492 Process Identity - IIS APPPOOL\galaxytools.in Web application pool name - galaxytools.in [11-07-2023 20:31:43] New process found: Process Name - csc.exe Process ID - 15524 Process Identity - IIS APPPOOL\galaxytools.in [11-07-2023 20:31:43] New process found: Process Name - conhost.exe Process ID - 2316 Process Identity - IIS APPPOOL\galaxytools.in [11-07-2023 20:31:43] New process found: Process Name - VBCSCompiler.exe Process ID - 15456 Process Identity - IIS APPPOOL\galaxytools.in [11-07-2023 20:31:43] New process found: Process Name - conhost.exe Process ID - 2904 Process Identity - IIS APPPOOL\galaxytools.in [11-07-2023 20:31:47] Process Exited: Process Name - conhost.exe Process ID - 2316 [11-07-2023 20:31:47] Process Exited: Process Name - csc.exe Process ID - 15524 [11-07-2023 20:31:57] Process Exited: Process Name - conhost.exe Process ID - 2904 [11-07-2023 20:31:57] Process Exited: Process Name - VBCSCompiler.exe Process ID - 15456 [11-07-2023 20:32:08] New process found: Process Name - w3wp.exe Process ID - 12316 Process Identity - KSHITIJSINGHAL-\IWPD_67(justprew_2v) Web application pool name - justprewedding.com(domain)(4.0)(pool) [11-07-2023 20:32:34] New process found: Process Name - SearchProtocolHost.exe Process ID - 16148 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 20:32:34] New process found: Process Name - SearchFilterHost.exe Process ID - 15532 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 20:32:37] New process found: Process Name - MusNotification.exe Process ID - 14240 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 20:32:37] Service state changed: Service Name - wisvc Process ID - 1120 Current State - SERVICE_RUNNING [11-07-2023 20:32:37] Service state changed: Service Name - wuauserv Process ID - 1120 Current State - SERVICE_RUNNING [11-07-2023 20:32:38] Process Exited: Process Name - MusNotification.exe Process ID - 14240 [11-07-2023 20:33:44] Service state changed: Service Name - wisvc Process ID - 0 Current State - SERVICE_STOPPED [11-07-2023 20:34:40] Process Exited: Process Name - w3wp.exe Process ID - 4988 Web application pool name - procurementwebnew.acwits.in(domain)(4.0)(pool) [11-07-2023 20:34:40] Process Exited: Process Name - conhost.exe Process ID - 14244 [11-07-2023 20:34:47] Process Exited: Process Name - SearchFilterHost.exe Process ID - 15532 [11-07-2023 20:34:47] Process Exited: Process Name - SearchProtocolHost.exe Process ID - 16148 [11-07-2023 20:35:08] Process Exited: Process Name - w3wp.exe Process ID - 14700 Web application pool name - DefaultAppPool [11-07-2023 20:35:52] New process found: Process Name - w3wp.exe Process ID - 15704 Process Identity - IIS APPPOOL\PleskControlPanel Web application pool name - PleskControlPanel [11-07-2023 20:35:52] New process found: Process Name - php-cgi.exe Process ID - 14964 Process Identity - IIS APPPOOL\PleskControlPanel [11-07-2023 20:36:07] New process found: Process Name - w3wp.exe Process ID - 16008 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [11-07-2023 20:36:07] Process Exited: Process Name - w3wp.exe Process ID - 2236 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [11-07-2023 20:36:38] New process found: Process Name - w3wp.exe Process ID - 8780 Process Identity - KSHITIJSINGHAL-\IWPD_33(acwits) Web application pool name - procurementwebnew.acwits.in(domain)(4.0)(pool) [11-07-2023 20:36:39] New process found: Process Name - conhost.exe Process ID - 16120 Process Identity - KSHITIJSINGHAL-\IWPD_33(acwits) [11-07-2023 20:37:00] Process Exited: Process Name - w3wp.exe Process ID - 16296 Web application pool name - capitalbooks-publishing.com(domain)(4.0)(pool) [11-07-2023 20:38:09] Process Exited: Process Name - w3wp.exe Process ID - 12316 Web application pool name - justprewedding.com(domain)(4.0)(pool) [11-07-2023 20:38:55] New process found: Process Name - WmiPrvSE.exe Process ID - 5108 Process Identity - NT AUTHORITY\LOCAL SERVICE [11-07-2023 20:39:02] New process found: Process Name - WmiPrvSE.exe Process ID - 16148 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 20:39:27] Process Exited: Process Name - w3wp.exe Process ID - 8608 Web application pool name - suryaflame.com(domain)(4.0)(pool) [11-07-2023 20:39:27] Process Exited: Process Name - conhost.exe Process ID - 14972 [11-07-2023 20:40:24] Process Exited: Process Name - WmiPrvSE.exe Process ID - 5108 [11-07-2023 20:40:24] Process Exited: Process Name - WmiPrvSE.exe Process ID - 16148 [11-07-2023 20:41:08] New process found: Process Name - w3wp.exe Process ID - 13816 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [11-07-2023 20:41:08] Process Exited: Process Name - w3wp.exe Process ID - 16008 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [11-07-2023 20:41:20] New process found: Process Name - w3wp.exe Process ID - 16136 Process Identity - KSHITIJSINGHAL-\IWPD_74(suryafla_aw) Web application pool name - suryaflame.com(domain)(4.0)(pool) [11-07-2023 20:41:28] New process found: Process Name - conhost.exe Process ID - 1704 Process Identity - KSHITIJSINGHAL-\IWPD_74(suryafla_aw) [11-07-2023 20:42:45] Service state changed: Service Name - wuauserv Process ID - 0 Current State - SERVICE_STOPPED [11-07-2023 20:43:45] Process Exited: Process Name - w3wp.exe Process ID - 15492 Web application pool name - galaxytools.in [11-07-2023 20:43:56] New process found: Process Name - w3wp.exe Process ID - 8800 Process Identity - IIS APPPOOL\galaxytools.in Web application pool name - galaxytools.in [11-07-2023 20:44:51] New process found: Process Name - w3wp.exe Process ID - 14276 Process Identity - IIS APPPOOL\DefaultAppPool Web application pool name - DefaultAppPool [11-07-2023 20:44:52] New process found: Process Name - w3wp.exe Process ID - 14388 Process Identity - KSHITIJSINGHAL-\IWPD_67(justprew_2v) Web application pool name - justprewedding.com(domain)(4.0)(pool) [11-07-2023 20:44:52] New process found: Process Name - where.exe Process ID - 6916 Process Identity - KSHITIJSINGHAL-\IWPD_67(justprew_2v) [11-07-2023 20:44:52] New process found: Process Name - conhost.exe Process ID - 15684 Process Identity - KSHITIJSINGHAL-\IWPD_67(justprew_2v) [11-07-2023 20:44:53] New process found: Process Name - conhost.exe Process ID - 8568 Process Identity - KSHITIJSINGHAL-\IWPD_67(justprew_2v) [11-07-2023 20:44:53] Process Exited: Process Name - where.exe Process ID - 6916 [11-07-2023 20:44:53] Process Exited: Process Name - conhost.exe Process ID - 15684 [11-07-2023 20:45:16] New process found: Process Name - w3wp.exe Process ID - 8848 Process Identity - KSHITIJSINGHAL-\IWPD_76(organicdisr) Web application pool name - organicdisruption.org(domain)(4.0)(pool) [11-07-2023 20:45:16] New process found: Process Name - conhost.exe Process ID - 6912 Process Identity - KSHITIJSINGHAL-\IWPD_76(organicdisr) [11-07-2023 20:46:10] New process found: Process Name - w3wp.exe Process ID - 11684 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [11-07-2023 20:46:10] Process Exited: Process Name - w3wp.exe Process ID - 13816 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [11-07-2023 20:46:47] New process found: Process Name - w3wp.exe Process ID - 12596 Process Identity - KSHITIJSINGHAL-\IWPD_13(perfectbrea) Web application pool name - perfectbread.com(domain)(4.0)(pool) [11-07-2023 20:46:48] New process found: Process Name - conhost.exe Process ID - 16264 Process Identity - KSHITIJSINGHAL-\IWPD_13(perfectbrea) [11-07-2023 20:48:54] New process found: Process Name - WmiPrvSE.exe Process ID - 1320 Process Identity - NT AUTHORITY\LOCAL SERVICE [11-07-2023 20:49:01] New process found: Process Name - WmiPrvSE.exe Process ID - 3476 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 20:49:20] Process Exited: Process Name - conhost.exe Process ID - 7420 [11-07-2023 20:49:20] Process Exited: Process Name - w3wp.exe Process ID - 15324 Web application pool name - kdbps.edu.in [11-07-2023 20:50:24] Process Exited: Process Name - WmiPrvSE.exe Process ID - 1320 [11-07-2023 20:50:24] Process Exited: Process Name - WmiPrvSE.exe Process ID - 3476 [11-07-2023 20:50:52] Process Exited: Process Name - w3wp.exe Process ID - 14276 Web application pool name - DefaultAppPool [11-07-2023 20:50:54] Process Exited: Process Name - conhost.exe Process ID - 8568 [11-07-2023 20:50:54] Process Exited: Process Name - w3wp.exe Process ID - 14388 Web application pool name - justprewedding.com(domain)(4.0)(pool) [11-07-2023 20:51:10] New process found: Process Name - w3wp.exe Process ID - 13092 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [11-07-2023 20:51:10] Process Exited: Process Name - w3wp.exe Process ID - 11684 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [11-07-2023 20:51:18] Process Exited: Process Name - conhost.exe Process ID - 6912 [11-07-2023 20:51:18] Process Exited: Process Name - w3wp.exe Process ID - 8848 Web application pool name - organicdisruption.org(domain)(4.0)(pool) [11-07-2023 20:51:57] New process found: Process Name - w3wp.exe Process ID - 8744 Process Identity - IIS APPPOOL\kdbps.edu.in Web application pool name - kdbps.edu.in [11-07-2023 20:51:58] New process found: Process Name - conhost.exe Process ID - 15700 Process Identity - IIS APPPOOL\kdbps.edu.in [11-07-2023 20:52:49] Process Exited: Process Name - w3wp.exe Process ID - 12596 Web application pool name - perfectbread.com(domain)(4.0)(pool) [11-07-2023 20:52:49] Process Exited: Process Name - conhost.exe Process ID - 16264 [11-07-2023 20:52:59] Process Exited: Process Name - w3wp.exe Process ID - 8800 Web application pool name - galaxytools.in [11-07-2023 20:53:41] Process Exited: Process Name - w3wp.exe Process ID - 8780 Web application pool name - procurementwebnew.acwits.in(domain)(4.0)(pool) [11-07-2023 20:53:41] Process Exited: Process Name - conhost.exe Process ID - 16120 [11-07-2023 20:55:19] New process found: Process Name - w3wp.exe Process ID - 7572 Process Identity - IIS APPPOOL\galaxytools.in Web application pool name - galaxytools.in [11-07-2023 20:55:57] New process found: Process Name - w3wp.exe Process ID - 8884 Process Identity - KSHITIJSINGHAL-\IWPD_77(acwits) Web application pool name - kdb.acwits.in(domain)(4.0)(pool) [11-07-2023 20:55:57] New process found: Process Name - conhost.exe Process ID - 5180 Process Identity - KSHITIJSINGHAL-\IWPD_77(acwits) [11-07-2023 20:56:12] New process found: Process Name - w3wp.exe Process ID - 4104 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [11-07-2023 20:56:12] Process Exited: Process Name - w3wp.exe Process ID - 13092 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [11-07-2023 20:58:54] New process found: Process Name - WmiPrvSE.exe Process ID - 9320 Process Identity - NT AUTHORITY\LOCAL SERVICE [11-07-2023 20:59:02] New process found: Process Name - WmiPrvSE.exe Process ID - 15812 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 20:59:14] New process found: Process Name - csrss.exe Process ID - 2600 Process Identity - SYSTEM [11-07-2023 20:59:14] New process found: Process Name - winlogon.exe Process ID - 14368 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 20:59:15] New process found: Process Name - LogonUI.exe Process ID - 1556 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 20:59:15] New process found: Process Name - dwm.exe Process ID - 2760 Process Identity - Window Manager\DWM-4 [11-07-2023 20:59:28] Process Exited: Process Name - LogonUI.exe Process ID - 1556 [11-07-2023 20:59:28] Process Exited: Process Name - csrss.exe Process ID - 2600 [11-07-2023 20:59:28] Process Exited: Process Name - dwm.exe Process ID - 2760 [11-07-2023 20:59:28] Process Exited: Process Name - winlogon.exe Process ID - 14368 [11-07-2023 20:59:29] New process found: Process Name - csrss.exe Process ID - 14636 Process Identity - SYSTEM [11-07-2023 20:59:29] New process found: Process Name - winlogon.exe Process ID - 14656 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 20:59:30] New process found: Process Name - LogonUI.exe Process ID - 15328 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 20:59:30] New process found: Process Name - dwm.exe Process ID - 4108 Process Identity - Window Manager\DWM-4 [11-07-2023 20:59:43] Process Exited: Process Name - dwm.exe Process ID - 4108 [11-07-2023 20:59:43] Process Exited: Process Name - csrss.exe Process ID - 14636 [11-07-2023 20:59:43] Process Exited: Process Name - winlogon.exe Process ID - 14656 [11-07-2023 20:59:43] Process Exited: Process Name - LogonUI.exe Process ID - 15328 [11-07-2023 20:59:44] New process found: Process Name - csrss.exe Process ID - 14820 Process Identity - SYSTEM [11-07-2023 20:59:44] New process found: Process Name - winlogon.exe Process ID - 12104 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 20:59:45] New process found: Process Name - LogonUI.exe Process ID - 3380 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 20:59:45] New process found: Process Name - dwm.exe Process ID - 14628 Process Identity - Window Manager\DWM-4 [11-07-2023 20:59:57] Process Exited: Process Name - LogonUI.exe Process ID - 3380 [11-07-2023 20:59:57] Process Exited: Process Name - dwm.exe Process ID - 14628 [11-07-2023 20:59:58] Process Exited: Process Name - winlogon.exe Process ID - 12104 [11-07-2023 20:59:58] Process Exited: Process Name - csrss.exe Process ID - 14820 [11-07-2023 21:00:00] New process found: Process Name - csrss.exe Process ID - 5776 Process Identity - SYSTEM [11-07-2023 21:00:00] New process found: Process Name - winlogon.exe Process ID - 11984 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:00:01] New process found: Process Name - LogonUI.exe Process ID - 2064 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:00:01] New process found: Process Name - dwm.exe Process ID - 6420 Process Identity - Window Manager\DWM-4 [11-07-2023 21:00:12] Process Exited: Process Name - LogonUI.exe Process ID - 2064 [11-07-2023 21:00:12] Process Exited: Process Name - dwm.exe Process ID - 6420 [11-07-2023 21:00:12] Process Exited: Process Name - winlogon.exe Process ID - 11984 [11-07-2023 21:00:13] Process Exited: Process Name - csrss.exe Process ID - 5776 [11-07-2023 21:00:14] New process found: Process Name - csrss.exe Process ID - 13548 Process Identity - SYSTEM [11-07-2023 21:00:14] New process found: Process Name - winlogon.exe Process ID - 15464 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:00:15] New process found: Process Name - LogonUI.exe Process ID - 608 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:00:15] New process found: Process Name - dwm.exe Process ID - 15880 Process Identity - Window Manager\DWM-4 [11-07-2023 21:00:24] Process Exited: Process Name - WmiPrvSE.exe Process ID - 9320 [11-07-2023 21:00:24] Process Exited: Process Name - WmiPrvSE.exe Process ID - 15812 [11-07-2023 21:00:27] Process Exited: Process Name - LogonUI.exe Process ID - 608 [11-07-2023 21:00:27] Process Exited: Process Name - winlogon.exe Process ID - 15464 [11-07-2023 21:00:27] Process Exited: Process Name - dwm.exe Process ID - 15880 [11-07-2023 21:00:28] Process Exited: Process Name - csrss.exe Process ID - 13548 [11-07-2023 21:00:30] New process found: Process Name - csrss.exe Process ID - 9548 Process Identity - SYSTEM [11-07-2023 21:00:30] New process found: Process Name - winlogon.exe Process ID - 8600 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:00:32] New process found: Process Name - LogonUI.exe Process ID - 7688 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:00:32] New process found: Process Name - dwm.exe Process ID - 15424 Process Identity - Window Manager\DWM-4 [11-07-2023 21:00:42] Process Exited: Process Name - LogonUI.exe Process ID - 7688 [11-07-2023 21:00:42] Process Exited: Process Name - winlogon.exe Process ID - 8600 [11-07-2023 21:00:42] Process Exited: Process Name - csrss.exe Process ID - 9548 [11-07-2023 21:00:42] Process Exited: Process Name - dwm.exe Process ID - 15424 [11-07-2023 21:00:44] New process found: Process Name - csrss.exe Process ID - 8052 Process Identity - SYSTEM [11-07-2023 21:00:44] New process found: Process Name - winlogon.exe Process ID - 5088 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:00:45] New process found: Process Name - LogonUI.exe Process ID - 15372 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:00:45] New process found: Process Name - dwm.exe Process ID - 2640 Process Identity - Window Manager\DWM-4 [11-07-2023 21:00:57] Process Exited: Process Name - dwm.exe Process ID - 2640 [11-07-2023 21:00:57] Process Exited: Process Name - winlogon.exe Process ID - 5088 [11-07-2023 21:00:57] Process Exited: Process Name - csrss.exe Process ID - 8052 [11-07-2023 21:00:57] Process Exited: Process Name - LogonUI.exe Process ID - 15372 [11-07-2023 21:00:58] New process found: Process Name - w3wp.exe Process ID - 2824 Process Identity - KSHITIJSINGHAL-\IWPD_38(capitalbook) Web application pool name - capitalbooks-publishing.com(domain)(4.0)(pool) [11-07-2023 21:00:59] New process found: Process Name - csrss.exe Process ID - 15408 Process Identity - SYSTEM [11-07-2023 21:00:59] New process found: Process Name - winlogon.exe Process ID - 13316 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:00:59] New process found: Process Name - LogonUI.exe Process ID - 8876 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:00:59] New process found: Process Name - dwm.exe Process ID - 14112 Process Identity - Window Manager\DWM-4 [11-07-2023 21:01:12] Process Exited: Process Name - LogonUI.exe Process ID - 8876 [11-07-2023 21:01:12] Process Exited: Process Name - winlogon.exe Process ID - 13316 [11-07-2023 21:01:12] Process Exited: Process Name - dwm.exe Process ID - 14112 [11-07-2023 21:01:12] Process Exited: Process Name - csrss.exe Process ID - 15408 [11-07-2023 21:01:13] New process found: Process Name - w3wp.exe Process ID - 8928 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [11-07-2023 21:01:13] Process Exited: Process Name - w3wp.exe Process ID - 4104 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [11-07-2023 21:01:14] New process found: Process Name - csrss.exe Process ID - 9460 Process Identity - SYSTEM [11-07-2023 21:01:14] New process found: Process Name - winlogon.exe Process ID - 13672 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:01:15] New process found: Process Name - LogonUI.exe Process ID - 15168 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:01:15] New process found: Process Name - dwm.exe Process ID - 15896 Process Identity - Window Manager\DWM-4 [11-07-2023 21:01:27] Process Exited: Process Name - csrss.exe Process ID - 9460 [11-07-2023 21:01:27] Process Exited: Process Name - winlogon.exe Process ID - 13672 [11-07-2023 21:01:27] Process Exited: Process Name - LogonUI.exe Process ID - 15168 [11-07-2023 21:01:27] Process Exited: Process Name - dwm.exe Process ID - 15896 [11-07-2023 21:01:28] New process found: Process Name - smss.exe Process ID - 15524 Process Identity - SYSTEM [11-07-2023 21:01:28] New process found: Process Name - csrss.exe Process ID - 13624 Process Identity - SYSTEM [11-07-2023 21:01:29] New process found: Process Name - winlogon.exe Process ID - 15508 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:01:29] New process found: Process Name - LogonUI.exe Process ID - 6612 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:01:29] New process found: Process Name - dwm.exe Process ID - 15404 Process Identity - Window Manager\DWM-4 [11-07-2023 21:01:29] Process Exited: Process Name - smss.exe Process ID - 15524 [11-07-2023 21:01:42] Process Exited: Process Name - LogonUI.exe Process ID - 6612 [11-07-2023 21:01:42] Process Exited: Process Name - csrss.exe Process ID - 13624 [11-07-2023 21:01:42] Process Exited: Process Name - dwm.exe Process ID - 15404 [11-07-2023 21:01:42] Process Exited: Process Name - winlogon.exe Process ID - 15508 [11-07-2023 21:01:44] New process found: Process Name - csrss.exe Process ID - 5648 Process Identity - SYSTEM [11-07-2023 21:01:44] New process found: Process Name - winlogon.exe Process ID - 14680 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:01:45] New process found: Process Name - LogonUI.exe Process ID - 5800 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:01:45] New process found: Process Name - dwm.exe Process ID - 15804 Process Identity - Window Manager\DWM-4 [11-07-2023 21:01:57] Process Exited: Process Name - csrss.exe Process ID - 5648 [11-07-2023 21:01:57] Process Exited: Process Name - LogonUI.exe Process ID - 5800 [11-07-2023 21:01:57] Process Exited: Process Name - winlogon.exe Process ID - 14680 [11-07-2023 21:01:57] Process Exited: Process Name - dwm.exe Process ID - 15804 [11-07-2023 21:01:58] Process Exited: Process Name - conhost.exe Process ID - 5180 [11-07-2023 21:01:58] Process Exited: Process Name - w3wp.exe Process ID - 8884 Web application pool name - kdb.acwits.in(domain)(4.0)(pool) [11-07-2023 21:01:59] New process found: Process Name - csrss.exe Process ID - 676 Process Identity - SYSTEM [11-07-2023 21:01:59] New process found: Process Name - winlogon.exe Process ID - 7664 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:01:59] New process found: Process Name - LogonUI.exe Process ID - 6648 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:01:59] New process found: Process Name - dwm.exe Process ID - 14236 Process Identity - Window Manager\DWM-4 [11-07-2023 21:02:12] Process Exited: Process Name - csrss.exe Process ID - 676 [11-07-2023 21:02:12] Process Exited: Process Name - LogonUI.exe Process ID - 6648 [11-07-2023 21:02:12] Process Exited: Process Name - winlogon.exe Process ID - 7664 [11-07-2023 21:02:12] Process Exited: Process Name - dwm.exe Process ID - 14236 [11-07-2023 21:02:14] New process found: Process Name - csrss.exe Process ID - 6828 Process Identity - SYSTEM [11-07-2023 21:02:14] New process found: Process Name - winlogon.exe Process ID - 13888 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:02:15] New process found: Process Name - LogonUI.exe Process ID - 12556 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:02:15] New process found: Process Name - dwm.exe Process ID - 5792 Process Identity - Window Manager\DWM-4 [11-07-2023 21:02:27] Process Exited: Process Name - dwm.exe Process ID - 5792 [11-07-2023 21:02:27] Process Exited: Process Name - csrss.exe Process ID - 6828 [11-07-2023 21:02:27] Process Exited: Process Name - LogonUI.exe Process ID - 12556 [11-07-2023 21:02:27] Process Exited: Process Name - winlogon.exe Process ID - 13888 [11-07-2023 21:02:29] New process found: Process Name - csrss.exe Process ID - 13804 Process Identity - SYSTEM [11-07-2023 21:02:29] New process found: Process Name - winlogon.exe Process ID - 13404 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:02:30] New process found: Process Name - LogonUI.exe Process ID - 6284 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:02:30] New process found: Process Name - dwm.exe Process ID - 15600 Process Identity - Window Manager\DWM-4 [11-07-2023 21:02:42] Process Exited: Process Name - LogonUI.exe Process ID - 6284 [11-07-2023 21:02:42] Process Exited: Process Name - winlogon.exe Process ID - 13404 [11-07-2023 21:02:42] Process Exited: Process Name - csrss.exe Process ID - 13804 [11-07-2023 21:02:42] Process Exited: Process Name - dwm.exe Process ID - 15600 [11-07-2023 21:02:43] New process found: Process Name - csrss.exe Process ID - 14440 Process Identity - SYSTEM [11-07-2023 21:02:43] New process found: Process Name - winlogon.exe Process ID - 6612 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:02:44] New process found: Process Name - LogonUI.exe Process ID - 2636 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:02:44] New process found: Process Name - dwm.exe Process ID - 14364 Process Identity - Window Manager\DWM-4 [11-07-2023 21:02:57] Process Exited: Process Name - LogonUI.exe Process ID - 2636 [11-07-2023 21:02:57] Process Exited: Process Name - winlogon.exe Process ID - 6612 [11-07-2023 21:02:57] Process Exited: Process Name - dwm.exe Process ID - 14364 [11-07-2023 21:02:57] Process Exited: Process Name - csrss.exe Process ID - 14440 [11-07-2023 21:02:59] New process found: Process Name - csrss.exe Process ID - 7436 Process Identity - SYSTEM [11-07-2023 21:02:59] New process found: Process Name - winlogon.exe Process ID - 2564 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:02:59] New process found: Process Name - LogonUI.exe Process ID - 15804 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:02:59] New process found: Process Name - dwm.exe Process ID - 14256 Process Identity - Window Manager\DWM-4 [11-07-2023 21:03:12] Process Exited: Process Name - winlogon.exe Process ID - 2564 [11-07-2023 21:03:12] Process Exited: Process Name - csrss.exe Process ID - 7436 [11-07-2023 21:03:12] Process Exited: Process Name - dwm.exe Process ID - 14256 [11-07-2023 21:03:12] Process Exited: Process Name - LogonUI.exe Process ID - 15804 [11-07-2023 21:03:16] New process found: Process Name - csrss.exe Process ID - 8812 Process Identity - SYSTEM [11-07-2023 21:03:16] New process found: Process Name - winlogon.exe Process ID - 7924 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:03:18] New process found: Process Name - LogonUI.exe Process ID - 15944 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:03:18] New process found: Process Name - dwm.exe Process ID - 13368 Process Identity - Window Manager\DWM-4 [11-07-2023 21:03:27] Process Exited: Process Name - winlogon.exe Process ID - 7924 [11-07-2023 21:03:27] Process Exited: Process Name - csrss.exe Process ID - 8812 [11-07-2023 21:03:27] Process Exited: Process Name - dwm.exe Process ID - 13368 [11-07-2023 21:03:27] Process Exited: Process Name - LogonUI.exe Process ID - 15944 [11-07-2023 21:03:29] New process found: Process Name - csrss.exe Process ID - 15996 Process Identity - SYSTEM [11-07-2023 21:03:30] New process found: Process Name - winlogon.exe Process ID - 15416 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:03:30] New process found: Process Name - LogonUI.exe Process ID - 10188 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:03:30] New process found: Process Name - dwm.exe Process ID - 13976 Process Identity - Window Manager\DWM-4 [11-07-2023 21:03:43] Process Exited: Process Name - LogonUI.exe Process ID - 10188 [11-07-2023 21:03:43] Process Exited: Process Name - dwm.exe Process ID - 13976 [11-07-2023 21:03:43] Process Exited: Process Name - winlogon.exe Process ID - 15416 [11-07-2023 21:03:43] Process Exited: Process Name - csrss.exe Process ID - 15996 [11-07-2023 21:03:44] New process found: Process Name - csrss.exe Process ID - 16124 Process Identity - SYSTEM [11-07-2023 21:03:44] New process found: Process Name - winlogon.exe Process ID - 15084 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:03:45] New process found: Process Name - LogonUI.exe Process ID - 13548 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:03:45] New process found: Process Name - dwm.exe Process ID - 8656 Process Identity - Window Manager\DWM-4 [11-07-2023 21:03:58] Process Exited: Process Name - dwm.exe Process ID - 8656 [11-07-2023 21:03:58] Process Exited: Process Name - LogonUI.exe Process ID - 13548 [11-07-2023 21:03:58] Process Exited: Process Name - winlogon.exe Process ID - 15084 [11-07-2023 21:03:58] Process Exited: Process Name - csrss.exe Process ID - 16124 [11-07-2023 21:03:59] New process found: Process Name - csrss.exe Process ID - 13804 Process Identity - SYSTEM [11-07-2023 21:03:59] New process found: Process Name - winlogon.exe Process ID - 1716 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:04:01] New process found: Process Name - LogonUI.exe Process ID - 15984 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:04:01] New process found: Process Name - dwm.exe Process ID - 14728 Process Identity - Window Manager\DWM-4 [11-07-2023 21:04:13] Process Exited: Process Name - winlogon.exe Process ID - 1716 [11-07-2023 21:04:13] Process Exited: Process Name - csrss.exe Process ID - 13804 [11-07-2023 21:04:13] Process Exited: Process Name - dwm.exe Process ID - 14728 [11-07-2023 21:04:13] Process Exited: Process Name - LogonUI.exe Process ID - 15984 [11-07-2023 21:04:17] New process found: Process Name - csrss.exe Process ID - 16268 Process Identity - SYSTEM [11-07-2023 21:04:17] New process found: Process Name - winlogon.exe Process ID - 14944 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:04:18] New process found: Process Name - LogonUI.exe Process ID - 11996 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:04:18] New process found: Process Name - dwm.exe Process ID - 14648 Process Identity - Window Manager\DWM-4 [11-07-2023 21:04:28] Process Exited: Process Name - LogonUI.exe Process ID - 11996 [11-07-2023 21:04:28] Process Exited: Process Name - dwm.exe Process ID - 14648 [11-07-2023 21:04:28] Process Exited: Process Name - winlogon.exe Process ID - 14944 [11-07-2023 21:04:28] Process Exited: Process Name - csrss.exe Process ID - 16268 [11-07-2023 21:04:29] New process found: Process Name - csrss.exe Process ID - 2420 Process Identity - SYSTEM [11-07-2023 21:04:29] New process found: Process Name - winlogon.exe Process ID - 13988 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:04:31] New process found: Process Name - LogonUI.exe Process ID - 15096 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:04:31] New process found: Process Name - dwm.exe Process ID - 14456 Process Identity - Window Manager\DWM-4 [11-07-2023 21:04:43] Process Exited: Process Name - csrss.exe Process ID - 2420 [11-07-2023 21:04:43] Process Exited: Process Name - winlogon.exe Process ID - 13988 [11-07-2023 21:04:43] Process Exited: Process Name - dwm.exe Process ID - 14456 [11-07-2023 21:04:43] Process Exited: Process Name - LogonUI.exe Process ID - 15096 [11-07-2023 21:04:44] New process found: Process Name - csrss.exe Process ID - 7924 Process Identity - SYSTEM [11-07-2023 21:04:44] New process found: Process Name - winlogon.exe Process ID - 7140 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:04:45] New process found: Process Name - LogonUI.exe Process ID - 8876 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:04:45] New process found: Process Name - dwm.exe Process ID - 7664 Process Identity - Window Manager\DWM-4 [11-07-2023 21:04:58] Process Exited: Process Name - winlogon.exe Process ID - 7140 [11-07-2023 21:04:58] Process Exited: Process Name - dwm.exe Process ID - 7664 [11-07-2023 21:04:58] Process Exited: Process Name - csrss.exe Process ID - 7924 [11-07-2023 21:04:58] Process Exited: Process Name - LogonUI.exe Process ID - 8876 [11-07-2023 21:04:59] New process found: Process Name - csrss.exe Process ID - 5092 Process Identity - SYSTEM [11-07-2023 21:04:59] New process found: Process Name - winlogon.exe Process ID - 9460 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:05:00] New process found: Process Name - LogonUI.exe Process ID - 3416 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:05:00] New process found: Process Name - dwm.exe Process ID - 14900 Process Identity - Window Manager\DWM-4 [11-07-2023 21:05:13] Process Exited: Process Name - LogonUI.exe Process ID - 3416 [11-07-2023 21:05:13] Process Exited: Process Name - csrss.exe Process ID - 5092 [11-07-2023 21:05:13] Process Exited: Process Name - winlogon.exe Process ID - 9460 [11-07-2023 21:05:13] Process Exited: Process Name - dwm.exe Process ID - 14900 [11-07-2023 21:05:14] New process found: Process Name - csrss.exe Process ID - 15676 Process Identity - SYSTEM [11-07-2023 21:05:14] New process found: Process Name - winlogon.exe Process ID - 14736 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:05:15] New process found: Process Name - LogonUI.exe Process ID - 13484 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:05:15] New process found: Process Name - dwm.exe Process ID - 15820 Process Identity - Window Manager\DWM-4 [11-07-2023 21:05:28] Process Exited: Process Name - LogonUI.exe Process ID - 13484 [11-07-2023 21:05:28] Process Exited: Process Name - winlogon.exe Process ID - 14736 [11-07-2023 21:05:28] Process Exited: Process Name - csrss.exe Process ID - 15676 [11-07-2023 21:05:28] Process Exited: Process Name - dwm.exe Process ID - 15820 [11-07-2023 21:05:29] New process found: Process Name - csrss.exe Process ID - 7600 Process Identity - SYSTEM [11-07-2023 21:05:29] New process found: Process Name - winlogon.exe Process ID - 8884 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:05:30] New process found: Process Name - LogonUI.exe Process ID - 16260 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:05:30] New process found: Process Name - dwm.exe Process ID - 14876 Process Identity - Window Manager\DWM-4 [11-07-2023 21:05:44] Process Exited: Process Name - csrss.exe Process ID - 7600 [11-07-2023 21:05:44] Process Exited: Process Name - winlogon.exe Process ID - 8884 [11-07-2023 21:05:44] Process Exited: Process Name - dwm.exe Process ID - 14876 [11-07-2023 21:05:44] Process Exited: Process Name - LogonUI.exe Process ID - 16260 [11-07-2023 21:05:48] New process found: Process Name - csrss.exe Process ID - 15644 Process Identity - SYSTEM [11-07-2023 21:05:48] New process found: Process Name - winlogon.exe Process ID - 16096 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:05:49] New process found: Process Name - LogonUI.exe Process ID - 15848 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:05:49] New process found: Process Name - dwm.exe Process ID - 15516 Process Identity - Window Manager\DWM-4 [11-07-2023 21:05:59] Process Exited: Process Name - dwm.exe Process ID - 15516 [11-07-2023 21:05:59] Process Exited: Process Name - csrss.exe Process ID - 15644 [11-07-2023 21:05:59] Process Exited: Process Name - LogonUI.exe Process ID - 15848 [11-07-2023 21:05:59] Process Exited: Process Name - winlogon.exe Process ID - 16096 [11-07-2023 21:06:00] New process found: Process Name - csrss.exe Process ID - 2460 Process Identity - SYSTEM [11-07-2023 21:06:00] New process found: Process Name - winlogon.exe Process ID - 16028 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:06:01] New process found: Process Name - LogonUI.exe Process ID - 8492 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:06:01] New process found: Process Name - dwm.exe Process ID - 16020 Process Identity - Window Manager\DWM-4 [11-07-2023 21:06:14] New process found: Process Name - w3wp.exe Process ID - 1724 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [11-07-2023 21:06:14] Process Exited: Process Name - csrss.exe Process ID - 2460 [11-07-2023 21:06:14] Process Exited: Process Name - LogonUI.exe Process ID - 8492 [11-07-2023 21:06:14] Process Exited: Process Name - w3wp.exe Process ID - 8928 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [11-07-2023 21:06:14] Process Exited: Process Name - dwm.exe Process ID - 16020 [11-07-2023 21:06:14] Process Exited: Process Name - winlogon.exe Process ID - 16028 [11-07-2023 21:06:16] New process found: Process Name - csrss.exe Process ID - 13572 Process Identity - SYSTEM [11-07-2023 21:06:16] New process found: Process Name - winlogon.exe Process ID - 14948 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:06:16] New process found: Process Name - LogonUI.exe Process ID - 7324 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:06:16] New process found: Process Name - dwm.exe Process ID - 1460 Process Identity - Window Manager\DWM-4 [11-07-2023 21:06:29] Process Exited: Process Name - dwm.exe Process ID - 1460 [11-07-2023 21:06:29] Process Exited: Process Name - LogonUI.exe Process ID - 7324 [11-07-2023 21:06:29] Process Exited: Process Name - csrss.exe Process ID - 13572 [11-07-2023 21:06:29] Process Exited: Process Name - winlogon.exe Process ID - 14948 [11-07-2023 21:06:31] New process found: Process Name - csrss.exe Process ID - 14716 Process Identity - SYSTEM [11-07-2023 21:06:31] New process found: Process Name - winlogon.exe Process ID - 15508 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:06:33] New process found: Process Name - LogonUI.exe Process ID - 1868 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:06:33] New process found: Process Name - dwm.exe Process ID - 8796 Process Identity - Window Manager\DWM-4 [11-07-2023 21:06:44] Process Exited: Process Name - LogonUI.exe Process ID - 1868 [11-07-2023 21:06:44] Process Exited: Process Name - dwm.exe Process ID - 8796 [11-07-2023 21:06:44] Process Exited: Process Name - csrss.exe Process ID - 14716 [11-07-2023 21:06:44] Process Exited: Process Name - winlogon.exe Process ID - 15508 [11-07-2023 21:06:45] New process found: Process Name - csrss.exe Process ID - 9008 Process Identity - SYSTEM [11-07-2023 21:06:45] New process found: Process Name - winlogon.exe Process ID - 9028 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:06:46] New process found: Process Name - LogonUI.exe Process ID - 8600 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:06:46] New process found: Process Name - dwm.exe Process ID - 13828 Process Identity - Window Manager\DWM-4 [11-07-2023 21:06:59] Process Exited: Process Name - LogonUI.exe Process ID - 8600 [11-07-2023 21:06:59] Process Exited: Process Name - csrss.exe Process ID - 9008 [11-07-2023 21:06:59] Process Exited: Process Name - winlogon.exe Process ID - 9028 [11-07-2023 21:06:59] Process Exited: Process Name - dwm.exe Process ID - 13828 [11-07-2023 21:07:00] Process Exited: Process Name - w3wp.exe Process ID - 2824 Web application pool name - capitalbooks-publishing.com(domain)(4.0)(pool) [11-07-2023 21:07:01] New process found: Process Name - csrss.exe Process ID - 3500 Process Identity - SYSTEM [11-07-2023 21:07:01] New process found: Process Name - winlogon.exe Process ID - 8780 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:07:01] New process found: Process Name - LogonUI.exe Process ID - 2372 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:07:01] New process found: Process Name - dwm.exe Process ID - 3820 Process Identity - Window Manager\DWM-4 [11-07-2023 21:07:14] Process Exited: Process Name - LogonUI.exe Process ID - 2372 [11-07-2023 21:07:14] Process Exited: Process Name - csrss.exe Process ID - 3500 [11-07-2023 21:07:14] Process Exited: Process Name - dwm.exe Process ID - 3820 [11-07-2023 21:07:14] Process Exited: Process Name - winlogon.exe Process ID - 8780 [11-07-2023 21:07:16] New process found: Process Name - csrss.exe Process ID - 14484 Process Identity - SYSTEM [11-07-2023 21:07:16] New process found: Process Name - winlogon.exe Process ID - 15548 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:07:16] New process found: Process Name - LogonUI.exe Process ID - 7664 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:07:16] New process found: Process Name - dwm.exe Process ID - 7896 Process Identity - Window Manager\DWM-4 [11-07-2023 21:07:21] Process Exited: Process Name - w3wp.exe Process ID - 7572 Web application pool name - galaxytools.in [11-07-2023 21:07:29] Process Exited: Process Name - LogonUI.exe Process ID - 7664 [11-07-2023 21:07:29] Process Exited: Process Name - dwm.exe Process ID - 7896 [11-07-2023 21:07:29] Process Exited: Process Name - csrss.exe Process ID - 14484 [11-07-2023 21:07:29] Process Exited: Process Name - winlogon.exe Process ID - 15548 [11-07-2023 21:07:30] New process found: Process Name - csrss.exe Process ID - 13900 Process Identity - SYSTEM [11-07-2023 21:07:30] New process found: Process Name - winlogon.exe Process ID - 15448 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:07:31] New process found: Process Name - LogonUI.exe Process ID - 14444 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:07:31] New process found: Process Name - dwm.exe Process ID - 14096 Process Identity - Window Manager\DWM-4 [11-07-2023 21:07:44] Process Exited: Process Name - csrss.exe Process ID - 13900 [11-07-2023 21:07:44] Process Exited: Process Name - dwm.exe Process ID - 14096 [11-07-2023 21:07:44] Process Exited: Process Name - LogonUI.exe Process ID - 14444 [11-07-2023 21:07:44] Process Exited: Process Name - winlogon.exe Process ID - 15448 [11-07-2023 21:07:51] New process found: Process Name - csrss.exe Process ID - 6656 Process Identity - SYSTEM [11-07-2023 21:07:51] New process found: Process Name - winlogon.exe Process ID - 16080 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:07:52] New process found: Process Name - LogonUI.exe Process ID - 15828 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:07:52] New process found: Process Name - dwm.exe Process ID - 15524 Process Identity - Window Manager\DWM-4 [11-07-2023 21:07:59] Process Exited: Process Name - csrss.exe Process ID - 6656 [11-07-2023 21:07:59] Process Exited: Process Name - dwm.exe Process ID - 15524 [11-07-2023 21:07:59] Process Exited: Process Name - LogonUI.exe Process ID - 15828 [11-07-2023 21:07:59] Process Exited: Process Name - winlogon.exe Process ID - 16080 [11-07-2023 21:08:00] New process found: Process Name - csrss.exe Process ID - 14768 Process Identity - SYSTEM [11-07-2023 21:08:00] New process found: Process Name - winlogon.exe Process ID - 15260 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:08:01] New process found: Process Name - LogonUI.exe Process ID - 16376 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:08:01] New process found: Process Name - dwm.exe Process ID - 13804 Process Identity - Window Manager\DWM-4 [11-07-2023 21:08:14] Process Exited: Process Name - dwm.exe Process ID - 13804 [11-07-2023 21:08:14] Process Exited: Process Name - csrss.exe Process ID - 14768 [11-07-2023 21:08:14] Process Exited: Process Name - winlogon.exe Process ID - 15260 [11-07-2023 21:08:14] Process Exited: Process Name - LogonUI.exe Process ID - 16376 [11-07-2023 21:08:15] New process found: Process Name - csrss.exe Process ID - 16016 Process Identity - SYSTEM [11-07-2023 21:08:15] New process found: Process Name - winlogon.exe Process ID - 15156 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:08:16] New process found: Process Name - LogonUI.exe Process ID - 14268 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:08:16] New process found: Process Name - dwm.exe Process ID - 14984 Process Identity - Window Manager\DWM-4 [11-07-2023 21:08:30] Process Exited: Process Name - LogonUI.exe Process ID - 14268 [11-07-2023 21:08:30] Process Exited: Process Name - dwm.exe Process ID - 14984 [11-07-2023 21:08:30] Process Exited: Process Name - winlogon.exe Process ID - 15156 [11-07-2023 21:08:30] Process Exited: Process Name - csrss.exe Process ID - 16016 [11-07-2023 21:08:31] New process found: Process Name - csrss.exe Process ID - 16172 Process Identity - SYSTEM [11-07-2023 21:08:31] New process found: Process Name - winlogon.exe Process ID - 5800 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:08:32] New process found: Process Name - LogonUI.exe Process ID - 13460 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:08:32] New process found: Process Name - dwm.exe Process ID - 15180 Process Identity - Window Manager\DWM-4 [11-07-2023 21:08:45] Process Exited: Process Name - winlogon.exe Process ID - 5800 [11-07-2023 21:08:45] Process Exited: Process Name - LogonUI.exe Process ID - 13460 [11-07-2023 21:08:45] Process Exited: Process Name - dwm.exe Process ID - 15180 [11-07-2023 21:08:45] Process Exited: Process Name - csrss.exe Process ID - 16172 [11-07-2023 21:08:46] New process found: Process Name - csrss.exe Process ID - 2648 Process Identity - SYSTEM [11-07-2023 21:08:46] New process found: Process Name - winlogon.exe Process ID - 2552 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:08:47] New process found: Process Name - LogonUI.exe Process ID - 14588 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:08:47] New process found: Process Name - dwm.exe Process ID - 13236 Process Identity - Window Manager\DWM-4 [11-07-2023 21:08:55] New process found: Process Name - WmiPrvSE.exe Process ID - 16372 Process Identity - NT AUTHORITY\LOCAL SERVICE [11-07-2023 21:08:59] Process Exited: Process Name - w3wp.exe Process ID - 8744 Web application pool name - kdbps.edu.in [11-07-2023 21:08:59] Process Exited: Process Name - conhost.exe Process ID - 15700 [11-07-2023 21:09:00] Process Exited: Process Name - winlogon.exe Process ID - 2552 [11-07-2023 21:09:00] Process Exited: Process Name - csrss.exe Process ID - 2648 [11-07-2023 21:09:00] Process Exited: Process Name - dwm.exe Process ID - 13236 [11-07-2023 21:09:00] Process Exited: Process Name - LogonUI.exe Process ID - 14588 [11-07-2023 21:09:02] New process found: Process Name - WmiPrvSE.exe Process ID - 15268 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:09:04] New process found: Process Name - csrss.exe Process ID - 15224 Process Identity - SYSTEM [11-07-2023 21:09:04] New process found: Process Name - winlogon.exe Process ID - 12612 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:09:05] New process found: Process Name - LogonUI.exe Process ID - 15940 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:09:05] New process found: Process Name - dwm.exe Process ID - 15664 Process Identity - Window Manager\DWM-4 [11-07-2023 21:09:15] Process Exited: Process Name - winlogon.exe Process ID - 12612 [11-07-2023 21:09:15] Process Exited: Process Name - csrss.exe Process ID - 15224 [11-07-2023 21:09:15] Process Exited: Process Name - dwm.exe Process ID - 15664 [11-07-2023 21:09:15] Process Exited: Process Name - LogonUI.exe Process ID - 15940 [11-07-2023 21:09:16] New process found: Process Name - csrss.exe Process ID - 11044 Process Identity - SYSTEM [11-07-2023 21:09:16] New process found: Process Name - winlogon.exe Process ID - 9124 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:09:17] New process found: Process Name - LogonUI.exe Process ID - 15692 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:09:17] New process found: Process Name - dwm.exe Process ID - 14736 Process Identity - Window Manager\DWM-4 [11-07-2023 21:09:30] Process Exited: Process Name - winlogon.exe Process ID - 9124 [11-07-2023 21:09:30] Process Exited: Process Name - csrss.exe Process ID - 11044 [11-07-2023 21:09:30] Process Exited: Process Name - dwm.exe Process ID - 14736 [11-07-2023 21:09:30] Process Exited: Process Name - LogonUI.exe Process ID - 15692 [11-07-2023 21:09:31] New process found: Process Name - csrss.exe Process ID - 7688 Process Identity - SYSTEM [11-07-2023 21:09:31] New process found: Process Name - winlogon.exe Process ID - 8600 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:09:32] New process found: Process Name - LogonUI.exe Process ID - 15688 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:09:32] New process found: Process Name - dwm.exe Process ID - 1108 Process Identity - Window Manager\DWM-4 [11-07-2023 21:09:44] Process Exited: Process Name - dwm.exe Process ID - 1108 [11-07-2023 21:09:44] Process Exited: Process Name - winlogon.exe Process ID - 8600 [11-07-2023 21:09:44] Process Exited: Process Name - LogonUI.exe Process ID - 15688 [11-07-2023 21:09:45] Process Exited: Process Name - csrss.exe Process ID - 7688 [11-07-2023 21:09:46] New process found: Process Name - csrss.exe Process ID - 14456 Process Identity - SYSTEM [11-07-2023 21:09:46] New process found: Process Name - winlogon.exe Process ID - 7436 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:09:46] New process found: Process Name - LogonUI.exe Process ID - 16200 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:09:46] New process found: Process Name - dwm.exe Process ID - 14724 Process Identity - Window Manager\DWM-4 [11-07-2023 21:09:59] Process Exited: Process Name - winlogon.exe Process ID - 7436 [11-07-2023 21:09:59] Process Exited: Process Name - dwm.exe Process ID - 14724 [11-07-2023 21:09:59] Process Exited: Process Name - LogonUI.exe Process ID - 16200 [11-07-2023 21:10:00] Process Exited: Process Name - csrss.exe Process ID - 14456 [11-07-2023 21:10:01] New process found: Process Name - csrss.exe Process ID - 16288 Process Identity - SYSTEM [11-07-2023 21:10:01] New process found: Process Name - winlogon.exe Process ID - 8780 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:10:02] New process found: Process Name - LogonUI.exe Process ID - 12924 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:10:02] New process found: Process Name - dwm.exe Process ID - 15652 Process Identity - Window Manager\DWM-4 [11-07-2023 21:10:14] Process Exited: Process Name - winlogon.exe Process ID - 8780 [11-07-2023 21:10:14] Process Exited: Process Name - LogonUI.exe Process ID - 12924 [11-07-2023 21:10:14] Process Exited: Process Name - dwm.exe Process ID - 15652 [11-07-2023 21:10:15] Process Exited: Process Name - csrss.exe Process ID - 16288 [11-07-2023 21:10:17] New process found: Process Name - csrss.exe Process ID - 15684 Process Identity - SYSTEM [11-07-2023 21:10:17] New process found: Process Name - winlogon.exe Process ID - 14860 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:10:17] New process found: Process Name - LogonUI.exe Process ID - 14880 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:10:17] New process found: Process Name - dwm.exe Process ID - 9020 Process Identity - Window Manager\DWM-4 [11-07-2023 21:10:22] Process Exited: Process Name - conhost.exe Process ID - 1704 [11-07-2023 21:10:22] Process Exited: Process Name - w3wp.exe Process ID - 16136 Web application pool name - suryaflame.com(domain)(4.0)(pool) [11-07-2023 21:10:24] Process Exited: Process Name - WmiPrvSE.exe Process ID - 15268 [11-07-2023 21:10:24] Process Exited: Process Name - WmiPrvSE.exe Process ID - 16372 [11-07-2023 21:10:29] Process Exited: Process Name - dwm.exe Process ID - 9020 [11-07-2023 21:10:29] Process Exited: Process Name - winlogon.exe Process ID - 14860 [11-07-2023 21:10:29] Process Exited: Process Name - LogonUI.exe Process ID - 14880 [11-07-2023 21:10:29] Process Exited: Process Name - csrss.exe Process ID - 15684 [11-07-2023 21:10:31] New process found: Process Name - csrss.exe Process ID - 15656 Process Identity - SYSTEM [11-07-2023 21:10:31] New process found: Process Name - winlogon.exe Process ID - 15136 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:10:31] New process found: Process Name - LogonUI.exe Process ID - 5500 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:10:31] New process found: Process Name - dwm.exe Process ID - 8928 Process Identity - Window Manager\DWM-4 [11-07-2023 21:10:40] New process found: Process Name - w3wp.exe Process ID - 16052 Process Identity - KSHITIJSINGHAL-\IWPD_33(acwits) Web application pool name - procurementwebnew.acwits.in(domain)(4.0)(pool) [11-07-2023 21:10:40] New process found: Process Name - where.exe Process ID - 11920 Process Identity - KSHITIJSINGHAL-\IWPD_33(acwits) [11-07-2023 21:10:40] New process found: Process Name - conhost.exe Process ID - 5684 Process Identity - KSHITIJSINGHAL-\IWPD_33(acwits) [11-07-2023 21:10:41] New process found: Process Name - conhost.exe Process ID - 14664 Process Identity - KSHITIJSINGHAL-\IWPD_33(acwits) [11-07-2023 21:10:41] Process Exited: Process Name - conhost.exe Process ID - 5684 [11-07-2023 21:10:41] Process Exited: Process Name - where.exe Process ID - 11920 [11-07-2023 21:10:44] Process Exited: Process Name - LogonUI.exe Process ID - 5500 [11-07-2023 21:10:44] Process Exited: Process Name - dwm.exe Process ID - 8928 [11-07-2023 21:10:44] Process Exited: Process Name - winlogon.exe Process ID - 15136 [11-07-2023 21:10:44] Process Exited: Process Name - csrss.exe Process ID - 15656 [11-07-2023 21:10:46] New process found: Process Name - csrss.exe Process ID - 15580 Process Identity - SYSTEM [11-07-2023 21:10:46] New process found: Process Name - winlogon.exe Process ID - 14840 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:10:46] New process found: Process Name - LogonUI.exe Process ID - 14120 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:10:46] New process found: Process Name - dwm.exe Process ID - 16336 Process Identity - Window Manager\DWM-4 [11-07-2023 21:10:59] Process Exited: Process Name - LogonUI.exe Process ID - 14120 [11-07-2023 21:10:59] Process Exited: Process Name - winlogon.exe Process ID - 14840 [11-07-2023 21:10:59] Process Exited: Process Name - csrss.exe Process ID - 15580 [11-07-2023 21:10:59] Process Exited: Process Name - dwm.exe Process ID - 16336 [11-07-2023 21:11:01] New process found: Process Name - csrss.exe Process ID - 14608 Process Identity - SYSTEM [11-07-2023 21:11:01] New process found: Process Name - winlogon.exe Process ID - 13284 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:11:02] New process found: Process Name - LogonUI.exe Process ID - 16208 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:11:02] New process found: Process Name - dwm.exe Process ID - 16368 Process Identity - Window Manager\DWM-4 [11-07-2023 21:11:14] Process Exited: Process Name - winlogon.exe Process ID - 13284 [11-07-2023 21:11:14] Process Exited: Process Name - csrss.exe Process ID - 14608 [11-07-2023 21:11:14] Process Exited: Process Name - LogonUI.exe Process ID - 16208 [11-07-2023 21:11:14] Process Exited: Process Name - dwm.exe Process ID - 16368 [11-07-2023 21:11:16] New process found: Process Name - w3wp.exe Process ID - 6072 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [11-07-2023 21:11:16] Process Exited: Process Name - w3wp.exe Process ID - 1724 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [11-07-2023 21:11:17] New process found: Process Name - csrss.exe Process ID - 13328 Process Identity - SYSTEM [11-07-2023 21:11:17] New process found: Process Name - winlogon.exe Process ID - 9068 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:11:17] New process found: Process Name - LogonUI.exe Process ID - 14724 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:11:17] New process found: Process Name - dwm.exe Process ID - 14128 Process Identity - Window Manager\DWM-4 [11-07-2023 21:11:23] New process found: Process Name - w3wp.exe Process ID - 16176 Process Identity - IIS APPPOOL\shop.galaxytools.in Web application pool name - shop.galaxytools.in [11-07-2023 21:11:29] Process Exited: Process Name - winlogon.exe Process ID - 9068 [11-07-2023 21:11:29] Process Exited: Process Name - csrss.exe Process ID - 13328 [11-07-2023 21:11:29] Process Exited: Process Name - dwm.exe Process ID - 14128 [11-07-2023 21:11:29] Process Exited: Process Name - LogonUI.exe Process ID - 14724 [11-07-2023 21:11:34] New process found: Process Name - csrss.exe Process ID - 12904 Process Identity - SYSTEM [11-07-2023 21:11:34] New process found: Process Name - winlogon.exe Process ID - 6576 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:11:34] New process found: Process Name - LogonUI.exe Process ID - 2676 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:11:34] New process found: Process Name - dwm.exe Process ID - 13692 Process Identity - Window Manager\DWM-4 [11-07-2023 21:11:44] Process Exited: Process Name - LogonUI.exe Process ID - 2676 [11-07-2023 21:11:44] Process Exited: Process Name - winlogon.exe Process ID - 6576 [11-07-2023 21:11:44] Process Exited: Process Name - csrss.exe Process ID - 12904 [11-07-2023 21:11:44] Process Exited: Process Name - dwm.exe Process ID - 13692 [11-07-2023 21:11:46] New process found: Process Name - csrss.exe Process ID - 13020 Process Identity - SYSTEM [11-07-2023 21:11:46] New process found: Process Name - winlogon.exe Process ID - 13684 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:11:46] New process found: Process Name - LogonUI.exe Process ID - 13056 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:11:46] New process found: Process Name - dwm.exe Process ID - 12504 Process Identity - Window Manager\DWM-4 [11-07-2023 21:11:59] New process found: Process Name - w3wp.exe Process ID - 8752 Process Identity - IIS APPPOOL\kdbps.edu.in Web application pool name - kdbps.edu.in [11-07-2023 21:11:59] Process Exited: Process Name - dwm.exe Process ID - 12504 [11-07-2023 21:11:59] Process Exited: Process Name - csrss.exe Process ID - 13020 [11-07-2023 21:11:59] Process Exited: Process Name - LogonUI.exe Process ID - 13056 [11-07-2023 21:11:59] Process Exited: Process Name - winlogon.exe Process ID - 13684 [11-07-2023 21:12:01] New process found: Process Name - csrss.exe Process ID - 1824 Process Identity - SYSTEM [11-07-2023 21:12:01] New process found: Process Name - winlogon.exe Process ID - 16044 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:12:01] New process found: Process Name - conhost.exe Process ID - 16328 Process Identity - IIS APPPOOL\kdbps.edu.in [11-07-2023 21:12:02] New process found: Process Name - LogonUI.exe Process ID - 8256 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:12:02] New process found: Process Name - dwm.exe Process ID - 2256 Process Identity - Window Manager\DWM-4 [11-07-2023 21:12:14] Process Exited: Process Name - csrss.exe Process ID - 1824 [11-07-2023 21:12:14] Process Exited: Process Name - dwm.exe Process ID - 2256 [11-07-2023 21:12:14] Process Exited: Process Name - LogonUI.exe Process ID - 8256 [11-07-2023 21:12:14] Process Exited: Process Name - winlogon.exe Process ID - 16044 [11-07-2023 21:12:16] New process found: Process Name - csrss.exe Process ID - 15292 Process Identity - SYSTEM [11-07-2023 21:12:16] New process found: Process Name - winlogon.exe Process ID - 14900 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:12:17] New process found: Process Name - LogonUI.exe Process ID - 15984 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:12:17] New process found: Process Name - dwm.exe Process ID - 12592 Process Identity - Window Manager\DWM-4 [11-07-2023 21:12:29] Process Exited: Process Name - dwm.exe Process ID - 12592 [11-07-2023 21:12:29] Process Exited: Process Name - winlogon.exe Process ID - 14900 [11-07-2023 21:12:29] Process Exited: Process Name - csrss.exe Process ID - 15292 [11-07-2023 21:12:29] Process Exited: Process Name - LogonUI.exe Process ID - 15984 [11-07-2023 21:12:30] New process found: Process Name - csrss.exe Process ID - 15656 Process Identity - SYSTEM [11-07-2023 21:12:30] New process found: Process Name - winlogon.exe Process ID - 1716 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:12:31] New process found: Process Name - LogonUI.exe Process ID - 15756 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:12:31] New process found: Process Name - dwm.exe Process ID - 5164 Process Identity - Window Manager\DWM-4 [11-07-2023 21:12:44] Process Exited: Process Name - winlogon.exe Process ID - 1716 [11-07-2023 21:12:44] Process Exited: Process Name - dwm.exe Process ID - 5164 [11-07-2023 21:12:44] Process Exited: Process Name - csrss.exe Process ID - 15656 [11-07-2023 21:12:44] Process Exited: Process Name - LogonUI.exe Process ID - 15756 [11-07-2023 21:12:48] New process found: Process Name - csrss.exe Process ID - 15764 Process Identity - SYSTEM [11-07-2023 21:12:48] New process found: Process Name - winlogon.exe Process ID - 9860 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:12:49] New process found: Process Name - LogonUI.exe Process ID - 12872 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:12:49] New process found: Process Name - dwm.exe Process ID - 14680 Process Identity - Window Manager\DWM-4 [11-07-2023 21:12:59] Process Exited: Process Name - winlogon.exe Process ID - 9860 [11-07-2023 21:12:59] Process Exited: Process Name - LogonUI.exe Process ID - 12872 [11-07-2023 21:12:59] Process Exited: Process Name - dwm.exe Process ID - 14680 [11-07-2023 21:12:59] Process Exited: Process Name - csrss.exe Process ID - 15764 [11-07-2023 21:13:00] New process found: Process Name - csrss.exe Process ID - 13920 Process Identity - SYSTEM [11-07-2023 21:13:00] New process found: Process Name - winlogon.exe Process ID - 368 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:13:01] New process found: Process Name - LogonUI.exe Process ID - 7420 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:13:01] New process found: Process Name - dwm.exe Process ID - 1724 Process Identity - Window Manager\DWM-4 [11-07-2023 21:13:14] Process Exited: Process Name - winlogon.exe Process ID - 368 [11-07-2023 21:13:14] Process Exited: Process Name - dwm.exe Process ID - 1724 [11-07-2023 21:13:14] Process Exited: Process Name - LogonUI.exe Process ID - 7420 [11-07-2023 21:13:14] Process Exited: Process Name - csrss.exe Process ID - 13920 [11-07-2023 21:13:18] New process found: Process Name - csrss.exe Process ID - 1624 Process Identity - SYSTEM [11-07-2023 21:13:18] New process found: Process Name - winlogon.exe Process ID - 9068 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:13:19] New process found: Process Name - LogonUI.exe Process ID - 604 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:13:19] New process found: Process Name - dwm.exe Process ID - 12340 Process Identity - Window Manager\DWM-4 [11-07-2023 21:13:29] Process Exited: Process Name - LogonUI.exe Process ID - 604 [11-07-2023 21:13:29] Process Exited: Process Name - csrss.exe Process ID - 1624 [11-07-2023 21:13:29] Process Exited: Process Name - winlogon.exe Process ID - 9068 [11-07-2023 21:13:29] Process Exited: Process Name - dwm.exe Process ID - 12340 [11-07-2023 21:13:31] New process found: Process Name - csrss.exe Process ID - 13428 Process Identity - SYSTEM [11-07-2023 21:13:31] New process found: Process Name - winlogon.exe Process ID - 5180 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:13:31] New process found: Process Name - LogonUI.exe Process ID - 12528 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:13:31] New process found: Process Name - dwm.exe Process ID - 13500 Process Identity - Window Manager\DWM-4 [11-07-2023 21:13:45] Process Exited: Process Name - winlogon.exe Process ID - 5180 [11-07-2023 21:13:45] Process Exited: Process Name - LogonUI.exe Process ID - 12528 [11-07-2023 21:13:45] Process Exited: Process Name - csrss.exe Process ID - 13428 [11-07-2023 21:13:45] Process Exited: Process Name - dwm.exe Process ID - 13500 [11-07-2023 21:13:46] New process found: Process Name - w3wp.exe Process ID - 13724 Process Identity - KSHITIJSINGHAL-\IWPD_74(suryafla_aw) Web application pool name - suryaflame.com(domain)(4.0)(pool) [11-07-2023 21:13:46] New process found: Process Name - conhost.exe Process ID - 13860 Process Identity - KSHITIJSINGHAL-\IWPD_74(suryafla_aw) [11-07-2023 21:13:47] New process found: Process Name - csrss.exe Process ID - 5792 Process Identity - SYSTEM [11-07-2023 21:13:47] New process found: Process Name - winlogon.exe Process ID - 14240 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:13:48] New process found: Process Name - LogonUI.exe Process ID - 14072 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:13:48] New process found: Process Name - dwm.exe Process ID - 7836 Process Identity - Window Manager\DWM-4 [11-07-2023 21:14:00] Process Exited: Process Name - csrss.exe Process ID - 5792 [11-07-2023 21:14:00] Process Exited: Process Name - dwm.exe Process ID - 7836 [11-07-2023 21:14:00] Process Exited: Process Name - LogonUI.exe Process ID - 14072 [11-07-2023 21:14:00] Process Exited: Process Name - winlogon.exe Process ID - 14240 [11-07-2023 21:14:01] New process found: Process Name - csrss.exe Process ID - 3152 Process Identity - SYSTEM [11-07-2023 21:14:01] New process found: Process Name - winlogon.exe Process ID - 14588 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:14:02] New process found: Process Name - LogonUI.exe Process ID - 16308 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:14:02] New process found: Process Name - dwm.exe Process ID - 8928 Process Identity - Window Manager\DWM-4 [11-07-2023 21:14:02] New process found: Process Name - w3wp.exe Process ID - 14900 Process Identity - IIS APPPOOL\galaxytools.in Web application pool name - galaxytools.in [11-07-2023 21:14:15] Process Exited: Process Name - csrss.exe Process ID - 3152 [11-07-2023 21:14:15] Process Exited: Process Name - dwm.exe Process ID - 8928 [11-07-2023 21:14:15] Process Exited: Process Name - winlogon.exe Process ID - 14588 [11-07-2023 21:14:15] Process Exited: Process Name - LogonUI.exe Process ID - 16308 [11-07-2023 21:14:17] New process found: Process Name - csrss.exe Process ID - 15960 Process Identity - SYSTEM [11-07-2023 21:14:17] New process found: Process Name - winlogon.exe Process ID - 15256 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:14:17] New process found: Process Name - LogonUI.exe Process ID - 9300 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:14:17] New process found: Process Name - dwm.exe Process ID - 6420 Process Identity - Window Manager\DWM-4 [11-07-2023 21:14:30] Process Exited: Process Name - dwm.exe Process ID - 6420 [11-07-2023 21:14:30] Process Exited: Process Name - LogonUI.exe Process ID - 9300 [11-07-2023 21:14:30] Process Exited: Process Name - winlogon.exe Process ID - 15256 [11-07-2023 21:14:30] Process Exited: Process Name - csrss.exe Process ID - 15960 [11-07-2023 21:14:31] New process found: Process Name - csrss.exe Process ID - 15780 Process Identity - SYSTEM [11-07-2023 21:14:31] New process found: Process Name - winlogon.exe Process ID - 15860 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:14:32] New process found: Process Name - LogonUI.exe Process ID - 16056 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:14:32] New process found: Process Name - dwm.exe Process ID - 16084 Process Identity - Window Manager\DWM-4 [11-07-2023 21:14:45] Process Exited: Process Name - csrss.exe Process ID - 15780 [11-07-2023 21:14:45] Process Exited: Process Name - winlogon.exe Process ID - 15860 [11-07-2023 21:14:45] Process Exited: Process Name - LogonUI.exe Process ID - 16056 [11-07-2023 21:14:45] Process Exited: Process Name - dwm.exe Process ID - 16084 [11-07-2023 21:14:46] New process found: Process Name - csrss.exe Process ID - 2252 Process Identity - SYSTEM [11-07-2023 21:14:46] New process found: Process Name - winlogon.exe Process ID - 13596 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:14:48] New process found: Process Name - LogonUI.exe Process ID - 1724 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:14:48] New process found: Process Name - dwm.exe Process ID - 8680 Process Identity - Window Manager\DWM-4 [11-07-2023 21:14:55] New process found: Process Name - w3wp.exe Process ID - 15420 Process Identity - KSHITIJSINGHAL-\IWPD_6(cies) Web application pool name - cies.org.in(domain)(4.0)(pool) [11-07-2023 21:15:00] Process Exited: Process Name - LogonUI.exe Process ID - 1724 [11-07-2023 21:15:00] Process Exited: Process Name - csrss.exe Process ID - 2252 [11-07-2023 21:15:00] Process Exited: Process Name - dwm.exe Process ID - 8680 [11-07-2023 21:15:00] Process Exited: Process Name - winlogon.exe Process ID - 13596 [11-07-2023 21:15:01] New process found: Process Name - csrss.exe Process ID - 15216 Process Identity - SYSTEM [11-07-2023 21:15:01] New process found: Process Name - winlogon.exe Process ID - 9260 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:15:01] New process found: Process Name - LogonUI.exe Process ID - 12908 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:15:01] New process found: Process Name - dwm.exe Process ID - 9092 Process Identity - Window Manager\DWM-4 [11-07-2023 21:15:15] Process Exited: Process Name - dwm.exe Process ID - 9092 [11-07-2023 21:15:15] Process Exited: Process Name - winlogon.exe Process ID - 9260 [11-07-2023 21:15:15] Process Exited: Process Name - LogonUI.exe Process ID - 12908 [11-07-2023 21:15:15] Process Exited: Process Name - csrss.exe Process ID - 15216 [11-07-2023 21:15:16] New process found: Process Name - csrss.exe Process ID - 6460 Process Identity - SYSTEM [11-07-2023 21:15:16] New process found: Process Name - winlogon.exe Process ID - 2256 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:15:18] New process found: Process Name - LogonUI.exe Process ID - 14860 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:15:18] New process found: Process Name - dwm.exe Process ID - 8492 Process Identity - Window Manager\DWM-4 [11-07-2023 21:15:30] Process Exited: Process Name - winlogon.exe Process ID - 2256 [11-07-2023 21:15:30] Process Exited: Process Name - csrss.exe Process ID - 6460 [11-07-2023 21:15:30] Process Exited: Process Name - dwm.exe Process ID - 8492 [11-07-2023 21:15:30] Process Exited: Process Name - LogonUI.exe Process ID - 14860 [11-07-2023 21:15:32] New process found: Process Name - csrss.exe Process ID - 15924 Process Identity - SYSTEM [11-07-2023 21:15:32] New process found: Process Name - winlogon.exe Process ID - 16136 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:15:33] New process found: Process Name - LogonUI.exe Process ID - 11676 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:15:33] New process found: Process Name - dwm.exe Process ID - 11920 Process Identity - Window Manager\DWM-4 [11-07-2023 21:15:45] Process Exited: Process Name - LogonUI.exe Process ID - 11676 [11-07-2023 21:15:45] Process Exited: Process Name - dwm.exe Process ID - 11920 [11-07-2023 21:15:45] Process Exited: Process Name - csrss.exe Process ID - 15924 [11-07-2023 21:15:45] Process Exited: Process Name - winlogon.exe Process ID - 16136 [11-07-2023 21:15:46] New process found: Process Name - csrss.exe Process ID - 7480 Process Identity - SYSTEM [11-07-2023 21:15:46] New process found: Process Name - winlogon.exe Process ID - 13672 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:15:47] New process found: Process Name - LogonUI.exe Process ID - 15452 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:15:47] New process found: Process Name - dwm.exe Process ID - 14388 Process Identity - Window Manager\DWM-4 [11-07-2023 21:16:00] Process Exited: Process Name - csrss.exe Process ID - 7480 [11-07-2023 21:16:00] Process Exited: Process Name - winlogon.exe Process ID - 13672 [11-07-2023 21:16:00] Process Exited: Process Name - dwm.exe Process ID - 14388 [11-07-2023 21:16:00] Process Exited: Process Name - LogonUI.exe Process ID - 15452 [11-07-2023 21:16:03] New process found: Process Name - csrss.exe Process ID - 9328 Process Identity - SYSTEM [11-07-2023 21:16:03] New process found: Process Name - winlogon.exe Process ID - 5076 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:16:04] New process found: Process Name - LogonUI.exe Process ID - 8884 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:16:04] New process found: Process Name - dwm.exe Process ID - 16300 Process Identity - Window Manager\DWM-4 [11-07-2023 21:16:15] Process Exited: Process Name - winlogon.exe Process ID - 5076 [11-07-2023 21:16:15] Process Exited: Process Name - LogonUI.exe Process ID - 8884 [11-07-2023 21:16:15] Process Exited: Process Name - csrss.exe Process ID - 9328 [11-07-2023 21:16:15] Process Exited: Process Name - dwm.exe Process ID - 16300 [11-07-2023 21:16:16] New process found: Process Name - csrss.exe Process ID - 7244 Process Identity - SYSTEM [11-07-2023 21:16:16] New process found: Process Name - winlogon.exe Process ID - 6732 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:16:17] New process found: Process Name - w3wp.exe Process ID - 15604 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [11-07-2023 21:16:17] New process found: Process Name - LogonUI.exe Process ID - 8744 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:16:17] New process found: Process Name - dwm.exe Process ID - 14944 Process Identity - Window Manager\DWM-4 [11-07-2023 21:16:17] Process Exited: Process Name - w3wp.exe Process ID - 6072 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [11-07-2023 21:16:29] Process Exited: Process Name - winlogon.exe Process ID - 6732 [11-07-2023 21:16:29] Process Exited: Process Name - LogonUI.exe Process ID - 8744 [11-07-2023 21:16:29] Process Exited: Process Name - dwm.exe Process ID - 14944 [11-07-2023 21:16:30] Process Exited: Process Name - csrss.exe Process ID - 7244 [11-07-2023 21:16:31] New process found: Process Name - csrss.exe Process ID - 8816 Process Identity - SYSTEM [11-07-2023 21:16:31] New process found: Process Name - winlogon.exe Process ID - 6568 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:16:31] New process found: Process Name - w3wp.exe Process ID - 15760 Process Identity - KSHITIJSINGHAL-\IWPD_13(perfectbrea) Web application pool name - perfectbread.com(domain)(4.0)(pool) [11-07-2023 21:16:31] New process found: Process Name - LogonUI.exe Process ID - 6648 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:16:31] New process found: Process Name - dwm.exe Process ID - 13636 Process Identity - Window Manager\DWM-4 [11-07-2023 21:16:32] New process found: Process Name - where.exe Process ID - 15140 Process Identity - KSHITIJSINGHAL-\IWPD_13(perfectbrea) [11-07-2023 21:16:32] New process found: Process Name - conhost.exe Process ID - 2276 Process Identity - KSHITIJSINGHAL-\IWPD_13(perfectbrea) [11-07-2023 21:16:33] New process found: Process Name - conhost.exe Process ID - 13204 Process Identity - KSHITIJSINGHAL-\IWPD_13(perfectbrea) [11-07-2023 21:16:33] Process Exited: Process Name - conhost.exe Process ID - 2276 [11-07-2023 21:16:33] Process Exited: Process Name - where.exe Process ID - 15140 [11-07-2023 21:16:42] Process Exited: Process Name - conhost.exe Process ID - 14664 [11-07-2023 21:16:42] Process Exited: Process Name - w3wp.exe Process ID - 16052 Web application pool name - procurementwebnew.acwits.in(domain)(4.0)(pool) [11-07-2023 21:16:44] Process Exited: Process Name - winlogon.exe Process ID - 6568 [11-07-2023 21:16:44] Process Exited: Process Name - LogonUI.exe Process ID - 6648 [11-07-2023 21:16:44] Process Exited: Process Name - csrss.exe Process ID - 8816 [11-07-2023 21:16:44] Process Exited: Process Name - dwm.exe Process ID - 13636 [11-07-2023 21:16:46] New process found: Process Name - csrss.exe Process ID - 9552 Process Identity - SYSTEM [11-07-2023 21:16:46] New process found: Process Name - winlogon.exe Process ID - 2552 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:16:47] New process found: Process Name - LogonUI.exe Process ID - 8912 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:16:47] New process found: Process Name - dwm.exe Process ID - 7388 Process Identity - Window Manager\DWM-4 [11-07-2023 21:16:59] Process Exited: Process Name - winlogon.exe Process ID - 2552 [11-07-2023 21:16:59] Process Exited: Process Name - dwm.exe Process ID - 7388 [11-07-2023 21:16:59] Process Exited: Process Name - LogonUI.exe Process ID - 8912 [11-07-2023 21:17:00] Process Exited: Process Name - csrss.exe Process ID - 9552 [11-07-2023 21:17:01] New process found: Process Name - csrss.exe Process ID - 15440 Process Identity - SYSTEM [11-07-2023 21:17:01] New process found: Process Name - winlogon.exe Process ID - 16208 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:17:01] New process found: Process Name - LogonUI.exe Process ID - 15960 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:17:01] New process found: Process Name - dwm.exe Process ID - 7164 Process Identity - Window Manager\DWM-4 [11-07-2023 21:17:14] Process Exited: Process Name - dwm.exe Process ID - 7164 [11-07-2023 21:17:14] Process Exited: Process Name - csrss.exe Process ID - 15440 [11-07-2023 21:17:14] Process Exited: Process Name - LogonUI.exe Process ID - 15960 [11-07-2023 21:17:14] Process Exited: Process Name - winlogon.exe Process ID - 16208 [11-07-2023 21:17:16] New process found: Process Name - csrss.exe Process ID - 10044 Process Identity - SYSTEM [11-07-2023 21:17:16] New process found: Process Name - winlogon.exe Process ID - 6780 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:17:17] New process found: Process Name - LogonUI.exe Process ID - 15780 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:17:17] New process found: Process Name - dwm.exe Process ID - 13568 Process Identity - Window Manager\DWM-4 [11-07-2023 21:17:29] Process Exited: Process Name - winlogon.exe Process ID - 6780 [11-07-2023 21:17:29] Process Exited: Process Name - dwm.exe Process ID - 13568 [11-07-2023 21:17:29] Process Exited: Process Name - LogonUI.exe Process ID - 15780 [11-07-2023 21:17:30] Process Exited: Process Name - csrss.exe Process ID - 10044 [11-07-2023 21:17:31] New process found: Process Name - csrss.exe Process ID - 13416 Process Identity - SYSTEM [11-07-2023 21:17:31] New process found: Process Name - winlogon.exe Process ID - 16032 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:17:32] New process found: Process Name - LogonUI.exe Process ID - 15988 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:17:32] New process found: Process Name - dwm.exe Process ID - 13500 Process Identity - Window Manager\DWM-4 [11-07-2023 21:17:49] New process found: Process Name - csrss.exe Process ID - 15624 Process Identity - SYSTEM [11-07-2023 21:17:49] New process found: Process Name - winlogon.exe Process ID - 15248 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:17:50] New process found: Process Name - LogonUI.exe Process ID - 14072 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:17:50] New process found: Process Name - dwm.exe Process ID - 14704 Process Identity - Window Manager\DWM-5 [11-07-2023 21:17:59] Process Exited: Process Name - LogonUI.exe Process ID - 14072 [11-07-2023 21:17:59] Process Exited: Process Name - dwm.exe Process ID - 14704 [11-07-2023 21:17:59] Process Exited: Process Name - winlogon.exe Process ID - 15248 [11-07-2023 21:17:59] Process Exited: Process Name - csrss.exe Process ID - 15624 [11-07-2023 21:18:00] New process found: Process Name - smss.exe Process ID - 12980 Process Identity - SYSTEM [11-07-2023 21:18:00] New process found: Process Name - csrss.exe Process ID - 11928 Process Identity - SYSTEM [11-07-2023 21:18:01] New process found: Process Name - winlogon.exe Process ID - 2648 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:18:01] New process found: Process Name - LogonUI.exe Process ID - 14592 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:18:01] New process found: Process Name - dwm.exe Process ID - 4964 Process Identity - Window Manager\DWM-5 [11-07-2023 21:18:01] Process Exited: Process Name - smss.exe Process ID - 12980 [11-07-2023 21:18:03] Process Exited: Process Name - csrss.exe Process ID - 13416 [11-07-2023 21:18:03] Process Exited: Process Name - dwm.exe Process ID - 13500 [11-07-2023 21:18:03] Process Exited: Process Name - LogonUI.exe Process ID - 15988 [11-07-2023 21:18:03] Process Exited: Process Name - winlogon.exe Process ID - 16032 [11-07-2023 21:18:14] Process Exited: Process Name - winlogon.exe Process ID - 2648 [11-07-2023 21:18:14] Process Exited: Process Name - dwm.exe Process ID - 4964 [11-07-2023 21:18:14] Process Exited: Process Name - csrss.exe Process ID - 11928 [11-07-2023 21:18:14] Process Exited: Process Name - LogonUI.exe Process ID - 14592 [11-07-2023 21:18:16] New process found: Process Name - csrss.exe Process ID - 16252 Process Identity - SYSTEM [11-07-2023 21:18:16] New process found: Process Name - winlogon.exe Process ID - 15852 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:18:17] New process found: Process Name - LogonUI.exe Process ID - 5684 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:18:17] New process found: Process Name - dwm.exe Process ID - 15184 Process Identity - Window Manager\DWM-4 [11-07-2023 21:18:29] Process Exited: Process Name - LogonUI.exe Process ID - 5684 [11-07-2023 21:18:29] Process Exited: Process Name - dwm.exe Process ID - 15184 [11-07-2023 21:18:29] Process Exited: Process Name - winlogon.exe Process ID - 15852 [11-07-2023 21:18:29] Process Exited: Process Name - csrss.exe Process ID - 16252 [11-07-2023 21:18:31] New process found: Process Name - csrss.exe Process ID - 16248 Process Identity - SYSTEM [11-07-2023 21:18:31] New process found: Process Name - winlogon.exe Process ID - 15824 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:18:31] New process found: Process Name - LogonUI.exe Process ID - 13000 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:18:31] New process found: Process Name - dwm.exe Process ID - 2912 Process Identity - Window Manager\DWM-4 [11-07-2023 21:18:44] Process Exited: Process Name - dwm.exe Process ID - 2912 [11-07-2023 21:18:44] Process Exited: Process Name - LogonUI.exe Process ID - 13000 [11-07-2023 21:18:44] Process Exited: Process Name - winlogon.exe Process ID - 15824 [11-07-2023 21:18:44] Process Exited: Process Name - csrss.exe Process ID - 16248 [11-07-2023 21:18:46] New process found: Process Name - csrss.exe Process ID - 412 Process Identity - SYSTEM [11-07-2023 21:18:46] New process found: Process Name - winlogon.exe Process ID - 13828 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:18:47] New process found: Process Name - LogonUI.exe Process ID - 5080 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:18:47] New process found: Process Name - dwm.exe Process ID - 14228 Process Identity - Window Manager\DWM-4 [11-07-2023 21:18:54] New process found: Process Name - WmiPrvSE.exe Process ID - 10020 Process Identity - NT AUTHORITY\LOCAL SERVICE [11-07-2023 21:19:00] Process Exited: Process Name - csrss.exe Process ID - 412 [11-07-2023 21:19:00] Process Exited: Process Name - LogonUI.exe Process ID - 5080 [11-07-2023 21:19:00] Process Exited: Process Name - winlogon.exe Process ID - 13828 [11-07-2023 21:19:00] Process Exited: Process Name - dwm.exe Process ID - 14228 [11-07-2023 21:19:01] New process found: Process Name - csrss.exe Process ID - 14456 Process Identity - SYSTEM [11-07-2023 21:19:01] New process found: Process Name - WmiPrvSE.exe Process ID - 13060 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:19:01] New process found: Process Name - winlogon.exe Process ID - 15976 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:19:01] New process found: Process Name - LogonUI.exe Process ID - 14604 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:19:01] New process found: Process Name - dwm.exe Process ID - 13436 Process Identity - Window Manager\DWM-4 [11-07-2023 21:19:04] New process found: Process Name - w3wp.exe Process ID - 12356 Process Identity - KSHITIJSINGHAL-\IWPD_7(cies) Web application pool name - adminportal.cies.org.in(domain)(4.0)(pool) [11-07-2023 21:19:16] Process Exited: Process Name - dwm.exe Process ID - 13436 [11-07-2023 21:19:16] Process Exited: Process Name - csrss.exe Process ID - 14456 [11-07-2023 21:19:16] Process Exited: Process Name - LogonUI.exe Process ID - 14604 [11-07-2023 21:19:16] Process Exited: Process Name - winlogon.exe Process ID - 15976 [11-07-2023 21:19:17] New process found: Process Name - csrss.exe Process ID - 13496 Process Identity - SYSTEM [11-07-2023 21:19:17] New process found: Process Name - winlogon.exe Process ID - 15096 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:19:18] New process found: Process Name - LogonUI.exe Process ID - 11636 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:19:18] New process found: Process Name - dwm.exe Process ID - 16000 Process Identity - Window Manager\DWM-4 [11-07-2023 21:19:29] New process found: Process Name - w3wp.exe Process ID - 15560 Process Identity - KSHITIJSINGHAL-\IWPD_67(justprew_2v) Web application pool name - justprewedding.com(domain)(4.0)(pool) [11-07-2023 21:19:30] Process Exited: Process Name - LogonUI.exe Process ID - 11636 [11-07-2023 21:19:31] Process Exited: Process Name - csrss.exe Process ID - 13496 [11-07-2023 21:19:31] Process Exited: Process Name - winlogon.exe Process ID - 15096 [11-07-2023 21:19:31] Process Exited: Process Name - dwm.exe Process ID - 16000 [11-07-2023 21:19:32] New process found: Process Name - csrss.exe Process ID - 12980 Process Identity - SYSTEM [11-07-2023 21:19:32] New process found: Process Name - winlogon.exe Process ID - 13720 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:19:33] New process found: Process Name - LogonUI.exe Process ID - 15888 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:19:33] New process found: Process Name - dwm.exe Process ID - 9552 Process Identity - Window Manager\DWM-4 [11-07-2023 21:19:35] New process found: Process Name - w3wp.exe Process ID - 15924 Process Identity - KSHITIJSINGHAL-\IWPD_77(acwits) Web application pool name - kdb.acwits.in(domain)(4.0)(pool) [11-07-2023 21:19:36] New process found: Process Name - conhost.exe Process ID - 14048 Process Identity - KSHITIJSINGHAL-\IWPD_77(acwits) [11-07-2023 21:19:45] Process Exited: Process Name - dwm.exe Process ID - 9552 [11-07-2023 21:19:45] Process Exited: Process Name - LogonUI.exe Process ID - 15888 [11-07-2023 21:19:46] Process Exited: Process Name - csrss.exe Process ID - 12980 [11-07-2023 21:19:46] Process Exited: Process Name - winlogon.exe Process ID - 13720 [11-07-2023 21:19:47] New process found: Process Name - csrss.exe Process ID - 13160 Process Identity - SYSTEM [11-07-2023 21:19:47] New process found: Process Name - winlogon.exe Process ID - 15496 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:19:48] New process found: Process Name - LogonUI.exe Process ID - 15732 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:19:48] New process found: Process Name - dwm.exe Process ID - 176 Process Identity - Window Manager\DWM-4 [11-07-2023 21:20:01] Process Exited: Process Name - dwm.exe Process ID - 176 [11-07-2023 21:20:01] Process Exited: Process Name - csrss.exe Process ID - 13160 [11-07-2023 21:20:01] Process Exited: Process Name - winlogon.exe Process ID - 15496 [11-07-2023 21:20:01] Process Exited: Process Name - LogonUI.exe Process ID - 15732 [11-07-2023 21:20:03] New process found: Process Name - csrss.exe Process ID - 14432 Process Identity - SYSTEM [11-07-2023 21:20:03] New process found: Process Name - winlogon.exe Process ID - 14228 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:20:03] New process found: Process Name - LogonUI.exe Process ID - 12924 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:20:03] New process found: Process Name - dwm.exe Process ID - 13512 Process Identity - Window Manager\DWM-4 [11-07-2023 21:20:16] Process Exited: Process Name - LogonUI.exe Process ID - 12924 [11-07-2023 21:20:16] Process Exited: Process Name - dwm.exe Process ID - 13512 [11-07-2023 21:20:16] Process Exited: Process Name - winlogon.exe Process ID - 14228 [11-07-2023 21:20:16] Process Exited: Process Name - csrss.exe Process ID - 14432 [11-07-2023 21:20:19] New process found: Process Name - csrss.exe Process ID - 7836 Process Identity - SYSTEM [11-07-2023 21:20:19] New process found: Process Name - winlogon.exe Process ID - 16008 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:20:20] New process found: Process Name - LogonUI.exe Process ID - 12352 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:20:20] New process found: Process Name - dwm.exe Process ID - 2276 Process Identity - Window Manager\DWM-4 [11-07-2023 21:20:24] Process Exited: Process Name - WmiPrvSE.exe Process ID - 10020 [11-07-2023 21:20:24] Process Exited: Process Name - WmiPrvSE.exe Process ID - 13060 [11-07-2023 21:20:31] Process Exited: Process Name - dwm.exe Process ID - 2276 [11-07-2023 21:20:31] Process Exited: Process Name - csrss.exe Process ID - 7836 [11-07-2023 21:20:31] Process Exited: Process Name - LogonUI.exe Process ID - 12352 [11-07-2023 21:20:31] Process Exited: Process Name - winlogon.exe Process ID - 16008 [11-07-2023 21:20:33] New process found: Process Name - csrss.exe Process ID - 14636 Process Identity - SYSTEM [11-07-2023 21:20:33] New process found: Process Name - winlogon.exe Process ID - 14828 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:20:34] New process found: Process Name - LogonUI.exe Process ID - 5680 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:20:34] New process found: Process Name - dwm.exe Process ID - 11672 Process Identity - Window Manager\DWM-4 [11-07-2023 21:20:46] Process Exited: Process Name - LogonUI.exe Process ID - 5680 [11-07-2023 21:20:46] Process Exited: Process Name - dwm.exe Process ID - 11672 [11-07-2023 21:20:46] Process Exited: Process Name - csrss.exe Process ID - 14636 [11-07-2023 21:20:46] Process Exited: Process Name - winlogon.exe Process ID - 14828 [11-07-2023 21:20:50] New process found: Process Name - csrss.exe Process ID - 4108 Process Identity - SYSTEM [11-07-2023 21:20:50] New process found: Process Name - winlogon.exe Process ID - 13424 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:20:52] New process found: Process Name - LogonUI.exe Process ID - 3464 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:20:52] New process found: Process Name - dwm.exe Process ID - 11696 Process Identity - Window Manager\DWM-4 [11-07-2023 21:20:57] Process Exited: Process Name - w3wp.exe Process ID - 15420 Web application pool name - cies.org.in(domain)(4.0)(pool) [11-07-2023 21:21:01] Process Exited: Process Name - LogonUI.exe Process ID - 3464 [11-07-2023 21:21:01] Process Exited: Process Name - csrss.exe Process ID - 4108 [11-07-2023 21:21:01] Process Exited: Process Name - dwm.exe Process ID - 11696 [11-07-2023 21:21:01] Process Exited: Process Name - winlogon.exe Process ID - 13424 [11-07-2023 21:21:03] New process found: Process Name - csrss.exe Process ID - 8964 Process Identity - SYSTEM [11-07-2023 21:21:03] New process found: Process Name - winlogon.exe Process ID - 9232 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:21:03] New process found: Process Name - LogonUI.exe Process ID - 14736 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:21:03] New process found: Process Name - dwm.exe Process ID - 13956 Process Identity - Window Manager\DWM-4 [11-07-2023 21:21:16] Process Exited: Process Name - csrss.exe Process ID - 8964 [11-07-2023 21:21:16] Process Exited: Process Name - winlogon.exe Process ID - 9232 [11-07-2023 21:21:16] Process Exited: Process Name - dwm.exe Process ID - 13956 [11-07-2023 21:21:16] Process Exited: Process Name - LogonUI.exe Process ID - 14736 [11-07-2023 21:21:18] New process found: Process Name - csrss.exe Process ID - 14772 Process Identity - SYSTEM [11-07-2023 21:21:18] New process found: Process Name - winlogon.exe Process ID - 412 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:21:18] New process found: Process Name - w3wp.exe Process ID - 4376 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [11-07-2023 21:21:18] Process Exited: Process Name - w3wp.exe Process ID - 15604 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [11-07-2023 21:21:19] New process found: Process Name - LogonUI.exe Process ID - 16056 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:21:19] New process found: Process Name - dwm.exe Process ID - 5076 Process Identity - Window Manager\DWM-4 [11-07-2023 21:21:31] Process Exited: Process Name - winlogon.exe Process ID - 412 [11-07-2023 21:21:31] Process Exited: Process Name - dwm.exe Process ID - 5076 [11-07-2023 21:21:31] Process Exited: Process Name - csrss.exe Process ID - 14772 [11-07-2023 21:21:31] Process Exited: Process Name - LogonUI.exe Process ID - 16056 [11-07-2023 21:21:32] New process found: Process Name - csrss.exe Process ID - 16072 Process Identity - SYSTEM [11-07-2023 21:21:32] New process found: Process Name - winlogon.exe Process ID - 15500 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:21:33] New process found: Process Name - LogonUI.exe Process ID - 13764 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:21:33] New process found: Process Name - dwm.exe Process ID - 14552 Process Identity - Window Manager\DWM-4 [11-07-2023 21:21:46] Process Exited: Process Name - LogonUI.exe Process ID - 13764 [11-07-2023 21:21:46] Process Exited: Process Name - dwm.exe Process ID - 14552 [11-07-2023 21:21:46] Process Exited: Process Name - winlogon.exe Process ID - 15500 [11-07-2023 21:21:46] Process Exited: Process Name - csrss.exe Process ID - 16072 [11-07-2023 21:21:47] New process found: Process Name - csrss.exe Process ID - 2088 Process Identity - SYSTEM [11-07-2023 21:21:47] New process found: Process Name - winlogon.exe Process ID - 5776 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:21:48] New process found: Process Name - LogonUI.exe Process ID - 11044 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:21:48] New process found: Process Name - dwm.exe Process ID - 14444 Process Identity - Window Manager\DWM-4 [11-07-2023 21:22:01] Process Exited: Process Name - csrss.exe Process ID - 2088 [11-07-2023 21:22:01] Process Exited: Process Name - winlogon.exe Process ID - 5776 [11-07-2023 21:22:01] Process Exited: Process Name - LogonUI.exe Process ID - 11044 [11-07-2023 21:22:01] Process Exited: Process Name - dwm.exe Process ID - 14444 [11-07-2023 21:22:02] New process found: Process Name - csrss.exe Process ID - 14524 Process Identity - SYSTEM [11-07-2023 21:22:02] New process found: Process Name - winlogon.exe Process ID - 13428 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:22:03] New process found: Process Name - LogonUI.exe Process ID - 4900 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:22:03] New process found: Process Name - dwm.exe Process ID - 892 Process Identity - Window Manager\DWM-4 [11-07-2023 21:22:04] Process Exited: Process Name - w3wp.exe Process ID - 14900 Web application pool name - galaxytools.in [11-07-2023 21:22:16] Process Exited: Process Name - dwm.exe Process ID - 892 [11-07-2023 21:22:16] Process Exited: Process Name - LogonUI.exe Process ID - 4900 [11-07-2023 21:22:16] Process Exited: Process Name - winlogon.exe Process ID - 13428 [11-07-2023 21:22:16] Process Exited: Process Name - csrss.exe Process ID - 14524 [11-07-2023 21:22:17] New process found: Process Name - csrss.exe Process ID - 13424 Process Identity - SYSTEM [11-07-2023 21:22:17] New process found: Process Name - winlogon.exe Process ID - 176 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:22:18] New process found: Process Name - LogonUI.exe Process ID - 13212 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:22:18] New process found: Process Name - dwm.exe Process ID - 14388 Process Identity - Window Manager\DWM-4 [11-07-2023 21:22:31] Process Exited: Process Name - winlogon.exe Process ID - 176 [11-07-2023 21:22:31] Process Exited: Process Name - LogonUI.exe Process ID - 13212 [11-07-2023 21:22:31] Process Exited: Process Name - csrss.exe Process ID - 13424 [11-07-2023 21:22:31] Process Exited: Process Name - dwm.exe Process ID - 14388 [11-07-2023 21:22:32] Process Exited: Process Name - conhost.exe Process ID - 13204 [11-07-2023 21:22:32] Process Exited: Process Name - w3wp.exe Process ID - 15760 Web application pool name - perfectbread.com(domain)(4.0)(pool) [11-07-2023 21:22:34] New process found: Process Name - csrss.exe Process ID - 2564 Process Identity - SYSTEM [11-07-2023 21:22:34] New process found: Process Name - winlogon.exe Process ID - 7420 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:22:35] New process found: Process Name - LogonUI.exe Process ID - 12440 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:22:35] New process found: Process Name - dwm.exe Process ID - 3364 Process Identity - Window Manager\DWM-4 [11-07-2023 21:22:46] Process Exited: Process Name - csrss.exe Process ID - 2564 [11-07-2023 21:22:46] Process Exited: Process Name - dwm.exe Process ID - 3364 [11-07-2023 21:22:46] Process Exited: Process Name - winlogon.exe Process ID - 7420 [11-07-2023 21:22:46] Process Exited: Process Name - LogonUI.exe Process ID - 12440 [11-07-2023 21:22:47] New process found: Process Name - csrss.exe Process ID - 1824 Process Identity - SYSTEM [11-07-2023 21:22:47] New process found: Process Name - winlogon.exe Process ID - 9328 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:22:48] New process found: Process Name - LogonUI.exe Process ID - 4756 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:22:48] New process found: Process Name - dwm.exe Process ID - 14772 Process Identity - Window Manager\DWM-4 [11-07-2023 21:23:01] Process Exited: Process Name - csrss.exe Process ID - 1824 [11-07-2023 21:23:01] Process Exited: Process Name - LogonUI.exe Process ID - 4756 [11-07-2023 21:23:01] Process Exited: Process Name - winlogon.exe Process ID - 9328 [11-07-2023 21:23:01] Process Exited: Process Name - dwm.exe Process ID - 14772 [11-07-2023 21:23:02] New process found: Process Name - csrss.exe Process ID - 11604 Process Identity - SYSTEM [11-07-2023 21:23:02] New process found: Process Name - winlogon.exe Process ID - 14052 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:23:03] New process found: Process Name - LogonUI.exe Process ID - 15772 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:23:03] New process found: Process Name - dwm.exe Process ID - 7400 Process Identity - Window Manager\DWM-4 [11-07-2023 21:23:16] Process Exited: Process Name - dwm.exe Process ID - 7400 [11-07-2023 21:23:16] Process Exited: Process Name - csrss.exe Process ID - 11604 [11-07-2023 21:23:16] Process Exited: Process Name - winlogon.exe Process ID - 14052 [11-07-2023 21:23:16] Process Exited: Process Name - LogonUI.exe Process ID - 15772 [11-07-2023 21:23:17] New process found: Process Name - csrss.exe Process ID - 16136 Process Identity - SYSTEM [11-07-2023 21:23:17] New process found: Process Name - winlogon.exe Process ID - 15916 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:23:18] New process found: Process Name - LogonUI.exe Process ID - 11672 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:23:18] New process found: Process Name - dwm.exe Process ID - 13892 Process Identity - Window Manager\DWM-4 [11-07-2023 21:23:31] Process Exited: Process Name - LogonUI.exe Process ID - 11672 [11-07-2023 21:23:31] Process Exited: Process Name - dwm.exe Process ID - 13892 [11-07-2023 21:23:31] Process Exited: Process Name - winlogon.exe Process ID - 15916 [11-07-2023 21:23:31] Process Exited: Process Name - csrss.exe Process ID - 16136 [11-07-2023 21:23:32] New process found: Process Name - csrss.exe Process ID - 16208 Process Identity - SYSTEM [11-07-2023 21:23:32] New process found: Process Name - winlogon.exe Process ID - 8300 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:23:33] New process found: Process Name - LogonUI.exe Process ID - 15828 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:23:33] New process found: Process Name - dwm.exe Process ID - 7336 Process Identity - Window Manager\DWM-4 [11-07-2023 21:23:46] Process Exited: Process Name - dwm.exe Process ID - 7336 [11-07-2023 21:23:46] Process Exited: Process Name - winlogon.exe Process ID - 8300 [11-07-2023 21:23:46] Process Exited: Process Name - LogonUI.exe Process ID - 15828 [11-07-2023 21:23:46] Process Exited: Process Name - csrss.exe Process ID - 16208 [11-07-2023 21:23:47] New process found: Process Name - csrss.exe Process ID - 2912 Process Identity - SYSTEM [11-07-2023 21:23:47] New process found: Process Name - winlogon.exe Process ID - 14860 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:23:48] New process found: Process Name - LogonUI.exe Process ID - 15904 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:23:48] New process found: Process Name - dwm.exe Process ID - 14656 Process Identity - Window Manager\DWM-4 [11-07-2023 21:23:51] New process found: Process Name - w3wp.exe Process ID - 3312 Process Identity - IIS APPPOOL\galaxytools.in Web application pool name - galaxytools.in [11-07-2023 21:24:01] Process Exited: Process Name - csrss.exe Process ID - 2912 [11-07-2023 21:24:01] Process Exited: Process Name - dwm.exe Process ID - 14656 [11-07-2023 21:24:01] Process Exited: Process Name - winlogon.exe Process ID - 14860 [11-07-2023 21:24:01] Process Exited: Process Name - LogonUI.exe Process ID - 15904 [11-07-2023 21:24:02] New process found: Process Name - csrss.exe Process ID - 13476 Process Identity - SYSTEM [11-07-2023 21:24:02] New process found: Process Name - winlogon.exe Process ID - 4988 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:24:03] New process found: Process Name - LogonUI.exe Process ID - 12436 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:24:03] New process found: Process Name - dwm.exe Process ID - 15520 Process Identity - Window Manager\DWM-4 [11-07-2023 21:24:17] Process Exited: Process Name - winlogon.exe Process ID - 4988 [11-07-2023 21:24:17] Process Exited: Process Name - LogonUI.exe Process ID - 12436 [11-07-2023 21:24:17] Process Exited: Process Name - csrss.exe Process ID - 13476 [11-07-2023 21:24:17] Process Exited: Process Name - dwm.exe Process ID - 15520 [11-07-2023 21:24:19] New process found: Process Name - csrss.exe Process ID - 6884 Process Identity - SYSTEM [11-07-2023 21:24:19] New process found: Process Name - winlogon.exe Process ID - 1716 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:24:20] New process found: Process Name - LogonUI.exe Process ID - 15248 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:24:20] New process found: Process Name - dwm.exe Process ID - 732 Process Identity - Window Manager\DWM-4 [11-07-2023 21:24:32] Process Exited: Process Name - dwm.exe Process ID - 732 [11-07-2023 21:24:32] Process Exited: Process Name - winlogon.exe Process ID - 1716 [11-07-2023 21:24:32] Process Exited: Process Name - csrss.exe Process ID - 6884 [11-07-2023 21:24:32] Process Exited: Process Name - LogonUI.exe Process ID - 15248 [11-07-2023 21:24:33] New process found: Process Name - csrss.exe Process ID - 12908 Process Identity - SYSTEM [11-07-2023 21:24:33] New process found: Process Name - winlogon.exe Process ID - 2556 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:24:34] New process found: Process Name - LogonUI.exe Process ID - 13692 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:24:34] New process found: Process Name - dwm.exe Process ID - 16360 Process Identity - Window Manager\DWM-4 [11-07-2023 21:24:47] Process Exited: Process Name - winlogon.exe Process ID - 2556 [11-07-2023 21:24:47] Process Exited: Process Name - csrss.exe Process ID - 12908 [11-07-2023 21:24:47] Process Exited: Process Name - LogonUI.exe Process ID - 13692 [11-07-2023 21:24:47] Process Exited: Process Name - dwm.exe Process ID - 16360 [11-07-2023 21:24:48] New process found: Process Name - csrss.exe Process ID - 8988 Process Identity - SYSTEM [11-07-2023 21:24:48] New process found: Process Name - winlogon.exe Process ID - 15260 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:24:49] New process found: Process Name - LogonUI.exe Process ID - 15700 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:24:49] New process found: Process Name - dwm.exe Process ID - 15688 Process Identity - Window Manager\DWM-4 [11-07-2023 21:25:02] Process Exited: Process Name - csrss.exe Process ID - 8988 [11-07-2023 21:25:02] Process Exited: Process Name - winlogon.exe Process ID - 15260 [11-07-2023 21:25:02] Process Exited: Process Name - dwm.exe Process ID - 15688 [11-07-2023 21:25:02] Process Exited: Process Name - LogonUI.exe Process ID - 15700 [11-07-2023 21:25:03] New process found: Process Name - csrss.exe Process ID - 708 Process Identity - SYSTEM [11-07-2023 21:25:03] New process found: Process Name - winlogon.exe Process ID - 8316 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:25:04] New process found: Process Name - LogonUI.exe Process ID - 1108 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:25:04] New process found: Process Name - dwm.exe Process ID - 15824 Process Identity - Window Manager\DWM-4 [11-07-2023 21:25:17] Process Exited: Process Name - csrss.exe Process ID - 708 [11-07-2023 21:25:17] Process Exited: Process Name - LogonUI.exe Process ID - 1108 [11-07-2023 21:25:17] Process Exited: Process Name - winlogon.exe Process ID - 8316 [11-07-2023 21:25:17] Process Exited: Process Name - dwm.exe Process ID - 15824 [11-07-2023 21:25:19] New process found: Process Name - csrss.exe Process ID - 15512 Process Identity - SYSTEM [11-07-2023 21:25:19] New process found: Process Name - winlogon.exe Process ID - 14736 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:25:20] New process found: Process Name - LogonUI.exe Process ID - 5668 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:25:20] New process found: Process Name - dwm.exe Process ID - 15760 Process Identity - Window Manager\DWM-4 [11-07-2023 21:25:31] Process Exited: Process Name - w3wp.exe Process ID - 15560 Web application pool name - justprewedding.com(domain)(4.0)(pool) [11-07-2023 21:25:32] Process Exited: Process Name - LogonUI.exe Process ID - 5668 [11-07-2023 21:25:32] Process Exited: Process Name - winlogon.exe Process ID - 14736 [11-07-2023 21:25:32] Process Exited: Process Name - csrss.exe Process ID - 15512 [11-07-2023 21:25:32] Process Exited: Process Name - dwm.exe Process ID - 15760 [11-07-2023 21:25:34] New process found: Process Name - csrss.exe Process ID - 1380 Process Identity - SYSTEM [11-07-2023 21:25:34] New process found: Process Name - winlogon.exe Process ID - 9272 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:25:35] New process found: Process Name - LogonUI.exe Process ID - 336 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:25:35] New process found: Process Name - dwm.exe Process ID - 7420 Process Identity - Window Manager\DWM-4 [11-07-2023 21:25:38] New process found: Process Name - w3wp.exe Process ID - 14704 Process Identity - KSHITIJSINGHAL-\IWPD_33(acwits) Web application pool name - procurementwebnew.acwits.in(domain)(4.0)(pool) [11-07-2023 21:25:38] New process found: Process Name - where.exe Process ID - 14872 Process Identity - KSHITIJSINGHAL-\IWPD_33(acwits) [11-07-2023 21:25:38] New process found: Process Name - conhost.exe Process ID - 13500 Process Identity - KSHITIJSINGHAL-\IWPD_33(acwits) [11-07-2023 21:25:38] Process Exited: Process Name - conhost.exe Process ID - 14048 [11-07-2023 21:25:38] Process Exited: Process Name - w3wp.exe Process ID - 15924 Web application pool name - kdb.acwits.in(domain)(4.0)(pool) [11-07-2023 21:25:39] New process found: Process Name - conhost.exe Process ID - 14664 Process Identity - KSHITIJSINGHAL-\IWPD_33(acwits) [11-07-2023 21:25:39] Process Exited: Process Name - conhost.exe Process ID - 13500 [11-07-2023 21:25:39] Process Exited: Process Name - where.exe Process ID - 14872 [11-07-2023 21:25:47] Process Exited: Process Name - LogonUI.exe Process ID - 336 [11-07-2023 21:25:47] Process Exited: Process Name - csrss.exe Process ID - 1380 [11-07-2023 21:25:47] Process Exited: Process Name - dwm.exe Process ID - 7420 [11-07-2023 21:25:47] Process Exited: Process Name - winlogon.exe Process ID - 9272 [11-07-2023 21:25:48] New process found: Process Name - csrss.exe Process ID - 14240 Process Identity - SYSTEM [11-07-2023 21:25:48] New process found: Process Name - winlogon.exe Process ID - 14556 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:25:49] New process found: Process Name - LogonUI.exe Process ID - 12592 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:25:49] New process found: Process Name - dwm.exe Process ID - 14932 Process Identity - Window Manager\DWM-4 [11-07-2023 21:26:02] Process Exited: Process Name - LogonUI.exe Process ID - 12592 [11-07-2023 21:26:02] Process Exited: Process Name - csrss.exe Process ID - 14240 [11-07-2023 21:26:02] Process Exited: Process Name - winlogon.exe Process ID - 14556 [11-07-2023 21:26:02] Process Exited: Process Name - dwm.exe Process ID - 14932 [11-07-2023 21:26:04] New process found: Process Name - csrss.exe Process ID - 2088 Process Identity - SYSTEM [11-07-2023 21:26:04] New process found: Process Name - winlogon.exe Process ID - 14500 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:26:05] New process found: Process Name - LogonUI.exe Process ID - 15820 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:26:05] New process found: Process Name - dwm.exe Process ID - 15204 Process Identity - Window Manager\DWM-4 [11-07-2023 21:26:17] Process Exited: Process Name - csrss.exe Process ID - 2088 [11-07-2023 21:26:17] Process Exited: Process Name - winlogon.exe Process ID - 14500 [11-07-2023 21:26:17] Process Exited: Process Name - dwm.exe Process ID - 15204 [11-07-2023 21:26:17] Process Exited: Process Name - LogonUI.exe Process ID - 15820 [11-07-2023 21:26:18] New process found: Process Name - csrss.exe Process ID - 7196 Process Identity - SYSTEM [11-07-2023 21:26:18] New process found: Process Name - winlogon.exe Process ID - 1828 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:26:19] New process found: Process Name - LogonUI.exe Process ID - 15240 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:26:19] New process found: Process Name - dwm.exe Process ID - 1868 Process Identity - Window Manager\DWM-4 [11-07-2023 21:26:19] New process found: Process Name - w3wp.exe Process ID - 15388 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [11-07-2023 21:26:19] Process Exited: Process Name - w3wp.exe Process ID - 4376 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [11-07-2023 21:26:32] Process Exited: Process Name - winlogon.exe Process ID - 1828 [11-07-2023 21:26:32] Process Exited: Process Name - dwm.exe Process ID - 1868 [11-07-2023 21:26:32] Process Exited: Process Name - csrss.exe Process ID - 7196 [11-07-2023 21:26:32] Process Exited: Process Name - LogonUI.exe Process ID - 15240 [11-07-2023 21:26:33] New process found: Process Name - csrss.exe Process ID - 5668 Process Identity - SYSTEM [11-07-2023 21:26:33] New process found: Process Name - winlogon.exe Process ID - 14852 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:26:34] New process found: Process Name - LogonUI.exe Process ID - 9320 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:26:34] New process found: Process Name - dwm.exe Process ID - 14916 Process Identity - Window Manager\DWM-4 [11-07-2023 21:26:47] Process Exited: Process Name - csrss.exe Process ID - 5668 [11-07-2023 21:26:47] Process Exited: Process Name - LogonUI.exe Process ID - 9320 [11-07-2023 21:26:47] Process Exited: Process Name - winlogon.exe Process ID - 14852 [11-07-2023 21:26:47] Process Exited: Process Name - dwm.exe Process ID - 14916 [11-07-2023 21:26:48] New process found: Process Name - csrss.exe Process ID - 12572 Process Identity - SYSTEM [11-07-2023 21:26:48] New process found: Process Name - winlogon.exe Process ID - 6308 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:26:49] New process found: Process Name - LogonUI.exe Process ID - 14392 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:26:49] New process found: Process Name - dwm.exe Process ID - 13060 Process Identity - Window Manager\DWM-4 [11-07-2023 21:27:02] Process Exited: Process Name - winlogon.exe Process ID - 6308 [11-07-2023 21:27:02] Process Exited: Process Name - csrss.exe Process ID - 12572 [11-07-2023 21:27:02] Process Exited: Process Name - dwm.exe Process ID - 13060 [11-07-2023 21:27:02] Process Exited: Process Name - LogonUI.exe Process ID - 14392 [11-07-2023 21:27:08] New process found: Process Name - csrss.exe Process ID - 9352 Process Identity - SYSTEM [11-07-2023 21:27:08] New process found: Process Name - winlogon.exe Process ID - 736 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:27:08] New process found: Process Name - LogonUI.exe Process ID - 11636 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:27:08] New process found: Process Name - dwm.exe Process ID - 13120 Process Identity - Window Manager\DWM-4 [11-07-2023 21:27:17] Process Exited: Process Name - winlogon.exe Process ID - 736 [11-07-2023 21:27:17] Process Exited: Process Name - csrss.exe Process ID - 9352 [11-07-2023 21:27:17] Process Exited: Process Name - LogonUI.exe Process ID - 11636 [11-07-2023 21:27:17] Process Exited: Process Name - dwm.exe Process ID - 13120 [11-07-2023 21:27:18] New process found: Process Name - csrss.exe Process ID - 14328 Process Identity - SYSTEM [11-07-2023 21:27:18] New process found: Process Name - winlogon.exe Process ID - 6656 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:27:19] New process found: Process Name - LogonUI.exe Process ID - 14256 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:27:19] New process found: Process Name - dwm.exe Process ID - 15576 Process Identity - Window Manager\DWM-4 [11-07-2023 21:27:32] Process Exited: Process Name - winlogon.exe Process ID - 6656 [11-07-2023 21:27:32] Process Exited: Process Name - LogonUI.exe Process ID - 14256 [11-07-2023 21:27:32] Process Exited: Process Name - csrss.exe Process ID - 14328 [11-07-2023 21:27:32] Process Exited: Process Name - dwm.exe Process ID - 15576 [11-07-2023 21:27:34] New process found: Process Name - csrss.exe Process ID - 15172 Process Identity - SYSTEM [11-07-2023 21:27:34] New process found: Process Name - winlogon.exe Process ID - 15984 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:27:34] New process found: Process Name - LogonUI.exe Process ID - 4964 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:27:34] New process found: Process Name - dwm.exe Process ID - 1756 Process Identity - Window Manager\DWM-4 [11-07-2023 21:27:47] Process Exited: Process Name - dwm.exe Process ID - 1756 [11-07-2023 21:27:47] Process Exited: Process Name - LogonUI.exe Process ID - 4964 [11-07-2023 21:27:47] Process Exited: Process Name - csrss.exe Process ID - 15172 [11-07-2023 21:27:47] Process Exited: Process Name - winlogon.exe Process ID - 15984 [11-07-2023 21:27:48] New process found: Process Name - smss.exe Process ID - 2824 Process Identity - SYSTEM [11-07-2023 21:27:48] New process found: Process Name - csrss.exe Process ID - 15780 Process Identity - SYSTEM [11-07-2023 21:27:49] New process found: Process Name - winlogon.exe Process ID - 14280 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:27:49] Process Exited: Process Name - smss.exe Process ID - 2824 [11-07-2023 21:27:50] New process found: Process Name - LogonUI.exe Process ID - 11604 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:27:50] New process found: Process Name - dwm.exe Process ID - 5112 Process Identity - Window Manager\DWM-4 [11-07-2023 21:28:02] Process Exited: Process Name - dwm.exe Process ID - 5112 [11-07-2023 21:28:02] Process Exited: Process Name - LogonUI.exe Process ID - 11604 [11-07-2023 21:28:02] Process Exited: Process Name - winlogon.exe Process ID - 14280 [11-07-2023 21:28:02] Process Exited: Process Name - csrss.exe Process ID - 15780 [11-07-2023 21:28:03] New process found: Process Name - csrss.exe Process ID - 13144 Process Identity - SYSTEM [11-07-2023 21:28:03] New process found: Process Name - winlogon.exe Process ID - 2600 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:28:04] New process found: Process Name - LogonUI.exe Process ID - 2564 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:28:04] New process found: Process Name - dwm.exe Process ID - 4180 Process Identity - Window Manager\DWM-4 [11-07-2023 21:28:17] Process Exited: Process Name - LogonUI.exe Process ID - 2564 [11-07-2023 21:28:17] Process Exited: Process Name - winlogon.exe Process ID - 2600 [11-07-2023 21:28:17] Process Exited: Process Name - dwm.exe Process ID - 4180 [11-07-2023 21:28:17] Process Exited: Process Name - csrss.exe Process ID - 13144 [11-07-2023 21:28:18] New process found: Process Name - csrss.exe Process ID - 15292 Process Identity - SYSTEM [11-07-2023 21:28:18] New process found: Process Name - winlogon.exe Process ID - 11044 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:28:19] New process found: Process Name - LogonUI.exe Process ID - 16112 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:28:19] New process found: Process Name - dwm.exe Process ID - 2648 Process Identity - Window Manager\DWM-4 [11-07-2023 21:28:32] Process Exited: Process Name - dwm.exe Process ID - 2648 [11-07-2023 21:28:32] Process Exited: Process Name - winlogon.exe Process ID - 11044 [11-07-2023 21:28:32] Process Exited: Process Name - csrss.exe Process ID - 15292 [11-07-2023 21:28:32] Process Exited: Process Name - LogonUI.exe Process ID - 16112 [11-07-2023 21:28:34] New process found: Process Name - csrss.exe Process ID - 7036 Process Identity - SYSTEM [11-07-2023 21:28:34] New process found: Process Name - winlogon.exe Process ID - 3368 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:28:34] New process found: Process Name - LogonUI.exe Process ID - 15404 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:28:34] New process found: Process Name - dwm.exe Process ID - 8872 Process Identity - Window Manager\DWM-4 [11-07-2023 21:28:47] Process Exited: Process Name - winlogon.exe Process ID - 3368 [11-07-2023 21:28:47] Process Exited: Process Name - csrss.exe Process ID - 7036 [11-07-2023 21:28:47] Process Exited: Process Name - dwm.exe Process ID - 8872 [11-07-2023 21:28:47] Process Exited: Process Name - LogonUI.exe Process ID - 15404 [11-07-2023 21:28:49] New process found: Process Name - csrss.exe Process ID - 5588 Process Identity - SYSTEM [11-07-2023 21:28:49] New process found: Process Name - winlogon.exe Process ID - 5912 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:28:51] New process found: Process Name - LogonUI.exe Process ID - 14596 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:28:51] New process found: Process Name - dwm.exe Process ID - 4964 Process Identity - Window Manager\DWM-4 [11-07-2023 21:28:54] New process found: Process Name - WmiPrvSE.exe Process ID - 16180 Process Identity - NT AUTHORITY\LOCAL SERVICE [11-07-2023 21:29:01] New process found: Process Name - WmiPrvSE.exe Process ID - 14412 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:29:02] Process Exited: Process Name - dwm.exe Process ID - 4964 [11-07-2023 21:29:02] Process Exited: Process Name - csrss.exe Process ID - 5588 [11-07-2023 21:29:02] Process Exited: Process Name - winlogon.exe Process ID - 5912 [11-07-2023 21:29:02] Process Exited: Process Name - LogonUI.exe Process ID - 14596 [11-07-2023 21:29:03] New process found: Process Name - csrss.exe Process ID - 14280 Process Identity - SYSTEM [11-07-2023 21:29:03] New process found: Process Name - winlogon.exe Process ID - 8208 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:29:04] New process found: Process Name - LogonUI.exe Process ID - 15000 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:29:04] New process found: Process Name - dwm.exe Process ID - 676 Process Identity - Window Manager\DWM-4 [11-07-2023 21:29:07] Process Exited: Process Name - w3wp.exe Process ID - 12356 Web application pool name - adminportal.cies.org.in(domain)(4.0)(pool) [11-07-2023 21:29:17] Process Exited: Process Name - dwm.exe Process ID - 676 [11-07-2023 21:29:17] Process Exited: Process Name - winlogon.exe Process ID - 8208 [11-07-2023 21:29:17] Process Exited: Process Name - csrss.exe Process ID - 14280 [11-07-2023 21:29:17] Process Exited: Process Name - LogonUI.exe Process ID - 15000 [11-07-2023 21:29:19] New process found: Process Name - csrss.exe Process ID - 11928 Process Identity - SYSTEM [11-07-2023 21:29:19] New process found: Process Name - winlogon.exe Process ID - 7416 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:29:20] New process found: Process Name - LogonUI.exe Process ID - 7704 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:29:20] New process found: Process Name - dwm.exe Process ID - 15768 Process Identity - Window Manager\DWM-4 [11-07-2023 21:29:32] Process Exited: Process Name - winlogon.exe Process ID - 7416 [11-07-2023 21:29:32] Process Exited: Process Name - LogonUI.exe Process ID - 7704 [11-07-2023 21:29:32] Process Exited: Process Name - csrss.exe Process ID - 11928 [11-07-2023 21:29:32] Process Exited: Process Name - dwm.exe Process ID - 15768 [11-07-2023 21:29:33] New process found: Process Name - csrss.exe Process ID - 7688 Process Identity - SYSTEM [11-07-2023 21:29:33] New process found: Process Name - winlogon.exe Process ID - 14740 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:29:34] New process found: Process Name - LogonUI.exe Process ID - 13160 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:29:34] New process found: Process Name - dwm.exe Process ID - 13140 Process Identity - Window Manager\DWM-4 [11-07-2023 21:29:47] Process Exited: Process Name - csrss.exe Process ID - 7688 [11-07-2023 21:29:47] Process Exited: Process Name - dwm.exe Process ID - 13140 [11-07-2023 21:29:47] Process Exited: Process Name - LogonUI.exe Process ID - 13160 [11-07-2023 21:29:47] Process Exited: Process Name - winlogon.exe Process ID - 14740 [11-07-2023 21:29:51] New process found: Process Name - csrss.exe Process ID - 5164 Process Identity - SYSTEM [11-07-2023 21:29:51] New process found: Process Name - winlogon.exe Process ID - 15816 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:29:53] New process found: Process Name - LogonUI.exe Process ID - 14972 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:29:53] New process found: Process Name - dwm.exe Process ID - 14388 Process Identity - Window Manager\DWM-4 [11-07-2023 21:29:59] New process found: Process Name - smss.exe Process ID - 2416 Process Identity - SYSTEM [11-07-2023 21:30:00] New process found: Process Name - csrss.exe Process ID - 14992 Process Identity - SYSTEM [11-07-2023 21:30:00] New process found: Process Name - winlogon.exe Process ID - 6484 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:30:00] New process found: Process Name - LogonUI.exe Process ID - 14496 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:30:00] New process found: Process Name - dwm.exe Process ID - 12364 Process Identity - Window Manager\DWM-5 [11-07-2023 21:30:00] Process Exited: Process Name - smss.exe Process ID - 2416 [11-07-2023 21:30:03] Process Exited: Process Name - csrss.exe Process ID - 5164 [11-07-2023 21:30:03] Process Exited: Process Name - dwm.exe Process ID - 14388 [11-07-2023 21:30:03] Process Exited: Process Name - LogonUI.exe Process ID - 14972 [11-07-2023 21:30:03] Process Exited: Process Name - winlogon.exe Process ID - 15816 [11-07-2023 21:30:03] Service state changed: Service Name - ScDeviceEnum Process ID - 284 Current State - SERVICE_RUNNING [11-07-2023 21:30:07] New process found: Process Name - TSTheme.exe Process ID - 15272 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 21:30:07] Process Exited: Process Name - winlogon.exe Process ID - 6484 [11-07-2023 21:30:07] Process Exited: Process Name - dwm.exe Process ID - 12364 [11-07-2023 21:30:07] Process Exited: Process Name - LogonUI.exe Process ID - 14496 [11-07-2023 21:30:08] New process found: Process Name - csrss.exe Process ID - 1336 Process Identity - SYSTEM [11-07-2023 21:30:08] New process found: Process Name - winlogon.exe Process ID - 3364 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:30:08] New process found: Process Name - taskhostw.exe Process ID - 12888 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:30:08] New process found: Process Name - dllhost.exe Process ID - 8780 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:30:08] New process found: Process Name - LogonUI.exe Process ID - 14060 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:30:08] New process found: Process Name - dwm.exe Process ID - 16112 Process Identity - Window Manager\DWM-4 [11-07-2023 21:30:08] Process Exited: Process Name - csrss.exe Process ID - 14992 [11-07-2023 21:30:13] Process Exited: Process Name - TSTheme.exe Process ID - 15272 [11-07-2023 21:30:13] Service state changed: Service Name - DsmSvc Process ID - 1120 Current State - SERVICE_RUNNING [11-07-2023 21:30:18] Process Exited: Process Name - csrss.exe Process ID - 1336 [11-07-2023 21:30:18] Process Exited: Process Name - winlogon.exe Process ID - 3364 [11-07-2023 21:30:18] Process Exited: Process Name - LogonUI.exe Process ID - 14060 [11-07-2023 21:30:18] Process Exited: Process Name - dwm.exe Process ID - 16112 [11-07-2023 21:30:19] New process found: Process Name - csrss.exe Process ID - 6528 Process Identity - SYSTEM [11-07-2023 21:30:19] New process found: Process Name - winlogon.exe Process ID - 14768 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:30:20] New process found: Process Name - LogonUI.exe Process ID - 9688 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:30:20] New process found: Process Name - dwm.exe Process ID - 14920 Process Identity - Window Manager\DWM-4 [11-07-2023 21:30:25] Process Exited: Process Name - WmiPrvSE.exe Process ID - 14412 [11-07-2023 21:30:25] Process Exited: Process Name - WmiPrvSE.exe Process ID - 16180 [11-07-2023 21:30:26] Process Exited: Process Name - Taskmgr.exe Process ID - 7060 [11-07-2023 21:30:33] Process Exited: Process Name - csrss.exe Process ID - 6528 [11-07-2023 21:30:33] Process Exited: Process Name - LogonUI.exe Process ID - 9688 [11-07-2023 21:30:33] Process Exited: Process Name - winlogon.exe Process ID - 14768 [11-07-2023 21:30:33] Process Exited: Process Name - dwm.exe Process ID - 14920 [11-07-2023 21:30:35] New process found: Process Name - csrss.exe Process ID - 7036 Process Identity - SYSTEM [11-07-2023 21:30:35] New process found: Process Name - winlogon.exe Process ID - 15776 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:30:35] New process found: Process Name - LogonUI.exe Process ID - 12332 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:30:35] New process found: Process Name - dwm.exe Process ID - 5176 Process Identity - Window Manager\DWM-4 [11-07-2023 21:30:38] Process Exited: Process Name - taskhostw.exe Process ID - 12888 [11-07-2023 21:30:43] Process Exited: Process Name - dllhost.exe Process ID - 8780 [11-07-2023 21:30:48] Process Exited: Process Name - dwm.exe Process ID - 5176 [11-07-2023 21:30:48] Process Exited: Process Name - csrss.exe Process ID - 7036 [11-07-2023 21:30:48] Process Exited: Process Name - LogonUI.exe Process ID - 12332 [11-07-2023 21:30:48] Process Exited: Process Name - winlogon.exe Process ID - 15776 [11-07-2023 21:30:53] New process found: Process Name - w3wp.exe Process ID - 12484 Process Identity - KSHITIJSINGHAL-\IWPD_13(perfectbrea) Web application pool name - perfectbread.com(domain)(4.0)(pool) [11-07-2023 21:30:53] New process found: Process Name - conhost.exe Process ID - 188 Process Identity - KSHITIJSINGHAL-\IWPD_13(perfectbrea) [11-07-2023 21:31:00] New process found: Process Name - csrss.exe Process ID - 736 Process Identity - SYSTEM [11-07-2023 21:31:00] New process found: Process Name - winlogon.exe Process ID - 13548 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:31:00] New process found: Process Name - LogonUI.exe Process ID - 8680 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:31:00] New process found: Process Name - dwm.exe Process ID - 15604 Process Identity - Window Manager\DWM-4 [11-07-2023 21:31:01] New process found: Process Name - dllhost.exe Process ID - 7336 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 21:31:01] New process found: Process Name - dllhost.exe Process ID - 14396 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 21:31:01] New process found: Process Name - w3wp.exe Process ID - 11552 Process Identity - KSHITIJSINGHAL-\IWPD_38(capitalbook) Web application pool name - capitalbooks-publishing.com(domain)(4.0)(pool) [11-07-2023 21:31:01] Service state changed: Service Name - DsmSvc Process ID - 0 Current State - SERVICE_STOPPED [11-07-2023 21:31:06] Process Exited: Process Name - dllhost.exe Process ID - 7336 [11-07-2023 21:31:13] New process found: Process Name - w3wp.exe Process ID - 12908 Process Identity - KSHITIJSINGHAL-\IWPD_67(justprew_2v) Web application pool name - justprewedding.com(domain)(4.0)(pool) [11-07-2023 21:31:13] Process Exited: Process Name - csrss.exe Process ID - 736 [11-07-2023 21:31:13] Process Exited: Process Name - LogonUI.exe Process ID - 8680 [11-07-2023 21:31:13] Process Exited: Process Name - winlogon.exe Process ID - 13548 [11-07-2023 21:31:13] Process Exited: Process Name - dwm.exe Process ID - 15604 [11-07-2023 21:31:15] New process found: Process Name - csrss.exe Process ID - 5072 Process Identity - SYSTEM [11-07-2023 21:31:15] New process found: Process Name - winlogon.exe Process ID - 14072 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:31:15] New process found: Process Name - LogonUI.exe Process ID - 13516 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:31:15] New process found: Process Name - dwm.exe Process ID - 5508 Process Identity - Window Manager\DWM-4 [11-07-2023 21:31:16] New process found: Process Name - conhost.exe Process ID - 2328 Process Identity - KSHITIJSINGHAL-\IWPD_67(justprew_2v) [11-07-2023 21:31:19] Process Exited: Process Name - chrome.exe Process ID - 1776 [11-07-2023 21:31:19] Process Exited: Process Name - chrome.exe Process ID - 6236 [11-07-2023 21:31:19] Process Exited: Process Name - chrome.exe Process ID - 9752 [11-07-2023 21:31:19] Process Exited: Process Name - chrome.exe Process ID - 9848 [11-07-2023 21:31:19] Process Exited: Process Name - chrome.exe Process ID - 9856 [11-07-2023 21:31:19] Process Exited: Process Name - chrome.exe Process ID - 10140 [11-07-2023 21:31:19] Process Exited: Process Name - chrome.exe Process ID - 10432 [11-07-2023 21:31:19] Process Exited: Process Name - chrome.exe Process ID - 10488 [11-07-2023 21:31:19] Process Exited: Process Name - chrome.exe Process ID - 10556 [11-07-2023 21:31:19] Process Exited: Process Name - chrome.exe Process ID - 10624 [11-07-2023 21:31:19] Process Exited: Process Name - chrome.exe Process ID - 10896 [11-07-2023 21:31:19] Process Exited: Process Name - chrome.exe Process ID - 10988 [11-07-2023 21:31:19] Process Exited: Process Name - chrome.exe Process ID - 11020 [11-07-2023 21:31:19] Process Exited: Process Name - chrome.exe Process ID - 11032 [11-07-2023 21:31:19] Process Exited: Process Name - chrome.exe Process ID - 11076 [11-07-2023 21:31:19] Process Exited: Process Name - chrome.exe Process ID - 11236 [11-07-2023 21:31:19] Process Exited: Process Name - chrome.exe Process ID - 11452 [11-07-2023 21:31:19] Process Exited: Process Name - chrome.exe Process ID - 11840 [11-07-2023 21:31:19] Process Exited: Process Name - chrome.exe Process ID - 11848 [11-07-2023 21:31:19] Process Exited: Process Name - chrome.exe Process ID - 12108 [11-07-2023 21:31:19] Process Exited: Process Name - chrome.exe Process ID - 12124 [11-07-2023 21:31:19] Process Exited: Process Name - chrome.exe Process ID - 12132 [11-07-2023 21:31:19] Process Exited: Process Name - chrome.exe Process ID - 12752 [11-07-2023 21:31:20] New process found: Process Name - w3wp.exe Process ID - 14652 Process Identity - KSHITIJSINGHAL-\IWPD_69(acwits) Web application pool name - imarc.acwits.in(domain)(4.0)(pool) [11-07-2023 21:31:20] Process Exited: Process Name - chrome.exe Process ID - 3952 [11-07-2023 21:31:20] Process Exited: Process Name - chrome.exe Process ID - 4332 [11-07-2023 21:31:20] Process Exited: Process Name - chrome.exe Process ID - 5928 [11-07-2023 21:31:20] Process Exited: Process Name - chrome.exe Process ID - 6296 [11-07-2023 21:31:20] Process Exited: Process Name - chrome.exe Process ID - 6948 [11-07-2023 21:31:20] Process Exited: Process Name - chrome.exe Process ID - 9228 [11-07-2023 21:31:20] Process Exited: Process Name - chrome.exe Process ID - 9716 [11-07-2023 21:31:20] Process Exited: Process Name - chrome.exe Process ID - 9784 [11-07-2023 21:31:20] Process Exited: Process Name - chrome.exe Process ID - 10264 [11-07-2023 21:31:20] Process Exited: Process Name - chrome.exe Process ID - 10272 [11-07-2023 21:31:20] Process Exited: Process Name - chrome.exe Process ID - 10280 [11-07-2023 21:31:20] Process Exited: Process Name - chrome.exe Process ID - 10332 [11-07-2023 21:31:20] Process Exited: Process Name - chrome.exe Process ID - 10716 [11-07-2023 21:31:20] Process Exited: Process Name - chrome.exe Process ID - 11096 [11-07-2023 21:31:20] Process Exited: Process Name - chrome.exe Process ID - 11200 [11-07-2023 21:31:20] Process Exited: Process Name - chrome.exe Process ID - 11860 [11-07-2023 21:31:20] Process Exited: Process Name - chrome.exe Process ID - 11972 [11-07-2023 21:31:20] Process Exited: Process Name - chrome.exe Process ID - 12116 [11-07-2023 21:31:20] Process Exited: Process Name - chrome.exe Process ID - 12688 [11-07-2023 21:31:21] New process found: Process Name - conhost.exe Process ID - 2720 Process Identity - KSHITIJSINGHAL-\IWPD_69(acwits) [11-07-2023 21:31:21] New process found: Process Name - w3wp.exe Process ID - 15252 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [11-07-2023 21:31:21] Process Exited: Process Name - w3wp.exe Process ID - 15388 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [11-07-2023 21:31:28] Process Exited: Process Name - csrss.exe Process ID - 5072 [11-07-2023 21:31:28] Process Exited: Process Name - dwm.exe Process ID - 5508 [11-07-2023 21:31:28] Process Exited: Process Name - LogonUI.exe Process ID - 13516 [11-07-2023 21:31:28] Process Exited: Process Name - winlogon.exe Process ID - 14072 [11-07-2023 21:31:29] New process found: Process Name - csrss.exe Process ID - 14992 Process Identity - SYSTEM [11-07-2023 21:31:29] New process found: Process Name - winlogon.exe Process ID - 1428 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:31:30] New process found: Process Name - LogonUI.exe Process ID - 12832 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:31:30] New process found: Process Name - dwm.exe Process ID - 15824 Process Identity - Window Manager\DWM-4 [11-07-2023 21:31:40] Process Exited: Process Name - conhost.exe Process ID - 14664 [11-07-2023 21:31:40] Process Exited: Process Name - w3wp.exe Process ID - 14704 Web application pool name - procurementwebnew.acwits.in(domain)(4.0)(pool) [11-07-2023 21:31:43] Process Exited: Process Name - winlogon.exe Process ID - 1428 [11-07-2023 21:31:43] Process Exited: Process Name - LogonUI.exe Process ID - 12832 [11-07-2023 21:31:43] Process Exited: Process Name - csrss.exe Process ID - 14992 [11-07-2023 21:31:43] Process Exited: Process Name - dwm.exe Process ID - 15824 [11-07-2023 21:31:44] New process found: Process Name - csrss.exe Process ID - 11440 Process Identity - SYSTEM [11-07-2023 21:31:44] New process found: Process Name - winlogon.exe Process ID - 11360 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:31:45] New process found: Process Name - LogonUI.exe Process ID - 12672 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:31:45] New process found: Process Name - dwm.exe Process ID - 2764 Process Identity - Window Manager\DWM-4 [11-07-2023 21:31:58] Process Exited: Process Name - dwm.exe Process ID - 2764 [11-07-2023 21:31:58] Process Exited: Process Name - winlogon.exe Process ID - 11360 [11-07-2023 21:31:58] Process Exited: Process Name - csrss.exe Process ID - 11440 [11-07-2023 21:31:58] Process Exited: Process Name - LogonUI.exe Process ID - 12672 [11-07-2023 21:32:00] New process found: Process Name - csrss.exe Process ID - 4728 Process Identity - SYSTEM [11-07-2023 21:32:00] New process found: Process Name - winlogon.exe Process ID - 11856 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:32:01] New process found: Process Name - LogonUI.exe Process ID - 10528 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:32:01] New process found: Process Name - dwm.exe Process ID - 8792 Process Identity - Window Manager\DWM-4 [11-07-2023 21:32:13] Process Exited: Process Name - csrss.exe Process ID - 4728 [11-07-2023 21:32:13] Process Exited: Process Name - dwm.exe Process ID - 8792 [11-07-2023 21:32:13] Process Exited: Process Name - LogonUI.exe Process ID - 10528 [11-07-2023 21:32:13] Process Exited: Process Name - winlogon.exe Process ID - 11856 [11-07-2023 21:32:14] New process found: Process Name - csrss.exe Process ID - 10252 Process Identity - SYSTEM [11-07-2023 21:32:14] New process found: Process Name - winlogon.exe Process ID - 108 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:32:15] New process found: Process Name - LogonUI.exe Process ID - 9372 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:32:15] New process found: Process Name - dwm.exe Process ID - 6900 Process Identity - Window Manager\DWM-4 [11-07-2023 21:32:25] New process found: Process Name - assistant.exe Process ID - 10344 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 21:32:25] New process found: Process Name - mbam.exe Process ID - 5572 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 21:32:28] Process Exited: Process Name - winlogon.exe Process ID - 108 [11-07-2023 21:32:28] Process Exited: Process Name - dwm.exe Process ID - 6900 [11-07-2023 21:32:28] Process Exited: Process Name - LogonUI.exe Process ID - 9372 [11-07-2023 21:32:28] Process Exited: Process Name - csrss.exe Process ID - 10252 [11-07-2023 21:32:29] New process found: Process Name - csrss.exe Process ID - 10396 Process Identity - SYSTEM [11-07-2023 21:32:29] New process found: Process Name - winlogon.exe Process ID - 2908 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:32:30] New process found: Process Name - LogonUI.exe Process ID - 992 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:32:30] New process found: Process Name - dwm.exe Process ID - 10824 Process Identity - Window Manager\DWM-4 [11-07-2023 21:32:30] Process Exited: Process Name - assistant.exe Process ID - 10344 [11-07-2023 21:32:43] Process Exited: Process Name - LogonUI.exe Process ID - 992 [11-07-2023 21:32:43] Process Exited: Process Name - winlogon.exe Process ID - 2908 [11-07-2023 21:32:43] Process Exited: Process Name - csrss.exe Process ID - 10396 [11-07-2023 21:32:43] Process Exited: Process Name - dwm.exe Process ID - 10824 [11-07-2023 21:32:44] New process found: Process Name - csrss.exe Process ID - 11544 Process Identity - SYSTEM [11-07-2023 21:32:44] New process found: Process Name - winlogon.exe Process ID - 10164 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:32:45] New process found: Process Name - LogonUI.exe Process ID - 13636 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:32:45] New process found: Process Name - dwm.exe Process ID - 14868 Process Identity - Window Manager\DWM-4 [11-07-2023 21:32:58] Process Exited: Process Name - winlogon.exe Process ID - 10164 [11-07-2023 21:32:58] Process Exited: Process Name - csrss.exe Process ID - 11544 [11-07-2023 21:32:58] Process Exited: Process Name - LogonUI.exe Process ID - 13636 [11-07-2023 21:32:58] Process Exited: Process Name - dwm.exe Process ID - 14868 [11-07-2023 21:32:59] New process found: Process Name - smss.exe Process ID - 7724 Process Identity - SYSTEM [11-07-2023 21:32:59] New process found: Process Name - csrss.exe Process ID - 7676 Process Identity - SYSTEM [11-07-2023 21:33:00] New process found: Process Name - winlogon.exe Process ID - 7984 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:33:00] New process found: Process Name - LogonUI.exe Process ID - 14592 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:33:00] New process found: Process Name - dwm.exe Process ID - 656 Process Identity - Window Manager\DWM-4 [11-07-2023 21:33:00] Process Exited: Process Name - smss.exe Process ID - 7724 [11-07-2023 21:33:13] Process Exited: Process Name - dwm.exe Process ID - 656 [11-07-2023 21:33:13] Process Exited: Process Name - csrss.exe Process ID - 7676 [11-07-2023 21:33:13] Process Exited: Process Name - winlogon.exe Process ID - 7984 [11-07-2023 21:33:13] Process Exited: Process Name - LogonUI.exe Process ID - 14592 [11-07-2023 21:33:14] New process found: Process Name - csrss.exe Process ID - 13976 Process Identity - SYSTEM [11-07-2023 21:33:14] New process found: Process Name - winlogon.exe Process ID - 14416 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:33:15] New process found: Process Name - LogonUI.exe Process ID - 14072 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:33:15] New process found: Process Name - dwm.exe Process ID - 1336 Process Identity - Window Manager\DWM-4 [11-07-2023 21:33:29] Process Exited: Process Name - dwm.exe Process ID - 1336 [11-07-2023 21:33:29] Process Exited: Process Name - csrss.exe Process ID - 13976 [11-07-2023 21:33:29] Process Exited: Process Name - LogonUI.exe Process ID - 14072 [11-07-2023 21:33:29] Process Exited: Process Name - winlogon.exe Process ID - 14416 [11-07-2023 21:33:30] New process found: Process Name - csrss.exe Process ID - 16288 Process Identity - SYSTEM [11-07-2023 21:33:30] New process found: Process Name - winlogon.exe Process ID - 15508 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:33:31] New process found: Process Name - LogonUI.exe Process ID - 12436 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:33:31] New process found: Process Name - dwm.exe Process ID - 8832 Process Identity - Window Manager\DWM-4 [11-07-2023 21:33:32] New process found: Process Name - audiodg.exe Process ID - 11880 Process Identity - NT AUTHORITY\LOCAL SERVICE [11-07-2023 21:33:44] Process Exited: Process Name - dwm.exe Process ID - 8832 [11-07-2023 21:33:44] Process Exited: Process Name - LogonUI.exe Process ID - 12436 [11-07-2023 21:33:44] Process Exited: Process Name - winlogon.exe Process ID - 15508 [11-07-2023 21:33:44] Process Exited: Process Name - csrss.exe Process ID - 16288 [11-07-2023 21:33:46] New process found: Process Name - csrss.exe Process ID - 10292 Process Identity - SYSTEM [11-07-2023 21:33:46] New process found: Process Name - winlogon.exe Process ID - 10580 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:33:47] New process found: Process Name - LogonUI.exe Process ID - 13432 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:33:47] New process found: Process Name - dwm.exe Process ID - 10664 Process Identity - Window Manager\DWM-4 [11-07-2023 21:33:59] Process Exited: Process Name - csrss.exe Process ID - 10292 [11-07-2023 21:33:59] Process Exited: Process Name - winlogon.exe Process ID - 10580 [11-07-2023 21:33:59] Process Exited: Process Name - dwm.exe Process ID - 10664 [11-07-2023 21:33:59] Process Exited: Process Name - LogonUI.exe Process ID - 13432 [11-07-2023 21:34:00] New process found: Process Name - csrss.exe Process ID - 524 Process Identity - SYSTEM [11-07-2023 21:34:00] New process found: Process Name - winlogon.exe Process ID - 14052 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:34:01] New process found: Process Name - LogonUI.exe Process ID - 2284 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:34:01] New process found: Process Name - dwm.exe Process ID - 10568 Process Identity - Window Manager\DWM-4 [11-07-2023 21:34:14] Process Exited: Process Name - csrss.exe Process ID - 524 [11-07-2023 21:34:14] Process Exited: Process Name - LogonUI.exe Process ID - 2284 [11-07-2023 21:34:14] Process Exited: Process Name - dwm.exe Process ID - 10568 [11-07-2023 21:34:14] Process Exited: Process Name - winlogon.exe Process ID - 14052 [11-07-2023 21:34:15] New process found: Process Name - smss.exe Process ID - 12444 Process Identity - SYSTEM [11-07-2023 21:34:15] New process found: Process Name - csrss.exe Process ID - 8776 Process Identity - SYSTEM [11-07-2023 21:34:16] New process found: Process Name - winlogon.exe Process ID - 10328 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:34:16] Process Exited: Process Name - smss.exe Process ID - 12444 [11-07-2023 21:34:17] New process found: Process Name - LogonUI.exe Process ID - 10964 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:34:17] New process found: Process Name - dwm.exe Process ID - 9912 Process Identity - Window Manager\DWM-4 [11-07-2023 21:34:29] Process Exited: Process Name - csrss.exe Process ID - 8776 [11-07-2023 21:34:29] Process Exited: Process Name - dwm.exe Process ID - 9912 [11-07-2023 21:34:29] Process Exited: Process Name - winlogon.exe Process ID - 10328 [11-07-2023 21:34:29] Process Exited: Process Name - LogonUI.exe Process ID - 10964 [11-07-2023 21:34:30] Process Exited: Process Name - mbam.exe Process ID - 5572 [11-07-2023 21:34:31] New process found: Process Name - csrss.exe Process ID - 8580 Process Identity - SYSTEM [11-07-2023 21:34:31] New process found: Process Name - winlogon.exe Process ID - 11252 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:34:31] New process found: Process Name - LogonUI.exe Process ID - 11308 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:34:31] New process found: Process Name - dwm.exe Process ID - 12720 Process Identity - Window Manager\DWM-4 [11-07-2023 21:34:42] New process found: Process Name - InetMgr.exe Process ID - 11620 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 21:34:44] Process Exited: Process Name - csrss.exe Process ID - 8580 [11-07-2023 21:34:44] Process Exited: Process Name - winlogon.exe Process ID - 11252 [11-07-2023 21:34:44] Process Exited: Process Name - LogonUI.exe Process ID - 11308 [11-07-2023 21:34:44] Process Exited: Process Name - dwm.exe Process ID - 12720 [11-07-2023 21:34:45] New process found: Process Name - csrss.exe Process ID - 6824 Process Identity - SYSTEM [11-07-2023 21:34:45] New process found: Process Name - winlogon.exe Process ID - 14796 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:34:46] New process found: Process Name - LogonUI.exe Process ID - 9712 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:34:46] New process found: Process Name - dwm.exe Process ID - 10112 Process Identity - Window Manager\DWM-4 [11-07-2023 21:34:54] Process Exited: Process Name - w3wp.exe Process ID - 3312 Web application pool name - galaxytools.in [11-07-2023 21:34:59] Process Exited: Process Name - csrss.exe Process ID - 6824 [11-07-2023 21:34:59] Process Exited: Process Name - LogonUI.exe Process ID - 9712 [11-07-2023 21:34:59] Process Exited: Process Name - dwm.exe Process ID - 10112 [11-07-2023 21:34:59] Process Exited: Process Name - winlogon.exe Process ID - 14796 [11-07-2023 21:35:01] New process found: Process Name - csrss.exe Process ID - 6776 Process Identity - SYSTEM [11-07-2023 21:35:01] New process found: Process Name - winlogon.exe Process ID - 2324 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:35:01] New process found: Process Name - LogonUI.exe Process ID - 5176 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:35:01] New process found: Process Name - dwm.exe Process ID - 6912 Process Identity - Window Manager\DWM-4 [11-07-2023 21:35:14] Process Exited: Process Name - winlogon.exe Process ID - 2324 [11-07-2023 21:35:14] Process Exited: Process Name - LogonUI.exe Process ID - 5176 [11-07-2023 21:35:14] Process Exited: Process Name - csrss.exe Process ID - 6776 [11-07-2023 21:35:14] Process Exited: Process Name - dwm.exe Process ID - 6912 [11-07-2023 21:35:15] New process found: Process Name - csrss.exe Process ID - 5076 Process Identity - SYSTEM [11-07-2023 21:35:15] New process found: Process Name - winlogon.exe Process ID - 12804 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:35:17] New process found: Process Name - LogonUI.exe Process ID - 8568 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:35:17] New process found: Process Name - dwm.exe Process ID - 1788 Process Identity - Window Manager\DWM-4 [11-07-2023 21:35:25] New process found: Process Name - w3wp.exe Process ID - 9400 Process Identity - IIS APPPOOL\shop.galaxytools.in Web application pool name - shop.galaxytools.in [11-07-2023 21:35:25] Process Exited: Process Name - w3wp.exe Process ID - 16176 Web application pool name - shop.galaxytools.in [11-07-2023 21:35:29] Process Exited: Process Name - dwm.exe Process ID - 1788 [11-07-2023 21:35:29] Process Exited: Process Name - csrss.exe Process ID - 5076 [11-07-2023 21:35:29] Process Exited: Process Name - LogonUI.exe Process ID - 8568 [11-07-2023 21:35:29] Process Exited: Process Name - winlogon.exe Process ID - 12804 [11-07-2023 21:35:30] New process found: Process Name - csrss.exe Process ID - 11960 Process Identity - SYSTEM [11-07-2023 21:35:30] New process found: Process Name - winlogon.exe Process ID - 11964 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:35:31] New process found: Process Name - LogonUI.exe Process ID - 12516 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:35:31] New process found: Process Name - dwm.exe Process ID - 12424 Process Identity - Window Manager\DWM-4 [11-07-2023 21:35:44] Process Exited: Process Name - csrss.exe Process ID - 11960 [11-07-2023 21:35:44] Process Exited: Process Name - winlogon.exe Process ID - 11964 [11-07-2023 21:35:44] Process Exited: Process Name - dwm.exe Process ID - 12424 [11-07-2023 21:35:44] Process Exited: Process Name - LogonUI.exe Process ID - 12516 [11-07-2023 21:35:45] New process found: Process Name - csrss.exe Process ID - 10608 Process Identity - SYSTEM [11-07-2023 21:35:45] New process found: Process Name - winlogon.exe Process ID - 7512 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:35:46] New process found: Process Name - LogonUI.exe Process ID - 13252 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:35:46] New process found: Process Name - dwm.exe Process ID - 5944 Process Identity - Window Manager\DWM-4 [11-07-2023 21:35:59] Process Exited: Process Name - dwm.exe Process ID - 5944 [11-07-2023 21:35:59] Process Exited: Process Name - winlogon.exe Process ID - 7512 [11-07-2023 21:35:59] Process Exited: Process Name - csrss.exe Process ID - 10608 [11-07-2023 21:35:59] Process Exited: Process Name - LogonUI.exe Process ID - 13252 [11-07-2023 21:36:00] New process found: Process Name - csrss.exe Process ID - 11984 Process Identity - SYSTEM [11-07-2023 21:36:00] New process found: Process Name - winlogon.exe Process ID - 11540 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:36:01] New process found: Process Name - LogonUI.exe Process ID - 13272 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:36:01] New process found: Process Name - dwm.exe Process ID - 10688 Process Identity - Window Manager\DWM-4 [11-07-2023 21:36:15] Process Exited: Process Name - dwm.exe Process ID - 10688 [11-07-2023 21:36:15] Process Exited: Process Name - winlogon.exe Process ID - 11540 [11-07-2023 21:36:15] Process Exited: Process Name - csrss.exe Process ID - 11984 [11-07-2023 21:36:15] Process Exited: Process Name - LogonUI.exe Process ID - 13272 [11-07-2023 21:36:16] New process found: Process Name - csrss.exe Process ID - 10856 Process Identity - SYSTEM [11-07-2023 21:36:16] New process found: Process Name - winlogon.exe Process ID - 4328 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:36:17] New process found: Process Name - LogonUI.exe Process ID - 11340 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:36:17] New process found: Process Name - dwm.exe Process ID - 10792 Process Identity - Window Manager\DWM-4 [11-07-2023 21:36:22] New process found: Process Name - w3wp.exe Process ID - 15104 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [11-07-2023 21:36:22] Process Exited: Process Name - w3wp.exe Process ID - 15252 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [11-07-2023 21:36:30] Process Exited: Process Name - winlogon.exe Process ID - 4328 [11-07-2023 21:36:30] Process Exited: Process Name - dwm.exe Process ID - 10792 [11-07-2023 21:36:30] Process Exited: Process Name - csrss.exe Process ID - 10856 [11-07-2023 21:36:30] Process Exited: Process Name - LogonUI.exe Process ID - 11340 [11-07-2023 21:36:31] New process found: Process Name - csrss.exe Process ID - 12768 Process Identity - SYSTEM [11-07-2023 21:36:31] New process found: Process Name - winlogon.exe Process ID - 10548 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:36:32] New process found: Process Name - LogonUI.exe Process ID - 11320 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:36:32] New process found: Process Name - dwm.exe Process ID - 9280 Process Identity - Window Manager\DWM-4 [11-07-2023 21:36:34] New process found: Process Name - notepad.exe Process ID - 11012 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 21:36:45] Process Exited: Process Name - dwm.exe Process ID - 9280 [11-07-2023 21:36:45] Process Exited: Process Name - winlogon.exe Process ID - 10548 [11-07-2023 21:36:45] Process Exited: Process Name - LogonUI.exe Process ID - 11320 [11-07-2023 21:36:45] Process Exited: Process Name - csrss.exe Process ID - 12768 [11-07-2023 21:36:46] New process found: Process Name - csrss.exe Process ID - 13384 Process Identity - SYSTEM [11-07-2023 21:36:46] New process found: Process Name - winlogon.exe Process ID - 11884 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:36:47] New process found: Process Name - LogonUI.exe Process ID - 12056 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:36:47] New process found: Process Name - dwm.exe Process ID - 8972 Process Identity - Window Manager\DWM-4 [11-07-2023 21:37:00] Process Exited: Process Name - dwm.exe Process ID - 8972 [11-07-2023 21:37:00] Process Exited: Process Name - winlogon.exe Process ID - 11884 [11-07-2023 21:37:00] Process Exited: Process Name - LogonUI.exe Process ID - 12056 [11-07-2023 21:37:00] Process Exited: Process Name - csrss.exe Process ID - 13384 [11-07-2023 21:37:02] New process found: Process Name - csrss.exe Process ID - 2584 Process Identity - SYSTEM [11-07-2023 21:37:02] New process found: Process Name - winlogon.exe Process ID - 14096 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:37:02] New process found: Process Name - LogonUI.exe Process ID - 10404 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:37:02] New process found: Process Name - dwm.exe Process ID - 14184 Process Identity - Window Manager\DWM-4 [11-07-2023 21:37:02] Process Exited: Process Name - w3wp.exe Process ID - 8752 Web application pool name - kdbps.edu.in [11-07-2023 21:37:02] Process Exited: Process Name - conhost.exe Process ID - 16328 [11-07-2023 21:37:04] Process Exited: Process Name - w3wp.exe Process ID - 11552 Web application pool name - capitalbooks-publishing.com(domain)(4.0)(pool) [11-07-2023 21:37:15] Process Exited: Process Name - csrss.exe Process ID - 2584 [11-07-2023 21:37:15] Process Exited: Process Name - LogonUI.exe Process ID - 10404 [11-07-2023 21:37:15] Process Exited: Process Name - winlogon.exe Process ID - 14096 [11-07-2023 21:37:15] Process Exited: Process Name - dwm.exe Process ID - 14184 [11-07-2023 21:37:16] New process found: Process Name - csrss.exe Process ID - 7288 Process Identity - SYSTEM [11-07-2023 21:37:16] New process found: Process Name - winlogon.exe Process ID - 9432 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:37:16] Process Exited: Process Name - notepad.exe Process ID - 11012 [11-07-2023 21:37:17] New process found: Process Name - LogonUI.exe Process ID - 12452 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:37:17] New process found: Process Name - dwm.exe Process ID - 14680 Process Identity - Window Manager\DWM-4 [11-07-2023 21:37:23] Process Exited: Process Name - conhost.exe Process ID - 2720 [11-07-2023 21:37:23] Process Exited: Process Name - w3wp.exe Process ID - 14652 Web application pool name - imarc.acwits.in(domain)(4.0)(pool) [11-07-2023 21:37:30] Process Exited: Process Name - csrss.exe Process ID - 7288 [11-07-2023 21:37:30] Process Exited: Process Name - winlogon.exe Process ID - 9432 [11-07-2023 21:37:30] Process Exited: Process Name - LogonUI.exe Process ID - 12452 [11-07-2023 21:37:30] Process Exited: Process Name - dwm.exe Process ID - 14680 [11-07-2023 21:37:31] New process found: Process Name - csrss.exe Process ID - 6484 Process Identity - SYSTEM [11-07-2023 21:37:31] New process found: Process Name - winlogon.exe Process ID - 11072 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:37:32] New process found: Process Name - LogonUI.exe Process ID - 14156 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:37:32] New process found: Process Name - dwm.exe Process ID - 9292 Process Identity - Window Manager\DWM-4 [11-07-2023 21:37:43] New process found: Process Name - w3wp.exe Process ID - 11448 Process Identity - IIS APPPOOL\adminportal.galaxytools.in Web application pool name - adminportal.galaxytools.in [11-07-2023 21:37:45] Process Exited: Process Name - csrss.exe Process ID - 6484 [11-07-2023 21:37:45] Process Exited: Process Name - dwm.exe Process ID - 9292 [11-07-2023 21:37:45] Process Exited: Process Name - winlogon.exe Process ID - 11072 [11-07-2023 21:37:45] Process Exited: Process Name - LogonUI.exe Process ID - 14156 [11-07-2023 21:37:46] New process found: Process Name - csrss.exe Process ID - 12792 Process Identity - SYSTEM [11-07-2023 21:37:46] New process found: Process Name - winlogon.exe Process ID - 12128 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:37:47] New process found: Process Name - LogonUI.exe Process ID - 12816 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:37:47] New process found: Process Name - dwm.exe Process ID - 10552 Process Identity - Window Manager\DWM-4 [11-07-2023 21:37:55] New process found: Process Name - chrome.exe Process ID - 14380 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 21:37:55] New process found: Process Name - chrome.exe Process ID - 10592 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 21:37:55] New process found: Process Name - chrome.exe Process ID - 12888 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 21:37:55] New process found: Process Name - chrome.exe Process ID - 10484 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 21:37:55] New process found: Process Name - chrome.exe Process ID - 15248 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 21:37:55] New process found: Process Name - chrome.exe Process ID - 10456 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 21:37:55] New process found: Process Name - chrome.exe Process ID - 12324 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 21:37:55] Process Exited: Process Name - conhost.exe Process ID - 188 [11-07-2023 21:37:55] Process Exited: Process Name - w3wp.exe Process ID - 12484 Web application pool name - perfectbread.com(domain)(4.0)(pool) [11-07-2023 21:38:00] Process Exited: Process Name - dwm.exe Process ID - 10552 [11-07-2023 21:38:00] Process Exited: Process Name - winlogon.exe Process ID - 12128 [11-07-2023 21:38:00] Process Exited: Process Name - csrss.exe Process ID - 12792 [11-07-2023 21:38:00] Process Exited: Process Name - LogonUI.exe Process ID - 12816 [11-07-2023 21:38:01] New process found: Process Name - csrss.exe Process ID - 6208 Process Identity - SYSTEM [11-07-2023 21:38:01] New process found: Process Name - winlogon.exe Process ID - 12092 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:38:02] New process found: Process Name - LogonUI.exe Process ID - 6600 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:38:02] New process found: Process Name - dwm.exe Process ID - 9532 Process Identity - Window Manager\DWM-4 [11-07-2023 21:38:03] Process Exited: Process Name - chrome.exe Process ID - 10456 [11-07-2023 21:38:03] Process Exited: Process Name - chrome.exe Process ID - 10484 [11-07-2023 21:38:03] Process Exited: Process Name - chrome.exe Process ID - 10592 [11-07-2023 21:38:03] Process Exited: Process Name - chrome.exe Process ID - 12324 [11-07-2023 21:38:03] Process Exited: Process Name - chrome.exe Process ID - 12888 [11-07-2023 21:38:03] Process Exited: Process Name - chrome.exe Process ID - 14380 [11-07-2023 21:38:03] Process Exited: Process Name - chrome.exe Process ID - 15248 [11-07-2023 21:38:15] New process found: Process Name - notepad.exe Process ID - 15504 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 21:38:15] Process Exited: Process Name - csrss.exe Process ID - 6208 [11-07-2023 21:38:15] Process Exited: Process Name - LogonUI.exe Process ID - 6600 [11-07-2023 21:38:15] Process Exited: Process Name - dwm.exe Process ID - 9532 [11-07-2023 21:38:15] Process Exited: Process Name - winlogon.exe Process ID - 12092 [11-07-2023 21:38:16] New process found: Process Name - csrss.exe Process ID - 12120 Process Identity - SYSTEM [11-07-2023 21:38:16] New process found: Process Name - winlogon.exe Process ID - 10368 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:38:16] Process Exited: Process Name - conhost.exe Process ID - 2328 [11-07-2023 21:38:16] Process Exited: Process Name - w3wp.exe Process ID - 12908 Web application pool name - justprewedding.com(domain)(4.0)(pool) [11-07-2023 21:38:17] New process found: Process Name - LogonUI.exe Process ID - 12300 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:38:17] New process found: Process Name - dwm.exe Process ID - 7864 Process Identity - Window Manager\DWM-4 [11-07-2023 21:38:25] Process Exited: Process Name - notepad.exe Process ID - 15504 [11-07-2023 21:38:30] Process Exited: Process Name - dwm.exe Process ID - 7864 [11-07-2023 21:38:30] Process Exited: Process Name - winlogon.exe Process ID - 10368 [11-07-2023 21:38:30] Process Exited: Process Name - csrss.exe Process ID - 12120 [11-07-2023 21:38:30] Process Exited: Process Name - LogonUI.exe Process ID - 12300 [11-07-2023 21:38:31] New process found: Process Name - csrss.exe Process ID - 1332 Process Identity - SYSTEM [11-07-2023 21:38:31] New process found: Process Name - winlogon.exe Process ID - 2832 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:38:32] New process found: Process Name - LogonUI.exe Process ID - 5084 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:38:32] New process found: Process Name - dwm.exe Process ID - 9712 Process Identity - Window Manager\DWM-4 [11-07-2023 21:38:36] Process Exited: Process Name - audiodg.exe Process ID - 11880 [11-07-2023 21:38:45] New process found: Process Name - w3wp.exe Process ID - 13740 Process Identity - IIS APPPOOL\galaxytools.in Web application pool name - galaxytools.in [11-07-2023 21:38:45] Process Exited: Process Name - csrss.exe Process ID - 1332 [11-07-2023 21:38:45] Process Exited: Process Name - winlogon.exe Process ID - 2832 [11-07-2023 21:38:45] Process Exited: Process Name - LogonUI.exe Process ID - 5084 [11-07-2023 21:38:45] Process Exited: Process Name - dwm.exe Process ID - 9712 [11-07-2023 21:38:49] New process found: Process Name - csrss.exe Process ID - 6936 Process Identity - SYSTEM [11-07-2023 21:38:49] New process found: Process Name - winlogon.exe Process ID - 11492 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:38:50] New process found: Process Name - LogonUI.exe Process ID - 8752 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:38:50] New process found: Process Name - dwm.exe Process ID - 13944 Process Identity - Window Manager\DWM-4 [11-07-2023 21:38:54] New process found: Process Name - WmiPrvSE.exe Process ID - 10680 Process Identity - NT AUTHORITY\LOCAL SERVICE [11-07-2023 21:39:00] Process Exited: Process Name - csrss.exe Process ID - 6936 [11-07-2023 21:39:00] Process Exited: Process Name - LogonUI.exe Process ID - 8752 [11-07-2023 21:39:00] Process Exited: Process Name - winlogon.exe Process ID - 11492 [11-07-2023 21:39:00] Process Exited: Process Name - dwm.exe Process ID - 13944 [11-07-2023 21:39:01] New process found: Process Name - csrss.exe Process ID - 4372 Process Identity - SYSTEM [11-07-2023 21:39:01] New process found: Process Name - winlogon.exe Process ID - 7724 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:39:01] New process found: Process Name - WmiPrvSE.exe Process ID - 10404 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:39:01] New process found: Process Name - LogonUI.exe Process ID - 7772 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:39:01] New process found: Process Name - dwm.exe Process ID - 9740 Process Identity - Window Manager\DWM-4 [11-07-2023 21:39:15] Process Exited: Process Name - csrss.exe Process ID - 4372 [11-07-2023 21:39:15] Process Exited: Process Name - winlogon.exe Process ID - 7724 [11-07-2023 21:39:15] Process Exited: Process Name - LogonUI.exe Process ID - 7772 [11-07-2023 21:39:15] Process Exited: Process Name - dwm.exe Process ID - 9740 [11-07-2023 21:39:16] New process found: Process Name - csrss.exe Process ID - 15632 Process Identity - SYSTEM [11-07-2023 21:39:16] New process found: Process Name - winlogon.exe Process ID - 1368 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:39:16] New process found: Process Name - LogonUI.exe Process ID - 12196 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:39:16] New process found: Process Name - dwm.exe Process ID - 16188 Process Identity - Window Manager\DWM-4 [11-07-2023 21:39:30] Process Exited: Process Name - winlogon.exe Process ID - 1368 [11-07-2023 21:39:30] Process Exited: Process Name - LogonUI.exe Process ID - 12196 [11-07-2023 21:39:30] Process Exited: Process Name - csrss.exe Process ID - 15632 [11-07-2023 21:39:30] Process Exited: Process Name - dwm.exe Process ID - 16188 [11-07-2023 21:39:31] New process found: Process Name - csrss.exe Process ID - 15948 Process Identity - SYSTEM [11-07-2023 21:39:31] New process found: Process Name - winlogon.exe Process ID - 2292 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:39:31] New process found: Process Name - LogonUI.exe Process ID - 11004 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:39:31] New process found: Process Name - dwm.exe Process ID - 11388 Process Identity - Window Manager\DWM-4 [11-07-2023 21:39:32] New process found: Process Name - dllhost.exe Process ID - 5072 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 21:39:36] Process Exited: Process Name - dllhost.exe Process ID - 14396 [11-07-2023 21:39:45] Process Exited: Process Name - winlogon.exe Process ID - 2292 [11-07-2023 21:39:45] Process Exited: Process Name - LogonUI.exe Process ID - 11004 [11-07-2023 21:39:45] Process Exited: Process Name - dwm.exe Process ID - 11388 [11-07-2023 21:39:45] Process Exited: Process Name - csrss.exe Process ID - 15948 [11-07-2023 21:39:46] New process found: Process Name - csrss.exe Process ID - 188 Process Identity - SYSTEM [11-07-2023 21:39:46] New process found: Process Name - winlogon.exe Process ID - 13892 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:39:47] New process found: Process Name - LogonUI.exe Process ID - 11080 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:39:47] New process found: Process Name - dwm.exe Process ID - 9276 Process Identity - Window Manager\DWM-4 [11-07-2023 21:40:00] Process Exited: Process Name - csrss.exe Process ID - 188 [11-07-2023 21:40:00] Process Exited: Process Name - dwm.exe Process ID - 9276 [11-07-2023 21:40:00] Process Exited: Process Name - LogonUI.exe Process ID - 11080 [11-07-2023 21:40:00] Process Exited: Process Name - winlogon.exe Process ID - 13892 [11-07-2023 21:40:02] New process found: Process Name - csrss.exe Process ID - 10552 Process Identity - SYSTEM [11-07-2023 21:40:02] New process found: Process Name - winlogon.exe Process ID - 13176 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:40:02] New process found: Process Name - LogonUI.exe Process ID - 12792 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:40:02] New process found: Process Name - dwm.exe Process ID - 12784 Process Identity - Window Manager\DWM-4 [11-07-2023 21:40:06] Process Exited: Process Name - dllhost.exe Process ID - 5072 [11-07-2023 21:40:15] Process Exited: Process Name - csrss.exe Process ID - 10552 [11-07-2023 21:40:15] Process Exited: Process Name - dwm.exe Process ID - 12784 [11-07-2023 21:40:15] Process Exited: Process Name - LogonUI.exe Process ID - 12792 [11-07-2023 21:40:15] Process Exited: Process Name - winlogon.exe Process ID - 13176 [11-07-2023 21:40:16] New process found: Process Name - csrss.exe Process ID - 14400 Process Identity - SYSTEM [11-07-2023 21:40:16] New process found: Process Name - winlogon.exe Process ID - 11124 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:40:17] New process found: Process Name - LogonUI.exe Process ID - 5404 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:40:17] New process found: Process Name - dwm.exe Process ID - 11328 Process Identity - Window Manager\DWM-4 [11-07-2023 21:40:24] Process Exited: Process Name - WmiPrvSE.exe Process ID - 10404 [11-07-2023 21:40:24] Process Exited: Process Name - WmiPrvSE.exe Process ID - 10680 [11-07-2023 21:40:30] Process Exited: Process Name - LogonUI.exe Process ID - 5404 [11-07-2023 21:40:30] Process Exited: Process Name - winlogon.exe Process ID - 11124 [11-07-2023 21:40:30] Process Exited: Process Name - dwm.exe Process ID - 11328 [11-07-2023 21:40:30] Process Exited: Process Name - csrss.exe Process ID - 14400 [11-07-2023 21:40:31] New process found: Process Name - csrss.exe Process ID - 10696 Process Identity - SYSTEM [11-07-2023 21:40:31] New process found: Process Name - winlogon.exe Process ID - 2460 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:40:31] New process found: Process Name - LogonUI.exe Process ID - 10400 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:40:31] New process found: Process Name - dwm.exe Process ID - 12648 Process Identity - Window Manager\DWM-4 [11-07-2023 21:40:44] Process Exited: Process Name - LogonUI.exe Process ID - 10400 [11-07-2023 21:40:45] Process Exited: Process Name - winlogon.exe Process ID - 2460 [11-07-2023 21:40:45] Process Exited: Process Name - csrss.exe Process ID - 10696 [11-07-2023 21:40:45] Process Exited: Process Name - dwm.exe Process ID - 12648 [11-07-2023 21:40:46] New process found: Process Name - csrss.exe Process ID - 14204 Process Identity - SYSTEM [11-07-2023 21:40:46] New process found: Process Name - winlogon.exe Process ID - 13424 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:40:46] New process found: Process Name - LogonUI.exe Process ID - 7768 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:40:46] New process found: Process Name - dwm.exe Process ID - 10876 Process Identity - Window Manager\DWM-4 [11-07-2023 21:40:59] Process Exited: Process Name - LogonUI.exe Process ID - 7768 [11-07-2023 21:40:59] Process Exited: Process Name - dwm.exe Process ID - 10876 [11-07-2023 21:40:59] Process Exited: Process Name - winlogon.exe Process ID - 13424 [11-07-2023 21:41:00] Process Exited: Process Name - csrss.exe Process ID - 14204 [11-07-2023 21:41:04] New process found: Process Name - csrss.exe Process ID - 7320 Process Identity - SYSTEM [11-07-2023 21:41:04] New process found: Process Name - winlogon.exe Process ID - 11408 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:41:05] New process found: Process Name - LogonUI.exe Process ID - 15320 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:41:05] New process found: Process Name - dwm.exe Process ID - 11744 Process Identity - Window Manager\DWM-4 [11-07-2023 21:41:14] Process Exited: Process Name - winlogon.exe Process ID - 11408 [11-07-2023 21:41:14] Process Exited: Process Name - dwm.exe Process ID - 11744 [11-07-2023 21:41:14] Process Exited: Process Name - LogonUI.exe Process ID - 15320 [11-07-2023 21:41:15] Process Exited: Process Name - csrss.exe Process ID - 7320 [11-07-2023 21:41:16] New process found: Process Name - csrss.exe Process ID - 10748 Process Identity - SYSTEM [11-07-2023 21:41:16] New process found: Process Name - winlogon.exe Process ID - 8556 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:41:16] New process found: Process Name - LogonUI.exe Process ID - 15420 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:41:16] New process found: Process Name - dwm.exe Process ID - 9436 Process Identity - Window Manager\DWM-4 [11-07-2023 21:41:23] New process found: Process Name - w3wp.exe Process ID - 2252 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [11-07-2023 21:41:23] Process Exited: Process Name - w3wp.exe Process ID - 15104 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [11-07-2023 21:41:27] Process Exited: Process Name - w3wp.exe Process ID - 9400 Web application pool name - shop.galaxytools.in [11-07-2023 21:41:29] Process Exited: Process Name - winlogon.exe Process ID - 8556 [11-07-2023 21:41:29] Process Exited: Process Name - dwm.exe Process ID - 9436 [11-07-2023 21:41:29] Process Exited: Process Name - csrss.exe Process ID - 10748 [11-07-2023 21:41:29] Process Exited: Process Name - LogonUI.exe Process ID - 15420 [11-07-2023 21:41:31] New process found: Process Name - csrss.exe Process ID - 15372 Process Identity - SYSTEM [11-07-2023 21:41:31] New process found: Process Name - winlogon.exe Process ID - 8616 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:41:31] New process found: Process Name - LogonUI.exe Process ID - 7744 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:41:31] New process found: Process Name - dwm.exe Process ID - 13988 Process Identity - Window Manager\DWM-4 [11-07-2023 21:41:44] Process Exited: Process Name - LogonUI.exe Process ID - 7744 [11-07-2023 21:41:44] Process Exited: Process Name - winlogon.exe Process ID - 8616 [11-07-2023 21:41:44] Process Exited: Process Name - dwm.exe Process ID - 13988 [11-07-2023 21:41:44] Process Exited: Process Name - csrss.exe Process ID - 15372 [11-07-2023 21:41:46] New process found: Process Name - csrss.exe Process ID - 13484 Process Identity - SYSTEM [11-07-2023 21:41:46] New process found: Process Name - winlogon.exe Process ID - 8916 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:41:47] New process found: Process Name - LogonUI.exe Process ID - 11900 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:41:47] New process found: Process Name - dwm.exe Process ID - 9728 Process Identity - Window Manager\DWM-4 [11-07-2023 21:41:59] Process Exited: Process Name - winlogon.exe Process ID - 8916 [11-07-2023 21:41:59] Process Exited: Process Name - dwm.exe Process ID - 9728 [11-07-2023 21:41:59] Process Exited: Process Name - LogonUI.exe Process ID - 11900 [11-07-2023 21:41:59] Process Exited: Process Name - csrss.exe Process ID - 13484 [11-07-2023 21:42:01] New process found: Process Name - csrss.exe Process ID - 9780 Process Identity - SYSTEM [11-07-2023 21:42:01] New process found: Process Name - winlogon.exe Process ID - 16188 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:42:02] New process found: Process Name - LogonUI.exe Process ID - 12304 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:42:02] New process found: Process Name - dwm.exe Process ID - 15920 Process Identity - Window Manager\DWM-4 [11-07-2023 21:42:14] Process Exited: Process Name - csrss.exe Process ID - 9780 [11-07-2023 21:42:14] Process Exited: Process Name - LogonUI.exe Process ID - 12304 [11-07-2023 21:42:14] Process Exited: Process Name - dwm.exe Process ID - 15920 [11-07-2023 21:42:14] Process Exited: Process Name - winlogon.exe Process ID - 16188 [11-07-2023 21:42:17] New process found: Process Name - smss.exe Process ID - 12220 Process Identity - SYSTEM [11-07-2023 21:42:18] New process found: Process Name - csrss.exe Process ID - 9292 Process Identity - SYSTEM [11-07-2023 21:42:18] New process found: Process Name - winlogon.exe Process ID - 11388 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:42:18] Process Exited: Process Name - smss.exe Process ID - 12220 [11-07-2023 21:42:19] New process found: Process Name - LogonUI.exe Process ID - 11248 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:42:19] New process found: Process Name - dwm.exe Process ID - 12804 Process Identity - Window Manager\DWM-4 [11-07-2023 21:42:29] Process Exited: Process Name - csrss.exe Process ID - 9292 [11-07-2023 21:42:29] Process Exited: Process Name - LogonUI.exe Process ID - 11248 [11-07-2023 21:42:29] Process Exited: Process Name - winlogon.exe Process ID - 11388 [11-07-2023 21:42:29] Process Exited: Process Name - dwm.exe Process ID - 12804 [11-07-2023 21:42:31] New process found: Process Name - csrss.exe Process ID - 10840 Process Identity - SYSTEM [11-07-2023 21:42:31] New process found: Process Name - winlogon.exe Process ID - 6480 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:42:32] New process found: Process Name - LogonUI.exe Process ID - 6172 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:42:32] New process found: Process Name - dwm.exe Process ID - 524 Process Identity - Window Manager\DWM-4 [11-07-2023 21:42:34] New process found: Process Name - w3wp.exe Process ID - 13220 Process Identity - KSHITIJSINGHAL-\IWPD_50(acwits) Web application pool name - adminmain.acwits.in(domain)(4.0)(pool) [11-07-2023 21:42:34] New process found: Process Name - conhost.exe Process ID - 7120 Process Identity - KSHITIJSINGHAL-\IWPD_50(acwits) [11-07-2023 21:42:44] Process Exited: Process Name - dwm.exe Process ID - 524 [11-07-2023 21:42:44] Process Exited: Process Name - LogonUI.exe Process ID - 6172 [11-07-2023 21:42:44] Process Exited: Process Name - winlogon.exe Process ID - 6480 [11-07-2023 21:42:44] Process Exited: Process Name - csrss.exe Process ID - 10840 [11-07-2023 21:42:46] New process found: Process Name - csrss.exe Process ID - 12612 Process Identity - SYSTEM [11-07-2023 21:42:46] New process found: Process Name - winlogon.exe Process ID - 9256 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:42:47] New process found: Process Name - LogonUI.exe Process ID - 11308 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:42:47] New process found: Process Name - dwm.exe Process ID - 7104 Process Identity - Window Manager\DWM-4 [11-07-2023 21:42:59] Process Exited: Process Name - dwm.exe Process ID - 7104 [11-07-2023 21:42:59] Process Exited: Process Name - winlogon.exe Process ID - 9256 [11-07-2023 21:42:59] Process Exited: Process Name - LogonUI.exe Process ID - 11308 [11-07-2023 21:42:59] Process Exited: Process Name - csrss.exe Process ID - 12612 [11-07-2023 21:43:01] New process found: Process Name - csrss.exe Process ID - 11780 Process Identity - SYSTEM [11-07-2023 21:43:01] New process found: Process Name - winlogon.exe Process ID - 8680 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:43:03] New process found: Process Name - LogonUI.exe Process ID - 13052 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:43:03] New process found: Process Name - dwm.exe Process ID - 6600 Process Identity - Window Manager\DWM-4 [11-07-2023 21:43:15] Process Exited: Process Name - dwm.exe Process ID - 6600 [11-07-2023 21:43:15] Process Exited: Process Name - winlogon.exe Process ID - 8680 [11-07-2023 21:43:15] Process Exited: Process Name - csrss.exe Process ID - 11780 [11-07-2023 21:43:15] Process Exited: Process Name - LogonUI.exe Process ID - 13052 [11-07-2023 21:43:17] New process found: Process Name - csrss.exe Process ID - 10784 Process Identity - SYSTEM [11-07-2023 21:43:17] New process found: Process Name - winlogon.exe Process ID - 12260 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:43:17] New process found: Process Name - LogonUI.exe Process ID - 5504 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:43:17] New process found: Process Name - dwm.exe Process ID - 6956 Process Identity - Window Manager\DWM-4 [11-07-2023 21:43:31] Process Exited: Process Name - LogonUI.exe Process ID - 5504 [11-07-2023 21:43:31] Process Exited: Process Name - dwm.exe Process ID - 6956 [11-07-2023 21:43:31] Process Exited: Process Name - csrss.exe Process ID - 10784 [11-07-2023 21:43:31] Process Exited: Process Name - winlogon.exe Process ID - 12260 [11-07-2023 21:43:32] New process found: Process Name - smss.exe Process ID - 13648 Process Identity - SYSTEM [11-07-2023 21:43:32] New process found: Process Name - csrss.exe Process ID - 2168 Process Identity - SYSTEM [11-07-2023 21:43:33] New process found: Process Name - winlogon.exe Process ID - 7116 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:43:33] New process found: Process Name - LogonUI.exe Process ID - 15488 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:43:33] New process found: Process Name - dwm.exe Process ID - 13548 Process Identity - Window Manager\DWM-4 [11-07-2023 21:43:33] Process Exited: Process Name - smss.exe Process ID - 13648 [11-07-2023 21:43:45] Process Exited: Process Name - w3wp.exe Process ID - 11448 Web application pool name - adminportal.galaxytools.in [11-07-2023 21:43:46] Process Exited: Process Name - csrss.exe Process ID - 2168 [11-07-2023 21:43:46] Process Exited: Process Name - winlogon.exe Process ID - 7116 [11-07-2023 21:43:46] Process Exited: Process Name - dwm.exe Process ID - 13548 [11-07-2023 21:43:46] Process Exited: Process Name - LogonUI.exe Process ID - 15488 [11-07-2023 21:43:48] New process found: Process Name - csrss.exe Process ID - 13620 Process Identity - SYSTEM [11-07-2023 21:43:48] New process found: Process Name - winlogon.exe Process ID - 4920 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:43:51] New process found: Process Name - LogonUI.exe Process ID - 15148 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:43:51] New process found: Process Name - dwm.exe Process ID - 14388 Process Identity - Window Manager\DWM-4 [11-07-2023 21:44:01] Process Exited: Process Name - winlogon.exe Process ID - 4920 [11-07-2023 21:44:01] Process Exited: Process Name - csrss.exe Process ID - 13620 [11-07-2023 21:44:01] Process Exited: Process Name - dwm.exe Process ID - 14388 [11-07-2023 21:44:01] Process Exited: Process Name - LogonUI.exe Process ID - 15148 [11-07-2023 21:44:02] New process found: Process Name - csrss.exe Process ID - 15240 Process Identity - SYSTEM [11-07-2023 21:44:02] New process found: Process Name - winlogon.exe Process ID - 9688 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:44:03] New process found: Process Name - LogonUI.exe Process ID - 10824 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:44:03] New process found: Process Name - dwm.exe Process ID - 14652 Process Identity - Window Manager\DWM-4 [11-07-2023 21:44:16] Process Exited: Process Name - winlogon.exe Process ID - 9688 [11-07-2023 21:44:16] Process Exited: Process Name - LogonUI.exe Process ID - 10824 [11-07-2023 21:44:16] Process Exited: Process Name - dwm.exe Process ID - 14652 [11-07-2023 21:44:16] Process Exited: Process Name - csrss.exe Process ID - 15240 [11-07-2023 21:44:22] New process found: Process Name - csrss.exe Process ID - 14768 Process Identity - SYSTEM [11-07-2023 21:44:22] New process found: Process Name - winlogon.exe Process ID - 14072 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:44:22] New process found: Process Name - LogonUI.exe Process ID - 3420 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:44:22] New process found: Process Name - dwm.exe Process ID - 15832 Process Identity - Window Manager\DWM-4 [11-07-2023 21:44:31] Process Exited: Process Name - LogonUI.exe Process ID - 3420 [11-07-2023 21:44:31] Process Exited: Process Name - winlogon.exe Process ID - 14072 [11-07-2023 21:44:31] Process Exited: Process Name - csrss.exe Process ID - 14768 [11-07-2023 21:44:31] Process Exited: Process Name - dwm.exe Process ID - 15832 [11-07-2023 21:44:33] New process found: Process Name - csrss.exe Process ID - 10816 Process Identity - SYSTEM [11-07-2023 21:44:33] New process found: Process Name - winlogon.exe Process ID - 11940 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:44:34] New process found: Process Name - LogonUI.exe Process ID - 14236 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:44:34] New process found: Process Name - dwm.exe Process ID - 11380 Process Identity - Window Manager\DWM-4 [11-07-2023 21:44:46] Process Exited: Process Name - csrss.exe Process ID - 10816 [11-07-2023 21:44:46] Process Exited: Process Name - dwm.exe Process ID - 11380 [11-07-2023 21:44:46] Process Exited: Process Name - winlogon.exe Process ID - 11940 [11-07-2023 21:44:46] Process Exited: Process Name - LogonUI.exe Process ID - 14236 [11-07-2023 21:44:47] Process Exited: Process Name - w3wp.exe Process ID - 13740 Web application pool name - galaxytools.in [11-07-2023 21:44:50] New process found: Process Name - smss.exe Process ID - 10692 Process Identity - SYSTEM [11-07-2023 21:44:50] New process found: Process Name - csrss.exe Process ID - 2292 Process Identity - SYSTEM [11-07-2023 21:44:50] New process found: Process Name - winlogon.exe Process ID - 12672 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:44:51] New process found: Process Name - LogonUI.exe Process ID - 592 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:44:51] New process found: Process Name - dwm.exe Process ID - 10480 Process Identity - Window Manager\DWM-4 [11-07-2023 21:44:51] Process Exited: Process Name - smss.exe Process ID - 10692 [11-07-2023 21:45:01] Process Exited: Process Name - LogonUI.exe Process ID - 592 [11-07-2023 21:45:01] Process Exited: Process Name - csrss.exe Process ID - 2292 [11-07-2023 21:45:01] Process Exited: Process Name - dwm.exe Process ID - 10480 [11-07-2023 21:45:01] Process Exited: Process Name - winlogon.exe Process ID - 12672 [11-07-2023 21:45:03] New process found: Process Name - csrss.exe Process ID - 5480 Process Identity - SYSTEM [11-07-2023 21:45:03] New process found: Process Name - winlogon.exe Process ID - 1560 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:45:03] New process found: Process Name - LogonUI.exe Process ID - 9548 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:45:03] New process found: Process Name - dwm.exe Process ID - 11352 Process Identity - Window Manager\DWM-4 [11-07-2023 21:45:16] Process Exited: Process Name - winlogon.exe Process ID - 1560 [11-07-2023 21:45:16] Process Exited: Process Name - csrss.exe Process ID - 5480 [11-07-2023 21:45:16] Process Exited: Process Name - LogonUI.exe Process ID - 9548 [11-07-2023 21:45:16] Process Exited: Process Name - dwm.exe Process ID - 11352 [11-07-2023 21:45:17] New process found: Process Name - csrss.exe Process ID - 1212 Process Identity - SYSTEM [11-07-2023 21:45:17] New process found: Process Name - winlogon.exe Process ID - 10840 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:45:18] New process found: Process Name - LogonUI.exe Process ID - 12572 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:45:18] New process found: Process Name - dwm.exe Process ID - 8036 Process Identity - Window Manager\DWM-4 [11-07-2023 21:45:31] Process Exited: Process Name - csrss.exe Process ID - 1212 [11-07-2023 21:45:31] Process Exited: Process Name - dwm.exe Process ID - 8036 [11-07-2023 21:45:31] Process Exited: Process Name - winlogon.exe Process ID - 10840 [11-07-2023 21:45:31] Process Exited: Process Name - LogonUI.exe Process ID - 12572 [11-07-2023 21:45:32] New process found: Process Name - csrss.exe Process ID - 15760 Process Identity - SYSTEM [11-07-2023 21:45:32] New process found: Process Name - winlogon.exe Process ID - 6888 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:45:33] New process found: Process Name - LogonUI.exe Process ID - 10428 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:45:33] New process found: Process Name - dwm.exe Process ID - 15272 Process Identity - Window Manager\DWM-4 [11-07-2023 21:45:46] Process Exited: Process Name - winlogon.exe Process ID - 6888 [11-07-2023 21:45:46] Process Exited: Process Name - LogonUI.exe Process ID - 10428 [11-07-2023 21:45:46] Process Exited: Process Name - dwm.exe Process ID - 15272 [11-07-2023 21:45:46] Process Exited: Process Name - csrss.exe Process ID - 15760 [11-07-2023 21:45:47] New process found: Process Name - csrss.exe Process ID - 9456 Process Identity - SYSTEM [11-07-2023 21:45:47] New process found: Process Name - winlogon.exe Process ID - 5192 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:45:48] New process found: Process Name - LogonUI.exe Process ID - 11944 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:45:48] New process found: Process Name - dwm.exe Process ID - 11784 Process Identity - Window Manager\DWM-4 [11-07-2023 21:46:01] Process Exited: Process Name - LogonUI.exe Process ID - 11944 [11-07-2023 21:46:02] Process Exited: Process Name - winlogon.exe Process ID - 5192 [11-07-2023 21:46:02] Process Exited: Process Name - csrss.exe Process ID - 9456 [11-07-2023 21:46:02] Process Exited: Process Name - dwm.exe Process ID - 11784 [11-07-2023 21:46:03] New process found: Process Name - csrss.exe Process ID - 10876 Process Identity - SYSTEM [11-07-2023 21:46:03] New process found: Process Name - winlogon.exe Process ID - 12908 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:46:03] New process found: Process Name - LogonUI.exe Process ID - 1360 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:46:03] New process found: Process Name - dwm.exe Process ID - 14120 Process Identity - Window Manager\DWM-4 [11-07-2023 21:46:17] Process Exited: Process Name - LogonUI.exe Process ID - 1360 [11-07-2023 21:46:17] Process Exited: Process Name - csrss.exe Process ID - 10876 [11-07-2023 21:46:17] Process Exited: Process Name - winlogon.exe Process ID - 12908 [11-07-2023 21:46:17] Process Exited: Process Name - dwm.exe Process ID - 14120 [11-07-2023 21:46:19] New process found: Process Name - csrss.exe Process ID - 4328 Process Identity - SYSTEM [11-07-2023 21:46:19] New process found: Process Name - winlogon.exe Process ID - 7304 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:46:19] New process found: Process Name - LogonUI.exe Process ID - 12740 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:46:19] New process found: Process Name - dwm.exe Process ID - 7716 Process Identity - Window Manager\DWM-4 [11-07-2023 21:46:24] New process found: Process Name - w3wp.exe Process ID - 8372 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [11-07-2023 21:46:24] Process Exited: Process Name - w3wp.exe Process ID - 2252 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [11-07-2023 21:46:32] Process Exited: Process Name - csrss.exe Process ID - 4328 [11-07-2023 21:46:32] Process Exited: Process Name - winlogon.exe Process ID - 7304 [11-07-2023 21:46:32] Process Exited: Process Name - dwm.exe Process ID - 7716 [11-07-2023 21:46:32] Process Exited: Process Name - LogonUI.exe Process ID - 12740 [11-07-2023 21:46:36] New process found: Process Name - smss.exe Process ID - 1332 Process Identity - SYSTEM [11-07-2023 21:46:36] New process found: Process Name - csrss.exe Process ID - 12764 Process Identity - SYSTEM [11-07-2023 21:46:36] New process found: Process Name - winlogon.exe Process ID - 8624 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:46:37] New process found: Process Name - LogonUI.exe Process ID - 9112 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:46:37] New process found: Process Name - dwm.exe Process ID - 14268 Process Identity - Window Manager\DWM-4 [11-07-2023 21:46:37] Process Exited: Process Name - smss.exe Process ID - 1332 [11-07-2023 21:46:47] Process Exited: Process Name - winlogon.exe Process ID - 8624 [11-07-2023 21:46:47] Process Exited: Process Name - LogonUI.exe Process ID - 9112 [11-07-2023 21:46:47] Process Exited: Process Name - csrss.exe Process ID - 12764 [11-07-2023 21:46:47] Process Exited: Process Name - dwm.exe Process ID - 14268 [11-07-2023 21:46:49] New process found: Process Name - csrss.exe Process ID - 4980 Process Identity - SYSTEM [11-07-2023 21:46:49] New process found: Process Name - winlogon.exe Process ID - 14520 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:46:49] New process found: Process Name - LogonUI.exe Process ID - 1460 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:46:49] New process found: Process Name - dwm.exe Process ID - 2080 Process Identity - Window Manager\DWM-4 [11-07-2023 21:47:02] Process Exited: Process Name - LogonUI.exe Process ID - 1460 [11-07-2023 21:47:02] Process Exited: Process Name - dwm.exe Process ID - 2080 [11-07-2023 21:47:02] Process Exited: Process Name - csrss.exe Process ID - 4980 [11-07-2023 21:47:02] Process Exited: Process Name - winlogon.exe Process ID - 14520 [11-07-2023 21:47:07] New process found: Process Name - csrss.exe Process ID - 5164 Process Identity - SYSTEM [11-07-2023 21:47:07] New process found: Process Name - winlogon.exe Process ID - 15992 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:47:08] New process found: Process Name - LogonUI.exe Process ID - 4128 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:47:08] New process found: Process Name - dwm.exe Process ID - 1716 Process Identity - Window Manager\DWM-4 [11-07-2023 21:47:17] Process Exited: Process Name - dwm.exe Process ID - 1716 [11-07-2023 21:47:17] Process Exited: Process Name - LogonUI.exe Process ID - 4128 [11-07-2023 21:47:17] Process Exited: Process Name - csrss.exe Process ID - 5164 [11-07-2023 21:47:17] Process Exited: Process Name - winlogon.exe Process ID - 15992 [11-07-2023 21:47:18] New process found: Process Name - csrss.exe Process ID - 11560 Process Identity - SYSTEM [11-07-2023 21:47:18] New process found: Process Name - winlogon.exe Process ID - 11544 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:47:19] New process found: Process Name - LogonUI.exe Process ID - 12556 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:47:19] New process found: Process Name - dwm.exe Process ID - 15276 Process Identity - Window Manager\DWM-4 [11-07-2023 21:47:32] Process Exited: Process Name - winlogon.exe Process ID - 11544 [11-07-2023 21:47:32] Process Exited: Process Name - csrss.exe Process ID - 11560 [11-07-2023 21:47:32] Process Exited: Process Name - LogonUI.exe Process ID - 12556 [11-07-2023 21:47:32] Process Exited: Process Name - dwm.exe Process ID - 15276 [11-07-2023 21:47:33] New process found: Process Name - SearchProtocolHost.exe Process ID - 15372 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:47:33] New process found: Process Name - SearchFilterHost.exe Process ID - 10344 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:47:35] New process found: Process Name - csrss.exe Process ID - 15732 Process Identity - SYSTEM [11-07-2023 21:47:35] New process found: Process Name - winlogon.exe Process ID - 9728 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:47:35] New process found: Process Name - LogonUI.exe Process ID - 7004 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:47:35] New process found: Process Name - dwm.exe Process ID - 15848 Process Identity - Window Manager\DWM-4 [11-07-2023 21:47:47] Process Exited: Process Name - LogonUI.exe Process ID - 7004 [11-07-2023 21:47:47] Process Exited: Process Name - winlogon.exe Process ID - 9728 [11-07-2023 21:47:47] Process Exited: Process Name - csrss.exe Process ID - 15732 [11-07-2023 21:47:47] Process Exited: Process Name - dwm.exe Process ID - 15848 [11-07-2023 21:47:49] New process found: Process Name - csrss.exe Process ID - 15024 Process Identity - SYSTEM [11-07-2023 21:47:49] New process found: Process Name - winlogon.exe Process ID - 12224 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:47:49] New process found: Process Name - LogonUI.exe Process ID - 4060 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:47:49] New process found: Process Name - dwm.exe Process ID - 15452 Process Identity - Window Manager\DWM-4 [11-07-2023 21:47:50] New process found: Process Name - w3wp.exe Process ID - 15964 Process Identity - KSHITIJSINGHAL-\IWPD_33(acwits) Web application pool name - procurementwebnew.acwits.in(domain)(4.0)(pool) [11-07-2023 21:47:50] New process found: Process Name - where.exe Process ID - 15208 Process Identity - KSHITIJSINGHAL-\IWPD_33(acwits) [11-07-2023 21:47:50] New process found: Process Name - conhost.exe Process ID - 13420 Process Identity - KSHITIJSINGHAL-\IWPD_33(acwits) [11-07-2023 21:47:51] New process found: Process Name - conhost.exe Process ID - 12084 Process Identity - KSHITIJSINGHAL-\IWPD_33(acwits) [11-07-2023 21:47:51] Process Exited: Process Name - conhost.exe Process ID - 13420 [11-07-2023 21:47:51] Process Exited: Process Name - where.exe Process ID - 15208 [11-07-2023 21:47:52] New process found: Process Name - w3wp.exe Process ID - 14840 Process Identity - IIS APPPOOL\kdbps.edu.in Web application pool name - kdbps.edu.in [11-07-2023 21:47:54] New process found: Process Name - conhost.exe Process ID - 9328 Process Identity - IIS APPPOOL\kdbps.edu.in [11-07-2023 21:48:02] Process Exited: Process Name - LogonUI.exe Process ID - 4060 [11-07-2023 21:48:02] Process Exited: Process Name - winlogon.exe Process ID - 12224 [11-07-2023 21:48:02] Process Exited: Process Name - csrss.exe Process ID - 15024 [11-07-2023 21:48:02] Process Exited: Process Name - dwm.exe Process ID - 15452 [11-07-2023 21:48:03] New process found: Process Name - csrss.exe Process ID - 12424 Process Identity - SYSTEM [11-07-2023 21:48:03] New process found: Process Name - winlogon.exe Process ID - 736 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:48:04] New process found: Process Name - LogonUI.exe Process ID - 1320 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:48:04] New process found: Process Name - dwm.exe Process ID - 13776 Process Identity - Window Manager\DWM-4 [11-07-2023 21:48:17] Process Exited: Process Name - winlogon.exe Process ID - 736 [11-07-2023 21:48:17] Process Exited: Process Name - LogonUI.exe Process ID - 1320 [11-07-2023 21:48:17] Process Exited: Process Name - csrss.exe Process ID - 12424 [11-07-2023 21:48:17] Process Exited: Process Name - dwm.exe Process ID - 13776 [11-07-2023 21:48:18] New process found: Process Name - csrss.exe Process ID - 15192 Process Identity - SYSTEM [11-07-2023 21:48:18] New process found: Process Name - winlogon.exe Process ID - 9980 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:48:19] New process found: Process Name - LogonUI.exe Process ID - 2968 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:48:19] New process found: Process Name - dwm.exe Process ID - 10608 Process Identity - Window Manager\DWM-4 [11-07-2023 21:48:32] Process Exited: Process Name - LogonUI.exe Process ID - 2968 [11-07-2023 21:48:32] Process Exited: Process Name - winlogon.exe Process ID - 9980 [11-07-2023 21:48:32] Process Exited: Process Name - dwm.exe Process ID - 10608 [11-07-2023 21:48:32] Process Exited: Process Name - csrss.exe Process ID - 15192 [11-07-2023 21:48:33] New process found: Process Name - csrss.exe Process ID - 336 Process Identity - SYSTEM [11-07-2023 21:48:33] New process found: Process Name - winlogon.exe Process ID - 12868 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:48:35] New process found: Process Name - w3wp.exe Process ID - 11640 Process Identity - KSHITIJSINGHAL-\IWPD_13(perfectbrea) Web application pool name - perfectbread.com(domain)(4.0)(pool) [11-07-2023 21:48:36] New process found: Process Name - LogonUI.exe Process ID - 10676 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:48:36] New process found: Process Name - dwm.exe Process ID - 15700 Process Identity - Window Manager\DWM-4 [11-07-2023 21:48:43] New process found: Process Name - where.exe Process ID - 15892 Process Identity - KSHITIJSINGHAL-\IWPD_13(perfectbrea) [11-07-2023 21:48:43] New process found: Process Name - conhost.exe Process ID - 11876 Process Identity - KSHITIJSINGHAL-\IWPD_13(perfectbrea) [11-07-2023 21:48:44] New process found: Process Name - conhost.exe Process ID - 11784 Process Identity - KSHITIJSINGHAL-\IWPD_13(perfectbrea) [11-07-2023 21:48:44] Process Exited: Process Name - conhost.exe Process ID - 11876 [11-07-2023 21:48:44] Process Exited: Process Name - where.exe Process ID - 15892 [11-07-2023 21:48:47] Process Exited: Process Name - csrss.exe Process ID - 336 [11-07-2023 21:48:47] Process Exited: Process Name - SearchFilterHost.exe Process ID - 10344 [11-07-2023 21:48:47] Process Exited: Process Name - LogonUI.exe Process ID - 10676 [11-07-2023 21:48:47] Process Exited: Process Name - winlogon.exe Process ID - 12868 [11-07-2023 21:48:47] Process Exited: Process Name - SearchProtocolHost.exe Process ID - 15372 [11-07-2023 21:48:47] Process Exited: Process Name - dwm.exe Process ID - 15700 [11-07-2023 21:48:49] New process found: Process Name - csrss.exe Process ID - 9696 Process Identity - SYSTEM [11-07-2023 21:48:49] New process found: Process Name - winlogon.exe Process ID - 10784 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:48:49] New process found: Process Name - LogonUI.exe Process ID - 14904 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:48:49] New process found: Process Name - dwm.exe Process ID - 9184 Process Identity - Window Manager\DWM-4 [11-07-2023 21:48:54] New process found: Process Name - WmiPrvSE.exe Process ID - 14836 Process Identity - NT AUTHORITY\LOCAL SERVICE [11-07-2023 21:49:01] New process found: Process Name - WmiPrvSE.exe Process ID - 11468 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:49:02] Process Exited: Process Name - dwm.exe Process ID - 9184 [11-07-2023 21:49:02] Process Exited: Process Name - csrss.exe Process ID - 9696 [11-07-2023 21:49:02] Process Exited: Process Name - winlogon.exe Process ID - 10784 [11-07-2023 21:49:02] Process Exited: Process Name - LogonUI.exe Process ID - 14904 [11-07-2023 21:49:03] New process found: Process Name - smss.exe Process ID - 8588 Process Identity - SYSTEM [11-07-2023 21:49:03] New process found: Process Name - csrss.exe Process ID - 1948 Process Identity - SYSTEM [11-07-2023 21:49:04] New process found: Process Name - winlogon.exe Process ID - 3996 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:49:04] New process found: Process Name - LogonUI.exe Process ID - 4328 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:49:04] New process found: Process Name - dwm.exe Process ID - 12100 Process Identity - Window Manager\DWM-4 [11-07-2023 21:49:04] Process Exited: Process Name - smss.exe Process ID - 8588 [11-07-2023 21:49:17] Process Exited: Process Name - csrss.exe Process ID - 1948 [11-07-2023 21:49:17] Process Exited: Process Name - winlogon.exe Process ID - 3996 [11-07-2023 21:49:17] Process Exited: Process Name - LogonUI.exe Process ID - 4328 [11-07-2023 21:49:17] Process Exited: Process Name - dwm.exe Process ID - 12100 [11-07-2023 21:49:18] New process found: Process Name - csrss.exe Process ID - 13720 Process Identity - SYSTEM [11-07-2023 21:49:18] New process found: Process Name - winlogon.exe Process ID - 15300 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:49:19] New process found: Process Name - LogonUI.exe Process ID - 2704 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:49:19] New process found: Process Name - dwm.exe Process ID - 11676 Process Identity - Window Manager\DWM-4 [11-07-2023 21:49:32] Process Exited: Process Name - LogonUI.exe Process ID - 2704 [11-07-2023 21:49:32] Process Exited: Process Name - dwm.exe Process ID - 11676 [11-07-2023 21:49:32] Process Exited: Process Name - csrss.exe Process ID - 13720 [11-07-2023 21:49:32] Process Exited: Process Name - winlogon.exe Process ID - 15300 [11-07-2023 21:49:33] New process found: Process Name - smss.exe Process ID - 1272 Process Identity - SYSTEM [11-07-2023 21:49:33] New process found: Process Name - csrss.exe Process ID - 15216 Process Identity - SYSTEM [11-07-2023 21:49:34] New process found: Process Name - winlogon.exe Process ID - 14944 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:49:34] New process found: Process Name - LogonUI.exe Process ID - 14208 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:49:34] New process found: Process Name - dwm.exe Process ID - 16376 Process Identity - Window Manager\DWM-4 [11-07-2023 21:49:34] Process Exited: Process Name - smss.exe Process ID - 1272 [11-07-2023 21:49:48] Process Exited: Process Name - LogonUI.exe Process ID - 14208 [11-07-2023 21:49:48] Process Exited: Process Name - winlogon.exe Process ID - 14944 [11-07-2023 21:49:48] Process Exited: Process Name - csrss.exe Process ID - 15216 [11-07-2023 21:49:48] Process Exited: Process Name - dwm.exe Process ID - 16376 [11-07-2023 21:49:50] New process found: Process Name - csrss.exe Process ID - 15108 Process Identity - SYSTEM [11-07-2023 21:49:50] New process found: Process Name - winlogon.exe Process ID - 13824 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:49:50] New process found: Process Name - LogonUI.exe Process ID - 16180 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:49:50] New process found: Process Name - dwm.exe Process ID - 7336 Process Identity - Window Manager\DWM-4 [11-07-2023 21:50:03] Process Exited: Process Name - dwm.exe Process ID - 7336 [11-07-2023 21:50:03] Process Exited: Process Name - winlogon.exe Process ID - 13824 [11-07-2023 21:50:03] Process Exited: Process Name - csrss.exe Process ID - 15108 [11-07-2023 21:50:03] Process Exited: Process Name - LogonUI.exe Process ID - 16180 [11-07-2023 21:50:05] New process found: Process Name - csrss.exe Process ID - 8208 Process Identity - SYSTEM [11-07-2023 21:50:05] New process found: Process Name - winlogon.exe Process ID - 14604 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:50:06] New process found: Process Name - LogonUI.exe Process ID - 15516 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:50:06] New process found: Process Name - dwm.exe Process ID - 3456 Process Identity - Window Manager\DWM-4 [11-07-2023 21:50:18] Process Exited: Process Name - dwm.exe Process ID - 3456 [11-07-2023 21:50:18] Process Exited: Process Name - csrss.exe Process ID - 8208 [11-07-2023 21:50:18] Process Exited: Process Name - winlogon.exe Process ID - 14604 [11-07-2023 21:50:18] Process Exited: Process Name - LogonUI.exe Process ID - 15516 [11-07-2023 21:50:21] New process found: Process Name - csrss.exe Process ID - 10960 Process Identity - SYSTEM [11-07-2023 21:50:21] New process found: Process Name - winlogon.exe Process ID - 6064 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:50:21] New process found: Process Name - LogonUI.exe Process ID - 14816 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:50:21] New process found: Process Name - dwm.exe Process ID - 15312 Process Identity - Window Manager\DWM-4 [11-07-2023 21:50:25] Process Exited: Process Name - WmiPrvSE.exe Process ID - 11468 [11-07-2023 21:50:25] Process Exited: Process Name - WmiPrvSE.exe Process ID - 14836 [11-07-2023 21:50:37] Process Exited: Process Name - winlogon.exe Process ID - 6064 [11-07-2023 21:50:37] Process Exited: Process Name - csrss.exe Process ID - 10960 [11-07-2023 21:50:37] Process Exited: Process Name - LogonUI.exe Process ID - 14816 [11-07-2023 21:50:37] Process Exited: Process Name - dwm.exe Process ID - 15312 [11-07-2023 21:50:40] New process found: Process Name - csrss.exe Process ID - 15644 Process Identity - SYSTEM [11-07-2023 21:50:40] New process found: Process Name - winlogon.exe Process ID - 10340 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:50:40] New process found: Process Name - LogonUI.exe Process ID - 14144 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:50:40] New process found: Process Name - dwm.exe Process ID - 15580 Process Identity - Window Manager\DWM-4 [11-07-2023 21:50:52] Process Exited: Process Name - winlogon.exe Process ID - 10340 [11-07-2023 21:50:52] Process Exited: Process Name - LogonUI.exe Process ID - 14144 [11-07-2023 21:50:52] Process Exited: Process Name - dwm.exe Process ID - 15580 [11-07-2023 21:50:52] Process Exited: Process Name - csrss.exe Process ID - 15644 [11-07-2023 21:50:54] New process found: Process Name - csrss.exe Process ID - 15612 Process Identity - SYSTEM [11-07-2023 21:50:54] New process found: Process Name - winlogon.exe Process ID - 10252 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:50:55] New process found: Process Name - LogonUI.exe Process ID - 11104 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:50:55] New process found: Process Name - dwm.exe Process ID - 10284 Process Identity - Window Manager\DWM-4 [11-07-2023 21:51:07] Process Exited: Process Name - winlogon.exe Process ID - 10252 [11-07-2023 21:51:07] Process Exited: Process Name - dwm.exe Process ID - 10284 [11-07-2023 21:51:07] Process Exited: Process Name - LogonUI.exe Process ID - 11104 [11-07-2023 21:51:07] Process Exited: Process Name - csrss.exe Process ID - 15612 [11-07-2023 21:51:13] New process found: Process Name - csrss.exe Process ID - 11124 Process Identity - SYSTEM [11-07-2023 21:51:13] New process found: Process Name - winlogon.exe Process ID - 9872 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:51:15] New process found: Process Name - LogonUI.exe Process ID - 4336 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:51:15] New process found: Process Name - dwm.exe Process ID - 10328 Process Identity - Window Manager\DWM-4 [11-07-2023 21:51:26] New process found: Process Name - w3wp.exe Process ID - 11520 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [11-07-2023 21:51:26] Process Exited: Process Name - w3wp.exe Process ID - 8372 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [11-07-2023 21:51:27] Process Exited: Process Name - LogonUI.exe Process ID - 4336 [11-07-2023 21:51:27] Process Exited: Process Name - winlogon.exe Process ID - 9872 [11-07-2023 21:51:27] Process Exited: Process Name - dwm.exe Process ID - 10328 [11-07-2023 21:51:27] Process Exited: Process Name - csrss.exe Process ID - 11124 [11-07-2023 21:51:29] New process found: Process Name - csrss.exe Process ID - 14240 Process Identity - SYSTEM [11-07-2023 21:51:29] New process found: Process Name - winlogon.exe Process ID - 9456 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:51:30] New process found: Process Name - LogonUI.exe Process ID - 14420 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:51:30] New process found: Process Name - dwm.exe Process ID - 10616 Process Identity - Window Manager\DWM-4 [11-07-2023 21:51:30] Process Exited: Process Name - InetMgr.exe Process ID - 11620 [11-07-2023 21:51:42] Process Exited: Process Name - winlogon.exe Process ID - 9456 [11-07-2023 21:51:42] Process Exited: Process Name - dwm.exe Process ID - 10616 [11-07-2023 21:51:42] Process Exited: Process Name - csrss.exe Process ID - 14240 [11-07-2023 21:51:42] Process Exited: Process Name - LogonUI.exe Process ID - 14420 [11-07-2023 21:51:44] New process found: Process Name - csrss.exe Process ID - 14024 Process Identity - SYSTEM [11-07-2023 21:51:44] New process found: Process Name - winlogon.exe Process ID - 13864 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:51:45] New process found: Process Name - LogonUI.exe Process ID - 14004 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:51:45] New process found: Process Name - dwm.exe Process ID - 15604 Process Identity - Window Manager\DWM-4 [11-07-2023 21:51:57] Process Exited: Process Name - winlogon.exe Process ID - 13864 [11-07-2023 21:51:57] Process Exited: Process Name - LogonUI.exe Process ID - 14004 [11-07-2023 21:51:57] Process Exited: Process Name - csrss.exe Process ID - 14024 [11-07-2023 21:51:57] Process Exited: Process Name - dwm.exe Process ID - 15604 [11-07-2023 21:51:58] New process found: Process Name - csrss.exe Process ID - 13900 Process Identity - SYSTEM [11-07-2023 21:51:58] New process found: Process Name - winlogon.exe Process ID - 13376 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:51:59] New process found: Process Name - LogonUI.exe Process ID - 14272 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:51:59] New process found: Process Name - dwm.exe Process ID - 7268 Process Identity - Window Manager\DWM-4 [11-07-2023 21:52:12] Process Exited: Process Name - dwm.exe Process ID - 7268 [11-07-2023 21:52:12] Process Exited: Process Name - winlogon.exe Process ID - 13376 [11-07-2023 21:52:12] Process Exited: Process Name - csrss.exe Process ID - 13900 [11-07-2023 21:52:12] Process Exited: Process Name - LogonUI.exe Process ID - 14272 [11-07-2023 21:52:19] New process found: Process Name - mspaint.exe Process ID - 16284 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 21:52:19] New process found: Process Name - svchost.exe Process ID - 8796 Process Identity - NT AUTHORITY\LOCAL SERVICE [11-07-2023 21:52:19] Service state changed: Service Name - stisvc Process ID - 8796 Current State - SERVICE_START_PENDING [11-07-2023 21:52:20] New process found: Process Name - csrss.exe Process ID - 10504 Process Identity - SYSTEM [11-07-2023 21:52:20] New process found: Process Name - winlogon.exe Process ID - 6196 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:52:20] New process found: Process Name - LogonUI.exe Process ID - 8800 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:52:20] New process found: Process Name - dwm.exe Process ID - 15296 Process Identity - Window Manager\DWM-4 [11-07-2023 21:52:20] Service state changed: Service Name - DeviceAssociationService Process ID - 284 Current State - SERVICE_RUNNING [11-07-2023 21:52:20] Service state changed: Service Name - stisvc Process ID - 8796 Current State - SERVICE_RUNNING [11-07-2023 21:52:27] Process Exited: Process Name - winlogon.exe Process ID - 6196 [11-07-2023 21:52:27] Process Exited: Process Name - LogonUI.exe Process ID - 8800 [11-07-2023 21:52:27] Process Exited: Process Name - csrss.exe Process ID - 10504 [11-07-2023 21:52:27] Process Exited: Process Name - dwm.exe Process ID - 15296 [11-07-2023 21:52:28] New process found: Process Name - csrss.exe Process ID - 2664 Process Identity - SYSTEM [11-07-2023 21:52:28] New process found: Process Name - winlogon.exe Process ID - 5180 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:52:29] New process found: Process Name - LogonUI.exe Process ID - 14436 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:52:29] New process found: Process Name - dwm.exe Process ID - 16180 Process Identity - Window Manager\DWM-4 [11-07-2023 21:52:30] Process Exited: Process Name - mspaint.exe Process ID - 16284 [11-07-2023 21:52:42] Process Exited: Process Name - csrss.exe Process ID - 2664 [11-07-2023 21:52:42] Process Exited: Process Name - winlogon.exe Process ID - 5180 [11-07-2023 21:52:42] Process Exited: Process Name - LogonUI.exe Process ID - 14436 [11-07-2023 21:52:42] Process Exited: Process Name - dwm.exe Process ID - 16180 [11-07-2023 21:52:43] New process found: Process Name - csrss.exe Process ID - 15848 Process Identity - SYSTEM [11-07-2023 21:52:43] New process found: Process Name - winlogon.exe Process ID - 11044 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:52:44] New process found: Process Name - LogonUI.exe Process ID - 15516 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:52:44] New process found: Process Name - dwm.exe Process ID - 3456 Process Identity - Window Manager\DWM-4 [11-07-2023 21:52:57] Process Exited: Process Name - dwm.exe Process ID - 3456 [11-07-2023 21:52:57] Process Exited: Process Name - winlogon.exe Process ID - 11044 [11-07-2023 21:52:57] Process Exited: Process Name - LogonUI.exe Process ID - 15516 [11-07-2023 21:52:57] Process Exited: Process Name - csrss.exe Process ID - 15848 [11-07-2023 21:52:58] New process found: Process Name - csrss.exe Process ID - 10552 Process Identity - SYSTEM [11-07-2023 21:52:58] New process found: Process Name - winlogon.exe Process ID - 13192 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:52:59] New process found: Process Name - LogonUI.exe Process ID - 10188 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:52:59] New process found: Process Name - dwm.exe Process ID - 10364 Process Identity - Window Manager\DWM-4 [11-07-2023 21:52:59] New process found: Process Name - dllhost.exe Process ID - 15200 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 21:52:59] New process found: Process Name - dllhost.exe Process ID - 13100 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 21:53:01] Process Exited: Process Name - svchost.exe Process ID - 8796 [11-07-2023 21:53:01] Service state changed: Service Name - stisvc Process ID - 0 Current State - SERVICE_STOPPED [11-07-2023 21:53:04] Process Exited: Process Name - dllhost.exe Process ID - 15200 [11-07-2023 21:53:05] New process found: Process Name - TSTheme.exe Process ID - 10892 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 21:53:11] Process Exited: Process Name - TSTheme.exe Process ID - 10892 [11-07-2023 21:53:12] Process Exited: Process Name - LogonUI.exe Process ID - 10188 [11-07-2023 21:53:12] Process Exited: Process Name - dwm.exe Process ID - 10364 [11-07-2023 21:53:12] Process Exited: Process Name - csrss.exe Process ID - 10552 [11-07-2023 21:53:12] Process Exited: Process Name - winlogon.exe Process ID - 13192 [11-07-2023 21:53:13] New process found: Process Name - csrss.exe Process ID - 2660 Process Identity - SYSTEM [11-07-2023 21:53:13] New process found: Process Name - winlogon.exe Process ID - 14368 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:53:14] New process found: Process Name - LogonUI.exe Process ID - 13176 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:53:14] New process found: Process Name - dwm.exe Process ID - 11420 Process Identity - Window Manager\DWM-4 [11-07-2023 21:53:16] New process found: Process Name - csrss.exe Process ID - 10096 Process Identity - SYSTEM [11-07-2023 21:53:16] New process found: Process Name - winlogon.exe Process ID - 10936 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:53:16] New process found: Process Name - LogonUI.exe Process ID - 11312 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:53:16] New process found: Process Name - dwm.exe Process ID - 6888 Process Identity - Window Manager\DWM-5 [11-07-2023 21:53:20] New process found: Process Name - TSTheme.exe Process ID - 14696 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 21:53:20] New process found: Process Name - taskhostw.exe Process ID - 10784 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:53:20] New process found: Process Name - dllhost.exe Process ID - 15652 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:53:20] Process Exited: Process Name - dwm.exe Process ID - 6888 [11-07-2023 21:53:20] Process Exited: Process Name - csrss.exe Process ID - 10096 [11-07-2023 21:53:20] Process Exited: Process Name - winlogon.exe Process ID - 10936 [11-07-2023 21:53:20] Process Exited: Process Name - LogonUI.exe Process ID - 11312 [11-07-2023 21:53:26] Process Exited: Process Name - TSTheme.exe Process ID - 14696 [11-07-2023 21:53:26] Service state changed: Service Name - DsmSvc Process ID - 1120 Current State - SERVICE_RUNNING [11-07-2023 21:53:27] Process Exited: Process Name - csrss.exe Process ID - 2660 [11-07-2023 21:53:27] Process Exited: Process Name - dwm.exe Process ID - 11420 [11-07-2023 21:53:27] Process Exited: Process Name - LogonUI.exe Process ID - 13176 [11-07-2023 21:53:27] Process Exited: Process Name - winlogon.exe Process ID - 14368 [11-07-2023 21:53:28] New process found: Process Name - csrss.exe Process ID - 11220 Process Identity - SYSTEM [11-07-2023 21:53:28] New process found: Process Name - winlogon.exe Process ID - 10112 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:53:29] New process found: Process Name - LogonUI.exe Process ID - 12728 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:53:29] New process found: Process Name - dwm.exe Process ID - 14592 Process Identity - Window Manager\DWM-4 [11-07-2023 21:53:36] Process Exited: Process Name - conhost.exe Process ID - 7120 [11-07-2023 21:53:36] Process Exited: Process Name - w3wp.exe Process ID - 13220 Web application pool name - adminmain.acwits.in(domain)(4.0)(pool) [11-07-2023 21:53:42] Process Exited: Process Name - winlogon.exe Process ID - 10112 [11-07-2023 21:53:42] Process Exited: Process Name - csrss.exe Process ID - 11220 [11-07-2023 21:53:42] Process Exited: Process Name - LogonUI.exe Process ID - 12728 [11-07-2023 21:53:42] Process Exited: Process Name - dwm.exe Process ID - 14592 [11-07-2023 21:53:43] New process found: Process Name - csrss.exe Process ID - 11636 Process Identity - SYSTEM [11-07-2023 21:53:43] New process found: Process Name - winlogon.exe Process ID - 13200 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:53:44] New process found: Process Name - LogonUI.exe Process ID - 15440 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:53:44] New process found: Process Name - dwm.exe Process ID - 9352 Process Identity - Window Manager\DWM-4 [11-07-2023 21:53:50] Process Exited: Process Name - taskhostw.exe Process ID - 10784 [11-07-2023 21:53:54] Process Exited: Process Name - conhost.exe Process ID - 9328 [11-07-2023 21:53:54] Process Exited: Process Name - w3wp.exe Process ID - 14840 Web application pool name - kdbps.edu.in [11-07-2023 21:53:55] Process Exited: Process Name - dllhost.exe Process ID - 15652 [11-07-2023 21:53:57] Process Exited: Process Name - dwm.exe Process ID - 9352 [11-07-2023 21:53:57] Process Exited: Process Name - csrss.exe Process ID - 11636 [11-07-2023 21:53:57] Process Exited: Process Name - winlogon.exe Process ID - 13200 [11-07-2023 21:53:57] Process Exited: Process Name - LogonUI.exe Process ID - 15440 [11-07-2023 21:53:58] New process found: Process Name - csrss.exe Process ID - 6304 Process Identity - SYSTEM [11-07-2023 21:53:58] New process found: Process Name - winlogon.exe Process ID - 14852 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:53:59] New process found: Process Name - LogonUI.exe Process ID - 11184 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:53:59] New process found: Process Name - dwm.exe Process ID - 15388 Process Identity - Window Manager\DWM-4 [11-07-2023 21:54:12] Process Exited: Process Name - csrss.exe Process ID - 6304 [11-07-2023 21:54:12] Process Exited: Process Name - LogonUI.exe Process ID - 11184 [11-07-2023 21:54:12] Process Exited: Process Name - winlogon.exe Process ID - 14852 [11-07-2023 21:54:12] Process Exited: Process Name - dwm.exe Process ID - 15388 [11-07-2023 21:54:12] Service state changed: Service Name - DsmSvc Process ID - 0 Current State - SERVICE_STOPPED [11-07-2023 21:54:13] New process found: Process Name - csrss.exe Process ID - 15124 Process Identity - SYSTEM [11-07-2023 21:54:13] New process found: Process Name - winlogon.exe Process ID - 10500 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:54:14] New process found: Process Name - LogonUI.exe Process ID - 16316 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:54:14] New process found: Process Name - dwm.exe Process ID - 12920 Process Identity - Window Manager\DWM-4 [11-07-2023 21:54:27] Process Exited: Process Name - winlogon.exe Process ID - 10500 [11-07-2023 21:54:27] Process Exited: Process Name - dwm.exe Process ID - 12920 [11-07-2023 21:54:27] Process Exited: Process Name - csrss.exe Process ID - 15124 [11-07-2023 21:54:27] Process Exited: Process Name - LogonUI.exe Process ID - 16316 [11-07-2023 21:54:28] New process found: Process Name - csrss.exe Process ID - 15132 Process Identity - SYSTEM [11-07-2023 21:54:28] New process found: Process Name - winlogon.exe Process ID - 15164 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:54:29] New process found: Process Name - LogonUI.exe Process ID - 16192 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:54:29] New process found: Process Name - dwm.exe Process ID - 2360 Process Identity - Window Manager\DWM-4 [11-07-2023 21:54:38] Process Exited: Process Name - w3wp.exe Process ID - 11640 Web application pool name - perfectbread.com(domain)(4.0)(pool) [11-07-2023 21:54:38] Process Exited: Process Name - conhost.exe Process ID - 11784 [11-07-2023 21:54:38] Service state changed: Service Name - DeviceAssociationService Process ID - 0 Current State - SERVICE_STOPPED [11-07-2023 21:54:42] Process Exited: Process Name - dwm.exe Process ID - 2360 [11-07-2023 21:54:42] Process Exited: Process Name - csrss.exe Process ID - 15132 [11-07-2023 21:54:42] Process Exited: Process Name - winlogon.exe Process ID - 15164 [11-07-2023 21:54:42] Process Exited: Process Name - LogonUI.exe Process ID - 16192 [11-07-2023 21:54:43] New process found: Process Name - csrss.exe Process ID - 1788 Process Identity - SYSTEM [11-07-2023 21:54:43] New process found: Process Name - winlogon.exe Process ID - 13316 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:54:44] New process found: Process Name - LogonUI.exe Process ID - 13668 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:54:44] New process found: Process Name - dwm.exe Process ID - 3456 Process Identity - Window Manager\DWM-4 [11-07-2023 21:54:53] Process Exited: Process Name - conhost.exe Process ID - 12084 [11-07-2023 21:54:53] Process Exited: Process Name - w3wp.exe Process ID - 15964 Web application pool name - procurementwebnew.acwits.in(domain)(4.0)(pool) [11-07-2023 21:54:57] Process Exited: Process Name - csrss.exe Process ID - 1788 [11-07-2023 21:54:57] Process Exited: Process Name - dwm.exe Process ID - 3456 [11-07-2023 21:54:57] Process Exited: Process Name - winlogon.exe Process ID - 13316 [11-07-2023 21:54:57] Process Exited: Process Name - LogonUI.exe Process ID - 13668 [11-07-2023 21:54:58] New process found: Process Name - smss.exe Process ID - 14092 Process Identity - SYSTEM [11-07-2023 21:54:58] New process found: Process Name - csrss.exe Process ID - 6780 Process Identity - SYSTEM [11-07-2023 21:54:59] New process found: Process Name - winlogon.exe Process ID - 11472 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:54:59] Process Exited: Process Name - smss.exe Process ID - 14092 [11-07-2023 21:55:00] New process found: Process Name - LogonUI.exe Process ID - 15648 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:55:00] New process found: Process Name - dwm.exe Process ID - 16136 Process Identity - Window Manager\DWM-4 [11-07-2023 21:55:12] Process Exited: Process Name - csrss.exe Process ID - 6780 [11-07-2023 21:55:12] Process Exited: Process Name - winlogon.exe Process ID - 11472 [11-07-2023 21:55:12] Process Exited: Process Name - LogonUI.exe Process ID - 15648 [11-07-2023 21:55:12] Process Exited: Process Name - dwm.exe Process ID - 16136 [11-07-2023 21:55:14] New process found: Process Name - csrss.exe Process ID - 1824 Process Identity - SYSTEM [11-07-2023 21:55:14] New process found: Process Name - winlogon.exe Process ID - 15176 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:55:14] New process found: Process Name - LogonUI.exe Process ID - 2572 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:55:14] New process found: Process Name - dwm.exe Process ID - 14048 Process Identity - Window Manager\DWM-4 [11-07-2023 21:55:27] Process Exited: Process Name - csrss.exe Process ID - 1824 [11-07-2023 21:55:27] Process Exited: Process Name - LogonUI.exe Process ID - 2572 [11-07-2023 21:55:27] Process Exited: Process Name - dwm.exe Process ID - 14048 [11-07-2023 21:55:27] Process Exited: Process Name - winlogon.exe Process ID - 15176 [11-07-2023 21:55:28] New process found: Process Name - csrss.exe Process ID - 14728 Process Identity - SYSTEM [11-07-2023 21:55:28] New process found: Process Name - winlogon.exe Process ID - 15364 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:55:29] New process found: Process Name - LogonUI.exe Process ID - 10780 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:55:29] New process found: Process Name - dwm.exe Process ID - 4416 Process Identity - Window Manager\DWM-4 [11-07-2023 21:55:42] Process Exited: Process Name - dwm.exe Process ID - 4416 [11-07-2023 21:55:42] Process Exited: Process Name - LogonUI.exe Process ID - 10780 [11-07-2023 21:55:42] Process Exited: Process Name - csrss.exe Process ID - 14728 [11-07-2023 21:55:42] Process Exited: Process Name - winlogon.exe Process ID - 15364 [11-07-2023 21:55:43] New process found: Process Name - csrss.exe Process ID - 8968 Process Identity - SYSTEM [11-07-2023 21:55:43] New process found: Process Name - winlogon.exe Process ID - 9224 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:55:44] New process found: Process Name - LogonUI.exe Process ID - 13176 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:55:44] New process found: Process Name - dwm.exe Process ID - 15252 Process Identity - Window Manager\DWM-4 [11-07-2023 21:55:48] New process found: Process Name - w3wp.exe Process ID - 2956 Process Identity - KSHITIJSINGHAL-\IWPD_38(capitalbook) Web application pool name - capitalbooks-publishing.com(domain)(4.0)(pool) [11-07-2023 21:55:57] Process Exited: Process Name - csrss.exe Process ID - 8968 [11-07-2023 21:55:57] Process Exited: Process Name - winlogon.exe Process ID - 9224 [11-07-2023 21:55:57] Process Exited: Process Name - LogonUI.exe Process ID - 13176 [11-07-2023 21:55:57] Process Exited: Process Name - dwm.exe Process ID - 15252 [11-07-2023 21:56:01] New process found: Process Name - csrss.exe Process ID - 13728 Process Identity - SYSTEM [11-07-2023 21:56:01] New process found: Process Name - winlogon.exe Process ID - 7360 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:56:02] New process found: Process Name - LogonUI.exe Process ID - 11932 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:56:02] New process found: Process Name - dwm.exe Process ID - 16100 Process Identity - Window Manager\DWM-4 [11-07-2023 21:56:12] Process Exited: Process Name - winlogon.exe Process ID - 7360 [11-07-2023 21:56:12] Process Exited: Process Name - LogonUI.exe Process ID - 11932 [11-07-2023 21:56:12] Process Exited: Process Name - csrss.exe Process ID - 13728 [11-07-2023 21:56:12] Process Exited: Process Name - dwm.exe Process ID - 16100 [11-07-2023 21:56:13] New process found: Process Name - csrss.exe Process ID - 11292 Process Identity - SYSTEM [11-07-2023 21:56:13] New process found: Process Name - winlogon.exe Process ID - 11340 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:56:14] New process found: Process Name - LogonUI.exe Process ID - 14440 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:56:14] New process found: Process Name - dwm.exe Process ID - 3224 Process Identity - Window Manager\DWM-4 [11-07-2023 21:56:26] New process found: Process Name - w3wp.exe Process ID - 524 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [11-07-2023 21:56:26] Process Exited: Process Name - w3wp.exe Process ID - 11520 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [11-07-2023 21:56:27] Process Exited: Process Name - dwm.exe Process ID - 3224 [11-07-2023 21:56:27] Process Exited: Process Name - csrss.exe Process ID - 11292 [11-07-2023 21:56:27] Process Exited: Process Name - winlogon.exe Process ID - 11340 [11-07-2023 21:56:27] Process Exited: Process Name - LogonUI.exe Process ID - 14440 [11-07-2023 21:56:30] New process found: Process Name - csrss.exe Process ID - 10292 Process Identity - SYSTEM [11-07-2023 21:56:30] New process found: Process Name - winlogon.exe Process ID - 14204 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:56:31] New process found: Process Name - LogonUI.exe Process ID - 12360 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:56:31] New process found: Process Name - dwm.exe Process ID - 11464 Process Identity - Window Manager\DWM-4 [11-07-2023 21:56:43] Process Exited: Process Name - csrss.exe Process ID - 10292 [11-07-2023 21:56:43] Process Exited: Process Name - dwm.exe Process ID - 11464 [11-07-2023 21:56:43] Process Exited: Process Name - LogonUI.exe Process ID - 12360 [11-07-2023 21:56:43] Process Exited: Process Name - winlogon.exe Process ID - 14204 [11-07-2023 21:56:44] New process found: Process Name - csrss.exe Process ID - 13368 Process Identity - SYSTEM [11-07-2023 21:56:44] New process found: Process Name - winlogon.exe Process ID - 12452 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:56:45] New process found: Process Name - LogonUI.exe Process ID - 9696 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:56:45] New process found: Process Name - dwm.exe Process ID - 15932 Process Identity - Window Manager\DWM-4 [11-07-2023 21:56:58] Process Exited: Process Name - LogonUI.exe Process ID - 9696 [11-07-2023 21:56:58] Process Exited: Process Name - winlogon.exe Process ID - 12452 [11-07-2023 21:56:58] Process Exited: Process Name - csrss.exe Process ID - 13368 [11-07-2023 21:56:58] Process Exited: Process Name - dwm.exe Process ID - 15932 [11-07-2023 21:56:59] New process found: Process Name - csrss.exe Process ID - 15288 Process Identity - SYSTEM [11-07-2023 21:56:59] New process found: Process Name - winlogon.exe Process ID - 13000 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:57:00] New process found: Process Name - LogonUI.exe Process ID - 13572 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:57:00] New process found: Process Name - dwm.exe Process ID - 5948 Process Identity - Window Manager\DWM-4 [11-07-2023 21:57:13] Process Exited: Process Name - dwm.exe Process ID - 5948 [11-07-2023 21:57:13] Process Exited: Process Name - winlogon.exe Process ID - 13000 [11-07-2023 21:57:13] Process Exited: Process Name - LogonUI.exe Process ID - 13572 [11-07-2023 21:57:13] Process Exited: Process Name - csrss.exe Process ID - 15288 [11-07-2023 21:57:14] New process found: Process Name - csrss.exe Process ID - 13420 Process Identity - SYSTEM [11-07-2023 21:57:14] New process found: Process Name - winlogon.exe Process ID - 12616 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:57:15] New process found: Process Name - LogonUI.exe Process ID - 14596 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:57:15] New process found: Process Name - dwm.exe Process ID - 9204 Process Identity - Window Manager\DWM-4 [11-07-2023 21:57:28] Process Exited: Process Name - dwm.exe Process ID - 9204 [11-07-2023 21:57:28] Process Exited: Process Name - winlogon.exe Process ID - 12616 [11-07-2023 21:57:28] Process Exited: Process Name - csrss.exe Process ID - 13420 [11-07-2023 21:57:28] Process Exited: Process Name - LogonUI.exe Process ID - 14596 [11-07-2023 21:57:29] New process found: Process Name - csrss.exe Process ID - 1636 Process Identity - SYSTEM [11-07-2023 21:57:29] New process found: Process Name - winlogon.exe Process ID - 5180 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:57:30] New process found: Process Name - LogonUI.exe Process ID - 7116 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:57:30] New process found: Process Name - dwm.exe Process ID - 7680 Process Identity - Window Manager\DWM-4 [11-07-2023 21:57:43] Process Exited: Process Name - csrss.exe Process ID - 1636 [11-07-2023 21:57:43] Process Exited: Process Name - winlogon.exe Process ID - 5180 [11-07-2023 21:57:43] Process Exited: Process Name - LogonUI.exe Process ID - 7116 [11-07-2023 21:57:43] Process Exited: Process Name - dwm.exe Process ID - 7680 [11-07-2023 21:57:44] New process found: Process Name - csrss.exe Process ID - 12084 Process Identity - SYSTEM [11-07-2023 21:57:44] New process found: Process Name - winlogon.exe Process ID - 10652 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:57:45] New process found: Process Name - LogonUI.exe Process ID - 11004 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:57:45] New process found: Process Name - dwm.exe Process ID - 11388 Process Identity - Window Manager\DWM-4 [11-07-2023 21:57:58] Process Exited: Process Name - winlogon.exe Process ID - 10652 [11-07-2023 21:57:58] Process Exited: Process Name - LogonUI.exe Process ID - 11004 [11-07-2023 21:57:58] Process Exited: Process Name - dwm.exe Process ID - 11388 [11-07-2023 21:57:58] Process Exited: Process Name - csrss.exe Process ID - 12084 [11-07-2023 21:57:59] New process found: Process Name - csrss.exe Process ID - 5576 Process Identity - SYSTEM [11-07-2023 21:57:59] New process found: Process Name - winlogon.exe Process ID - 16184 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:58:00] New process found: Process Name - LogonUI.exe Process ID - 16144 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:58:00] New process found: Process Name - dwm.exe Process ID - 8780 Process Identity - Window Manager\DWM-4 [11-07-2023 21:58:13] Process Exited: Process Name - csrss.exe Process ID - 5576 [11-07-2023 21:58:13] Process Exited: Process Name - dwm.exe Process ID - 8780 [11-07-2023 21:58:13] Process Exited: Process Name - LogonUI.exe Process ID - 16144 [11-07-2023 21:58:13] Process Exited: Process Name - winlogon.exe Process ID - 16184 [11-07-2023 21:58:15] New process found: Process Name - csrss.exe Process ID - 7972 Process Identity - SYSTEM [11-07-2023 21:58:15] New process found: Process Name - winlogon.exe Process ID - 10908 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:58:16] New process found: Process Name - LogonUI.exe Process ID - 11512 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:58:16] New process found: Process Name - dwm.exe Process ID - 12236 Process Identity - Window Manager\DWM-4 [11-07-2023 21:58:24] New process found: Process Name - TSTheme.exe Process ID - 10848 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 21:58:28] Process Exited: Process Name - csrss.exe Process ID - 7972 [11-07-2023 21:58:28] Process Exited: Process Name - winlogon.exe Process ID - 10908 [11-07-2023 21:58:28] Process Exited: Process Name - LogonUI.exe Process ID - 11512 [11-07-2023 21:58:28] Process Exited: Process Name - dwm.exe Process ID - 12236 [11-07-2023 21:58:30] New process found: Process Name - csrss.exe Process ID - 2248 Process Identity - SYSTEM [11-07-2023 21:58:30] New process found: Process Name - winlogon.exe Process ID - 1760 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:58:30] New process found: Process Name - LogonUI.exe Process ID - 12692 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:58:30] New process found: Process Name - dwm.exe Process ID - 15176 Process Identity - Window Manager\DWM-4 [11-07-2023 21:58:30] Process Exited: Process Name - TSTheme.exe Process ID - 10848 [11-07-2023 21:58:35] New process found: Process Name - w3wp.exe Process ID - 10676 Process Identity - KSHITIJSINGHAL-\IWPD_50(acwits) Web application pool name - adminmain.acwits.in(domain)(4.0)(pool) [11-07-2023 21:58:35] New process found: Process Name - conhost.exe Process ID - 15364 Process Identity - KSHITIJSINGHAL-\IWPD_50(acwits) [11-07-2023 21:58:43] Process Exited: Process Name - winlogon.exe Process ID - 1760 [11-07-2023 21:58:43] Process Exited: Process Name - csrss.exe Process ID - 2248 [11-07-2023 21:58:43] Process Exited: Process Name - LogonUI.exe Process ID - 12692 [11-07-2023 21:58:43] Process Exited: Process Name - dwm.exe Process ID - 15176 [11-07-2023 21:58:44] New process found: Process Name - csrss.exe Process ID - 12256 Process Identity - SYSTEM [11-07-2023 21:58:44] New process found: Process Name - winlogon.exe Process ID - 14368 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:58:45] New process found: Process Name - LogonUI.exe Process ID - 15672 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:58:45] New process found: Process Name - dwm.exe Process ID - 14752 Process Identity - Window Manager\DWM-4 [11-07-2023 21:58:54] New process found: Process Name - WmiPrvSE.exe Process ID - 15188 Process Identity - NT AUTHORITY\LOCAL SERVICE [11-07-2023 21:58:58] Process Exited: Process Name - csrss.exe Process ID - 12256 [11-07-2023 21:58:58] Process Exited: Process Name - winlogon.exe Process ID - 14368 [11-07-2023 21:58:58] Process Exited: Process Name - dwm.exe Process ID - 14752 [11-07-2023 21:58:58] Process Exited: Process Name - LogonUI.exe Process ID - 15672 [11-07-2023 21:58:59] New process found: Process Name - csrss.exe Process ID - 15836 Process Identity - SYSTEM [11-07-2023 21:58:59] New process found: Process Name - winlogon.exe Process ID - 7804 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:58:59] New process found: Process Name - LogonUI.exe Process ID - 11984 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:58:59] New process found: Process Name - dwm.exe Process ID - 4084 Process Identity - Window Manager\DWM-4 [11-07-2023 21:59:01] New process found: Process Name - WmiPrvSE.exe Process ID - 10868 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:59:13] Process Exited: Process Name - dwm.exe Process ID - 4084 [11-07-2023 21:59:13] Process Exited: Process Name - winlogon.exe Process ID - 7804 [11-07-2023 21:59:13] Process Exited: Process Name - LogonUI.exe Process ID - 11984 [11-07-2023 21:59:13] Process Exited: Process Name - csrss.exe Process ID - 15836 [11-07-2023 21:59:14] New process found: Process Name - csrss.exe Process ID - 14084 Process Identity - SYSTEM [11-07-2023 21:59:14] New process found: Process Name - winlogon.exe Process ID - 14240 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:59:14] New process found: Process Name - LogonUI.exe Process ID - 11340 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:59:14] New process found: Process Name - dwm.exe Process ID - 12852 Process Identity - Window Manager\DWM-4 [11-07-2023 21:59:25] Service state changed: Service Name - ScDeviceEnum Process ID - 0 Current State - SERVICE_STOPPED [11-07-2023 21:59:28] Process Exited: Process Name - LogonUI.exe Process ID - 11340 [11-07-2023 21:59:28] Process Exited: Process Name - dwm.exe Process ID - 12852 [11-07-2023 21:59:28] Process Exited: Process Name - csrss.exe Process ID - 14084 [11-07-2023 21:59:28] Process Exited: Process Name - winlogon.exe Process ID - 14240 [11-07-2023 21:59:29] New process found: Process Name - csrss.exe Process ID - 16104 Process Identity - SYSTEM [11-07-2023 21:59:29] New process found: Process Name - winlogon.exe Process ID - 15228 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:59:30] New process found: Process Name - LogonUI.exe Process ID - 15464 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:59:30] New process found: Process Name - dwm.exe Process ID - 2912 Process Identity - Window Manager\DWM-4 [11-07-2023 21:59:43] Process Exited: Process Name - dwm.exe Process ID - 2912 [11-07-2023 21:59:43] Process Exited: Process Name - winlogon.exe Process ID - 15228 [11-07-2023 21:59:43] Process Exited: Process Name - LogonUI.exe Process ID - 15464 [11-07-2023 21:59:43] Process Exited: Process Name - csrss.exe Process ID - 16104 [11-07-2023 21:59:44] New process found: Process Name - csrss.exe Process ID - 12032 Process Identity - SYSTEM [11-07-2023 21:59:44] New process found: Process Name - winlogon.exe Process ID - 13008 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:59:45] New process found: Process Name - LogonUI.exe Process ID - 7536 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 21:59:45] New process found: Process Name - dwm.exe Process ID - 14448 Process Identity - Window Manager\DWM-4 [11-07-2023 21:59:58] Process Exited: Process Name - LogonUI.exe Process ID - 7536 [11-07-2023 21:59:58] Process Exited: Process Name - csrss.exe Process ID - 12032 [11-07-2023 21:59:58] Process Exited: Process Name - winlogon.exe Process ID - 13008 [11-07-2023 21:59:58] Process Exited: Process Name - dwm.exe Process ID - 14448 [11-07-2023 22:00:00] New process found: Process Name - csrss.exe Process ID - 5648 Process Identity - SYSTEM [11-07-2023 22:00:00] New process found: Process Name - winlogon.exe Process ID - 6816 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:00:01] New process found: Process Name - LogonUI.exe Process ID - 7268 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:00:01] New process found: Process Name - dwm.exe Process ID - 13976 Process Identity - Window Manager\DWM-4 [11-07-2023 22:00:13] Process Exited: Process Name - csrss.exe Process ID - 5648 [11-07-2023 22:00:13] Process Exited: Process Name - winlogon.exe Process ID - 6816 [11-07-2023 22:00:13] Process Exited: Process Name - LogonUI.exe Process ID - 7268 [11-07-2023 22:00:13] Process Exited: Process Name - dwm.exe Process ID - 13976 [11-07-2023 22:00:14] New process found: Process Name - csrss.exe Process ID - 108 Process Identity - SYSTEM [11-07-2023 22:00:14] New process found: Process Name - winlogon.exe Process ID - 10360 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:00:15] New process found: Process Name - LogonUI.exe Process ID - 11348 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:00:15] New process found: Process Name - dwm.exe Process ID - 9068 Process Identity - Window Manager\DWM-4 [11-07-2023 22:00:16] New process found: Process Name - w3wp.exe Process ID - 16072 Process Identity - IIS APPPOOL\kdbps.edu.in Web application pool name - kdbps.edu.in [11-07-2023 22:00:16] New process found: Process Name - conhost.exe Process ID - 3860 Process Identity - IIS APPPOOL\kdbps.edu.in [11-07-2023 22:00:24] Process Exited: Process Name - WmiPrvSE.exe Process ID - 10868 [11-07-2023 22:00:24] Process Exited: Process Name - WmiPrvSE.exe Process ID - 15188 [11-07-2023 22:00:28] Process Exited: Process Name - csrss.exe Process ID - 108 [11-07-2023 22:00:28] Process Exited: Process Name - dwm.exe Process ID - 9068 [11-07-2023 22:00:28] Process Exited: Process Name - winlogon.exe Process ID - 10360 [11-07-2023 22:00:28] Process Exited: Process Name - LogonUI.exe Process ID - 11348 [11-07-2023 22:00:29] New process found: Process Name - smss.exe Process ID - 9136 Process Identity - SYSTEM [11-07-2023 22:00:29] New process found: Process Name - csrss.exe Process ID - 8948 Process Identity - SYSTEM [11-07-2023 22:00:30] New process found: Process Name - winlogon.exe Process ID - 16016 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:00:30] New process found: Process Name - LogonUI.exe Process ID - 10912 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:00:30] New process found: Process Name - dwm.exe Process ID - 1752 Process Identity - Window Manager\DWM-4 [11-07-2023 22:00:30] Process Exited: Process Name - smss.exe Process ID - 9136 [11-07-2023 22:00:43] Process Exited: Process Name - dwm.exe Process ID - 1752 [11-07-2023 22:00:43] Process Exited: Process Name - csrss.exe Process ID - 8948 [11-07-2023 22:00:43] Process Exited: Process Name - LogonUI.exe Process ID - 10912 [11-07-2023 22:00:43] Process Exited: Process Name - winlogon.exe Process ID - 16016 [11-07-2023 22:00:44] New process found: Process Name - csrss.exe Process ID - 14072 Process Identity - SYSTEM [11-07-2023 22:00:44] New process found: Process Name - winlogon.exe Process ID - 11116 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:00:45] New process found: Process Name - LogonUI.exe Process ID - 10720 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:00:45] New process found: Process Name - dwm.exe Process ID - 12368 Process Identity - Window Manager\DWM-4 [11-07-2023 22:00:58] Process Exited: Process Name - LogonUI.exe Process ID - 10720 [11-07-2023 22:00:58] Process Exited: Process Name - winlogon.exe Process ID - 11116 [11-07-2023 22:00:58] Process Exited: Process Name - dwm.exe Process ID - 12368 [11-07-2023 22:00:58] Process Exited: Process Name - csrss.exe Process ID - 14072 [11-07-2023 22:01:02] New process found: Process Name - csrss.exe Process ID - 11296 Process Identity - SYSTEM [11-07-2023 22:01:02] New process found: Process Name - winlogon.exe Process ID - 11740 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:01:03] New process found: Process Name - LogonUI.exe Process ID - 11368 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:01:03] New process found: Process Name - dwm.exe Process ID - 3652 Process Identity - Window Manager\DWM-4 [11-07-2023 22:01:06] Process Exited: Process Name - dllhost.exe Process ID - 13100 [11-07-2023 22:01:13] Process Exited: Process Name - dwm.exe Process ID - 3652 [11-07-2023 22:01:13] Process Exited: Process Name - csrss.exe Process ID - 11296 [11-07-2023 22:01:13] Process Exited: Process Name - LogonUI.exe Process ID - 11368 [11-07-2023 22:01:13] Process Exited: Process Name - winlogon.exe Process ID - 11740 [11-07-2023 22:01:15] New process found: Process Name - csrss.exe Process ID - 10220 Process Identity - SYSTEM [11-07-2023 22:01:15] New process found: Process Name - winlogon.exe Process ID - 15556 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:01:15] New process found: Process Name - LogonUI.exe Process ID - 10924 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:01:15] New process found: Process Name - dwm.exe Process ID - 10228 Process Identity - Window Manager\DWM-4 [11-07-2023 22:01:28] New process found: Process Name - w3wp.exe Process ID - 13380 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [11-07-2023 22:01:28] Process Exited: Process Name - w3wp.exe Process ID - 524 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [11-07-2023 22:01:28] Process Exited: Process Name - csrss.exe Process ID - 10220 [11-07-2023 22:01:28] Process Exited: Process Name - dwm.exe Process ID - 10228 [11-07-2023 22:01:28] Process Exited: Process Name - LogonUI.exe Process ID - 10924 [11-07-2023 22:01:28] Process Exited: Process Name - winlogon.exe Process ID - 15556 [11-07-2023 22:01:32] New process found: Process Name - csrss.exe Process ID - 12644 Process Identity - SYSTEM [11-07-2023 22:01:32] New process found: Process Name - winlogon.exe Process ID - 11744 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:01:33] New process found: Process Name - LogonUI.exe Process ID - 7880 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:01:33] New process found: Process Name - dwm.exe Process ID - 10788 Process Identity - Window Manager\DWM-4 [11-07-2023 22:01:43] Process Exited: Process Name - LogonUI.exe Process ID - 7880 [11-07-2023 22:01:43] Process Exited: Process Name - dwm.exe Process ID - 10788 [11-07-2023 22:01:43] Process Exited: Process Name - winlogon.exe Process ID - 11744 [11-07-2023 22:01:43] Process Exited: Process Name - csrss.exe Process ID - 12644 [11-07-2023 22:01:44] New process found: Process Name - csrss.exe Process ID - 15492 Process Identity - SYSTEM [11-07-2023 22:01:44] New process found: Process Name - winlogon.exe Process ID - 15576 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:01:45] New process found: Process Name - LogonUI.exe Process ID - 16332 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:01:45] New process found: Process Name - dwm.exe Process ID - 14868 Process Identity - Window Manager\DWM-4 [11-07-2023 22:01:58] Process Exited: Process Name - dwm.exe Process ID - 14868 [11-07-2023 22:01:58] Process Exited: Process Name - csrss.exe Process ID - 15492 [11-07-2023 22:01:58] Process Exited: Process Name - winlogon.exe Process ID - 15576 [11-07-2023 22:01:58] Process Exited: Process Name - LogonUI.exe Process ID - 16332 [11-07-2023 22:02:01] New process found: Process Name - w3wp.exe Process ID - 10420 Process Identity - IIS APPPOOL\DefaultAppPool Web application pool name - DefaultAppPool [11-07-2023 22:02:03] New process found: Process Name - csrss.exe Process ID - 8992 Process Identity - SYSTEM [11-07-2023 22:02:03] New process found: Process Name - winlogon.exe Process ID - 4408 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:02:04] New process found: Process Name - LogonUI.exe Process ID - 11340 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:02:04] New process found: Process Name - dwm.exe Process ID - 12852 Process Identity - Window Manager\DWM-4 [11-07-2023 22:02:13] Process Exited: Process Name - winlogon.exe Process ID - 4408 [11-07-2023 22:02:13] Process Exited: Process Name - csrss.exe Process ID - 8992 [11-07-2023 22:02:13] Process Exited: Process Name - LogonUI.exe Process ID - 11340 [11-07-2023 22:02:13] Process Exited: Process Name - dwm.exe Process ID - 12852 [11-07-2023 22:02:14] New process found: Process Name - csrss.exe Process ID - 2252 Process Identity - SYSTEM [11-07-2023 22:02:14] New process found: Process Name - winlogon.exe Process ID - 16272 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:02:14] New process found: Process Name - LogonUI.exe Process ID - 10472 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:02:14] New process found: Process Name - dwm.exe Process ID - 7080 Process Identity - Window Manager\DWM-4 [11-07-2023 22:02:28] Process Exited: Process Name - csrss.exe Process ID - 2252 [11-07-2023 22:02:28] Process Exited: Process Name - dwm.exe Process ID - 7080 [11-07-2023 22:02:28] Process Exited: Process Name - LogonUI.exe Process ID - 10472 [11-07-2023 22:02:28] Process Exited: Process Name - winlogon.exe Process ID - 16272 [11-07-2023 22:02:33] New process found: Process Name - csrss.exe Process ID - 1948 Process Identity - SYSTEM [11-07-2023 22:02:33] New process found: Process Name - winlogon.exe Process ID - 11612 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:02:33] New process found: Process Name - LogonUI.exe Process ID - 12884 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:02:33] New process found: Process Name - dwm.exe Process ID - 13064 Process Identity - Window Manager\DWM-4 [11-07-2023 22:02:43] Process Exited: Process Name - csrss.exe Process ID - 1948 [11-07-2023 22:02:43] Process Exited: Process Name - winlogon.exe Process ID - 11612 [11-07-2023 22:02:43] Process Exited: Process Name - LogonUI.exe Process ID - 12884 [11-07-2023 22:02:43] Process Exited: Process Name - dwm.exe Process ID - 13064 [11-07-2023 22:02:44] New process found: Process Name - csrss.exe Process ID - 12816 Process Identity - SYSTEM [11-07-2023 22:02:44] New process found: Process Name - winlogon.exe Process ID - 11812 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:02:46] New process found: Process Name - LogonUI.exe Process ID - 9164 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:02:46] New process found: Process Name - dwm.exe Process ID - 8876 Process Identity - Window Manager\DWM-4 [11-07-2023 22:02:47] Process Exited: Process Name - w3wp.exe Process ID - 13724 Web application pool name - suryaflame.com(domain)(4.0)(pool) [11-07-2023 22:02:47] Process Exited: Process Name - conhost.exe Process ID - 13860 [11-07-2023 22:02:58] Process Exited: Process Name - dwm.exe Process ID - 8876 [11-07-2023 22:02:58] Process Exited: Process Name - LogonUI.exe Process ID - 9164 [11-07-2023 22:02:58] Process Exited: Process Name - winlogon.exe Process ID - 11812 [11-07-2023 22:02:58] Process Exited: Process Name - csrss.exe Process ID - 12816 [11-07-2023 22:02:59] New process found: Process Name - smss.exe Process ID - 12864 Process Identity - SYSTEM [11-07-2023 22:02:59] New process found: Process Name - csrss.exe Process ID - 5708 Process Identity - SYSTEM [11-07-2023 22:03:00] New process found: Process Name - winlogon.exe Process ID - 15156 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:03:00] New process found: Process Name - LogonUI.exe Process ID - 11348 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:03:00] New process found: Process Name - dwm.exe Process ID - 15956 Process Identity - Window Manager\DWM-4 [11-07-2023 22:03:00] Process Exited: Process Name - smss.exe Process ID - 12864 [11-07-2023 22:03:09] New process found: Process Name - w3wp.exe Process ID - 9372 Process Identity - IIS APPPOOL\galaxytools.in Web application pool name - galaxytools.in [11-07-2023 22:03:14] Process Exited: Process Name - csrss.exe Process ID - 5708 [11-07-2023 22:03:14] Process Exited: Process Name - LogonUI.exe Process ID - 11348 [11-07-2023 22:03:14] Process Exited: Process Name - winlogon.exe Process ID - 15156 [11-07-2023 22:03:14] Process Exited: Process Name - dwm.exe Process ID - 15956 [11-07-2023 22:03:16] New process found: Process Name - csrss.exe Process ID - 7036 Process Identity - SYSTEM [11-07-2023 22:03:16] New process found: Process Name - winlogon.exe Process ID - 16016 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:03:17] New process found: Process Name - LogonUI.exe Process ID - 16316 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:03:17] New process found: Process Name - dwm.exe Process ID - 12244 Process Identity - Window Manager\DWM-4 [11-07-2023 22:03:22] New process found: Process Name - w3wp.exe Process ID - 15096 Process Identity - KSHITIJSINGHAL-\IWPD_74(suryafla_aw) Web application pool name - suryaflame.com(domain)(4.0)(pool) [11-07-2023 22:03:22] New process found: Process Name - conhost.exe Process ID - 1464 Process Identity - KSHITIJSINGHAL-\IWPD_74(suryafla_aw) [11-07-2023 22:03:29] Process Exited: Process Name - csrss.exe Process ID - 7036 [11-07-2023 22:03:29] Process Exited: Process Name - dwm.exe Process ID - 12244 [11-07-2023 22:03:29] Process Exited: Process Name - winlogon.exe Process ID - 16016 [11-07-2023 22:03:29] Process Exited: Process Name - LogonUI.exe Process ID - 16316 [11-07-2023 22:03:32] New process found: Process Name - csrss.exe Process ID - 6604 Process Identity - SYSTEM [11-07-2023 22:03:32] New process found: Process Name - winlogon.exe Process ID - 12956 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:03:32] New process found: Process Name - LogonUI.exe Process ID - 11696 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:03:32] New process found: Process Name - dwm.exe Process ID - 2416 Process Identity - Window Manager\DWM-4 [11-07-2023 22:03:44] Process Exited: Process Name - dwm.exe Process ID - 2416 [11-07-2023 22:03:44] Process Exited: Process Name - csrss.exe Process ID - 6604 [11-07-2023 22:03:44] Process Exited: Process Name - LogonUI.exe Process ID - 11696 [11-07-2023 22:03:44] Process Exited: Process Name - winlogon.exe Process ID - 12956 [11-07-2023 22:03:45] New process found: Process Name - csrss.exe Process ID - 13204 Process Identity - SYSTEM [11-07-2023 22:03:45] New process found: Process Name - winlogon.exe Process ID - 10364 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:03:46] New process found: Process Name - LogonUI.exe Process ID - 10408 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:03:46] New process found: Process Name - dwm.exe Process ID - 1824 Process Identity - Window Manager\DWM-4 [11-07-2023 22:03:59] Process Exited: Process Name - dwm.exe Process ID - 1824 [11-07-2023 22:03:59] Process Exited: Process Name - winlogon.exe Process ID - 10364 [11-07-2023 22:03:59] Process Exited: Process Name - LogonUI.exe Process ID - 10408 [11-07-2023 22:03:59] Process Exited: Process Name - csrss.exe Process ID - 13204 [11-07-2023 22:04:00] New process found: Process Name - csrss.exe Process ID - 15012 Process Identity - SYSTEM [11-07-2023 22:04:00] New process found: Process Name - winlogon.exe Process ID - 15908 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:04:01] New process found: Process Name - LogonUI.exe Process ID - 8776 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:04:01] New process found: Process Name - dwm.exe Process ID - 16340 Process Identity - Window Manager\DWM-4 [11-07-2023 22:04:14] Process Exited: Process Name - LogonUI.exe Process ID - 8776 [11-07-2023 22:04:14] Process Exited: Process Name - csrss.exe Process ID - 15012 [11-07-2023 22:04:14] Process Exited: Process Name - winlogon.exe Process ID - 15908 [11-07-2023 22:04:14] Process Exited: Process Name - dwm.exe Process ID - 16340 [11-07-2023 22:04:15] New process found: Process Name - csrss.exe Process ID - 9684 Process Identity - SYSTEM [11-07-2023 22:04:15] New process found: Process Name - winlogon.exe Process ID - 7804 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:04:16] New process found: Process Name - LogonUI.exe Process ID - 16112 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:04:16] New process found: Process Name - dwm.exe Process ID - 3312 Process Identity - Window Manager\DWM-4 [11-07-2023 22:04:29] Process Exited: Process Name - dwm.exe Process ID - 3312 [11-07-2023 22:04:29] Process Exited: Process Name - winlogon.exe Process ID - 7804 [11-07-2023 22:04:29] Process Exited: Process Name - csrss.exe Process ID - 9684 [11-07-2023 22:04:29] Process Exited: Process Name - LogonUI.exe Process ID - 16112 [11-07-2023 22:04:31] New process found: Process Name - csrss.exe Process ID - 10748 Process Identity - SYSTEM [11-07-2023 22:04:31] New process found: Process Name - winlogon.exe Process ID - 15944 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:04:32] New process found: Process Name - LogonUI.exe Process ID - 14444 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:04:32] New process found: Process Name - dwm.exe Process ID - 992 Process Identity - Window Manager\DWM-4 [11-07-2023 22:04:44] Process Exited: Process Name - dwm.exe Process ID - 992 [11-07-2023 22:04:44] Process Exited: Process Name - csrss.exe Process ID - 10748 [11-07-2023 22:04:44] Process Exited: Process Name - LogonUI.exe Process ID - 14444 [11-07-2023 22:04:44] Process Exited: Process Name - winlogon.exe Process ID - 15944 [11-07-2023 22:04:47] New process found: Process Name - csrss.exe Process ID - 6720 Process Identity - SYSTEM [11-07-2023 22:04:47] New process found: Process Name - winlogon.exe Process ID - 12740 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:04:47] New process found: Process Name - LogonUI.exe Process ID - 16032 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:04:47] New process found: Process Name - dwm.exe Process ID - 10340 Process Identity - Window Manager\DWM-4 [11-07-2023 22:04:59] Process Exited: Process Name - csrss.exe Process ID - 6720 [11-07-2023 22:04:59] Process Exited: Process Name - dwm.exe Process ID - 10340 [11-07-2023 22:04:59] Process Exited: Process Name - winlogon.exe Process ID - 12740 [11-07-2023 22:04:59] Process Exited: Process Name - LogonUI.exe Process ID - 16032 [11-07-2023 22:05:01] New process found: Process Name - csrss.exe Process ID - 4184 Process Identity - SYSTEM [11-07-2023 22:05:01] New process found: Process Name - winlogon.exe Process ID - 4372 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:05:03] New process found: Process Name - LogonUI.exe Process ID - 228 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:05:03] New process found: Process Name - dwm.exe Process ID - 12920 Process Identity - Window Manager\DWM-4 [11-07-2023 22:05:14] Process Exited: Process Name - LogonUI.exe Process ID - 228 [11-07-2023 22:05:14] Process Exited: Process Name - winlogon.exe Process ID - 4372 [11-07-2023 22:05:14] Process Exited: Process Name - dwm.exe Process ID - 12920 [11-07-2023 22:05:15] Process Exited: Process Name - csrss.exe Process ID - 4184 [11-07-2023 22:05:16] New process found: Process Name - csrss.exe Process ID - 10256 Process Identity - SYSTEM [11-07-2023 22:05:16] New process found: Process Name - winlogon.exe Process ID - 10328 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:05:18] New process found: Process Name - LogonUI.exe Process ID - 8944 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:05:18] New process found: Process Name - dwm.exe Process ID - 14256 Process Identity - Window Manager\DWM-4 [11-07-2023 22:05:29] Process Exited: Process Name - LogonUI.exe Process ID - 8944 [11-07-2023 22:05:29] Process Exited: Process Name - csrss.exe Process ID - 10256 [11-07-2023 22:05:29] Process Exited: Process Name - winlogon.exe Process ID - 10328 [11-07-2023 22:05:29] Process Exited: Process Name - dwm.exe Process ID - 14256 [11-07-2023 22:05:34] New process found: Process Name - csrss.exe Process ID - 4944 Process Identity - SYSTEM [11-07-2023 22:05:34] New process found: Process Name - winlogon.exe Process ID - 1728 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:05:35] New process found: Process Name - LogonUI.exe Process ID - 15796 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:05:35] New process found: Process Name - dwm.exe Process ID - 15424 Process Identity - Window Manager\DWM-4 [11-07-2023 22:05:44] Process Exited: Process Name - winlogon.exe Process ID - 1728 [11-07-2023 22:05:44] Process Exited: Process Name - csrss.exe Process ID - 4944 [11-07-2023 22:05:44] Process Exited: Process Name - dwm.exe Process ID - 15424 [11-07-2023 22:05:44] Process Exited: Process Name - LogonUI.exe Process ID - 15796 [11-07-2023 22:05:47] New process found: Process Name - csrss.exe Process ID - 10800 Process Identity - SYSTEM [11-07-2023 22:05:47] New process found: Process Name - winlogon.exe Process ID - 9464 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:05:48] New process found: Process Name - LogonUI.exe Process ID - 14536 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:05:48] New process found: Process Name - dwm.exe Process ID - 12068 Process Identity - Window Manager\DWM-4 [11-07-2023 22:05:59] Process Exited: Process Name - winlogon.exe Process ID - 9464 [11-07-2023 22:05:59] Process Exited: Process Name - csrss.exe Process ID - 10800 [11-07-2023 22:05:59] Process Exited: Process Name - dwm.exe Process ID - 12068 [11-07-2023 22:05:59] Process Exited: Process Name - LogonUI.exe Process ID - 14536 [11-07-2023 22:06:03] New process found: Process Name - csrss.exe Process ID - 10720 Process Identity - SYSTEM [11-07-2023 22:06:03] New process found: Process Name - winlogon.exe Process ID - 7004 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:06:04] New process found: Process Name - LogonUI.exe Process ID - 12324 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:06:04] New process found: Process Name - dwm.exe Process ID - 8552 Process Identity - Window Manager\DWM-4 [11-07-2023 22:06:14] Process Exited: Process Name - winlogon.exe Process ID - 7004 [11-07-2023 22:06:14] Process Exited: Process Name - dwm.exe Process ID - 8552 [11-07-2023 22:06:14] Process Exited: Process Name - csrss.exe Process ID - 10720 [11-07-2023 22:06:14] Process Exited: Process Name - LogonUI.exe Process ID - 12324 [11-07-2023 22:06:16] New process found: Process Name - csrss.exe Process ID - 16188 Process Identity - SYSTEM [11-07-2023 22:06:16] New process found: Process Name - winlogon.exe Process ID - 10664 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:06:16] New process found: Process Name - LogonUI.exe Process ID - 856 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:06:16] New process found: Process Name - dwm.exe Process ID - 5544 Process Identity - Window Manager\DWM-4 [11-07-2023 22:06:29] New process found: Process Name - w3wp.exe Process ID - 10832 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [11-07-2023 22:06:29] Process Exited: Process Name - LogonUI.exe Process ID - 856 [11-07-2023 22:06:29] Process Exited: Process Name - dwm.exe Process ID - 5544 [11-07-2023 22:06:29] Process Exited: Process Name - winlogon.exe Process ID - 10664 [11-07-2023 22:06:29] Process Exited: Process Name - w3wp.exe Process ID - 13380 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [11-07-2023 22:06:29] Process Exited: Process Name - csrss.exe Process ID - 16188 [11-07-2023 22:06:30] New process found: Process Name - csrss.exe Process ID - 7892 Process Identity - SYSTEM [11-07-2023 22:06:30] New process found: Process Name - winlogon.exe Process ID - 8868 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:06:31] New process found: Process Name - LogonUI.exe Process ID - 14356 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:06:31] New process found: Process Name - dwm.exe Process ID - 13592 Process Identity - Window Manager\DWM-4 [11-07-2023 22:06:44] Process Exited: Process Name - csrss.exe Process ID - 7892 [11-07-2023 22:06:44] Process Exited: Process Name - winlogon.exe Process ID - 8868 [11-07-2023 22:06:44] Process Exited: Process Name - dwm.exe Process ID - 13592 [11-07-2023 22:06:44] Process Exited: Process Name - LogonUI.exe Process ID - 14356 [11-07-2023 22:06:46] New process found: Process Name - csrss.exe Process ID - 13252 Process Identity - SYSTEM [11-07-2023 22:06:46] New process found: Process Name - winlogon.exe Process ID - 15692 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:06:47] New process found: Process Name - LogonUI.exe Process ID - 15604 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:06:47] New process found: Process Name - dwm.exe Process ID - 6744 Process Identity - Window Manager\DWM-4 [11-07-2023 22:06:51] Process Exited: Process Name - w3wp.exe Process ID - 2956 Web application pool name - capitalbooks-publishing.com(domain)(4.0)(pool) [11-07-2023 22:06:59] Process Exited: Process Name - dwm.exe Process ID - 6744 [11-07-2023 22:06:59] Process Exited: Process Name - csrss.exe Process ID - 13252 [11-07-2023 22:06:59] Process Exited: Process Name - LogonUI.exe Process ID - 15604 [11-07-2023 22:06:59] Process Exited: Process Name - winlogon.exe Process ID - 15692 [11-07-2023 22:07:02] New process found: Process Name - csrss.exe Process ID - 14480 Process Identity - SYSTEM [11-07-2023 22:07:02] New process found: Process Name - winlogon.exe Process ID - 13752 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:07:02] New process found: Process Name - LogonUI.exe Process ID - 4208 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:07:02] New process found: Process Name - dwm.exe Process ID - 16300 Process Identity - Window Manager\DWM-4 [11-07-2023 22:07:14] Process Exited: Process Name - LogonUI.exe Process ID - 4208 [11-07-2023 22:07:14] Process Exited: Process Name - winlogon.exe Process ID - 13752 [11-07-2023 22:07:14] Process Exited: Process Name - dwm.exe Process ID - 16300 [11-07-2023 22:07:15] Process Exited: Process Name - csrss.exe Process ID - 14480 [11-07-2023 22:07:16] New process found: Process Name - csrss.exe Process ID - 9272 Process Identity - SYSTEM [11-07-2023 22:07:16] New process found: Process Name - winlogon.exe Process ID - 14152 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:07:16] New process found: Process Name - LogonUI.exe Process ID - 32 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:07:16] New process found: Process Name - dwm.exe Process ID - 15728 Process Identity - Window Manager\DWM-4 [11-07-2023 22:07:29] Process Exited: Process Name - LogonUI.exe Process ID - 32 [11-07-2023 22:07:29] Process Exited: Process Name - csrss.exe Process ID - 9272 [11-07-2023 22:07:29] Process Exited: Process Name - winlogon.exe Process ID - 14152 [11-07-2023 22:07:29] Process Exited: Process Name - dwm.exe Process ID - 15728 [11-07-2023 22:07:32] New process found: Process Name - smss.exe Process ID - 732 Process Identity - SYSTEM [11-07-2023 22:07:32] New process found: Process Name - csrss.exe Process ID - 13816 Process Identity - SYSTEM [11-07-2023 22:07:33] New process found: Process Name - winlogon.exe Process ID - 8872 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:07:33] New process found: Process Name - LogonUI.exe Process ID - 14584 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:07:33] New process found: Process Name - dwm.exe Process ID - 8584 Process Identity - Window Manager\DWM-4 [11-07-2023 22:07:33] Process Exited: Process Name - smss.exe Process ID - 732 [11-07-2023 22:07:44] Process Exited: Process Name - dwm.exe Process ID - 8584 [11-07-2023 22:07:44] Process Exited: Process Name - winlogon.exe Process ID - 8872 [11-07-2023 22:07:44] Process Exited: Process Name - csrss.exe Process ID - 13816 [11-07-2023 22:07:44] Process Exited: Process Name - LogonUI.exe Process ID - 14584 [11-07-2023 22:07:46] New process found: Process Name - csrss.exe Process ID - 13860 Process Identity - SYSTEM [11-07-2023 22:07:46] New process found: Process Name - winlogon.exe Process ID - 12036 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:07:47] New process found: Process Name - LogonUI.exe Process ID - 13808 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:07:47] New process found: Process Name - dwm.exe Process ID - 6224 Process Identity - Window Manager\DWM-4 [11-07-2023 22:07:59] Process Exited: Process Name - dwm.exe Process ID - 6224 [11-07-2023 22:07:59] Process Exited: Process Name - winlogon.exe Process ID - 12036 [11-07-2023 22:07:59] Process Exited: Process Name - LogonUI.exe Process ID - 13808 [11-07-2023 22:07:59] Process Exited: Process Name - csrss.exe Process ID - 13860 [11-07-2023 22:08:02] New process found: Process Name - csrss.exe Process ID - 15184 Process Identity - SYSTEM [11-07-2023 22:08:02] New process found: Process Name - winlogon.exe Process ID - 10700 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:08:03] Process Exited: Process Name - w3wp.exe Process ID - 10420 Web application pool name - DefaultAppPool [11-07-2023 22:08:04] New process found: Process Name - LogonUI.exe Process ID - 12212 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:08:04] New process found: Process Name - dwm.exe Process ID - 13992 Process Identity - Window Manager\DWM-4 [11-07-2023 22:08:14] Process Exited: Process Name - winlogon.exe Process ID - 10700 [11-07-2023 22:08:14] Process Exited: Process Name - LogonUI.exe Process ID - 12212 [11-07-2023 22:08:14] Process Exited: Process Name - dwm.exe Process ID - 13992 [11-07-2023 22:08:14] Process Exited: Process Name - csrss.exe Process ID - 15184 [11-07-2023 22:08:22] New process found: Process Name - csrss.exe Process ID - 12960 Process Identity - SYSTEM [11-07-2023 22:08:22] New process found: Process Name - winlogon.exe Process ID - 14364 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:08:23] New process found: Process Name - LogonUI.exe Process ID - 12056 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:08:23] New process found: Process Name - dwm.exe Process ID - 15072 Process Identity - Window Manager\DWM-4 [11-07-2023 22:08:29] Process Exited: Process Name - LogonUI.exe Process ID - 12056 [11-07-2023 22:08:29] Process Exited: Process Name - csrss.exe Process ID - 12960 [11-07-2023 22:08:29] Process Exited: Process Name - winlogon.exe Process ID - 14364 [11-07-2023 22:08:29] Process Exited: Process Name - dwm.exe Process ID - 15072 [11-07-2023 22:08:34] New process found: Process Name - csrss.exe Process ID - 8372 Process Identity - SYSTEM [11-07-2023 22:08:34] New process found: Process Name - winlogon.exe Process ID - 12180 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:08:34] New process found: Process Name - LogonUI.exe Process ID - 13216 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:08:34] New process found: Process Name - dwm.exe Process ID - 592 Process Identity - Window Manager\DWM-4 [11-07-2023 22:08:44] Process Exited: Process Name - dwm.exe Process ID - 592 [11-07-2023 22:08:44] Process Exited: Process Name - csrss.exe Process ID - 8372 [11-07-2023 22:08:44] Process Exited: Process Name - winlogon.exe Process ID - 12180 [11-07-2023 22:08:44] Process Exited: Process Name - LogonUI.exe Process ID - 13216 [11-07-2023 22:08:49] New process found: Process Name - csrss.exe Process ID - 14236 Process Identity - SYSTEM [11-07-2023 22:08:49] New process found: Process Name - winlogon.exe Process ID - 10908 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:08:50] New process found: Process Name - LogonUI.exe Process ID - 656 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:08:50] New process found: Process Name - dwm.exe Process ID - 14724 Process Identity - Window Manager\DWM-4 [11-07-2023 22:08:54] New process found: Process Name - WmiPrvSE.exe Process ID - 14592 Process Identity - NT AUTHORITY\LOCAL SERVICE [11-07-2023 22:08:59] Process Exited: Process Name - LogonUI.exe Process ID - 656 [11-07-2023 22:08:59] Process Exited: Process Name - winlogon.exe Process ID - 10908 [11-07-2023 22:08:59] Process Exited: Process Name - csrss.exe Process ID - 14236 [11-07-2023 22:08:59] Process Exited: Process Name - dwm.exe Process ID - 14724 [11-07-2023 22:09:01] New process found: Process Name - csrss.exe Process ID - 2276 Process Identity - SYSTEM [11-07-2023 22:09:01] New process found: Process Name - winlogon.exe Process ID - 15248 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:09:01] New process found: Process Name - WmiPrvSE.exe Process ID - 9532 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:09:01] New process found: Process Name - LogonUI.exe Process ID - 11384 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:09:01] New process found: Process Name - dwm.exe Process ID - 4984 Process Identity - Window Manager\DWM-4 [11-07-2023 22:09:11] Process Exited: Process Name - w3wp.exe Process ID - 9372 Web application pool name - galaxytools.in [11-07-2023 22:09:14] Process Exited: Process Name - csrss.exe Process ID - 2276 [11-07-2023 22:09:14] Process Exited: Process Name - dwm.exe Process ID - 4984 [11-07-2023 22:09:14] Process Exited: Process Name - LogonUI.exe Process ID - 11384 [11-07-2023 22:09:14] Process Exited: Process Name - winlogon.exe Process ID - 15248 [11-07-2023 22:09:16] New process found: Process Name - csrss.exe Process ID - 11600 Process Identity - SYSTEM [11-07-2023 22:09:16] New process found: Process Name - winlogon.exe Process ID - 12504 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:09:16] New process found: Process Name - LogonUI.exe Process ID - 15764 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:09:16] New process found: Process Name - dwm.exe Process ID - 12012 Process Identity - Window Manager\DWM-4 [11-07-2023 22:09:29] Process Exited: Process Name - dwm.exe Process ID - 12012 [11-07-2023 22:09:29] Process Exited: Process Name - winlogon.exe Process ID - 12504 [11-07-2023 22:09:29] Process Exited: Process Name - LogonUI.exe Process ID - 15764 [11-07-2023 22:09:30] Process Exited: Process Name - csrss.exe Process ID - 11600 [11-07-2023 22:09:32] New process found: Process Name - csrss.exe Process ID - 10844 Process Identity - SYSTEM [11-07-2023 22:09:32] New process found: Process Name - winlogon.exe Process ID - 15268 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:09:33] New process found: Process Name - LogonUI.exe Process ID - 14288 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:09:33] New process found: Process Name - dwm.exe Process ID - 12776 Process Identity - Window Manager\DWM-4 [11-07-2023 22:09:45] Process Exited: Process Name - csrss.exe Process ID - 10844 [11-07-2023 22:09:45] Process Exited: Process Name - dwm.exe Process ID - 12776 [11-07-2023 22:09:45] Process Exited: Process Name - LogonUI.exe Process ID - 14288 [11-07-2023 22:09:45] Process Exited: Process Name - winlogon.exe Process ID - 15268 [11-07-2023 22:09:47] New process found: Process Name - csrss.exe Process ID - 11140 Process Identity - SYSTEM [11-07-2023 22:09:47] New process found: Process Name - winlogon.exe Process ID - 14024 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:09:49] New process found: Process Name - LogonUI.exe Process ID - 15756 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:09:49] New process found: Process Name - dwm.exe Process ID - 12800 Process Identity - Window Manager\DWM-4 [11-07-2023 22:10:01] Process Exited: Process Name - csrss.exe Process ID - 11140 [11-07-2023 22:10:01] Process Exited: Process Name - dwm.exe Process ID - 12800 [11-07-2023 22:10:01] Process Exited: Process Name - winlogon.exe Process ID - 14024 [11-07-2023 22:10:01] Process Exited: Process Name - LogonUI.exe Process ID - 15756 [11-07-2023 22:10:03] New process found: Process Name - csrss.exe Process ID - 9860 Process Identity - SYSTEM [11-07-2023 22:10:03] New process found: Process Name - winlogon.exe Process ID - 4004 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:10:05] New process found: Process Name - LogonUI.exe Process ID - 8016 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:10:05] New process found: Process Name - dwm.exe Process ID - 14980 Process Identity - Window Manager\DWM-4 [11-07-2023 22:10:16] Process Exited: Process Name - winlogon.exe Process ID - 4004 [11-07-2023 22:10:16] Process Exited: Process Name - LogonUI.exe Process ID - 8016 [11-07-2023 22:10:16] Process Exited: Process Name - csrss.exe Process ID - 9860 [11-07-2023 22:10:16] Process Exited: Process Name - dwm.exe Process ID - 14980 [11-07-2023 22:10:18] New process found: Process Name - csrss.exe Process ID - 12740 Process Identity - SYSTEM [11-07-2023 22:10:18] New process found: Process Name - winlogon.exe Process ID - 11952 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:10:19] New process found: Process Name - LogonUI.exe Process ID - 15464 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:10:19] New process found: Process Name - dwm.exe Process ID - 12704 Process Identity - Window Manager\DWM-4 [11-07-2023 22:10:25] Process Exited: Process Name - WmiPrvSE.exe Process ID - 9532 [11-07-2023 22:10:25] Process Exited: Process Name - WmiPrvSE.exe Process ID - 14592 [11-07-2023 22:10:31] Process Exited: Process Name - winlogon.exe Process ID - 11952 [11-07-2023 22:10:31] Process Exited: Process Name - dwm.exe Process ID - 12704 [11-07-2023 22:10:31] Process Exited: Process Name - csrss.exe Process ID - 12740 [11-07-2023 22:10:31] Process Exited: Process Name - LogonUI.exe Process ID - 15464 [11-07-2023 22:10:32] New process found: Process Name - csrss.exe Process ID - 16128 Process Identity - SYSTEM [11-07-2023 22:10:32] New process found: Process Name - winlogon.exe Process ID - 2600 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:10:33] New process found: Process Name - LogonUI.exe Process ID - 7376 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:10:33] New process found: Process Name - dwm.exe Process ID - 14880 Process Identity - Window Manager\DWM-4 [11-07-2023 22:10:46] Process Exited: Process Name - winlogon.exe Process ID - 2600 [11-07-2023 22:10:46] Process Exited: Process Name - LogonUI.exe Process ID - 7376 [11-07-2023 22:10:46] Process Exited: Process Name - dwm.exe Process ID - 14880 [11-07-2023 22:10:46] Process Exited: Process Name - csrss.exe Process ID - 16128 [11-07-2023 22:10:47] New process found: Process Name - csrss.exe Process ID - 16096 Process Identity - SYSTEM [11-07-2023 22:10:47] New process found: Process Name - winlogon.exe Process ID - 7680 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:10:48] New process found: Process Name - LogonUI.exe Process ID - 8556 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:10:48] New process found: Process Name - dwm.exe Process ID - 13400 Process Identity - Window Manager\DWM-4 [11-07-2023 22:11:01] Process Exited: Process Name - winlogon.exe Process ID - 7680 [11-07-2023 22:11:01] Process Exited: Process Name - LogonUI.exe Process ID - 8556 [11-07-2023 22:11:01] Process Exited: Process Name - dwm.exe Process ID - 13400 [11-07-2023 22:11:01] Process Exited: Process Name - csrss.exe Process ID - 16096 [11-07-2023 22:11:05] New process found: Process Name - csrss.exe Process ID - 10656 Process Identity - SYSTEM [11-07-2023 22:11:05] New process found: Process Name - winlogon.exe Process ID - 11092 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:11:06] New process found: Process Name - LogonUI.exe Process ID - 1724 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:11:06] New process found: Process Name - dwm.exe Process ID - 9984 Process Identity - Window Manager\DWM-4 [11-07-2023 22:11:06] New process found: Process Name - w3wp.exe Process ID - 15820 Process Identity - KSHITIJSINGHAL-\IWPD_38(capitalbook) Web application pool name - capitalbooks-publishing.com(domain)(4.0)(pool) [11-07-2023 22:11:16] Process Exited: Process Name - LogonUI.exe Process ID - 1724 [11-07-2023 22:11:16] Process Exited: Process Name - dwm.exe Process ID - 9984 [11-07-2023 22:11:16] Process Exited: Process Name - csrss.exe Process ID - 10656 [11-07-2023 22:11:16] Process Exited: Process Name - winlogon.exe Process ID - 11092 [11-07-2023 22:11:19] New process found: Process Name - smss.exe Process ID - 12424 Process Identity - SYSTEM [11-07-2023 22:11:19] New process found: Process Name - csrss.exe Process ID - 13420 Process Identity - SYSTEM [11-07-2023 22:11:20] New process found: Process Name - winlogon.exe Process ID - 9432 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:11:20] New process found: Process Name - LogonUI.exe Process ID - 11404 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:11:20] New process found: Process Name - dwm.exe Process ID - 14544 Process Identity - Window Manager\DWM-4 [11-07-2023 22:11:20] Process Exited: Process Name - smss.exe Process ID - 12424 [11-07-2023 22:11:31] New process found: Process Name - w3wp.exe Process ID - 8624 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [11-07-2023 22:11:31] Process Exited: Process Name - w3wp.exe Process ID - 10832 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [11-07-2023 22:11:32] Process Exited: Process Name - winlogon.exe Process ID - 9432 [11-07-2023 22:11:32] Process Exited: Process Name - LogonUI.exe Process ID - 11404 [11-07-2023 22:11:32] Process Exited: Process Name - dwm.exe Process ID - 14544 [11-07-2023 22:11:33] Process Exited: Process Name - csrss.exe Process ID - 13420 [11-07-2023 22:11:34] New process found: Process Name - csrss.exe Process ID - 11876 Process Identity - SYSTEM [11-07-2023 22:11:34] New process found: Process Name - winlogon.exe Process ID - 14248 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:11:35] New process found: Process Name - LogonUI.exe Process ID - 6612 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:11:35] New process found: Process Name - dwm.exe Process ID - 14276 Process Identity - Window Manager\DWM-4 [11-07-2023 22:11:47] Process Exited: Process Name - LogonUI.exe Process ID - 6612 [11-07-2023 22:11:47] Process Exited: Process Name - winlogon.exe Process ID - 14248 [11-07-2023 22:11:47] Process Exited: Process Name - dwm.exe Process ID - 14276 [11-07-2023 22:11:48] Process Exited: Process Name - csrss.exe Process ID - 11876 [11-07-2023 22:11:52] New process found: Process Name - csrss.exe Process ID - 10852 Process Identity - SYSTEM [11-07-2023 22:11:52] New process found: Process Name - winlogon.exe Process ID - 10016 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:11:54] New process found: Process Name - LogonUI.exe Process ID - 15976 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:11:54] New process found: Process Name - dwm.exe Process ID - 10476 Process Identity - Window Manager\DWM-4 [11-07-2023 22:12:03] Process Exited: Process Name - winlogon.exe Process ID - 10016 [11-07-2023 22:12:03] Process Exited: Process Name - dwm.exe Process ID - 10476 [11-07-2023 22:12:03] Process Exited: Process Name - csrss.exe Process ID - 10852 [11-07-2023 22:12:03] Process Exited: Process Name - LogonUI.exe Process ID - 15976 [11-07-2023 22:12:07] New process found: Process Name - csrss.exe Process ID - 13380 Process Identity - SYSTEM [11-07-2023 22:12:07] New process found: Process Name - winlogon.exe Process ID - 15792 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:12:08] New process found: Process Name - LogonUI.exe Process ID - 3500 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:12:08] New process found: Process Name - dwm.exe Process ID - 15396 Process Identity - Window Manager\DWM-4 [11-07-2023 22:12:18] Process Exited: Process Name - LogonUI.exe Process ID - 3500 [11-07-2023 22:12:18] Process Exited: Process Name - csrss.exe Process ID - 13380 [11-07-2023 22:12:18] Process Exited: Process Name - dwm.exe Process ID - 15396 [11-07-2023 22:12:18] Process Exited: Process Name - winlogon.exe Process ID - 15792 [11-07-2023 22:12:19] New process found: Process Name - csrss.exe Process ID - 11044 Process Identity - SYSTEM [11-07-2023 22:12:19] New process found: Process Name - winlogon.exe Process ID - 6752 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:12:20] New process found: Process Name - LogonUI.exe Process ID - 10728 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:12:20] New process found: Process Name - dwm.exe Process ID - 2720 Process Identity - Window Manager\DWM-4 [11-07-2023 22:12:33] Process Exited: Process Name - dwm.exe Process ID - 2720 [11-07-2023 22:12:33] Process Exited: Process Name - winlogon.exe Process ID - 6752 [11-07-2023 22:12:33] Process Exited: Process Name - LogonUI.exe Process ID - 10728 [11-07-2023 22:12:33] Process Exited: Process Name - csrss.exe Process ID - 11044 [11-07-2023 22:12:36] New process found: Process Name - csrss.exe Process ID - 16080 Process Identity - SYSTEM [11-07-2023 22:12:36] New process found: Process Name - winlogon.exe Process ID - 12260 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:12:37] New process found: Process Name - LogonUI.exe Process ID - 12408 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:12:37] New process found: Process Name - dwm.exe Process ID - 15604 Process Identity - Window Manager\DWM-4 [11-07-2023 22:12:48] Process Exited: Process Name - winlogon.exe Process ID - 12260 [11-07-2023 22:12:48] Process Exited: Process Name - LogonUI.exe Process ID - 12408 [11-07-2023 22:12:48] Process Exited: Process Name - dwm.exe Process ID - 15604 [11-07-2023 22:12:48] Process Exited: Process Name - csrss.exe Process ID - 16080 [11-07-2023 22:12:51] New process found: Process Name - csrss.exe Process ID - 15368 Process Identity - SYSTEM [11-07-2023 22:12:51] New process found: Process Name - winlogon.exe Process ID - 14868 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:12:51] New process found: Process Name - LogonUI.exe Process ID - 7804 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:12:51] New process found: Process Name - dwm.exe Process ID - 11140 Process Identity - Window Manager\DWM-4 [11-07-2023 22:13:03] Process Exited: Process Name - LogonUI.exe Process ID - 7804 [11-07-2023 22:13:03] Process Exited: Process Name - dwm.exe Process ID - 11140 [11-07-2023 22:13:03] Process Exited: Process Name - winlogon.exe Process ID - 14868 [11-07-2023 22:13:03] Process Exited: Process Name - csrss.exe Process ID - 15368 [11-07-2023 22:13:04] New process found: Process Name - csrss.exe Process ID - 11784 Process Identity - SYSTEM [11-07-2023 22:13:04] New process found: Process Name - winlogon.exe Process ID - 11436 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:13:05] New process found: Process Name - LogonUI.exe Process ID - 9196 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:13:05] New process found: Process Name - dwm.exe Process ID - 8752 Process Identity - Window Manager\DWM-4 [11-07-2023 22:13:18] Process Exited: Process Name - dwm.exe Process ID - 8752 [11-07-2023 22:13:18] Process Exited: Process Name - LogonUI.exe Process ID - 9196 [11-07-2023 22:13:18] Process Exited: Process Name - winlogon.exe Process ID - 11436 [11-07-2023 22:13:18] Process Exited: Process Name - csrss.exe Process ID - 11784 [11-07-2023 22:13:21] New process found: Process Name - csrss.exe Process ID - 15972 Process Identity - SYSTEM [11-07-2023 22:13:21] New process found: Process Name - winlogon.exe Process ID - 9736 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:13:22] New process found: Process Name - LogonUI.exe Process ID - 15388 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:13:22] New process found: Process Name - dwm.exe Process ID - 15288 Process Identity - Window Manager\DWM-4 [11-07-2023 22:13:33] Process Exited: Process Name - winlogon.exe Process ID - 9736 [11-07-2023 22:13:33] Process Exited: Process Name - dwm.exe Process ID - 15288 [11-07-2023 22:13:33] Process Exited: Process Name - LogonUI.exe Process ID - 15388 [11-07-2023 22:13:33] Process Exited: Process Name - csrss.exe Process ID - 15972 [11-07-2023 22:13:34] New process found: Process Name - smss.exe Process ID - 8980 Process Identity - SYSTEM [11-07-2023 22:13:34] New process found: Process Name - csrss.exe Process ID - 11612 Process Identity - SYSTEM [11-07-2023 22:13:35] New process found: Process Name - winlogon.exe Process ID - 13008 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:13:35] New process found: Process Name - LogonUI.exe Process ID - 15932 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:13:35] New process found: Process Name - dwm.exe Process ID - 2284 Process Identity - Window Manager\DWM-4 [11-07-2023 22:13:35] Process Exited: Process Name - smss.exe Process ID - 8980 [11-07-2023 22:13:48] Process Exited: Process Name - dwm.exe Process ID - 2284 [11-07-2023 22:13:48] Process Exited: Process Name - csrss.exe Process ID - 11612 [11-07-2023 22:13:48] Process Exited: Process Name - winlogon.exe Process ID - 13008 [11-07-2023 22:13:48] Process Exited: Process Name - LogonUI.exe Process ID - 15932 [11-07-2023 22:13:50] New process found: Process Name - csrss.exe Process ID - 15912 Process Identity - SYSTEM [11-07-2023 22:13:50] New process found: Process Name - winlogon.exe Process ID - 11672 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:13:50] New process found: Process Name - LogonUI.exe Process ID - 8840 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:13:50] New process found: Process Name - dwm.exe Process ID - 12536 Process Identity - Window Manager\DWM-4 [11-07-2023 22:14:03] Process Exited: Process Name - LogonUI.exe Process ID - 8840 [11-07-2023 22:14:03] Process Exited: Process Name - winlogon.exe Process ID - 11672 [11-07-2023 22:14:03] Process Exited: Process Name - dwm.exe Process ID - 12536 [11-07-2023 22:14:03] Process Exited: Process Name - csrss.exe Process ID - 15912 [11-07-2023 22:14:04] New process found: Process Name - csrss.exe Process ID - 7368 Process Identity - SYSTEM [11-07-2023 22:14:04] New process found: Process Name - winlogon.exe Process ID - 14060 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:14:05] New process found: Process Name - LogonUI.exe Process ID - 11120 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:14:05] New process found: Process Name - dwm.exe Process ID - 15560 Process Identity - Window Manager\DWM-4 [11-07-2023 22:14:18] Process Exited: Process Name - csrss.exe Process ID - 7368 [11-07-2023 22:14:18] Process Exited: Process Name - LogonUI.exe Process ID - 11120 [11-07-2023 22:14:18] Process Exited: Process Name - winlogon.exe Process ID - 14060 [11-07-2023 22:14:18] Process Exited: Process Name - dwm.exe Process ID - 15560 [11-07-2023 22:14:20] New process found: Process Name - csrss.exe Process ID - 12424 Process Identity - SYSTEM [11-07-2023 22:14:20] New process found: Process Name - winlogon.exe Process ID - 10360 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:14:20] New process found: Process Name - LogonUI.exe Process ID - 5072 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:14:20] New process found: Process Name - dwm.exe Process ID - 7644 Process Identity - Window Manager\DWM-4 [11-07-2023 22:14:33] Process Exited: Process Name - LogonUI.exe Process ID - 5072 [11-07-2023 22:14:33] Process Exited: Process Name - dwm.exe Process ID - 7644 [11-07-2023 22:14:33] Process Exited: Process Name - winlogon.exe Process ID - 10360 [11-07-2023 22:14:33] Process Exited: Process Name - csrss.exe Process ID - 12424 [11-07-2023 22:14:34] New process found: Process Name - csrss.exe Process ID - 12016 Process Identity - SYSTEM [11-07-2023 22:14:34] New process found: Process Name - winlogon.exe Process ID - 15552 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:14:35] New process found: Process Name - LogonUI.exe Process ID - 11388 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:14:35] New process found: Process Name - dwm.exe Process ID - 11004 Process Identity - Window Manager\DWM-4 [11-07-2023 22:14:35] Process Exited: Process Name - w3wp.exe Process ID - 10676 Web application pool name - adminmain.acwits.in(domain)(4.0)(pool) [11-07-2023 22:14:35] Process Exited: Process Name - conhost.exe Process ID - 15364 [11-07-2023 22:14:48] Process Exited: Process Name - dwm.exe Process ID - 11004 [11-07-2023 22:14:48] Process Exited: Process Name - LogonUI.exe Process ID - 11388 [11-07-2023 22:14:48] Process Exited: Process Name - csrss.exe Process ID - 12016 [11-07-2023 22:14:48] Process Exited: Process Name - winlogon.exe Process ID - 15552 [11-07-2023 22:14:49] New process found: Process Name - csrss.exe Process ID - 11740 Process Identity - SYSTEM [11-07-2023 22:14:49] New process found: Process Name - winlogon.exe Process ID - 2276 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:14:52] New process found: Process Name - LogonUI.exe Process ID - 14112 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:14:52] New process found: Process Name - dwm.exe Process ID - 14440 Process Identity - Window Manager\DWM-4 [11-07-2023 22:15:03] Process Exited: Process Name - winlogon.exe Process ID - 2276 [11-07-2023 22:15:03] Process Exited: Process Name - csrss.exe Process ID - 11740 [11-07-2023 22:15:03] Process Exited: Process Name - LogonUI.exe Process ID - 14112 [11-07-2023 22:15:03] Process Exited: Process Name - dwm.exe Process ID - 14440 [11-07-2023 22:15:05] New process found: Process Name - csrss.exe Process ID - 2412 Process Identity - SYSTEM [11-07-2023 22:15:05] New process found: Process Name - winlogon.exe Process ID - 14272 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:15:05] New process found: Process Name - LogonUI.exe Process ID - 11844 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:15:05] New process found: Process Name - dwm.exe Process ID - 15816 Process Identity - Window Manager\DWM-4 [11-07-2023 22:15:18] Process Exited: Process Name - csrss.exe Process ID - 2412 [11-07-2023 22:15:18] Process Exited: Process Name - LogonUI.exe Process ID - 11844 [11-07-2023 22:15:18] Process Exited: Process Name - winlogon.exe Process ID - 14272 [11-07-2023 22:15:18] Process Exited: Process Name - dwm.exe Process ID - 15816 [11-07-2023 22:15:19] New process found: Process Name - csrss.exe Process ID - 11816 Process Identity - SYSTEM [11-07-2023 22:15:19] New process found: Process Name - winlogon.exe Process ID - 13500 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:15:20] New process found: Process Name - LogonUI.exe Process ID - 7664 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:15:20] New process found: Process Name - dwm.exe Process ID - 6444 Process Identity - Window Manager\DWM-4 [11-07-2023 22:15:22] New process found: Process Name - w3wp.exe Process ID - 10368 Process Identity - KSHITIJSINGHAL-\IWPD_50(acwits) Web application pool name - adminmain.acwits.in(domain)(4.0)(pool) [11-07-2023 22:15:22] New process found: Process Name - conhost.exe Process ID - 11800 Process Identity - KSHITIJSINGHAL-\IWPD_50(acwits) [11-07-2023 22:15:33] Process Exited: Process Name - dwm.exe Process ID - 6444 [11-07-2023 22:15:33] Process Exited: Process Name - LogonUI.exe Process ID - 7664 [11-07-2023 22:15:33] Process Exited: Process Name - csrss.exe Process ID - 11816 [11-07-2023 22:15:33] Process Exited: Process Name - winlogon.exe Process ID - 13500 [11-07-2023 22:15:38] New process found: Process Name - csrss.exe Process ID - 12032 Process Identity - SYSTEM [11-07-2023 22:15:38] New process found: Process Name - winlogon.exe Process ID - 11316 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:15:40] New process found: Process Name - LogonUI.exe Process ID - 10884 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:15:40] New process found: Process Name - dwm.exe Process ID - 6064 Process Identity - Window Manager\DWM-4 [11-07-2023 22:15:48] Process Exited: Process Name - dwm.exe Process ID - 6064 [11-07-2023 22:15:48] Process Exited: Process Name - LogonUI.exe Process ID - 10884 [11-07-2023 22:15:48] Process Exited: Process Name - winlogon.exe Process ID - 11316 [11-07-2023 22:15:48] Process Exited: Process Name - csrss.exe Process ID - 12032 [11-07-2023 22:15:50] New process found: Process Name - csrss.exe Process ID - 8652 Process Identity - SYSTEM [11-07-2023 22:15:50] New process found: Process Name - winlogon.exe Process ID - 8964 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:15:51] New process found: Process Name - LogonUI.exe Process ID - 5112 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:15:51] New process found: Process Name - dwm.exe Process ID - 15888 Process Identity - Window Manager\DWM-4 [11-07-2023 22:16:03] Process Exited: Process Name - LogonUI.exe Process ID - 5112 [11-07-2023 22:16:03] Process Exited: Process Name - csrss.exe Process ID - 8652 [11-07-2023 22:16:03] Process Exited: Process Name - winlogon.exe Process ID - 8964 [11-07-2023 22:16:03] Process Exited: Process Name - dwm.exe Process ID - 15888 [11-07-2023 22:16:08] New process found: Process Name - csrss.exe Process ID - 9696 Process Identity - SYSTEM [11-07-2023 22:16:08] New process found: Process Name - winlogon.exe Process ID - 9740 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:16:10] New process found: Process Name - LogonUI.exe Process ID - 2460 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:16:10] New process found: Process Name - dwm.exe Process ID - 15032 Process Identity - Window Manager\DWM-4 [11-07-2023 22:16:19] Process Exited: Process Name - LogonUI.exe Process ID - 2460 [11-07-2023 22:16:19] Process Exited: Process Name - csrss.exe Process ID - 9696 [11-07-2023 22:16:19] Process Exited: Process Name - winlogon.exe Process ID - 9740 [11-07-2023 22:16:19] Process Exited: Process Name - dwm.exe Process ID - 15032 [11-07-2023 22:16:22] New process found: Process Name - csrss.exe Process ID - 6556 Process Identity - SYSTEM [11-07-2023 22:16:22] New process found: Process Name - winlogon.exe Process ID - 13596 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:16:22] New process found: Process Name - LogonUI.exe Process ID - 8256 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:16:22] New process found: Process Name - dwm.exe Process ID - 7304 Process Identity - Window Manager\DWM-4 [11-07-2023 22:16:30] New process found: Process Name - w3wp.exe Process ID - 13608 Process Identity - KSHITIJSINGHAL-\IWPD_69(acwits) Web application pool name - imarc.acwits.in(domain)(4.0)(pool) [11-07-2023 22:16:30] New process found: Process Name - conhost.exe Process ID - 11504 Process Identity - KSHITIJSINGHAL-\IWPD_69(acwits) [11-07-2023 22:16:32] New process found: Process Name - w3wp.exe Process ID - 12180 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [11-07-2023 22:16:32] Process Exited: Process Name - w3wp.exe Process ID - 8624 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [11-07-2023 22:16:35] Process Exited: Process Name - csrss.exe Process ID - 6556 [11-07-2023 22:16:35] Process Exited: Process Name - dwm.exe Process ID - 7304 [11-07-2023 22:16:35] Process Exited: Process Name - LogonUI.exe Process ID - 8256 [11-07-2023 22:16:35] Process Exited: Process Name - winlogon.exe Process ID - 13596 [11-07-2023 22:16:41] New process found: Process Name - csrss.exe Process ID - 11068 Process Identity - SYSTEM [11-07-2023 22:16:41] New process found: Process Name - winlogon.exe Process ID - 11548 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:16:42] New process found: Process Name - LogonUI.exe Process ID - 13224 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:16:42] New process found: Process Name - dwm.exe Process ID - 8552 Process Identity - Window Manager\DWM-4 [11-07-2023 22:16:50] Process Exited: Process Name - dwm.exe Process ID - 8552 [11-07-2023 22:16:50] Process Exited: Process Name - csrss.exe Process ID - 11068 [11-07-2023 22:16:50] Process Exited: Process Name - winlogon.exe Process ID - 11548 [11-07-2023 22:16:50] Process Exited: Process Name - LogonUI.exe Process ID - 13224 [11-07-2023 22:16:51] New process found: Process Name - smss.exe Process ID - 14396 Process Identity - SYSTEM [11-07-2023 22:16:51] New process found: Process Name - csrss.exe Process ID - 9632 Process Identity - SYSTEM [11-07-2023 22:16:52] New process found: Process Name - winlogon.exe Process ID - 13712 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:16:52] New process found: Process Name - LogonUI.exe Process ID - 4416 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:16:52] New process found: Process Name - dwm.exe Process ID - 15940 Process Identity - Window Manager\DWM-4 [11-07-2023 22:16:52] Process Exited: Process Name - smss.exe Process ID - 14396 [11-07-2023 22:17:05] Process Exited: Process Name - LogonUI.exe Process ID - 4416 [11-07-2023 22:17:05] Process Exited: Process Name - csrss.exe Process ID - 9632 [11-07-2023 22:17:05] Process Exited: Process Name - winlogon.exe Process ID - 13712 [11-07-2023 22:17:05] Process Exited: Process Name - dwm.exe Process ID - 15940 [11-07-2023 22:17:06] New process found: Process Name - csrss.exe Process ID - 12788 Process Identity - SYSTEM [11-07-2023 22:17:06] New process found: Process Name - winlogon.exe Process ID - 1360 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:17:08] New process found: Process Name - LogonUI.exe Process ID - 5480 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:17:08] New process found: Process Name - dwm.exe Process ID - 10804 Process Identity - Window Manager\DWM-4 [11-07-2023 22:17:20] Process Exited: Process Name - winlogon.exe Process ID - 1360 [11-07-2023 22:17:20] Process Exited: Process Name - LogonUI.exe Process ID - 5480 [11-07-2023 22:17:20] Process Exited: Process Name - dwm.exe Process ID - 10804 [11-07-2023 22:17:20] Process Exited: Process Name - csrss.exe Process ID - 12788 [11-07-2023 22:17:22] New process found: Process Name - csrss.exe Process ID - 9724 Process Identity - SYSTEM [11-07-2023 22:17:22] New process found: Process Name - winlogon.exe Process ID - 14588 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:17:23] New process found: Process Name - LogonUI.exe Process ID - 15596 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:17:23] New process found: Process Name - dwm.exe Process ID - 8492 Process Identity - Window Manager\DWM-4 [11-07-2023 22:17:34] New process found: Process Name - SearchProtocolHost.exe Process ID - 8568 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:17:34] New process found: Process Name - SearchFilterHost.exe Process ID - 8772 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:17:35] Process Exited: Process Name - dwm.exe Process ID - 8492 [11-07-2023 22:17:35] Process Exited: Process Name - csrss.exe Process ID - 9724 [11-07-2023 22:17:35] Process Exited: Process Name - winlogon.exe Process ID - 14588 [11-07-2023 22:17:35] Process Exited: Process Name - LogonUI.exe Process ID - 15596 [11-07-2023 22:17:37] New process found: Process Name - csrss.exe Process ID - 12908 Process Identity - SYSTEM [11-07-2023 22:17:37] New process found: Process Name - winlogon.exe Process ID - 12112 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:17:38] New process found: Process Name - LogonUI.exe Process ID - 2564 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:17:38] New process found: Process Name - dwm.exe Process ID - 11844 Process Identity - Window Manager\DWM-4 [11-07-2023 22:17:50] Process Exited: Process Name - LogonUI.exe Process ID - 2564 [11-07-2023 22:17:50] Process Exited: Process Name - dwm.exe Process ID - 11844 [11-07-2023 22:17:50] Process Exited: Process Name - winlogon.exe Process ID - 12112 [11-07-2023 22:17:50] Process Exited: Process Name - csrss.exe Process ID - 12908 [11-07-2023 22:17:51] New process found: Process Name - csrss.exe Process ID - 10288 Process Identity - SYSTEM [11-07-2023 22:17:51] New process found: Process Name - winlogon.exe Process ID - 7104 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:17:52] New process found: Process Name - LogonUI.exe Process ID - 12968 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:17:52] New process found: Process Name - dwm.exe Process ID - 7880 Process Identity - Window Manager\DWM-4 [11-07-2023 22:18:05] Process Exited: Process Name - winlogon.exe Process ID - 7104 [11-07-2023 22:18:05] Process Exited: Process Name - dwm.exe Process ID - 7880 [11-07-2023 22:18:05] Process Exited: Process Name - csrss.exe Process ID - 10288 [11-07-2023 22:18:05] Process Exited: Process Name - LogonUI.exe Process ID - 12968 [11-07-2023 22:18:06] New process found: Process Name - csrss.exe Process ID - 14672 Process Identity - SYSTEM [11-07-2023 22:18:06] New process found: Process Name - winlogon.exe Process ID - 12604 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:18:08] New process found: Process Name - LogonUI.exe Process ID - 10884 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:18:08] New process found: Process Name - dwm.exe Process ID - 6304 Process Identity - Window Manager\DWM-4 [11-07-2023 22:18:20] Process Exited: Process Name - dwm.exe Process ID - 6304 [11-07-2023 22:18:20] Process Exited: Process Name - LogonUI.exe Process ID - 10884 [11-07-2023 22:18:20] Process Exited: Process Name - winlogon.exe Process ID - 12604 [11-07-2023 22:18:20] Process Exited: Process Name - csrss.exe Process ID - 14672 [11-07-2023 22:18:23] New process found: Process Name - csrss.exe Process ID - 10980 Process Identity - SYSTEM [11-07-2023 22:18:23] New process found: Process Name - winlogon.exe Process ID - 12452 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:18:24] New process found: Process Name - LogonUI.exe Process ID - 10644 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:18:24] New process found: Process Name - dwm.exe Process ID - 1948 Process Identity - Window Manager\DWM-4 [11-07-2023 22:18:35] Process Exited: Process Name - dwm.exe Process ID - 1948 [11-07-2023 22:18:35] Process Exited: Process Name - LogonUI.exe Process ID - 10644 [11-07-2023 22:18:35] Process Exited: Process Name - csrss.exe Process ID - 10980 [11-07-2023 22:18:35] Process Exited: Process Name - winlogon.exe Process ID - 12452 [11-07-2023 22:18:36] New process found: Process Name - csrss.exe Process ID - 2552 Process Identity - SYSTEM [11-07-2023 22:18:36] New process found: Process Name - winlogon.exe Process ID - 15756 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:18:37] New process found: Process Name - LogonUI.exe Process ID - 11336 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:18:37] New process found: Process Name - dwm.exe Process ID - 5792 Process Identity - Window Manager\DWM-4 [11-07-2023 22:18:47] Process Exited: Process Name - SearchProtocolHost.exe Process ID - 8568 [11-07-2023 22:18:47] Process Exited: Process Name - SearchFilterHost.exe Process ID - 8772 [11-07-2023 22:18:50] Process Exited: Process Name - csrss.exe Process ID - 2552 [11-07-2023 22:18:50] Process Exited: Process Name - dwm.exe Process ID - 5792 [11-07-2023 22:18:50] Process Exited: Process Name - LogonUI.exe Process ID - 11336 [11-07-2023 22:18:50] Process Exited: Process Name - winlogon.exe Process ID - 15756 [11-07-2023 22:18:51] New process found: Process Name - csrss.exe Process ID - 9068 Process Identity - SYSTEM [11-07-2023 22:18:51] New process found: Process Name - winlogon.exe Process ID - 11492 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:18:52] New process found: Process Name - LogonUI.exe Process ID - 1272 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:18:52] New process found: Process Name - dwm.exe Process ID - 13824 Process Identity - Window Manager\DWM-4 [11-07-2023 22:18:54] New process found: Process Name - WmiPrvSE.exe Process ID - 14880 Process Identity - NT AUTHORITY\LOCAL SERVICE [11-07-2023 22:18:54] New process found: Process Name - w3wp.exe Process ID - 13596 Process Identity - KSHITIJSINGHAL-\IWPD_33(acwits) Web application pool name - procurementwebnew.acwits.in(domain)(4.0)(pool) [11-07-2023 22:18:54] New process found: Process Name - where.exe Process ID - 14028 Process Identity - KSHITIJSINGHAL-\IWPD_33(acwits) [11-07-2023 22:18:54] New process found: Process Name - conhost.exe Process ID - 11856 Process Identity - KSHITIJSINGHAL-\IWPD_33(acwits) [11-07-2023 22:18:55] New process found: Process Name - conhost.exe Process ID - 14604 Process Identity - KSHITIJSINGHAL-\IWPD_33(acwits) [11-07-2023 22:18:55] Process Exited: Process Name - conhost.exe Process ID - 11856 [11-07-2023 22:18:55] Process Exited: Process Name - where.exe Process ID - 14028 [11-07-2023 22:19:01] New process found: Process Name - WmiPrvSE.exe Process ID - 10676 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:19:05] Process Exited: Process Name - LogonUI.exe Process ID - 1272 [11-07-2023 22:19:05] Process Exited: Process Name - csrss.exe Process ID - 9068 [11-07-2023 22:19:05] Process Exited: Process Name - winlogon.exe Process ID - 11492 [11-07-2023 22:19:05] Process Exited: Process Name - dwm.exe Process ID - 13824 [11-07-2023 22:19:06] New process found: Process Name - csrss.exe Process ID - 15832 Process Identity - SYSTEM [11-07-2023 22:19:06] New process found: Process Name - winlogon.exe Process ID - 14876 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:19:07] New process found: Process Name - LogonUI.exe Process ID - 15364 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:19:07] New process found: Process Name - dwm.exe Process ID - 7360 Process Identity - Window Manager\DWM-4 [11-07-2023 22:19:09] New process found: Process Name - w3wp.exe Process ID - 2488 Process Identity - KSHITIJSINGHAL-\IWPD_6(cies) Web application pool name - cies.org.in(domain)(4.0)(pool) [11-07-2023 22:19:20] Process Exited: Process Name - dwm.exe Process ID - 7360 [11-07-2023 22:19:20] Process Exited: Process Name - winlogon.exe Process ID - 14876 [11-07-2023 22:19:20] Process Exited: Process Name - LogonUI.exe Process ID - 15364 [11-07-2023 22:19:20] Process Exited: Process Name - csrss.exe Process ID - 15832 [11-07-2023 22:19:21] New process found: Process Name - csrss.exe Process ID - 16188 Process Identity - SYSTEM [11-07-2023 22:19:21] New process found: Process Name - winlogon.exe Process ID - 5480 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:19:22] New process found: Process Name - LogonUI.exe Process ID - 1548 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:19:22] New process found: Process Name - dwm.exe Process ID - 12780 Process Identity - Window Manager\DWM-4 [11-07-2023 22:19:35] Process Exited: Process Name - LogonUI.exe Process ID - 1548 [11-07-2023 22:19:35] Process Exited: Process Name - winlogon.exe Process ID - 5480 [11-07-2023 22:19:35] Process Exited: Process Name - dwm.exe Process ID - 12780 [11-07-2023 22:19:35] Process Exited: Process Name - csrss.exe Process ID - 16188 [11-07-2023 22:19:39] New process found: Process Name - csrss.exe Process ID - 10172 Process Identity - SYSTEM [11-07-2023 22:19:39] New process found: Process Name - winlogon.exe Process ID - 1760 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:19:40] New process found: Process Name - LogonUI.exe Process ID - 8832 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:19:40] New process found: Process Name - dwm.exe Process ID - 11704 Process Identity - Window Manager\DWM-4 [11-07-2023 22:19:50] Process Exited: Process Name - winlogon.exe Process ID - 1760 [11-07-2023 22:19:50] Process Exited: Process Name - LogonUI.exe Process ID - 8832 [11-07-2023 22:19:50] Process Exited: Process Name - csrss.exe Process ID - 10172 [11-07-2023 22:19:50] Process Exited: Process Name - dwm.exe Process ID - 11704 [11-07-2023 22:19:51] New process found: Process Name - smss.exe Process ID - 15868 Process Identity - SYSTEM [11-07-2023 22:19:51] New process found: Process Name - csrss.exe Process ID - 14452 Process Identity - SYSTEM [11-07-2023 22:19:52] New process found: Process Name - winlogon.exe Process ID - 13900 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:19:52] Process Exited: Process Name - smss.exe Process ID - 15868 [11-07-2023 22:19:53] New process found: Process Name - LogonUI.exe Process ID - 5404 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:19:53] New process found: Process Name - dwm.exe Process ID - 2232 Process Identity - Window Manager\DWM-4 [11-07-2023 22:20:05] Process Exited: Process Name - dwm.exe Process ID - 2232 [11-07-2023 22:20:05] Process Exited: Process Name - LogonUI.exe Process ID - 5404 [11-07-2023 22:20:05] Process Exited: Process Name - winlogon.exe Process ID - 13900 [11-07-2023 22:20:05] Process Exited: Process Name - csrss.exe Process ID - 14452 [11-07-2023 22:20:07] New process found: Process Name - csrss.exe Process ID - 8704 Process Identity - SYSTEM [11-07-2023 22:20:07] New process found: Process Name - winlogon.exe Process ID - 5544 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:20:07] New process found: Process Name - LogonUI.exe Process ID - 9308 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:20:07] New process found: Process Name - dwm.exe Process ID - 12308 Process Identity - Window Manager\DWM-4 [11-07-2023 22:20:20] Process Exited: Process Name - winlogon.exe Process ID - 5544 [11-07-2023 22:20:20] Process Exited: Process Name - csrss.exe Process ID - 8704 [11-07-2023 22:20:20] Process Exited: Process Name - LogonUI.exe Process ID - 9308 [11-07-2023 22:20:20] Process Exited: Process Name - dwm.exe Process ID - 12308 [11-07-2023 22:20:23] New process found: Process Name - csrss.exe Process ID - 8728 Process Identity - SYSTEM [11-07-2023 22:20:23] New process found: Process Name - winlogon.exe Process ID - 11300 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:20:23] New process found: Process Name - LogonUI.exe Process ID - 8252 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:20:23] New process found: Process Name - dwm.exe Process ID - 2372 Process Identity - Window Manager\DWM-4 [11-07-2023 22:20:24] Process Exited: Process Name - WmiPrvSE.exe Process ID - 10676 [11-07-2023 22:20:24] Process Exited: Process Name - WmiPrvSE.exe Process ID - 14880 [11-07-2023 22:20:35] Process Exited: Process Name - dwm.exe Process ID - 2372 [11-07-2023 22:20:35] Process Exited: Process Name - LogonUI.exe Process ID - 8252 [11-07-2023 22:20:35] Process Exited: Process Name - csrss.exe Process ID - 8728 [11-07-2023 22:20:35] Process Exited: Process Name - winlogon.exe Process ID - 11300 [11-07-2023 22:20:37] New process found: Process Name - csrss.exe Process ID - 15404 Process Identity - SYSTEM [11-07-2023 22:20:37] New process found: Process Name - winlogon.exe Process ID - 9992 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:20:38] New process found: Process Name - LogonUI.exe Process ID - 7660 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:20:38] New process found: Process Name - dwm.exe Process ID - 9160 Process Identity - Window Manager\DWM-4 [11-07-2023 22:20:50] Process Exited: Process Name - LogonUI.exe Process ID - 7660 [11-07-2023 22:20:50] Process Exited: Process Name - dwm.exe Process ID - 9160 [11-07-2023 22:20:50] Process Exited: Process Name - winlogon.exe Process ID - 9992 [11-07-2023 22:20:50] Process Exited: Process Name - csrss.exe Process ID - 15404 [11-07-2023 22:20:51] New process found: Process Name - csrss.exe Process ID - 14536 Process Identity - SYSTEM [11-07-2023 22:20:51] New process found: Process Name - winlogon.exe Process ID - 14412 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:20:52] New process found: Process Name - LogonUI.exe Process ID - 4372 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:20:52] New process found: Process Name - dwm.exe Process ID - 8844 Process Identity - Window Manager\DWM-4 [11-07-2023 22:21:05] Process Exited: Process Name - LogonUI.exe Process ID - 4372 [11-07-2023 22:21:05] Process Exited: Process Name - dwm.exe Process ID - 8844 [11-07-2023 22:21:05] Process Exited: Process Name - winlogon.exe Process ID - 14412 [11-07-2023 22:21:05] Process Exited: Process Name - csrss.exe Process ID - 14536 [11-07-2023 22:21:07] New process found: Process Name - csrss.exe Process ID - 7436 Process Identity - SYSTEM [11-07-2023 22:21:07] New process found: Process Name - winlogon.exe Process ID - 9256 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:21:08] New process found: Process Name - LogonUI.exe Process ID - 15320 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:21:08] New process found: Process Name - dwm.exe Process ID - 8952 Process Identity - Window Manager\DWM-4 [11-07-2023 22:21:20] Process Exited: Process Name - csrss.exe Process ID - 7436 [11-07-2023 22:21:20] Process Exited: Process Name - dwm.exe Process ID - 8952 [11-07-2023 22:21:20] Process Exited: Process Name - winlogon.exe Process ID - 9256 [11-07-2023 22:21:20] Process Exited: Process Name - LogonUI.exe Process ID - 15320 [11-07-2023 22:21:22] New process found: Process Name - csrss.exe Process ID - 15504 Process Identity - SYSTEM [11-07-2023 22:21:22] New process found: Process Name - winlogon.exe Process ID - 1044 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:21:22] New process found: Process Name - LogonUI.exe Process ID - 12340 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:21:22] New process found: Process Name - dwm.exe Process ID - 14156 Process Identity - Window Manager\DWM-4 [11-07-2023 22:21:24] Process Exited: Process Name - w3wp.exe Process ID - 10368 Web application pool name - adminmain.acwits.in(domain)(4.0)(pool) [11-07-2023 22:21:24] Process Exited: Process Name - conhost.exe Process ID - 11800 [11-07-2023 22:21:33] New process found: Process Name - w3wp.exe Process ID - 15528 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [11-07-2023 22:21:33] Process Exited: Process Name - w3wp.exe Process ID - 12180 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [11-07-2023 22:21:35] Process Exited: Process Name - winlogon.exe Process ID - 1044 [11-07-2023 22:21:35] Process Exited: Process Name - LogonUI.exe Process ID - 12340 [11-07-2023 22:21:35] Process Exited: Process Name - dwm.exe Process ID - 14156 [11-07-2023 22:21:35] Process Exited: Process Name - csrss.exe Process ID - 15504 [11-07-2023 22:21:37] New process found: Process Name - csrss.exe Process ID - 16188 Process Identity - SYSTEM [11-07-2023 22:21:37] New process found: Process Name - winlogon.exe Process ID - 11520 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:21:38] New process found: Process Name - LogonUI.exe Process ID - 10964 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:21:38] New process found: Process Name - dwm.exe Process ID - 14272 Process Identity - Window Manager\DWM-4 [11-07-2023 22:21:52] Process Exited: Process Name - LogonUI.exe Process ID - 10964 [11-07-2023 22:21:52] Process Exited: Process Name - winlogon.exe Process ID - 11520 [11-07-2023 22:21:52] Process Exited: Process Name - dwm.exe Process ID - 14272 [11-07-2023 22:21:52] Process Exited: Process Name - csrss.exe Process ID - 16188 [11-07-2023 22:21:54] New process found: Process Name - csrss.exe Process ID - 15176 Process Identity - SYSTEM [11-07-2023 22:21:54] New process found: Process Name - winlogon.exe Process ID - 12420 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:21:55] New process found: Process Name - LogonUI.exe Process ID - 2676 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:21:55] New process found: Process Name - dwm.exe Process ID - 8928 Process Identity - Window Manager\DWM-4 [11-07-2023 22:21:55] New process found: Process Name - w3wp.exe Process ID - 10396 Process Identity - KSHITIJSINGHAL-\IWPD_50(acwits) Web application pool name - adminmain.acwits.in(domain)(4.0)(pool) [11-07-2023 22:21:56] New process found: Process Name - conhost.exe Process ID - 14904 Process Identity - KSHITIJSINGHAL-\IWPD_50(acwits) [11-07-2023 22:22:07] Process Exited: Process Name - LogonUI.exe Process ID - 2676 [11-07-2023 22:22:07] Process Exited: Process Name - dwm.exe Process ID - 8928 [11-07-2023 22:22:07] Process Exited: Process Name - winlogon.exe Process ID - 12420 [11-07-2023 22:22:07] Process Exited: Process Name - csrss.exe Process ID - 15176 [11-07-2023 22:22:08] New process found: Process Name - csrss.exe Process ID - 15132 Process Identity - SYSTEM [11-07-2023 22:22:08] New process found: Process Name - winlogon.exe Process ID - 7804 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:22:08] Process Exited: Process Name - w3wp.exe Process ID - 15820 Web application pool name - capitalbooks-publishing.com(domain)(4.0)(pool) [11-07-2023 22:22:10] New process found: Process Name - LogonUI.exe Process ID - 1556 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:22:10] New process found: Process Name - dwm.exe Process ID - 9308 Process Identity - Window Manager\DWM-4 [11-07-2023 22:22:23] Process Exited: Process Name - LogonUI.exe Process ID - 1556 [11-07-2023 22:22:23] Process Exited: Process Name - winlogon.exe Process ID - 7804 [11-07-2023 22:22:23] Process Exited: Process Name - dwm.exe Process ID - 9308 [11-07-2023 22:22:23] Process Exited: Process Name - csrss.exe Process ID - 15132 [11-07-2023 22:22:26] New process found: Process Name - csrss.exe Process ID - 11676 Process Identity - SYSTEM [11-07-2023 22:22:26] New process found: Process Name - winlogon.exe Process ID - 10796 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:22:28] New process found: Process Name - LogonUI.exe Process ID - 15276 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:22:28] New process found: Process Name - dwm.exe Process ID - 9904 Process Identity - Window Manager\DWM-4 [11-07-2023 22:22:32] Process Exited: Process Name - conhost.exe Process ID - 11504 [11-07-2023 22:22:32] Process Exited: Process Name - w3wp.exe Process ID - 13608 Web application pool name - imarc.acwits.in(domain)(4.0)(pool) [11-07-2023 22:22:38] Process Exited: Process Name - dwm.exe Process ID - 9904 [11-07-2023 22:22:38] Process Exited: Process Name - winlogon.exe Process ID - 10796 [11-07-2023 22:22:38] Process Exited: Process Name - csrss.exe Process ID - 11676 [11-07-2023 22:22:38] Process Exited: Process Name - LogonUI.exe Process ID - 15276 [11-07-2023 22:22:40] New process found: Process Name - csrss.exe Process ID - 2584 Process Identity - SYSTEM [11-07-2023 22:22:40] New process found: Process Name - winlogon.exe Process ID - 888 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:22:41] New process found: Process Name - LogonUI.exe Process ID - 12704 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:22:41] New process found: Process Name - dwm.exe Process ID - 7140 Process Identity - Window Manager\DWM-4 [11-07-2023 22:22:53] Process Exited: Process Name - winlogon.exe Process ID - 888 [11-07-2023 22:22:53] Process Exited: Process Name - csrss.exe Process ID - 2584 [11-07-2023 22:22:53] Process Exited: Process Name - dwm.exe Process ID - 7140 [11-07-2023 22:22:53] Process Exited: Process Name - LogonUI.exe Process ID - 12704 [11-07-2023 22:22:55] New process found: Process Name - csrss.exe Process ID - 9712 Process Identity - SYSTEM [11-07-2023 22:22:55] New process found: Process Name - winlogon.exe Process ID - 5176 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:22:57] New process found: Process Name - LogonUI.exe Process ID - 7268 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:22:57] New process found: Process Name - dwm.exe Process ID - 12388 Process Identity - Window Manager\DWM-4 [11-07-2023 22:23:08] Process Exited: Process Name - winlogon.exe Process ID - 5176 [11-07-2023 22:23:08] Process Exited: Process Name - LogonUI.exe Process ID - 7268 [11-07-2023 22:23:08] Process Exited: Process Name - csrss.exe Process ID - 9712 [11-07-2023 22:23:08] Process Exited: Process Name - dwm.exe Process ID - 12388 [11-07-2023 22:23:12] New process found: Process Name - csrss.exe Process ID - 10720 Process Identity - SYSTEM [11-07-2023 22:23:12] New process found: Process Name - winlogon.exe Process ID - 11832 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:23:13] New process found: Process Name - LogonUI.exe Process ID - 15372 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:23:13] New process found: Process Name - dwm.exe Process ID - 12064 Process Identity - Window Manager\DWM-4 [11-07-2023 22:23:23] Process Exited: Process Name - csrss.exe Process ID - 10720 [11-07-2023 22:23:23] Process Exited: Process Name - winlogon.exe Process ID - 11832 [11-07-2023 22:23:23] Process Exited: Process Name - dwm.exe Process ID - 12064 [11-07-2023 22:23:23] Process Exited: Process Name - LogonUI.exe Process ID - 15372 [11-07-2023 22:23:25] New process found: Process Name - csrss.exe Process ID - 10228 Process Identity - SYSTEM [11-07-2023 22:23:25] New process found: Process Name - winlogon.exe Process ID - 15472 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:23:26] New process found: Process Name - LogonUI.exe Process ID - 12036 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:23:26] New process found: Process Name - dwm.exe Process ID - 14508 Process Identity - Window Manager\DWM-4 [11-07-2023 22:23:38] Process Exited: Process Name - csrss.exe Process ID - 10228 [11-07-2023 22:23:38] Process Exited: Process Name - LogonUI.exe Process ID - 12036 [11-07-2023 22:23:38] Process Exited: Process Name - dwm.exe Process ID - 14508 [11-07-2023 22:23:38] Process Exited: Process Name - winlogon.exe Process ID - 15472 [11-07-2023 22:23:40] New process found: Process Name - csrss.exe Process ID - 16268 Process Identity - SYSTEM [11-07-2023 22:23:40] New process found: Process Name - winlogon.exe Process ID - 14676 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:23:41] New process found: Process Name - LogonUI.exe Process ID - 14116 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:23:41] New process found: Process Name - dwm.exe Process ID - 10456 Process Identity - Window Manager\DWM-4 [11-07-2023 22:23:54] Process Exited: Process Name - dwm.exe Process ID - 10456 [11-07-2023 22:23:54] Process Exited: Process Name - LogonUI.exe Process ID - 14116 [11-07-2023 22:23:54] Process Exited: Process Name - winlogon.exe Process ID - 14676 [11-07-2023 22:23:54] Process Exited: Process Name - csrss.exe Process ID - 16268 [11-07-2023 22:23:55] New process found: Process Name - csrss.exe Process ID - 13904 Process Identity - SYSTEM [11-07-2023 22:23:55] New process found: Process Name - winlogon.exe Process ID - 7336 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:23:56] New process found: Process Name - LogonUI.exe Process ID - 11916 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:23:56] New process found: Process Name - dwm.exe Process ID - 6732 Process Identity - Window Manager\DWM-4 [11-07-2023 22:24:09] Process Exited: Process Name - dwm.exe Process ID - 6732 [11-07-2023 22:24:09] Process Exited: Process Name - winlogon.exe Process ID - 7336 [11-07-2023 22:24:09] Process Exited: Process Name - LogonUI.exe Process ID - 11916 [11-07-2023 22:24:09] Process Exited: Process Name - csrss.exe Process ID - 13904 [11-07-2023 22:24:13] New process found: Process Name - smss.exe Process ID - 11988 Process Identity - SYSTEM [11-07-2023 22:24:13] New process found: Process Name - csrss.exe Process ID - 14220 Process Identity - SYSTEM [11-07-2023 22:24:14] New process found: Process Name - winlogon.exe Process ID - 13204 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:24:14] New process found: Process Name - LogonUI.exe Process ID - 11552 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:24:14] New process found: Process Name - dwm.exe Process ID - 12140 Process Identity - Window Manager\DWM-4 [11-07-2023 22:24:14] Process Exited: Process Name - smss.exe Process ID - 11988 [11-07-2023 22:24:24] Process Exited: Process Name - LogonUI.exe Process ID - 11552 [11-07-2023 22:24:24] Process Exited: Process Name - dwm.exe Process ID - 12140 [11-07-2023 22:24:24] Process Exited: Process Name - winlogon.exe Process ID - 13204 [11-07-2023 22:24:24] Process Exited: Process Name - csrss.exe Process ID - 14220 [11-07-2023 22:24:25] New process found: Process Name - csrss.exe Process ID - 12408 Process Identity - SYSTEM [11-07-2023 22:24:25] New process found: Process Name - winlogon.exe Process ID - 10248 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:24:26] New process found: Process Name - LogonUI.exe Process ID - 12792 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:24:26] New process found: Process Name - dwm.exe Process ID - 10644 Process Identity - Window Manager\DWM-4 [11-07-2023 22:24:39] Process Exited: Process Name - winlogon.exe Process ID - 10248 [11-07-2023 22:24:39] Process Exited: Process Name - dwm.exe Process ID - 10644 [11-07-2023 22:24:39] Process Exited: Process Name - csrss.exe Process ID - 12408 [11-07-2023 22:24:39] Process Exited: Process Name - LogonUI.exe Process ID - 12792 [11-07-2023 22:24:42] New process found: Process Name - csrss.exe Process ID - 11660 Process Identity - SYSTEM [11-07-2023 22:24:42] New process found: Process Name - winlogon.exe Process ID - 10992 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:24:43] New process found: Process Name - LogonUI.exe Process ID - 11336 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:24:43] New process found: Process Name - dwm.exe Process ID - 15896 Process Identity - Window Manager\DWM-4 [11-07-2023 22:24:54] Process Exited: Process Name - winlogon.exe Process ID - 10992 [11-07-2023 22:24:54] Process Exited: Process Name - LogonUI.exe Process ID - 11336 [11-07-2023 22:24:54] Process Exited: Process Name - csrss.exe Process ID - 11660 [11-07-2023 22:24:54] Process Exited: Process Name - dwm.exe Process ID - 15896 [11-07-2023 22:24:57] New process found: Process Name - csrss.exe Process ID - 8652 Process Identity - SYSTEM [11-07-2023 22:24:57] New process found: Process Name - winlogon.exe Process ID - 13808 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:24:57] New process found: Process Name - LogonUI.exe Process ID - 13816 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:24:57] New process found: Process Name - dwm.exe Process ID - 12964 Process Identity - Window Manager\DWM-4 [11-07-2023 22:24:57] Process Exited: Process Name - w3wp.exe Process ID - 13596 Web application pool name - procurementwebnew.acwits.in(domain)(4.0)(pool) [11-07-2023 22:24:57] Process Exited: Process Name - conhost.exe Process ID - 14604 [11-07-2023 22:25:09] Process Exited: Process Name - csrss.exe Process ID - 8652 [11-07-2023 22:25:09] Process Exited: Process Name - dwm.exe Process ID - 12964 [11-07-2023 22:25:09] Process Exited: Process Name - winlogon.exe Process ID - 13808 [11-07-2023 22:25:09] Process Exited: Process Name - LogonUI.exe Process ID - 13816 [11-07-2023 22:25:10] New process found: Process Name - csrss.exe Process ID - 12884 Process Identity - SYSTEM [11-07-2023 22:25:10] New process found: Process Name - winlogon.exe Process ID - 12740 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:25:11] Process Exited: Process Name - w3wp.exe Process ID - 2488 Web application pool name - cies.org.in(domain)(4.0)(pool) [11-07-2023 22:25:12] New process found: Process Name - LogonUI.exe Process ID - 7660 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:25:12] New process found: Process Name - dwm.exe Process ID - 9456 Process Identity - Window Manager\DWM-4 [11-07-2023 22:25:21] New process found: Process Name - w3wp.exe Process ID - 14280 Process Identity - KSHITIJSINGHAL-\IWPD_69(acwits) Web application pool name - imarc.acwits.in(domain)(4.0)(pool) [11-07-2023 22:25:22] New process found: Process Name - conhost.exe Process ID - 10828 Process Identity - KSHITIJSINGHAL-\IWPD_69(acwits) [11-07-2023 22:25:24] Process Exited: Process Name - LogonUI.exe Process ID - 7660 [11-07-2023 22:25:24] Process Exited: Process Name - dwm.exe Process ID - 9456 [11-07-2023 22:25:24] Process Exited: Process Name - winlogon.exe Process ID - 12740 [11-07-2023 22:25:25] Process Exited: Process Name - csrss.exe Process ID - 12884 [11-07-2023 22:25:27] New process found: Process Name - csrss.exe Process ID - 14396 Process Identity - SYSTEM [11-07-2023 22:25:27] New process found: Process Name - winlogon.exe Process ID - 14832 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:25:28] New process found: Process Name - LogonUI.exe Process ID - 7136 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:25:28] New process found: Process Name - dwm.exe Process ID - 11992 Process Identity - Window Manager\DWM-4 [11-07-2023 22:25:39] Process Exited: Process Name - LogonUI.exe Process ID - 7136 [11-07-2023 22:25:39] Process Exited: Process Name - dwm.exe Process ID - 11992 [11-07-2023 22:25:39] Process Exited: Process Name - winlogon.exe Process ID - 14832 [11-07-2023 22:25:40] Process Exited: Process Name - csrss.exe Process ID - 14396 [11-07-2023 22:25:44] New process found: Process Name - csrss.exe Process ID - 12360 Process Identity - SYSTEM [11-07-2023 22:25:44] New process found: Process Name - winlogon.exe Process ID - 2916 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:25:44] New process found: Process Name - LogonUI.exe Process ID - 15248 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:25:44] New process found: Process Name - dwm.exe Process ID - 11944 Process Identity - Window Manager\DWM-4 [11-07-2023 22:25:55] Process Exited: Process Name - winlogon.exe Process ID - 2916 [11-07-2023 22:25:55] Process Exited: Process Name - dwm.exe Process ID - 11944 [11-07-2023 22:25:55] Process Exited: Process Name - csrss.exe Process ID - 12360 [11-07-2023 22:25:55] Process Exited: Process Name - LogonUI.exe Process ID - 15248 [11-07-2023 22:25:59] New process found: Process Name - csrss.exe Process ID - 12788 Process Identity - SYSTEM [11-07-2023 22:25:59] New process found: Process Name - winlogon.exe Process ID - 2092 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:25:59] New process found: Process Name - LogonUI.exe Process ID - 7772 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:25:59] New process found: Process Name - dwm.exe Process ID - 12052 Process Identity - Window Manager\DWM-4 [11-07-2023 22:26:11] Process Exited: Process Name - winlogon.exe Process ID - 2092 [11-07-2023 22:26:11] Process Exited: Process Name - LogonUI.exe Process ID - 7772 [11-07-2023 22:26:11] Process Exited: Process Name - dwm.exe Process ID - 12052 [11-07-2023 22:26:11] Process Exited: Process Name - csrss.exe Process ID - 12788 [11-07-2023 22:26:16] New process found: Process Name - csrss.exe Process ID - 16156 Process Identity - SYSTEM [11-07-2023 22:26:16] New process found: Process Name - winlogon.exe Process ID - 11248 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:26:16] New process found: Process Name - LogonUI.exe Process ID - 14364 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:26:16] New process found: Process Name - dwm.exe Process ID - 2360 Process Identity - Window Manager\DWM-4 [11-07-2023 22:26:26] Process Exited: Process Name - dwm.exe Process ID - 2360 [11-07-2023 22:26:26] Process Exited: Process Name - winlogon.exe Process ID - 11248 [11-07-2023 22:26:26] Process Exited: Process Name - LogonUI.exe Process ID - 14364 [11-07-2023 22:26:26] Process Exited: Process Name - csrss.exe Process ID - 16156 [11-07-2023 22:26:28] New process found: Process Name - csrss.exe Process ID - 4328 Process Identity - SYSTEM [11-07-2023 22:26:28] New process found: Process Name - winlogon.exe Process ID - 7336 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:26:30] New process found: Process Name - LogonUI.exe Process ID - 8916 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:26:30] New process found: Process Name - dwm.exe Process ID - 7096 Process Identity - Window Manager\DWM-4 [11-07-2023 22:26:34] New process found: Process Name - w3wp.exe Process ID - 12140 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [11-07-2023 22:26:34] Process Exited: Process Name - w3wp.exe Process ID - 15528 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [11-07-2023 22:26:41] Process Exited: Process Name - csrss.exe Process ID - 4328 [11-07-2023 22:26:41] Process Exited: Process Name - dwm.exe Process ID - 7096 [11-07-2023 22:26:41] Process Exited: Process Name - winlogon.exe Process ID - 7336 [11-07-2023 22:26:41] Process Exited: Process Name - LogonUI.exe Process ID - 8916 [11-07-2023 22:26:43] New process found: Process Name - smss.exe Process ID - 4128 Process Identity - SYSTEM [11-07-2023 22:26:43] New process found: Process Name - csrss.exe Process ID - 11812 Process Identity - SYSTEM [11-07-2023 22:26:44] New process found: Process Name - winlogon.exe Process ID - 5772 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:26:44] Process Exited: Process Name - smss.exe Process ID - 4128 [11-07-2023 22:26:46] New process found: Process Name - LogonUI.exe Process ID - 8668 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:26:46] New process found: Process Name - dwm.exe Process ID - 11984 Process Identity - Window Manager\DWM-4 [11-07-2023 22:26:56] Process Exited: Process Name - LogonUI.exe Process ID - 8668 [11-07-2023 22:26:57] Process Exited: Process Name - winlogon.exe Process ID - 5772 [11-07-2023 22:26:57] Process Exited: Process Name - csrss.exe Process ID - 11812 [11-07-2023 22:26:57] Process Exited: Process Name - dwm.exe Process ID - 11984 [11-07-2023 22:26:58] New process found: Process Name - csrss.exe Process ID - 1824 Process Identity - SYSTEM [11-07-2023 22:26:58] New process found: Process Name - winlogon.exe Process ID - 3332 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:26:58] New process found: Process Name - LogonUI.exe Process ID - 3224 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:26:58] New process found: Process Name - dwm.exe Process ID - 15328 Process Identity - Window Manager\DWM-4 [11-07-2023 22:27:11] Process Exited: Process Name - LogonUI.exe Process ID - 3224 [11-07-2023 22:27:11] Process Exited: Process Name - winlogon.exe Process ID - 3332 [11-07-2023 22:27:11] Process Exited: Process Name - dwm.exe Process ID - 15328 [11-07-2023 22:27:12] Process Exited: Process Name - csrss.exe Process ID - 1824 [11-07-2023 22:27:13] New process found: Process Name - csrss.exe Process ID - 10480 Process Identity - SYSTEM [11-07-2023 22:27:13] New process found: Process Name - winlogon.exe Process ID - 892 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:27:13] New process found: Process Name - LogonUI.exe Process ID - 2808 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:27:13] New process found: Process Name - dwm.exe Process ID - 14516 Process Identity - Window Manager\DWM-4 [11-07-2023 22:27:26] Process Exited: Process Name - winlogon.exe Process ID - 892 [11-07-2023 22:27:26] Process Exited: Process Name - LogonUI.exe Process ID - 2808 [11-07-2023 22:27:26] Process Exited: Process Name - csrss.exe Process ID - 10480 [11-07-2023 22:27:26] Process Exited: Process Name - dwm.exe Process ID - 14516 [11-07-2023 22:27:31] New process found: Process Name - csrss.exe Process ID - 11016 Process Identity - SYSTEM [11-07-2023 22:27:31] New process found: Process Name - winlogon.exe Process ID - 14436 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:27:31] New process found: Process Name - LogonUI.exe Process ID - 12872 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:27:31] New process found: Process Name - dwm.exe Process ID - 7688 Process Identity - Window Manager\DWM-4 [11-07-2023 22:27:41] Process Exited: Process Name - dwm.exe Process ID - 7688 [11-07-2023 22:27:41] Process Exited: Process Name - csrss.exe Process ID - 11016 [11-07-2023 22:27:41] Process Exited: Process Name - LogonUI.exe Process ID - 12872 [11-07-2023 22:27:41] Process Exited: Process Name - winlogon.exe Process ID - 14436 [11-07-2023 22:27:42] New process found: Process Name - csrss.exe Process ID - 15932 Process Identity - SYSTEM [11-07-2023 22:27:42] New process found: Process Name - winlogon.exe Process ID - 2084 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:27:44] New process found: Process Name - LogonUI.exe Process ID - 7268 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:27:44] New process found: Process Name - dwm.exe Process ID - 13624 Process Identity - Window Manager\DWM-4 [11-07-2023 22:27:56] Process Exited: Process Name - winlogon.exe Process ID - 2084 [11-07-2023 22:27:56] Process Exited: Process Name - LogonUI.exe Process ID - 7268 [11-07-2023 22:27:56] Process Exited: Process Name - dwm.exe Process ID - 13624 [11-07-2023 22:27:56] Process Exited: Process Name - csrss.exe Process ID - 15932 [11-07-2023 22:28:01] New process found: Process Name - csrss.exe Process ID - 10360 Process Identity - SYSTEM [11-07-2023 22:28:01] New process found: Process Name - winlogon.exe Process ID - 11432 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:28:01] New process found: Process Name - LogonUI.exe Process ID - 2696 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:28:01] New process found: Process Name - dwm.exe Process ID - 9068 Process Identity - Window Manager\DWM-4 [11-07-2023 22:28:11] Process Exited: Process Name - LogonUI.exe Process ID - 2696 [11-07-2023 22:28:11] Process Exited: Process Name - dwm.exe Process ID - 9068 [11-07-2023 22:28:11] Process Exited: Process Name - csrss.exe Process ID - 10360 [11-07-2023 22:28:11] Process Exited: Process Name - winlogon.exe Process ID - 11432 [11-07-2023 22:28:19] New process found: Process Name - csrss.exe Process ID - 8208 Process Identity - SYSTEM [11-07-2023 22:28:19] New process found: Process Name - winlogon.exe Process ID - 12180 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:28:19] New process found: Process Name - LogonUI.exe Process ID - 12216 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:28:19] New process found: Process Name - dwm.exe Process ID - 15976 Process Identity - Window Manager\DWM-4 [11-07-2023 22:28:26] Process Exited: Process Name - csrss.exe Process ID - 8208 [11-07-2023 22:28:26] Process Exited: Process Name - winlogon.exe Process ID - 12180 [11-07-2023 22:28:26] Process Exited: Process Name - LogonUI.exe Process ID - 12216 [11-07-2023 22:28:26] Process Exited: Process Name - dwm.exe Process ID - 15976 [11-07-2023 22:28:34] New process found: Process Name - csrss.exe Process ID - 14128 Process Identity - SYSTEM [11-07-2023 22:28:34] New process found: Process Name - winlogon.exe Process ID - 15396 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:28:35] New process found: Process Name - LogonUI.exe Process ID - 11260 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:28:35] New process found: Process Name - dwm.exe Process ID - 8832 Process Identity - Window Manager\DWM-4 [11-07-2023 22:28:48] Process Exited: Process Name - dwm.exe Process ID - 8832 [11-07-2023 22:28:48] Process Exited: Process Name - LogonUI.exe Process ID - 11260 [11-07-2023 22:28:48] Process Exited: Process Name - csrss.exe Process ID - 14128 [11-07-2023 22:28:48] Process Exited: Process Name - winlogon.exe Process ID - 15396 [11-07-2023 22:28:51] New process found: Process Name - csrss.exe Process ID - 12960 Process Identity - SYSTEM [11-07-2023 22:28:51] New process found: Process Name - winlogon.exe Process ID - 11388 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:28:52] New process found: Process Name - LogonUI.exe Process ID - 8740 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:28:52] New process found: Process Name - dwm.exe Process ID - 7664 Process Identity - Window Manager\DWM-4 [11-07-2023 22:28:55] New process found: Process Name - WmiPrvSE.exe Process ID - 9020 Process Identity - NT AUTHORITY\LOCAL SERVICE [11-07-2023 22:29:02] New process found: Process Name - WmiPrvSE.exe Process ID - 10880 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:29:03] Process Exited: Process Name - dwm.exe Process ID - 7664 [11-07-2023 22:29:03] Process Exited: Process Name - LogonUI.exe Process ID - 8740 [11-07-2023 22:29:03] Process Exited: Process Name - winlogon.exe Process ID - 11388 [11-07-2023 22:29:03] Process Exited: Process Name - csrss.exe Process ID - 12960 [11-07-2023 22:29:05] New process found: Process Name - csrss.exe Process ID - 14556 Process Identity - SYSTEM [11-07-2023 22:29:05] New process found: Process Name - winlogon.exe Process ID - 12328 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:29:06] New process found: Process Name - LogonUI.exe Process ID - 1760 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:29:06] New process found: Process Name - dwm.exe Process ID - 10580 Process Identity - Window Manager\DWM-4 [11-07-2023 22:29:09] New process found: Process Name - w3wp.exe Process ID - 15488 Process Identity - IIS APPPOOL\galaxytools.in Web application pool name - galaxytools.in [11-07-2023 22:29:18] Process Exited: Process Name - LogonUI.exe Process ID - 1760 [11-07-2023 22:29:18] Process Exited: Process Name - dwm.exe Process ID - 10580 [11-07-2023 22:29:18] Process Exited: Process Name - winlogon.exe Process ID - 12328 [11-07-2023 22:29:18] Process Exited: Process Name - csrss.exe Process ID - 14556 [11-07-2023 22:29:21] New process found: Process Name - csrss.exe Process ID - 12860 Process Identity - SYSTEM [11-07-2023 22:29:21] New process found: Process Name - winlogon.exe Process ID - 11420 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:29:23] New process found: Process Name - LogonUI.exe Process ID - 14328 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:29:23] New process found: Process Name - dwm.exe Process ID - 13284 Process Identity - Window Manager\DWM-4 [11-07-2023 22:29:34] Process Exited: Process Name - winlogon.exe Process ID - 11420 [11-07-2023 22:29:34] Process Exited: Process Name - csrss.exe Process ID - 12860 [11-07-2023 22:29:34] Process Exited: Process Name - dwm.exe Process ID - 13284 [11-07-2023 22:29:34] Process Exited: Process Name - LogonUI.exe Process ID - 14328 [11-07-2023 22:29:38] New process found: Process Name - csrss.exe Process ID - 12848 Process Identity - SYSTEM [11-07-2023 22:29:38] New process found: Process Name - winlogon.exe Process ID - 13608 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:29:39] New process found: Process Name - LogonUI.exe Process ID - 792 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:29:39] New process found: Process Name - dwm.exe Process ID - 4212 Process Identity - Window Manager\DWM-4 [11-07-2023 22:29:49] Process Exited: Process Name - LogonUI.exe Process ID - 792 [11-07-2023 22:29:49] Process Exited: Process Name - dwm.exe Process ID - 4212 [11-07-2023 22:29:49] Process Exited: Process Name - csrss.exe Process ID - 12848 [11-07-2023 22:29:49] Process Exited: Process Name - winlogon.exe Process ID - 13608 [11-07-2023 22:29:52] New process found: Process Name - csrss.exe Process ID - 7376 Process Identity - SYSTEM [11-07-2023 22:29:52] New process found: Process Name - winlogon.exe Process ID - 6912 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:29:52] New process found: Process Name - w3wp.exe Process ID - 8252 Process Identity - IIS APPPOOL\DefaultAppPool Web application pool name - DefaultAppPool [11-07-2023 22:29:53] New process found: Process Name - LogonUI.exe Process ID - 9212 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:29:53] New process found: Process Name - dwm.exe Process ID - 7836 Process Identity - Window Manager\DWM-4 [11-07-2023 22:30:04] Process Exited: Process Name - winlogon.exe Process ID - 6912 [11-07-2023 22:30:04] Process Exited: Process Name - csrss.exe Process ID - 7376 [11-07-2023 22:30:04] Process Exited: Process Name - dwm.exe Process ID - 7836 [11-07-2023 22:30:04] Process Exited: Process Name - LogonUI.exe Process ID - 9212 [11-07-2023 22:30:08] New process found: Process Name - csrss.exe Process ID - 10416 Process Identity - SYSTEM [11-07-2023 22:30:08] New process found: Process Name - winlogon.exe Process ID - 14212 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:30:11] New process found: Process Name - LogonUI.exe Process ID - 11484 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:30:11] New process found: Process Name - dwm.exe Process ID - 15972 Process Identity - Window Manager\DWM-4 [11-07-2023 22:30:19] Process Exited: Process Name - csrss.exe Process ID - 10416 [11-07-2023 22:30:19] Process Exited: Process Name - LogonUI.exe Process ID - 11484 [11-07-2023 22:30:19] Process Exited: Process Name - winlogon.exe Process ID - 14212 [11-07-2023 22:30:19] Process Exited: Process Name - dwm.exe Process ID - 15972 [11-07-2023 22:30:21] New process found: Process Name - csrss.exe Process ID - 9244 Process Identity - SYSTEM [11-07-2023 22:30:21] New process found: Process Name - winlogon.exe Process ID - 5708 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:30:21] New process found: Process Name - LogonUI.exe Process ID - 15892 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:30:21] New process found: Process Name - dwm.exe Process ID - 12424 Process Identity - Window Manager\DWM-4 [11-07-2023 22:30:24] Process Exited: Process Name - WmiPrvSE.exe Process ID - 9020 [11-07-2023 22:30:24] Process Exited: Process Name - WmiPrvSE.exe Process ID - 10880 [11-07-2023 22:30:34] Process Exited: Process Name - winlogon.exe Process ID - 5708 [11-07-2023 22:30:34] Process Exited: Process Name - csrss.exe Process ID - 9244 [11-07-2023 22:30:34] Process Exited: Process Name - dwm.exe Process ID - 12424 [11-07-2023 22:30:34] Process Exited: Process Name - LogonUI.exe Process ID - 15892 [11-07-2023 22:30:36] New process found: Process Name - csrss.exe Process ID - 524 Process Identity - SYSTEM [11-07-2023 22:30:36] New process found: Process Name - winlogon.exe Process ID - 6880 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:30:38] New process found: Process Name - LogonUI.exe Process ID - 15632 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:30:38] New process found: Process Name - dwm.exe Process ID - 7372 Process Identity - Window Manager\DWM-4 [11-07-2023 22:30:49] Process Exited: Process Name - csrss.exe Process ID - 524 [11-07-2023 22:30:49] Process Exited: Process Name - winlogon.exe Process ID - 6880 [11-07-2023 22:30:49] Process Exited: Process Name - dwm.exe Process ID - 7372 [11-07-2023 22:30:49] Process Exited: Process Name - LogonUI.exe Process ID - 15632 [11-07-2023 22:30:51] New process found: Process Name - csrss.exe Process ID - 11488 Process Identity - SYSTEM [11-07-2023 22:30:51] New process found: Process Name - winlogon.exe Process ID - 14548 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:30:51] New process found: Process Name - LogonUI.exe Process ID - 9780 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:30:51] New process found: Process Name - dwm.exe Process ID - 6388 Process Identity - Window Manager\DWM-4 [11-07-2023 22:31:02] New process found: Process Name - w3wp.exe Process ID - 13380 Process Identity - KSHITIJSINGHAL-\IWPD_38(capitalbook) Web application pool name - capitalbooks-publishing.com(domain)(4.0)(pool) [11-07-2023 22:31:04] Process Exited: Process Name - dwm.exe Process ID - 6388 [11-07-2023 22:31:04] Process Exited: Process Name - LogonUI.exe Process ID - 9780 [11-07-2023 22:31:04] Process Exited: Process Name - winlogon.exe Process ID - 14548 [11-07-2023 22:31:05] Process Exited: Process Name - csrss.exe Process ID - 11488 [11-07-2023 22:31:10] New process found: Process Name - w3wp.exe Process ID - 15592 Process Identity - KSHITIJSINGHAL-\IWPD_56(acwits) Web application pool name - cameraonrent.acwits.in(domain)(4.0)(pool) [11-07-2023 22:31:10] New process found: Process Name - csrss.exe Process ID - 3500 Process Identity - SYSTEM [11-07-2023 22:31:10] New process found: Process Name - winlogon.exe Process ID - 10832 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:31:11] New process found: Process Name - LogonUI.exe Process ID - 10760 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:31:11] New process found: Process Name - dwm.exe Process ID - 15732 Process Identity - Window Manager\DWM-4 [11-07-2023 22:31:20] Process Exited: Process Name - csrss.exe Process ID - 3500 [11-07-2023 22:31:20] Process Exited: Process Name - LogonUI.exe Process ID - 10760 [11-07-2023 22:31:20] Process Exited: Process Name - winlogon.exe Process ID - 10832 [11-07-2023 22:31:20] Process Exited: Process Name - dwm.exe Process ID - 15732 [11-07-2023 22:31:21] New process found: Process Name - csrss.exe Process ID - 15076 Process Identity - SYSTEM [11-07-2023 22:31:21] New process found: Process Name - winlogon.exe Process ID - 10872 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:31:22] New process found: Process Name - LogonUI.exe Process ID - 12420 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:31:22] New process found: Process Name - dwm.exe Process ID - 14556 Process Identity - Window Manager\DWM-4 [11-07-2023 22:31:23] Process Exited: Process Name - conhost.exe Process ID - 10828 [11-07-2023 22:31:23] Process Exited: Process Name - w3wp.exe Process ID - 14280 Web application pool name - imarc.acwits.in(domain)(4.0)(pool) [11-07-2023 22:31:35] Process Exited: Process Name - winlogon.exe Process ID - 10872 [11-07-2023 22:31:35] Process Exited: Process Name - LogonUI.exe Process ID - 12420 [11-07-2023 22:31:35] Process Exited: Process Name - dwm.exe Process ID - 14556 [11-07-2023 22:31:35] Process Exited: Process Name - csrss.exe Process ID - 15076 [11-07-2023 22:31:36] New process found: Process Name - w3wp.exe Process ID - 15912 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [11-07-2023 22:31:36] Process Exited: Process Name - w3wp.exe Process ID - 12140 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [11-07-2023 22:31:39] New process found: Process Name - csrss.exe Process ID - 7680 Process Identity - SYSTEM [11-07-2023 22:31:39] New process found: Process Name - winlogon.exe Process ID - 6480 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:31:41] New process found: Process Name - LogonUI.exe Process ID - 14080 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:31:41] New process found: Process Name - dwm.exe Process ID - 4724 Process Identity - Window Manager\DWM-4 [11-07-2023 22:31:50] Process Exited: Process Name - dwm.exe Process ID - 4724 [11-07-2023 22:31:50] Process Exited: Process Name - winlogon.exe Process ID - 6480 [11-07-2023 22:31:50] Process Exited: Process Name - csrss.exe Process ID - 7680 [11-07-2023 22:31:50] Process Exited: Process Name - LogonUI.exe Process ID - 14080 [11-07-2023 22:31:51] New process found: Process Name - csrss.exe Process ID - 3372 Process Identity - SYSTEM [11-07-2023 22:31:51] New process found: Process Name - winlogon.exe Process ID - 16088 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:31:53] New process found: Process Name - LogonUI.exe Process ID - 10820 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:31:53] New process found: Process Name - dwm.exe Process ID - 15332 Process Identity - Window Manager\DWM-4 [11-07-2023 22:32:05] Process Exited: Process Name - csrss.exe Process ID - 3372 [11-07-2023 22:32:05] Process Exited: Process Name - LogonUI.exe Process ID - 10820 [11-07-2023 22:32:05] Process Exited: Process Name - dwm.exe Process ID - 15332 [11-07-2023 22:32:05] Process Exited: Process Name - winlogon.exe Process ID - 16088 [11-07-2023 22:32:07] New process found: Process Name - csrss.exe Process ID - 14944 Process Identity - SYSTEM [11-07-2023 22:32:07] New process found: Process Name - winlogon.exe Process ID - 4116 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:32:07] New process found: Process Name - LogonUI.exe Process ID - 3820 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:32:07] New process found: Process Name - dwm.exe Process ID - 8948 Process Identity - Window Manager\DWM-4 [11-07-2023 22:32:20] Process Exited: Process Name - LogonUI.exe Process ID - 3820 [11-07-2023 22:32:20] Process Exited: Process Name - winlogon.exe Process ID - 4116 [11-07-2023 22:32:20] Process Exited: Process Name - dwm.exe Process ID - 8948 [11-07-2023 22:32:20] Process Exited: Process Name - csrss.exe Process ID - 14944 [11-07-2023 22:32:21] New process found: Process Name - csrss.exe Process ID - 7072 Process Identity - SYSTEM [11-07-2023 22:32:21] New process found: Process Name - winlogon.exe Process ID - 16324 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:32:22] New process found: Process Name - LogonUI.exe Process ID - 10880 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:32:22] New process found: Process Name - dwm.exe Process ID - 12724 Process Identity - Window Manager\DWM-4 [11-07-2023 22:32:33] New process found: Process Name - SearchProtocolHost.exe Process ID - 15948 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:32:33] New process found: Process Name - SearchFilterHost.exe Process ID - 12268 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:32:35] Process Exited: Process Name - csrss.exe Process ID - 7072 [11-07-2023 22:32:35] Process Exited: Process Name - LogonUI.exe Process ID - 10880 [11-07-2023 22:32:35] Process Exited: Process Name - dwm.exe Process ID - 12724 [11-07-2023 22:32:35] Process Exited: Process Name - winlogon.exe Process ID - 16324 [11-07-2023 22:32:39] New process found: Process Name - csrss.exe Process ID - 2600 Process Identity - SYSTEM [11-07-2023 22:32:39] New process found: Process Name - winlogon.exe Process ID - 14976 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:32:40] New process found: Process Name - LogonUI.exe Process ID - 12252 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:32:40] New process found: Process Name - dwm.exe Process ID - 12904 Process Identity - Window Manager\DWM-4 [11-07-2023 22:32:50] Process Exited: Process Name - csrss.exe Process ID - 2600 [11-07-2023 22:32:50] Process Exited: Process Name - LogonUI.exe Process ID - 12252 [11-07-2023 22:32:50] Process Exited: Process Name - dwm.exe Process ID - 12904 [11-07-2023 22:32:50] Process Exited: Process Name - winlogon.exe Process ID - 14976 [11-07-2023 22:32:52] New process found: Process Name - csrss.exe Process ID - 12424 Process Identity - SYSTEM [11-07-2023 22:32:52] New process found: Process Name - winlogon.exe Process ID - 7492 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:32:55] New process found: Process Name - LogonUI.exe Process ID - 2084 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:32:55] New process found: Process Name - dwm.exe Process ID - 12476 Process Identity - Window Manager\DWM-4 [11-07-2023 22:33:05] Process Exited: Process Name - LogonUI.exe Process ID - 2084 [11-07-2023 22:33:05] Process Exited: Process Name - winlogon.exe Process ID - 7492 [11-07-2023 22:33:05] Process Exited: Process Name - csrss.exe Process ID - 12424 [11-07-2023 22:33:05] Process Exited: Process Name - dwm.exe Process ID - 12476 [11-07-2023 22:33:08] New process found: Process Name - csrss.exe Process ID - 1316 Process Identity - SYSTEM [11-07-2023 22:33:08] New process found: Process Name - winlogon.exe Process ID - 5088 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:33:09] New process found: Process Name - LogonUI.exe Process ID - 12852 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:33:09] New process found: Process Name - dwm.exe Process ID - 6456 Process Identity - Window Manager\DWM-4 [11-07-2023 22:33:20] Process Exited: Process Name - csrss.exe Process ID - 1316 [11-07-2023 22:33:20] Process Exited: Process Name - winlogon.exe Process ID - 5088 [11-07-2023 22:33:20] Process Exited: Process Name - dwm.exe Process ID - 6456 [11-07-2023 22:33:20] Process Exited: Process Name - LogonUI.exe Process ID - 12852 [11-07-2023 22:33:23] New process found: Process Name - csrss.exe Process ID - 15420 Process Identity - SYSTEM [11-07-2023 22:33:23] New process found: Process Name - winlogon.exe Process ID - 14548 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:33:24] New process found: Process Name - LogonUI.exe Process ID - 14364 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:33:24] New process found: Process Name - dwm.exe Process ID - 13804 Process Identity - Window Manager\DWM-4 [11-07-2023 22:33:26] New process found: Process Name - w3wp.exe Process ID - 12176 Process Identity - KSHITIJSINGHAL-\IWPD_33(acwits) Web application pool name - procurementwebnew.acwits.in(domain)(4.0)(pool) [11-07-2023 22:33:26] New process found: Process Name - conhost.exe Process ID - 9292 Process Identity - KSHITIJSINGHAL-\IWPD_33(acwits) [11-07-2023 22:33:35] Process Exited: Process Name - dwm.exe Process ID - 13804 [11-07-2023 22:33:35] Process Exited: Process Name - LogonUI.exe Process ID - 14364 [11-07-2023 22:33:35] Process Exited: Process Name - winlogon.exe Process ID - 14548 [11-07-2023 22:33:35] Process Exited: Process Name - csrss.exe Process ID - 15420 [11-07-2023 22:33:36] New process found: Process Name - csrss.exe Process ID - 14252 Process Identity - SYSTEM [11-07-2023 22:33:36] New process found: Process Name - winlogon.exe Process ID - 11500 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:33:37] New process found: Process Name - LogonUI.exe Process ID - 2796 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:33:37] New process found: Process Name - dwm.exe Process ID - 10992 Process Identity - Window Manager\DWM-4 [11-07-2023 22:33:50] Process Exited: Process Name - LogonUI.exe Process ID - 2796 [11-07-2023 22:33:50] Process Exited: Process Name - dwm.exe Process ID - 10992 [11-07-2023 22:33:50] Process Exited: Process Name - winlogon.exe Process ID - 11500 [11-07-2023 22:33:50] Process Exited: Process Name - csrss.exe Process ID - 14252 [11-07-2023 22:33:51] New process found: Process Name - csrss.exe Process ID - 11768 Process Identity - SYSTEM [11-07-2023 22:33:51] New process found: Process Name - winlogon.exe Process ID - 5080 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:33:52] New process found: Process Name - LogonUI.exe Process ID - 15492 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:33:52] New process found: Process Name - dwm.exe Process ID - 7676 Process Identity - Window Manager\DWM-4 [11-07-2023 22:34:05] Process Exited: Process Name - winlogon.exe Process ID - 5080 [11-07-2023 22:34:05] Process Exited: Process Name - dwm.exe Process ID - 7676 [11-07-2023 22:34:05] Process Exited: Process Name - csrss.exe Process ID - 11768 [11-07-2023 22:34:05] Process Exited: Process Name - LogonUI.exe Process ID - 15492 [11-07-2023 22:34:07] New process found: Process Name - csrss.exe Process ID - 14848 Process Identity - SYSTEM [11-07-2023 22:34:07] New process found: Process Name - winlogon.exe Process ID - 8588 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:34:09] New process found: Process Name - LogonUI.exe Process ID - 15992 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:34:09] New process found: Process Name - dwm.exe Process ID - 11284 Process Identity - Window Manager\DWM-4 [11-07-2023 22:34:20] Process Exited: Process Name - winlogon.exe Process ID - 8588 [11-07-2023 22:34:20] Process Exited: Process Name - dwm.exe Process ID - 11284 [11-07-2023 22:34:20] Process Exited: Process Name - csrss.exe Process ID - 14848 [11-07-2023 22:34:20] Process Exited: Process Name - LogonUI.exe Process ID - 15992 [11-07-2023 22:34:23] New process found: Process Name - csrss.exe Process ID - 888 Process Identity - SYSTEM [11-07-2023 22:34:23] New process found: Process Name - winlogon.exe Process ID - 9836 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:34:23] New process found: Process Name - LogonUI.exe Process ID - 1756 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:34:23] New process found: Process Name - dwm.exe Process ID - 3820 Process Identity - Window Manager\DWM-4 [11-07-2023 22:34:35] Process Exited: Process Name - csrss.exe Process ID - 888 [11-07-2023 22:34:35] Process Exited: Process Name - LogonUI.exe Process ID - 1756 [11-07-2023 22:34:35] Process Exited: Process Name - dwm.exe Process ID - 3820 [11-07-2023 22:34:35] Process Exited: Process Name - winlogon.exe Process ID - 9836 [11-07-2023 22:34:36] New process found: Process Name - csrss.exe Process ID - 14872 Process Identity - SYSTEM [11-07-2023 22:34:36] New process found: Process Name - winlogon.exe Process ID - 2812 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:34:38] New process found: Process Name - LogonUI.exe Process ID - 1364 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:34:38] New process found: Process Name - dwm.exe Process ID - 15800 Process Identity - Window Manager\DWM-4 [11-07-2023 22:34:47] Process Exited: Process Name - SearchFilterHost.exe Process ID - 12268 [11-07-2023 22:34:47] Process Exited: Process Name - SearchProtocolHost.exe Process ID - 15948 [11-07-2023 22:34:50] Process Exited: Process Name - LogonUI.exe Process ID - 1364 [11-07-2023 22:34:50] Process Exited: Process Name - winlogon.exe Process ID - 2812 [11-07-2023 22:34:50] Process Exited: Process Name - csrss.exe Process ID - 14872 [11-07-2023 22:34:50] Process Exited: Process Name - dwm.exe Process ID - 15800 [11-07-2023 22:34:51] New process found: Process Name - csrss.exe Process ID - 15600 Process Identity - SYSTEM [11-07-2023 22:34:51] New process found: Process Name - winlogon.exe Process ID - 11104 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:34:52] New process found: Process Name - LogonUI.exe Process ID - 32 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:34:52] New process found: Process Name - dwm.exe Process ID - 12252 Process Identity - Window Manager\DWM-4 [11-07-2023 22:35:05] Process Exited: Process Name - LogonUI.exe Process ID - 32 [11-07-2023 22:35:05] Process Exited: Process Name - winlogon.exe Process ID - 11104 [11-07-2023 22:35:05] Process Exited: Process Name - dwm.exe Process ID - 12252 [11-07-2023 22:35:05] Process Exited: Process Name - csrss.exe Process ID - 15600 [11-07-2023 22:35:07] New process found: Process Name - csrss.exe Process ID - 6608 Process Identity - SYSTEM [11-07-2023 22:35:07] New process found: Process Name - winlogon.exe Process ID - 11108 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:35:08] New process found: Process Name - LogonUI.exe Process ID - 12296 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:35:08] New process found: Process Name - dwm.exe Process ID - 13176 Process Identity - Window Manager\DWM-4 [11-07-2023 22:35:12] Process Exited: Process Name - w3wp.exe Process ID - 15488 Web application pool name - galaxytools.in [11-07-2023 22:35:21] Process Exited: Process Name - csrss.exe Process ID - 6608 [11-07-2023 22:35:21] Process Exited: Process Name - winlogon.exe Process ID - 11108 [11-07-2023 22:35:21] Process Exited: Process Name - LogonUI.exe Process ID - 12296 [11-07-2023 22:35:21] Process Exited: Process Name - dwm.exe Process ID - 13176 [11-07-2023 22:35:22] New process found: Process Name - csrss.exe Process ID - 14116 Process Identity - SYSTEM [11-07-2023 22:35:22] New process found: Process Name - winlogon.exe Process ID - 10388 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:35:23] New process found: Process Name - LogonUI.exe Process ID - 344 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:35:23] New process found: Process Name - dwm.exe Process ID - 10728 Process Identity - Window Manager\DWM-4 [11-07-2023 22:35:35] New process found: Process Name - w3wp.exe Process ID - 6972 Process Identity - KSHITIJSINGHAL-\IWPD_6(cies) Web application pool name - cies.org.in(domain)(4.0)(pool) [11-07-2023 22:35:36] Process Exited: Process Name - LogonUI.exe Process ID - 344 [11-07-2023 22:35:36] Process Exited: Process Name - winlogon.exe Process ID - 10388 [11-07-2023 22:35:36] Process Exited: Process Name - dwm.exe Process ID - 10728 [11-07-2023 22:35:36] Process Exited: Process Name - csrss.exe Process ID - 14116 [11-07-2023 22:35:38] New process found: Process Name - smss.exe Process ID - 12052 Process Identity - SYSTEM [11-07-2023 22:35:38] New process found: Process Name - csrss.exe Process ID - 592 Process Identity - SYSTEM [11-07-2023 22:35:39] New process found: Process Name - winlogon.exe Process ID - 8956 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:35:39] New process found: Process Name - LogonUI.exe Process ID - 11916 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:35:39] New process found: Process Name - dwm.exe Process ID - 16092 Process Identity - Window Manager\DWM-4 [11-07-2023 22:35:39] Process Exited: Process Name - smss.exe Process ID - 12052 [11-07-2023 22:35:51] Process Exited: Process Name - csrss.exe Process ID - 592 [11-07-2023 22:35:51] Process Exited: Process Name - winlogon.exe Process ID - 8956 [11-07-2023 22:35:51] Process Exited: Process Name - LogonUI.exe Process ID - 11916 [11-07-2023 22:35:51] Process Exited: Process Name - dwm.exe Process ID - 16092 [11-07-2023 22:35:54] New process found: Process Name - csrss.exe Process ID - 3376 Process Identity - SYSTEM [11-07-2023 22:35:54] New process found: Process Name - winlogon.exe Process ID - 12960 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:35:55] Process Exited: Process Name - w3wp.exe Process ID - 8252 Web application pool name - DefaultAppPool [11-07-2023 22:35:56] New process found: Process Name - LogonUI.exe Process ID - 15380 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:35:56] New process found: Process Name - dwm.exe Process ID - 14588 Process Identity - Window Manager\DWM-4 [11-07-2023 22:36:06] Process Exited: Process Name - csrss.exe Process ID - 3376 [11-07-2023 22:36:06] Process Exited: Process Name - winlogon.exe Process ID - 12960 [11-07-2023 22:36:06] Process Exited: Process Name - dwm.exe Process ID - 14588 [11-07-2023 22:36:06] Process Exited: Process Name - LogonUI.exe Process ID - 15380 [11-07-2023 22:36:07] New process found: Process Name - csrss.exe Process ID - 10252 Process Identity - SYSTEM [11-07-2023 22:36:07] New process found: Process Name - winlogon.exe Process ID - 13432 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:36:08] New process found: Process Name - LogonUI.exe Process ID - 12804 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:36:08] New process found: Process Name - dwm.exe Process ID - 2704 Process Identity - Window Manager\DWM-4 [11-07-2023 22:36:21] Process Exited: Process Name - dwm.exe Process ID - 2704 [11-07-2023 22:36:21] Process Exited: Process Name - csrss.exe Process ID - 10252 [11-07-2023 22:36:21] Process Exited: Process Name - LogonUI.exe Process ID - 12804 [11-07-2023 22:36:21] Process Exited: Process Name - winlogon.exe Process ID - 13432 [11-07-2023 22:36:24] New process found: Process Name - csrss.exe Process ID - 4956 Process Identity - SYSTEM [11-07-2023 22:36:24] New process found: Process Name - winlogon.exe Process ID - 12148 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:36:24] New process found: Process Name - LogonUI.exe Process ID - 15776 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:36:24] New process found: Process Name - dwm.exe Process ID - 4184 Process Identity - Window Manager\DWM-4 [11-07-2023 22:36:36] Process Exited: Process Name - dwm.exe Process ID - 4184 [11-07-2023 22:36:36] Process Exited: Process Name - csrss.exe Process ID - 4956 [11-07-2023 22:36:36] Process Exited: Process Name - winlogon.exe Process ID - 12148 [11-07-2023 22:36:36] Process Exited: Process Name - LogonUI.exe Process ID - 15776 [11-07-2023 22:36:37] New process found: Process Name - w3wp.exe Process ID - 13436 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [11-07-2023 22:36:37] Process Exited: Process Name - w3wp.exe Process ID - 15912 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [11-07-2023 22:36:38] New process found: Process Name - csrss.exe Process ID - 14848 Process Identity - SYSTEM [11-07-2023 22:36:38] New process found: Process Name - winlogon.exe Process ID - 8732 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:36:40] New process found: Process Name - LogonUI.exe Process ID - 10436 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:36:40] New process found: Process Name - dwm.exe Process ID - 15736 Process Identity - Window Manager\DWM-4 [11-07-2023 22:36:51] Process Exited: Process Name - winlogon.exe Process ID - 8732 [11-07-2023 22:36:51] Process Exited: Process Name - LogonUI.exe Process ID - 10436 [11-07-2023 22:36:51] Process Exited: Process Name - csrss.exe Process ID - 14848 [11-07-2023 22:36:51] Process Exited: Process Name - dwm.exe Process ID - 15736 [11-07-2023 22:36:52] New process found: Process Name - csrss.exe Process ID - 12756 Process Identity - SYSTEM [11-07-2023 22:36:52] New process found: Process Name - winlogon.exe Process ID - 9836 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:36:54] New process found: Process Name - LogonUI.exe Process ID - 16176 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:36:54] New process found: Process Name - dwm.exe Process ID - 10868 Process Identity - Window Manager\DWM-4 [11-07-2023 22:37:04] Process Exited: Process Name - w3wp.exe Process ID - 13380 Web application pool name - capitalbooks-publishing.com(domain)(4.0)(pool) [11-07-2023 22:37:06] Process Exited: Process Name - winlogon.exe Process ID - 9836 [11-07-2023 22:37:06] Process Exited: Process Name - dwm.exe Process ID - 10868 [11-07-2023 22:37:06] Process Exited: Process Name - csrss.exe Process ID - 12756 [11-07-2023 22:37:06] Process Exited: Process Name - LogonUI.exe Process ID - 16176 [11-07-2023 22:37:08] New process found: Process Name - csrss.exe Process ID - 2812 Process Identity - SYSTEM [11-07-2023 22:37:08] New process found: Process Name - winlogon.exe Process ID - 11072 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:37:09] New process found: Process Name - LogonUI.exe Process ID - 9184 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:37:09] New process found: Process Name - dwm.exe Process ID - 15008 Process Identity - Window Manager\DWM-4 [11-07-2023 22:37:12] Process Exited: Process Name - w3wp.exe Process ID - 15592 Web application pool name - cameraonrent.acwits.in(domain)(4.0)(pool) [11-07-2023 22:37:21] Process Exited: Process Name - csrss.exe Process ID - 2812 [11-07-2023 22:37:21] Process Exited: Process Name - LogonUI.exe Process ID - 9184 [11-07-2023 22:37:21] Process Exited: Process Name - winlogon.exe Process ID - 11072 [11-07-2023 22:37:21] Process Exited: Process Name - dwm.exe Process ID - 15008 [11-07-2023 22:37:23] New process found: Process Name - csrss.exe Process ID - 15036 Process Identity - SYSTEM [11-07-2023 22:37:23] New process found: Process Name - winlogon.exe Process ID - 9936 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:37:24] New process found: Process Name - LogonUI.exe Process ID - 11292 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:37:24] New process found: Process Name - dwm.exe Process ID - 11024 Process Identity - Window Manager\DWM-4 [11-07-2023 22:37:36] Process Exited: Process Name - winlogon.exe Process ID - 9936 [11-07-2023 22:37:36] Process Exited: Process Name - dwm.exe Process ID - 11024 [11-07-2023 22:37:36] Process Exited: Process Name - LogonUI.exe Process ID - 11292 [11-07-2023 22:37:37] Process Exited: Process Name - csrss.exe Process ID - 15036 [11-07-2023 22:37:39] New process found: Process Name - csrss.exe Process ID - 15396 Process Identity - SYSTEM [11-07-2023 22:37:39] New process found: Process Name - winlogon.exe Process ID - 7492 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:37:40] New process found: Process Name - LogonUI.exe Process ID - 2084 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:37:40] New process found: Process Name - dwm.exe Process ID - 13204 Process Identity - Window Manager\DWM-4 [11-07-2023 22:37:43] New process found: Process Name - w3wp.exe Process ID - 11528 Process Identity - IIS APPPOOL\galaxytools.in Web application pool name - galaxytools.in [11-07-2023 22:37:52] Process Exited: Process Name - LogonUI.exe Process ID - 2084 [11-07-2023 22:37:52] Process Exited: Process Name - winlogon.exe Process ID - 7492 [11-07-2023 22:37:52] Process Exited: Process Name - dwm.exe Process ID - 13204 [11-07-2023 22:37:52] Process Exited: Process Name - csrss.exe Process ID - 15396 [11-07-2023 22:37:56] New process found: Process Name - csrss.exe Process ID - 8492 Process Identity - SYSTEM [11-07-2023 22:37:56] New process found: Process Name - winlogon.exe Process ID - 15824 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:37:57] New process found: Process Name - LogonUI.exe Process ID - 11844 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:37:57] New process found: Process Name - dwm.exe Process ID - 13236 Process Identity - Window Manager\DWM-4 [11-07-2023 22:38:07] Process Exited: Process Name - csrss.exe Process ID - 8492 [11-07-2023 22:38:07] Process Exited: Process Name - LogonUI.exe Process ID - 11844 [11-07-2023 22:38:07] Process Exited: Process Name - dwm.exe Process ID - 13236 [11-07-2023 22:38:07] Process Exited: Process Name - winlogon.exe Process ID - 15824 [11-07-2023 22:38:13] New process found: Process Name - csrss.exe Process ID - 15964 Process Identity - SYSTEM [11-07-2023 22:38:13] New process found: Process Name - winlogon.exe Process ID - 10592 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:38:14] New process found: Process Name - LogonUI.exe Process ID - 14756 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:38:14] New process found: Process Name - dwm.exe Process ID - 6932 Process Identity - Window Manager\DWM-4 [11-07-2023 22:38:27] Process Exited: Process Name - dwm.exe Process ID - 6932 [11-07-2023 22:38:27] Process Exited: Process Name - winlogon.exe Process ID - 10592 [11-07-2023 22:38:27] Process Exited: Process Name - LogonUI.exe Process ID - 14756 [11-07-2023 22:38:27] Process Exited: Process Name - csrss.exe Process ID - 15964 [11-07-2023 22:38:28] New process found: Process Name - csrss.exe Process ID - 9984 Process Identity - SYSTEM [11-07-2023 22:38:28] New process found: Process Name - winlogon.exe Process ID - 436 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:38:29] New process found: Process Name - LogonUI.exe Process ID - 15328 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:38:29] New process found: Process Name - dwm.exe Process ID - 15016 Process Identity - Window Manager\DWM-4 [11-07-2023 22:38:42] Process Exited: Process Name - winlogon.exe Process ID - 436 [11-07-2023 22:38:42] Process Exited: Process Name - csrss.exe Process ID - 9984 [11-07-2023 22:38:42] Process Exited: Process Name - dwm.exe Process ID - 15016 [11-07-2023 22:38:42] Process Exited: Process Name - LogonUI.exe Process ID - 15328 [11-07-2023 22:38:46] New process found: Process Name - csrss.exe Process ID - 13216 Process Identity - SYSTEM [11-07-2023 22:38:46] New process found: Process Name - winlogon.exe Process ID - 12620 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:38:47] New process found: Process Name - LogonUI.exe Process ID - 7064 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:38:47] New process found: Process Name - dwm.exe Process ID - 996 Process Identity - Window Manager\DWM-4 [11-07-2023 22:38:54] New process found: Process Name - WmiPrvSE.exe Process ID - 16368 Process Identity - NT AUTHORITY\LOCAL SERVICE [11-07-2023 22:38:57] Process Exited: Process Name - dwm.exe Process ID - 996 [11-07-2023 22:38:57] Process Exited: Process Name - LogonUI.exe Process ID - 7064 [11-07-2023 22:38:57] Process Exited: Process Name - winlogon.exe Process ID - 12620 [11-07-2023 22:38:57] Process Exited: Process Name - csrss.exe Process ID - 13216 [11-07-2023 22:39:00] New process found: Process Name - csrss.exe Process ID - 15024 Process Identity - SYSTEM [11-07-2023 22:39:00] New process found: Process Name - winlogon.exe Process ID - 13992 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:39:00] New process found: Process Name - LogonUI.exe Process ID - 11868 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:39:00] New process found: Process Name - dwm.exe Process ID - 5084 Process Identity - Window Manager\DWM-4 [11-07-2023 22:39:01] New process found: Process Name - WmiPrvSE.exe Process ID - 14984 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:39:12] Process Exited: Process Name - dwm.exe Process ID - 5084 [11-07-2023 22:39:12] Process Exited: Process Name - LogonUI.exe Process ID - 11868 [11-07-2023 22:39:12] Process Exited: Process Name - winlogon.exe Process ID - 13992 [11-07-2023 22:39:12] Process Exited: Process Name - csrss.exe Process ID - 15024 [11-07-2023 22:39:13] New process found: Process Name - csrss.exe Process ID - 1084 Process Identity - SYSTEM [11-07-2023 22:39:13] New process found: Process Name - winlogon.exe Process ID - 16004 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:39:14] New process found: Process Name - LogonUI.exe Process ID - 4944 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:39:14] New process found: Process Name - dwm.exe Process ID - 11432 Process Identity - Window Manager\DWM-4 [11-07-2023 22:39:27] Process Exited: Process Name - csrss.exe Process ID - 1084 [11-07-2023 22:39:27] Process Exited: Process Name - LogonUI.exe Process ID - 4944 [11-07-2023 22:39:27] Process Exited: Process Name - dwm.exe Process ID - 11432 [11-07-2023 22:39:27] Process Exited: Process Name - winlogon.exe Process ID - 16004 [11-07-2023 22:39:30] New process found: Process Name - csrss.exe Process ID - 10508 Process Identity - SYSTEM [11-07-2023 22:39:30] New process found: Process Name - winlogon.exe Process ID - 13008 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:39:33] New process found: Process Name - LogonUI.exe Process ID - 8552 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:39:33] New process found: Process Name - dwm.exe Process ID - 1752 Process Identity - Window Manager\DWM-4 [11-07-2023 22:39:42] Process Exited: Process Name - dwm.exe Process ID - 1752 [11-07-2023 22:39:42] Process Exited: Process Name - LogonUI.exe Process ID - 8552 [11-07-2023 22:39:42] Process Exited: Process Name - csrss.exe Process ID - 10508 [11-07-2023 22:39:42] Process Exited: Process Name - winlogon.exe Process ID - 13008 [11-07-2023 22:39:46] New process found: Process Name - csrss.exe Process ID - 11312 Process Identity - SYSTEM [11-07-2023 22:39:46] New process found: Process Name - winlogon.exe Process ID - 7704 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:39:47] New process found: Process Name - LogonUI.exe Process ID - 11328 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:39:47] New process found: Process Name - dwm.exe Process ID - 14916 Process Identity - Window Manager\DWM-4 [11-07-2023 22:39:47] New process found: Process Name - w3wp.exe Process ID - 7828 Process Identity - KSHITIJSINGHAL-\IWPD_76(organicdisr) Web application pool name - organicdisruption.org(domain)(4.0)(pool) [11-07-2023 22:39:57] Process Exited: Process Name - winlogon.exe Process ID - 7704 [11-07-2023 22:39:57] Process Exited: Process Name - csrss.exe Process ID - 11312 [11-07-2023 22:39:57] Process Exited: Process Name - LogonUI.exe Process ID - 11328 [11-07-2023 22:39:57] Process Exited: Process Name - dwm.exe Process ID - 14916 [11-07-2023 22:40:00] New process found: Process Name - csrss.exe Process ID - 10680 Process Identity - SYSTEM [11-07-2023 22:40:00] New process found: Process Name - winlogon.exe Process ID - 2764 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:40:00] New process found: Process Name - LogonUI.exe Process ID - 5952 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:40:00] New process found: Process Name - dwm.exe Process ID - 12764 Process Identity - Window Manager\DWM-4 [11-07-2023 22:40:12] Process Exited: Process Name - winlogon.exe Process ID - 2764 [11-07-2023 22:40:12] Process Exited: Process Name - LogonUI.exe Process ID - 5952 [11-07-2023 22:40:12] Process Exited: Process Name - csrss.exe Process ID - 10680 [11-07-2023 22:40:12] Process Exited: Process Name - dwm.exe Process ID - 12764 [11-07-2023 22:40:13] New process found: Process Name - csrss.exe Process ID - 13944 Process Identity - SYSTEM [11-07-2023 22:40:13] New process found: Process Name - winlogon.exe Process ID - 2056 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:40:14] New process found: Process Name - LogonUI.exe Process ID - 10904 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:40:14] New process found: Process Name - dwm.exe Process ID - 12232 Process Identity - Window Manager\DWM-4 [11-07-2023 22:40:24] Process Exited: Process Name - WmiPrvSE.exe Process ID - 14984 [11-07-2023 22:40:24] Process Exited: Process Name - WmiPrvSE.exe Process ID - 16368 [11-07-2023 22:40:27] Process Exited: Process Name - winlogon.exe Process ID - 2056 [11-07-2023 22:40:27] Process Exited: Process Name - LogonUI.exe Process ID - 10904 [11-07-2023 22:40:27] Process Exited: Process Name - dwm.exe Process ID - 12232 [11-07-2023 22:40:27] Process Exited: Process Name - csrss.exe Process ID - 13944 [11-07-2023 22:40:28] New process found: Process Name - csrss.exe Process ID - 11488 Process Identity - SYSTEM [11-07-2023 22:40:28] New process found: Process Name - winlogon.exe Process ID - 14796 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:40:29] New process found: Process Name - LogonUI.exe Process ID - 12360 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:40:29] New process found: Process Name - dwm.exe Process ID - 12420 Process Identity - Window Manager\DWM-4 [11-07-2023 22:40:42] Process Exited: Process Name - csrss.exe Process ID - 11488 [11-07-2023 22:40:42] Process Exited: Process Name - LogonUI.exe Process ID - 12360 [11-07-2023 22:40:42] Process Exited: Process Name - dwm.exe Process ID - 12420 [11-07-2023 22:40:42] Process Exited: Process Name - winlogon.exe Process ID - 14796 [11-07-2023 22:40:45] New process found: Process Name - csrss.exe Process ID - 14244 Process Identity - SYSTEM [11-07-2023 22:40:45] New process found: Process Name - winlogon.exe Process ID - 15688 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:40:46] New process found: Process Name - LogonUI.exe Process ID - 13240 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:40:46] New process found: Process Name - dwm.exe Process ID - 11296 Process Identity - Window Manager\DWM-4 [11-07-2023 22:40:57] Process Exited: Process Name - dwm.exe Process ID - 11296 [11-07-2023 22:40:57] Process Exited: Process Name - LogonUI.exe Process ID - 13240 [11-07-2023 22:40:57] Process Exited: Process Name - csrss.exe Process ID - 14244 [11-07-2023 22:40:57] Process Exited: Process Name - winlogon.exe Process ID - 15688 [11-07-2023 22:40:59] New process found: Process Name - smss.exe Process ID - 10420 Process Identity - SYSTEM [11-07-2023 22:41:00] New process found: Process Name - csrss.exe Process ID - 6548 Process Identity - SYSTEM [11-07-2023 22:41:00] New process found: Process Name - winlogon.exe Process ID - 2328 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:41:00] New process found: Process Name - LogonUI.exe Process ID - 9684 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:41:00] New process found: Process Name - dwm.exe Process ID - 9260 Process Identity - Window Manager\DWM-4 [11-07-2023 22:41:00] Process Exited: Process Name - smss.exe Process ID - 10420 [11-07-2023 22:41:12] Process Exited: Process Name - winlogon.exe Process ID - 2328 [11-07-2023 22:41:12] Process Exited: Process Name - csrss.exe Process ID - 6548 [11-07-2023 22:41:12] Process Exited: Process Name - dwm.exe Process ID - 9260 [11-07-2023 22:41:12] Process Exited: Process Name - LogonUI.exe Process ID - 9684 [11-07-2023 22:41:16] New process found: Process Name - csrss.exe Process ID - 14512 Process Identity - SYSTEM [11-07-2023 22:41:16] New process found: Process Name - winlogon.exe Process ID - 11040 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:41:17] New process found: Process Name - LogonUI.exe Process ID - 15712 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:41:17] New process found: Process Name - dwm.exe Process ID - 16240 Process Identity - Window Manager\DWM-4 [11-07-2023 22:41:27] Process Exited: Process Name - winlogon.exe Process ID - 11040 [11-07-2023 22:41:27] Process Exited: Process Name - csrss.exe Process ID - 14512 [11-07-2023 22:41:27] Process Exited: Process Name - LogonUI.exe Process ID - 15712 [11-07-2023 22:41:27] Process Exited: Process Name - dwm.exe Process ID - 16240 [11-07-2023 22:41:28] New process found: Process Name - csrss.exe Process ID - 8584 Process Identity - SYSTEM [11-07-2023 22:41:28] New process found: Process Name - winlogon.exe Process ID - 8888 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:41:29] New process found: Process Name - LogonUI.exe Process ID - 13808 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:41:29] New process found: Process Name - dwm.exe Process ID - 11480 Process Identity - Window Manager\DWM-4 [11-07-2023 22:41:30] New process found: Process Name - conhost.exe Process ID - 13508 Process Identity - KSHITIJSINGHAL-\IWPD_76(organicdisr) [11-07-2023 22:41:36] Process Exited: Process Name - w3wp.exe Process ID - 6972 Web application pool name - cies.org.in(domain)(4.0)(pool) [11-07-2023 22:41:38] New process found: Process Name - w3wp.exe Process ID - 13012 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [11-07-2023 22:41:38] Process Exited: Process Name - w3wp.exe Process ID - 13436 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [11-07-2023 22:41:42] Process Exited: Process Name - csrss.exe Process ID - 8584 [11-07-2023 22:41:42] Process Exited: Process Name - winlogon.exe Process ID - 8888 [11-07-2023 22:41:42] Process Exited: Process Name - dwm.exe Process ID - 11480 [11-07-2023 22:41:42] Process Exited: Process Name - LogonUI.exe Process ID - 13808 [11-07-2023 22:41:43] New process found: Process Name - csrss.exe Process ID - 15564 Process Identity - SYSTEM [11-07-2023 22:41:43] New process found: Process Name - winlogon.exe Process ID - 14652 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:41:43] New process found: Process Name - LogonUI.exe Process ID - 12956 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:41:43] New process found: Process Name - dwm.exe Process ID - 10164 Process Identity - Window Manager\DWM-4 [11-07-2023 22:41:57] Process Exited: Process Name - dwm.exe Process ID - 10164 [11-07-2023 22:41:57] Process Exited: Process Name - LogonUI.exe Process ID - 12956 [11-07-2023 22:41:57] Process Exited: Process Name - winlogon.exe Process ID - 14652 [11-07-2023 22:41:57] Process Exited: Process Name - csrss.exe Process ID - 15564 [11-07-2023 22:41:59] New process found: Process Name - smss.exe Process ID - 14144 Process Identity - SYSTEM [11-07-2023 22:42:00] New process found: Process Name - csrss.exe Process ID - 14544 Process Identity - SYSTEM [11-07-2023 22:42:00] New process found: Process Name - winlogon.exe Process ID - 14840 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:42:00] Process Exited: Process Name - smss.exe Process ID - 14144 [11-07-2023 22:42:01] New process found: Process Name - LogonUI.exe Process ID - 13864 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:42:01] New process found: Process Name - dwm.exe Process ID - 992 Process Identity - Window Manager\DWM-4 [11-07-2023 22:42:01] New process found: Process Name - ig-1.exe Process ID - 11220 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 22:42:02] New process found: Process Name - ig-4.exe Process ID - 7408 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 22:42:02] Process Exited: Process Name - ig-1.exe Process ID - 11220 [11-07-2023 22:42:03] New process found: Process Name - ig-7.exe Process ID - 8744 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 22:42:03] Process Exited: Process Name - ig-4.exe Process ID - 7408 [11-07-2023 22:42:04] New process found: Process Name - ig-10.exe Process ID - 10004 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 22:42:04] Process Exited: Process Name - ig-7.exe Process ID - 8744 [11-07-2023 22:42:05] New process found: Process Name - ig-14.exe Process ID - 11312 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 22:42:05] Process Exited: Process Name - ig-10.exe Process ID - 10004 [11-07-2023 22:42:06] New process found: Process Name - ig-17.exe Process ID - 11436 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 22:42:06] Process Exited: Process Name - ig-14.exe Process ID - 11312 [11-07-2023 22:42:07] New process found: Process Name - ig-20.exe Process ID - 8380 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 22:42:07] Process Exited: Process Name - ig-17.exe Process ID - 11436 [11-07-2023 22:42:08] New process found: Process Name - ig-24.exe Process ID - 12016 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 22:42:08] Process Exited: Process Name - ig-20.exe Process ID - 8380 [11-07-2023 22:42:09] New process found: Process Name - ig-27.exe Process ID - 15336 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 22:42:09] Process Exited: Process Name - ig-24.exe Process ID - 12016 [11-07-2023 22:42:10] New process found: Process Name - ig-30.exe Process ID - 6308 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 22:42:10] Process Exited: Process Name - ig-27.exe Process ID - 15336 [11-07-2023 22:42:11] New process found: Process Name - ig-34.exe Process ID - 15448 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 22:42:11] Process Exited: Process Name - ig-30.exe Process ID - 6308 [11-07-2023 22:42:12] New process found: Process Name - ig-37.exe Process ID - 14324 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 22:42:12] Process Exited: Process Name - dwm.exe Process ID - 992 [11-07-2023 22:42:12] Process Exited: Process Name - LogonUI.exe Process ID - 13864 [11-07-2023 22:42:12] Process Exited: Process Name - csrss.exe Process ID - 14544 [11-07-2023 22:42:12] Process Exited: Process Name - winlogon.exe Process ID - 14840 [11-07-2023 22:42:12] Process Exited: Process Name - ig-34.exe Process ID - 15448 [11-07-2023 22:42:13] New process found: Process Name - csrss.exe Process ID - 2764 Process Identity - SYSTEM [11-07-2023 22:42:13] New process found: Process Name - winlogon.exe Process ID - 12252 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:42:13] Process Exited: Process Name - ig-37.exe Process ID - 14324 [11-07-2023 22:42:15] New process found: Process Name - LogonUI.exe Process ID - 15896 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:42:15] New process found: Process Name - dwm.exe Process ID - 4956 Process Identity - Window Manager\DWM-4 [11-07-2023 22:42:15] New process found: Process Name - ig-42.exe Process ID - 5932 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 22:42:16] New process found: Process Name - ig-45.exe Process ID - 15116 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 22:42:16] Process Exited: Process Name - ig-42.exe Process ID - 5932 [11-07-2023 22:42:17] New process found: Process Name - ig-48.exe Process ID - 10832 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 22:42:17] Process Exited: Process Name - ig-45.exe Process ID - 15116 [11-07-2023 22:42:19] Process Exited: Process Name - ig-48.exe Process ID - 10832 [11-07-2023 22:42:28] Process Exited: Process Name - csrss.exe Process ID - 2764 [11-07-2023 22:42:28] Process Exited: Process Name - dwm.exe Process ID - 4956 [11-07-2023 22:42:28] Process Exited: Process Name - winlogon.exe Process ID - 12252 [11-07-2023 22:42:28] Process Exited: Process Name - LogonUI.exe Process ID - 15896 [11-07-2023 22:42:30] New process found: Process Name - csrss.exe Process ID - 10388 Process Identity - SYSTEM [11-07-2023 22:42:30] New process found: Process Name - winlogon.exe Process ID - 14252 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:42:31] New process found: Process Name - LogonUI.exe Process ID - 10996 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:42:31] New process found: Process Name - dwm.exe Process ID - 6656 Process Identity - Window Manager\DWM-4 [11-07-2023 22:42:43] Process Exited: Process Name - dwm.exe Process ID - 6656 [11-07-2023 22:42:43] Process Exited: Process Name - csrss.exe Process ID - 10388 [11-07-2023 22:42:43] Process Exited: Process Name - LogonUI.exe Process ID - 10996 [11-07-2023 22:42:43] Process Exited: Process Name - winlogon.exe Process ID - 14252 [11-07-2023 22:42:44] New process found: Process Name - csrss.exe Process ID - 15604 Process Identity - SYSTEM [11-07-2023 22:42:44] New process found: Process Name - winlogon.exe Process ID - 12444 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:42:45] New process found: Process Name - LogonUI.exe Process ID - 11688 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:42:45] New process found: Process Name - dwm.exe Process ID - 16136 Process Identity - Window Manager\DWM-4 [11-07-2023 22:42:51] New process found: Process Name - w3wp.exe Process ID - 13360 Process Identity - KSHITIJSINGHAL-\IWPD_13(perfectbrea) Web application pool name - perfectbread.com(domain)(4.0)(pool) [11-07-2023 22:42:52] New process found: Process Name - conhost.exe Process ID - 13600 Process Identity - KSHITIJSINGHAL-\IWPD_13(perfectbrea) [11-07-2023 22:42:58] Process Exited: Process Name - LogonUI.exe Process ID - 11688 [11-07-2023 22:42:58] Process Exited: Process Name - winlogon.exe Process ID - 12444 [11-07-2023 22:42:58] Process Exited: Process Name - csrss.exe Process ID - 15604 [11-07-2023 22:42:58] Process Exited: Process Name - dwm.exe Process ID - 16136 [11-07-2023 22:42:59] New process found: Process Name - csrss.exe Process ID - 12344 Process Identity - SYSTEM [11-07-2023 22:42:59] New process found: Process Name - winlogon.exe Process ID - 13612 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:43:00] New process found: Process Name - LogonUI.exe Process ID - 10420 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:43:00] New process found: Process Name - dwm.exe Process ID - 6548 Process Identity - Window Manager\DWM-4 [11-07-2023 22:43:13] Process Exited: Process Name - dwm.exe Process ID - 6548 [11-07-2023 22:43:13] Process Exited: Process Name - LogonUI.exe Process ID - 10420 [11-07-2023 22:43:13] Process Exited: Process Name - csrss.exe Process ID - 12344 [11-07-2023 22:43:13] Process Exited: Process Name - winlogon.exe Process ID - 13612 [11-07-2023 22:43:14] New process found: Process Name - csrss.exe Process ID - 2884 Process Identity - SYSTEM [11-07-2023 22:43:14] New process found: Process Name - winlogon.exe Process ID - 3988 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:43:14] New process found: Process Name - LogonUI.exe Process ID - 11040 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:43:14] New process found: Process Name - dwm.exe Process ID - 15224 Process Identity - Window Manager\DWM-4 [11-07-2023 22:43:28] Process Exited: Process Name - csrss.exe Process ID - 2884 [11-07-2023 22:43:28] Process Exited: Process Name - winlogon.exe Process ID - 3988 [11-07-2023 22:43:28] Process Exited: Process Name - LogonUI.exe Process ID - 11040 [11-07-2023 22:43:28] Process Exited: Process Name - dwm.exe Process ID - 15224 [11-07-2023 22:43:29] New process found: Process Name - csrss.exe Process ID - 16020 Process Identity - SYSTEM [11-07-2023 22:43:29] New process found: Process Name - winlogon.exe Process ID - 11284 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:43:30] New process found: Process Name - LogonUI.exe Process ID - 8768 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:43:30] New process found: Process Name - dwm.exe Process ID - 12092 Process Identity - Window Manager\DWM-4 [11-07-2023 22:43:39] New process found: Process Name - w3wp.exe Process ID - 1632 Process Identity - KSHITIJSINGHAL-\IWPD_38(capitalbook) Web application pool name - capitalbooks-publishing.com(domain)(4.0)(pool) [11-07-2023 22:43:43] Process Exited: Process Name - LogonUI.exe Process ID - 8768 [11-07-2023 22:43:43] Process Exited: Process Name - winlogon.exe Process ID - 11284 [11-07-2023 22:43:43] Process Exited: Process Name - dwm.exe Process ID - 12092 [11-07-2023 22:43:43] Process Exited: Process Name - csrss.exe Process ID - 16020 [11-07-2023 22:43:44] New process found: Process Name - csrss.exe Process ID - 13084 Process Identity - SYSTEM [11-07-2023 22:43:44] New process found: Process Name - winlogon.exe Process ID - 15976 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:43:44] New process found: Process Name - LogonUI.exe Process ID - 1084 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:43:44] New process found: Process Name - dwm.exe Process ID - 11000 Process Identity - Window Manager\DWM-4 [11-07-2023 22:43:45] Process Exited: Process Name - w3wp.exe Process ID - 11528 Web application pool name - galaxytools.in [11-07-2023 22:43:58] Process Exited: Process Name - LogonUI.exe Process ID - 1084 [11-07-2023 22:43:58] Process Exited: Process Name - dwm.exe Process ID - 11000 [11-07-2023 22:43:58] Process Exited: Process Name - csrss.exe Process ID - 13084 [11-07-2023 22:43:58] Process Exited: Process Name - conhost.exe Process ID - 14904 [11-07-2023 22:43:58] Process Exited: Process Name - winlogon.exe Process ID - 15976 [11-07-2023 22:43:59] Process Exited: Process Name - w3wp.exe Process ID - 10396 Web application pool name - adminmain.acwits.in(domain)(4.0)(pool) [11-07-2023 22:44:00] New process found: Process Name - csrss.exe Process ID - 6648 Process Identity - SYSTEM [11-07-2023 22:44:00] New process found: Process Name - winlogon.exe Process ID - 11220 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:44:02] New process found: Process Name - LogonUI.exe Process ID - 11244 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:44:02] New process found: Process Name - dwm.exe Process ID - 12652 Process Identity - Window Manager\DWM-4 [11-07-2023 22:44:13] Process Exited: Process Name - csrss.exe Process ID - 6648 [11-07-2023 22:44:13] Process Exited: Process Name - winlogon.exe Process ID - 11220 [11-07-2023 22:44:13] Process Exited: Process Name - LogonUI.exe Process ID - 11244 [11-07-2023 22:44:13] Process Exited: Process Name - dwm.exe Process ID - 12652 [11-07-2023 22:44:14] New process found: Process Name - csrss.exe Process ID - 12720 Process Identity - SYSTEM [11-07-2023 22:44:14] New process found: Process Name - winlogon.exe Process ID - 12004 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:44:14] New process found: Process Name - LogonUI.exe Process ID - 8968 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:44:14] New process found: Process Name - dwm.exe Process ID - 9912 Process Identity - Window Manager\DWM-4 [11-07-2023 22:44:28] Process Exited: Process Name - LogonUI.exe Process ID - 8968 [11-07-2023 22:44:28] Process Exited: Process Name - dwm.exe Process ID - 9912 [11-07-2023 22:44:28] Process Exited: Process Name - winlogon.exe Process ID - 12004 [11-07-2023 22:44:28] Process Exited: Process Name - csrss.exe Process ID - 12720 [11-07-2023 22:44:30] New process found: Process Name - csrss.exe Process ID - 10416 Process Identity - SYSTEM [11-07-2023 22:44:30] New process found: Process Name - winlogon.exe Process ID - 12764 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:44:32] New process found: Process Name - LogonUI.exe Process ID - 10616 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:44:32] New process found: Process Name - dwm.exe Process ID - 11240 Process Identity - Window Manager\DWM-4 [11-07-2023 22:44:43] Process Exited: Process Name - csrss.exe Process ID - 10416 [11-07-2023 22:44:43] Process Exited: Process Name - LogonUI.exe Process ID - 10616 [11-07-2023 22:44:43] Process Exited: Process Name - dwm.exe Process ID - 11240 [11-07-2023 22:44:43] Process Exited: Process Name - winlogon.exe Process ID - 12764 [11-07-2023 22:44:44] New process found: Process Name - csrss.exe Process ID - 10804 Process Identity - SYSTEM [11-07-2023 22:44:44] New process found: Process Name - winlogon.exe Process ID - 15196 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:44:44] New process found: Process Name - LogonUI.exe Process ID - 11340 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:44:44] New process found: Process Name - dwm.exe Process ID - 15400 Process Identity - Window Manager\DWM-4 [11-07-2023 22:44:58] Process Exited: Process Name - csrss.exe Process ID - 10804 [11-07-2023 22:44:58] Process Exited: Process Name - LogonUI.exe Process ID - 11340 [11-07-2023 22:44:58] Process Exited: Process Name - winlogon.exe Process ID - 15196 [11-07-2023 22:44:58] Process Exited: Process Name - dwm.exe Process ID - 15400 [11-07-2023 22:44:59] New process found: Process Name - csrss.exe Process ID - 12084 Process Identity - SYSTEM [11-07-2023 22:44:59] New process found: Process Name - winlogon.exe Process ID - 2648 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:44:59] New process found: Process Name - LogonUI.exe Process ID - 12420 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:44:59] New process found: Process Name - dwm.exe Process ID - 15088 Process Identity - Window Manager\DWM-4 [11-07-2023 22:45:13] Process Exited: Process Name - winlogon.exe Process ID - 2648 [11-07-2023 22:45:13] Process Exited: Process Name - csrss.exe Process ID - 12084 [11-07-2023 22:45:13] Process Exited: Process Name - LogonUI.exe Process ID - 12420 [11-07-2023 22:45:13] Process Exited: Process Name - dwm.exe Process ID - 15088 [11-07-2023 22:45:14] New process found: Process Name - csrss.exe Process ID - 12196 Process Identity - SYSTEM [11-07-2023 22:45:14] New process found: Process Name - winlogon.exe Process ID - 14080 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:45:15] New process found: Process Name - LogonUI.exe Process ID - 7744 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:45:15] New process found: Process Name - dwm.exe Process ID - 10172 Process Identity - Window Manager\DWM-4 [11-07-2023 22:45:16] New process found: Process Name - w3wp.exe Process ID - 5192 Process Identity - IIS APPPOOL\DefaultAppPool Web application pool name - DefaultAppPool [11-07-2023 22:45:28] Process Exited: Process Name - LogonUI.exe Process ID - 7744 [11-07-2023 22:45:28] Process Exited: Process Name - conhost.exe Process ID - 9292 [11-07-2023 22:45:28] Process Exited: Process Name - dwm.exe Process ID - 10172 [11-07-2023 22:45:28] Process Exited: Process Name - w3wp.exe Process ID - 12176 Web application pool name - procurementwebnew.acwits.in(domain)(4.0)(pool) [11-07-2023 22:45:28] Process Exited: Process Name - csrss.exe Process ID - 12196 [11-07-2023 22:45:28] Process Exited: Process Name - winlogon.exe Process ID - 14080 [11-07-2023 22:45:29] New process found: Process Name - csrss.exe Process ID - 16316 Process Identity - SYSTEM [11-07-2023 22:45:29] New process found: Process Name - winlogon.exe Process ID - 7716 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:45:30] New process found: Process Name - LogonUI.exe Process ID - 15720 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:45:30] New process found: Process Name - dwm.exe Process ID - 15368 Process Identity - Window Manager\DWM-4 [11-07-2023 22:45:42] Process Exited: Process Name - LogonUI.exe Process ID - 15720 [11-07-2023 22:45:43] Process Exited: Process Name - winlogon.exe Process ID - 7716 [11-07-2023 22:45:43] Process Exited: Process Name - dwm.exe Process ID - 15368 [11-07-2023 22:45:43] Process Exited: Process Name - csrss.exe Process ID - 16316 [11-07-2023 22:45:44] New process found: Process Name - csrss.exe Process ID - 13764 Process Identity - SYSTEM [11-07-2023 22:45:44] New process found: Process Name - winlogon.exe Process ID - 3368 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:45:44] New process found: Process Name - LogonUI.exe Process ID - 15004 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:45:44] New process found: Process Name - dwm.exe Process ID - 15248 Process Identity - Window Manager\DWM-4 [11-07-2023 22:45:57] Process Exited: Process Name - winlogon.exe Process ID - 3368 [11-07-2023 22:45:57] Process Exited: Process Name - LogonUI.exe Process ID - 15004 [11-07-2023 22:45:57] Process Exited: Process Name - dwm.exe Process ID - 15248 [11-07-2023 22:45:58] Process Exited: Process Name - csrss.exe Process ID - 13764 [11-07-2023 22:45:59] New process found: Process Name - csrss.exe Process ID - 640 Process Identity - SYSTEM [11-07-2023 22:45:59] New process found: Process Name - winlogon.exe Process ID - 10776 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:46:00] New process found: Process Name - LogonUI.exe Process ID - 15188 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:46:00] New process found: Process Name - dwm.exe Process ID - 228 Process Identity - Window Manager\DWM-4 [11-07-2023 22:46:13] Process Exited: Process Name - dwm.exe Process ID - 228 [11-07-2023 22:46:13] Process Exited: Process Name - csrss.exe Process ID - 640 [11-07-2023 22:46:13] Process Exited: Process Name - winlogon.exe Process ID - 10776 [11-07-2023 22:46:13] Process Exited: Process Name - LogonUI.exe Process ID - 15188 [11-07-2023 22:46:16] New process found: Process Name - csrss.exe Process ID - 10248 Process Identity - SYSTEM [11-07-2023 22:46:16] New process found: Process Name - winlogon.exe Process ID - 11352 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:46:17] New process found: Process Name - LogonUI.exe Process ID - 11140 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:46:17] New process found: Process Name - dwm.exe Process ID - 12840 Process Identity - Window Manager\DWM-4 [11-07-2023 22:46:28] Process Exited: Process Name - csrss.exe Process ID - 10248 [11-07-2023 22:46:28] Process Exited: Process Name - LogonUI.exe Process ID - 11140 [11-07-2023 22:46:28] Process Exited: Process Name - winlogon.exe Process ID - 11352 [11-07-2023 22:46:28] Process Exited: Process Name - dwm.exe Process ID - 12840 [11-07-2023 22:46:31] New process found: Process Name - csrss.exe Process ID - 14584 Process Identity - SYSTEM [11-07-2023 22:46:31] New process found: Process Name - winlogon.exe Process ID - 7468 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:46:32] New process found: Process Name - LogonUI.exe Process ID - 15652 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:46:32] New process found: Process Name - dwm.exe Process ID - 14752 Process Identity - Window Manager\DWM-4 [11-07-2023 22:46:39] New process found: Process Name - w3wp.exe Process ID - 2572 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [11-07-2023 22:46:39] Process Exited: Process Name - w3wp.exe Process ID - 13012 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [11-07-2023 22:46:43] Process Exited: Process Name - winlogon.exe Process ID - 7468 [11-07-2023 22:46:43] Process Exited: Process Name - csrss.exe Process ID - 14584 [11-07-2023 22:46:43] Process Exited: Process Name - dwm.exe Process ID - 14752 [11-07-2023 22:46:43] Process Exited: Process Name - LogonUI.exe Process ID - 15652 [11-07-2023 22:46:44] New process found: Process Name - smss.exe Process ID - 12740 Process Identity - SYSTEM [11-07-2023 22:46:44] New process found: Process Name - csrss.exe Process ID - 3876 Process Identity - SYSTEM [11-07-2023 22:46:45] New process found: Process Name - winlogon.exe Process ID - 11312 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:46:45] New process found: Process Name - LogonUI.exe Process ID - 9928 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:46:45] New process found: Process Name - dwm.exe Process ID - 6884 Process Identity - Window Manager\DWM-4 [11-07-2023 22:46:45] Process Exited: Process Name - smss.exe Process ID - 12740 [11-07-2023 22:46:58] Process Exited: Process Name - csrss.exe Process ID - 3876 [11-07-2023 22:46:58] Process Exited: Process Name - dwm.exe Process ID - 6884 [11-07-2023 22:46:58] Process Exited: Process Name - LogonUI.exe Process ID - 9928 [11-07-2023 22:46:58] Process Exited: Process Name - winlogon.exe Process ID - 11312 [11-07-2023 22:47:00] New process found: Process Name - csrss.exe Process ID - 15020 Process Identity - SYSTEM [11-07-2023 22:47:00] New process found: Process Name - winlogon.exe Process ID - 6484 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:47:01] New process found: Process Name - LogonUI.exe Process ID - 10036 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:47:01] New process found: Process Name - dwm.exe Process ID - 10292 Process Identity - Window Manager\DWM-4 [11-07-2023 22:47:13] Process Exited: Process Name - winlogon.exe Process ID - 6484 [11-07-2023 22:47:13] Process Exited: Process Name - LogonUI.exe Process ID - 10036 [11-07-2023 22:47:13] Process Exited: Process Name - dwm.exe Process ID - 10292 [11-07-2023 22:47:13] Process Exited: Process Name - csrss.exe Process ID - 15020 [11-07-2023 22:47:15] New process found: Process Name - csrss.exe Process ID - 8052 Process Identity - SYSTEM [11-07-2023 22:47:15] New process found: Process Name - winlogon.exe Process ID - 5932 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:47:15] New process found: Process Name - LogonUI.exe Process ID - 7480 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:47:15] New process found: Process Name - dwm.exe Process ID - 11604 Process Identity - Window Manager\DWM-4 [11-07-2023 22:47:28] Process Exited: Process Name - winlogon.exe Process ID - 5932 [11-07-2023 22:47:28] Process Exited: Process Name - LogonUI.exe Process ID - 7480 [11-07-2023 22:47:28] Process Exited: Process Name - csrss.exe Process ID - 8052 [11-07-2023 22:47:28] Process Exited: Process Name - dwm.exe Process ID - 11604 [11-07-2023 22:47:30] New process found: Process Name - csrss.exe Process ID - 8372 Process Identity - SYSTEM [11-07-2023 22:47:30] New process found: Process Name - winlogon.exe Process ID - 12824 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:47:33] New process found: Process Name - LogonUI.exe Process ID - 13428 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:47:33] New process found: Process Name - dwm.exe Process ID - 15772 Process Identity - Window Manager\DWM-4 [11-07-2023 22:47:43] Process Exited: Process Name - csrss.exe Process ID - 8372 [11-07-2023 22:47:43] Process Exited: Process Name - winlogon.exe Process ID - 12824 [11-07-2023 22:47:43] Process Exited: Process Name - LogonUI.exe Process ID - 13428 [11-07-2023 22:47:43] Process Exited: Process Name - dwm.exe Process ID - 15772 [11-07-2023 22:47:45] New process found: Process Name - csrss.exe Process ID - 4920 Process Identity - SYSTEM [11-07-2023 22:47:45] New process found: Process Name - winlogon.exe Process ID - 14548 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:47:45] New process found: Process Name - LogonUI.exe Process ID - 188 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:47:45] New process found: Process Name - dwm.exe Process ID - 12172 Process Identity - Window Manager\DWM-4 [11-07-2023 22:47:58] Process Exited: Process Name - LogonUI.exe Process ID - 188 [11-07-2023 22:47:58] Process Exited: Process Name - csrss.exe Process ID - 4920 [11-07-2023 22:47:58] Process Exited: Process Name - dwm.exe Process ID - 12172 [11-07-2023 22:47:58] Process Exited: Process Name - winlogon.exe Process ID - 14548 [11-07-2023 22:48:00] New process found: Process Name - csrss.exe Process ID - 11064 Process Identity - SYSTEM [11-07-2023 22:48:00] New process found: Process Name - winlogon.exe Process ID - 12460 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:48:02] New process found: Process Name - LogonUI.exe Process ID - 7672 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:48:02] New process found: Process Name - dwm.exe Process ID - 15512 Process Identity - Window Manager\DWM-4 [11-07-2023 22:48:13] Process Exited: Process Name - LogonUI.exe Process ID - 7672 [11-07-2023 22:48:13] Process Exited: Process Name - csrss.exe Process ID - 11064 [11-07-2023 22:48:13] Process Exited: Process Name - winlogon.exe Process ID - 12460 [11-07-2023 22:48:13] Process Exited: Process Name - dwm.exe Process ID - 15512 [11-07-2023 22:48:15] New process found: Process Name - csrss.exe Process ID - 15164 Process Identity - SYSTEM [11-07-2023 22:48:15] New process found: Process Name - winlogon.exe Process ID - 11756 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:48:16] New process found: Process Name - LogonUI.exe Process ID - 15452 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:48:16] New process found: Process Name - dwm.exe Process ID - 11564 Process Identity - Window Manager\DWM-4 [11-07-2023 22:48:28] Process Exited: Process Name - dwm.exe Process ID - 11564 [11-07-2023 22:48:28] Process Exited: Process Name - winlogon.exe Process ID - 11756 [11-07-2023 22:48:28] Process Exited: Process Name - LogonUI.exe Process ID - 15452 [11-07-2023 22:48:29] Process Exited: Process Name - csrss.exe Process ID - 15164 [11-07-2023 22:48:30] New process found: Process Name - csrss.exe Process ID - 9584 Process Identity - SYSTEM [11-07-2023 22:48:30] New process found: Process Name - winlogon.exe Process ID - 9272 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:48:31] New process found: Process Name - LogonUI.exe Process ID - 14776 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:48:31] New process found: Process Name - dwm.exe Process ID - 14724 Process Identity - Window Manager\DWM-4 [11-07-2023 22:48:43] Process Exited: Process Name - winlogon.exe Process ID - 9272 [11-07-2023 22:48:43] Process Exited: Process Name - dwm.exe Process ID - 14724 [11-07-2023 22:48:43] Process Exited: Process Name - LogonUI.exe Process ID - 14776 [11-07-2023 22:48:44] Process Exited: Process Name - csrss.exe Process ID - 9584 [11-07-2023 22:48:45] New process found: Process Name - csrss.exe Process ID - 1728 Process Identity - SYSTEM [11-07-2023 22:48:45] New process found: Process Name - winlogon.exe Process ID - 3164 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:48:46] New process found: Process Name - LogonUI.exe Process ID - 14132 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:48:46] New process found: Process Name - dwm.exe Process ID - 16344 Process Identity - Window Manager\DWM-4 [11-07-2023 22:48:49] Process Exited: Process Name - w3wp.exe Process ID - 7828 Web application pool name - organicdisruption.org(domain)(4.0)(pool) [11-07-2023 22:48:49] Process Exited: Process Name - conhost.exe Process ID - 13508 [11-07-2023 22:48:54] New process found: Process Name - WmiPrvSE.exe Process ID - 13436 Process Identity - NT AUTHORITY\LOCAL SERVICE [11-07-2023 22:48:58] Process Exited: Process Name - csrss.exe Process ID - 1728 [11-07-2023 22:48:58] Process Exited: Process Name - winlogon.exe Process ID - 3164 [11-07-2023 22:48:58] Process Exited: Process Name - LogonUI.exe Process ID - 14132 [11-07-2023 22:48:58] Process Exited: Process Name - dwm.exe Process ID - 16344 [11-07-2023 22:49:00] New process found: Process Name - csrss.exe Process ID - 11596 Process Identity - SYSTEM [11-07-2023 22:49:00] New process found: Process Name - winlogon.exe Process ID - 4372 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:49:00] New process found: Process Name - LogonUI.exe Process ID - 6824 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:49:00] New process found: Process Name - dwm.exe Process ID - 7708 Process Identity - Window Manager\DWM-4 [11-07-2023 22:49:01] New process found: Process Name - WmiPrvSE.exe Process ID - 6228 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:49:15] Process Exited: Process Name - winlogon.exe Process ID - 4372 [11-07-2023 22:49:15] Process Exited: Process Name - LogonUI.exe Process ID - 6824 [11-07-2023 22:49:15] Process Exited: Process Name - dwm.exe Process ID - 7708 [11-07-2023 22:49:15] Process Exited: Process Name - csrss.exe Process ID - 11596 [11-07-2023 22:49:19] New process found: Process Name - csrss.exe Process ID - 11388 Process Identity - SYSTEM [11-07-2023 22:49:19] New process found: Process Name - winlogon.exe Process ID - 5336 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:49:19] New process found: Process Name - LogonUI.exe Process ID - 6844 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:49:19] New process found: Process Name - dwm.exe Process ID - 5116 Process Identity - Window Manager\DWM-4 [11-07-2023 22:49:31] Process Exited: Process Name - dwm.exe Process ID - 5116 [11-07-2023 22:49:31] Process Exited: Process Name - winlogon.exe Process ID - 5336 [11-07-2023 22:49:31] Process Exited: Process Name - LogonUI.exe Process ID - 6844 [11-07-2023 22:49:31] Process Exited: Process Name - csrss.exe Process ID - 11388 [11-07-2023 22:49:32] New process found: Process Name - csrss.exe Process ID - 8812 Process Identity - SYSTEM [11-07-2023 22:49:32] New process found: Process Name - winlogon.exe Process ID - 7468 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:49:33] New process found: Process Name - LogonUI.exe Process ID - 10396 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:49:33] New process found: Process Name - dwm.exe Process ID - 14388 Process Identity - Window Manager\DWM-4 [11-07-2023 22:49:41] Process Exited: Process Name - w3wp.exe Process ID - 1632 Web application pool name - capitalbooks-publishing.com(domain)(4.0)(pool) [11-07-2023 22:49:46] Process Exited: Process Name - winlogon.exe Process ID - 7468 [11-07-2023 22:49:46] Process Exited: Process Name - csrss.exe Process ID - 8812 [11-07-2023 22:49:46] Process Exited: Process Name - LogonUI.exe Process ID - 10396 [11-07-2023 22:49:46] Process Exited: Process Name - dwm.exe Process ID - 14388 [11-07-2023 22:49:48] New process found: Process Name - csrss.exe Process ID - 7704 Process Identity - SYSTEM [11-07-2023 22:49:48] New process found: Process Name - winlogon.exe Process ID - 15488 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:49:50] New process found: Process Name - LogonUI.exe Process ID - 5112 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:49:50] New process found: Process Name - dwm.exe Process ID - 9320 Process Identity - Window Manager\DWM-4 [11-07-2023 22:49:53] Process Exited: Process Name - w3wp.exe Process ID - 13360 Web application pool name - perfectbread.com(domain)(4.0)(pool) [11-07-2023 22:49:53] Process Exited: Process Name - conhost.exe Process ID - 13600 [11-07-2023 22:50:01] Process Exited: Process Name - LogonUI.exe Process ID - 5112 [11-07-2023 22:50:01] Process Exited: Process Name - csrss.exe Process ID - 7704 [11-07-2023 22:50:01] Process Exited: Process Name - dwm.exe Process ID - 9320 [11-07-2023 22:50:01] Process Exited: Process Name - winlogon.exe Process ID - 15488 [11-07-2023 22:50:03] New process found: Process Name - csrss.exe Process ID - 10636 Process Identity - SYSTEM [11-07-2023 22:50:03] New process found: Process Name - winlogon.exe Process ID - 7104 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:50:03] New process found: Process Name - LogonUI.exe Process ID - 11252 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:50:03] New process found: Process Name - dwm.exe Process ID - 15700 Process Identity - Window Manager\DWM-4 [11-07-2023 22:50:16] Process Exited: Process Name - winlogon.exe Process ID - 7104 [11-07-2023 22:50:16] Process Exited: Process Name - csrss.exe Process ID - 10636 [11-07-2023 22:50:16] Process Exited: Process Name - LogonUI.exe Process ID - 11252 [11-07-2023 22:50:16] Process Exited: Process Name - dwm.exe Process ID - 15700 [11-07-2023 22:50:21] New process found: Process Name - w3wp.exe Process ID - 15956 Process Identity - KSHITIJSINGHAL-\IWPD_67(justprew_2v) Web application pool name - justprewedding.com(domain)(4.0)(pool) [11-07-2023 22:50:24] New process found: Process Name - csrss.exe Process ID - 4208 Process Identity - SYSTEM [11-07-2023 22:50:24] New process found: Process Name - winlogon.exe Process ID - 12148 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:50:25] New process found: Process Name - LogonUI.exe Process ID - 15860 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:50:25] New process found: Process Name - dwm.exe Process ID - 8904 Process Identity - Window Manager\DWM-4 [11-07-2023 22:50:25] Process Exited: Process Name - WmiPrvSE.exe Process ID - 6228 [11-07-2023 22:50:25] Process Exited: Process Name - WmiPrvSE.exe Process ID - 13436 [11-07-2023 22:50:31] Process Exited: Process Name - csrss.exe Process ID - 4208 [11-07-2023 22:50:31] Process Exited: Process Name - dwm.exe Process ID - 8904 [11-07-2023 22:50:31] Process Exited: Process Name - winlogon.exe Process ID - 12148 [11-07-2023 22:50:31] Process Exited: Process Name - LogonUI.exe Process ID - 15860 [11-07-2023 22:50:32] New process found: Process Name - csrss.exe Process ID - 12724 Process Identity - SYSTEM [11-07-2023 22:50:32] New process found: Process Name - winlogon.exe Process ID - 12360 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:50:33] New process found: Process Name - LogonUI.exe Process ID - 12052 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:50:33] New process found: Process Name - dwm.exe Process ID - 9020 Process Identity - Window Manager\DWM-4 [11-07-2023 22:50:46] Process Exited: Process Name - dwm.exe Process ID - 9020 [11-07-2023 22:50:46] Process Exited: Process Name - LogonUI.exe Process ID - 12052 [11-07-2023 22:50:46] Process Exited: Process Name - winlogon.exe Process ID - 12360 [11-07-2023 22:50:46] Process Exited: Process Name - csrss.exe Process ID - 12724 [11-07-2023 22:50:50] New process found: Process Name - csrss.exe Process ID - 9872 Process Identity - SYSTEM [11-07-2023 22:50:50] New process found: Process Name - winlogon.exe Process ID - 10796 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:50:51] New process found: Process Name - LogonUI.exe Process ID - 15480 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:50:51] New process found: Process Name - dwm.exe Process ID - 10172 Process Identity - Window Manager\DWM-4 [11-07-2023 22:51:01] Process Exited: Process Name - csrss.exe Process ID - 9872 [11-07-2023 22:51:01] Process Exited: Process Name - dwm.exe Process ID - 10172 [11-07-2023 22:51:01] Process Exited: Process Name - winlogon.exe Process ID - 10796 [11-07-2023 22:51:01] Process Exited: Process Name - LogonUI.exe Process ID - 15480 [11-07-2023 22:51:05] New process found: Process Name - csrss.exe Process ID - 10324 Process Identity - SYSTEM [11-07-2023 22:51:05] New process found: Process Name - winlogon.exe Process ID - 10320 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:51:06] New process found: Process Name - LogonUI.exe Process ID - 9368 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:51:06] New process found: Process Name - dwm.exe Process ID - 9112 Process Identity - Window Manager\DWM-4 [11-07-2023 22:51:16] Process Exited: Process Name - dwm.exe Process ID - 9112 [11-07-2023 22:51:16] Process Exited: Process Name - LogonUI.exe Process ID - 9368 [11-07-2023 22:51:16] Process Exited: Process Name - winlogon.exe Process ID - 10320 [11-07-2023 22:51:16] Process Exited: Process Name - csrss.exe Process ID - 10324 [11-07-2023 22:51:17] New process found: Process Name - csrss.exe Process ID - 10540 Process Identity - SYSTEM [11-07-2023 22:51:17] New process found: Process Name - winlogon.exe Process ID - 16308 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:51:18] Process Exited: Process Name - w3wp.exe Process ID - 5192 Web application pool name - DefaultAppPool [11-07-2023 22:51:19] New process found: Process Name - LogonUI.exe Process ID - 3996 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:51:19] New process found: Process Name - dwm.exe Process ID - 2956 Process Identity - Window Manager\DWM-4 [11-07-2023 22:51:31] Process Exited: Process Name - dwm.exe Process ID - 2956 [11-07-2023 22:51:31] Process Exited: Process Name - LogonUI.exe Process ID - 3996 [11-07-2023 22:51:31] Process Exited: Process Name - csrss.exe Process ID - 10540 [11-07-2023 22:51:31] Process Exited: Process Name - winlogon.exe Process ID - 16308 [11-07-2023 22:51:33] New process found: Process Name - csrss.exe Process ID - 13108 Process Identity - SYSTEM [11-07-2023 22:51:33] New process found: Process Name - winlogon.exe Process ID - 5572 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:51:33] New process found: Process Name - LogonUI.exe Process ID - 15712 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:51:33] New process found: Process Name - dwm.exe Process ID - 10288 Process Identity - Window Manager\DWM-4 [11-07-2023 22:51:41] New process found: Process Name - w3wp.exe Process ID - 6956 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [11-07-2023 22:51:41] Process Exited: Process Name - w3wp.exe Process ID - 2572 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [11-07-2023 22:51:46] Process Exited: Process Name - winlogon.exe Process ID - 5572 [11-07-2023 22:51:46] Process Exited: Process Name - dwm.exe Process ID - 10288 [11-07-2023 22:51:46] Process Exited: Process Name - csrss.exe Process ID - 13108 [11-07-2023 22:51:46] Process Exited: Process Name - LogonUI.exe Process ID - 15712 [11-07-2023 22:51:47] New process found: Process Name - smss.exe Process ID - 14552 Process Identity - SYSTEM [11-07-2023 22:51:48] New process found: Process Name - csrss.exe Process ID - 14832 Process Identity - SYSTEM [11-07-2023 22:51:48] New process found: Process Name - winlogon.exe Process ID - 11504 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:51:48] New process found: Process Name - LogonUI.exe Process ID - 8772 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:51:48] New process found: Process Name - dwm.exe Process ID - 10628 Process Identity - Window Manager\DWM-4 [11-07-2023 22:51:48] Process Exited: Process Name - smss.exe Process ID - 14552 [11-07-2023 22:52:01] Process Exited: Process Name - LogonUI.exe Process ID - 8772 [11-07-2023 22:52:01] Process Exited: Process Name - dwm.exe Process ID - 10628 [11-07-2023 22:52:01] Process Exited: Process Name - winlogon.exe Process ID - 11504 [11-07-2023 22:52:01] Process Exited: Process Name - csrss.exe Process ID - 14832 [11-07-2023 22:52:07] New process found: Process Name - csrss.exe Process ID - 9688 Process Identity - SYSTEM [11-07-2023 22:52:07] New process found: Process Name - winlogon.exe Process ID - 14844 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:52:07] New process found: Process Name - LogonUI.exe Process ID - 9956 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:52:07] New process found: Process Name - dwm.exe Process ID - 10436 Process Identity - Window Manager\DWM-4 [11-07-2023 22:52:16] Process Exited: Process Name - csrss.exe Process ID - 9688 [11-07-2023 22:52:16] Process Exited: Process Name - LogonUI.exe Process ID - 9956 [11-07-2023 22:52:16] Process Exited: Process Name - dwm.exe Process ID - 10436 [11-07-2023 22:52:16] Process Exited: Process Name - winlogon.exe Process ID - 14844 [11-07-2023 22:52:18] New process found: Process Name - csrss.exe Process ID - 15992 Process Identity - SYSTEM [11-07-2023 22:52:18] New process found: Process Name - winlogon.exe Process ID - 4416 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:52:20] New process found: Process Name - LogonUI.exe Process ID - 8744 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:52:20] New process found: Process Name - dwm.exe Process ID - 14024 Process Identity - Window Manager\DWM-4 [11-07-2023 22:52:31] Process Exited: Process Name - winlogon.exe Process ID - 4416 [11-07-2023 22:52:31] Process Exited: Process Name - LogonUI.exe Process ID - 8744 [11-07-2023 22:52:31] Process Exited: Process Name - dwm.exe Process ID - 14024 [11-07-2023 22:52:31] Process Exited: Process Name - csrss.exe Process ID - 15992 [11-07-2023 22:52:35] New process found: Process Name - csrss.exe Process ID - 10728 Process Identity - SYSTEM [11-07-2023 22:52:35] New process found: Process Name - winlogon.exe Process ID - 15260 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:52:37] New process found: Process Name - LogonUI.exe Process ID - 15052 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:52:37] New process found: Process Name - dwm.exe Process ID - 13132 Process Identity - Window Manager\DWM-4 [11-07-2023 22:52:46] Process Exited: Process Name - csrss.exe Process ID - 10728 [11-07-2023 22:52:46] Process Exited: Process Name - dwm.exe Process ID - 13132 [11-07-2023 22:52:46] Process Exited: Process Name - LogonUI.exe Process ID - 15052 [11-07-2023 22:52:46] Process Exited: Process Name - winlogon.exe Process ID - 15260 [11-07-2023 22:52:49] New process found: Process Name - csrss.exe Process ID - 10220 Process Identity - SYSTEM [11-07-2023 22:52:49] New process found: Process Name - winlogon.exe Process ID - 14860 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:52:50] New process found: Process Name - LogonUI.exe Process ID - 3496 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:52:50] New process found: Process Name - dwm.exe Process ID - 14568 Process Identity - Window Manager\DWM-4 [11-07-2023 22:53:01] Process Exited: Process Name - LogonUI.exe Process ID - 3496 [11-07-2023 22:53:01] Process Exited: Process Name - csrss.exe Process ID - 10220 [11-07-2023 22:53:01] Process Exited: Process Name - dwm.exe Process ID - 14568 [11-07-2023 22:53:01] Process Exited: Process Name - winlogon.exe Process ID - 14860 [11-07-2023 22:53:02] New process found: Process Name - csrss.exe Process ID - 8608 Process Identity - SYSTEM [11-07-2023 22:53:02] New process found: Process Name - winlogon.exe Process ID - 5112 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:53:04] New process found: Process Name - LogonUI.exe Process ID - 12740 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:53:04] New process found: Process Name - dwm.exe Process ID - 9552 Process Identity - Window Manager\DWM-4 [11-07-2023 22:53:16] Process Exited: Process Name - winlogon.exe Process ID - 5112 [11-07-2023 22:53:16] Process Exited: Process Name - csrss.exe Process ID - 8608 [11-07-2023 22:53:16] Process Exited: Process Name - dwm.exe Process ID - 9552 [11-07-2023 22:53:16] Process Exited: Process Name - LogonUI.exe Process ID - 12740 [11-07-2023 22:53:20] New process found: Process Name - csrss.exe Process ID - 9436 Process Identity - SYSTEM [11-07-2023 22:53:20] New process found: Process Name - winlogon.exe Process ID - 5500 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:53:21] New process found: Process Name - LogonUI.exe Process ID - 16328 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:53:21] New process found: Process Name - dwm.exe Process ID - 15152 Process Identity - Window Manager\DWM-4 [11-07-2023 22:53:24] Process Exited: Process Name - conhost.exe Process ID - 1464 [11-07-2023 22:53:24] Process Exited: Process Name - w3wp.exe Process ID - 15096 Web application pool name - suryaflame.com(domain)(4.0)(pool) [11-07-2023 22:53:31] Process Exited: Process Name - winlogon.exe Process ID - 5500 [11-07-2023 22:53:31] Process Exited: Process Name - csrss.exe Process ID - 9436 [11-07-2023 22:53:31] Process Exited: Process Name - dwm.exe Process ID - 15152 [11-07-2023 22:53:31] Process Exited: Process Name - LogonUI.exe Process ID - 16328 [11-07-2023 22:53:33] New process found: Process Name - csrss.exe Process ID - 10516 Process Identity - SYSTEM [11-07-2023 22:53:33] New process found: Process Name - winlogon.exe Process ID - 12316 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:53:39] New process found: Process Name - LogonUI.exe Process ID - 6172 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:53:39] New process found: Process Name - dwm.exe Process ID - 11408 Process Identity - Window Manager\DWM-4 [11-07-2023 22:53:46] Process Exited: Process Name - LogonUI.exe Process ID - 6172 [11-07-2023 22:53:46] Process Exited: Process Name - csrss.exe Process ID - 10516 [11-07-2023 22:53:46] Process Exited: Process Name - dwm.exe Process ID - 11408 [11-07-2023 22:53:46] Process Exited: Process Name - winlogon.exe Process ID - 12316 [11-07-2023 22:53:47] New process found: Process Name - csrss.exe Process ID - 15420 Process Identity - SYSTEM [11-07-2023 22:53:47] New process found: Process Name - winlogon.exe Process ID - 6656 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:53:48] New process found: Process Name - LogonUI.exe Process ID - 10180 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:53:48] New process found: Process Name - dwm.exe Process ID - 13244 Process Identity - Window Manager\DWM-4 [11-07-2023 22:54:01] New process found: Process Name - w3wp.exe Process ID - 11192 Process Identity - IIS APPPOOL\galaxytools.in Web application pool name - galaxytools.in [11-07-2023 22:54:01] Process Exited: Process Name - winlogon.exe Process ID - 6656 [11-07-2023 22:54:01] Process Exited: Process Name - LogonUI.exe Process ID - 10180 [11-07-2023 22:54:01] Process Exited: Process Name - dwm.exe Process ID - 13244 [11-07-2023 22:54:01] Process Exited: Process Name - csrss.exe Process ID - 15420 [11-07-2023 22:54:05] New process found: Process Name - csrss.exe Process ID - 7672 Process Identity - SYSTEM [11-07-2023 22:54:05] New process found: Process Name - winlogon.exe Process ID - 11296 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:54:06] New process found: Process Name - LogonUI.exe Process ID - 4924 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:54:06] New process found: Process Name - dwm.exe Process ID - 7416 Process Identity - Window Manager\DWM-4 [11-07-2023 22:54:16] Process Exited: Process Name - LogonUI.exe Process ID - 4924 [11-07-2023 22:54:16] Process Exited: Process Name - dwm.exe Process ID - 7416 [11-07-2023 22:54:16] Process Exited: Process Name - csrss.exe Process ID - 7672 [11-07-2023 22:54:16] Process Exited: Process Name - winlogon.exe Process ID - 11296 [11-07-2023 22:54:21] New process found: Process Name - csrss.exe Process ID - 15876 Process Identity - SYSTEM [11-07-2023 22:54:21] New process found: Process Name - winlogon.exe Process ID - 9156 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:54:22] New process found: Process Name - LogonUI.exe Process ID - 2608 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:54:22] New process found: Process Name - dwm.exe Process ID - 11160 Process Identity - Window Manager\DWM-4 [11-07-2023 22:54:31] Process Exited: Process Name - LogonUI.exe Process ID - 2608 [11-07-2023 22:54:31] Process Exited: Process Name - winlogon.exe Process ID - 9156 [11-07-2023 22:54:31] Process Exited: Process Name - dwm.exe Process ID - 11160 [11-07-2023 22:54:31] Process Exited: Process Name - csrss.exe Process ID - 15876 [11-07-2023 22:54:33] New process found: Process Name - csrss.exe Process ID - 15040 Process Identity - SYSTEM [11-07-2023 22:54:33] New process found: Process Name - winlogon.exe Process ID - 8788 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:54:33] New process found: Process Name - LogonUI.exe Process ID - 15128 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:54:33] New process found: Process Name - dwm.exe Process ID - 9744 Process Identity - Window Manager\DWM-4 [11-07-2023 22:54:46] Process Exited: Process Name - winlogon.exe Process ID - 8788 [11-07-2023 22:54:46] Process Exited: Process Name - dwm.exe Process ID - 9744 [11-07-2023 22:54:46] Process Exited: Process Name - csrss.exe Process ID - 15040 [11-07-2023 22:54:46] Process Exited: Process Name - LogonUI.exe Process ID - 15128 [11-07-2023 22:54:53] New process found: Process Name - csrss.exe Process ID - 10612 Process Identity - SYSTEM [11-07-2023 22:54:53] New process found: Process Name - winlogon.exe Process ID - 9740 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:54:55] New process found: Process Name - LogonUI.exe Process ID - 2572 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:54:55] New process found: Process Name - dwm.exe Process ID - 12728 Process Identity - Window Manager\DWM-4 [11-07-2023 22:55:06] Process Exited: Process Name - LogonUI.exe Process ID - 2572 [11-07-2023 22:55:06] Process Exited: Process Name - winlogon.exe Process ID - 9740 [11-07-2023 22:55:06] Process Exited: Process Name - csrss.exe Process ID - 10612 [11-07-2023 22:55:06] Process Exited: Process Name - dwm.exe Process ID - 12728 [11-07-2023 22:55:07] New process found: Process Name - csrss.exe Process ID - 1728 Process Identity - SYSTEM [11-07-2023 22:55:07] New process found: Process Name - winlogon.exe Process ID - 11984 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:55:08] New process found: Process Name - LogonUI.exe Process ID - 7572 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:55:08] New process found: Process Name - dwm.exe Process ID - 4176 Process Identity - Window Manager\DWM-4 [11-07-2023 22:55:21] Process Exited: Process Name - csrss.exe Process ID - 1728 [11-07-2023 22:55:21] Process Exited: Process Name - dwm.exe Process ID - 4176 [11-07-2023 22:55:21] Process Exited: Process Name - LogonUI.exe Process ID - 7572 [11-07-2023 22:55:21] Process Exited: Process Name - winlogon.exe Process ID - 11984 [11-07-2023 22:55:22] New process found: Process Name - csrss.exe Process ID - 14796 Process Identity - SYSTEM [11-07-2023 22:55:22] New process found: Process Name - winlogon.exe Process ID - 10512 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:55:23] New process found: Process Name - LogonUI.exe Process ID - 10228 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:55:23] New process found: Process Name - dwm.exe Process ID - 11944 Process Identity - Window Manager\DWM-4 [11-07-2023 22:55:36] Process Exited: Process Name - LogonUI.exe Process ID - 10228 [11-07-2023 22:55:36] Process Exited: Process Name - winlogon.exe Process ID - 10512 [11-07-2023 22:55:36] Process Exited: Process Name - dwm.exe Process ID - 11944 [11-07-2023 22:55:36] Process Exited: Process Name - csrss.exe Process ID - 14796 [11-07-2023 22:55:45] New process found: Process Name - csrss.exe Process ID - 11544 Process Identity - SYSTEM [11-07-2023 22:55:45] New process found: Process Name - winlogon.exe Process ID - 13752 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:55:47] New process found: Process Name - LogonUI.exe Process ID - 5480 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:55:47] New process found: Process Name - dwm.exe Process ID - 12592 Process Identity - Window Manager\DWM-4 [11-07-2023 22:55:51] Process Exited: Process Name - LogonUI.exe Process ID - 5480 [11-07-2023 22:55:51] Process Exited: Process Name - csrss.exe Process ID - 11544 [11-07-2023 22:55:51] Process Exited: Process Name - dwm.exe Process ID - 12592 [11-07-2023 22:55:51] Process Exited: Process Name - winlogon.exe Process ID - 13752 [11-07-2023 22:55:54] New process found: Process Name - csrss.exe Process ID - 1820 Process Identity - SYSTEM [11-07-2023 22:55:54] New process found: Process Name - winlogon.exe Process ID - 15692 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:55:55] New process found: Process Name - LogonUI.exe Process ID - 1320 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:55:55] New process found: Process Name - dwm.exe Process ID - 6884 Process Identity - Window Manager\DWM-4 [11-07-2023 22:56:06] Process Exited: Process Name - LogonUI.exe Process ID - 1320 [11-07-2023 22:56:06] Process Exited: Process Name - csrss.exe Process ID - 1820 [11-07-2023 22:56:06] Process Exited: Process Name - dwm.exe Process ID - 6884 [11-07-2023 22:56:06] Process Exited: Process Name - winlogon.exe Process ID - 15692 [11-07-2023 22:56:10] New process found: Process Name - csrss.exe Process ID - 11572 Process Identity - SYSTEM [11-07-2023 22:56:10] New process found: Process Name - winlogon.exe Process ID - 13256 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:56:11] New process found: Process Name - LogonUI.exe Process ID - 11004 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:56:11] New process found: Process Name - dwm.exe Process ID - 8968 Process Identity - Window Manager\DWM-4 [11-07-2023 22:56:21] Process Exited: Process Name - dwm.exe Process ID - 8968 [11-07-2023 22:56:21] Process Exited: Process Name - LogonUI.exe Process ID - 11004 [11-07-2023 22:56:21] Process Exited: Process Name - csrss.exe Process ID - 11572 [11-07-2023 22:56:21] Process Exited: Process Name - winlogon.exe Process ID - 13256 [11-07-2023 22:56:22] Process Exited: Process Name - w3wp.exe Process ID - 15956 Web application pool name - justprewedding.com(domain)(4.0)(pool) [11-07-2023 22:56:25] New process found: Process Name - csrss.exe Process ID - 592 Process Identity - SYSTEM [11-07-2023 22:56:25] New process found: Process Name - winlogon.exe Process ID - 11496 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:56:26] New process found: Process Name - LogonUI.exe Process ID - 15656 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:56:26] New process found: Process Name - dwm.exe Process ID - 3456 Process Identity - Window Manager\DWM-4 [11-07-2023 22:56:37] Process Exited: Process Name - csrss.exe Process ID - 592 [11-07-2023 22:56:37] Process Exited: Process Name - dwm.exe Process ID - 3456 [11-07-2023 22:56:37] Process Exited: Process Name - winlogon.exe Process ID - 11496 [11-07-2023 22:56:37] Process Exited: Process Name - LogonUI.exe Process ID - 15656 [11-07-2023 22:56:38] New process found: Process Name - csrss.exe Process ID - 5112 Process Identity - SYSTEM [11-07-2023 22:56:38] New process found: Process Name - winlogon.exe Process ID - 11304 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:56:39] New process found: Process Name - LogonUI.exe Process ID - 16000 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:56:39] New process found: Process Name - dwm.exe Process ID - 11412 Process Identity - Window Manager\DWM-4 [11-07-2023 22:56:42] New process found: Process Name - w3wp.exe Process ID - 14392 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [11-07-2023 22:56:42] Process Exited: Process Name - w3wp.exe Process ID - 6956 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [11-07-2023 22:56:52] Process Exited: Process Name - csrss.exe Process ID - 5112 [11-07-2023 22:56:52] Process Exited: Process Name - winlogon.exe Process ID - 11304 [11-07-2023 22:56:52] Process Exited: Process Name - dwm.exe Process ID - 11412 [11-07-2023 22:56:52] Process Exited: Process Name - LogonUI.exe Process ID - 16000 [11-07-2023 22:56:53] New process found: Process Name - csrss.exe Process ID - 10596 Process Identity - SYSTEM [11-07-2023 22:56:53] New process found: Process Name - winlogon.exe Process ID - 10308 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:56:55] New process found: Process Name - LogonUI.exe Process ID - 9724 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:56:55] New process found: Process Name - dwm.exe Process ID - 9312 Process Identity - Window Manager\DWM-4 [11-07-2023 22:57:08] Process Exited: Process Name - dwm.exe Process ID - 9312 [11-07-2023 22:57:08] Process Exited: Process Name - LogonUI.exe Process ID - 9724 [11-07-2023 22:57:08] Process Exited: Process Name - winlogon.exe Process ID - 10308 [11-07-2023 22:57:08] Process Exited: Process Name - csrss.exe Process ID - 10596 [11-07-2023 22:57:11] New process found: Process Name - csrss.exe Process ID - 6456 Process Identity - SYSTEM [11-07-2023 22:57:11] New process found: Process Name - winlogon.exe Process ID - 14112 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:57:11] New process found: Process Name - LogonUI.exe Process ID - 10132 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:57:11] New process found: Process Name - dwm.exe Process ID - 528 Process Identity - Window Manager\DWM-4 [11-07-2023 22:57:23] Process Exited: Process Name - LogonUI.exe Process ID - 10132 [11-07-2023 22:57:24] Process Exited: Process Name - dwm.exe Process ID - 528 [11-07-2023 22:57:24] Process Exited: Process Name - csrss.exe Process ID - 6456 [11-07-2023 22:57:24] Process Exited: Process Name - winlogon.exe Process ID - 14112 [11-07-2023 22:57:25] New process found: Process Name - csrss.exe Process ID - 11072 Process Identity - SYSTEM [11-07-2023 22:57:25] New process found: Process Name - winlogon.exe Process ID - 10516 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:57:26] New process found: Process Name - LogonUI.exe Process ID - 8016 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:57:26] New process found: Process Name - dwm.exe Process ID - 15008 Process Identity - Window Manager\DWM-4 [11-07-2023 22:57:38] Process Exited: Process Name - LogonUI.exe Process ID - 8016 [11-07-2023 22:57:38] Process Exited: Process Name - winlogon.exe Process ID - 10516 [11-07-2023 22:57:38] Process Exited: Process Name - dwm.exe Process ID - 15008 [11-07-2023 22:57:39] Process Exited: Process Name - csrss.exe Process ID - 11072 [11-07-2023 22:57:41] New process found: Process Name - csrss.exe Process ID - 12980 Process Identity - SYSTEM [11-07-2023 22:57:41] New process found: Process Name - winlogon.exe Process ID - 1332 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:57:42] New process found: Process Name - LogonUI.exe Process ID - 12664 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:57:42] New process found: Process Name - dwm.exe Process ID - 12716 Process Identity - Window Manager\DWM-4 [11-07-2023 22:57:53] Process Exited: Process Name - winlogon.exe Process ID - 1332 [11-07-2023 22:57:53] Process Exited: Process Name - LogonUI.exe Process ID - 12664 [11-07-2023 22:57:53] Process Exited: Process Name - dwm.exe Process ID - 12716 [11-07-2023 22:57:54] Process Exited: Process Name - csrss.exe Process ID - 12980 [11-07-2023 22:57:55] New process found: Process Name - csrss.exe Process ID - 15132 Process Identity - SYSTEM [11-07-2023 22:57:55] New process found: Process Name - winlogon.exe Process ID - 10468 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:57:56] New process found: Process Name - LogonUI.exe Process ID - 12484 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:57:56] New process found: Process Name - dwm.exe Process ID - 6152 Process Identity - Window Manager\DWM-4 [11-07-2023 22:58:08] Process Exited: Process Name - dwm.exe Process ID - 6152 [11-07-2023 22:58:08] Process Exited: Process Name - winlogon.exe Process ID - 10468 [11-07-2023 22:58:08] Process Exited: Process Name - LogonUI.exe Process ID - 12484 [11-07-2023 22:58:08] Process Exited: Process Name - csrss.exe Process ID - 15132 [11-07-2023 22:58:10] New process found: Process Name - csrss.exe Process ID - 6720 Process Identity - SYSTEM [11-07-2023 22:58:10] New process found: Process Name - winlogon.exe Process ID - 9156 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:58:11] New process found: Process Name - LogonUI.exe Process ID - 12064 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:58:11] New process found: Process Name - dwm.exe Process ID - 12944 Process Identity - Window Manager\DWM-4 [11-07-2023 22:58:23] Process Exited: Process Name - winlogon.exe Process ID - 9156 [11-07-2023 22:58:23] Process Exited: Process Name - LogonUI.exe Process ID - 12064 [11-07-2023 22:58:23] Process Exited: Process Name - dwm.exe Process ID - 12944 [11-07-2023 22:58:24] Process Exited: Process Name - csrss.exe Process ID - 6720 [11-07-2023 22:58:25] New process found: Process Name - csrss.exe Process ID - 5800 Process Identity - SYSTEM [11-07-2023 22:58:25] New process found: Process Name - winlogon.exe Process ID - 14932 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:58:26] New process found: Process Name - LogonUI.exe Process ID - 16240 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:58:26] New process found: Process Name - dwm.exe Process ID - 10620 Process Identity - Window Manager\DWM-4 [11-07-2023 22:58:39] Process Exited: Process Name - csrss.exe Process ID - 5800 [11-07-2023 22:58:39] Process Exited: Process Name - dwm.exe Process ID - 10620 [11-07-2023 22:58:39] Process Exited: Process Name - winlogon.exe Process ID - 14932 [11-07-2023 22:58:39] Process Exited: Process Name - LogonUI.exe Process ID - 16240 [11-07-2023 22:58:41] New process found: Process Name - csrss.exe Process ID - 11484 Process Identity - SYSTEM [11-07-2023 22:58:41] New process found: Process Name - winlogon.exe Process ID - 10612 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:58:42] New process found: Process Name - LogonUI.exe Process ID - 14728 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:58:42] New process found: Process Name - dwm.exe Process ID - 15684 Process Identity - Window Manager\DWM-4 [11-07-2023 22:58:49] New process found: Process Name - w3wp.exe Process ID - 10588 Process Identity - KSHITIJSINGHAL-\IWPD_74(suryafla_aw) Web application pool name - suryaflame.com(domain)(4.0)(pool) [11-07-2023 22:58:50] New process found: Process Name - conhost.exe Process ID - 6312 Process Identity - KSHITIJSINGHAL-\IWPD_74(suryafla_aw) [11-07-2023 22:58:54] New process found: Process Name - WmiPrvSE.exe Process ID - 9456 Process Identity - NT AUTHORITY\LOCAL SERVICE [11-07-2023 22:58:54] Process Exited: Process Name - winlogon.exe Process ID - 10612 [11-07-2023 22:58:54] Process Exited: Process Name - csrss.exe Process ID - 11484 [11-07-2023 22:58:54] Process Exited: Process Name - LogonUI.exe Process ID - 14728 [11-07-2023 22:58:54] Process Exited: Process Name - dwm.exe Process ID - 15684 [11-07-2023 22:58:58] New process found: Process Name - csrss.exe Process ID - 7708 Process Identity - SYSTEM [11-07-2023 22:58:58] New process found: Process Name - winlogon.exe Process ID - 6408 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:58:59] New process found: Process Name - LogonUI.exe Process ID - 5088 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:58:59] New process found: Process Name - dwm.exe Process ID - 8656 Process Identity - Window Manager\DWM-4 [11-07-2023 22:59:01] New process found: Process Name - WmiPrvSE.exe Process ID - 5480 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:59:09] Process Exited: Process Name - LogonUI.exe Process ID - 5088 [11-07-2023 22:59:09] Process Exited: Process Name - winlogon.exe Process ID - 6408 [11-07-2023 22:59:09] Process Exited: Process Name - csrss.exe Process ID - 7708 [11-07-2023 22:59:09] Process Exited: Process Name - dwm.exe Process ID - 8656 [11-07-2023 22:59:13] New process found: Process Name - smss.exe Process ID - 11352 Process Identity - SYSTEM [11-07-2023 22:59:13] New process found: Process Name - csrss.exe Process ID - 10744 Process Identity - SYSTEM [11-07-2023 22:59:14] New process found: Process Name - winlogon.exe Process ID - 9832 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:59:14] New process found: Process Name - LogonUI.exe Process ID - 15592 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:59:14] New process found: Process Name - dwm.exe Process ID - 10004 Process Identity - Window Manager\DWM-4 [11-07-2023 22:59:14] Process Exited: Process Name - smss.exe Process ID - 11352 [11-07-2023 22:59:24] Process Exited: Process Name - winlogon.exe Process ID - 9832 [11-07-2023 22:59:24] Process Exited: Process Name - dwm.exe Process ID - 10004 [11-07-2023 22:59:24] Process Exited: Process Name - csrss.exe Process ID - 10744 [11-07-2023 22:59:24] Process Exited: Process Name - LogonUI.exe Process ID - 15592 [11-07-2023 22:59:26] New process found: Process Name - csrss.exe Process ID - 15068 Process Identity - SYSTEM [11-07-2023 22:59:26] New process found: Process Name - winlogon.exe Process ID - 12048 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:59:27] New process found: Process Name - LogonUI.exe Process ID - 6576 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:59:27] New process found: Process Name - dwm.exe Process ID - 14612 Process Identity - Window Manager\DWM-4 [11-07-2023 22:59:39] Process Exited: Process Name - LogonUI.exe Process ID - 6576 [11-07-2023 22:59:39] Process Exited: Process Name - winlogon.exe Process ID - 12048 [11-07-2023 22:59:39] Process Exited: Process Name - dwm.exe Process ID - 14612 [11-07-2023 22:59:39] Process Exited: Process Name - csrss.exe Process ID - 15068 [11-07-2023 22:59:42] New process found: Process Name - csrss.exe Process ID - 15116 Process Identity - SYSTEM [11-07-2023 22:59:42] New process found: Process Name - winlogon.exe Process ID - 7072 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:59:43] New process found: Process Name - LogonUI.exe Process ID - 7408 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:59:43] New process found: Process Name - dwm.exe Process ID - 11396 Process Identity - Window Manager\DWM-4 [11-07-2023 22:59:54] Process Exited: Process Name - winlogon.exe Process ID - 7072 [11-07-2023 22:59:54] Process Exited: Process Name - LogonUI.exe Process ID - 7408 [11-07-2023 22:59:54] Process Exited: Process Name - dwm.exe Process ID - 11396 [11-07-2023 22:59:54] Process Exited: Process Name - csrss.exe Process ID - 15116 [11-07-2023 22:59:56] New process found: Process Name - csrss.exe Process ID - 14736 Process Identity - SYSTEM [11-07-2023 22:59:56] New process found: Process Name - winlogon.exe Process ID - 11496 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:59:57] New process found: Process Name - LogonUI.exe Process ID - 11964 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 22:59:57] New process found: Process Name - dwm.exe Process ID - 2676 Process Identity - Window Manager\DWM-4 [11-07-2023 23:00:09] Process Exited: Process Name - dwm.exe Process ID - 2676 [11-07-2023 23:00:09] Process Exited: Process Name - winlogon.exe Process ID - 11496 [11-07-2023 23:00:09] Process Exited: Process Name - LogonUI.exe Process ID - 11964 [11-07-2023 23:00:09] Process Exited: Process Name - csrss.exe Process ID - 14736 [11-07-2023 23:00:10] New process found: Process Name - csrss.exe Process ID - 11624 Process Identity - SYSTEM [11-07-2023 23:00:10] New process found: Process Name - winlogon.exe Process ID - 12532 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:00:10] New process found: Process Name - LogonUI.exe Process ID - 12644 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:00:10] New process found: Process Name - dwm.exe Process ID - 3380 Process Identity - Window Manager\DWM-4 [11-07-2023 23:00:24] Process Exited: Process Name - dwm.exe Process ID - 3380 [11-07-2023 23:00:24] Process Exited: Process Name - WmiPrvSE.exe Process ID - 5480 [11-07-2023 23:00:24] Process Exited: Process Name - WmiPrvSE.exe Process ID - 9456 [11-07-2023 23:00:24] Process Exited: Process Name - csrss.exe Process ID - 11624 [11-07-2023 23:00:24] Process Exited: Process Name - winlogon.exe Process ID - 12532 [11-07-2023 23:00:24] Process Exited: Process Name - LogonUI.exe Process ID - 12644 [11-07-2023 23:00:25] New process found: Process Name - smss.exe Process ID - 12820 Process Identity - SYSTEM [11-07-2023 23:00:25] New process found: Process Name - csrss.exe Process ID - 11744 Process Identity - SYSTEM [11-07-2023 23:00:26] New process found: Process Name - winlogon.exe Process ID - 13008 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:00:26] Process Exited: Process Name - smss.exe Process ID - 12820 [11-07-2023 23:00:27] New process found: Process Name - LogonUI.exe Process ID - 13432 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:00:27] New process found: Process Name - dwm.exe Process ID - 10300 Process Identity - Window Manager\DWM-4 [11-07-2023 23:00:39] Process Exited: Process Name - dwm.exe Process ID - 10300 [11-07-2023 23:00:39] Process Exited: Process Name - csrss.exe Process ID - 11744 [11-07-2023 23:00:39] Process Exited: Process Name - winlogon.exe Process ID - 13008 [11-07-2023 23:00:39] Process Exited: Process Name - LogonUI.exe Process ID - 13432 [11-07-2023 23:00:40] New process found: Process Name - csrss.exe Process ID - 12252 Process Identity - SYSTEM [11-07-2023 23:00:40] New process found: Process Name - winlogon.exe Process ID - 13400 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:00:42] New process found: Process Name - LogonUI.exe Process ID - 16084 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:00:42] New process found: Process Name - dwm.exe Process ID - 13692 Process Identity - Window Manager\DWM-4 [11-07-2023 23:00:54] Process Exited: Process Name - csrss.exe Process ID - 12252 [11-07-2023 23:00:54] Process Exited: Process Name - winlogon.exe Process ID - 13400 [11-07-2023 23:00:54] Process Exited: Process Name - dwm.exe Process ID - 13692 [11-07-2023 23:00:54] Process Exited: Process Name - LogonUI.exe Process ID - 16084 [11-07-2023 23:00:57] New process found: Process Name - csrss.exe Process ID - 8884 Process Identity - SYSTEM [11-07-2023 23:00:57] New process found: Process Name - winlogon.exe Process ID - 7492 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:00:58] New process found: Process Name - w3wp.exe Process ID - 7600 Process Identity - KSHITIJSINGHAL-\IWPD_38(capitalbook) Web application pool name - capitalbooks-publishing.com(domain)(4.0)(pool) [11-07-2023 23:00:58] New process found: Process Name - LogonUI.exe Process ID - 15032 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:00:58] New process found: Process Name - dwm.exe Process ID - 9932 Process Identity - Window Manager\DWM-4 [11-07-2023 23:01:03] Process Exited: Process Name - w3wp.exe Process ID - 11192 Web application pool name - galaxytools.in [11-07-2023 23:01:09] Process Exited: Process Name - winlogon.exe Process ID - 7492 [11-07-2023 23:01:09] Process Exited: Process Name - csrss.exe Process ID - 8884 [11-07-2023 23:01:09] Process Exited: Process Name - dwm.exe Process ID - 9932 [11-07-2023 23:01:09] Process Exited: Process Name - LogonUI.exe Process ID - 15032 [11-07-2023 23:01:13] New process found: Process Name - csrss.exe Process ID - 15604 Process Identity - SYSTEM [11-07-2023 23:01:13] New process found: Process Name - winlogon.exe Process ID - 10760 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:01:14] New process found: Process Name - LogonUI.exe Process ID - 15156 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:01:14] New process found: Process Name - dwm.exe Process ID - 14924 Process Identity - Window Manager\DWM-4 [11-07-2023 23:01:18] Process Exited: Process Name - conhost.exe Process ID - 3860 [11-07-2023 23:01:18] Process Exited: Process Name - w3wp.exe Process ID - 16072 Web application pool name - kdbps.edu.in [11-07-2023 23:01:24] Process Exited: Process Name - winlogon.exe Process ID - 10760 [11-07-2023 23:01:24] Process Exited: Process Name - dwm.exe Process ID - 14924 [11-07-2023 23:01:24] Process Exited: Process Name - LogonUI.exe Process ID - 15156 [11-07-2023 23:01:24] Process Exited: Process Name - csrss.exe Process ID - 15604 [11-07-2023 23:01:26] New process found: Process Name - csrss.exe Process ID - 15648 Process Identity - SYSTEM [11-07-2023 23:01:26] New process found: Process Name - winlogon.exe Process ID - 10580 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:01:27] New process found: Process Name - LogonUI.exe Process ID - 13816 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:01:27] New process found: Process Name - dwm.exe Process ID - 13872 Process Identity - Window Manager\DWM-4 [11-07-2023 23:01:39] Process Exited: Process Name - winlogon.exe Process ID - 10580 [11-07-2023 23:01:39] Process Exited: Process Name - LogonUI.exe Process ID - 13816 [11-07-2023 23:01:39] Process Exited: Process Name - dwm.exe Process ID - 13872 [11-07-2023 23:01:39] Process Exited: Process Name - csrss.exe Process ID - 15648 [11-07-2023 23:01:42] New process found: Process Name - csrss.exe Process ID - 11592 Process Identity - SYSTEM [11-07-2023 23:01:42] New process found: Process Name - winlogon.exe Process ID - 15576 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:01:42] New process found: Process Name - LogonUI.exe Process ID - 3224 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:01:42] New process found: Process Name - dwm.exe Process ID - 13484 Process Identity - Window Manager\DWM-4 [11-07-2023 23:01:43] New process found: Process Name - w3wp.exe Process ID - 12536 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [11-07-2023 23:01:43] Process Exited: Process Name - w3wp.exe Process ID - 14392 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [11-07-2023 23:01:54] Process Exited: Process Name - LogonUI.exe Process ID - 3224 [11-07-2023 23:01:54] Process Exited: Process Name - csrss.exe Process ID - 11592 [11-07-2023 23:01:54] Process Exited: Process Name - dwm.exe Process ID - 13484 [11-07-2023 23:01:54] Process Exited: Process Name - winlogon.exe Process ID - 15576 [11-07-2023 23:01:55] New process found: Process Name - csrss.exe Process ID - 16124 Process Identity - SYSTEM [11-07-2023 23:01:55] New process found: Process Name - winlogon.exe Process ID - 8784 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:01:56] New process found: Process Name - LogonUI.exe Process ID - 10608 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:01:56] New process found: Process Name - dwm.exe Process ID - 11932 Process Identity - Window Manager\DWM-4 [11-07-2023 23:02:09] Process Exited: Process Name - winlogon.exe Process ID - 8784 [11-07-2023 23:02:09] Process Exited: Process Name - LogonUI.exe Process ID - 10608 [11-07-2023 23:02:09] Process Exited: Process Name - dwm.exe Process ID - 11932 [11-07-2023 23:02:09] Process Exited: Process Name - csrss.exe Process ID - 16124 [11-07-2023 23:02:10] New process found: Process Name - csrss.exe Process ID - 7984 Process Identity - SYSTEM [11-07-2023 23:02:10] New process found: Process Name - winlogon.exe Process ID - 10532 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:02:11] New process found: Process Name - LogonUI.exe Process ID - 996 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:02:11] New process found: Process Name - dwm.exe Process ID - 15572 Process Identity - Window Manager\DWM-4 [11-07-2023 23:02:24] Process Exited: Process Name - LogonUI.exe Process ID - 996 [11-07-2023 23:02:24] Process Exited: Process Name - csrss.exe Process ID - 7984 [11-07-2023 23:02:24] Process Exited: Process Name - winlogon.exe Process ID - 10532 [11-07-2023 23:02:24] Process Exited: Process Name - dwm.exe Process ID - 15572 [11-07-2023 23:02:25] New process found: Process Name - csrss.exe Process ID - 12248 Process Identity - SYSTEM [11-07-2023 23:02:25] New process found: Process Name - winlogon.exe Process ID - 15816 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:02:26] New process found: Process Name - LogonUI.exe Process ID - 11332 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:02:26] New process found: Process Name - dwm.exe Process ID - 12504 Process Identity - Window Manager\DWM-4 [11-07-2023 23:02:39] Process Exited: Process Name - LogonUI.exe Process ID - 11332 [11-07-2023 23:02:39] Process Exited: Process Name - csrss.exe Process ID - 12248 [11-07-2023 23:02:39] Process Exited: Process Name - dwm.exe Process ID - 12504 [11-07-2023 23:02:39] Process Exited: Process Name - winlogon.exe Process ID - 15816 [11-07-2023 23:02:42] New process found: Process Name - csrss.exe Process ID - 2968 Process Identity - SYSTEM [11-07-2023 23:02:42] New process found: Process Name - winlogon.exe Process ID - 10572 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:02:43] New process found: Process Name - LogonUI.exe Process ID - 15508 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:02:43] New process found: Process Name - dwm.exe Process ID - 11004 Process Identity - Window Manager\DWM-4 [11-07-2023 23:02:54] Process Exited: Process Name - csrss.exe Process ID - 2968 [11-07-2023 23:02:54] Process Exited: Process Name - winlogon.exe Process ID - 10572 [11-07-2023 23:02:54] Process Exited: Process Name - dwm.exe Process ID - 11004 [11-07-2023 23:02:54] Process Exited: Process Name - LogonUI.exe Process ID - 15508 [11-07-2023 23:02:58] New process found: Process Name - csrss.exe Process ID - 10752 Process Identity - SYSTEM [11-07-2023 23:02:58] New process found: Process Name - winlogon.exe Process ID - 15336 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:02:59] New process found: Process Name - LogonUI.exe Process ID - 12276 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:02:59] New process found: Process Name - dwm.exe Process ID - 11992 Process Identity - Window Manager\DWM-4 [11-07-2023 23:03:09] Process Exited: Process Name - csrss.exe Process ID - 10752 [11-07-2023 23:03:09] Process Exited: Process Name - dwm.exe Process ID - 11992 [11-07-2023 23:03:09] Process Exited: Process Name - LogonUI.exe Process ID - 12276 [11-07-2023 23:03:09] Process Exited: Process Name - winlogon.exe Process ID - 15336 [11-07-2023 23:03:14] New process found: Process Name - csrss.exe Process ID - 9984 Process Identity - SYSTEM [11-07-2023 23:03:14] New process found: Process Name - winlogon.exe Process ID - 12848 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:03:14] New process found: Process Name - w3wp.exe Process ID - 15200 Process Identity - IIS APPPOOL\adminportal.galaxytools.in Web application pool name - adminportal.galaxytools.in [11-07-2023 23:03:14] New process found: Process Name - LogonUI.exe Process ID - 13876 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:03:14] New process found: Process Name - dwm.exe Process ID - 9144 Process Identity - Window Manager\DWM-4 [11-07-2023 23:03:16] New process found: Process Name - w3wp.exe Process ID - 11996 Process Identity - KSHITIJSINGHAL-\IWPD_14(perfectbrea) Web application pool name - adminportal.perfectbread.com(domain)(4.0)(pool) [11-07-2023 23:03:24] Process Exited: Process Name - dwm.exe Process ID - 9144 [11-07-2023 23:03:24] Process Exited: Process Name - csrss.exe Process ID - 9984 [11-07-2023 23:03:24] Process Exited: Process Name - winlogon.exe Process ID - 12848 [11-07-2023 23:03:24] Process Exited: Process Name - LogonUI.exe Process ID - 13876 [11-07-2023 23:03:25] New process found: Process Name - csrss.exe Process ID - 11876 Process Identity - SYSTEM [11-07-2023 23:03:25] New process found: Process Name - winlogon.exe Process ID - 10416 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:03:27] New process found: Process Name - LogonUI.exe Process ID - 2324 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:03:27] New process found: Process Name - dwm.exe Process ID - 7244 Process Identity - Window Manager\DWM-4 [11-07-2023 23:03:39] Process Exited: Process Name - LogonUI.exe Process ID - 2324 [11-07-2023 23:03:39] Process Exited: Process Name - dwm.exe Process ID - 7244 [11-07-2023 23:03:39] Process Exited: Process Name - winlogon.exe Process ID - 10416 [11-07-2023 23:03:39] Process Exited: Process Name - csrss.exe Process ID - 11876 [11-07-2023 23:03:40] New process found: Process Name - csrss.exe Process ID - 14456 Process Identity - SYSTEM [11-07-2023 23:03:40] New process found: Process Name - winlogon.exe Process ID - 11012 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:03:42] New process found: Process Name - LogonUI.exe Process ID - 15560 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:03:42] New process found: Process Name - dwm.exe Process ID - 12304 Process Identity - Window Manager\DWM-4 [11-07-2023 23:03:54] Process Exited: Process Name - winlogon.exe Process ID - 11012 [11-07-2023 23:03:54] Process Exited: Process Name - dwm.exe Process ID - 12304 [11-07-2023 23:03:54] Process Exited: Process Name - csrss.exe Process ID - 14456 [11-07-2023 23:03:54] Process Exited: Process Name - LogonUI.exe Process ID - 15560 [11-07-2023 23:03:56] New process found: Process Name - csrss.exe Process ID - 11636 Process Identity - SYSTEM [11-07-2023 23:03:56] New process found: Process Name - winlogon.exe Process ID - 3476 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:03:57] New process found: Process Name - LogonUI.exe Process ID - 2440 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:03:57] New process found: Process Name - dwm.exe Process ID - 9324 Process Identity - Window Manager\DWM-4 [11-07-2023 23:04:10] Process Exited: Process Name - LogonUI.exe Process ID - 2440 [11-07-2023 23:04:10] Process Exited: Process Name - winlogon.exe Process ID - 3476 [11-07-2023 23:04:10] Process Exited: Process Name - dwm.exe Process ID - 9324 [11-07-2023 23:04:10] Process Exited: Process Name - csrss.exe Process ID - 11636 [11-07-2023 23:04:12] New process found: Process Name - csrss.exe Process ID - 10220 Process Identity - SYSTEM [11-07-2023 23:04:12] New process found: Process Name - winlogon.exe Process ID - 12664 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:04:12] New process found: Process Name - LogonUI.exe Process ID - 6072 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:04:12] New process found: Process Name - dwm.exe Process ID - 988 Process Identity - Window Manager\DWM-4 [11-07-2023 23:04:25] New process found: Process Name - w3wp.exe Process ID - 13308 Process Identity - IIS APPPOOL\galaxytools.in Web application pool name - galaxytools.in [11-07-2023 23:04:25] Process Exited: Process Name - dwm.exe Process ID - 988 [11-07-2023 23:04:25] Process Exited: Process Name - LogonUI.exe Process ID - 6072 [11-07-2023 23:04:25] Process Exited: Process Name - csrss.exe Process ID - 10220 [11-07-2023 23:04:25] Process Exited: Process Name - winlogon.exe Process ID - 12664 [11-07-2023 23:04:26] New process found: Process Name - csrss.exe Process ID - 8328 Process Identity - SYSTEM [11-07-2023 23:04:26] New process found: Process Name - winlogon.exe Process ID - 10816 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:04:27] New process found: Process Name - LogonUI.exe Process ID - 10940 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:04:27] New process found: Process Name - dwm.exe Process ID - 1328 Process Identity - Window Manager\DWM-4 [11-07-2023 23:04:40] Process Exited: Process Name - dwm.exe Process ID - 1328 [11-07-2023 23:04:40] Process Exited: Process Name - csrss.exe Process ID - 8328 [11-07-2023 23:04:40] Process Exited: Process Name - winlogon.exe Process ID - 10816 [11-07-2023 23:04:40] Process Exited: Process Name - LogonUI.exe Process ID - 10940 [11-07-2023 23:04:41] New process found: Process Name - csrss.exe Process ID - 10948 Process Identity - SYSTEM [11-07-2023 23:04:41] New process found: Process Name - winlogon.exe Process ID - 12324 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:04:42] New process found: Process Name - LogonUI.exe Process ID - 6820 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:04:42] New process found: Process Name - dwm.exe Process ID - 15604 Process Identity - Window Manager\DWM-4 [11-07-2023 23:04:48] New process found: Process Name - w3wp.exe Process ID - 5576 Process Identity - KSHITIJSINGHAL-\IWPD_67(justprew_2v) Web application pool name - justprewedding.com(domain)(4.0)(pool) [11-07-2023 23:04:49] New process found: Process Name - w3wp.exe Process ID - 14496 Process Identity - IIS APPPOOL\shop.galaxytools.in Web application pool name - shop.galaxytools.in [11-07-2023 23:04:55] Process Exited: Process Name - LogonUI.exe Process ID - 6820 [11-07-2023 23:04:55] Process Exited: Process Name - csrss.exe Process ID - 10948 [11-07-2023 23:04:55] Process Exited: Process Name - winlogon.exe Process ID - 12324 [11-07-2023 23:04:55] Process Exited: Process Name - dwm.exe Process ID - 15604 [11-07-2023 23:04:58] New process found: Process Name - csrss.exe Process ID - 11008 Process Identity - SYSTEM [11-07-2023 23:04:58] New process found: Process Name - winlogon.exe Process ID - 7740 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:04:59] New process found: Process Name - LogonUI.exe Process ID - 13460 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:04:59] New process found: Process Name - dwm.exe Process ID - 12872 Process Identity - Window Manager\DWM-4 [11-07-2023 23:05:10] Process Exited: Process Name - winlogon.exe Process ID - 7740 [11-07-2023 23:05:10] Process Exited: Process Name - csrss.exe Process ID - 11008 [11-07-2023 23:05:10] Process Exited: Process Name - dwm.exe Process ID - 12872 [11-07-2023 23:05:10] Process Exited: Process Name - LogonUI.exe Process ID - 13460 [11-07-2023 23:05:11] New process found: Process Name - csrss.exe Process ID - 5068 Process Identity - SYSTEM [11-07-2023 23:05:11] New process found: Process Name - winlogon.exe Process ID - 16308 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:05:12] New process found: Process Name - LogonUI.exe Process ID - 16068 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:05:12] New process found: Process Name - dwm.exe Process ID - 14424 Process Identity - Window Manager\DWM-4 [11-07-2023 23:05:21] New process found: Process Name - w3wp.exe Process ID - 8668 Process Identity - IIS APPPOOL\DefaultAppPool Web application pool name - DefaultAppPool [11-07-2023 23:05:22] New process found: Process Name - w3wp.exe Process ID - 9736 Process Identity - IIS APPPOOL\https-redirect Web application pool name - https-redirect [11-07-2023 23:05:23] New process found: Process Name - MpCmdRun.exe Process ID - 9348 Process Identity - NT AUTHORITY\NETWORK SERVICE [11-07-2023 23:05:24] New process found: Process Name - MpCmdRun.exe Process ID - 10640 Process Identity - NT AUTHORITY\NETWORK SERVICE [11-07-2023 23:05:24] Process Exited: Process Name - MpCmdRun.exe Process ID - 9348 [11-07-2023 23:05:25] New process found: Process Name - w3wp.exe Process ID - 15408 Process Identity - KSHITIJSINGHAL-\IME_ADMIN Web application pool name - MailEnableAppPool [11-07-2023 23:05:26] New process found: Process Name - vbc.exe Process ID - 14788 Process Identity - KSHITIJSINGHAL-\IME_ADMIN [11-07-2023 23:05:26] New process found: Process Name - conhost.exe Process ID - 10564 Process Identity - KSHITIJSINGHAL-\IME_ADMIN [11-07-2023 23:05:28] Process Exited: Process Name - csrss.exe Process ID - 5068 [11-07-2023 23:05:28] Process Exited: Process Name - dwm.exe Process ID - 14424 [11-07-2023 23:05:28] Process Exited: Process Name - LogonUI.exe Process ID - 16068 [11-07-2023 23:05:28] Process Exited: Process Name - winlogon.exe Process ID - 16308 [11-07-2023 23:05:30] New process found: Process Name - csrss.exe Process ID - 176 Process Identity - SYSTEM [11-07-2023 23:05:30] New process found: Process Name - winlogon.exe Process ID - 10396 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:05:32] New process found: Process Name - LogonUI.exe Process ID - 14716 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:05:32] New process found: Process Name - dwm.exe Process ID - 2808 Process Identity - Window Manager\DWM-4 [11-07-2023 23:05:33] New process found: Process Name - vbc.exe Process ID - 12100 Process Identity - KSHITIJSINGHAL-\IME_ADMIN [11-07-2023 23:05:33] New process found: Process Name - conhost.exe Process ID - 14444 Process Identity - KSHITIJSINGHAL-\IME_ADMIN [11-07-2023 23:05:33] Process Exited: Process Name - conhost.exe Process ID - 10564 [11-07-2023 23:05:33] Process Exited: Process Name - vbc.exe Process ID - 14788 [11-07-2023 23:05:34] Process Exited: Process Name - vbc.exe Process ID - 12100 [11-07-2023 23:05:34] Process Exited: Process Name - conhost.exe Process ID - 14444 [11-07-2023 23:05:36] New process found: Process Name - vbc.exe Process ID - 15944 Process Identity - KSHITIJSINGHAL-\IME_ADMIN [11-07-2023 23:05:36] New process found: Process Name - conhost.exe Process ID - 11400 Process Identity - KSHITIJSINGHAL-\IME_ADMIN [11-07-2023 23:05:37] New process found: Process Name - vbc.exe Process ID - 12700 Process Identity - KSHITIJSINGHAL-\IME_ADMIN [11-07-2023 23:05:37] New process found: Process Name - conhost.exe Process ID - 11620 Process Identity - KSHITIJSINGHAL-\IME_ADMIN [11-07-2023 23:05:37] Process Exited: Process Name - conhost.exe Process ID - 11400 [11-07-2023 23:05:37] Process Exited: Process Name - vbc.exe Process ID - 15944 [11-07-2023 23:05:38] New process found: Process Name - vbc.exe Process ID - 15900 Process Identity - KSHITIJSINGHAL-\IME_ADMIN [11-07-2023 23:05:38] New process found: Process Name - conhost.exe Process ID - 13680 Process Identity - KSHITIJSINGHAL-\IME_ADMIN [11-07-2023 23:05:38] Process Exited: Process Name - conhost.exe Process ID - 11620 [11-07-2023 23:05:38] Process Exited: Process Name - vbc.exe Process ID - 12700 [11-07-2023 23:05:39] New process found: Process Name - vbc.exe Process ID - 11640 Process Identity - KSHITIJSINGHAL-\IME_ADMIN [11-07-2023 23:05:39] New process found: Process Name - conhost.exe Process ID - 9460 Process Identity - KSHITIJSINGHAL-\IME_ADMIN [11-07-2023 23:05:39] Process Exited: Process Name - conhost.exe Process ID - 13680 [11-07-2023 23:05:39] Process Exited: Process Name - vbc.exe Process ID - 15900 [11-07-2023 23:05:40] New process found: Process Name - vbc.exe Process ID - 2284 Process Identity - KSHITIJSINGHAL-\IME_ADMIN [11-07-2023 23:05:40] New process found: Process Name - conhost.exe Process ID - 12616 Process Identity - KSHITIJSINGHAL-\IME_ADMIN [11-07-2023 23:05:40] Process Exited: Process Name - conhost.exe Process ID - 9460 [11-07-2023 23:05:40] Process Exited: Process Name - vbc.exe Process ID - 11640 [11-07-2023 23:05:41] New process found: Process Name - vbc.exe Process ID - 12356 Process Identity - KSHITIJSINGHAL-\IME_ADMIN [11-07-2023 23:05:41] New process found: Process Name - conhost.exe Process ID - 12516 Process Identity - SYSTEM [11-07-2023 23:05:41] Process Exited: Process Name - vbc.exe Process ID - 2284 [11-07-2023 23:05:41] Process Exited: Process Name - conhost.exe Process ID - 12616 [11-07-2023 23:05:42] Process Exited: Process Name - vbc.exe Process ID - 12356 [11-07-2023 23:05:42] Process Exited: Process Name - conhost.exe Process ID - 12516 [11-07-2023 23:05:43] Process Exited: Process Name - csrss.exe Process ID - 176 [11-07-2023 23:05:43] Process Exited: Process Name - dwm.exe Process ID - 2808 [11-07-2023 23:05:43] Process Exited: Process Name - winlogon.exe Process ID - 10396 [11-07-2023 23:05:43] Process Exited: Process Name - LogonUI.exe Process ID - 14716 [11-07-2023 23:05:46] New process found: Process Name - csrss.exe Process ID - 14744 Process Identity - SYSTEM [11-07-2023 23:05:46] New process found: Process Name - winlogon.exe Process ID - 11232 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:05:48] New process found: Process Name - LogonUI.exe Process ID - 7152 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:05:48] New process found: Process Name - dwm.exe Process ID - 12812 Process Identity - Window Manager\DWM-4 [11-07-2023 23:05:58] Process Exited: Process Name - LogonUI.exe Process ID - 7152 [11-07-2023 23:05:58] Process Exited: Process Name - winlogon.exe Process ID - 11232 [11-07-2023 23:05:58] Process Exited: Process Name - dwm.exe Process ID - 12812 [11-07-2023 23:05:58] Process Exited: Process Name - csrss.exe Process ID - 14744 [11-07-2023 23:06:00] New process found: Process Name - csrss.exe Process ID - 10632 Process Identity - SYSTEM [11-07-2023 23:06:00] New process found: Process Name - winlogon.exe Process ID - 16004 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:06:00] New process found: Process Name - LogonUI.exe Process ID - 6304 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:06:00] New process found: Process Name - dwm.exe Process ID - 15564 Process Identity - Window Manager\DWM-4 [11-07-2023 23:06:03] New process found: Process Name - GoogleUpdate.exe Process ID - 4048 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:06:03] New process found: Process Name - GoogleUpdate.exe Process ID - 6936 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:06:13] Process Exited: Process Name - LogonUI.exe Process ID - 6304 [11-07-2023 23:06:13] Process Exited: Process Name - csrss.exe Process ID - 10632 [11-07-2023 23:06:13] Process Exited: Process Name - dwm.exe Process ID - 15564 [11-07-2023 23:06:13] Process Exited: Process Name - winlogon.exe Process ID - 16004 [11-07-2023 23:06:16] New process found: Process Name - csrss.exe Process ID - 13464 Process Identity - SYSTEM [11-07-2023 23:06:16] New process found: Process Name - winlogon.exe Process ID - 11344 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:06:17] New process found: Process Name - LogonUI.exe Process ID - 3332 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:06:17] New process found: Process Name - dwm.exe Process ID - 6484 Process Identity - Window Manager\DWM-4 [11-07-2023 23:06:28] Process Exited: Process Name - LogonUI.exe Process ID - 3332 [11-07-2023 23:06:28] Process Exited: Process Name - dwm.exe Process ID - 6484 [11-07-2023 23:06:28] Process Exited: Process Name - winlogon.exe Process ID - 11344 [11-07-2023 23:06:28] Process Exited: Process Name - csrss.exe Process ID - 13464 [11-07-2023 23:06:30] New process found: Process Name - csrss.exe Process ID - 12460 Process Identity - SYSTEM [11-07-2023 23:06:30] New process found: Process Name - winlogon.exe Process ID - 12440 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:06:30] New process found: Process Name - LogonUI.exe Process ID - 13868 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:06:30] New process found: Process Name - dwm.exe Process ID - 14344 Process Identity - Window Manager\DWM-4 [11-07-2023 23:06:31] New process found: Process Name - w3wp.exe Process ID - 9300 Process Identity - IIS APPPOOL\kdbps.edu.in Web application pool name - kdbps.edu.in [11-07-2023 23:06:31] New process found: Process Name - conhost.exe Process ID - 13736 Process Identity - IIS APPPOOL\kdbps.edu.in [11-07-2023 23:06:42] New process found: Process Name - w3wp.exe Process ID - 15720 Process Identity - KSHITIJSINGHAL-\IWPD_6(cies) Web application pool name - cies.org.in(domain)(4.0)(pool) [11-07-2023 23:06:43] Process Exited: Process Name - winlogon.exe Process ID - 12440 [11-07-2023 23:06:43] Process Exited: Process Name - LogonUI.exe Process ID - 13868 [11-07-2023 23:06:43] Process Exited: Process Name - dwm.exe Process ID - 14344 [11-07-2023 23:06:44] Process Exited: Process Name - csrss.exe Process ID - 12460 [11-07-2023 23:06:45] New process found: Process Name - w3wp.exe Process ID - 10732 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [11-07-2023 23:06:45] Process Exited: Process Name - w3wp.exe Process ID - 12536 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [11-07-2023 23:06:47] New process found: Process Name - csrss.exe Process ID - 12636 Process Identity - SYSTEM [11-07-2023 23:06:47] New process found: Process Name - winlogon.exe Process ID - 12208 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:06:47] New process found: Process Name - GoogleUpdate.exe Process ID - 13368 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:06:47] Service state changed: Service Name - gupdate Process ID - 13368 Current State - SERVICE_RUNNING [11-07-2023 23:06:49] New process found: Process Name - LogonUI.exe Process ID - 792 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:06:49] New process found: Process Name - dwm.exe Process ID - 14524 Process Identity - Window Manager\DWM-4 [11-07-2023 23:06:49] Process Exited: Process Name - GoogleUpdate.exe Process ID - 6936 [11-07-2023 23:06:49] Process Exited: Process Name - GoogleUpdate.exe Process ID - 13368 [11-07-2023 23:06:49] Service state changed: Service Name - gupdate Process ID - 0 Current State - SERVICE_STOPPED [11-07-2023 23:06:58] Process Exited: Process Name - LogonUI.exe Process ID - 792 [11-07-2023 23:06:58] Process Exited: Process Name - winlogon.exe Process ID - 12208 [11-07-2023 23:06:58] Process Exited: Process Name - csrss.exe Process ID - 12636 [11-07-2023 23:06:58] Process Exited: Process Name - dwm.exe Process ID - 14524 [11-07-2023 23:07:00] New process found: Process Name - csrss.exe Process ID - 6816 Process Identity - SYSTEM [11-07-2023 23:07:00] New process found: Process Name - winlogon.exe Process ID - 5664 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:07:00] New process found: Process Name - cmd.exe Process ID - 11688 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:07:00] New process found: Process Name - conhost.exe Process ID - 12840 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:07:00] New process found: Process Name - runtask.exe Process ID - 15272 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:07:00] Process Exited: Process Name - w3wp.exe Process ID - 7600 Web application pool name - capitalbooks-publishing.com(domain)(4.0)(pool) [11-07-2023 23:07:01] New process found: Process Name - dllhost.exe Process ID - 11008 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:07:01] New process found: Process Name - php.exe Process ID - 14552 Process Identity - KSHITIJSINGHAL-\psaadm [11-07-2023 23:07:01] New process found: Process Name - conhost.exe Process ID - 13372 Process Identity - KSHITIJSINGHAL-\psaadm [11-07-2023 23:07:02] New process found: Process Name - LogonUI.exe Process ID - 13012 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:07:02] New process found: Process Name - dwm.exe Process ID - 15724 Process Identity - Window Manager\DWM-4 [11-07-2023 23:07:03] Process Exited: Process Name - cmd.exe Process ID - 11688 [11-07-2023 23:07:03] Process Exited: Process Name - conhost.exe Process ID - 12840 [11-07-2023 23:07:03] Process Exited: Process Name - conhost.exe Process ID - 13372 [11-07-2023 23:07:03] Process Exited: Process Name - php.exe Process ID - 14552 [11-07-2023 23:07:03] Process Exited: Process Name - runtask.exe Process ID - 15272 [11-07-2023 23:07:06] Process Exited: Process Name - dllhost.exe Process ID - 11008 [11-07-2023 23:07:13] Process Exited: Process Name - LogonUI.exe Process ID - 13012 [11-07-2023 23:07:14] Process Exited: Process Name - winlogon.exe Process ID - 5664 [11-07-2023 23:07:14] Process Exited: Process Name - csrss.exe Process ID - 6816 [11-07-2023 23:07:14] Process Exited: Process Name - dwm.exe Process ID - 15724 [11-07-2023 23:07:18] New process found: Process Name - csrss.exe Process ID - 15924 Process Identity - SYSTEM [11-07-2023 23:07:18] New process found: Process Name - winlogon.exe Process ID - 1320 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:07:22] New process found: Process Name - LogonUI.exe Process ID - 11260 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:07:22] New process found: Process Name - dwm.exe Process ID - 10380 Process Identity - Window Manager\DWM-4 [11-07-2023 23:07:28] Process Exited: Process Name - winlogon.exe Process ID - 1320 [11-07-2023 23:07:28] Process Exited: Process Name - dwm.exe Process ID - 10380 [11-07-2023 23:07:28] Process Exited: Process Name - LogonUI.exe Process ID - 11260 [11-07-2023 23:07:29] Process Exited: Process Name - csrss.exe Process ID - 15924 [11-07-2023 23:07:33] New process found: Process Name - csrss.exe Process ID - 7044 Process Identity - SYSTEM [11-07-2023 23:07:33] New process found: Process Name - winlogon.exe Process ID - 12700 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:07:34] New process found: Process Name - LogonUI.exe Process ID - 6780 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:07:34] New process found: Process Name - dwm.exe Process ID - 7664 Process Identity - Window Manager\DWM-4 [11-07-2023 23:07:43] Process Exited: Process Name - LogonUI.exe Process ID - 6780 [11-07-2023 23:07:43] Process Exited: Process Name - dwm.exe Process ID - 7664 [11-07-2023 23:07:43] Process Exited: Process Name - winlogon.exe Process ID - 12700 [11-07-2023 23:07:44] Process Exited: Process Name - csrss.exe Process ID - 7044 [11-07-2023 23:07:45] New process found: Process Name - csrss.exe Process ID - 10692 Process Identity - SYSTEM [11-07-2023 23:07:45] New process found: Process Name - winlogon.exe Process ID - 12368 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:07:48] New process found: Process Name - LogonUI.exe Process ID - 9912 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:07:48] New process found: Process Name - dwm.exe Process ID - 13420 Process Identity - Window Manager\DWM-4 [11-07-2023 23:07:59] Process Exited: Process Name - LogonUI.exe Process ID - 9912 [11-07-2023 23:07:59] Process Exited: Process Name - csrss.exe Process ID - 10692 [11-07-2023 23:07:59] Process Exited: Process Name - winlogon.exe Process ID - 12368 [11-07-2023 23:07:59] Process Exited: Process Name - dwm.exe Process ID - 13420 [11-07-2023 23:08:00] New process found: Process Name - csrss.exe Process ID - 13600 Process Identity - SYSTEM [11-07-2023 23:08:00] New process found: Process Name - winlogon.exe Process ID - 7892 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:08:01] New process found: Process Name - LogonUI.exe Process ID - 13976 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:08:01] New process found: Process Name - dwm.exe Process ID - 9456 Process Identity - Window Manager\DWM-4 [11-07-2023 23:08:13] Process Exited: Process Name - winlogon.exe Process ID - 7892 [11-07-2023 23:08:13] Process Exited: Process Name - dwm.exe Process ID - 9456 [11-07-2023 23:08:13] Process Exited: Process Name - LogonUI.exe Process ID - 13976 [11-07-2023 23:08:14] Process Exited: Process Name - csrss.exe Process ID - 13600 [11-07-2023 23:08:15] New process found: Process Name - csrss.exe Process ID - 6916 Process Identity - SYSTEM [11-07-2023 23:08:15] New process found: Process Name - winlogon.exe Process ID - 10308 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:08:16] New process found: Process Name - LogonUI.exe Process ID - 12024 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:08:16] New process found: Process Name - dwm.exe Process ID - 11876 Process Identity - Window Manager\DWM-4 [11-07-2023 23:08:28] Process Exited: Process Name - csrss.exe Process ID - 6916 [11-07-2023 23:08:28] Process Exited: Process Name - winlogon.exe Process ID - 10308 [11-07-2023 23:08:28] Process Exited: Process Name - dwm.exe Process ID - 11876 [11-07-2023 23:08:28] Process Exited: Process Name - LogonUI.exe Process ID - 12024 [11-07-2023 23:08:33] New process found: Process Name - csrss.exe Process ID - 11012 Process Identity - SYSTEM [11-07-2023 23:08:33] New process found: Process Name - winlogon.exe Process ID - 15972 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:08:37] New process found: Process Name - LogonUI.exe Process ID - 1428 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:08:37] New process found: Process Name - dwm.exe Process ID - 10812 Process Identity - Window Manager\DWM-4 [11-07-2023 23:08:43] Process Exited: Process Name - LogonUI.exe Process ID - 1428 [11-07-2023 23:08:43] Process Exited: Process Name - dwm.exe Process ID - 10812 [11-07-2023 23:08:43] Process Exited: Process Name - winlogon.exe Process ID - 15972 [11-07-2023 23:08:44] Process Exited: Process Name - csrss.exe Process ID - 11012 [11-07-2023 23:08:48] New process found: Process Name - csrss.exe Process ID - 13464 Process Identity - SYSTEM [11-07-2023 23:08:48] New process found: Process Name - winlogon.exe Process ID - 12556 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:08:49] New process found: Process Name - LogonUI.exe Process ID - 12308 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:08:49] New process found: Process Name - dwm.exe Process ID - 9164 Process Identity - Window Manager\DWM-4 [11-07-2023 23:08:54] New process found: Process Name - WmiPrvSE.exe Process ID - 16260 Process Identity - NT AUTHORITY\LOCAL SERVICE [11-07-2023 23:08:58] Process Exited: Process Name - dwm.exe Process ID - 9164 [11-07-2023 23:08:58] Process Exited: Process Name - LogonUI.exe Process ID - 12308 [11-07-2023 23:08:58] Process Exited: Process Name - winlogon.exe Process ID - 12556 [11-07-2023 23:08:59] Process Exited: Process Name - csrss.exe Process ID - 13464 [11-07-2023 23:09:01] New process found: Process Name - csrss.exe Process ID - 7712 Process Identity - SYSTEM [11-07-2023 23:09:01] New process found: Process Name - WmiPrvSE.exe Process ID - 6064 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:09:01] New process found: Process Name - winlogon.exe Process ID - 8708 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:09:02] New process found: Process Name - LogonUI.exe Process ID - 11136 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:09:02] New process found: Process Name - dwm.exe Process ID - 6936 Process Identity - Window Manager\DWM-4 [11-07-2023 23:09:13] Process Exited: Process Name - dwm.exe Process ID - 6936 [11-07-2023 23:09:13] Process Exited: Process Name - winlogon.exe Process ID - 8708 [11-07-2023 23:09:13] Process Exited: Process Name - LogonUI.exe Process ID - 11136 [11-07-2023 23:09:14] Process Exited: Process Name - csrss.exe Process ID - 7712 [11-07-2023 23:09:16] Process Exited: Process Name - w3wp.exe Process ID - 15200 Web application pool name - adminportal.galaxytools.in [11-07-2023 23:09:18] Process Exited: Process Name - w3wp.exe Process ID - 11996 Web application pool name - adminportal.perfectbread.com(domain)(4.0)(pool) [11-07-2023 23:09:21] New process found: Process Name - csrss.exe Process ID - 15568 Process Identity - SYSTEM [11-07-2023 23:09:21] New process found: Process Name - winlogon.exe Process ID - 11188 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:09:22] New process found: Process Name - LogonUI.exe Process ID - 12360 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:09:22] New process found: Process Name - dwm.exe Process ID - 15028 Process Identity - Window Manager\DWM-4 [11-07-2023 23:09:33] Process Exited: Process Name - winlogon.exe Process ID - 11188 [11-07-2023 23:09:33] Process Exited: Process Name - LogonUI.exe Process ID - 12360 [11-07-2023 23:09:33] Process Exited: Process Name - dwm.exe Process ID - 15028 [11-07-2023 23:09:34] Process Exited: Process Name - csrss.exe Process ID - 15568 [11-07-2023 23:09:38] New process found: Process Name - csrss.exe Process ID - 1104 Process Identity - SYSTEM [11-07-2023 23:09:38] New process found: Process Name - winlogon.exe Process ID - 11468 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:09:39] New process found: Process Name - LogonUI.exe Process ID - 14128 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:09:39] New process found: Process Name - dwm.exe Process ID - 11580 Process Identity - Window Manager\DWM-4 [11-07-2023 23:09:48] Process Exited: Process Name - winlogon.exe Process ID - 11468 [11-07-2023 23:09:48] Process Exited: Process Name - dwm.exe Process ID - 11580 [11-07-2023 23:09:48] Process Exited: Process Name - LogonUI.exe Process ID - 14128 [11-07-2023 23:09:49] Process Exited: Process Name - csrss.exe Process ID - 1104 [11-07-2023 23:09:51] New process found: Process Name - csrss.exe Process ID - 9352 Process Identity - SYSTEM [11-07-2023 23:09:51] New process found: Process Name - winlogon.exe Process ID - 12720 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:09:51] Process Exited: Process Name - conhost.exe Process ID - 6312 [11-07-2023 23:09:51] Process Exited: Process Name - w3wp.exe Process ID - 10588 Web application pool name - suryaflame.com(domain)(4.0)(pool) [11-07-2023 23:09:52] New process found: Process Name - w3wp.exe Process ID - 13412 Process Identity - KSHITIJSINGHAL-\IWPD_74(suryafla_aw) Web application pool name - suryaflame.com(domain)(4.0)(pool) [11-07-2023 23:09:52] New process found: Process Name - conhost.exe Process ID - 7436 Process Identity - KSHITIJSINGHAL-\IWPD_74(suryafla_aw) [11-07-2023 23:09:53] New process found: Process Name - LogonUI.exe Process ID - 15364 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:09:53] New process found: Process Name - dwm.exe Process ID - 15900 Process Identity - Window Manager\DWM-4 [11-07-2023 23:10:03] Process Exited: Process Name - csrss.exe Process ID - 9352 [11-07-2023 23:10:03] Process Exited: Process Name - winlogon.exe Process ID - 12720 [11-07-2023 23:10:03] Process Exited: Process Name - LogonUI.exe Process ID - 15364 [11-07-2023 23:10:03] Process Exited: Process Name - dwm.exe Process ID - 15900 [11-07-2023 23:10:05] New process found: Process Name - csrss.exe Process ID - 7072 Process Identity - SYSTEM [11-07-2023 23:10:05] New process found: Process Name - winlogon.exe Process ID - 1272 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:10:05] New process found: Process Name - LogonUI.exe Process ID - 8248 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:10:05] New process found: Process Name - dwm.exe Process ID - 14132 Process Identity - Window Manager\DWM-4 [11-07-2023 23:10:19] Process Exited: Process Name - winlogon.exe Process ID - 1272 [11-07-2023 23:10:19] Process Exited: Process Name - LogonUI.exe Process ID - 8248 [11-07-2023 23:10:19] Process Exited: Process Name - dwm.exe Process ID - 14132 [11-07-2023 23:10:20] Process Exited: Process Name - csrss.exe Process ID - 7072 [11-07-2023 23:10:21] New process found: Process Name - csrss.exe Process ID - 6720 Process Identity - SYSTEM [11-07-2023 23:10:21] New process found: Process Name - winlogon.exe Process ID - 14744 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:10:22] New process found: Process Name - LogonUI.exe Process ID - 13688 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:10:22] New process found: Process Name - dwm.exe Process ID - 11984 Process Identity - Window Manager\DWM-4 [11-07-2023 23:10:25] Process Exited: Process Name - WmiPrvSE.exe Process ID - 6064 [11-07-2023 23:10:25] Process Exited: Process Name - WmiPrvSE.exe Process ID - 16260 [11-07-2023 23:10:34] Process Exited: Process Name - dwm.exe Process ID - 11984 [11-07-2023 23:10:34] Process Exited: Process Name - LogonUI.exe Process ID - 13688 [11-07-2023 23:10:34] Process Exited: Process Name - winlogon.exe Process ID - 14744 [11-07-2023 23:10:35] Process Exited: Process Name - csrss.exe Process ID - 6720 [11-07-2023 23:10:41] New process found: Process Name - csrss.exe Process ID - 9732 Process Identity - SYSTEM [11-07-2023 23:10:41] New process found: Process Name - winlogon.exe Process ID - 5648 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:10:42] New process found: Process Name - LogonUI.exe Process ID - 11268 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:10:42] New process found: Process Name - dwm.exe Process ID - 4964 Process Identity - Window Manager\DWM-4 [11-07-2023 23:10:51] Process Exited: Process Name - w3wp.exe Process ID - 5576 Web application pool name - justprewedding.com(domain)(4.0)(pool) [11-07-2023 23:10:52] Process Exited: Process Name - w3wp.exe Process ID - 14496 Web application pool name - shop.galaxytools.in [11-07-2023 23:10:54] Process Exited: Process Name - dwm.exe Process ID - 4964 [11-07-2023 23:10:54] Process Exited: Process Name - winlogon.exe Process ID - 5648 [11-07-2023 23:10:54] Process Exited: Process Name - csrss.exe Process ID - 9732 [11-07-2023 23:10:54] Process Exited: Process Name - LogonUI.exe Process ID - 11268 [11-07-2023 23:10:56] New process found: Process Name - csrss.exe Process ID - 15124 Process Identity - SYSTEM [11-07-2023 23:10:56] New process found: Process Name - winlogon.exe Process ID - 2060 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:10:58] New process found: Process Name - LogonUI.exe Process ID - 14376 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:10:58] New process found: Process Name - dwm.exe Process ID - 10256 Process Identity - Window Manager\DWM-4 [11-07-2023 23:11:09] Process Exited: Process Name - winlogon.exe Process ID - 2060 [11-07-2023 23:11:09] Process Exited: Process Name - dwm.exe Process ID - 10256 [11-07-2023 23:11:09] Process Exited: Process Name - LogonUI.exe Process ID - 14376 [11-07-2023 23:11:09] Process Exited: Process Name - csrss.exe Process ID - 15124 [11-07-2023 23:11:12] New process found: Process Name - csrss.exe Process ID - 14368 Process Identity - SYSTEM [11-07-2023 23:11:12] New process found: Process Name - winlogon.exe Process ID - 15472 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:11:13] New process found: Process Name - LogonUI.exe Process ID - 8704 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:11:13] New process found: Process Name - dwm.exe Process ID - 15032 Process Identity - Window Manager\DWM-4 [11-07-2023 23:11:23] Process Exited: Process Name - w3wp.exe Process ID - 8668 Web application pool name - DefaultAppPool [11-07-2023 23:11:24] Process Exited: Process Name - LogonUI.exe Process ID - 8704 [11-07-2023 23:11:24] Process Exited: Process Name - w3wp.exe Process ID - 9736 Web application pool name - https-redirect [11-07-2023 23:11:24] Process Exited: Process Name - csrss.exe Process ID - 14368 [11-07-2023 23:11:24] Process Exited: Process Name - dwm.exe Process ID - 15032 [11-07-2023 23:11:24] Process Exited: Process Name - winlogon.exe Process ID - 15472 [11-07-2023 23:11:26] New process found: Process Name - csrss.exe Process ID - 11444 Process Identity - SYSTEM [11-07-2023 23:11:26] New process found: Process Name - winlogon.exe Process ID - 9584 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:11:26] New process found: Process Name - LogonUI.exe Process ID - 6656 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:11:26] New process found: Process Name - dwm.exe Process ID - 14640 Process Identity - Window Manager\DWM-4 [11-07-2023 23:11:27] Process Exited: Process Name - w3wp.exe Process ID - 15408 Web application pool name - MailEnableAppPool [11-07-2023 23:11:39] Process Exited: Process Name - LogonUI.exe Process ID - 6656 [11-07-2023 23:11:39] Process Exited: Process Name - winlogon.exe Process ID - 9584 [11-07-2023 23:11:39] Process Exited: Process Name - csrss.exe Process ID - 11444 [11-07-2023 23:11:39] Process Exited: Process Name - dwm.exe Process ID - 14640 [11-07-2023 23:11:41] New process found: Process Name - csrss.exe Process ID - 11844 Process Identity - SYSTEM [11-07-2023 23:11:41] New process found: Process Name - winlogon.exe Process ID - 13636 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:11:41] New process found: Process Name - LogonUI.exe Process ID - 13000 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:11:41] New process found: Process Name - dwm.exe Process ID - 10820 Process Identity - Window Manager\DWM-4 [11-07-2023 23:11:46] New process found: Process Name - w3wp.exe Process ID - 12272 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [11-07-2023 23:11:46] Process Exited: Process Name - w3wp.exe Process ID - 10732 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [11-07-2023 23:11:54] Process Exited: Process Name - dwm.exe Process ID - 10820 [11-07-2023 23:11:54] Process Exited: Process Name - csrss.exe Process ID - 11844 [11-07-2023 23:11:54] Process Exited: Process Name - LogonUI.exe Process ID - 13000 [11-07-2023 23:11:54] Process Exited: Process Name - winlogon.exe Process ID - 13636 [11-07-2023 23:11:56] New process found: Process Name - csrss.exe Process ID - 15628 Process Identity - SYSTEM [11-07-2023 23:11:56] New process found: Process Name - winlogon.exe Process ID - 8300 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:11:58] New process found: Process Name - LogonUI.exe Process ID - 13204 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:11:58] New process found: Process Name - dwm.exe Process ID - 8748 Process Identity - Window Manager\DWM-4 [11-07-2023 23:12:09] Process Exited: Process Name - winlogon.exe Process ID - 8300 [11-07-2023 23:12:09] Process Exited: Process Name - dwm.exe Process ID - 8748 [11-07-2023 23:12:09] Process Exited: Process Name - LogonUI.exe Process ID - 13204 [11-07-2023 23:12:09] Process Exited: Process Name - csrss.exe Process ID - 15628 [11-07-2023 23:12:10] New process found: Process Name - csrss.exe Process ID - 8776 Process Identity - SYSTEM [11-07-2023 23:12:10] New process found: Process Name - winlogon.exe Process ID - 13012 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:12:12] New process found: Process Name - LogonUI.exe Process ID - 11440 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:12:12] New process found: Process Name - dwm.exe Process ID - 9800 Process Identity - Window Manager\DWM-4 [11-07-2023 23:12:24] Process Exited: Process Name - csrss.exe Process ID - 8776 [11-07-2023 23:12:24] Process Exited: Process Name - dwm.exe Process ID - 9800 [11-07-2023 23:12:24] Process Exited: Process Name - LogonUI.exe Process ID - 11440 [11-07-2023 23:12:24] Process Exited: Process Name - winlogon.exe Process ID - 13012 [11-07-2023 23:12:29] New process found: Process Name - csrss.exe Process ID - 11476 Process Identity - SYSTEM [11-07-2023 23:12:29] New process found: Process Name - winlogon.exe Process ID - 6760 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:12:30] New process found: Process Name - LogonUI.exe Process ID - 12064 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:12:30] New process found: Process Name - dwm.exe Process ID - 10928 Process Identity - Window Manager\DWM-4 [11-07-2023 23:12:39] Process Exited: Process Name - winlogon.exe Process ID - 6760 [11-07-2023 23:12:39] Process Exited: Process Name - dwm.exe Process ID - 10928 [11-07-2023 23:12:39] Process Exited: Process Name - csrss.exe Process ID - 11476 [11-07-2023 23:12:39] Process Exited: Process Name - LogonUI.exe Process ID - 12064 [11-07-2023 23:12:41] New process found: Process Name - csrss.exe Process ID - 10164 Process Identity - SYSTEM [11-07-2023 23:12:41] New process found: Process Name - winlogon.exe Process ID - 3992 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:12:42] New process found: Process Name - LogonUI.exe Process ID - 6204 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:12:42] New process found: Process Name - dwm.exe Process ID - 14828 Process Identity - Window Manager\DWM-4 [11-07-2023 23:12:45] Process Exited: Process Name - w3wp.exe Process ID - 15720 Web application pool name - cies.org.in(domain)(4.0)(pool) [11-07-2023 23:12:54] Process Exited: Process Name - winlogon.exe Process ID - 3992 [11-07-2023 23:12:54] Process Exited: Process Name - LogonUI.exe Process ID - 6204 [11-07-2023 23:12:54] Process Exited: Process Name - csrss.exe Process ID - 10164 [11-07-2023 23:12:54] Process Exited: Process Name - dwm.exe Process ID - 14828 [11-07-2023 23:12:59] New process found: Process Name - csrss.exe Process ID - 8988 Process Identity - SYSTEM [11-07-2023 23:12:59] New process found: Process Name - winlogon.exe Process ID - 10396 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:13:00] New process found: Process Name - LogonUI.exe Process ID - 14384 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:13:00] New process found: Process Name - dwm.exe Process ID - 10252 Process Identity - Window Manager\DWM-4 [11-07-2023 23:13:09] Process Exited: Process Name - csrss.exe Process ID - 8988 [11-07-2023 23:13:09] Process Exited: Process Name - dwm.exe Process ID - 10252 [11-07-2023 23:13:09] Process Exited: Process Name - winlogon.exe Process ID - 10396 [11-07-2023 23:13:09] Process Exited: Process Name - LogonUI.exe Process ID - 14384 [11-07-2023 23:13:12] New process found: Process Name - csrss.exe Process ID - 15392 Process Identity - SYSTEM [11-07-2023 23:13:12] New process found: Process Name - winlogon.exe Process ID - 13496 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:13:13] New process found: Process Name - LogonUI.exe Process ID - 12212 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:13:13] New process found: Process Name - dwm.exe Process ID - 10944 Process Identity - Window Manager\DWM-4 [11-07-2023 23:13:25] Process Exited: Process Name - dwm.exe Process ID - 10944 [11-07-2023 23:13:25] Process Exited: Process Name - LogonUI.exe Process ID - 12212 [11-07-2023 23:13:25] Process Exited: Process Name - winlogon.exe Process ID - 13496 [11-07-2023 23:13:25] Process Exited: Process Name - csrss.exe Process ID - 15392 [11-07-2023 23:13:26] New process found: Process Name - csrss.exe Process ID - 12068 Process Identity - SYSTEM [11-07-2023 23:13:26] New process found: Process Name - winlogon.exe Process ID - 14604 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:13:27] New process found: Process Name - LogonUI.exe Process ID - 7728 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:13:27] New process found: Process Name - dwm.exe Process ID - 15828 Process Identity - Window Manager\DWM-4 [11-07-2023 23:13:39] Process Exited: Process Name - LogonUI.exe Process ID - 7728 [11-07-2023 23:13:39] Process Exited: Process Name - csrss.exe Process ID - 12068 [11-07-2023 23:13:39] Process Exited: Process Name - winlogon.exe Process ID - 14604 [11-07-2023 23:13:39] Process Exited: Process Name - dwm.exe Process ID - 15828 [11-07-2023 23:13:44] New process found: Process Name - csrss.exe Process ID - 11140 Process Identity - SYSTEM [11-07-2023 23:13:44] New process found: Process Name - winlogon.exe Process ID - 16380 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:13:45] New process found: Process Name - LogonUI.exe Process ID - 13400 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:13:45] New process found: Process Name - dwm.exe Process ID - 5500 Process Identity - Window Manager\DWM-4 [11-07-2023 23:13:54] Process Exited: Process Name - dwm.exe Process ID - 5500 [11-07-2023 23:13:54] Process Exited: Process Name - csrss.exe Process ID - 11140 [11-07-2023 23:13:54] Process Exited: Process Name - LogonUI.exe Process ID - 13400 [11-07-2023 23:13:54] Process Exited: Process Name - winlogon.exe Process ID - 16380 [11-07-2023 23:13:56] New process found: Process Name - csrss.exe Process ID - 14388 Process Identity - SYSTEM [11-07-2023 23:13:56] New process found: Process Name - winlogon.exe Process ID - 15156 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:13:56] New process found: Process Name - LogonUI.exe Process ID - 9244 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:13:56] New process found: Process Name - dwm.exe Process ID - 13384 Process Identity - Window Manager\DWM-4 [11-07-2023 23:14:09] Process Exited: Process Name - LogonUI.exe Process ID - 9244 [11-07-2023 23:14:09] Process Exited: Process Name - dwm.exe Process ID - 13384 [11-07-2023 23:14:09] Process Exited: Process Name - csrss.exe Process ID - 14388 [11-07-2023 23:14:09] Process Exited: Process Name - winlogon.exe Process ID - 15156 [11-07-2023 23:14:10] New process found: Process Name - smss.exe Process ID - 9312 Process Identity - SYSTEM [11-07-2023 23:14:10] New process found: Process Name - csrss.exe Process ID - 16280 Process Identity - SYSTEM [11-07-2023 23:14:11] New process found: Process Name - winlogon.exe Process ID - 1164 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:14:11] New process found: Process Name - LogonUI.exe Process ID - 11980 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:14:11] New process found: Process Name - dwm.exe Process ID - 15224 Process Identity - Window Manager\DWM-4 [11-07-2023 23:14:11] Process Exited: Process Name - smss.exe Process ID - 9312 [11-07-2023 23:14:24] Process Exited: Process Name - winlogon.exe Process ID - 1164 [11-07-2023 23:14:24] Process Exited: Process Name - LogonUI.exe Process ID - 11980 [11-07-2023 23:14:24] Process Exited: Process Name - dwm.exe Process ID - 15224 [11-07-2023 23:14:24] Process Exited: Process Name - csrss.exe Process ID - 16280 [11-07-2023 23:14:25] New process found: Process Name - smss.exe Process ID - 15076 Process Identity - SYSTEM [11-07-2023 23:14:25] New process found: Process Name - csrss.exe Process ID - 9816 Process Identity - SYSTEM [11-07-2023 23:14:26] New process found: Process Name - winlogon.exe Process ID - 13880 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:14:26] New process found: Process Name - LogonUI.exe Process ID - 14276 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:14:26] New process found: Process Name - dwm.exe Process ID - 1420 Process Identity - Window Manager\DWM-4 [11-07-2023 23:14:26] Process Exited: Process Name - smss.exe Process ID - 15076 [11-07-2023 23:14:27] Process Exited: Process Name - w3wp.exe Process ID - 13308 Web application pool name - galaxytools.in [11-07-2023 23:14:40] Process Exited: Process Name - dwm.exe Process ID - 1420 [11-07-2023 23:14:40] Process Exited: Process Name - csrss.exe Process ID - 9816 [11-07-2023 23:14:40] Process Exited: Process Name - winlogon.exe Process ID - 13880 [11-07-2023 23:14:40] Process Exited: Process Name - LogonUI.exe Process ID - 14276 [11-07-2023 23:14:46] New process found: Process Name - csrss.exe Process ID - 10760 Process Identity - SYSTEM [11-07-2023 23:14:46] New process found: Process Name - winlogon.exe Process ID - 9432 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:14:47] New process found: Process Name - LogonUI.exe Process ID - 10420 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:14:47] New process found: Process Name - dwm.exe Process ID - 3368 Process Identity - Window Manager\DWM-4 [11-07-2023 23:14:59] Process Exited: Process Name - dwm.exe Process ID - 3368 [11-07-2023 23:14:59] Process Exited: Process Name - winlogon.exe Process ID - 9432 [11-07-2023 23:14:59] Process Exited: Process Name - LogonUI.exe Process ID - 10420 [11-07-2023 23:15:00] Process Exited: Process Name - csrss.exe Process ID - 10760 [11-07-2023 23:15:02] New process found: Process Name - csrss.exe Process ID - 13272 Process Identity - SYSTEM [11-07-2023 23:15:02] New process found: Process Name - winlogon.exe Process ID - 1824 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:15:04] New process found: Process Name - LogonUI.exe Process ID - 4756 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:15:04] New process found: Process Name - dwm.exe Process ID - 3996 Process Identity - Window Manager\DWM-4 [11-07-2023 23:15:15] Process Exited: Process Name - winlogon.exe Process ID - 1824 [11-07-2023 23:15:15] Process Exited: Process Name - dwm.exe Process ID - 3996 [11-07-2023 23:15:15] Process Exited: Process Name - LogonUI.exe Process ID - 4756 [11-07-2023 23:15:15] Process Exited: Process Name - csrss.exe Process ID - 13272 [11-07-2023 23:15:17] New process found: Process Name - csrss.exe Process ID - 15388 Process Identity - SYSTEM [11-07-2023 23:15:17] New process found: Process Name - winlogon.exe Process ID - 9348 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:15:18] New process found: Process Name - LogonUI.exe Process ID - 680 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:15:18] New process found: Process Name - dwm.exe Process ID - 3464 Process Identity - Window Manager\DWM-4 [11-07-2023 23:15:29] Process Exited: Process Name - LogonUI.exe Process ID - 680 [11-07-2023 23:15:30] Process Exited: Process Name - dwm.exe Process ID - 3464 [11-07-2023 23:15:30] Process Exited: Process Name - winlogon.exe Process ID - 9348 [11-07-2023 23:15:30] Process Exited: Process Name - csrss.exe Process ID - 15388 [11-07-2023 23:15:31] New process found: Process Name - csrss.exe Process ID - 16128 Process Identity - SYSTEM [11-07-2023 23:15:31] New process found: Process Name - winlogon.exe Process ID - 14996 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:15:32] New process found: Process Name - LogonUI.exe Process ID - 10004 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:15:32] New process found: Process Name - dwm.exe Process ID - 6784 Process Identity - Window Manager\DWM-4 [11-07-2023 23:15:45] Process Exited: Process Name - dwm.exe Process ID - 6784 [11-07-2023 23:15:45] Process Exited: Process Name - LogonUI.exe Process ID - 10004 [11-07-2023 23:15:45] Process Exited: Process Name - winlogon.exe Process ID - 14996 [11-07-2023 23:15:45] Process Exited: Process Name - csrss.exe Process ID - 16128 [11-07-2023 23:15:49] New process found: Process Name - csrss.exe Process ID - 2400 Process Identity - SYSTEM [11-07-2023 23:15:49] New process found: Process Name - winlogon.exe Process ID - 6420 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:15:51] New process found: Process Name - LogonUI.exe Process ID - 4104 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:15:51] New process found: Process Name - dwm.exe Process ID - 9604 Process Identity - Window Manager\DWM-4 [11-07-2023 23:16:00] Process Exited: Process Name - csrss.exe Process ID - 2400 [11-07-2023 23:16:00] Process Exited: Process Name - LogonUI.exe Process ID - 4104 [11-07-2023 23:16:00] Process Exited: Process Name - winlogon.exe Process ID - 6420 [11-07-2023 23:16:00] Process Exited: Process Name - dwm.exe Process ID - 9604 [11-07-2023 23:16:06] New process found: Process Name - csrss.exe Process ID - 14732 Process Identity - SYSTEM [11-07-2023 23:16:06] New process found: Process Name - winlogon.exe Process ID - 16320 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:16:07] New process found: Process Name - LogonUI.exe Process ID - 780 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:16:07] New process found: Process Name - dwm.exe Process ID - 15720 Process Identity - Window Manager\DWM-4 [11-07-2023 23:16:15] Process Exited: Process Name - LogonUI.exe Process ID - 780 [11-07-2023 23:16:15] Process Exited: Process Name - csrss.exe Process ID - 14732 [11-07-2023 23:16:15] Process Exited: Process Name - dwm.exe Process ID - 15720 [11-07-2023 23:16:15] Process Exited: Process Name - winlogon.exe Process ID - 16320 [11-07-2023 23:16:17] New process found: Process Name - smss.exe Process ID - 2796 Process Identity - SYSTEM [11-07-2023 23:16:17] New process found: Process Name - csrss.exe Process ID - 13680 Process Identity - SYSTEM [11-07-2023 23:16:18] New process found: Process Name - winlogon.exe Process ID - 4768 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:16:18] New process found: Process Name - LogonUI.exe Process ID - 9788 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:16:18] New process found: Process Name - dwm.exe Process ID - 11508 Process Identity - Window Manager\DWM-4 [11-07-2023 23:16:18] Process Exited: Process Name - smss.exe Process ID - 2796 [11-07-2023 23:16:31] Process Exited: Process Name - winlogon.exe Process ID - 4768 [11-07-2023 23:16:31] Process Exited: Process Name - LogonUI.exe Process ID - 9788 [11-07-2023 23:16:31] Process Exited: Process Name - dwm.exe Process ID - 11508 [11-07-2023 23:16:31] Process Exited: Process Name - csrss.exe Process ID - 13680 [11-07-2023 23:16:33] New process found: Process Name - csrss.exe Process ID - 10252 Process Identity - SYSTEM [11-07-2023 23:16:33] New process found: Process Name - winlogon.exe Process ID - 15292 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:16:33] New process found: Process Name - LogonUI.exe Process ID - 12340 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:16:33] New process found: Process Name - dwm.exe Process ID - 10396 Process Identity - Window Manager\DWM-4 [11-07-2023 23:16:34] New process found: Process Name - w3wp.exe Process ID - 15020 Process Identity - IIS APPPOOL\shop.galaxytools.in Web application pool name - shop.galaxytools.in [11-07-2023 23:16:46] Process Exited: Process Name - csrss.exe Process ID - 10252 [11-07-2023 23:16:46] Process Exited: Process Name - dwm.exe Process ID - 10396 [11-07-2023 23:16:46] Process Exited: Process Name - LogonUI.exe Process ID - 12340 [11-07-2023 23:16:46] Process Exited: Process Name - winlogon.exe Process ID - 15292 [11-07-2023 23:16:47] New process found: Process Name - w3wp.exe Process ID - 10664 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [11-07-2023 23:16:47] Process Exited: Process Name - w3wp.exe Process ID - 12272 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [11-07-2023 23:16:51] New process found: Process Name - csrss.exe Process ID - 11272 Process Identity - SYSTEM [11-07-2023 23:16:51] New process found: Process Name - winlogon.exe Process ID - 15928 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:16:51] New process found: Process Name - LogonUI.exe Process ID - 13592 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:16:51] New process found: Process Name - dwm.exe Process ID - 9436 Process Identity - Window Manager\DWM-4 [11-07-2023 23:17:01] Process Exited: Process Name - dwm.exe Process ID - 9436 [11-07-2023 23:17:01] Process Exited: Process Name - csrss.exe Process ID - 11272 [11-07-2023 23:17:01] Process Exited: Process Name - LogonUI.exe Process ID - 13592 [11-07-2023 23:17:01] Process Exited: Process Name - winlogon.exe Process ID - 15928 [11-07-2023 23:17:07] New process found: Process Name - csrss.exe Process ID - 12724 Process Identity - SYSTEM [11-07-2023 23:17:07] New process found: Process Name - winlogon.exe Process ID - 2416 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:17:08] New process found: Process Name - LogonUI.exe Process ID - 14136 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:17:08] New process found: Process Name - dwm.exe Process ID - 10812 Process Identity - Window Manager\DWM-4 [11-07-2023 23:17:16] Process Exited: Process Name - winlogon.exe Process ID - 2416 [11-07-2023 23:17:16] Process Exited: Process Name - dwm.exe Process ID - 10812 [11-07-2023 23:17:16] Process Exited: Process Name - csrss.exe Process ID - 12724 [11-07-2023 23:17:16] Process Exited: Process Name - LogonUI.exe Process ID - 14136 [11-07-2023 23:17:17] New process found: Process Name - csrss.exe Process ID - 12672 Process Identity - SYSTEM [11-07-2023 23:17:17] New process found: Process Name - winlogon.exe Process ID - 2952 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:17:17] Process Exited: Process Name - GoogleUpdate.exe Process ID - 4048 [11-07-2023 23:17:18] New process found: Process Name - LogonUI.exe Process ID - 11956 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:17:18] New process found: Process Name - dwm.exe Process ID - 8904 Process Identity - Window Manager\DWM-4 [11-07-2023 23:17:31] Process Exited: Process Name - winlogon.exe Process ID - 2952 [11-07-2023 23:17:31] Process Exited: Process Name - dwm.exe Process ID - 8904 [11-07-2023 23:17:31] Process Exited: Process Name - LogonUI.exe Process ID - 11956 [11-07-2023 23:17:31] Process Exited: Process Name - csrss.exe Process ID - 12672 [11-07-2023 23:17:34] New process found: Process Name - csrss.exe Process ID - 10464 Process Identity - SYSTEM [11-07-2023 23:17:34] New process found: Process Name - winlogon.exe Process ID - 15320 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:17:36] New process found: Process Name - LogonUI.exe Process ID - 1832 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:17:36] New process found: Process Name - dwm.exe Process ID - 12240 Process Identity - Window Manager\DWM-4 [11-07-2023 23:17:46] Process Exited: Process Name - LogonUI.exe Process ID - 1832 [11-07-2023 23:17:46] Process Exited: Process Name - csrss.exe Process ID - 10464 [11-07-2023 23:17:46] Process Exited: Process Name - dwm.exe Process ID - 12240 [11-07-2023 23:17:46] Process Exited: Process Name - winlogon.exe Process ID - 15320 [11-07-2023 23:17:48] New process found: Process Name - csrss.exe Process ID - 14548 Process Identity - SYSTEM [11-07-2023 23:17:48] New process found: Process Name - winlogon.exe Process ID - 11328 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:17:49] New process found: Process Name - LogonUI.exe Process ID - 12352 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:17:49] New process found: Process Name - dwm.exe Process ID - 14472 Process Identity - Window Manager\DWM-4 [11-07-2023 23:17:53] Process Exited: Process Name - php-cgi.exe Process ID - 14964 [11-07-2023 23:17:54] Process Exited: Process Name - w3wp.exe Process ID - 15704 Web application pool name - PleskControlPanel [11-07-2023 23:18:01] Process Exited: Process Name - winlogon.exe Process ID - 11328 [11-07-2023 23:18:01] Process Exited: Process Name - LogonUI.exe Process ID - 12352 [11-07-2023 23:18:01] Process Exited: Process Name - dwm.exe Process ID - 14472 [11-07-2023 23:18:01] Process Exited: Process Name - csrss.exe Process ID - 14548 [11-07-2023 23:18:04] New process found: Process Name - csrss.exe Process ID - 13912 Process Identity - SYSTEM [11-07-2023 23:18:04] New process found: Process Name - winlogon.exe Process ID - 9932 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:18:07] New process found: Process Name - LogonUI.exe Process ID - 608 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:18:07] New process found: Process Name - dwm.exe Process ID - 15512 Process Identity - Window Manager\DWM-4 [11-07-2023 23:18:16] Process Exited: Process Name - LogonUI.exe Process ID - 608 [11-07-2023 23:18:16] Process Exited: Process Name - winlogon.exe Process ID - 9932 [11-07-2023 23:18:16] Process Exited: Process Name - csrss.exe Process ID - 13912 [11-07-2023 23:18:16] Process Exited: Process Name - dwm.exe Process ID - 15512 [11-07-2023 23:18:17] New process found: Process Name - csrss.exe Process ID - 14552 Process Identity - SYSTEM [11-07-2023 23:18:17] New process found: Process Name - winlogon.exe Process ID - 16304 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:18:17] New process found: Process Name - LogonUI.exe Process ID - 11676 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:18:17] New process found: Process Name - dwm.exe Process ID - 10212 Process Identity - Window Manager\DWM-4 [11-07-2023 23:18:31] Process Exited: Process Name - dwm.exe Process ID - 10212 [11-07-2023 23:18:31] Process Exited: Process Name - LogonUI.exe Process ID - 11676 [11-07-2023 23:18:31] Process Exited: Process Name - csrss.exe Process ID - 14552 [11-07-2023 23:18:31] Process Exited: Process Name - winlogon.exe Process ID - 16304 [11-07-2023 23:18:40] New process found: Process Name - csrss.exe Process ID - 13172 Process Identity - SYSTEM [11-07-2023 23:18:40] New process found: Process Name - winlogon.exe Process ID - 15028 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:18:41] New process found: Process Name - LogonUI.exe Process ID - 11480 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:18:41] New process found: Process Name - dwm.exe Process ID - 15784 Process Identity - Window Manager\DWM-4 [11-07-2023 23:18:46] Process Exited: Process Name - LogonUI.exe Process ID - 11480 [11-07-2023 23:18:46] Process Exited: Process Name - csrss.exe Process ID - 13172 [11-07-2023 23:18:46] Process Exited: Process Name - winlogon.exe Process ID - 15028 [11-07-2023 23:18:46] Process Exited: Process Name - dwm.exe Process ID - 15784 [11-07-2023 23:18:47] New process found: Process Name - csrss.exe Process ID - 13184 Process Identity - SYSTEM [11-07-2023 23:18:47] New process found: Process Name - winlogon.exe Process ID - 9028 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:18:48] New process found: Process Name - LogonUI.exe Process ID - 16124 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:18:48] New process found: Process Name - dwm.exe Process ID - 680 Process Identity - Window Manager\DWM-4 [11-07-2023 23:18:54] New process found: Process Name - WmiPrvSE.exe Process ID - 10852 Process Identity - NT AUTHORITY\LOCAL SERVICE [11-07-2023 23:19:00] Process Exited: Process Name - LogonUI.exe Process ID - 16124 [11-07-2023 23:19:01] Process Exited: Process Name - dwm.exe Process ID - 680 [11-07-2023 23:19:01] Process Exited: Process Name - winlogon.exe Process ID - 9028 [11-07-2023 23:19:01] Process Exited: Process Name - csrss.exe Process ID - 13184 [11-07-2023 23:19:02] New process found: Process Name - WmiPrvSE.exe Process ID - 11504 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:19:07] New process found: Process Name - csrss.exe Process ID - 2648 Process Identity - SYSTEM [11-07-2023 23:19:07] New process found: Process Name - winlogon.exe Process ID - 12436 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:19:07] New process found: Process Name - LogonUI.exe Process ID - 15344 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:19:07] New process found: Process Name - dwm.exe Process ID - 16316 Process Identity - Window Manager\DWM-4 [11-07-2023 23:19:20] Process Exited: Process Name - winlogon.exe Process ID - 12436 [11-07-2023 23:19:20] Process Exited: Process Name - LogonUI.exe Process ID - 15344 [11-07-2023 23:19:20] Process Exited: Process Name - dwm.exe Process ID - 16316 [11-07-2023 23:19:21] Process Exited: Process Name - csrss.exe Process ID - 2648 [11-07-2023 23:19:24] New process found: Process Name - csrss.exe Process ID - 2880 Process Identity - SYSTEM [11-07-2023 23:19:24] New process found: Process Name - winlogon.exe Process ID - 15568 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:19:26] New process found: Process Name - LogonUI.exe Process ID - 12740 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:19:26] New process found: Process Name - dwm.exe Process ID - 11928 Process Identity - Window Manager\DWM-4 [11-07-2023 23:19:35] New process found: Process Name - w3wp.exe Process ID - 13088 Process Identity - KSHITIJSINGHAL-\IWPD_38(capitalbook) Web application pool name - capitalbooks-publishing.com(domain)(4.0)(pool) [11-07-2023 23:19:35] Process Exited: Process Name - dwm.exe Process ID - 11928 [11-07-2023 23:19:35] Process Exited: Process Name - LogonUI.exe Process ID - 12740 [11-07-2023 23:19:35] Process Exited: Process Name - winlogon.exe Process ID - 15568 [11-07-2023 23:19:36] New process found: Process Name - w3wp.exe Process ID - 3652 Process Identity - KSHITIJSINGHAL-\IWPD_77(acwits) Web application pool name - kdb.acwits.in(domain)(4.0)(pool) [11-07-2023 23:19:36] New process found: Process Name - where.exe Process ID - 15624 Process Identity - KSHITIJSINGHAL-\IWPD_77(acwits) [11-07-2023 23:19:36] New process found: Process Name - conhost.exe Process ID - 6604 Process Identity - KSHITIJSINGHAL-\IWPD_77(acwits) [11-07-2023 23:19:36] Process Exited: Process Name - csrss.exe Process ID - 2880 [11-07-2023 23:19:37] New process found: Process Name - conhost.exe Process ID - 16324 Process Identity - KSHITIJSINGHAL-\IWPD_77(acwits) [11-07-2023 23:19:37] Process Exited: Process Name - conhost.exe Process ID - 6604 [11-07-2023 23:19:37] Process Exited: Process Name - where.exe Process ID - 15624 [11-07-2023 23:19:38] New process found: Process Name - csrss.exe Process ID - 11508 Process Identity - SYSTEM [11-07-2023 23:19:38] New process found: Process Name - winlogon.exe Process ID - 8964 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:19:38] New process found: Process Name - LogonUI.exe Process ID - 15412 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:19:38] New process found: Process Name - dwm.exe Process ID - 2916 Process Identity - Window Manager\DWM-4 [11-07-2023 23:19:51] Process Exited: Process Name - dwm.exe Process ID - 2916 [11-07-2023 23:19:51] Process Exited: Process Name - winlogon.exe Process ID - 8964 [11-07-2023 23:19:51] Process Exited: Process Name - csrss.exe Process ID - 11508 [11-07-2023 23:19:51] Process Exited: Process Name - LogonUI.exe Process ID - 15412 [11-07-2023 23:19:52] New process found: Process Name - smss.exe Process ID - 12008 Process Identity - SYSTEM [11-07-2023 23:19:52] New process found: Process Name - csrss.exe Process ID - 15916 Process Identity - SYSTEM [11-07-2023 23:19:53] New process found: Process Name - winlogon.exe Process ID - 11300 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:19:53] Process Exited: Process Name - smss.exe Process ID - 12008 [11-07-2023 23:19:54] New process found: Process Name - LogonUI.exe Process ID - 10616 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:19:54] New process found: Process Name - dwm.exe Process ID - 12204 Process Identity - Window Manager\DWM-4 [11-07-2023 23:20:04] New process found: Process Name - w3wp.exe Process ID - 11108 Process Identity - KSHITIJSINGHAL-\IWPD_7(cies) Web application pool name - adminportal.cies.org.in(domain)(4.0)(pool) [11-07-2023 23:20:06] Process Exited: Process Name - LogonUI.exe Process ID - 10616 [11-07-2023 23:20:06] Process Exited: Process Name - winlogon.exe Process ID - 11300 [11-07-2023 23:20:06] Process Exited: Process Name - dwm.exe Process ID - 12204 [11-07-2023 23:20:06] Process Exited: Process Name - csrss.exe Process ID - 15916 [11-07-2023 23:20:08] New process found: Process Name - csrss.exe Process ID - 8796 Process Identity - SYSTEM [11-07-2023 23:20:08] New process found: Process Name - winlogon.exe Process ID - 7388 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:20:10] New process found: Process Name - LogonUI.exe Process ID - 11420 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:20:10] New process found: Process Name - dwm.exe Process ID - 12796 Process Identity - Window Manager\DWM-4 [11-07-2023 23:20:21] Process Exited: Process Name - winlogon.exe Process ID - 7388 [11-07-2023 23:20:21] Process Exited: Process Name - csrss.exe Process ID - 8796 [11-07-2023 23:20:21] Process Exited: Process Name - LogonUI.exe Process ID - 11420 [11-07-2023 23:20:21] Process Exited: Process Name - dwm.exe Process ID - 12796 [11-07-2023 23:20:22] New process found: Process Name - csrss.exe Process ID - 14376 Process Identity - SYSTEM [11-07-2023 23:20:22] New process found: Process Name - winlogon.exe Process ID - 16068 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:20:23] New process found: Process Name - LogonUI.exe Process ID - 9244 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:20:23] New process found: Process Name - dwm.exe Process ID - 13384 Process Identity - Window Manager\DWM-4 [11-07-2023 23:20:24] Process Exited: Process Name - WmiPrvSE.exe Process ID - 10852 [11-07-2023 23:20:24] Process Exited: Process Name - WmiPrvSE.exe Process ID - 11504 [11-07-2023 23:20:25] New process found: Process Name - w3wp.exe Process ID - 2952 Process Identity - IIS APPPOOL\galaxytools.in Web application pool name - galaxytools.in [11-07-2023 23:20:36] Process Exited: Process Name - LogonUI.exe Process ID - 9244 [11-07-2023 23:20:36] Process Exited: Process Name - dwm.exe Process ID - 13384 [11-07-2023 23:20:36] Process Exited: Process Name - csrss.exe Process ID - 14376 [11-07-2023 23:20:36] Process Exited: Process Name - winlogon.exe Process ID - 16068 [11-07-2023 23:20:38] New process found: Process Name - csrss.exe Process ID - 12388 Process Identity - SYSTEM [11-07-2023 23:20:38] New process found: Process Name - winlogon.exe Process ID - 5080 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:20:39] New process found: Process Name - LogonUI.exe Process ID - 11088 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:20:39] New process found: Process Name - dwm.exe Process ID - 8876 Process Identity - Window Manager\DWM-4 [11-07-2023 23:20:41] New process found: Process Name - w3wp.exe Process ID - 15668 Process Identity - IIS APPPOOL\DefaultAppPool Web application pool name - DefaultAppPool [11-07-2023 23:20:51] Process Exited: Process Name - winlogon.exe Process ID - 5080 [11-07-2023 23:20:51] Process Exited: Process Name - dwm.exe Process ID - 8876 [11-07-2023 23:20:51] Process Exited: Process Name - LogonUI.exe Process ID - 11088 [11-07-2023 23:20:51] Process Exited: Process Name - csrss.exe Process ID - 12388 [11-07-2023 23:20:53] New process found: Process Name - csrss.exe Process ID - 8316 Process Identity - SYSTEM [11-07-2023 23:20:53] New process found: Process Name - winlogon.exe Process ID - 13124 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:20:53] New process found: Process Name - LogonUI.exe Process ID - 932 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:20:53] New process found: Process Name - dwm.exe Process ID - 9204 Process Identity - Window Manager\DWM-4 [11-07-2023 23:21:07] Process Exited: Process Name - LogonUI.exe Process ID - 932 [11-07-2023 23:21:07] Process Exited: Process Name - csrss.exe Process ID - 8316 [11-07-2023 23:21:07] Process Exited: Process Name - dwm.exe Process ID - 9204 [11-07-2023 23:21:07] Process Exited: Process Name - winlogon.exe Process ID - 13124 [11-07-2023 23:21:10] New process found: Process Name - csrss.exe Process ID - 10524 Process Identity - SYSTEM [11-07-2023 23:21:10] New process found: Process Name - winlogon.exe Process ID - 11612 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:21:12] New process found: Process Name - LogonUI.exe Process ID - 11016 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:21:12] New process found: Process Name - dwm.exe Process ID - 3368 Process Identity - Window Manager\DWM-4 [11-07-2023 23:21:22] Process Exited: Process Name - dwm.exe Process ID - 3368 [11-07-2023 23:21:22] Process Exited: Process Name - csrss.exe Process ID - 10524 [11-07-2023 23:21:22] Process Exited: Process Name - LogonUI.exe Process ID - 11016 [11-07-2023 23:21:22] Process Exited: Process Name - winlogon.exe Process ID - 11612 [11-07-2023 23:21:24] New process found: Process Name - csrss.exe Process ID - 11344 Process Identity - SYSTEM [11-07-2023 23:21:24] New process found: Process Name - winlogon.exe Process ID - 13108 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:21:25] New process found: Process Name - LogonUI.exe Process ID - 14248 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:21:25] New process found: Process Name - dwm.exe Process ID - 15396 Process Identity - Window Manager\DWM-4 [11-07-2023 23:21:37] Process Exited: Process Name - csrss.exe Process ID - 11344 [11-07-2023 23:21:37] Process Exited: Process Name - winlogon.exe Process ID - 13108 [11-07-2023 23:21:37] Process Exited: Process Name - LogonUI.exe Process ID - 14248 [11-07-2023 23:21:37] Process Exited: Process Name - dwm.exe Process ID - 15396 [11-07-2023 23:21:39] New process found: Process Name - csrss.exe Process ID - 14652 Process Identity - SYSTEM [11-07-2023 23:21:39] New process found: Process Name - winlogon.exe Process ID - 3800 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:21:40] New process found: Process Name - LogonUI.exe Process ID - 5800 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:21:40] New process found: Process Name - dwm.exe Process ID - 1756 Process Identity - Window Manager\DWM-4 [11-07-2023 23:21:48] New process found: Process Name - w3wp.exe Process ID - 16272 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [11-07-2023 23:21:48] Process Exited: Process Name - w3wp.exe Process ID - 10664 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [11-07-2023 23:21:52] Process Exited: Process Name - dwm.exe Process ID - 1756 [11-07-2023 23:21:52] Process Exited: Process Name - winlogon.exe Process ID - 3800 [11-07-2023 23:21:52] Process Exited: Process Name - LogonUI.exe Process ID - 5800 [11-07-2023 23:21:52] Process Exited: Process Name - csrss.exe Process ID - 14652 [11-07-2023 23:21:55] New process found: Process Name - csrss.exe Process ID - 12660 Process Identity - SYSTEM [11-07-2023 23:21:55] New process found: Process Name - winlogon.exe Process ID - 4116 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:21:55] New process found: Process Name - LogonUI.exe Process ID - 5544 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:21:55] New process found: Process Name - dwm.exe Process ID - 10816 Process Identity - Window Manager\DWM-4 [11-07-2023 23:22:08] Process Exited: Process Name - winlogon.exe Process ID - 4116 [11-07-2023 23:22:08] Process Exited: Process Name - LogonUI.exe Process ID - 5544 [11-07-2023 23:22:08] Process Exited: Process Name - dwm.exe Process ID - 10816 [11-07-2023 23:22:08] Process Exited: Process Name - csrss.exe Process ID - 12660 [11-07-2023 23:22:10] New process found: Process Name - csrss.exe Process ID - 11620 Process Identity - SYSTEM [11-07-2023 23:22:10] New process found: Process Name - winlogon.exe Process ID - 10848 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:22:10] New process found: Process Name - LogonUI.exe Process ID - 10772 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:22:10] New process found: Process Name - dwm.exe Process ID - 15800 Process Identity - Window Manager\DWM-4 [11-07-2023 23:22:23] Process Exited: Process Name - LogonUI.exe Process ID - 10772 [11-07-2023 23:22:23] Process Exited: Process Name - winlogon.exe Process ID - 10848 [11-07-2023 23:22:23] Process Exited: Process Name - csrss.exe Process ID - 11620 [11-07-2023 23:22:23] Process Exited: Process Name - dwm.exe Process ID - 15800 [11-07-2023 23:22:24] New process found: Process Name - csrss.exe Process ID - 12656 Process Identity - SYSTEM [11-07-2023 23:22:24] New process found: Process Name - winlogon.exe Process ID - 15476 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:22:25] New process found: Process Name - LogonUI.exe Process ID - 11304 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:22:25] New process found: Process Name - dwm.exe Process ID - 10952 Process Identity - Window Manager\DWM-4 [11-07-2023 23:22:36] Process Exited: Process Name - w3wp.exe Process ID - 15020 Web application pool name - shop.galaxytools.in [11-07-2023 23:22:38] Process Exited: Process Name - dwm.exe Process ID - 10952 [11-07-2023 23:22:38] Process Exited: Process Name - LogonUI.exe Process ID - 11304 [11-07-2023 23:22:38] Process Exited: Process Name - csrss.exe Process ID - 12656 [11-07-2023 23:22:38] Process Exited: Process Name - winlogon.exe Process ID - 15476 [11-07-2023 23:22:41] New process found: Process Name - csrss.exe Process ID - 6916 Process Identity - SYSTEM [11-07-2023 23:22:41] New process found: Process Name - winlogon.exe Process ID - 6304 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:22:42] New process found: Process Name - LogonUI.exe Process ID - 1712 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:22:42] New process found: Process Name - dwm.exe Process ID - 14084 Process Identity - Window Manager\DWM-4 [11-07-2023 23:22:52] New process found: Process Name - w3wp.exe Process ID - 11140 Process Identity - KSHITIJSINGHAL-\IWPD_13(perfectbrea) Web application pool name - perfectbread.com(domain)(4.0)(pool) [11-07-2023 23:22:52] New process found: Process Name - conhost.exe Process ID - 15144 Process Identity - KSHITIJSINGHAL-\IWPD_13(perfectbrea) [11-07-2023 23:22:54] Process Exited: Process Name - LogonUI.exe Process ID - 1712 [11-07-2023 23:22:54] Process Exited: Process Name - winlogon.exe Process ID - 6304 [11-07-2023 23:22:54] Process Exited: Process Name - csrss.exe Process ID - 6916 [11-07-2023 23:22:54] Process Exited: Process Name - dwm.exe Process ID - 14084 [11-07-2023 23:22:56] New process found: Process Name - csrss.exe Process ID - 16204 Process Identity - SYSTEM [11-07-2023 23:22:56] New process found: Process Name - winlogon.exe Process ID - 10968 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:22:58] New process found: Process Name - LogonUI.exe Process ID - 11504 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:22:58] New process found: Process Name - dwm.exe Process ID - 11172 Process Identity - Window Manager\DWM-4 [11-07-2023 23:23:03] New process found: Process Name - w3wp.exe Process ID - 10584 Process Identity - KSHITIJSINGHAL-\IWPD_33(acwits) Web application pool name - procurementwebnew.acwits.in(domain)(4.0)(pool) [11-07-2023 23:23:04] New process found: Process Name - where.exe Process ID - 15312 Process Identity - KSHITIJSINGHAL-\IWPD_33(acwits) [11-07-2023 23:23:04] New process found: Process Name - conhost.exe Process ID - 10256 Process Identity - KSHITIJSINGHAL-\IWPD_33(acwits) [11-07-2023 23:23:05] New process found: Process Name - conhost.exe Process ID - 14376 Process Identity - KSHITIJSINGHAL-\IWPD_33(acwits) [11-07-2023 23:23:05] Process Exited: Process Name - conhost.exe Process ID - 10256 [11-07-2023 23:23:05] Process Exited: Process Name - where.exe Process ID - 15312 [11-07-2023 23:23:08] New process found: Process Name - w3wp.exe Process ID - 524 Process Identity - KSHITIJSINGHAL-\IWPD_67(justprew_2v) Web application pool name - justprewedding.com(domain)(4.0)(pool) [11-07-2023 23:23:09] Process Exited: Process Name - winlogon.exe Process ID - 10968 [11-07-2023 23:23:09] Process Exited: Process Name - dwm.exe Process ID - 11172 [11-07-2023 23:23:09] Process Exited: Process Name - LogonUI.exe Process ID - 11504 [11-07-2023 23:23:09] Process Exited: Process Name - csrss.exe Process ID - 16204 [11-07-2023 23:23:13] New process found: Process Name - where.exe Process ID - 9324 Process Identity - KSHITIJSINGHAL-\IWPD_67(justprew_2v) [11-07-2023 23:23:13] New process found: Process Name - conhost.exe Process ID - 4408 Process Identity - KSHITIJSINGHAL-\IWPD_67(justprew_2v) [11-07-2023 23:23:14] New process found: Process Name - conhost.exe Process ID - 11424 Process Identity - KSHITIJSINGHAL-\IWPD_67(justprew_2v) [11-07-2023 23:23:14] New process found: Process Name - csrss.exe Process ID - 7116 Process Identity - SYSTEM [11-07-2023 23:23:14] New process found: Process Name - winlogon.exe Process ID - 7148 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:23:14] Process Exited: Process Name - conhost.exe Process ID - 4408 [11-07-2023 23:23:14] Process Exited: Process Name - where.exe Process ID - 9324 [11-07-2023 23:23:15] New process found: Process Name - LogonUI.exe Process ID - 13752 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:23:15] New process found: Process Name - dwm.exe Process ID - 15044 Process Identity - Window Manager\DWM-4 [11-07-2023 23:23:24] Process Exited: Process Name - csrss.exe Process ID - 7116 [11-07-2023 23:23:24] Process Exited: Process Name - winlogon.exe Process ID - 7148 [11-07-2023 23:23:24] Process Exited: Process Name - LogonUI.exe Process ID - 13752 [11-07-2023 23:23:24] Process Exited: Process Name - dwm.exe Process ID - 15044 [11-07-2023 23:23:26] New process found: Process Name - csrss.exe Process ID - 8708 Process Identity - SYSTEM [11-07-2023 23:23:26] New process found: Process Name - winlogon.exe Process ID - 14544 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:23:26] New process found: Process Name - LogonUI.exe Process ID - 4932 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:23:26] New process found: Process Name - dwm.exe Process ID - 11704 Process Identity - Window Manager\DWM-4 [11-07-2023 23:23:39] Process Exited: Process Name - LogonUI.exe Process ID - 4932 [11-07-2023 23:23:39] Process Exited: Process Name - csrss.exe Process ID - 8708 [11-07-2023 23:23:39] Process Exited: Process Name - dwm.exe Process ID - 11704 [11-07-2023 23:23:39] Process Exited: Process Name - winlogon.exe Process ID - 14544 [11-07-2023 23:23:44] New process found: Process Name - csrss.exe Process ID - 3996 Process Identity - SYSTEM [11-07-2023 23:23:44] New process found: Process Name - winlogon.exe Process ID - 11580 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:23:46] New process found: Process Name - LogonUI.exe Process ID - 4184 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:23:46] New process found: Process Name - dwm.exe Process ID - 15576 Process Identity - Window Manager\DWM-4 [11-07-2023 23:23:54] Process Exited: Process Name - csrss.exe Process ID - 3996 [11-07-2023 23:23:54] Process Exited: Process Name - LogonUI.exe Process ID - 4184 [11-07-2023 23:23:54] Process Exited: Process Name - winlogon.exe Process ID - 11580 [11-07-2023 23:23:54] Process Exited: Process Name - dwm.exe Process ID - 15576 [11-07-2023 23:23:56] New process found: Process Name - csrss.exe Process ID - 12172 Process Identity - SYSTEM [11-07-2023 23:23:56] New process found: Process Name - winlogon.exe Process ID - 1816 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:23:57] New process found: Process Name - LogonUI.exe Process ID - 2256 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:23:57] New process found: Process Name - dwm.exe Process ID - 9348 Process Identity - Window Manager\DWM-4 [11-07-2023 23:24:09] Process Exited: Process Name - winlogon.exe Process ID - 1816 [11-07-2023 23:24:09] Process Exited: Process Name - LogonUI.exe Process ID - 2256 [11-07-2023 23:24:09] Process Exited: Process Name - dwm.exe Process ID - 9348 [11-07-2023 23:24:09] Process Exited: Process Name - csrss.exe Process ID - 12172 [11-07-2023 23:24:12] New process found: Process Name - csrss.exe Process ID - 14264 Process Identity - SYSTEM [11-07-2023 23:24:12] New process found: Process Name - winlogon.exe Process ID - 344 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:24:13] New process found: Process Name - LogonUI.exe Process ID - 15508 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:24:13] New process found: Process Name - dwm.exe Process ID - 15216 Process Identity - Window Manager\DWM-4 [11-07-2023 23:24:24] Process Exited: Process Name - winlogon.exe Process ID - 344 [11-07-2023 23:24:24] Process Exited: Process Name - csrss.exe Process ID - 14264 [11-07-2023 23:24:24] Process Exited: Process Name - dwm.exe Process ID - 15216 [11-07-2023 23:24:24] Process Exited: Process Name - LogonUI.exe Process ID - 15508 [11-07-2023 23:24:26] New process found: Process Name - csrss.exe Process ID - 7572 Process Identity - SYSTEM [11-07-2023 23:24:26] New process found: Process Name - winlogon.exe Process ID - 12764 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:24:27] New process found: Process Name - LogonUI.exe Process ID - 6152 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:24:27] New process found: Process Name - dwm.exe Process ID - 14500 Process Identity - Window Manager\DWM-4 [11-07-2023 23:24:39] Process Exited: Process Name - LogonUI.exe Process ID - 6152 [11-07-2023 23:24:39] Process Exited: Process Name - csrss.exe Process ID - 7572 [11-07-2023 23:24:39] Process Exited: Process Name - winlogon.exe Process ID - 12764 [11-07-2023 23:24:39] Process Exited: Process Name - dwm.exe Process ID - 14500 [11-07-2023 23:24:43] New process found: Process Name - csrss.exe Process ID - 3992 Process Identity - SYSTEM [11-07-2023 23:24:43] New process found: Process Name - winlogon.exe Process ID - 15412 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:24:44] New process found: Process Name - LogonUI.exe Process ID - 8092 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:24:44] New process found: Process Name - dwm.exe Process ID - 13876 Process Identity - Window Manager\DWM-4 [11-07-2023 23:24:54] Process Exited: Process Name - csrss.exe Process ID - 3992 [11-07-2023 23:24:54] Process Exited: Process Name - LogonUI.exe Process ID - 8092 [11-07-2023 23:24:54] Process Exited: Process Name - dwm.exe Process ID - 13876 [11-07-2023 23:24:54] Process Exited: Process Name - winlogon.exe Process ID - 15412 [11-07-2023 23:24:56] New process found: Process Name - csrss.exe Process ID - 2380 Process Identity - SYSTEM [11-07-2023 23:24:56] New process found: Process Name - winlogon.exe Process ID - 10416 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:24:56] New process found: Process Name - LogonUI.exe Process ID - 12252 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:24:56] New process found: Process Name - dwm.exe Process ID - 15672 Process Identity - Window Manager\DWM-4 [11-07-2023 23:25:09] Process Exited: Process Name - csrss.exe Process ID - 2380 [11-07-2023 23:25:09] Process Exited: Process Name - winlogon.exe Process ID - 10416 [11-07-2023 23:25:09] Process Exited: Process Name - LogonUI.exe Process ID - 12252 [11-07-2023 23:25:09] Process Exited: Process Name - dwm.exe Process ID - 15672 [11-07-2023 23:25:10] New process found: Process Name - csrss.exe Process ID - 13668 Process Identity - SYSTEM [11-07-2023 23:25:10] New process found: Process Name - winlogon.exe Process ID - 8928 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:25:12] New process found: Process Name - LogonUI.exe Process ID - 10576 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:25:12] New process found: Process Name - dwm.exe Process ID - 11092 Process Identity - Window Manager\DWM-4 [11-07-2023 23:25:24] Process Exited: Process Name - winlogon.exe Process ID - 8928 [11-07-2023 23:25:24] Process Exited: Process Name - LogonUI.exe Process ID - 10576 [11-07-2023 23:25:24] Process Exited: Process Name - dwm.exe Process ID - 11092 [11-07-2023 23:25:24] Process Exited: Process Name - csrss.exe Process ID - 13668 [11-07-2023 23:25:25] New process found: Process Name - csrss.exe Process ID - 2696 Process Identity - SYSTEM [11-07-2023 23:25:25] New process found: Process Name - winlogon.exe Process ID - 6388 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:25:26] New process found: Process Name - LogonUI.exe Process ID - 15040 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:25:26] New process found: Process Name - dwm.exe Process ID - 15408 Process Identity - Window Manager\DWM-4 [11-07-2023 23:25:37] Process Exited: Process Name - w3wp.exe Process ID - 13088 Web application pool name - capitalbooks-publishing.com(domain)(4.0)(pool) [11-07-2023 23:25:39] Process Exited: Process Name - csrss.exe Process ID - 2696 [11-07-2023 23:25:39] Process Exited: Process Name - w3wp.exe Process ID - 3652 Web application pool name - kdb.acwits.in(domain)(4.0)(pool) [11-07-2023 23:25:39] Process Exited: Process Name - winlogon.exe Process ID - 6388 [11-07-2023 23:25:39] Process Exited: Process Name - LogonUI.exe Process ID - 15040 [11-07-2023 23:25:39] Process Exited: Process Name - dwm.exe Process ID - 15408 [11-07-2023 23:25:39] Process Exited: Process Name - conhost.exe Process ID - 16324 [11-07-2023 23:25:41] New process found: Process Name - csrss.exe Process ID - 744 Process Identity - SYSTEM [11-07-2023 23:25:41] New process found: Process Name - winlogon.exe Process ID - 15176 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:25:42] New process found: Process Name - LogonUI.exe Process ID - 11528 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:25:42] New process found: Process Name - dwm.exe Process ID - 15380 Process Identity - Window Manager\DWM-4 [11-07-2023 23:25:54] Process Exited: Process Name - csrss.exe Process ID - 744 [11-07-2023 23:25:54] Process Exited: Process Name - LogonUI.exe Process ID - 11528 [11-07-2023 23:25:54] Process Exited: Process Name - winlogon.exe Process ID - 15176 [11-07-2023 23:25:54] Process Exited: Process Name - dwm.exe Process ID - 15380 [11-07-2023 23:25:56] New process found: Process Name - csrss.exe Process ID - 13008 Process Identity - SYSTEM [11-07-2023 23:25:56] New process found: Process Name - winlogon.exe Process ID - 10528 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:25:56] New process found: Process Name - LogonUI.exe Process ID - 8036 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:25:56] New process found: Process Name - dwm.exe Process ID - 15436 Process Identity - Window Manager\DWM-4 [11-07-2023 23:26:02] New process found: Process Name - w3wp.exe Process ID - 14364 Process Identity - KSHITIJSINGHAL-\IWPD_38(capitalbook) Web application pool name - capitalbooks-publishing.com(domain)(4.0)(pool) [11-07-2023 23:26:06] Process Exited: Process Name - w3wp.exe Process ID - 11108 Web application pool name - adminportal.cies.org.in(domain)(4.0)(pool) [11-07-2023 23:26:09] Process Exited: Process Name - LogonUI.exe Process ID - 8036 [11-07-2023 23:26:09] Process Exited: Process Name - winlogon.exe Process ID - 10528 [11-07-2023 23:26:09] Process Exited: Process Name - csrss.exe Process ID - 13008 [11-07-2023 23:26:09] Process Exited: Process Name - dwm.exe Process ID - 15436 [11-07-2023 23:26:11] New process found: Process Name - csrss.exe Process ID - 4764 Process Identity - SYSTEM [11-07-2023 23:26:11] New process found: Process Name - winlogon.exe Process ID - 6196 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:26:14] New process found: Process Name - LogonUI.exe Process ID - 12568 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:26:14] New process found: Process Name - dwm.exe Process ID - 9572 Process Identity - Window Manager\DWM-4 [11-07-2023 23:26:24] Process Exited: Process Name - csrss.exe Process ID - 4764 [11-07-2023 23:26:24] Process Exited: Process Name - winlogon.exe Process ID - 6196 [11-07-2023 23:26:24] Process Exited: Process Name - dwm.exe Process ID - 9572 [11-07-2023 23:26:24] Process Exited: Process Name - LogonUI.exe Process ID - 12568 [11-07-2023 23:26:27] New process found: Process Name - csrss.exe Process ID - 10592 Process Identity - SYSTEM [11-07-2023 23:26:27] New process found: Process Name - winlogon.exe Process ID - 10228 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:26:27] Process Exited: Process Name - w3wp.exe Process ID - 2952 Web application pool name - galaxytools.in [11-07-2023 23:26:30] New process found: Process Name - LogonUI.exe Process ID - 13096 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:26:30] New process found: Process Name - dwm.exe Process ID - 10560 Process Identity - Window Manager\DWM-4 [11-07-2023 23:26:39] Process Exited: Process Name - winlogon.exe Process ID - 10228 [11-07-2023 23:26:39] Process Exited: Process Name - dwm.exe Process ID - 10560 [11-07-2023 23:26:39] Process Exited: Process Name - csrss.exe Process ID - 10592 [11-07-2023 23:26:39] Process Exited: Process Name - LogonUI.exe Process ID - 13096 [11-07-2023 23:26:40] New process found: Process Name - csrss.exe Process ID - 7672 Process Identity - SYSTEM [11-07-2023 23:26:40] New process found: Process Name - winlogon.exe Process ID - 10496 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:26:41] New process found: Process Name - LogonUI.exe Process ID - 3048 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:26:41] New process found: Process Name - dwm.exe Process ID - 13112 Process Identity - Window Manager\DWM-4 [11-07-2023 23:26:43] Process Exited: Process Name - w3wp.exe Process ID - 15668 Web application pool name - DefaultAppPool [11-07-2023 23:26:49] New process found: Process Name - w3wp.exe Process ID - 11764 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [11-07-2023 23:26:49] Process Exited: Process Name - w3wp.exe Process ID - 16272 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [11-07-2023 23:26:54] Process Exited: Process Name - LogonUI.exe Process ID - 3048 [11-07-2023 23:26:54] Process Exited: Process Name - csrss.exe Process ID - 7672 [11-07-2023 23:26:54] Process Exited: Process Name - winlogon.exe Process ID - 10496 [11-07-2023 23:26:54] Process Exited: Process Name - dwm.exe Process ID - 13112 [11-07-2023 23:27:01] New process found: Process Name - csrss.exe Process ID - 16288 Process Identity - SYSTEM [11-07-2023 23:27:01] New process found: Process Name - winlogon.exe Process ID - 15068 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:27:02] New process found: Process Name - LogonUI.exe Process ID - 8688 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:27:02] New process found: Process Name - dwm.exe Process ID - 14012 Process Identity - Window Manager\DWM-4 [11-07-2023 23:27:09] Process Exited: Process Name - LogonUI.exe Process ID - 8688 [11-07-2023 23:27:09] Process Exited: Process Name - dwm.exe Process ID - 14012 [11-07-2023 23:27:09] Process Exited: Process Name - winlogon.exe Process ID - 15068 [11-07-2023 23:27:09] Process Exited: Process Name - csrss.exe Process ID - 16288 [11-07-2023 23:27:11] New process found: Process Name - csrss.exe Process ID - 10548 Process Identity - SYSTEM [11-07-2023 23:27:11] New process found: Process Name - winlogon.exe Process ID - 15156 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:27:12] New process found: Process Name - LogonUI.exe Process ID - 13632 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:27:12] New process found: Process Name - dwm.exe Process ID - 8744 Process Identity - Window Manager\DWM-4 [11-07-2023 23:27:24] Process Exited: Process Name - dwm.exe Process ID - 8744 [11-07-2023 23:27:24] Process Exited: Process Name - csrss.exe Process ID - 10548 [11-07-2023 23:27:24] Process Exited: Process Name - LogonUI.exe Process ID - 13632 [11-07-2023 23:27:24] Process Exited: Process Name - winlogon.exe Process ID - 15156 [11-07-2023 23:27:27] New process found: Process Name - csrss.exe Process ID - 12324 Process Identity - SYSTEM [11-07-2023 23:27:27] New process found: Process Name - winlogon.exe Process ID - 16220 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:27:29] New process found: Process Name - LogonUI.exe Process ID - 8784 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:27:29] New process found: Process Name - dwm.exe Process ID - 11960 Process Identity - Window Manager\DWM-4 [11-07-2023 23:27:39] Process Exited: Process Name - LogonUI.exe Process ID - 8784 [11-07-2023 23:27:39] Process Exited: Process Name - dwm.exe Process ID - 11960 [11-07-2023 23:27:39] Process Exited: Process Name - csrss.exe Process ID - 12324 [11-07-2023 23:27:39] Process Exited: Process Name - winlogon.exe Process ID - 16220 [11-07-2023 23:27:40] New process found: Process Name - csrss.exe Process ID - 12128 Process Identity - SYSTEM [11-07-2023 23:27:40] New process found: Process Name - winlogon.exe Process ID - 2932 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:27:41] New process found: Process Name - LogonUI.exe Process ID - 8252 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:27:41] New process found: Process Name - dwm.exe Process ID - 14416 Process Identity - Window Manager\DWM-4 [11-07-2023 23:27:54] Process Exited: Process Name - winlogon.exe Process ID - 2932 [11-07-2023 23:27:54] Process Exited: Process Name - LogonUI.exe Process ID - 8252 [11-07-2023 23:27:54] Process Exited: Process Name - csrss.exe Process ID - 12128 [11-07-2023 23:27:54] Process Exited: Process Name - dwm.exe Process ID - 14416 [11-07-2023 23:27:56] New process found: Process Name - csrss.exe Process ID - 14752 Process Identity - SYSTEM [11-07-2023 23:27:56] New process found: Process Name - winlogon.exe Process ID - 4756 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:27:57] New process found: Process Name - LogonUI.exe Process ID - 12444 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:27:57] New process found: Process Name - dwm.exe Process ID - 13992 Process Identity - Window Manager\DWM-4 [11-07-2023 23:28:09] Process Exited: Process Name - winlogon.exe Process ID - 4756 [11-07-2023 23:28:09] Process Exited: Process Name - LogonUI.exe Process ID - 12444 [11-07-2023 23:28:09] Process Exited: Process Name - dwm.exe Process ID - 13992 [11-07-2023 23:28:09] Process Exited: Process Name - csrss.exe Process ID - 14752 [11-07-2023 23:28:13] New process found: Process Name - csrss.exe Process ID - 12056 Process Identity - SYSTEM [11-07-2023 23:28:13] New process found: Process Name - winlogon.exe Process ID - 5792 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:28:14] New process found: Process Name - LogonUI.exe Process ID - 10316 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:28:14] New process found: Process Name - dwm.exe Process ID - 16232 Process Identity - Window Manager\DWM-4 [11-07-2023 23:28:25] Process Exited: Process Name - winlogon.exe Process ID - 5792 [11-07-2023 23:28:25] Process Exited: Process Name - LogonUI.exe Process ID - 10316 [11-07-2023 23:28:25] Process Exited: Process Name - csrss.exe Process ID - 12056 [11-07-2023 23:28:25] Process Exited: Process Name - dwm.exe Process ID - 16232 [11-07-2023 23:28:30] New process found: Process Name - csrss.exe Process ID - 14184 Process Identity - SYSTEM [11-07-2023 23:28:30] New process found: Process Name - winlogon.exe Process ID - 15940 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:28:30] New process found: Process Name - LogonUI.exe Process ID - 15336 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:28:30] New process found: Process Name - dwm.exe Process ID - 11900 Process Identity - Window Manager\DWM-4 [11-07-2023 23:28:40] Process Exited: Process Name - dwm.exe Process ID - 11900 [11-07-2023 23:28:40] Process Exited: Process Name - csrss.exe Process ID - 14184 [11-07-2023 23:28:40] Process Exited: Process Name - LogonUI.exe Process ID - 15336 [11-07-2023 23:28:40] Process Exited: Process Name - winlogon.exe Process ID - 15940 [11-07-2023 23:28:46] New process found: Process Name - csrss.exe Process ID - 4416 Process Identity - SYSTEM [11-07-2023 23:28:46] New process found: Process Name - winlogon.exe Process ID - 11276 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:28:47] New process found: Process Name - LogonUI.exe Process ID - 11380 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:28:47] New process found: Process Name - dwm.exe Process ID - 15708 Process Identity - Window Manager\DWM-4 [11-07-2023 23:28:55] New process found: Process Name - WmiPrvSE.exe Process ID - 12336 Process Identity - NT AUTHORITY\LOCAL SERVICE [11-07-2023 23:29:00] Process Exited: Process Name - csrss.exe Process ID - 4416 [11-07-2023 23:29:00] Process Exited: Process Name - winlogon.exe Process ID - 11276 [11-07-2023 23:29:00] Process Exited: Process Name - LogonUI.exe Process ID - 11380 [11-07-2023 23:29:00] Process Exited: Process Name - dwm.exe Process ID - 15708 [11-07-2023 23:29:02] New process found: Process Name - WmiPrvSE.exe Process ID - 912 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:29:02] New process found: Process Name - csrss.exe Process ID - 5508 Process Identity - SYSTEM [11-07-2023 23:29:02] New process found: Process Name - winlogon.exe Process ID - 12784 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:29:03] New process found: Process Name - LogonUI.exe Process ID - 8672 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:29:03] New process found: Process Name - dwm.exe Process ID - 2676 Process Identity - Window Manager\DWM-4 [11-07-2023 23:29:10] Process Exited: Process Name - w3wp.exe Process ID - 524 Web application pool name - justprewedding.com(domain)(4.0)(pool) [11-07-2023 23:29:10] Process Exited: Process Name - conhost.exe Process ID - 11424 [11-07-2023 23:29:15] Process Exited: Process Name - dwm.exe Process ID - 2676 [11-07-2023 23:29:15] Process Exited: Process Name - csrss.exe Process ID - 5508 [11-07-2023 23:29:15] Process Exited: Process Name - LogonUI.exe Process ID - 8672 [11-07-2023 23:29:15] Process Exited: Process Name - winlogon.exe Process ID - 12784 [11-07-2023 23:29:20] New process found: Process Name - csrss.exe Process ID - 5640 Process Identity - SYSTEM [11-07-2023 23:29:20] New process found: Process Name - winlogon.exe Process ID - 11080 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:29:20] New process found: Process Name - LogonUI.exe Process ID - 15828 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:29:20] New process found: Process Name - dwm.exe Process ID - 9768 Process Identity - Window Manager\DWM-4 [11-07-2023 23:29:30] Process Exited: Process Name - csrss.exe Process ID - 5640 [11-07-2023 23:29:30] Process Exited: Process Name - dwm.exe Process ID - 9768 [11-07-2023 23:29:30] Process Exited: Process Name - winlogon.exe Process ID - 11080 [11-07-2023 23:29:30] Process Exited: Process Name - LogonUI.exe Process ID - 15828 [11-07-2023 23:29:35] New process found: Process Name - csrss.exe Process ID - 9684 Process Identity - SYSTEM [11-07-2023 23:29:35] New process found: Process Name - winlogon.exe Process ID - 11548 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:29:36] New process found: Process Name - LogonUI.exe Process ID - 8796 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:29:36] New process found: Process Name - dwm.exe Process ID - 11092 Process Identity - Window Manager\DWM-4 [11-07-2023 23:29:45] Process Exited: Process Name - LogonUI.exe Process ID - 8796 [11-07-2023 23:29:45] Process Exited: Process Name - csrss.exe Process ID - 9684 [11-07-2023 23:29:45] Process Exited: Process Name - dwm.exe Process ID - 11092 [11-07-2023 23:29:45] Process Exited: Process Name - winlogon.exe Process ID - 11548 [11-07-2023 23:29:46] New process found: Process Name - csrss.exe Process ID - 11552 Process Identity - SYSTEM [11-07-2023 23:29:46] New process found: Process Name - winlogon.exe Process ID - 13232 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:29:48] New process found: Process Name - LogonUI.exe Process ID - 12436 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:29:48] New process found: Process Name - dwm.exe Process ID - 11856 Process Identity - Window Manager\DWM-4 [11-07-2023 23:30:00] Process Exited: Process Name - csrss.exe Process ID - 11552 [11-07-2023 23:30:00] Process Exited: Process Name - dwm.exe Process ID - 11856 [11-07-2023 23:30:00] Process Exited: Process Name - LogonUI.exe Process ID - 12436 [11-07-2023 23:30:00] Process Exited: Process Name - winlogon.exe Process ID - 13232 [11-07-2023 23:30:02] New process found: Process Name - csrss.exe Process ID - 11980 Process Identity - SYSTEM [11-07-2023 23:30:02] New process found: Process Name - winlogon.exe Process ID - 2400 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:30:03] New process found: Process Name - dwm.exe Process ID - 12680 Process Identity - Window Manager\DWM-4 [11-07-2023 23:30:03] New process found: Process Name - LogonUI.exe Process ID - 8928 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:30:15] Process Exited: Process Name - winlogon.exe Process ID - 2400 [11-07-2023 23:30:15] Process Exited: Process Name - LogonUI.exe Process ID - 8928 [11-07-2023 23:30:15] Process Exited: Process Name - csrss.exe Process ID - 11980 [11-07-2023 23:30:15] Process Exited: Process Name - dwm.exe Process ID - 12680 [11-07-2023 23:30:17] New process found: Process Name - csrss.exe Process ID - 5072 Process Identity - SYSTEM [11-07-2023 23:30:17] New process found: Process Name - winlogon.exe Process ID - 12280 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:30:17] New process found: Process Name - LogonUI.exe Process ID - 10820 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:30:17] New process found: Process Name - dwm.exe Process ID - 10536 Process Identity - Window Manager\DWM-4 [11-07-2023 23:30:24] Process Exited: Process Name - WmiPrvSE.exe Process ID - 912 [11-07-2023 23:30:24] Process Exited: Process Name - WmiPrvSE.exe Process ID - 12336 [11-07-2023 23:30:30] Process Exited: Process Name - csrss.exe Process ID - 5072 [11-07-2023 23:30:30] Process Exited: Process Name - dwm.exe Process ID - 10536 [11-07-2023 23:30:30] Process Exited: Process Name - LogonUI.exe Process ID - 10820 [11-07-2023 23:30:30] Process Exited: Process Name - winlogon.exe Process ID - 12280 [11-07-2023 23:30:31] New process found: Process Name - csrss.exe Process ID - 4932 Process Identity - SYSTEM [11-07-2023 23:30:31] New process found: Process Name - winlogon.exe Process ID - 9148 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:30:32] New process found: Process Name - LogonUI.exe Process ID - 8212 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:30:32] New process found: Process Name - dwm.exe Process ID - 14404 Process Identity - Window Manager\DWM-4 [11-07-2023 23:30:45] Process Exited: Process Name - csrss.exe Process ID - 4932 [11-07-2023 23:30:45] Process Exited: Process Name - LogonUI.exe Process ID - 8212 [11-07-2023 23:30:45] Process Exited: Process Name - winlogon.exe Process ID - 9148 [11-07-2023 23:30:45] Process Exited: Process Name - dwm.exe Process ID - 14404 [11-07-2023 23:30:48] New process found: Process Name - csrss.exe Process ID - 15004 Process Identity - SYSTEM [11-07-2023 23:30:48] New process found: Process Name - winlogon.exe Process ID - 10720 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:30:49] New process found: Process Name - LogonUI.exe Process ID - 11188 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:30:49] New process found: Process Name - dwm.exe Process ID - 6460 Process Identity - Window Manager\DWM-4 [11-07-2023 23:31:00] Process Exited: Process Name - dwm.exe Process ID - 6460 [11-07-2023 23:31:00] Process Exited: Process Name - winlogon.exe Process ID - 10720 [11-07-2023 23:31:00] Process Exited: Process Name - LogonUI.exe Process ID - 11188 [11-07-2023 23:31:00] Process Exited: Process Name - csrss.exe Process ID - 15004 [11-07-2023 23:31:03] New process found: Process Name - csrss.exe Process ID - 15216 Process Identity - SYSTEM [11-07-2023 23:31:03] New process found: Process Name - winlogon.exe Process ID - 2956 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:31:04] New process found: Process Name - LogonUI.exe Process ID - 15392 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:31:04] New process found: Process Name - dwm.exe Process ID - 680 Process Identity - Window Manager\DWM-4 [11-07-2023 23:31:15] Process Exited: Process Name - dwm.exe Process ID - 680 [11-07-2023 23:31:15] Process Exited: Process Name - winlogon.exe Process ID - 2956 [11-07-2023 23:31:15] Process Exited: Process Name - csrss.exe Process ID - 15216 [11-07-2023 23:31:15] Process Exited: Process Name - LogonUI.exe Process ID - 15392 [11-07-2023 23:31:19] New process found: Process Name - csrss.exe Process ID - 16316 Process Identity - SYSTEM [11-07-2023 23:31:19] New process found: Process Name - winlogon.exe Process ID - 12180 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:31:20] New process found: Process Name - LogonUI.exe Process ID - 10372 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:31:20] New process found: Process Name - dwm.exe Process ID - 1420 Process Identity - Window Manager\DWM-4 [11-07-2023 23:31:30] Process Exited: Process Name - dwm.exe Process ID - 1420 [11-07-2023 23:31:30] Process Exited: Process Name - LogonUI.exe Process ID - 10372 [11-07-2023 23:31:30] Process Exited: Process Name - winlogon.exe Process ID - 12180 [11-07-2023 23:31:30] Process Exited: Process Name - csrss.exe Process ID - 16316 [11-07-2023 23:31:31] New process found: Process Name - csrss.exe Process ID - 6744 Process Identity - SYSTEM [11-07-2023 23:31:31] New process found: Process Name - winlogon.exe Process ID - 8052 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:31:32] New process found: Process Name - LogonUI.exe Process ID - 524 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:31:32] New process found: Process Name - dwm.exe Process ID - 13296 Process Identity - Window Manager\DWM-4 [11-07-2023 23:31:45] Process Exited: Process Name - LogonUI.exe Process ID - 524 [11-07-2023 23:31:45] Process Exited: Process Name - csrss.exe Process ID - 6744 [11-07-2023 23:31:45] Process Exited: Process Name - winlogon.exe Process ID - 8052 [11-07-2023 23:31:45] Process Exited: Process Name - dwm.exe Process ID - 13296 [11-07-2023 23:31:46] New process found: Process Name - csrss.exe Process ID - 11072 Process Identity - SYSTEM [11-07-2023 23:31:46] New process found: Process Name - winlogon.exe Process ID - 7972 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:31:48] New process found: Process Name - LogonUI.exe Process ID - 10772 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:31:48] New process found: Process Name - dwm.exe Process ID - 16128 Process Identity - Window Manager\DWM-4 [11-07-2023 23:31:51] New process found: Process Name - w3wp.exe Process ID - 15992 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [11-07-2023 23:31:51] Process Exited: Process Name - w3wp.exe Process ID - 11764 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [11-07-2023 23:32:00] Process Exited: Process Name - winlogon.exe Process ID - 7972 [11-07-2023 23:32:00] Process Exited: Process Name - LogonUI.exe Process ID - 10772 [11-07-2023 23:32:00] Process Exited: Process Name - csrss.exe Process ID - 11072 [11-07-2023 23:32:00] Process Exited: Process Name - dwm.exe Process ID - 16128 [11-07-2023 23:32:01] New process found: Process Name - smss.exe Process ID - 15776 Process Identity - SYSTEM [11-07-2023 23:32:01] New process found: Process Name - csrss.exe Process ID - 7664 Process Identity - SYSTEM [11-07-2023 23:32:02] New process found: Process Name - winlogon.exe Process ID - 16088 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:32:02] New process found: Process Name - LogonUI.exe Process ID - 12440 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:32:02] New process found: Process Name - dwm.exe Process ID - 16204 Process Identity - Window Manager\DWM-4 [11-07-2023 23:32:02] Process Exited: Process Name - smss.exe Process ID - 15776 [11-07-2023 23:32:15] Process Exited: Process Name - csrss.exe Process ID - 7664 [11-07-2023 23:32:15] Process Exited: Process Name - LogonUI.exe Process ID - 12440 [11-07-2023 23:32:15] Process Exited: Process Name - winlogon.exe Process ID - 16088 [11-07-2023 23:32:15] Process Exited: Process Name - dwm.exe Process ID - 16204 [11-07-2023 23:32:17] New process found: Process Name - csrss.exe Process ID - 13328 Process Identity - SYSTEM [11-07-2023 23:32:17] New process found: Process Name - winlogon.exe Process ID - 7320 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:32:17] New process found: Process Name - LogonUI.exe Process ID - 6552 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:32:17] New process found: Process Name - dwm.exe Process ID - 16344 Process Identity - Window Manager\DWM-4 [11-07-2023 23:32:30] Process Exited: Process Name - LogonUI.exe Process ID - 6552 [11-07-2023 23:32:30] Process Exited: Process Name - winlogon.exe Process ID - 7320 [11-07-2023 23:32:30] Process Exited: Process Name - csrss.exe Process ID - 13328 [11-07-2023 23:32:30] Process Exited: Process Name - dwm.exe Process ID - 16344 [11-07-2023 23:32:32] New process found: Process Name - csrss.exe Process ID - 7116 Process Identity - SYSTEM [11-07-2023 23:32:32] New process found: Process Name - winlogon.exe Process ID - 8252 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:32:32] New process found: Process Name - LogonUI.exe Process ID - 13236 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:32:32] New process found: Process Name - dwm.exe Process ID - 10524 Process Identity - Window Manager\DWM-4 [11-07-2023 23:32:33] New process found: Process Name - SearchProtocolHost.exe Process ID - 13000 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:32:33] New process found: Process Name - SearchFilterHost.exe Process ID - 9304 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:32:45] Process Exited: Process Name - csrss.exe Process ID - 7116 [11-07-2023 23:32:45] Process Exited: Process Name - winlogon.exe Process ID - 8252 [11-07-2023 23:32:45] Process Exited: Process Name - dwm.exe Process ID - 10524 [11-07-2023 23:32:45] Process Exited: Process Name - LogonUI.exe Process ID - 13236 [11-07-2023 23:32:50] New process found: Process Name - csrss.exe Process ID - 2600 Process Identity - SYSTEM [11-07-2023 23:32:50] New process found: Process Name - winlogon.exe Process ID - 11612 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:32:52] New process found: Process Name - LogonUI.exe Process ID - 11684 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:32:52] New process found: Process Name - dwm.exe Process ID - 10820 Process Identity - Window Manager\DWM-4 [11-07-2023 23:33:00] Process Exited: Process Name - csrss.exe Process ID - 2600 [11-07-2023 23:33:00] Process Exited: Process Name - dwm.exe Process ID - 10820 [11-07-2023 23:33:00] Process Exited: Process Name - winlogon.exe Process ID - 11612 [11-07-2023 23:33:00] Process Exited: Process Name - LogonUI.exe Process ID - 11684 [11-07-2023 23:33:06] New process found: Process Name - csrss.exe Process ID - 11344 Process Identity - SYSTEM [11-07-2023 23:33:06] New process found: Process Name - winlogon.exe Process ID - 13648 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:33:06] New process found: Process Name - LogonUI.exe Process ID - 6388 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:33:06] New process found: Process Name - dwm.exe Process ID - 14024 Process Identity - Window Manager\DWM-4 [11-07-2023 23:33:15] Process Exited: Process Name - LogonUI.exe Process ID - 6388 [11-07-2023 23:33:15] Process Exited: Process Name - csrss.exe Process ID - 11344 [11-07-2023 23:33:15] Process Exited: Process Name - winlogon.exe Process ID - 13648 [11-07-2023 23:33:15] Process Exited: Process Name - dwm.exe Process ID - 14024 [11-07-2023 23:33:18] New process found: Process Name - csrss.exe Process ID - 2064 Process Identity - SYSTEM [11-07-2023 23:33:18] New process found: Process Name - winlogon.exe Process ID - 16260 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:33:20] New process found: Process Name - LogonUI.exe Process ID - 7476 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:33:20] New process found: Process Name - dwm.exe Process ID - 6208 Process Identity - Window Manager\DWM-4 [11-07-2023 23:33:30] Process Exited: Process Name - csrss.exe Process ID - 2064 [11-07-2023 23:33:30] Process Exited: Process Name - dwm.exe Process ID - 6208 [11-07-2023 23:33:30] Process Exited: Process Name - LogonUI.exe Process ID - 7476 [11-07-2023 23:33:30] Process Exited: Process Name - winlogon.exe Process ID - 16260 [11-07-2023 23:33:37] New process found: Process Name - csrss.exe Process ID - 10984 Process Identity - SYSTEM [11-07-2023 23:33:37] New process found: Process Name - winlogon.exe Process ID - 11648 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:33:39] New process found: Process Name - LogonUI.exe Process ID - 2476 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:33:39] New process found: Process Name - dwm.exe Process ID - 13900 Process Identity - Window Manager\DWM-4 [11-07-2023 23:33:46] Process Exited: Process Name - LogonUI.exe Process ID - 2476 [11-07-2023 23:33:46] Process Exited: Process Name - csrss.exe Process ID - 10984 [11-07-2023 23:33:46] Process Exited: Process Name - winlogon.exe Process ID - 11648 [11-07-2023 23:33:46] Process Exited: Process Name - dwm.exe Process ID - 13900 [11-07-2023 23:33:48] New process found: Process Name - csrss.exe Process ID - 4416 Process Identity - SYSTEM [11-07-2023 23:33:48] New process found: Process Name - winlogon.exe Process ID - 11508 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:33:49] New process found: Process Name - LogonUI.exe Process ID - 14728 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:33:49] New process found: Process Name - dwm.exe Process ID - 10916 Process Identity - Window Manager\DWM-4 [11-07-2023 23:34:01] Process Exited: Process Name - csrss.exe Process ID - 4416 [11-07-2023 23:34:01] Process Exited: Process Name - dwm.exe Process ID - 10916 [11-07-2023 23:34:01] Process Exited: Process Name - winlogon.exe Process ID - 11508 [11-07-2023 23:34:01] Process Exited: Process Name - LogonUI.exe Process ID - 14728 [11-07-2023 23:34:04] New process found: Process Name - csrss.exe Process ID - 12572 Process Identity - SYSTEM [11-07-2023 23:34:04] New process found: Process Name - winlogon.exe Process ID - 15152 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:34:05] New process found: Process Name - LogonUI.exe Process ID - 3476 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:34:05] New process found: Process Name - dwm.exe Process ID - 12224 Process Identity - Window Manager\DWM-4 [11-07-2023 23:34:16] Process Exited: Process Name - LogonUI.exe Process ID - 3476 [11-07-2023 23:34:16] Process Exited: Process Name - dwm.exe Process ID - 12224 [11-07-2023 23:34:16] Process Exited: Process Name - csrss.exe Process ID - 12572 [11-07-2023 23:34:16] Process Exited: Process Name - winlogon.exe Process ID - 15152 [11-07-2023 23:34:18] New process found: Process Name - csrss.exe Process ID - 11852 Process Identity - SYSTEM [11-07-2023 23:34:18] New process found: Process Name - winlogon.exe Process ID - 2584 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:34:19] New process found: Process Name - LogonUI.exe Process ID - 6916 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:34:19] New process found: Process Name - dwm.exe Process ID - 9372 Process Identity - Window Manager\DWM-4 [11-07-2023 23:34:32] Process Exited: Process Name - winlogon.exe Process ID - 2584 [11-07-2023 23:34:32] Process Exited: Process Name - LogonUI.exe Process ID - 6916 [11-07-2023 23:34:32] Process Exited: Process Name - dwm.exe Process ID - 9372 [11-07-2023 23:34:32] Process Exited: Process Name - csrss.exe Process ID - 11852 [11-07-2023 23:34:37] New process found: Process Name - csrss.exe Process ID - 11460 Process Identity - SYSTEM [11-07-2023 23:34:37] New process found: Process Name - winlogon.exe Process ID - 14388 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:34:38] New process found: Process Name - LogonUI.exe Process ID - 12692 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:34:38] New process found: Process Name - dwm.exe Process ID - 16144 Process Identity - Window Manager\DWM-4 [11-07-2023 23:34:47] Process Exited: Process Name - SearchFilterHost.exe Process ID - 9304 [11-07-2023 23:34:47] Process Exited: Process Name - SearchProtocolHost.exe Process ID - 13000 [11-07-2023 23:34:48] Process Exited: Process Name - csrss.exe Process ID - 11460 [11-07-2023 23:34:48] Process Exited: Process Name - LogonUI.exe Process ID - 12692 [11-07-2023 23:34:48] Process Exited: Process Name - winlogon.exe Process ID - 14388 [11-07-2023 23:34:48] Process Exited: Process Name - dwm.exe Process ID - 16144 [11-07-2023 23:34:51] New process found: Process Name - csrss.exe Process ID - 11856 Process Identity - SYSTEM [11-07-2023 23:34:51] New process found: Process Name - winlogon.exe Process ID - 14732 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:34:52] New process found: Process Name - LogonUI.exe Process ID - 11180 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:34:52] New process found: Process Name - dwm.exe Process ID - 15260 Process Identity - Window Manager\DWM-4 [11-07-2023 23:35:04] Process Exited: Process Name - LogonUI.exe Process ID - 11180 [11-07-2023 23:35:04] Process Exited: Process Name - csrss.exe Process ID - 11856 [11-07-2023 23:35:04] Process Exited: Process Name - winlogon.exe Process ID - 14732 [11-07-2023 23:35:04] Process Exited: Process Name - dwm.exe Process ID - 15260 [11-07-2023 23:35:05] Process Exited: Process Name - w3wp.exe Process ID - 10584 Web application pool name - procurementwebnew.acwits.in(domain)(4.0)(pool) [11-07-2023 23:35:05] Process Exited: Process Name - conhost.exe Process ID - 14376 [11-07-2023 23:35:06] New process found: Process Name - csrss.exe Process ID - 12324 Process Identity - SYSTEM [11-07-2023 23:35:06] New process found: Process Name - winlogon.exe Process ID - 9316 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:35:07] New process found: Process Name - LogonUI.exe Process ID - 11976 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:35:07] New process found: Process Name - dwm.exe Process ID - 840 Process Identity - Window Manager\DWM-4 [11-07-2023 23:35:19] Process Exited: Process Name - dwm.exe Process ID - 840 [11-07-2023 23:35:19] Process Exited: Process Name - winlogon.exe Process ID - 9316 [11-07-2023 23:35:19] Process Exited: Process Name - LogonUI.exe Process ID - 11976 [11-07-2023 23:35:19] Process Exited: Process Name - csrss.exe Process ID - 12324 [11-07-2023 23:35:20] New process found: Process Name - csrss.exe Process ID - 5684 Process Identity - SYSTEM [11-07-2023 23:35:20] New process found: Process Name - winlogon.exe Process ID - 11528 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:35:21] New process found: Process Name - LogonUI.exe Process ID - 5932 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:35:21] New process found: Process Name - dwm.exe Process ID - 11708 Process Identity - Window Manager\DWM-4 [11-07-2023 23:35:34] Process Exited: Process Name - csrss.exe Process ID - 5684 [11-07-2023 23:35:34] Process Exited: Process Name - LogonUI.exe Process ID - 5932 [11-07-2023 23:35:34] Process Exited: Process Name - winlogon.exe Process ID - 11528 [11-07-2023 23:35:34] Process Exited: Process Name - dwm.exe Process ID - 11708 [11-07-2023 23:35:41] New process found: Process Name - csrss.exe Process ID - 2060 Process Identity - SYSTEM [11-07-2023 23:35:41] New process found: Process Name - winlogon.exe Process ID - 6388 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:35:44] New process found: Process Name - LogonUI.exe Process ID - 8600 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:35:44] New process found: Process Name - dwm.exe Process ID - 10256 Process Identity - Window Manager\DWM-4 [11-07-2023 23:35:54] Process Exited: Process Name - csrss.exe Process ID - 2060 [11-07-2023 23:35:54] Process Exited: Process Name - winlogon.exe Process ID - 6388 [11-07-2023 23:35:54] Process Exited: Process Name - LogonUI.exe Process ID - 8600 [11-07-2023 23:35:54] Process Exited: Process Name - dwm.exe Process ID - 10256 [11-07-2023 23:35:59] New process found: Process Name - csrss.exe Process ID - 7484 Process Identity - SYSTEM [11-07-2023 23:35:59] New process found: Process Name - winlogon.exe Process ID - 1332 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:36:01] New process found: Process Name - LogonUI.exe Process ID - 6460 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:36:01] New process found: Process Name - dwm.exe Process ID - 8968 Process Identity - Window Manager\DWM-4 [11-07-2023 23:36:09] Process Exited: Process Name - winlogon.exe Process ID - 1332 [11-07-2023 23:36:09] Process Exited: Process Name - LogonUI.exe Process ID - 6460 [11-07-2023 23:36:09] Process Exited: Process Name - csrss.exe Process ID - 7484 [11-07-2023 23:36:09] Process Exited: Process Name - dwm.exe Process ID - 8968 [11-07-2023 23:36:10] New process found: Process Name - csrss.exe Process ID - 14912 Process Identity - SYSTEM [11-07-2023 23:36:10] New process found: Process Name - winlogon.exe Process ID - 10440 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:36:11] New process found: Process Name - LogonUI.exe Process ID - 16124 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:36:11] New process found: Process Name - dwm.exe Process ID - 14896 Process Identity - Window Manager\DWM-4 [11-07-2023 23:36:24] Process Exited: Process Name - winlogon.exe Process ID - 10440 [11-07-2023 23:36:24] Process Exited: Process Name - dwm.exe Process ID - 14896 [11-07-2023 23:36:24] Process Exited: Process Name - csrss.exe Process ID - 14912 [11-07-2023 23:36:24] Process Exited: Process Name - LogonUI.exe Process ID - 16124 [11-07-2023 23:36:28] New process found: Process Name - csrss.exe Process ID - 13184 Process Identity - SYSTEM [11-07-2023 23:36:28] New process found: Process Name - winlogon.exe Process ID - 11732 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:36:29] New process found: Process Name - LogonUI.exe Process ID - 7600 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:36:29] New process found: Process Name - dwm.exe Process ID - 2952 Process Identity - Window Manager\DWM-4 [11-07-2023 23:36:39] New process found: Process Name - w3wp.exe Process ID - 10376 Process Identity - IIS APPPOOL\galaxytools.in Web application pool name - galaxytools.in [11-07-2023 23:36:39] Process Exited: Process Name - dwm.exe Process ID - 2952 [11-07-2023 23:36:39] Process Exited: Process Name - LogonUI.exe Process ID - 7600 [11-07-2023 23:36:39] Process Exited: Process Name - winlogon.exe Process ID - 11732 [11-07-2023 23:36:39] Process Exited: Process Name - csrss.exe Process ID - 13184 [11-07-2023 23:36:41] New process found: Process Name - smss.exe Process ID - 10024 Process Identity - SYSTEM [11-07-2023 23:36:42] New process found: Process Name - csrss.exe Process ID - 2236 Process Identity - SYSTEM [11-07-2023 23:36:42] New process found: Process Name - winlogon.exe Process ID - 13244 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:36:42] New process found: Process Name - LogonUI.exe Process ID - 12684 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:36:42] New process found: Process Name - dwm.exe Process ID - 5776 Process Identity - Window Manager\DWM-4 [11-07-2023 23:36:42] Process Exited: Process Name - smss.exe Process ID - 10024 [11-07-2023 23:36:52] New process found: Process Name - w3wp.exe Process ID - 14936 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [11-07-2023 23:36:52] Process Exited: Process Name - w3wp.exe Process ID - 15992 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [11-07-2023 23:36:54] Process Exited: Process Name - csrss.exe Process ID - 2236 [11-07-2023 23:36:54] Process Exited: Process Name - dwm.exe Process ID - 5776 [11-07-2023 23:36:54] Process Exited: Process Name - LogonUI.exe Process ID - 12684 [11-07-2023 23:36:54] Process Exited: Process Name - winlogon.exe Process ID - 13244 [11-07-2023 23:36:58] New process found: Process Name - csrss.exe Process ID - 12220 Process Identity - SYSTEM [11-07-2023 23:36:58] New process found: Process Name - winlogon.exe Process ID - 3992 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:36:59] New process found: Process Name - LogonUI.exe Process ID - 9788 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:36:59] New process found: Process Name - dwm.exe Process ID - 14204 Process Identity - Window Manager\DWM-4 [11-07-2023 23:37:09] Process Exited: Process Name - winlogon.exe Process ID - 3992 [11-07-2023 23:37:09] Process Exited: Process Name - LogonUI.exe Process ID - 9788 [11-07-2023 23:37:09] Process Exited: Process Name - csrss.exe Process ID - 12220 [11-07-2023 23:37:09] Process Exited: Process Name - dwm.exe Process ID - 14204 [11-07-2023 23:37:11] New process found: Process Name - csrss.exe Process ID - 13708 Process Identity - SYSTEM [11-07-2023 23:37:11] New process found: Process Name - winlogon.exe Process ID - 16240 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:37:12] New process found: Process Name - LogonUI.exe Process ID - 15964 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:37:12] New process found: Process Name - dwm.exe Process ID - 2088 Process Identity - Window Manager\DWM-4 [11-07-2023 23:37:24] Process Exited: Process Name - dwm.exe Process ID - 2088 [11-07-2023 23:37:24] Process Exited: Process Name - csrss.exe Process ID - 13708 [11-07-2023 23:37:24] Process Exited: Process Name - LogonUI.exe Process ID - 15964 [11-07-2023 23:37:24] Process Exited: Process Name - winlogon.exe Process ID - 16240 [11-07-2023 23:37:25] New process found: Process Name - csrss.exe Process ID - 6172 Process Identity - SYSTEM [11-07-2023 23:37:25] New process found: Process Name - winlogon.exe Process ID - 4964 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:37:27] New process found: Process Name - LogonUI.exe Process ID - 15260 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:37:27] New process found: Process Name - dwm.exe Process ID - 13248 Process Identity - Window Manager\DWM-4 [11-07-2023 23:37:33] Process Exited: Process Name - w3wp.exe Process ID - 9300 Web application pool name - kdbps.edu.in [11-07-2023 23:37:33] Process Exited: Process Name - conhost.exe Process ID - 13736 [11-07-2023 23:37:39] Process Exited: Process Name - winlogon.exe Process ID - 4964 [11-07-2023 23:37:39] Process Exited: Process Name - csrss.exe Process ID - 6172 [11-07-2023 23:37:39] Process Exited: Process Name - dwm.exe Process ID - 13248 [11-07-2023 23:37:39] Process Exited: Process Name - LogonUI.exe Process ID - 15260 [11-07-2023 23:37:41] New process found: Process Name - csrss.exe Process ID - 6668 Process Identity - SYSTEM [11-07-2023 23:37:41] New process found: Process Name - winlogon.exe Process ID - 9196 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:37:42] New process found: Process Name - LogonUI.exe Process ID - 10444 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:37:42] New process found: Process Name - dwm.exe Process ID - 10340 Process Identity - Window Manager\DWM-4 [11-07-2023 23:37:54] Process Exited: Process Name - csrss.exe Process ID - 6668 [11-07-2023 23:37:54] Process Exited: Process Name - winlogon.exe Process ID - 9196 [11-07-2023 23:37:54] Process Exited: Process Name - dwm.exe Process ID - 10340 [11-07-2023 23:37:54] Process Exited: Process Name - LogonUI.exe Process ID - 10444 [11-07-2023 23:37:54] Process Exited: Process Name - w3wp.exe Process ID - 11140 Web application pool name - perfectbread.com(domain)(4.0)(pool) [11-07-2023 23:37:54] Process Exited: Process Name - conhost.exe Process ID - 15144 [11-07-2023 23:37:58] New process found: Process Name - csrss.exe Process ID - 12280 Process Identity - SYSTEM [11-07-2023 23:37:58] New process found: Process Name - winlogon.exe Process ID - 16032 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:38:00] New process found: Process Name - LogonUI.exe Process ID - 7708 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:38:00] New process found: Process Name - dwm.exe Process ID - 2780 Process Identity - Window Manager\DWM-4 [11-07-2023 23:38:09] Process Exited: Process Name - dwm.exe Process ID - 2780 [11-07-2023 23:38:09] Process Exited: Process Name - LogonUI.exe Process ID - 7708 [11-07-2023 23:38:09] Process Exited: Process Name - csrss.exe Process ID - 12280 [11-07-2023 23:38:09] Process Exited: Process Name - winlogon.exe Process ID - 16032 [11-07-2023 23:38:10] New process found: Process Name - csrss.exe Process ID - 16236 Process Identity - SYSTEM [11-07-2023 23:38:10] New process found: Process Name - winlogon.exe Process ID - 12592 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:38:11] New process found: Process Name - LogonUI.exe Process ID - 16216 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:38:11] New process found: Process Name - dwm.exe Process ID - 14564 Process Identity - Window Manager\DWM-4 [11-07-2023 23:38:24] Process Exited: Process Name - winlogon.exe Process ID - 12592 [11-07-2023 23:38:24] Process Exited: Process Name - dwm.exe Process ID - 14564 [11-07-2023 23:38:24] Process Exited: Process Name - LogonUI.exe Process ID - 16216 [11-07-2023 23:38:24] Process Exited: Process Name - csrss.exe Process ID - 16236 [11-07-2023 23:38:28] New process found: Process Name - csrss.exe Process ID - 10720 Process Identity - SYSTEM [11-07-2023 23:38:28] New process found: Process Name - winlogon.exe Process ID - 13156 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:38:29] New process found: Process Name - LogonUI.exe Process ID - 660 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:38:29] New process found: Process Name - dwm.exe Process ID - 2060 Process Identity - Window Manager\DWM-4 [11-07-2023 23:38:39] Process Exited: Process Name - LogonUI.exe Process ID - 660 [11-07-2023 23:38:39] Process Exited: Process Name - dwm.exe Process ID - 2060 [11-07-2023 23:38:39] Process Exited: Process Name - csrss.exe Process ID - 10720 [11-07-2023 23:38:39] Process Exited: Process Name - winlogon.exe Process ID - 13156 [11-07-2023 23:38:40] New process found: Process Name - csrss.exe Process ID - 14080 Process Identity - SYSTEM [11-07-2023 23:38:40] New process found: Process Name - winlogon.exe Process ID - 13764 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:38:41] New process found: Process Name - LogonUI.exe Process ID - 11916 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:38:41] New process found: Process Name - dwm.exe Process ID - 15876 Process Identity - Window Manager\DWM-4 [11-07-2023 23:38:54] New process found: Process Name - WmiPrvSE.exe Process ID - 1364 Process Identity - NT AUTHORITY\LOCAL SERVICE [11-07-2023 23:38:54] Process Exited: Process Name - LogonUI.exe Process ID - 11916 [11-07-2023 23:38:54] Process Exited: Process Name - winlogon.exe Process ID - 13764 [11-07-2023 23:38:54] Process Exited: Process Name - csrss.exe Process ID - 14080 [11-07-2023 23:38:54] Process Exited: Process Name - dwm.exe Process ID - 15876 [11-07-2023 23:38:56] New process found: Process Name - csrss.exe Process ID - 1528 Process Identity - SYSTEM [11-07-2023 23:38:56] New process found: Process Name - winlogon.exe Process ID - 14912 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:38:57] New process found: Process Name - LogonUI.exe Process ID - 10592 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:38:57] New process found: Process Name - dwm.exe Process ID - 12100 Process Identity - Window Manager\DWM-4 [11-07-2023 23:39:01] New process found: Process Name - WmiPrvSE.exe Process ID - 9084 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:39:09] Process Exited: Process Name - csrss.exe Process ID - 1528 [11-07-2023 23:39:09] Process Exited: Process Name - LogonUI.exe Process ID - 10592 [11-07-2023 23:39:09] Process Exited: Process Name - dwm.exe Process ID - 12100 [11-07-2023 23:39:09] Process Exited: Process Name - winlogon.exe Process ID - 14912 [11-07-2023 23:39:11] New process found: Process Name - csrss.exe Process ID - 11472 Process Identity - SYSTEM [11-07-2023 23:39:11] New process found: Process Name - winlogon.exe Process ID - 15828 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:39:12] New process found: Process Name - LogonUI.exe Process ID - 11688 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:39:12] New process found: Process Name - dwm.exe Process ID - 13060 Process Identity - Window Manager\DWM-4 [11-07-2023 23:39:23] Process Exited: Process Name - LogonUI.exe Process ID - 11688 [11-07-2023 23:39:23] Process Exited: Process Name - dwm.exe Process ID - 13060 [11-07-2023 23:39:23] Process Exited: Process Name - winlogon.exe Process ID - 15828 [11-07-2023 23:39:24] Process Exited: Process Name - csrss.exe Process ID - 11472 [11-07-2023 23:39:26] New process found: Process Name - csrss.exe Process ID - 6900 Process Identity - SYSTEM [11-07-2023 23:39:26] New process found: Process Name - winlogon.exe Process ID - 13860 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:39:27] New process found: Process Name - LogonUI.exe Process ID - 9832 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:39:27] New process found: Process Name - dwm.exe Process ID - 15204 Process Identity - Window Manager\DWM-4 [11-07-2023 23:39:39] Process Exited: Process Name - csrss.exe Process ID - 6900 [11-07-2023 23:39:39] Process Exited: Process Name - LogonUI.exe Process ID - 9832 [11-07-2023 23:39:39] Process Exited: Process Name - winlogon.exe Process ID - 13860 [11-07-2023 23:39:39] Process Exited: Process Name - dwm.exe Process ID - 15204 [11-07-2023 23:39:42] New process found: Process Name - csrss.exe Process ID - 11296 Process Identity - SYSTEM [11-07-2023 23:39:42] New process found: Process Name - winlogon.exe Process ID - 12228 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:39:45] New process found: Process Name - LogonUI.exe Process ID - 12676 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:39:45] New process found: Process Name - dwm.exe Process ID - 7044 Process Identity - Window Manager\DWM-4 [11-07-2023 23:39:54] Process Exited: Process Name - dwm.exe Process ID - 7044 [11-07-2023 23:39:54] Process Exited: Process Name - csrss.exe Process ID - 11296 [11-07-2023 23:39:54] Process Exited: Process Name - winlogon.exe Process ID - 12228 [11-07-2023 23:39:54] Process Exited: Process Name - LogonUI.exe Process ID - 12676 [11-07-2023 23:39:57] New process found: Process Name - csrss.exe Process ID - 4048 Process Identity - SYSTEM [11-07-2023 23:39:57] New process found: Process Name - winlogon.exe Process ID - 5640 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:39:58] New process found: Process Name - LogonUI.exe Process ID - 16008 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:39:58] New process found: Process Name - dwm.exe Process ID - 12740 Process Identity - Window Manager\DWM-4 [11-07-2023 23:40:04] Process Exited: Process Name - w3wp.exe Process ID - 14364 Web application pool name - capitalbooks-publishing.com(domain)(4.0)(pool) [11-07-2023 23:40:08] Process Exited: Process Name - LogonUI.exe Process ID - 16008 [11-07-2023 23:40:09] Process Exited: Process Name - csrss.exe Process ID - 4048 [11-07-2023 23:40:09] Process Exited: Process Name - winlogon.exe Process ID - 5640 [11-07-2023 23:40:09] Process Exited: Process Name - dwm.exe Process ID - 12740 [11-07-2023 23:40:13] New process found: Process Name - csrss.exe Process ID - 16104 Process Identity - SYSTEM [11-07-2023 23:40:13] New process found: Process Name - winlogon.exe Process ID - 9300 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:40:14] New process found: Process Name - LogonUI.exe Process ID - 14848 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:40:14] New process found: Process Name - dwm.exe Process ID - 10940 Process Identity - Window Manager\DWM-4 [11-07-2023 23:40:24] Process Exited: Process Name - WmiPrvSE.exe Process ID - 1364 [11-07-2023 23:40:24] Process Exited: Process Name - WmiPrvSE.exe Process ID - 9084 [11-07-2023 23:40:24] Process Exited: Process Name - winlogon.exe Process ID - 9300 [11-07-2023 23:40:24] Process Exited: Process Name - dwm.exe Process ID - 10940 [11-07-2023 23:40:24] Process Exited: Process Name - LogonUI.exe Process ID - 14848 [11-07-2023 23:40:24] Process Exited: Process Name - csrss.exe Process ID - 16104 [11-07-2023 23:40:26] New process found: Process Name - csrss.exe Process ID - 6956 Process Identity - SYSTEM [11-07-2023 23:40:26] New process found: Process Name - winlogon.exe Process ID - 14704 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:40:26] New process found: Process Name - LogonUI.exe Process ID - 16224 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:40:26] New process found: Process Name - dwm.exe Process ID - 1500 Process Identity - Window Manager\DWM-4 [11-07-2023 23:40:39] Process Exited: Process Name - dwm.exe Process ID - 1500 [11-07-2023 23:40:39] Process Exited: Process Name - csrss.exe Process ID - 6956 [11-07-2023 23:40:39] Process Exited: Process Name - winlogon.exe Process ID - 14704 [11-07-2023 23:40:39] Process Exited: Process Name - LogonUI.exe Process ID - 16224 [11-07-2023 23:40:41] New process found: Process Name - csrss.exe Process ID - 10340 Process Identity - SYSTEM [11-07-2023 23:40:41] New process found: Process Name - winlogon.exe Process ID - 8704 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:40:44] New process found: Process Name - LogonUI.exe Process ID - 15688 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:40:44] New process found: Process Name - dwm.exe Process ID - 15548 Process Identity - Window Manager\DWM-4 [11-07-2023 23:40:55] Process Exited: Process Name - winlogon.exe Process ID - 8704 [11-07-2023 23:40:55] Process Exited: Process Name - csrss.exe Process ID - 10340 [11-07-2023 23:40:55] Process Exited: Process Name - dwm.exe Process ID - 15548 [11-07-2023 23:40:55] Process Exited: Process Name - LogonUI.exe Process ID - 15688 [11-07-2023 23:40:58] New process found: Process Name - csrss.exe Process ID - 11244 Process Identity - SYSTEM [11-07-2023 23:40:58] New process found: Process Name - winlogon.exe Process ID - 176 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:40:59] New process found: Process Name - LogonUI.exe Process ID - 10408 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:40:59] New process found: Process Name - dwm.exe Process ID - 14856 Process Identity - Window Manager\DWM-4 [11-07-2023 23:41:10] Process Exited: Process Name - winlogon.exe Process ID - 176 [11-07-2023 23:41:10] Process Exited: Process Name - LogonUI.exe Process ID - 10408 [11-07-2023 23:41:10] Process Exited: Process Name - csrss.exe Process ID - 11244 [11-07-2023 23:41:10] Process Exited: Process Name - dwm.exe Process ID - 14856 [11-07-2023 23:41:15] New process found: Process Name - csrss.exe Process ID - 4184 Process Identity - SYSTEM [11-07-2023 23:41:15] New process found: Process Name - winlogon.exe Process ID - 8952 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:41:17] New process found: Process Name - LogonUI.exe Process ID - 16232 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:41:17] New process found: Process Name - dwm.exe Process ID - 11272 Process Identity - Window Manager\DWM-4 [11-07-2023 23:41:25] Process Exited: Process Name - csrss.exe Process ID - 4184 [11-07-2023 23:41:25] Process Exited: Process Name - winlogon.exe Process ID - 8952 [11-07-2023 23:41:25] Process Exited: Process Name - dwm.exe Process ID - 11272 [11-07-2023 23:41:25] Process Exited: Process Name - LogonUI.exe Process ID - 16232 [11-07-2023 23:41:28] New process found: Process Name - csrss.exe Process ID - 14864 Process Identity - SYSTEM [11-07-2023 23:41:28] New process found: Process Name - winlogon.exe Process ID - 3996 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:41:29] New process found: Process Name - LogonUI.exe Process ID - 9332 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:41:29] New process found: Process Name - dwm.exe Process ID - 2508 Process Identity - Window Manager\DWM-4 [11-07-2023 23:41:40] Process Exited: Process Name - dwm.exe Process ID - 2508 [11-07-2023 23:41:40] Process Exited: Process Name - winlogon.exe Process ID - 3996 [11-07-2023 23:41:40] Process Exited: Process Name - LogonUI.exe Process ID - 9332 [11-07-2023 23:41:40] Process Exited: Process Name - csrss.exe Process ID - 14864 [11-07-2023 23:41:43] New process found: Process Name - csrss.exe Process ID - 14752 Process Identity - SYSTEM [11-07-2023 23:41:43] New process found: Process Name - winlogon.exe Process ID - 6600 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:41:46] New process found: Process Name - LogonUI.exe Process ID - 14492 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:41:46] New process found: Process Name - dwm.exe Process ID - 11344 Process Identity - Window Manager\DWM-4 [11-07-2023 23:41:48] New process found: Process Name - w3wp.exe Process ID - 2956 Process Identity - IIS APPPOOL\kdbps.edu.in Web application pool name - kdbps.edu.in [11-07-2023 23:41:48] New process found: Process Name - conhost.exe Process ID - 13764 Process Identity - IIS APPPOOL\kdbps.edu.in [11-07-2023 23:41:54] New process found: Process Name - w3wp.exe Process ID - 10672 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [11-07-2023 23:41:54] Process Exited: Process Name - w3wp.exe Process ID - 14936 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [11-07-2023 23:41:55] Process Exited: Process Name - winlogon.exe Process ID - 6600 [11-07-2023 23:41:55] Process Exited: Process Name - dwm.exe Process ID - 11344 [11-07-2023 23:41:55] Process Exited: Process Name - LogonUI.exe Process ID - 14492 [11-07-2023 23:41:55] Process Exited: Process Name - csrss.exe Process ID - 14752 [11-07-2023 23:41:58] New process found: Process Name - smss.exe Process ID - 8052 Process Identity - SYSTEM [11-07-2023 23:41:59] New process found: Process Name - csrss.exe Process ID - 9584 Process Identity - SYSTEM [11-07-2023 23:41:59] New process found: Process Name - winlogon.exe Process ID - 2080 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:41:59] Process Exited: Process Name - smss.exe Process ID - 8052 [11-07-2023 23:42:01] New process found: Process Name - ig-0.exe Process ID - 7012 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 23:42:01] New process found: Process Name - LogonUI.exe Process ID - 13052 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:42:01] New process found: Process Name - dwm.exe Process ID - 13600 Process Identity - Window Manager\DWM-4 [11-07-2023 23:42:02] New process found: Process Name - ig-3.exe Process ID - 11144 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 23:42:02] Process Exited: Process Name - ig-0.exe Process ID - 7012 [11-07-2023 23:42:03] New process found: Process Name - ig-6.exe Process ID - 2380 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 23:42:03] Process Exited: Process Name - ig-3.exe Process ID - 11144 [11-07-2023 23:42:04] New process found: Process Name - ig-9.exe Process ID - 10248 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 23:42:04] Process Exited: Process Name - ig-6.exe Process ID - 2380 [11-07-2023 23:42:05] New process found: Process Name - ig-12.exe Process ID - 8804 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 23:42:05] Process Exited: Process Name - ig-9.exe Process ID - 10248 [11-07-2023 23:42:06] New process found: Process Name - ig-15.exe Process ID - 9524 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 23:42:06] Process Exited: Process Name - ig-12.exe Process ID - 8804 [11-07-2023 23:42:07] New process found: Process Name - ig-18.exe Process ID - 7712 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 23:42:07] Process Exited: Process Name - ig-15.exe Process ID - 9524 [11-07-2023 23:42:08] New process found: Process Name - ig-21.exe Process ID - 15160 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 23:42:08] Process Exited: Process Name - ig-18.exe Process ID - 7712 [11-07-2023 23:42:09] New process found: Process Name - ig-24.exe Process ID - 11116 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 23:42:09] Process Exited: Process Name - ig-21.exe Process ID - 15160 [11-07-2023 23:42:10] New process found: Process Name - ig-27.exe Process ID - 15604 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 23:42:10] Process Exited: Process Name - ig-24.exe Process ID - 11116 [11-07-2023 23:42:11] New process found: Process Name - ig-30.exe Process ID - 13120 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 23:42:11] Process Exited: Process Name - winlogon.exe Process ID - 2080 [11-07-2023 23:42:11] Process Exited: Process Name - csrss.exe Process ID - 9584 [11-07-2023 23:42:11] Process Exited: Process Name - LogonUI.exe Process ID - 13052 [11-07-2023 23:42:11] Process Exited: Process Name - dwm.exe Process ID - 13600 [11-07-2023 23:42:11] Process Exited: Process Name - ig-27.exe Process ID - 15604 [11-07-2023 23:42:12] New process found: Process Name - ig-33.exe Process ID - 14708 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 23:42:12] Process Exited: Process Name - ig-30.exe Process ID - 13120 [11-07-2023 23:42:13] New process found: Process Name - ig-36.exe Process ID - 15272 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 23:42:13] Process Exited: Process Name - ig-33.exe Process ID - 14708 [11-07-2023 23:42:14] New process found: Process Name - ig-39.exe Process ID - 10576 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 23:42:14] Process Exited: Process Name - ig-36.exe Process ID - 15272 [11-07-2023 23:42:15] New process found: Process Name - ig-43.exe Process ID - 9412 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 23:42:15] Process Exited: Process Name - ig-39.exe Process ID - 10576 [11-07-2023 23:42:16] New process found: Process Name - csrss.exe Process ID - 15192 Process Identity - SYSTEM [11-07-2023 23:42:16] New process found: Process Name - winlogon.exe Process ID - 2880 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:42:16] Process Exited: Process Name - ig-43.exe Process ID - 9412 [11-07-2023 23:42:19] New process found: Process Name - LogonUI.exe Process ID - 2800 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:42:19] New process found: Process Name - dwm.exe Process ID - 15440 Process Identity - Window Manager\DWM-4 [11-07-2023 23:42:19] New process found: Process Name - ig-47.exe Process ID - 4208 Process Identity - KSHITIJSINGHAL-\Administrator [11-07-2023 23:42:20] Process Exited: Process Name - ig-47.exe Process ID - 4208 [11-07-2023 23:42:26] Process Exited: Process Name - LogonUI.exe Process ID - 2800 [11-07-2023 23:42:26] Process Exited: Process Name - winlogon.exe Process ID - 2880 [11-07-2023 23:42:26] Process Exited: Process Name - csrss.exe Process ID - 15192 [11-07-2023 23:42:26] Process Exited: Process Name - dwm.exe Process ID - 15440 [11-07-2023 23:42:31] New process found: Process Name - csrss.exe Process ID - 15156 Process Identity - SYSTEM [11-07-2023 23:42:31] New process found: Process Name - winlogon.exe Process ID - 14376 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:42:33] New process found: Process Name - LogonUI.exe Process ID - 13816 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:42:33] New process found: Process Name - dwm.exe Process ID - 12856 Process Identity - Window Manager\DWM-4 [11-07-2023 23:42:41] Process Exited: Process Name - dwm.exe Process ID - 12856 [11-07-2023 23:42:41] Process Exited: Process Name - LogonUI.exe Process ID - 13816 [11-07-2023 23:42:41] Process Exited: Process Name - winlogon.exe Process ID - 14376 [11-07-2023 23:42:41] Process Exited: Process Name - csrss.exe Process ID - 15156 [11-07-2023 23:42:42] Process Exited: Process Name - w3wp.exe Process ID - 10376 Web application pool name - galaxytools.in [11-07-2023 23:42:43] New process found: Process Name - csrss.exe Process ID - 15096 Process Identity - SYSTEM [11-07-2023 23:42:43] New process found: Process Name - winlogon.exe Process ID - 12868 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:42:44] New process found: Process Name - LogonUI.exe Process ID - 12720 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:42:44] New process found: Process Name - dwm.exe Process ID - 892 Process Identity - Window Manager\DWM-4 [11-07-2023 23:42:55] Process Exited: Process Name - conhost.exe Process ID - 7436 [11-07-2023 23:42:55] Process Exited: Process Name - w3wp.exe Process ID - 13412 Web application pool name - suryaflame.com(domain)(4.0)(pool) [11-07-2023 23:42:56] Process Exited: Process Name - dwm.exe Process ID - 892 [11-07-2023 23:42:56] Process Exited: Process Name - LogonUI.exe Process ID - 12720 [11-07-2023 23:42:56] Process Exited: Process Name - winlogon.exe Process ID - 12868 [11-07-2023 23:42:56] Process Exited: Process Name - csrss.exe Process ID - 15096 [11-07-2023 23:42:59] New process found: Process Name - csrss.exe Process ID - 11580 Process Identity - SYSTEM [11-07-2023 23:42:59] New process found: Process Name - winlogon.exe Process ID - 16304 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:43:01] New process found: Process Name - LogonUI.exe Process ID - 732 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:43:01] New process found: Process Name - dwm.exe Process ID - 12244 Process Identity - Window Manager\DWM-4 [11-07-2023 23:43:11] Process Exited: Process Name - LogonUI.exe Process ID - 732 [11-07-2023 23:43:11] Process Exited: Process Name - csrss.exe Process ID - 11580 [11-07-2023 23:43:11] Process Exited: Process Name - dwm.exe Process ID - 12244 [11-07-2023 23:43:11] Process Exited: Process Name - winlogon.exe Process ID - 16304 [11-07-2023 23:43:13] New process found: Process Name - csrss.exe Process ID - 16124 Process Identity - SYSTEM [11-07-2023 23:43:13] New process found: Process Name - winlogon.exe Process ID - 15100 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:43:15] New process found: Process Name - LogonUI.exe Process ID - 16104 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:43:15] New process found: Process Name - dwm.exe Process ID - 11192 Process Identity - Window Manager\DWM-4 [11-07-2023 23:43:26] Process Exited: Process Name - dwm.exe Process ID - 11192 [11-07-2023 23:43:26] Process Exited: Process Name - winlogon.exe Process ID - 15100 [11-07-2023 23:43:26] Process Exited: Process Name - LogonUI.exe Process ID - 16104 [11-07-2023 23:43:27] Process Exited: Process Name - csrss.exe Process ID - 16124 [11-07-2023 23:43:32] New process found: Process Name - csrss.exe Process ID - 16224 Process Identity - SYSTEM [11-07-2023 23:43:32] New process found: Process Name - winlogon.exe Process ID - 7116 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:43:33] New process found: Process Name - LogonUI.exe Process ID - 15044 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:43:33] New process found: Process Name - dwm.exe Process ID - 14704 Process Identity - Window Manager\DWM-4 [11-07-2023 23:43:42] Process Exited: Process Name - winlogon.exe Process ID - 7116 [11-07-2023 23:43:42] Process Exited: Process Name - dwm.exe Process ID - 14704 [11-07-2023 23:43:42] Process Exited: Process Name - LogonUI.exe Process ID - 15044 [11-07-2023 23:43:42] Process Exited: Process Name - csrss.exe Process ID - 16224 [11-07-2023 23:43:47] New process found: Process Name - csrss.exe Process ID - 8984 Process Identity - SYSTEM [11-07-2023 23:43:47] New process found: Process Name - winlogon.exe Process ID - 5192 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:43:48] New process found: Process Name - LogonUI.exe Process ID - 11392 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:43:48] New process found: Process Name - dwm.exe Process ID - 11800 Process Identity - Window Manager\DWM-4 [11-07-2023 23:43:58] Process Exited: Process Name - winlogon.exe Process ID - 5192 [11-07-2023 23:43:58] Process Exited: Process Name - csrss.exe Process ID - 8984 [11-07-2023 23:43:58] Process Exited: Process Name - LogonUI.exe Process ID - 11392 [11-07-2023 23:43:58] Process Exited: Process Name - dwm.exe Process ID - 11800 [11-07-2023 23:44:01] New process found: Process Name - csrss.exe Process ID - 10536 Process Identity - SYSTEM [11-07-2023 23:44:01] New process found: Process Name - winlogon.exe Process ID - 15620 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:44:03] New process found: Process Name - LogonUI.exe Process ID - 14872 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:44:03] New process found: Process Name - dwm.exe Process ID - 8584 Process Identity - Window Manager\DWM-4 [11-07-2023 23:44:07] New process found: Process Name - w3wp.exe Process ID - 12196 Process Identity - KSHITIJSINGHAL-\IWPD_74(suryafla_aw) Web application pool name - suryaflame.com(domain)(4.0)(pool) [11-07-2023 23:44:08] New process found: Process Name - conhost.exe Process ID - 13192 Process Identity - KSHITIJSINGHAL-\IWPD_74(suryafla_aw) [11-07-2023 23:44:13] Process Exited: Process Name - dwm.exe Process ID - 8584 [11-07-2023 23:44:13] Process Exited: Process Name - csrss.exe Process ID - 10536 [11-07-2023 23:44:13] Process Exited: Process Name - LogonUI.exe Process ID - 14872 [11-07-2023 23:44:13] Process Exited: Process Name - winlogon.exe Process ID - 15620 [11-07-2023 23:44:16] New process found: Process Name - csrss.exe Process ID - 11640 Process Identity - SYSTEM [11-07-2023 23:44:16] New process found: Process Name - winlogon.exe Process ID - 14480 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:44:17] New process found: Process Name - LogonUI.exe Process ID - 14792 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:44:17] New process found: Process Name - dwm.exe Process ID - 15196 Process Identity - Window Manager\DWM-4 [11-07-2023 23:44:29] Process Exited: Process Name - csrss.exe Process ID - 11640 [11-07-2023 23:44:29] Process Exited: Process Name - winlogon.exe Process ID - 14480 [11-07-2023 23:44:29] Process Exited: Process Name - LogonUI.exe Process ID - 14792 [11-07-2023 23:44:29] Process Exited: Process Name - dwm.exe Process ID - 15196 [11-07-2023 23:44:31] New process found: Process Name - csrss.exe Process ID - 12816 Process Identity - SYSTEM [11-07-2023 23:44:31] New process found: Process Name - winlogon.exe Process ID - 14392 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:44:32] New process found: Process Name - LogonUI.exe Process ID - 14768 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:44:32] New process found: Process Name - dwm.exe Process ID - 6916 Process Identity - Window Manager\DWM-4 [11-07-2023 23:44:44] Process Exited: Process Name - dwm.exe Process ID - 6916 [11-07-2023 23:44:44] Process Exited: Process Name - csrss.exe Process ID - 12816 [11-07-2023 23:44:44] Process Exited: Process Name - winlogon.exe Process ID - 14392 [11-07-2023 23:44:44] Process Exited: Process Name - LogonUI.exe Process ID - 14768 [11-07-2023 23:44:46] New process found: Process Name - csrss.exe Process ID - 11344 Process Identity - SYSTEM [11-07-2023 23:44:46] New process found: Process Name - winlogon.exe Process ID - 2276 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:44:47] New process found: Process Name - LogonUI.exe Process ID - 6600 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:44:47] New process found: Process Name - dwm.exe Process ID - 10228 Process Identity - Window Manager\DWM-4 [11-07-2023 23:44:59] Process Exited: Process Name - winlogon.exe Process ID - 2276 [11-07-2023 23:44:59] Process Exited: Process Name - LogonUI.exe Process ID - 6600 [11-07-2023 23:44:59] Process Exited: Process Name - dwm.exe Process ID - 10228 [11-07-2023 23:44:59] Process Exited: Process Name - csrss.exe Process ID - 11344 [11-07-2023 23:45:00] New process found: Process Name - w3wp.exe Process ID - 1320 Process Identity - KSHITIJSINGHAL-\IWPD_33(acwits) Web application pool name - procurementwebnew.acwits.in(domain)(4.0)(pool) [11-07-2023 23:45:01] New process found: Process Name - conhost.exe Process ID - 10480 Process Identity - KSHITIJSINGHAL-\IWPD_33(acwits) [11-07-2023 23:45:05] New process found: Process Name - csrss.exe Process ID - 10700 Process Identity - SYSTEM [11-07-2023 23:45:05] New process found: Process Name - winlogon.exe Process ID - 14952 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:45:06] New process found: Process Name - LogonUI.exe Process ID - 13028 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:45:06] New process found: Process Name - dwm.exe Process ID - 13244 Process Identity - Window Manager\DWM-4 [11-07-2023 23:45:15] Process Exited: Process Name - csrss.exe Process ID - 10700 [11-07-2023 23:45:15] Process Exited: Process Name - LogonUI.exe Process ID - 13028 [11-07-2023 23:45:15] Process Exited: Process Name - dwm.exe Process ID - 13244 [11-07-2023 23:45:15] Process Exited: Process Name - winlogon.exe Process ID - 14952 [11-07-2023 23:45:19] New process found: Process Name - csrss.exe Process ID - 11288 Process Identity - SYSTEM [11-07-2023 23:45:19] New process found: Process Name - winlogon.exe Process ID - 15612 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:45:20] New process found: Process Name - LogonUI.exe Process ID - 10576 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:45:20] New process found: Process Name - dwm.exe Process ID - 10712 Process Identity - Window Manager\DWM-4 [11-07-2023 23:45:31] Process Exited: Process Name - LogonUI.exe Process ID - 10576 [11-07-2023 23:45:31] Process Exited: Process Name - dwm.exe Process ID - 10712 [11-07-2023 23:45:31] Process Exited: Process Name - csrss.exe Process ID - 11288 [11-07-2023 23:45:31] Process Exited: Process Name - winlogon.exe Process ID - 15612 [11-07-2023 23:45:35] New process found: Process Name - csrss.exe Process ID - 15860 Process Identity - SYSTEM [11-07-2023 23:45:35] New process found: Process Name - winlogon.exe Process ID - 11696 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:45:36] New process found: Process Name - LogonUI.exe Process ID - 6232 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:45:36] New process found: Process Name - dwm.exe Process ID - 16204 Process Identity - Window Manager\DWM-4 [11-07-2023 23:45:46] Process Exited: Process Name - LogonUI.exe Process ID - 6232 [11-07-2023 23:45:46] Process Exited: Process Name - winlogon.exe Process ID - 11696 [11-07-2023 23:45:46] Process Exited: Process Name - csrss.exe Process ID - 15860 [11-07-2023 23:45:46] Process Exited: Process Name - dwm.exe Process ID - 16204 [11-07-2023 23:45:49] New process found: Process Name - csrss.exe Process ID - 9256 Process Identity - SYSTEM [11-07-2023 23:45:49] New process found: Process Name - winlogon.exe Process ID - 13736 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:45:50] New process found: Process Name - LogonUI.exe Process ID - 14388 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:45:50] New process found: Process Name - dwm.exe Process ID - 16088 Process Identity - Window Manager\DWM-4 [11-07-2023 23:46:02] Process Exited: Process Name - csrss.exe Process ID - 9256 [11-07-2023 23:46:02] Process Exited: Process Name - winlogon.exe Process ID - 13736 [11-07-2023 23:46:02] Process Exited: Process Name - LogonUI.exe Process ID - 14388 [11-07-2023 23:46:02] Process Exited: Process Name - dwm.exe Process ID - 16088 [11-07-2023 23:46:07] New process found: Process Name - csrss.exe Process ID - 8776 Process Identity - SYSTEM [11-07-2023 23:46:07] New process found: Process Name - winlogon.exe Process ID - 10676 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:46:10] New process found: Process Name - LogonUI.exe Process ID - 15148 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:46:10] New process found: Process Name - dwm.exe Process ID - 4212 Process Identity - Window Manager\DWM-4 [11-07-2023 23:46:17] Process Exited: Process Name - dwm.exe Process ID - 4212 [11-07-2023 23:46:17] Process Exited: Process Name - csrss.exe Process ID - 8776 [11-07-2023 23:46:17] Process Exited: Process Name - winlogon.exe Process ID - 10676 [11-07-2023 23:46:17] Process Exited: Process Name - LogonUI.exe Process ID - 15148 [11-07-2023 23:46:20] New process found: Process Name - csrss.exe Process ID - 14880 Process Identity - SYSTEM [11-07-2023 23:46:20] New process found: Process Name - winlogon.exe Process ID - 6968 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:46:21] New process found: Process Name - LogonUI.exe Process ID - 15560 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:46:21] New process found: Process Name - dwm.exe Process ID - 12260 Process Identity - Window Manager\DWM-4 [11-07-2023 23:46:33] Process Exited: Process Name - winlogon.exe Process ID - 6968 [11-07-2023 23:46:33] Process Exited: Process Name - dwm.exe Process ID - 12260 [11-07-2023 23:46:33] Process Exited: Process Name - csrss.exe Process ID - 14880 [11-07-2023 23:46:33] Process Exited: Process Name - LogonUI.exe Process ID - 15560 [11-07-2023 23:46:36] New process found: Process Name - csrss.exe Process ID - 15808 Process Identity - SYSTEM [11-07-2023 23:46:36] New process found: Process Name - winlogon.exe Process ID - 9188 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:46:39] New process found: Process Name - LogonUI.exe Process ID - 12264 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:46:39] New process found: Process Name - dwm.exe Process ID - 13328 Process Identity - Window Manager\DWM-4 [11-07-2023 23:46:49] Process Exited: Process Name - winlogon.exe Process ID - 9188 [11-07-2023 23:46:49] Process Exited: Process Name - LogonUI.exe Process ID - 12264 [11-07-2023 23:46:49] Process Exited: Process Name - dwm.exe Process ID - 13328 [11-07-2023 23:46:49] Process Exited: Process Name - csrss.exe Process ID - 15808 [11-07-2023 23:46:54] New process found: Process Name - csrss.exe Process ID - 11740 Process Identity - SYSTEM [11-07-2023 23:46:54] New process found: Process Name - winlogon.exe Process ID - 14528 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:46:56] New process found: Process Name - LogonUI.exe Process ID - 12664 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:46:56] New process found: Process Name - dwm.exe Process ID - 16292 Process Identity - Window Manager\DWM-4 [11-07-2023 23:47:01] New process found: Process Name - w3wp.exe Process ID - 3800 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [11-07-2023 23:47:01] Process Exited: Process Name - w3wp.exe Process ID - 10672 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [11-07-2023 23:47:06] Process Exited: Process Name - csrss.exe Process ID - 11740 [11-07-2023 23:47:06] Process Exited: Process Name - LogonUI.exe Process ID - 12664 [11-07-2023 23:47:06] Process Exited: Process Name - winlogon.exe Process ID - 14528 [11-07-2023 23:47:06] Process Exited: Process Name - dwm.exe Process ID - 16292 [11-07-2023 23:47:09] New process found: Process Name - csrss.exe Process ID - 9224 Process Identity - SYSTEM [11-07-2023 23:47:09] New process found: Process Name - winlogon.exe Process ID - 11844 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:47:11] New process found: Process Name - LogonUI.exe Process ID - 11088 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:47:11] New process found: Process Name - dwm.exe Process ID - 15380 Process Identity - Window Manager\DWM-4 [11-07-2023 23:47:22] Process Exited: Process Name - csrss.exe Process ID - 9224 [11-07-2023 23:47:22] Process Exited: Process Name - LogonUI.exe Process ID - 11088 [11-07-2023 23:47:22] Process Exited: Process Name - winlogon.exe Process ID - 11844 [11-07-2023 23:47:22] Process Exited: Process Name - dwm.exe Process ID - 15380 [11-07-2023 23:47:26] New process found: Process Name - csrss.exe Process ID - 9604 Process Identity - SYSTEM [11-07-2023 23:47:26] New process found: Process Name - winlogon.exe Process ID - 12280 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:47:28] New process found: Process Name - LogonUI.exe Process ID - 12568 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:47:28] New process found: Process Name - dwm.exe Process ID - 5076 Process Identity - Window Manager\DWM-4 [11-07-2023 23:47:37] Process Exited: Process Name - dwm.exe Process ID - 5076 [11-07-2023 23:47:37] Process Exited: Process Name - csrss.exe Process ID - 9604 [11-07-2023 23:47:37] Process Exited: Process Name - winlogon.exe Process ID - 12280 [11-07-2023 23:47:37] Process Exited: Process Name - LogonUI.exe Process ID - 12568 [11-07-2023 23:47:40] New process found: Process Name - csrss.exe Process ID - 10816 Process Identity - SYSTEM [11-07-2023 23:47:40] New process found: Process Name - winlogon.exe Process ID - 15792 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:47:42] New process found: Process Name - LogonUI.exe Process ID - 15920 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:47:42] New process found: Process Name - dwm.exe Process ID - 16020 Process Identity - Window Manager\DWM-4 [11-07-2023 23:47:53] Process Exited: Process Name - csrss.exe Process ID - 10816 [11-07-2023 23:47:53] Process Exited: Process Name - winlogon.exe Process ID - 15792 [11-07-2023 23:47:53] Process Exited: Process Name - LogonUI.exe Process ID - 15920 [11-07-2023 23:47:53] Process Exited: Process Name - dwm.exe Process ID - 16020 [11-07-2023 23:47:57] New process found: Process Name - csrss.exe Process ID - 14768 Process Identity - SYSTEM [11-07-2023 23:47:57] New process found: Process Name - winlogon.exe Process ID - 16264 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:47:59] New process found: Process Name - LogonUI.exe Process ID - 14696 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:47:59] New process found: Process Name - dwm.exe Process ID - 3876 Process Identity - Window Manager\DWM-4 [11-07-2023 23:48:08] Process Exited: Process Name - dwm.exe Process ID - 3876 [11-07-2023 23:48:08] Process Exited: Process Name - LogonUI.exe Process ID - 14696 [11-07-2023 23:48:08] Process Exited: Process Name - csrss.exe Process ID - 14768 [11-07-2023 23:48:08] Process Exited: Process Name - winlogon.exe Process ID - 16264 [11-07-2023 23:48:11] New process found: Process Name - csrss.exe Process ID - 10720 Process Identity - SYSTEM [11-07-2023 23:48:11] New process found: Process Name - winlogon.exe Process ID - 9968 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:48:12] New process found: Process Name - LogonUI.exe Process ID - 2428 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:48:12] New process found: Process Name - dwm.exe Process ID - 16136 Process Identity - Window Manager\DWM-4 [11-07-2023 23:48:13] New process found: Process Name - w3wp.exe Process ID - 11508 Process Identity - IIS APPPOOL\galaxytools.in Web application pool name - galaxytools.in [11-07-2023 23:48:24] Process Exited: Process Name - LogonUI.exe Process ID - 2428 [11-07-2023 23:48:24] Process Exited: Process Name - winlogon.exe Process ID - 9968 [11-07-2023 23:48:24] Process Exited: Process Name - csrss.exe Process ID - 10720 [11-07-2023 23:48:24] Process Exited: Process Name - dwm.exe Process ID - 16136 [11-07-2023 23:48:25] New process found: Process Name - csrss.exe Process ID - 14708 Process Identity - SYSTEM [11-07-2023 23:48:25] New process found: Process Name - winlogon.exe Process ID - 9696 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:48:25] New process found: Process Name - LogonUI.exe Process ID - 9824 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:48:25] New process found: Process Name - dwm.exe Process ID - 12424 Process Identity - Window Manager\DWM-4 [11-07-2023 23:48:34] New process found: Process Name - w3wp.exe Process ID - 10428 Process Identity - KSHITIJSINGHAL-\IWPD_77(acwits) Web application pool name - kdb.acwits.in(domain)(4.0)(pool) [11-07-2023 23:48:34] New process found: Process Name - conhost.exe Process ID - 14900 Process Identity - KSHITIJSINGHAL-\IWPD_77(acwits) [11-07-2023 23:48:40] Process Exited: Process Name - winlogon.exe Process ID - 9696 [11-07-2023 23:48:40] Process Exited: Process Name - LogonUI.exe Process ID - 9824 [11-07-2023 23:48:40] Process Exited: Process Name - dwm.exe Process ID - 12424 [11-07-2023 23:48:40] Process Exited: Process Name - csrss.exe Process ID - 14708 [11-07-2023 23:48:41] New process found: Process Name - csrss.exe Process ID - 8956 Process Identity - SYSTEM [11-07-2023 23:48:41] New process found: Process Name - winlogon.exe Process ID - 15200 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:48:41] New process found: Process Name - LogonUI.exe Process ID - 7452 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:48:41] New process found: Process Name - dwm.exe Process ID - 10532 Process Identity - Window Manager\DWM-4 [11-07-2023 23:48:43] New process found: Process Name - w3wp.exe Process ID - 6612 Process Identity - IIS APPPOOL\PleskControlPanel Web application pool name - PleskControlPanel [11-07-2023 23:48:43] New process found: Process Name - php-cgi.exe Process ID - 14152 Process Identity - IIS APPPOOL\PleskControlPanel [11-07-2023 23:48:54] New process found: Process Name - WmiPrvSE.exe Process ID - 4408 Process Identity - NT AUTHORITY\LOCAL SERVICE [11-07-2023 23:48:55] Process Exited: Process Name - LogonUI.exe Process ID - 7452 [11-07-2023 23:48:55] Process Exited: Process Name - csrss.exe Process ID - 8956 [11-07-2023 23:48:55] Process Exited: Process Name - dwm.exe Process ID - 10532 [11-07-2023 23:48:55] Process Exited: Process Name - winlogon.exe Process ID - 15200 [11-07-2023 23:48:56] New process found: Process Name - csrss.exe Process ID - 16064 Process Identity - SYSTEM [11-07-2023 23:48:56] New process found: Process Name - winlogon.exe Process ID - 15516 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:48:56] New process found: Process Name - LogonUI.exe Process ID - 10708 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:48:56] New process found: Process Name - dwm.exe Process ID - 13084 Process Identity - Window Manager\DWM-4 [11-07-2023 23:49:01] New process found: Process Name - WmiPrvSE.exe Process ID - 1084 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:49:10] Process Exited: Process Name - LogonUI.exe Process ID - 10708 [11-07-2023 23:49:10] Process Exited: Process Name - dwm.exe Process ID - 13084 [11-07-2023 23:49:10] Process Exited: Process Name - winlogon.exe Process ID - 15516 [11-07-2023 23:49:10] Process Exited: Process Name - csrss.exe Process ID - 16064 [11-07-2023 23:49:11] New process found: Process Name - csrss.exe Process ID - 8492 Process Identity - SYSTEM [11-07-2023 23:49:11] New process found: Process Name - winlogon.exe Process ID - 13372 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:49:12] New process found: Process Name - LogonUI.exe Process ID - 6800 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:49:12] New process found: Process Name - dwm.exe Process ID - 11180 Process Identity - Window Manager\DWM-4 [11-07-2023 23:49:25] Process Exited: Process Name - LogonUI.exe Process ID - 6800 [11-07-2023 23:49:25] Process Exited: Process Name - csrss.exe Process ID - 8492 [11-07-2023 23:49:25] Process Exited: Process Name - dwm.exe Process ID - 11180 [11-07-2023 23:49:25] Process Exited: Process Name - winlogon.exe Process ID - 13372 [11-07-2023 23:49:26] New process found: Process Name - csrss.exe Process ID - 9300 Process Identity - SYSTEM [11-07-2023 23:49:26] New process found: Process Name - winlogon.exe Process ID - 524 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:49:26] New process found: Process Name - LogonUI.exe Process ID - 10552 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:49:26] New process found: Process Name - dwm.exe Process ID - 16028 Process Identity - Window Manager\DWM-4 [11-07-2023 23:49:40] Process Exited: Process Name - winlogon.exe Process ID - 524 [11-07-2023 23:49:40] Process Exited: Process Name - csrss.exe Process ID - 9300 [11-07-2023 23:49:40] Process Exited: Process Name - LogonUI.exe Process ID - 10552 [11-07-2023 23:49:40] Process Exited: Process Name - dwm.exe Process ID - 16028 [11-07-2023 23:49:53] New process found: Process Name - csrss.exe Process ID - 10724 Process Identity - SYSTEM [11-07-2023 23:49:53] New process found: Process Name - winlogon.exe Process ID - 8792 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:49:53] New process found: Process Name - LogonUI.exe Process ID - 7572 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:49:53] New process found: Process Name - dwm.exe Process ID - 11148 Process Identity - Window Manager\DWM-4 [11-07-2023 23:49:55] Process Exited: Process Name - LogonUI.exe Process ID - 7572 [11-07-2023 23:49:55] Process Exited: Process Name - winlogon.exe Process ID - 8792 [11-07-2023 23:49:55] Process Exited: Process Name - csrss.exe Process ID - 10724 [11-07-2023 23:49:55] Process Exited: Process Name - dwm.exe Process ID - 11148 [11-07-2023 23:49:57] New process found: Process Name - w3wp.exe Process ID - 15144 Process Identity - IIS APPPOOL\DefaultAppPool Web application pool name - DefaultAppPool [11-07-2023 23:49:58] New process found: Process Name - csrss.exe Process ID - 15644 Process Identity - SYSTEM [11-07-2023 23:49:58] New process found: Process Name - winlogon.exe Process ID - 16220 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:49:59] New process found: Process Name - LogonUI.exe Process ID - 13968 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:49:59] New process found: Process Name - dwm.exe Process ID - 1632 Process Identity - Window Manager\DWM-4 [11-07-2023 23:50:10] Process Exited: Process Name - dwm.exe Process ID - 1632 [11-07-2023 23:50:10] Process Exited: Process Name - LogonUI.exe Process ID - 13968 [11-07-2023 23:50:10] Process Exited: Process Name - csrss.exe Process ID - 15644 [11-07-2023 23:50:10] Process Exited: Process Name - winlogon.exe Process ID - 16220 [11-07-2023 23:50:12] New process found: Process Name - csrss.exe Process ID - 12568 Process Identity - SYSTEM [11-07-2023 23:50:12] New process found: Process Name - winlogon.exe Process ID - 12908 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:50:12] New process found: Process Name - LogonUI.exe Process ID - 12280 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:50:12] New process found: Process Name - dwm.exe Process ID - 15048 Process Identity - Window Manager\DWM-4 [11-07-2023 23:50:24] Process Exited: Process Name - WmiPrvSE.exe Process ID - 1084 [11-07-2023 23:50:24] Process Exited: Process Name - WmiPrvSE.exe Process ID - 4408 [11-07-2023 23:50:25] Process Exited: Process Name - LogonUI.exe Process ID - 12280 [11-07-2023 23:50:25] Process Exited: Process Name - csrss.exe Process ID - 12568 [11-07-2023 23:50:25] Process Exited: Process Name - winlogon.exe Process ID - 12908 [11-07-2023 23:50:25] Process Exited: Process Name - dwm.exe Process ID - 15048 [11-07-2023 23:50:26] New process found: Process Name - csrss.exe Process ID - 16376 Process Identity - SYSTEM [11-07-2023 23:50:26] New process found: Process Name - winlogon.exe Process ID - 15196 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:50:26] New process found: Process Name - LogonUI.exe Process ID - 11988 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:50:26] New process found: Process Name - dwm.exe Process ID - 10816 Process Identity - Window Manager\DWM-4 [11-07-2023 23:50:40] Process Exited: Process Name - dwm.exe Process ID - 10816 [11-07-2023 23:50:40] Process Exited: Process Name - LogonUI.exe Process ID - 11988 [11-07-2023 23:50:40] Process Exited: Process Name - winlogon.exe Process ID - 15196 [11-07-2023 23:50:40] Process Exited: Process Name - csrss.exe Process ID - 16376 [11-07-2023 23:50:41] New process found: Process Name - csrss.exe Process ID - 10132 Process Identity - SYSTEM [11-07-2023 23:50:41] New process found: Process Name - winlogon.exe Process ID - 10404 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:50:41] New process found: Process Name - LogonUI.exe Process ID - 11292 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:50:41] New process found: Process Name - dwm.exe Process ID - 6148 Process Identity - Window Manager\DWM-4 [11-07-2023 23:50:50] Process Exited: Process Name - w3wp.exe Process ID - 2956 Web application pool name - kdbps.edu.in [11-07-2023 23:50:50] Process Exited: Process Name - conhost.exe Process ID - 13764 [11-07-2023 23:50:55] Process Exited: Process Name - dwm.exe Process ID - 6148 [11-07-2023 23:50:55] Process Exited: Process Name - csrss.exe Process ID - 10132 [11-07-2023 23:50:55] Process Exited: Process Name - winlogon.exe Process ID - 10404 [11-07-2023 23:50:55] Process Exited: Process Name - LogonUI.exe Process ID - 11292 [11-07-2023 23:50:56] New process found: Process Name - csrss.exe Process ID - 8968 Process Identity - SYSTEM [11-07-2023 23:50:56] New process found: Process Name - winlogon.exe Process ID - 2572 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:50:56] New process found: Process Name - LogonUI.exe Process ID - 9968 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:50:56] New process found: Process Name - dwm.exe Process ID - 16288 Process Identity - Window Manager\DWM-4 [11-07-2023 23:51:10] Process Exited: Process Name - winlogon.exe Process ID - 2572 [11-07-2023 23:51:10] Process Exited: Process Name - csrss.exe Process ID - 8968 [11-07-2023 23:51:10] Process Exited: Process Name - LogonUI.exe Process ID - 9968 [11-07-2023 23:51:10] Process Exited: Process Name - dwm.exe Process ID - 16288 [11-07-2023 23:51:11] New process found: Process Name - csrss.exe Process ID - 9164 Process Identity - SYSTEM [11-07-2023 23:51:11] New process found: Process Name - winlogon.exe Process ID - 13000 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:51:11] New process found: Process Name - LogonUI.exe Process ID - 14496 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:51:11] New process found: Process Name - dwm.exe Process ID - 10544 Process Identity - Window Manager\DWM-4 [11-07-2023 23:51:25] Process Exited: Process Name - csrss.exe Process ID - 9164 [11-07-2023 23:51:25] Process Exited: Process Name - dwm.exe Process ID - 10544 [11-07-2023 23:51:25] Process Exited: Process Name - winlogon.exe Process ID - 13000 [11-07-2023 23:51:25] Process Exited: Process Name - LogonUI.exe Process ID - 14496 [11-07-2023 23:51:27] New process found: Process Name - csrss.exe Process ID - 9956 Process Identity - SYSTEM [11-07-2023 23:51:27] New process found: Process Name - winlogon.exe Process ID - 16092 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:51:27] New process found: Process Name - LogonUI.exe Process ID - 15300 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:51:27] New process found: Process Name - dwm.exe Process ID - 14012 Process Identity - Window Manager\DWM-4 [11-07-2023 23:51:40] Process Exited: Process Name - csrss.exe Process ID - 9956 [11-07-2023 23:51:40] Process Exited: Process Name - dwm.exe Process ID - 14012 [11-07-2023 23:51:40] Process Exited: Process Name - LogonUI.exe Process ID - 15300 [11-07-2023 23:51:40] Process Exited: Process Name - winlogon.exe Process ID - 16092 [11-07-2023 23:51:46] New process found: Process Name - csrss.exe Process ID - 1784 Process Identity - SYSTEM [11-07-2023 23:51:46] New process found: Process Name - winlogon.exe Process ID - 10368 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:51:47] New process found: Process Name - LogonUI.exe Process ID - 8332 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:51:47] New process found: Process Name - dwm.exe Process ID - 15224 Process Identity - Window Manager\DWM-4 [11-07-2023 23:51:55] Process Exited: Process Name - csrss.exe Process ID - 1784 [11-07-2023 23:51:55] Process Exited: Process Name - LogonUI.exe Process ID - 8332 [11-07-2023 23:51:55] Process Exited: Process Name - winlogon.exe Process ID - 10368 [11-07-2023 23:51:55] Process Exited: Process Name - dwm.exe Process ID - 15224 [11-07-2023 23:51:57] New process found: Process Name - csrss.exe Process ID - 14140 Process Identity - SYSTEM [11-07-2023 23:51:57] New process found: Process Name - winlogon.exe Process ID - 10384 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:51:57] New process found: Process Name - LogonUI.exe Process ID - 11340 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:51:57] New process found: Process Name - dwm.exe Process ID - 1324 Process Identity - Window Manager\DWM-4 [11-07-2023 23:52:01] New process found: Process Name - w3wp.exe Process ID - 8820 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [11-07-2023 23:52:01] Process Exited: Process Name - w3wp.exe Process ID - 3800 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [11-07-2023 23:52:03] Process Exited: Process Name - w3wp.exe Process ID - 1320 Web application pool name - procurementwebnew.acwits.in(domain)(4.0)(pool) [11-07-2023 23:52:03] Process Exited: Process Name - conhost.exe Process ID - 10480 [11-07-2023 23:52:10] Process Exited: Process Name - dwm.exe Process ID - 1324 [11-07-2023 23:52:10] Process Exited: Process Name - winlogon.exe Process ID - 10384 [11-07-2023 23:52:10] Process Exited: Process Name - LogonUI.exe Process ID - 11340 [11-07-2023 23:52:10] Process Exited: Process Name - csrss.exe Process ID - 14140 [11-07-2023 23:52:11] New process found: Process Name - csrss.exe Process ID - 15104 Process Identity - SYSTEM [11-07-2023 23:52:11] New process found: Process Name - winlogon.exe Process ID - 12140 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:52:12] New process found: Process Name - LogonUI.exe Process ID - 9256 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:52:12] New process found: Process Name - dwm.exe Process ID - 7104 Process Identity - Window Manager\DWM-4 [11-07-2023 23:52:14] New process found: Process Name - w3wp.exe Process ID - 16068 Process Identity - IIS APPPOOL\kdbps.edu.in Web application pool name - kdbps.edu.in [11-07-2023 23:52:25] Process Exited: Process Name - dwm.exe Process ID - 7104 [11-07-2023 23:52:25] Process Exited: Process Name - LogonUI.exe Process ID - 9256 [11-07-2023 23:52:25] Process Exited: Process Name - winlogon.exe Process ID - 12140 [11-07-2023 23:52:25] Process Exited: Process Name - csrss.exe Process ID - 15104 [11-07-2023 23:52:27] New process found: Process Name - csrss.exe Process ID - 9368 Process Identity - SYSTEM [11-07-2023 23:52:27] New process found: Process Name - winlogon.exe Process ID - 13704 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:52:27] New process found: Process Name - LogonUI.exe Process ID - 15620 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:52:27] New process found: Process Name - dwm.exe Process ID - 13648 Process Identity - Window Manager\DWM-4 [11-07-2023 23:52:40] Process Exited: Process Name - csrss.exe Process ID - 9368 [11-07-2023 23:52:40] Process Exited: Process Name - dwm.exe Process ID - 13648 [11-07-2023 23:52:40] Process Exited: Process Name - winlogon.exe Process ID - 13704 [11-07-2023 23:52:40] Process Exited: Process Name - LogonUI.exe Process ID - 15620 [11-07-2023 23:52:42] New process found: Process Name - csrss.exe Process ID - 13744 Process Identity - SYSTEM [11-07-2023 23:52:42] New process found: Process Name - winlogon.exe Process ID - 15456 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:52:42] New process found: Process Name - LogonUI.exe Process ID - 15796 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:52:42] New process found: Process Name - dwm.exe Process ID - 10464 Process Identity - Window Manager\DWM-4 [11-07-2023 23:52:55] Process Exited: Process Name - dwm.exe Process ID - 10464 [11-07-2023 23:52:55] Process Exited: Process Name - csrss.exe Process ID - 13744 [11-07-2023 23:52:55] Process Exited: Process Name - winlogon.exe Process ID - 15456 [11-07-2023 23:52:55] Process Exited: Process Name - LogonUI.exe Process ID - 15796 [11-07-2023 23:52:56] New process found: Process Name - csrss.exe Process ID - 1460 Process Identity - SYSTEM [11-07-2023 23:52:56] New process found: Process Name - winlogon.exe Process ID - 14524 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:52:56] New process found: Process Name - LogonUI.exe Process ID - 9768 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:52:56] New process found: Process Name - dwm.exe Process ID - 16036 Process Identity - Window Manager\DWM-4 [11-07-2023 23:53:01] New process found: Process Name - w3wp.exe Process ID - 11428 Process Identity - KSHITIJSINGHAL-\IWPD_6(cies) Web application pool name - cies.org.in(domain)(4.0)(pool) [11-07-2023 23:53:10] Process Exited: Process Name - csrss.exe Process ID - 1460 [11-07-2023 23:53:10] Process Exited: Process Name - LogonUI.exe Process ID - 9768 [11-07-2023 23:53:10] Process Exited: Process Name - winlogon.exe Process ID - 14524 [11-07-2023 23:53:10] Process Exited: Process Name - dwm.exe Process ID - 16036 [11-07-2023 23:53:12] New process found: Process Name - csrss.exe Process ID - 1332 Process Identity - SYSTEM [11-07-2023 23:53:12] New process found: Process Name - winlogon.exe Process ID - 11916 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:53:14] New process found: Process Name - LogonUI.exe Process ID - 4104 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:53:14] New process found: Process Name - dwm.exe Process ID - 11540 Process Identity - Window Manager\DWM-4 [11-07-2023 23:53:25] Process Exited: Process Name - csrss.exe Process ID - 1332 [11-07-2023 23:53:25] Process Exited: Process Name - LogonUI.exe Process ID - 4104 [11-07-2023 23:53:25] Process Exited: Process Name - dwm.exe Process ID - 11540 [11-07-2023 23:53:25] Process Exited: Process Name - winlogon.exe Process ID - 11916 [11-07-2023 23:53:27] New process found: Process Name - csrss.exe Process ID - 15608 Process Identity - SYSTEM [11-07-2023 23:53:27] New process found: Process Name - winlogon.exe Process ID - 14328 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:53:28] New process found: Process Name - LogonUI.exe Process ID - 10756 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:53:28] New process found: Process Name - dwm.exe Process ID - 4208 Process Identity - Window Manager\DWM-4 [11-07-2023 23:53:40] Process Exited: Process Name - dwm.exe Process ID - 4208 [11-07-2023 23:53:40] Process Exited: Process Name - LogonUI.exe Process ID - 10756 [11-07-2023 23:53:40] Process Exited: Process Name - winlogon.exe Process ID - 14328 [11-07-2023 23:53:40] Process Exited: Process Name - csrss.exe Process ID - 15608 [11-07-2023 23:53:44] New process found: Process Name - conhost.exe Process ID - 11636 Process Identity - IIS APPPOOL\kdbps.edu.in [11-07-2023 23:53:47] New process found: Process Name - csrss.exe Process ID - 9788 Process Identity - SYSTEM [11-07-2023 23:53:47] New process found: Process Name - winlogon.exe Process ID - 12440 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:53:47] New process found: Process Name - LogonUI.exe Process ID - 10532 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:53:47] New process found: Process Name - dwm.exe Process ID - 544 Process Identity - Window Manager\DWM-4 [11-07-2023 23:53:55] Process Exited: Process Name - dwm.exe Process ID - 544 [11-07-2023 23:53:55] Process Exited: Process Name - csrss.exe Process ID - 9788 [11-07-2023 23:53:55] Process Exited: Process Name - LogonUI.exe Process ID - 10532 [11-07-2023 23:53:55] Process Exited: Process Name - winlogon.exe Process ID - 12440 [11-07-2023 23:53:57] New process found: Process Name - csrss.exe Process ID - 12360 Process Identity - SYSTEM [11-07-2023 23:53:57] New process found: Process Name - winlogon.exe Process ID - 8872 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:54:00] New process found: Process Name - LogonUI.exe Process ID - 13176 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:54:00] New process found: Process Name - dwm.exe Process ID - 14744 Process Identity - Window Manager\DWM-4 [11-07-2023 23:54:11] Process Exited: Process Name - winlogon.exe Process ID - 8872 [11-07-2023 23:54:11] Process Exited: Process Name - csrss.exe Process ID - 12360 [11-07-2023 23:54:11] Process Exited: Process Name - LogonUI.exe Process ID - 13176 [11-07-2023 23:54:11] Process Exited: Process Name - dwm.exe Process ID - 14744 [11-07-2023 23:54:15] New process found: Process Name - csrss.exe Process ID - 4948 Process Identity - SYSTEM [11-07-2023 23:54:15] New process found: Process Name - winlogon.exe Process ID - 11928 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:54:16] New process found: Process Name - LogonUI.exe Process ID - 14888 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:54:16] New process found: Process Name - dwm.exe Process ID - 10452 Process Identity - Window Manager\DWM-4 [11-07-2023 23:54:26] Process Exited: Process Name - csrss.exe Process ID - 4948 [11-07-2023 23:54:26] Process Exited: Process Name - dwm.exe Process ID - 10452 [11-07-2023 23:54:26] Process Exited: Process Name - winlogon.exe Process ID - 11928 [11-07-2023 23:54:26] Process Exited: Process Name - LogonUI.exe Process ID - 14888 [11-07-2023 23:54:29] New process found: Process Name - csrss.exe Process ID - 12128 Process Identity - SYSTEM [11-07-2023 23:54:29] New process found: Process Name - winlogon.exe Process ID - 9352 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:54:30] New process found: Process Name - LogonUI.exe Process ID - 15384 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:54:30] New process found: Process Name - dwm.exe Process ID - 12876 Process Identity - Window Manager\DWM-4 [11-07-2023 23:54:37] Process Exited: Process Name - w3wp.exe Process ID - 10428 Web application pool name - kdb.acwits.in(domain)(4.0)(pool) [11-07-2023 23:54:37] Process Exited: Process Name - conhost.exe Process ID - 14900 [11-07-2023 23:54:41] Process Exited: Process Name - winlogon.exe Process ID - 9352 [11-07-2023 23:54:41] Process Exited: Process Name - csrss.exe Process ID - 12128 [11-07-2023 23:54:41] Process Exited: Process Name - dwm.exe Process ID - 12876 [11-07-2023 23:54:41] Process Exited: Process Name - LogonUI.exe Process ID - 15384 [11-07-2023 23:54:43] New process found: Process Name - csrss.exe Process ID - 13760 Process Identity - SYSTEM [11-07-2023 23:54:43] New process found: Process Name - winlogon.exe Process ID - 13908 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:54:44] New process found: Process Name - LogonUI.exe Process ID - 10864 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:54:44] New process found: Process Name - dwm.exe Process ID - 6528 Process Identity - Window Manager\DWM-4 [11-07-2023 23:54:56] Process Exited: Process Name - dwm.exe Process ID - 6528 [11-07-2023 23:54:56] Process Exited: Process Name - LogonUI.exe Process ID - 10864 [11-07-2023 23:54:56] Process Exited: Process Name - csrss.exe Process ID - 13760 [11-07-2023 23:54:56] Process Exited: Process Name - winlogon.exe Process ID - 13908 [11-07-2023 23:55:00] New process found: Process Name - csrss.exe Process ID - 14140 Process Identity - SYSTEM [11-07-2023 23:55:00] New process found: Process Name - winlogon.exe Process ID - 912 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:55:01] New process found: Process Name - LogonUI.exe Process ID - 13692 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:55:01] New process found: Process Name - dwm.exe Process ID - 10220 Process Identity - Window Manager\DWM-4 [11-07-2023 23:55:11] Process Exited: Process Name - winlogon.exe Process ID - 912 [11-07-2023 23:55:11] Process Exited: Process Name - dwm.exe Process ID - 10220 [11-07-2023 23:55:11] Process Exited: Process Name - LogonUI.exe Process ID - 13692 [11-07-2023 23:55:12] Process Exited: Process Name - csrss.exe Process ID - 14140 [11-07-2023 23:55:14] New process found: Process Name - csrss.exe Process ID - 15228 Process Identity - SYSTEM [11-07-2023 23:55:14] New process found: Process Name - winlogon.exe Process ID - 11616 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:55:15] New process found: Process Name - LogonUI.exe Process ID - 7708 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:55:15] New process found: Process Name - dwm.exe Process ID - 11244 Process Identity - Window Manager\DWM-4 [11-07-2023 23:55:16] Process Exited: Process Name - w3wp.exe Process ID - 11508 Web application pool name - galaxytools.in [11-07-2023 23:55:27] Process Exited: Process Name - LogonUI.exe Process ID - 7708 [11-07-2023 23:55:27] Process Exited: Process Name - dwm.exe Process ID - 11244 [11-07-2023 23:55:27] Process Exited: Process Name - winlogon.exe Process ID - 11616 [11-07-2023 23:55:27] Process Exited: Process Name - csrss.exe Process ID - 15228 [11-07-2023 23:55:31] New process found: Process Name - smss.exe Process ID - 10992 Process Identity - SYSTEM [11-07-2023 23:55:32] New process found: Process Name - csrss.exe Process ID - 2060 Process Identity - SYSTEM [11-07-2023 23:55:32] New process found: Process Name - winlogon.exe Process ID - 16220 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:55:32] Process Exited: Process Name - smss.exe Process ID - 10992 [11-07-2023 23:55:33] New process found: Process Name - LogonUI.exe Process ID - 12800 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:55:33] New process found: Process Name - dwm.exe Process ID - 13480 Process Identity - Window Manager\DWM-4 [11-07-2023 23:55:42] Process Exited: Process Name - csrss.exe Process ID - 2060 [11-07-2023 23:55:42] Process Exited: Process Name - LogonUI.exe Process ID - 12800 [11-07-2023 23:55:42] Process Exited: Process Name - dwm.exe Process ID - 13480 [11-07-2023 23:55:42] Process Exited: Process Name - winlogon.exe Process ID - 16220 [11-07-2023 23:55:45] New process found: Process Name - csrss.exe Process ID - 12240 Process Identity - SYSTEM [11-07-2023 23:55:45] New process found: Process Name - winlogon.exe Process ID - 16072 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:55:49] New process found: Process Name - LogonUI.exe Process ID - 8904 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:55:49] New process found: Process Name - dwm.exe Process ID - 14604 Process Identity - Window Manager\DWM-4 [11-07-2023 23:55:57] Process Exited: Process Name - LogonUI.exe Process ID - 8904 [11-07-2023 23:55:58] Process Exited: Process Name - csrss.exe Process ID - 12240 [11-07-2023 23:55:58] Process Exited: Process Name - dwm.exe Process ID - 14604 [11-07-2023 23:55:58] Process Exited: Process Name - winlogon.exe Process ID - 16072 [11-07-2023 23:56:04] New process found: Process Name - csrss.exe Process ID - 13896 Process Identity - SYSTEM [11-07-2023 23:56:04] New process found: Process Name - winlogon.exe Process ID - 12324 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:56:06] New process found: Process Name - LogonUI.exe Process ID - 13764 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:56:06] New process found: Process Name - dwm.exe Process ID - 12784 Process Identity - Window Manager\DWM-4 [11-07-2023 23:56:13] Process Exited: Process Name - winlogon.exe Process ID - 12324 [11-07-2023 23:56:13] Process Exited: Process Name - dwm.exe Process ID - 12784 [11-07-2023 23:56:13] Process Exited: Process Name - LogonUI.exe Process ID - 13764 [11-07-2023 23:56:13] Process Exited: Process Name - csrss.exe Process ID - 13896 [11-07-2023 23:56:18] New process found: Process Name - csrss.exe Process ID - 5480 Process Identity - SYSTEM [11-07-2023 23:56:18] New process found: Process Name - winlogon.exe Process ID - 14960 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:56:22] New process found: Process Name - LogonUI.exe Process ID - 12216 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:56:22] New process found: Process Name - dwm.exe Process ID - 15440 Process Identity - Window Manager\DWM-4 [11-07-2023 23:56:29] Process Exited: Process Name - csrss.exe Process ID - 5480 [11-07-2023 23:56:29] Process Exited: Process Name - LogonUI.exe Process ID - 12216 [11-07-2023 23:56:29] Process Exited: Process Name - winlogon.exe Process ID - 14960 [11-07-2023 23:56:29] Process Exited: Process Name - dwm.exe Process ID - 15440 [11-07-2023 23:56:34] New process found: Process Name - csrss.exe Process ID - 14884 Process Identity - SYSTEM [11-07-2023 23:56:34] New process found: Process Name - winlogon.exe Process ID - 16260 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:56:40] New process found: Process Name - LogonUI.exe Process ID - 2952 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:56:40] New process found: Process Name - dwm.exe Process ID - 11344 Process Identity - Window Manager\DWM-4 [11-07-2023 23:56:45] Process Exited: Process Name - LogonUI.exe Process ID - 2952 [11-07-2023 23:56:45] Process Exited: Process Name - dwm.exe Process ID - 11344 [11-07-2023 23:56:45] Process Exited: Process Name - csrss.exe Process ID - 14884 [11-07-2023 23:56:45] Process Exited: Process Name - winlogon.exe Process ID - 16260 [11-07-2023 23:56:48] New process found: Process Name - csrss.exe Process ID - 15656 Process Identity - SYSTEM [11-07-2023 23:56:48] New process found: Process Name - winlogon.exe Process ID - 11956 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:56:51] New process found: Process Name - LogonUI.exe Process ID - 14060 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:56:51] New process found: Process Name - dwm.exe Process ID - 15884 Process Identity - Window Manager\DWM-4 [11-07-2023 23:57:00] Process Exited: Process Name - winlogon.exe Process ID - 11956 [11-07-2023 23:57:00] Process Exited: Process Name - LogonUI.exe Process ID - 14060 [11-07-2023 23:57:00] Process Exited: Process Name - csrss.exe Process ID - 15656 [11-07-2023 23:57:00] Process Exited: Process Name - dwm.exe Process ID - 15884 [11-07-2023 23:57:03] New process found: Process Name - w3wp.exe Process ID - 7388 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [11-07-2023 23:57:03] New process found: Process Name - csrss.exe Process ID - 13176 Process Identity - SYSTEM [11-07-2023 23:57:03] New process found: Process Name - winlogon.exe Process ID - 10004 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:57:03] Process Exited: Process Name - w3wp.exe Process ID - 8820 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [11-07-2023 23:57:05] New process found: Process Name - LogonUI.exe Process ID - 4156 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:57:05] New process found: Process Name - dwm.exe Process ID - 14396 Process Identity - Window Manager\DWM-4 [11-07-2023 23:57:15] Process Exited: Process Name - LogonUI.exe Process ID - 4156 [11-07-2023 23:57:15] Process Exited: Process Name - winlogon.exe Process ID - 10004 [11-07-2023 23:57:15] Process Exited: Process Name - dwm.exe Process ID - 14396 [11-07-2023 23:57:16] Process Exited: Process Name - csrss.exe Process ID - 13176 [11-07-2023 23:57:20] New process found: Process Name - csrss.exe Process ID - 8824 Process Identity - SYSTEM [11-07-2023 23:57:20] New process found: Process Name - winlogon.exe Process ID - 12176 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:57:22] New process found: Process Name - LogonUI.exe Process ID - 16248 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:57:22] New process found: Process Name - dwm.exe Process ID - 7492 Process Identity - Window Manager\DWM-4 [11-07-2023 23:57:31] Process Exited: Process Name - dwm.exe Process ID - 7492 [11-07-2023 23:57:31] Process Exited: Process Name - csrss.exe Process ID - 8824 [11-07-2023 23:57:31] Process Exited: Process Name - winlogon.exe Process ID - 12176 [11-07-2023 23:57:31] Process Exited: Process Name - LogonUI.exe Process ID - 16248 [11-07-2023 23:57:33] New process found: Process Name - csrss.exe Process ID - 2416 Process Identity - SYSTEM [11-07-2023 23:57:33] New process found: Process Name - winlogon.exe Process ID - 13156 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:57:38] New process found: Process Name - LogonUI.exe Process ID - 11412 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:57:38] New process found: Process Name - dwm.exe Process ID - 2388 Process Identity - Window Manager\DWM-4 [11-07-2023 23:57:46] Process Exited: Process Name - dwm.exe Process ID - 2388 [11-07-2023 23:57:46] Process Exited: Process Name - csrss.exe Process ID - 2416 [11-07-2023 23:57:46] Process Exited: Process Name - LogonUI.exe Process ID - 11412 [11-07-2023 23:57:46] Process Exited: Process Name - winlogon.exe Process ID - 13156 [11-07-2023 23:57:50] New process found: Process Name - csrss.exe Process ID - 15932 Process Identity - SYSTEM [11-07-2023 23:57:50] New process found: Process Name - winlogon.exe Process ID - 13384 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:57:51] New process found: Process Name - LogonUI.exe Process ID - 15116 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:57:51] New process found: Process Name - dwm.exe Process ID - 14628 Process Identity - Window Manager\DWM-4 [11-07-2023 23:57:56] New process found: Process Name - w3wp.exe Process ID - 10804 Process Identity - IIS APPPOOL\adminportal.galaxytools.in Web application pool name - adminportal.galaxytools.in [11-07-2023 23:58:01] Process Exited: Process Name - winlogon.exe Process ID - 13384 [11-07-2023 23:58:01] Process Exited: Process Name - dwm.exe Process ID - 14628 [11-07-2023 23:58:01] Process Exited: Process Name - LogonUI.exe Process ID - 15116 [11-07-2023 23:58:01] Process Exited: Process Name - csrss.exe Process ID - 15932 [11-07-2023 23:58:03] New process found: Process Name - csrss.exe Process ID - 11156 Process Identity - SYSTEM [11-07-2023 23:58:03] New process found: Process Name - winlogon.exe Process ID - 6828 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:58:06] New process found: Process Name - LogonUI.exe Process ID - 2600 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:58:06] New process found: Process Name - dwm.exe Process ID - 14180 Process Identity - Window Manager\DWM-4 [11-07-2023 23:58:16] Process Exited: Process Name - LogonUI.exe Process ID - 2600 [11-07-2023 23:58:16] Process Exited: Process Name - winlogon.exe Process ID - 6828 [11-07-2023 23:58:16] Process Exited: Process Name - csrss.exe Process ID - 11156 [11-07-2023 23:58:16] Process Exited: Process Name - dwm.exe Process ID - 14180 [11-07-2023 23:58:19] New process found: Process Name - csrss.exe Process ID - 15308 Process Identity - SYSTEM [11-07-2023 23:58:19] New process found: Process Name - winlogon.exe Process ID - 6152 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:58:20] New process found: Process Name - LogonUI.exe Process ID - 10352 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:58:21] New process found: Process Name - dwm.exe Process ID - 15152 Process Identity - Window Manager\DWM-4 [11-07-2023 23:58:32] Process Exited: Process Name - winlogon.exe Process ID - 6152 [11-07-2023 23:58:32] Process Exited: Process Name - LogonUI.exe Process ID - 10352 [11-07-2023 23:58:32] Process Exited: Process Name - dwm.exe Process ID - 15152 [11-07-2023 23:58:32] Process Exited: Process Name - csrss.exe Process ID - 15308 [11-07-2023 23:58:38] New process found: Process Name - csrss.exe Process ID - 3312 Process Identity - SYSTEM [11-07-2023 23:58:38] New process found: Process Name - winlogon.exe Process ID - 692 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:58:40] New process found: Process Name - LogonUI.exe Process ID - 5936 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:58:40] New process found: Process Name - dwm.exe Process ID - 12528 Process Identity - Window Manager\DWM-4 [11-07-2023 23:58:47] Process Exited: Process Name - winlogon.exe Process ID - 692 [11-07-2023 23:58:47] Process Exited: Process Name - csrss.exe Process ID - 3312 [11-07-2023 23:58:47] Process Exited: Process Name - LogonUI.exe Process ID - 5936 [11-07-2023 23:58:47] Process Exited: Process Name - dwm.exe Process ID - 12528 [11-07-2023 23:58:49] New process found: Process Name - csrss.exe Process ID - 2412 Process Identity - SYSTEM [11-07-2023 23:58:49] New process found: Process Name - winlogon.exe Process ID - 5980 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:58:52] New process found: Process Name - LogonUI.exe Process ID - 15420 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:58:52] New process found: Process Name - dwm.exe Process ID - 9984 Process Identity - Window Manager\DWM-4 [11-07-2023 23:58:54] New process found: Process Name - WmiPrvSE.exe Process ID - 4988 Process Identity - NT AUTHORITY\LOCAL SERVICE [11-07-2023 23:59:01] New process found: Process Name - WmiPrvSE.exe Process ID - 6992 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:59:02] Process Exited: Process Name - csrss.exe Process ID - 2412 [11-07-2023 23:59:02] Process Exited: Process Name - winlogon.exe Process ID - 5980 [11-07-2023 23:59:02] Process Exited: Process Name - dwm.exe Process ID - 9984 [11-07-2023 23:59:02] Process Exited: Process Name - LogonUI.exe Process ID - 15420 [11-07-2023 23:59:04] New process found: Process Name - csrss.exe Process ID - 15648 Process Identity - SYSTEM [11-07-2023 23:59:04] New process found: Process Name - winlogon.exe Process ID - 12628 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:59:04] Process Exited: Process Name - w3wp.exe Process ID - 11428 Web application pool name - cies.org.in(domain)(4.0)(pool) [11-07-2023 23:59:05] New process found: Process Name - LogonUI.exe Process ID - 12452 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:59:05] New process found: Process Name - dwm.exe Process ID - 8844 Process Identity - Window Manager\DWM-4 [11-07-2023 23:59:17] Process Exited: Process Name - dwm.exe Process ID - 8844 [11-07-2023 23:59:17] Process Exited: Process Name - LogonUI.exe Process ID - 12452 [11-07-2023 23:59:17] Process Exited: Process Name - winlogon.exe Process ID - 12628 [11-07-2023 23:59:17] Process Exited: Process Name - csrss.exe Process ID - 15648 [11-07-2023 23:59:20] New process found: Process Name - csrss.exe Process ID - 8744 Process Identity - SYSTEM [11-07-2023 23:59:20] New process found: Process Name - winlogon.exe Process ID - 14204 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:59:20] New process found: Process Name - LogonUI.exe Process ID - 15928 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:59:20] New process found: Process Name - dwm.exe Process ID - 9252 Process Identity - Window Manager\DWM-4 [11-07-2023 23:59:33] Process Exited: Process Name - csrss.exe Process ID - 8744 [11-07-2023 23:59:33] Process Exited: Process Name - dwm.exe Process ID - 9252 [11-07-2023 23:59:33] Process Exited: Process Name - winlogon.exe Process ID - 14204 [11-07-2023 23:59:33] Process Exited: Process Name - LogonUI.exe Process ID - 15928 [11-07-2023 23:59:35] New process found: Process Name - csrss.exe Process ID - 7484 Process Identity - SYSTEM [11-07-2023 23:59:35] New process found: Process Name - winlogon.exe Process ID - 11548 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:59:37] New process found: Process Name - LogonUI.exe Process ID - 14952 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:59:37] New process found: Process Name - dwm.exe Process ID - 13000 Process Identity - Window Manager\DWM-4 [11-07-2023 23:59:48] Process Exited: Process Name - csrss.exe Process ID - 7484 [11-07-2023 23:59:48] Process Exited: Process Name - winlogon.exe Process ID - 11548 [11-07-2023 23:59:48] Process Exited: Process Name - dwm.exe Process ID - 13000 [11-07-2023 23:59:48] Process Exited: Process Name - LogonUI.exe Process ID - 14952 [11-07-2023 23:59:51] New process found: Process Name - csrss.exe Process ID - 13348 Process Identity - SYSTEM [11-07-2023 23:59:51] New process found: Process Name - winlogon.exe Process ID - 12884 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:59:52] New process found: Process Name - LogonUI.exe Process ID - 16204 Process Identity - NT AUTHORITY\SYSTEM [11-07-2023 23:59:52] New process found: Process Name - dwm.exe Process ID - 14936 Process Identity - Window Manager\DWM-4 [11-07-2023 23:59:53] New process found: Process Name - task-manager-agent.exe Process ID - 9980 Process Identity - NT SERVICE\PleskTaskManager [11-07-2023 23:59:53] New process found: Process Name - interface_async_executor.exe Process ID - 10736 Process Identity - NT SERVICE\PleskTaskManager [11-07-2023 23:59:53] New process found: Process Name - conhost.exe Process ID - 12044 Process Identity - NT SERVICE\PleskTaskManager [11-07-2023 23:59:53] New process found: Process Name - php.exe Process ID - 8820 Process Identity - NT SERVICE\PleskTaskManager [11-07-2023 23:59:54] Process Exited: Process Name - php.exe Process ID - 8820 [11-07-2023 23:59:54] Process Exited: Process Name - task-manager-agent.exe Process ID - 9980 [11-07-2023 23:59:54] Process Exited: Process Name - interface_async_executor.exe Process ID - 10736 [11-07-2023 23:59:54] Process Exited: Process Name - conhost.exe Process ID - 12044 [11-07-2023 23:59:56] New process found: Process Name - php-cgi.exe Process ID - 13512 Process Identity - IIS APPPOOL\PleskControlPanel [12-07-2023] New process found: Process Name - php.exe Process ID - 15784 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023] New process found: Process Name - conhost.exe Process ID - 16320 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:00:04] Process Exited: Process Name - winlogon.exe Process ID - 12884 [12-07-2023 00:00:04] Process Exited: Process Name - csrss.exe Process ID - 13348 [12-07-2023 00:00:04] Process Exited: Process Name - dwm.exe Process ID - 14936 [12-07-2023 00:00:04] Process Exited: Process Name - LogonUI.exe Process ID - 16204 [12-07-2023 00:00:06] New process found: Process Name - csrss.exe Process ID - 13460 Process Identity - SYSTEM [12-07-2023 00:00:06] New process found: Process Name - winlogon.exe Process ID - 10044 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:00:06] Process Exited: Process Name - php.exe Process ID - 15784 [12-07-2023 00:00:06] Process Exited: Process Name - conhost.exe Process ID - 16320 [12-07-2023 00:00:08] New process found: Process Name - LogonUI.exe Process ID - 12260 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:00:08] New process found: Process Name - dwm.exe Process ID - 9544 Process Identity - Window Manager\DWM-4 [12-07-2023 00:00:19] Process Exited: Process Name - dwm.exe Process ID - 9544 [12-07-2023 00:00:19] Process Exited: Process Name - winlogon.exe Process ID - 10044 [12-07-2023 00:00:19] Process Exited: Process Name - LogonUI.exe Process ID - 12260 [12-07-2023 00:00:19] Process Exited: Process Name - csrss.exe Process ID - 13460 [12-07-2023 00:00:21] New process found: Process Name - csrss.exe Process ID - 15544 Process Identity - SYSTEM [12-07-2023 00:00:21] New process found: Process Name - winlogon.exe Process ID - 5572 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:00:22] New process found: Process Name - LogonUI.exe Process ID - 10236 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:00:22] New process found: Process Name - dwm.exe Process ID - 8780 Process Identity - Window Manager\DWM-4 [12-07-2023 00:00:22] New process found: Process Name - csrss.exe Process ID - 12684 Process Identity - SYSTEM [12-07-2023 00:00:22] New process found: Process Name - winlogon.exe Process ID - 7420 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:00:23] New process found: Process Name - TSTheme.exe Process ID - 10968 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 00:00:23] New process found: Process Name - LogonUI.exe Process ID - 12436 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:00:23] New process found: Process Name - dwm.exe Process ID - 8568 Process Identity - Window Manager\DWM-5 [12-07-2023 00:00:23] Process Exited: Process Name - winlogon.exe Process ID - 5572 [12-07-2023 00:00:23] Process Exited: Process Name - dwm.exe Process ID - 8780 [12-07-2023 00:00:23] Process Exited: Process Name - LogonUI.exe Process ID - 10236 [12-07-2023 00:00:23] Process Exited: Process Name - csrss.exe Process ID - 15544 [12-07-2023 00:00:23] Service state changed: Service Name - ScDeviceEnum Process ID - 284 Current State - SERVICE_RUNNING [12-07-2023 00:00:24] New process found: Process Name - taskhostw.exe Process ID - 9720 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:00:24] New process found: Process Name - dllhost.exe Process ID - 9584 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:00:25] Process Exited: Process Name - WmiPrvSE.exe Process ID - 4988 [12-07-2023 00:00:25] Process Exited: Process Name - WmiPrvSE.exe Process ID - 6992 [12-07-2023 00:00:29] Process Exited: Process Name - TSTheme.exe Process ID - 10968 [12-07-2023 00:00:34] Process Exited: Process Name - winlogon.exe Process ID - 7420 [12-07-2023 00:00:34] Process Exited: Process Name - dwm.exe Process ID - 8568 [12-07-2023 00:00:34] Process Exited: Process Name - LogonUI.exe Process ID - 12436 [12-07-2023 00:00:34] Process Exited: Process Name - csrss.exe Process ID - 12684 [12-07-2023 00:00:40] New process found: Process Name - csrss.exe Process ID - 11868 Process Identity - SYSTEM [12-07-2023 00:00:40] New process found: Process Name - winlogon.exe Process ID - 13420 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:00:40] New process found: Process Name - WinRAR.exe Process ID - 10784 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 00:00:42] New process found: Process Name - LogonUI.exe Process ID - 14848 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:00:42] New process found: Process Name - dwm.exe Process ID - 11424 Process Identity - Window Manager\DWM-4 [12-07-2023 00:00:45] New process found: Process Name - wacs.exe Process ID - 15584 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 00:00:45] New process found: Process Name - conhost.exe Process ID - 9972 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 00:00:51] Process Exited: Process Name - dwm.exe Process ID - 11424 [12-07-2023 00:00:51] Process Exited: Process Name - csrss.exe Process ID - 11868 [12-07-2023 00:00:51] Process Exited: Process Name - winlogon.exe Process ID - 13420 [12-07-2023 00:00:51] Process Exited: Process Name - LogonUI.exe Process ID - 14848 [12-07-2023 00:00:53] New process found: Process Name - wlrmdr.exe Process ID - 12800 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 00:00:53] New process found: Process Name - csrss.exe Process ID - 364 Process Identity - SYSTEM [12-07-2023 00:00:53] New process found: Process Name - winlogon.exe Process ID - 9924 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:00:53] Process Exited: Process Name - taskhostw.exe Process ID - 9720 [12-07-2023 00:00:54] New process found: Process Name - LogonUI.exe Process ID - 10684 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:00:54] New process found: Process Name - dwm.exe Process ID - 10696 Process Identity - Window Manager\DWM-4 [12-07-2023 00:00:56] New process found: Process Name - w3wp.exe Process ID - 12824 Process Identity - KSHITIJSINGHAL-\IWPD_38(capitalbook) Web application pool name - capitalbooks-publishing.com(domain)(4.0)(pool) [12-07-2023 00:00:58] Process Exited: Process Name - dllhost.exe Process ID - 9584 [12-07-2023 00:01:00] Process Exited: Process Name - wlrmdr.exe Process ID - 12800 [12-07-2023 00:01:06] Process Exited: Process Name - csrss.exe Process ID - 364 [12-07-2023 00:01:06] Process Exited: Process Name - winlogon.exe Process ID - 9924 [12-07-2023 00:01:06] Process Exited: Process Name - LogonUI.exe Process ID - 10684 [12-07-2023 00:01:06] Process Exited: Process Name - dwm.exe Process ID - 10696 [12-07-2023 00:01:10] New process found: Process Name - csrss.exe Process ID - 3224 Process Identity - SYSTEM [12-07-2023 00:01:10] New process found: Process Name - winlogon.exe Process ID - 15792 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:01:10] Process Exited: Process Name - w3wp.exe Process ID - 12196 Web application pool name - suryaflame.com(domain)(4.0)(pool) [12-07-2023 00:01:10] Process Exited: Process Name - conhost.exe Process ID - 13192 [12-07-2023 00:01:12] New process found: Process Name - LogonUI.exe Process ID - 10016 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:01:12] New process found: Process Name - dwm.exe Process ID - 10312 Process Identity - Window Manager\DWM-4 [12-07-2023 00:01:22] Process Exited: Process Name - csrss.exe Process ID - 3224 [12-07-2023 00:01:22] Process Exited: Process Name - LogonUI.exe Process ID - 10016 [12-07-2023 00:01:22] Process Exited: Process Name - dwm.exe Process ID - 10312 [12-07-2023 00:01:22] Process Exited: Process Name - winlogon.exe Process ID - 15792 [12-07-2023 00:01:25] New process found: Process Name - csrss.exe Process ID - 1560 Process Identity - SYSTEM [12-07-2023 00:01:25] New process found: Process Name - winlogon.exe Process ID - 12452 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:01:27] New process found: Process Name - LogonUI.exe Process ID - 14272 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:01:27] New process found: Process Name - dwm.exe Process ID - 16004 Process Identity - Window Manager\DWM-4 [12-07-2023 00:01:38] Process Exited: Process Name - csrss.exe Process ID - 1560 [12-07-2023 00:01:38] Process Exited: Process Name - winlogon.exe Process ID - 12452 [12-07-2023 00:01:38] Process Exited: Process Name - LogonUI.exe Process ID - 14272 [12-07-2023 00:01:38] Process Exited: Process Name - dwm.exe Process ID - 16004 [12-07-2023 00:01:39] New process found: Process Name - w3wp.exe Process ID - 15928 Process Identity - KSHITIJSINGHAL-\IWPD_74(suryafla_aw) Web application pool name - suryaflame.com(domain)(4.0)(pool) [12-07-2023 00:01:40] New process found: Process Name - conhost.exe Process ID - 11292 Process Identity - KSHITIJSINGHAL-\IWPD_74(suryafla_aw) [12-07-2023 00:01:40] New process found: Process Name - csrss.exe Process ID - 7968 Process Identity - SYSTEM [12-07-2023 00:01:40] New process found: Process Name - winlogon.exe Process ID - 5544 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:01:43] New process found: Process Name - LogonUI.exe Process ID - 4344 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:01:43] New process found: Process Name - dwm.exe Process ID - 9696 Process Identity - Window Manager\DWM-4 [12-07-2023 00:01:53] Process Exited: Process Name - LogonUI.exe Process ID - 4344 [12-07-2023 00:01:53] Process Exited: Process Name - winlogon.exe Process ID - 5544 [12-07-2023 00:01:53] Process Exited: Process Name - csrss.exe Process ID - 7968 [12-07-2023 00:01:53] Process Exited: Process Name - dwm.exe Process ID - 9696 [12-07-2023 00:01:57] New process found: Process Name - csrss.exe Process ID - 10736 Process Identity - SYSTEM [12-07-2023 00:01:57] New process found: Process Name - winlogon.exe Process ID - 7436 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:02:00] New process found: Process Name - LogonUI.exe Process ID - 10592 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:02:00] New process found: Process Name - dwm.exe Process ID - 6012 Process Identity - Window Manager\DWM-4 [12-07-2023 00:02:01] New process found: Process Name - dllhost.exe Process ID - 15012 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 00:02:01] New process found: Process Name - dllhost.exe Process ID - 14384 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 00:02:04] New process found: Process Name - w3wp.exe Process ID - 3376 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 00:02:04] Process Exited: Process Name - w3wp.exe Process ID - 7388 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 00:02:05] New process found: Process Name - dllhost.exe Process ID - 15204 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 00:02:08] Process Exited: Process Name - dwm.exe Process ID - 6012 [12-07-2023 00:02:08] Process Exited: Process Name - winlogon.exe Process ID - 7436 [12-07-2023 00:02:08] Process Exited: Process Name - LogonUI.exe Process ID - 10592 [12-07-2023 00:02:08] Process Exited: Process Name - csrss.exe Process ID - 10736 [12-07-2023 00:02:10] Process Exited: Process Name - dllhost.exe Process ID - 15012 [12-07-2023 00:02:10] Process Exited: Process Name - dllhost.exe Process ID - 15204 [12-07-2023 00:02:13] New process found: Process Name - UserAccountControlSettings.exe Process ID - 14132 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 00:02:13] New process found: Process Name - dllhost.exe Process ID - 14820 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:02:13] New process found: Process Name - dllhost.exe Process ID - 4980 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 00:02:13] New process found: Process Name - dllhost.exe Process ID - 14948 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 00:02:13] Service state changed: Service Name - Appinfo Process ID - 1120 Current State - SERVICE_RUNNING [12-07-2023 00:02:14] New process found: Process Name - csrss.exe Process ID - 1704 Process Identity - SYSTEM [12-07-2023 00:02:14] New process found: Process Name - winlogon.exe Process ID - 14980 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:02:15] Process Exited: Process Name - UserAccountControlSettings.exe Process ID - 14132 [12-07-2023 00:02:16] New process found: Process Name - LogonUI.exe Process ID - 15064 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:02:16] New process found: Process Name - dwm.exe Process ID - 5068 Process Identity - Window Manager\DWM-4 [12-07-2023 00:02:18] Process Exited: Process Name - dllhost.exe Process ID - 14820 [12-07-2023 00:02:19] New process found: Process Name - dllhost.exe Process ID - 4988 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 00:02:19] Process Exited: Process Name - dllhost.exe Process ID - 4980 [12-07-2023 00:02:19] Process Exited: Process Name - dllhost.exe Process ID - 14948 [12-07-2023 00:02:23] Process Exited: Process Name - dwm.exe Process ID - 5068 [12-07-2023 00:02:23] Process Exited: Process Name - winlogon.exe Process ID - 14980 [12-07-2023 00:02:23] Process Exited: Process Name - LogonUI.exe Process ID - 15064 [12-07-2023 00:02:24] Process Exited: Process Name - csrss.exe Process ID - 1704 [12-07-2023 00:02:26] New process found: Process Name - csrss.exe Process ID - 6912 Process Identity - SYSTEM [12-07-2023 00:02:26] New process found: Process Name - winlogon.exe Process ID - 12284 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:02:26] Process Exited: Process Name - dllhost.exe Process ID - 4988 [12-07-2023 00:02:27] New process found: Process Name - LogonUI.exe Process ID - 15932 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:02:27] New process found: Process Name - dwm.exe Process ID - 11480 Process Identity - Window Manager\DWM-4 [12-07-2023 00:02:31] New process found: Process Name - dllhost.exe Process ID - 9376 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 00:02:33] New process found: Process Name - SearchProtocolHost.exe Process ID - 12340 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:02:33] New process found: Process Name - SearchFilterHost.exe Process ID - 14856 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:02:36] Process Exited: Process Name - dllhost.exe Process ID - 9376 [12-07-2023 00:02:39] Process Exited: Process Name - csrss.exe Process ID - 6912 [12-07-2023 00:02:39] Process Exited: Process Name - dwm.exe Process ID - 11480 [12-07-2023 00:02:39] Process Exited: Process Name - winlogon.exe Process ID - 12284 [12-07-2023 00:02:39] Process Exited: Process Name - LogonUI.exe Process ID - 15932 [12-07-2023 00:02:41] New process found: Process Name - ServerManager.exe Process ID - 14832 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 00:02:41] New process found: Process Name - WmiPrvSE.exe Process ID - 6828 Process Identity - NT AUTHORITY\LOCAL SERVICE [12-07-2023 00:02:43] New process found: Process Name - csrss.exe Process ID - 13380 Process Identity - SYSTEM [12-07-2023 00:02:43] New process found: Process Name - winlogon.exe Process ID - 13428 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:02:45] New process found: Process Name - LogonUI.exe Process ID - 9720 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:02:45] New process found: Process Name - dwm.exe Process ID - 6556 Process Identity - Window Manager\DWM-4 [12-07-2023 00:02:48] New process found: Process Name - WmiPrvSE.exe Process ID - 9320 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:02:50] New process found: Process Name - InetMgr.exe Process ID - 7836 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 00:02:54] Process Exited: Process Name - dwm.exe Process ID - 6556 [12-07-2023 00:02:54] Process Exited: Process Name - LogonUI.exe Process ID - 9720 [12-07-2023 00:02:54] Process Exited: Process Name - winlogon.exe Process ID - 13428 [12-07-2023 00:02:55] Process Exited: Process Name - csrss.exe Process ID - 13380 [12-07-2023 00:03:02] New process found: Process Name - csrss.exe Process ID - 13864 Process Identity - SYSTEM [12-07-2023 00:03:02] New process found: Process Name - winlogon.exe Process ID - 14140 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:03:03] New process found: Process Name - LogonUI.exe Process ID - 13232 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:03:03] New process found: Process Name - dwm.exe Process ID - 14192 Process Identity - Window Manager\DWM-4 [12-07-2023 00:03:10] Process Exited: Process Name - LogonUI.exe Process ID - 13232 [12-07-2023 00:03:10] Process Exited: Process Name - csrss.exe Process ID - 13864 [12-07-2023 00:03:10] Process Exited: Process Name - winlogon.exe Process ID - 14140 [12-07-2023 00:03:10] Process Exited: Process Name - dwm.exe Process ID - 14192 [12-07-2023 00:03:13] New process found: Process Name - csrss.exe Process ID - 11084 Process Identity - SYSTEM [12-07-2023 00:03:13] New process found: Process Name - winlogon.exe Process ID - 15692 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:03:15] New process found: Process Name - LogonUI.exe Process ID - 15140 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:03:15] New process found: Process Name - dwm.exe Process ID - 15196 Process Identity - Window Manager\DWM-4 [12-07-2023 00:03:21] New process found: Process Name - dllhost.exe Process ID - 7716 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 00:03:25] Process Exited: Process Name - csrss.exe Process ID - 11084 [12-07-2023 00:03:25] Process Exited: Process Name - LogonUI.exe Process ID - 15140 [12-07-2023 00:03:25] Process Exited: Process Name - dwm.exe Process ID - 15196 [12-07-2023 00:03:25] Process Exited: Process Name - winlogon.exe Process ID - 15692 [12-07-2023 00:03:28] New process found: Process Name - csrss.exe Process ID - 12660 Process Identity - SYSTEM [12-07-2023 00:03:28] New process found: Process Name - winlogon.exe Process ID - 7004 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:03:29] New process found: Process Name - LogonUI.exe Process ID - 7036 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:03:29] New process found: Process Name - dwm.exe Process ID - 12232 Process Identity - Window Manager\DWM-4 [12-07-2023 00:03:41] Process Exited: Process Name - winlogon.exe Process ID - 7004 [12-07-2023 00:03:41] Process Exited: Process Name - LogonUI.exe Process ID - 7036 [12-07-2023 00:03:41] Process Exited: Process Name - dwm.exe Process ID - 12232 [12-07-2023 00:03:41] Process Exited: Process Name - csrss.exe Process ID - 12660 [12-07-2023 00:03:43] New process found: Process Name - csrss.exe Process ID - 10676 Process Identity - SYSTEM [12-07-2023 00:03:43] New process found: Process Name - winlogon.exe Process ID - 3860 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:03:44] New process found: Process Name - LogonUI.exe Process ID - 11488 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:03:44] New process found: Process Name - dwm.exe Process ID - 15148 Process Identity - Window Manager\DWM-4 [12-07-2023 00:03:56] Process Exited: Process Name - winlogon.exe Process ID - 3860 [12-07-2023 00:03:56] Process Exited: Process Name - csrss.exe Process ID - 10676 [12-07-2023 00:03:56] Process Exited: Process Name - LogonUI.exe Process ID - 11488 [12-07-2023 00:03:56] Process Exited: Process Name - dwm.exe Process ID - 15148 [12-07-2023 00:03:58] New process found: Process Name - csrss.exe Process ID - 16056 Process Identity - SYSTEM [12-07-2023 00:03:58] New process found: Process Name - winlogon.exe Process ID - 15788 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:03:59] New process found: Process Name - LogonUI.exe Process ID - 5800 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:03:59] New process found: Process Name - dwm.exe Process ID - 12312 Process Identity - Window Manager\DWM-4 [12-07-2023 00:04:11] Process Exited: Process Name - LogonUI.exe Process ID - 5800 [12-07-2023 00:04:11] Process Exited: Process Name - WmiPrvSE.exe Process ID - 6828 [12-07-2023 00:04:11] Process Exited: Process Name - WmiPrvSE.exe Process ID - 9320 [12-07-2023 00:04:11] Process Exited: Process Name - dwm.exe Process ID - 12312 [12-07-2023 00:04:11] Process Exited: Process Name - winlogon.exe Process ID - 15788 [12-07-2023 00:04:11] Process Exited: Process Name - csrss.exe Process ID - 16056 [12-07-2023 00:04:14] New process found: Process Name - csrss.exe Process ID - 9028 Process Identity - SYSTEM [12-07-2023 00:04:14] New process found: Process Name - winlogon.exe Process ID - 12440 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:04:14] New process found: Process Name - LogonUI.exe Process ID - 6568 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:04:14] New process found: Process Name - dwm.exe Process ID - 12712 Process Identity - Window Manager\DWM-4 [12-07-2023 00:04:25] New process found: Process Name - csc.exe Process ID - 6932 Process Identity - IIS APPPOOL\adminportal.galaxytools.in [12-07-2023 00:04:25] New process found: Process Name - conhost.exe Process ID - 9608 Process Identity - IIS APPPOOL\adminportal.galaxytools.in [12-07-2023 00:04:25] Process Exited: Process Name - dllhost.exe Process ID - 7716 [12-07-2023 00:04:26] Process Exited: Process Name - LogonUI.exe Process ID - 6568 [12-07-2023 00:04:26] Process Exited: Process Name - csrss.exe Process ID - 9028 [12-07-2023 00:04:26] Process Exited: Process Name - winlogon.exe Process ID - 12440 [12-07-2023 00:04:26] Process Exited: Process Name - dwm.exe Process ID - 12712 [12-07-2023 00:04:29] Process Exited: Process Name - csc.exe Process ID - 6932 [12-07-2023 00:04:29] Process Exited: Process Name - conhost.exe Process ID - 9608 [12-07-2023 00:04:30] New process found: Process Name - csrss.exe Process ID - 16104 Process Identity - SYSTEM [12-07-2023 00:04:30] New process found: Process Name - winlogon.exe Process ID - 4980 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:04:32] New process found: Process Name - LogonUI.exe Process ID - 14548 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:04:32] New process found: Process Name - dwm.exe Process ID - 8244 Process Identity - Window Manager\DWM-4 [12-07-2023 00:04:41] Process Exited: Process Name - winlogon.exe Process ID - 4980 [12-07-2023 00:04:41] Process Exited: Process Name - dwm.exe Process ID - 8244 [12-07-2023 00:04:41] Process Exited: Process Name - LogonUI.exe Process ID - 14548 [12-07-2023 00:04:41] Process Exited: Process Name - csrss.exe Process ID - 16104 [12-07-2023 00:04:44] New process found: Process Name - csrss.exe Process ID - 11496 Process Identity - SYSTEM [12-07-2023 00:04:44] New process found: Process Name - winlogon.exe Process ID - 15008 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:04:46] New process found: Process Name - LogonUI.exe Process ID - 8964 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:04:46] New process found: Process Name - dwm.exe Process ID - 5932 Process Identity - Window Manager\DWM-4 [12-07-2023 00:04:47] Process Exited: Process Name - SearchProtocolHost.exe Process ID - 12340 [12-07-2023 00:04:47] Process Exited: Process Name - SearchFilterHost.exe Process ID - 14856 [12-07-2023 00:04:56] Process Exited: Process Name - dwm.exe Process ID - 5932 [12-07-2023 00:04:56] Process Exited: Process Name - LogonUI.exe Process ID - 8964 [12-07-2023 00:04:56] Process Exited: Process Name - winlogon.exe Process ID - 15008 [12-07-2023 00:04:57] Process Exited: Process Name - csrss.exe Process ID - 11496 [12-07-2023 00:05:00] New process found: Process Name - csrss.exe Process ID - 8932 Process Identity - SYSTEM [12-07-2023 00:05:00] New process found: Process Name - winlogon.exe Process ID - 2084 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:05:04] New process found: Process Name - LogonUI.exe Process ID - 11388 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:05:04] New process found: Process Name - dwm.exe Process ID - 14704 Process Identity - Window Manager\DWM-4 [12-07-2023 00:05:12] Process Exited: Process Name - winlogon.exe Process ID - 2084 [12-07-2023 00:05:12] Process Exited: Process Name - csrss.exe Process ID - 8932 [12-07-2023 00:05:12] Process Exited: Process Name - LogonUI.exe Process ID - 11388 [12-07-2023 00:05:12] Process Exited: Process Name - dwm.exe Process ID - 14704 [12-07-2023 00:05:14] New process found: Process Name - csrss.exe Process ID - 16220 Process Identity - SYSTEM [12-07-2023 00:05:14] New process found: Process Name - winlogon.exe Process ID - 11788 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:05:15] New process found: Process Name - LogonUI.exe Process ID - 11048 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:05:15] New process found: Process Name - dwm.exe Process ID - 1824 Process Identity - Window Manager\DWM-4 [12-07-2023 00:05:27] Process Exited: Process Name - dwm.exe Process ID - 1824 [12-07-2023 00:05:27] Process Exited: Process Name - LogonUI.exe Process ID - 11048 [12-07-2023 00:05:27] Process Exited: Process Name - winlogon.exe Process ID - 11788 [12-07-2023 00:05:27] Process Exited: Process Name - csrss.exe Process ID - 16220 [12-07-2023 00:05:29] New process found: Process Name - w3wp.exe Process ID - 6060 Process Identity - IIS APPPOOL\shop.galaxytools.in Web application pool name - shop.galaxytools.in [12-07-2023 00:05:31] New process found: Process Name - csrss.exe Process ID - 15232 Process Identity - SYSTEM [12-07-2023 00:05:31] New process found: Process Name - winlogon.exe Process ID - 16108 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:05:34] New process found: Process Name - LogonUI.exe Process ID - 1760 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:05:34] New process found: Process Name - dwm.exe Process ID - 15176 Process Identity - Window Manager\DWM-4 [12-07-2023 00:05:44] Process Exited: Process Name - LogonUI.exe Process ID - 1760 [12-07-2023 00:05:44] Process Exited: Process Name - dwm.exe Process ID - 15176 [12-07-2023 00:05:44] Process Exited: Process Name - csrss.exe Process ID - 15232 [12-07-2023 00:05:44] Process Exited: Process Name - winlogon.exe Process ID - 16108 [12-07-2023 00:05:49] New process found: Process Name - csrss.exe Process ID - 11188 Process Identity - SYSTEM [12-07-2023 00:05:49] New process found: Process Name - winlogon.exe Process ID - 9956 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:05:50] New process found: Process Name - LogonUI.exe Process ID - 15524 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:05:50] New process found: Process Name - dwm.exe Process ID - 15140 Process Identity - Window Manager\DWM-4 [12-07-2023 00:06:00] Process Exited: Process Name - winlogon.exe Process ID - 9956 [12-07-2023 00:06:00] Process Exited: Process Name - csrss.exe Process ID - 11188 [12-07-2023 00:06:00] Process Exited: Process Name - dwm.exe Process ID - 15140 [12-07-2023 00:06:00] Process Exited: Process Name - LogonUI.exe Process ID - 15524 [12-07-2023 00:06:05] New process found: Process Name - csrss.exe Process ID - 15468 Process Identity - SYSTEM [12-07-2023 00:06:05] New process found: Process Name - winlogon.exe Process ID - 4068 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:06:06] New process found: Process Name - LogonUI.exe Process ID - 12220 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:06:06] New process found: Process Name - dwm.exe Process ID - 13764 Process Identity - Window Manager\DWM-4 [12-07-2023 00:06:15] Process Exited: Process Name - winlogon.exe Process ID - 4068 [12-07-2023 00:06:15] Process Exited: Process Name - LogonUI.exe Process ID - 12220 [12-07-2023 00:06:15] Process Exited: Process Name - dwm.exe Process ID - 13764 [12-07-2023 00:06:15] Process Exited: Process Name - csrss.exe Process ID - 15468 [12-07-2023 00:06:17] New process found: Process Name - csrss.exe Process ID - 12944 Process Identity - SYSTEM [12-07-2023 00:06:17] New process found: Process Name - winlogon.exe Process ID - 15200 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:06:18] New process found: Process Name - LogonUI.exe Process ID - 13000 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:06:18] New process found: Process Name - dwm.exe Process ID - 12988 Process Identity - Window Manager\DWM-4 [12-07-2023 00:06:30] Process Exited: Process Name - csrss.exe Process ID - 12944 [12-07-2023 00:06:30] Process Exited: Process Name - dwm.exe Process ID - 12988 [12-07-2023 00:06:30] Process Exited: Process Name - LogonUI.exe Process ID - 13000 [12-07-2023 00:06:30] Process Exited: Process Name - winlogon.exe Process ID - 15200 [12-07-2023 00:06:32] New process found: Process Name - dllhost.exe Process ID - 5084 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 00:06:33] New process found: Process Name - csrss.exe Process ID - 13796 Process Identity - SYSTEM [12-07-2023 00:06:33] New process found: Process Name - winlogon.exe Process ID - 5728 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:06:34] New process found: Process Name - LogonUI.exe Process ID - 11832 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:06:34] New process found: Process Name - svchost.exe Process ID - 10852 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:06:34] Process Exited: Process Name - dllhost.exe Process ID - 5084 [12-07-2023 00:06:34] Process Exited: Process Name - rdpclip.exe Process ID - 6660 [12-07-2023 00:06:34] Process Exited: Process Name - ComboCleaner.exe Process ID - 6920 [12-07-2023 00:06:34] Process Exited: Process Name - ShellExperienceHost.exe Process ID - 7516 [12-07-2023 00:06:34] Process Exited: Process Name - InetMgr.exe Process ID - 7836 [12-07-2023 00:06:34] Process Exited: Process Name - mbamtray.exe Process ID - 9052 [12-07-2023 00:06:34] Process Exited: Process Name - traymonitor.exe Process ID - 9772 [12-07-2023 00:06:34] Process Exited: Process Name - METray.exe Process ID - 9804 [12-07-2023 00:06:34] Process Exited: Process Name - conhost.exe Process ID - 9972 [12-07-2023 00:06:34] Process Exited: Process Name - WinRAR.exe Process ID - 10784 [12-07-2023 00:06:34] Process Exited: Process Name - dllhost.exe Process ID - 14384 [12-07-2023 00:06:34] Process Exited: Process Name - ServerManager.exe Process ID - 14832 [12-07-2023 00:06:34] Process Exited: Process Name - wacs.exe Process ID - 15584 [12-07-2023 00:06:34] Service state changed: Service Name - WerSvc Process ID - 10852 Current State - SERVICE_RUNNING [12-07-2023 00:06:35] New process found: Process Name - LogonUI.exe Process ID - 10736 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:06:35] New process found: Process Name - dwm.exe Process ID - 10068 Process Identity - Window Manager\DWM-4 [12-07-2023 00:06:39] Process Exited: Process Name - explorer.exe Process ID - 6464 [12-07-2023 00:06:39] Process Exited: Process Name - RuntimeBroker.exe Process ID - 6704 [12-07-2023 00:06:39] Process Exited: Process Name - sihost.exe Process ID - 6856 [12-07-2023 00:06:39] Process Exited: Process Name - taskhostw.exe Process ID - 6892 [12-07-2023 00:06:39] Process Exited: Process Name - fontdrvhost.exe Process ID - 7084 [12-07-2023 00:06:39] Process Exited: Process Name - ApplicationFrameHost.exe Process ID - 7156 [12-07-2023 00:06:39] Process Exited: Process Name - SearchUI.exe Process ID - 7648 [12-07-2023 00:06:46] Process Exited: Process Name - winlogon.exe Process ID - 5728 [12-07-2023 00:06:46] Process Exited: Process Name - dwm.exe Process ID - 10068 [12-07-2023 00:06:46] Process Exited: Process Name - LogonUI.exe Process ID - 10736 [12-07-2023 00:06:46] Process Exited: Process Name - csrss.exe Process ID - 13796 [12-07-2023 00:06:48] New process found: Process Name - csrss.exe Process ID - 15544 Process Identity - SYSTEM [12-07-2023 00:06:48] New process found: Process Name - winlogon.exe Process ID - 14744 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:06:49] New process found: Process Name - svchost.exe Process ID - 11072 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 00:06:49] New process found: Process Name - WerFault.exe Process ID - 7316 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 00:06:49] Process Exited: Process Name - winlogon.exe Process ID - 5332 [12-07-2023 00:06:49] Process Exited: Process Name - dwm.exe Process ID - 6180 [12-07-2023 00:06:49] Process Exited: Process Name - SystemSettings.exe Process ID - 10136 [12-07-2023 00:06:49] Process Exited: Process Name - LogonUI.exe Process ID - 11832 [12-07-2023 00:06:49] Service state changed: Service Name - WdiServiceHost Process ID - 1068 Current State - SERVICE_RUNNING [12-07-2023 00:06:49] Service state changed: Service Name - WdiSystemHost Process ID - 284 Current State - SERVICE_RUNNING [12-07-2023 00:06:49] Service state changed: Service Name - wlidsvc Process ID - 1120 Current State - SERVICE_START_PENDING [12-07-2023 00:06:49] Service state changed: Service Name - CDPUserSvc_4e18e Process ID - 0 Current State - SERVICE_STOPPED [12-07-2023 00:06:49] Service state changed: Service Name - OneSyncSvc_4e18e Process ID - 6864 Current State - SERVICE_STOP_PENDING [12-07-2023 00:06:50] New process found: Process Name - LogonUI.exe Process ID - 14956 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:06:50] New process found: Process Name - dwm.exe Process ID - 15800 Process Identity - Window Manager\DWM-4 [12-07-2023 00:06:50] Service state changed: Service Name - wisvc Process ID - 1120 Current State - SERVICE_RUNNING [12-07-2023 00:06:50] Service state changed: Service Name - wlidsvc Process ID - 1120 Current State - SERVICE_RUNNING [12-07-2023 00:06:58] Process Exited: Process Name - w3wp.exe Process ID - 12824 Web application pool name - capitalbooks-publishing.com(domain)(4.0)(pool) [12-07-2023 00:06:59] Process Exited: Process Name - svchost.exe Process ID - 6864 [12-07-2023 00:06:59] Process Exited: Process Name - WerFault.exe Process ID - 7316 [12-07-2023 00:06:59] Process Exited: Process Name - svchost.exe Process ID - 11072 [12-07-2023 00:07:00] Process Exited: Process Name - w3wp.exe Process ID - 15144 Web application pool name - DefaultAppPool [12-07-2023 00:07:01] Process Exited: Process Name - winlogon.exe Process ID - 14744 [12-07-2023 00:07:01] Process Exited: Process Name - LogonUI.exe Process ID - 14956 [12-07-2023 00:07:01] Process Exited: Process Name - csrss.exe Process ID - 15544 [12-07-2023 00:07:01] Process Exited: Process Name - dwm.exe Process ID - 15800 [12-07-2023 00:07:02] Process Exited: Process Name - csrss.exe Process ID - 1900 [12-07-2023 00:07:03] New process found: Process Name - csrss.exe Process ID - 4116 Process Identity - SYSTEM [12-07-2023 00:07:03] New process found: Process Name - winlogon.exe Process ID - 15260 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:07:04] New process found: Process Name - LogonUI.exe Process ID - 13684 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:07:04] New process found: Process Name - dwm.exe Process ID - 8296 Process Identity - Window Manager\DWM-4 [12-07-2023 00:07:05] New process found: Process Name - w3wp.exe Process ID - 3136 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 00:07:05] Process Exited: Process Name - w3wp.exe Process ID - 3376 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 00:07:16] Process Exited: Process Name - csrss.exe Process ID - 4116 [12-07-2023 00:07:16] Process Exited: Process Name - dwm.exe Process ID - 8296 [12-07-2023 00:07:16] Process Exited: Process Name - LogonUI.exe Process ID - 13684 [12-07-2023 00:07:16] Process Exited: Process Name - winlogon.exe Process ID - 15260 [12-07-2023 00:07:18] New process found: Process Name - csrss.exe Process ID - 15132 Process Identity - SYSTEM [12-07-2023 00:07:18] New process found: Process Name - winlogon.exe Process ID - 15816 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:07:19] New process found: Process Name - LogonUI.exe Process ID - 9348 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:07:19] New process found: Process Name - dwm.exe Process ID - 11388 Process Identity - Window Manager\DWM-4 [12-07-2023 00:07:31] Process Exited: Process Name - LogonUI.exe Process ID - 9348 [12-07-2023 00:07:31] Process Exited: Process Name - dwm.exe Process ID - 11388 [12-07-2023 00:07:31] Process Exited: Process Name - csrss.exe Process ID - 15132 [12-07-2023 00:07:31] Process Exited: Process Name - winlogon.exe Process ID - 15816 [12-07-2023 00:07:34] New process found: Process Name - csrss.exe Process ID - 12280 Process Identity - SYSTEM [12-07-2023 00:07:34] New process found: Process Name - winlogon.exe Process ID - 15568 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:07:37] New process found: Process Name - LogonUI.exe Process ID - 13428 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:07:37] New process found: Process Name - dwm.exe Process ID - 10436 Process Identity - Window Manager\DWM-4 [12-07-2023 00:07:46] Process Exited: Process Name - LogonUI.exe Process ID - 13428 [12-07-2023 00:07:47] Process Exited: Process Name - dwm.exe Process ID - 10436 [12-07-2023 00:07:47] Process Exited: Process Name - csrss.exe Process ID - 12280 [12-07-2023 00:07:47] Process Exited: Process Name - winlogon.exe Process ID - 15568 [12-07-2023 00:07:49] New process found: Process Name - csrss.exe Process ID - 10688 Process Identity - SYSTEM [12-07-2023 00:07:49] New process found: Process Name - winlogon.exe Process ID - 11120 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:07:49] Service state changed: Service Name - ScDeviceEnum Process ID - 0 Current State - SERVICE_STOPPED [12-07-2023 00:07:51] New process found: Process Name - LogonUI.exe Process ID - 14140 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:07:51] New process found: Process Name - dwm.exe Process ID - 14596 Process Identity - Window Manager\DWM-4 [12-07-2023 00:07:51] Service state changed: Service Name - wisvc Process ID - 0 Current State - SERVICE_STOPPED [12-07-2023 00:08:02] Process Exited: Process Name - csrss.exe Process ID - 10688 [12-07-2023 00:08:02] Process Exited: Process Name - winlogon.exe Process ID - 11120 [12-07-2023 00:08:02] Process Exited: Process Name - LogonUI.exe Process ID - 14140 [12-07-2023 00:08:02] Process Exited: Process Name - dwm.exe Process ID - 14596 [12-07-2023 00:08:03] New process found: Process Name - csrss.exe Process ID - 7972 Process Identity - SYSTEM [12-07-2023 00:08:03] New process found: Process Name - winlogon.exe Process ID - 11812 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:08:04] New process found: Process Name - LogonUI.exe Process ID - 11084 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:08:04] New process found: Process Name - dwm.exe Process ID - 11876 Process Identity - Window Manager\DWM-4 [12-07-2023 00:08:17] Process Exited: Process Name - csrss.exe Process ID - 7972 [12-07-2023 00:08:17] Process Exited: Process Name - LogonUI.exe Process ID - 11084 [12-07-2023 00:08:17] Process Exited: Process Name - conhost.exe Process ID - 11636 [12-07-2023 00:08:17] Process Exited: Process Name - winlogon.exe Process ID - 11812 [12-07-2023 00:08:17] Process Exited: Process Name - dwm.exe Process ID - 11876 [12-07-2023 00:08:17] Process Exited: Process Name - w3wp.exe Process ID - 16068 Web application pool name - kdbps.edu.in [12-07-2023 00:08:22] New process found: Process Name - csrss.exe Process ID - 11364 Process Identity - SYSTEM [12-07-2023 00:08:22] New process found: Process Name - winlogon.exe Process ID - 14800 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:08:23] New process found: Process Name - LogonUI.exe Process ID - 12660 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:08:23] New process found: Process Name - dwm.exe Process ID - 16052 Process Identity - Window Manager\DWM-4 [12-07-2023 00:08:28] New process found: Process Name - w3wp.exe Process ID - 6996 Process Identity - IIS APPPOOL\galaxytools.in Web application pool name - galaxytools.in [12-07-2023 00:08:32] Process Exited: Process Name - csrss.exe Process ID - 11364 [12-07-2023 00:08:32] Process Exited: Process Name - LogonUI.exe Process ID - 12660 [12-07-2023 00:08:32] Process Exited: Process Name - winlogon.exe Process ID - 14800 [12-07-2023 00:08:32] Process Exited: Process Name - dwm.exe Process ID - 16052 [12-07-2023 00:08:34] New process found: Process Name - csrss.exe Process ID - 1556 Process Identity - SYSTEM [12-07-2023 00:08:34] New process found: Process Name - winlogon.exe Process ID - 13944 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:08:36] New process found: Process Name - w3wp.exe Process ID - 12956 Process Identity - IIS APPPOOL\kdbps.edu.in Web application pool name - kdbps.edu.in [12-07-2023 00:08:36] New process found: Process Name - conhost.exe Process ID - 13976 Process Identity - IIS APPPOOL\kdbps.edu.in [12-07-2023 00:08:36] New process found: Process Name - LogonUI.exe Process ID - 840 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:08:36] New process found: Process Name - dwm.exe Process ID - 8564 Process Identity - Window Manager\DWM-4 [12-07-2023 00:08:48] Process Exited: Process Name - LogonUI.exe Process ID - 840 [12-07-2023 00:08:48] Process Exited: Process Name - csrss.exe Process ID - 1556 [12-07-2023 00:08:48] Process Exited: Process Name - dwm.exe Process ID - 8564 [12-07-2023 00:08:48] Process Exited: Process Name - winlogon.exe Process ID - 13944 [12-07-2023 00:08:49] New process found: Process Name - csrss.exe Process ID - 10684 Process Identity - SYSTEM [12-07-2023 00:08:49] New process found: Process Name - winlogon.exe Process ID - 12372 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:08:49] Process Exited: Process Name - svchost.exe Process ID - 10852 [12-07-2023 00:08:49] Service state changed: Service Name - WerSvc Process ID - 0 Current State - SERVICE_STOPPED [12-07-2023 00:08:51] New process found: Process Name - LogonUI.exe Process ID - 15620 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:08:51] New process found: Process Name - dwm.exe Process ID - 15820 Process Identity - Window Manager\DWM-4 [12-07-2023 00:08:54] New process found: Process Name - WmiPrvSE.exe Process ID - 7860 Process Identity - NT AUTHORITY\LOCAL SERVICE [12-07-2023 00:09:01] New process found: Process Name - WmiPrvSE.exe Process ID - 2904 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:09:02] Process Exited: Process Name - csrss.exe Process ID - 10684 [12-07-2023 00:09:02] Process Exited: Process Name - winlogon.exe Process ID - 12372 [12-07-2023 00:09:02] Process Exited: Process Name - LogonUI.exe Process ID - 15620 [12-07-2023 00:09:02] Process Exited: Process Name - dwm.exe Process ID - 15820 [12-07-2023 00:09:05] New process found: Process Name - csrss.exe Process ID - 10100 Process Identity - SYSTEM [12-07-2023 00:09:05] New process found: Process Name - winlogon.exe Process ID - 12696 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:09:06] New process found: Process Name - LogonUI.exe Process ID - 2552 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:09:06] New process found: Process Name - dwm.exe Process ID - 14560 Process Identity - Window Manager\DWM-4 [12-07-2023 00:09:13] New process found: Process Name - w3wp.exe Process ID - 6940 Process Identity - IIS APPPOOL\DefaultAppPool Web application pool name - DefaultAppPool [12-07-2023 00:09:17] Process Exited: Process Name - LogonUI.exe Process ID - 2552 [12-07-2023 00:09:17] Process Exited: Process Name - winlogon.exe Process ID - 12696 [12-07-2023 00:09:17] Process Exited: Process Name - dwm.exe Process ID - 14560 [12-07-2023 00:09:18] Process Exited: Process Name - csrss.exe Process ID - 10100 [12-07-2023 00:09:19] New process found: Process Name - csrss.exe Process ID - 8592 Process Identity - SYSTEM [12-07-2023 00:09:19] New process found: Process Name - winlogon.exe Process ID - 15944 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:09:21] New process found: Process Name - LogonUI.exe Process ID - 6752 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:09:21] New process found: Process Name - dwm.exe Process ID - 14972 Process Identity - Window Manager\DWM-4 [12-07-2023 00:09:32] Process Exited: Process Name - LogonUI.exe Process ID - 6752 [12-07-2023 00:09:32] Process Exited: Process Name - dwm.exe Process ID - 14972 [12-07-2023 00:09:32] Process Exited: Process Name - winlogon.exe Process ID - 15944 [12-07-2023 00:09:33] Process Exited: Process Name - csrss.exe Process ID - 8592 [12-07-2023 00:09:34] New process found: Process Name - csrss.exe Process ID - 7764 Process Identity - SYSTEM [12-07-2023 00:09:34] New process found: Process Name - winlogon.exe Process ID - 7696 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:09:35] New process found: Process Name - LogonUI.exe Process ID - 15964 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:09:35] New process found: Process Name - dwm.exe Process ID - 15560 Process Identity - Window Manager\DWM-4 [12-07-2023 00:09:48] Process Exited: Process Name - winlogon.exe Process ID - 7696 [12-07-2023 00:09:48] Process Exited: Process Name - csrss.exe Process ID - 7764 [12-07-2023 00:09:48] Process Exited: Process Name - dwm.exe Process ID - 15560 [12-07-2023 00:09:48] Process Exited: Process Name - LogonUI.exe Process ID - 15964 [12-07-2023 00:09:50] New process found: Process Name - csrss.exe Process ID - 4148 Process Identity - SYSTEM [12-07-2023 00:09:50] New process found: Process Name - winlogon.exe Process ID - 14072 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:09:50] Service state changed: Service Name - wlidsvc Process ID - 0 Current State - SERVICE_STOPPED [12-07-2023 00:09:52] New process found: Process Name - LogonUI.exe Process ID - 10660 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:09:52] New process found: Process Name - dwm.exe Process ID - 15248 Process Identity - Window Manager\DWM-4 [12-07-2023 00:09:59] Process Exited: Process Name - w3wp.exe Process ID - 10804 Web application pool name - adminportal.galaxytools.in [12-07-2023 00:10:03] Process Exited: Process Name - csrss.exe Process ID - 4148 [12-07-2023 00:10:03] Process Exited: Process Name - LogonUI.exe Process ID - 10660 [12-07-2023 00:10:03] Process Exited: Process Name - winlogon.exe Process ID - 14072 [12-07-2023 00:10:03] Process Exited: Process Name - dwm.exe Process ID - 15248 [12-07-2023 00:10:05] New process found: Process Name - csrss.exe Process ID - 15144 Process Identity - SYSTEM [12-07-2023 00:10:05] New process found: Process Name - winlogon.exe Process ID - 12560 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:10:07] New process found: Process Name - LogonUI.exe Process ID - 15256 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:10:07] New process found: Process Name - dwm.exe Process ID - 10496 Process Identity - Window Manager\DWM-4 [12-07-2023 00:10:18] Process Exited: Process Name - dwm.exe Process ID - 10496 [12-07-2023 00:10:18] Process Exited: Process Name - winlogon.exe Process ID - 12560 [12-07-2023 00:10:18] Process Exited: Process Name - csrss.exe Process ID - 15144 [12-07-2023 00:10:18] Process Exited: Process Name - LogonUI.exe Process ID - 15256 [12-07-2023 00:10:22] New process found: Process Name - csrss.exe Process ID - 16344 Process Identity - SYSTEM [12-07-2023 00:10:22] New process found: Process Name - winlogon.exe Process ID - 9536 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:10:24] New process found: Process Name - LogonUI.exe Process ID - 12140 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:10:24] New process found: Process Name - dwm.exe Process ID - 15156 Process Identity - Window Manager\DWM-4 [12-07-2023 00:10:24] Process Exited: Process Name - WmiPrvSE.exe Process ID - 2904 [12-07-2023 00:10:24] Process Exited: Process Name - WmiPrvSE.exe Process ID - 7860 [12-07-2023 00:10:28] New process found: Process Name - w3wp.exe Process ID - 14904 Process Identity - KSHITIJSINGHAL-\IWPD_6(cies) Web application pool name - cies.org.in(domain)(4.0)(pool) [12-07-2023 00:10:34] Process Exited: Process Name - winlogon.exe Process ID - 9536 [12-07-2023 00:10:34] Process Exited: Process Name - LogonUI.exe Process ID - 12140 [12-07-2023 00:10:34] Process Exited: Process Name - dwm.exe Process ID - 15156 [12-07-2023 00:10:35] Process Exited: Process Name - csrss.exe Process ID - 16344 [12-07-2023 00:10:41] New process found: Process Name - csrss.exe Process ID - 12284 Process Identity - SYSTEM [12-07-2023 00:10:41] New process found: Process Name - winlogon.exe Process ID - 12360 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:10:43] New process found: Process Name - LogonUI.exe Process ID - 13360 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:10:43] New process found: Process Name - dwm.exe Process ID - 15804 Process Identity - Window Manager\DWM-4 [12-07-2023 00:10:50] Process Exited: Process Name - csrss.exe Process ID - 12284 [12-07-2023 00:10:50] Process Exited: Process Name - winlogon.exe Process ID - 12360 [12-07-2023 00:10:50] Process Exited: Process Name - LogonUI.exe Process ID - 13360 [12-07-2023 00:10:50] Process Exited: Process Name - dwm.exe Process ID - 15804 [12-07-2023 00:10:55] New process found: Process Name - csrss.exe Process ID - 15448 Process Identity - SYSTEM [12-07-2023 00:10:55] New process found: Process Name - winlogon.exe Process ID - 13704 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:11:00] New process found: Process Name - LogonUI.exe Process ID - 9204 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:11:00] New process found: Process Name - dwm.exe Process ID - 2064 Process Identity - Window Manager\DWM-4 [12-07-2023 00:11:05] Process Exited: Process Name - dwm.exe Process ID - 2064 [12-07-2023 00:11:05] Process Exited: Process Name - LogonUI.exe Process ID - 9204 [12-07-2023 00:11:05] Process Exited: Process Name - winlogon.exe Process ID - 13704 [12-07-2023 00:11:05] Process Exited: Process Name - csrss.exe Process ID - 15448 [12-07-2023 00:11:07] New process found: Process Name - csrss.exe Process ID - 12908 Process Identity - SYSTEM [12-07-2023 00:11:07] New process found: Process Name - winlogon.exe Process ID - 12940 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:11:08] New process found: Process Name - LogonUI.exe Process ID - 10528 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:11:08] New process found: Process Name - dwm.exe Process ID - 9068 Process Identity - Window Manager\DWM-4 [12-07-2023 00:11:20] Process Exited: Process Name - dwm.exe Process ID - 9068 [12-07-2023 00:11:20] Process Exited: Process Name - LogonUI.exe Process ID - 10528 [12-07-2023 00:11:20] Process Exited: Process Name - csrss.exe Process ID - 12908 [12-07-2023 00:11:20] Process Exited: Process Name - winlogon.exe Process ID - 12940 [12-07-2023 00:11:22] New process found: Process Name - csrss.exe Process ID - 15164 Process Identity - SYSTEM [12-07-2023 00:11:22] New process found: Process Name - winlogon.exe Process ID - 1216 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:11:25] New process found: Process Name - LogonUI.exe Process ID - 10016 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:11:25] New process found: Process Name - dwm.exe Process ID - 9312 Process Identity - Window Manager\DWM-4 [12-07-2023 00:11:32] Process Exited: Process Name - w3wp.exe Process ID - 6060 Web application pool name - shop.galaxytools.in [12-07-2023 00:11:35] Process Exited: Process Name - winlogon.exe Process ID - 1216 [12-07-2023 00:11:35] Process Exited: Process Name - dwm.exe Process ID - 9312 [12-07-2023 00:11:35] Process Exited: Process Name - LogonUI.exe Process ID - 10016 [12-07-2023 00:11:35] Process Exited: Process Name - csrss.exe Process ID - 15164 [12-07-2023 00:11:38] New process found: Process Name - csrss.exe Process ID - 15084 Process Identity - SYSTEM [12-07-2023 00:11:38] New process found: Process Name - winlogon.exe Process ID - 14112 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:11:39] New process found: Process Name - LogonUI.exe Process ID - 4772 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:11:39] New process found: Process Name - dwm.exe Process ID - 9736 Process Identity - Window Manager\DWM-4 [12-07-2023 00:11:50] Process Exited: Process Name - LogonUI.exe Process ID - 4772 [12-07-2023 00:11:50] Process Exited: Process Name - dwm.exe Process ID - 9736 [12-07-2023 00:11:50] Process Exited: Process Name - winlogon.exe Process ID - 14112 [12-07-2023 00:11:50] Process Exited: Process Name - csrss.exe Process ID - 15084 [12-07-2023 00:11:53] New process found: Process Name - csrss.exe Process ID - 10964 Process Identity - SYSTEM [12-07-2023 00:11:53] New process found: Process Name - winlogon.exe Process ID - 12968 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:11:55] New process found: Process Name - LogonUI.exe Process ID - 8256 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:11:55] New process found: Process Name - dwm.exe Process ID - 336 Process Identity - Window Manager\DWM-4 [12-07-2023 00:12:06] New process found: Process Name - w3wp.exe Process ID - 10984 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 00:12:06] Process Exited: Process Name - dwm.exe Process ID - 336 [12-07-2023 00:12:06] Process Exited: Process Name - w3wp.exe Process ID - 3136 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 00:12:06] Process Exited: Process Name - LogonUI.exe Process ID - 8256 [12-07-2023 00:12:06] Process Exited: Process Name - csrss.exe Process ID - 10964 [12-07-2023 00:12:06] Process Exited: Process Name - winlogon.exe Process ID - 12968 [12-07-2023 00:12:08] New process found: Process Name - csrss.exe Process ID - 16188 Process Identity - SYSTEM [12-07-2023 00:12:08] New process found: Process Name - winlogon.exe Process ID - 7736 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:12:09] New process found: Process Name - LogonUI.exe Process ID - 14632 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:12:09] New process found: Process Name - dwm.exe Process ID - 15128 Process Identity - Window Manager\DWM-4 [12-07-2023 00:12:21] Process Exited: Process Name - winlogon.exe Process ID - 7736 [12-07-2023 00:12:21] Process Exited: Process Name - LogonUI.exe Process ID - 14632 [12-07-2023 00:12:21] Process Exited: Process Name - dwm.exe Process ID - 15128 [12-07-2023 00:12:21] Process Exited: Process Name - csrss.exe Process ID - 16188 [12-07-2023 00:12:24] New process found: Process Name - csrss.exe Process ID - 11588 Process Identity - SYSTEM [12-07-2023 00:12:24] New process found: Process Name - winlogon.exe Process ID - 9048 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:12:27] New process found: Process Name - LogonUI.exe Process ID - 6896 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:12:27] New process found: Process Name - dwm.exe Process ID - 6216 Process Identity - Window Manager\DWM-4 [12-07-2023 00:12:37] Process Exited: Process Name - dwm.exe Process ID - 6216 [12-07-2023 00:12:37] Process Exited: Process Name - LogonUI.exe Process ID - 6896 [12-07-2023 00:12:37] Process Exited: Process Name - winlogon.exe Process ID - 9048 [12-07-2023 00:12:37] Process Exited: Process Name - csrss.exe Process ID - 11588 [12-07-2023 00:12:40] New process found: Process Name - csrss.exe Process ID - 7276 Process Identity - SYSTEM [12-07-2023 00:12:40] New process found: Process Name - winlogon.exe Process ID - 7732 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:12:41] New process found: Process Name - LogonUI.exe Process ID - 7968 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:12:41] New process found: Process Name - dwm.exe Process ID - 12304 Process Identity - Window Manager\DWM-4 [12-07-2023 00:12:52] Process Exited: Process Name - csrss.exe Process ID - 7276 [12-07-2023 00:12:52] Process Exited: Process Name - winlogon.exe Process ID - 7732 [12-07-2023 00:12:52] Process Exited: Process Name - LogonUI.exe Process ID - 7968 [12-07-2023 00:12:52] Process Exited: Process Name - dwm.exe Process ID - 12304 [12-07-2023 00:12:56] New process found: Process Name - csrss.exe Process ID - 16248 Process Identity - SYSTEM [12-07-2023 00:12:56] New process found: Process Name - winlogon.exe Process ID - 6012 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:12:56] New process found: Process Name - LogonUI.exe Process ID - 7108 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:12:56] New process found: Process Name - dwm.exe Process ID - 10648 Process Identity - Window Manager\DWM-4 [12-07-2023 00:13:07] Process Exited: Process Name - winlogon.exe Process ID - 6012 [12-07-2023 00:13:07] Process Exited: Process Name - LogonUI.exe Process ID - 7108 [12-07-2023 00:13:07] Process Exited: Process Name - dwm.exe Process ID - 10648 [12-07-2023 00:13:07] Process Exited: Process Name - csrss.exe Process ID - 16248 [12-07-2023 00:13:09] New process found: Process Name - csrss.exe Process ID - 9864 Process Identity - SYSTEM [12-07-2023 00:13:09] New process found: Process Name - winlogon.exe Process ID - 15708 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:13:10] New process found: Process Name - LogonUI.exe Process ID - 12444 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:13:10] New process found: Process Name - dwm.exe Process ID - 6172 Process Identity - Window Manager\DWM-4 [12-07-2023 00:13:23] Process Exited: Process Name - dwm.exe Process ID - 6172 [12-07-2023 00:13:23] Process Exited: Process Name - csrss.exe Process ID - 9864 [12-07-2023 00:13:23] Process Exited: Process Name - LogonUI.exe Process ID - 12444 [12-07-2023 00:13:23] Process Exited: Process Name - winlogon.exe Process ID - 15708 [12-07-2023 00:13:26] New process found: Process Name - csrss.exe Process ID - 6188 Process Identity - SYSTEM [12-07-2023 00:13:26] New process found: Process Name - winlogon.exe Process ID - 15564 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:13:28] New process found: Process Name - LogonUI.exe Process ID - 15772 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:13:28] New process found: Process Name - dwm.exe Process ID - 10660 Process Identity - Window Manager\DWM-4 [12-07-2023 00:13:38] New process found: Process Name - w3wp.exe Process ID - 608 Process Identity - KSHITIJSINGHAL-\IWPD_33(acwits) Web application pool name - procurementwebnew.acwits.in(domain)(4.0)(pool) [12-07-2023 00:13:39] Process Exited: Process Name - csrss.exe Process ID - 6188 [12-07-2023 00:13:39] Process Exited: Process Name - dwm.exe Process ID - 10660 [12-07-2023 00:13:39] Process Exited: Process Name - winlogon.exe Process ID - 15564 [12-07-2023 00:13:39] Process Exited: Process Name - LogonUI.exe Process ID - 15772 [12-07-2023 00:13:44] New process found: Process Name - csrss.exe Process ID - 12244 Process Identity - SYSTEM [12-07-2023 00:13:44] New process found: Process Name - winlogon.exe Process ID - 14920 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:13:46] New process found: Process Name - LogonUI.exe Process ID - 7816 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:13:46] New process found: Process Name - dwm.exe Process ID - 7528 Process Identity - Window Manager\DWM-4 [12-07-2023 00:13:55] Process Exited: Process Name - dwm.exe Process ID - 7528 [12-07-2023 00:13:55] Process Exited: Process Name - LogonUI.exe Process ID - 7816 [12-07-2023 00:13:55] Process Exited: Process Name - csrss.exe Process ID - 12244 [12-07-2023 00:13:55] Process Exited: Process Name - winlogon.exe Process ID - 14920 [12-07-2023 00:13:59] New process found: Process Name - csrss.exe Process ID - 3368 Process Identity - SYSTEM [12-07-2023 00:13:59] New process found: Process Name - winlogon.exe Process ID - 6972 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:14:00] New process found: Process Name - LogonUI.exe Process ID - 2832 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:14:00] New process found: Process Name - dwm.exe Process ID - 13436 Process Identity - Window Manager\DWM-4 [12-07-2023 00:14:10] Process Exited: Process Name - LogonUI.exe Process ID - 2832 [12-07-2023 00:14:10] Process Exited: Process Name - csrss.exe Process ID - 3368 [12-07-2023 00:14:10] Process Exited: Process Name - winlogon.exe Process ID - 6972 [12-07-2023 00:14:10] Process Exited: Process Name - dwm.exe Process ID - 13436 [12-07-2023 00:14:13] New process found: Process Name - csrss.exe Process ID - 9276 Process Identity - SYSTEM [12-07-2023 00:14:13] New process found: Process Name - winlogon.exe Process ID - 11172 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:14:14] New process found: Process Name - LogonUI.exe Process ID - 10044 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:14:14] New process found: Process Name - dwm.exe Process ID - 9148 Process Identity - Window Manager\DWM-4 [12-07-2023 00:14:26] Process Exited: Process Name - dwm.exe Process ID - 9148 [12-07-2023 00:14:26] Process Exited: Process Name - csrss.exe Process ID - 9276 [12-07-2023 00:14:26] Process Exited: Process Name - LogonUI.exe Process ID - 10044 [12-07-2023 00:14:26] Process Exited: Process Name - winlogon.exe Process ID - 11172 [12-07-2023 00:14:30] New process found: Process Name - csrss.exe Process ID - 2064 Process Identity - SYSTEM [12-07-2023 00:14:30] New process found: Process Name - winlogon.exe Process ID - 9584 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:14:30] New process found: Process Name - LogonUI.exe Process ID - 15448 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:14:30] New process found: Process Name - dwm.exe Process ID - 4084 Process Identity - Window Manager\DWM-4 [12-07-2023 00:14:41] Process Exited: Process Name - csrss.exe Process ID - 2064 [12-07-2023 00:14:41] Process Exited: Process Name - dwm.exe Process ID - 4084 [12-07-2023 00:14:41] Process Exited: Process Name - winlogon.exe Process ID - 9584 [12-07-2023 00:14:41] Process Exited: Process Name - LogonUI.exe Process ID - 15448 [12-07-2023 00:14:42] Process Exited: Process Name - conhost.exe Process ID - 11292 [12-07-2023 00:14:42] Process Exited: Process Name - w3wp.exe Process ID - 15928 Web application pool name - suryaflame.com(domain)(4.0)(pool) [12-07-2023 00:14:45] New process found: Process Name - csrss.exe Process ID - 12008 Process Identity - SYSTEM [12-07-2023 00:14:45] New process found: Process Name - winlogon.exe Process ID - 15552 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:14:47] New process found: Process Name - LogonUI.exe Process ID - 10412 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:14:47] New process found: Process Name - dwm.exe Process ID - 5792 Process Identity - Window Manager\DWM-4 [12-07-2023 00:14:56] Process Exited: Process Name - dwm.exe Process ID - 5792 [12-07-2023 00:14:56] Process Exited: Process Name - LogonUI.exe Process ID - 10412 [12-07-2023 00:14:56] Process Exited: Process Name - winlogon.exe Process ID - 15552 [12-07-2023 00:14:57] Process Exited: Process Name - csrss.exe Process ID - 12008 [12-07-2023 00:14:59] New process found: Process Name - csrss.exe Process ID - 14480 Process Identity - SYSTEM [12-07-2023 00:14:59] New process found: Process Name - winlogon.exe Process ID - 9456 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:15:00] New process found: Process Name - LogonUI.exe Process ID - 11360 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:15:00] New process found: Process Name - dwm.exe Process ID - 12664 Process Identity - Window Manager\DWM-4 [12-07-2023 00:15:12] Process Exited: Process Name - winlogon.exe Process ID - 9456 [12-07-2023 00:15:12] Process Exited: Process Name - LogonUI.exe Process ID - 11360 [12-07-2023 00:15:12] Process Exited: Process Name - dwm.exe Process ID - 12664 [12-07-2023 00:15:12] Process Exited: Process Name - csrss.exe Process ID - 14480 [12-07-2023 00:15:14] New process found: Process Name - csrss.exe Process ID - 13860 Process Identity - SYSTEM [12-07-2023 00:15:14] New process found: Process Name - winlogon.exe Process ID - 16264 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:15:14] New process found: Process Name - LogonUI.exe Process ID - 176 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:15:14] New process found: Process Name - dwm.exe Process ID - 15464 Process Identity - Window Manager\DWM-4 [12-07-2023 00:15:15] Process Exited: Process Name - w3wp.exe Process ID - 6940 Web application pool name - DefaultAppPool [12-07-2023 00:15:27] Process Exited: Process Name - LogonUI.exe Process ID - 176 [12-07-2023 00:15:27] Process Exited: Process Name - csrss.exe Process ID - 13860 [12-07-2023 00:15:27] Process Exited: Process Name - dwm.exe Process ID - 15464 [12-07-2023 00:15:27] Process Exited: Process Name - winlogon.exe Process ID - 16264 [12-07-2023 00:15:29] New process found: Process Name - csrss.exe Process ID - 12172 Process Identity - SYSTEM [12-07-2023 00:15:29] New process found: Process Name - winlogon.exe Process ID - 11828 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:15:30] New process found: Process Name - LogonUI.exe Process ID - 16136 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:15:30] New process found: Process Name - dwm.exe Process ID - 9316 Process Identity - Window Manager\DWM-4 [12-07-2023 00:15:39] New process found: Process Name - w3wp.exe Process ID - 7624 Process Identity - KSHITIJSINGHAL-\IWPD_74(suryafla_aw) Web application pool name - suryaflame.com(domain)(4.0)(pool) [12-07-2023 00:15:42] New process found: Process Name - conhost.exe Process ID - 16056 Process Identity - KSHITIJSINGHAL-\IWPD_74(suryafla_aw) [12-07-2023 00:15:42] Process Exited: Process Name - dwm.exe Process ID - 9316 [12-07-2023 00:15:42] Process Exited: Process Name - winlogon.exe Process ID - 11828 [12-07-2023 00:15:42] Process Exited: Process Name - csrss.exe Process ID - 12172 [12-07-2023 00:15:42] Process Exited: Process Name - LogonUI.exe Process ID - 16136 [12-07-2023 00:15:47] New process found: Process Name - csrss.exe Process ID - 14592 Process Identity - SYSTEM [12-07-2023 00:15:47] New process found: Process Name - winlogon.exe Process ID - 15824 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:15:49] New process found: Process Name - LogonUI.exe Process ID - 5064 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:15:49] New process found: Process Name - dwm.exe Process ID - 16100 Process Identity - Window Manager\DWM-4 [12-07-2023 00:15:58] Process Exited: Process Name - LogonUI.exe Process ID - 5064 [12-07-2023 00:15:58] Process Exited: Process Name - csrss.exe Process ID - 14592 [12-07-2023 00:15:58] Process Exited: Process Name - winlogon.exe Process ID - 15824 [12-07-2023 00:15:58] Process Exited: Process Name - dwm.exe Process ID - 16100 [12-07-2023 00:16:01] New process found: Process Name - csrss.exe Process ID - 9416 Process Identity - SYSTEM [12-07-2023 00:16:01] New process found: Process Name - winlogon.exe Process ID - 11588 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:16:03] New process found: Process Name - LogonUI.exe Process ID - 1500 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:16:03] New process found: Process Name - dwm.exe Process ID - 988 Process Identity - Window Manager\DWM-4 [12-07-2023 00:16:14] Process Exited: Process Name - dwm.exe Process ID - 988 [12-07-2023 00:16:14] Process Exited: Process Name - LogonUI.exe Process ID - 1500 [12-07-2023 00:16:14] Process Exited: Process Name - csrss.exe Process ID - 9416 [12-07-2023 00:16:14] Process Exited: Process Name - winlogon.exe Process ID - 11588 [12-07-2023 00:16:16] New process found: Process Name - csrss.exe Process ID - 14120 Process Identity - SYSTEM [12-07-2023 00:16:16] New process found: Process Name - winlogon.exe Process ID - 7732 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:16:18] New process found: Process Name - LogonUI.exe Process ID - 11420 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:16:18] New process found: Process Name - dwm.exe Process ID - 6280 Process Identity - Window Manager\DWM-4 [12-07-2023 00:16:29] Process Exited: Process Name - dwm.exe Process ID - 6280 [12-07-2023 00:16:29] Process Exited: Process Name - winlogon.exe Process ID - 7732 [12-07-2023 00:16:29] Process Exited: Process Name - LogonUI.exe Process ID - 11420 [12-07-2023 00:16:29] Process Exited: Process Name - csrss.exe Process ID - 14120 [12-07-2023 00:16:31] New process found: Process Name - csrss.exe Process ID - 8644 Process Identity - SYSTEM [12-07-2023 00:16:31] New process found: Process Name - winlogon.exe Process ID - 13720 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:16:35] New process found: Process Name - LogonUI.exe Process ID - 7884 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:16:35] New process found: Process Name - dwm.exe Process ID - 13872 Process Identity - Window Manager\DWM-4 [12-07-2023 00:16:44] Process Exited: Process Name - LogonUI.exe Process ID - 7884 [12-07-2023 00:16:44] Process Exited: Process Name - csrss.exe Process ID - 8644 [12-07-2023 00:16:44] Process Exited: Process Name - winlogon.exe Process ID - 13720 [12-07-2023 00:16:44] Process Exited: Process Name - dwm.exe Process ID - 13872 [12-07-2023 00:16:46] New process found: Process Name - csrss.exe Process ID - 8860 Process Identity - SYSTEM [12-07-2023 00:16:46] New process found: Process Name - winlogon.exe Process ID - 9388 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:16:47] New process found: Process Name - LogonUI.exe Process ID - 12572 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:16:47] New process found: Process Name - dwm.exe Process ID - 9460 Process Identity - Window Manager\DWM-4 [12-07-2023 00:16:59] Process Exited: Process Name - csrss.exe Process ID - 8860 [12-07-2023 00:16:59] Process Exited: Process Name - winlogon.exe Process ID - 9388 [12-07-2023 00:16:59] Process Exited: Process Name - dwm.exe Process ID - 9460 [12-07-2023 00:16:59] Process Exited: Process Name - LogonUI.exe Process ID - 12572 [12-07-2023 00:17:07] New process found: Process Name - csrss.exe Process ID - 10504 Process Identity - SYSTEM [12-07-2023 00:17:07] New process found: Process Name - winlogon.exe Process ID - 13056 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:17:08] New process found: Process Name - w3wp.exe Process ID - 10452 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 00:17:08] New process found: Process Name - LogonUI.exe Process ID - 7296 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:17:08] New process found: Process Name - dwm.exe Process ID - 8324 Process Identity - Window Manager\DWM-4 [12-07-2023 00:17:08] Process Exited: Process Name - w3wp.exe Process ID - 10984 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 00:17:14] Process Exited: Process Name - LogonUI.exe Process ID - 7296 [12-07-2023 00:17:14] Process Exited: Process Name - dwm.exe Process ID - 8324 [12-07-2023 00:17:14] Process Exited: Process Name - csrss.exe Process ID - 10504 [12-07-2023 00:17:14] Process Exited: Process Name - winlogon.exe Process ID - 13056 [12-07-2023 00:17:17] New process found: Process Name - csrss.exe Process ID - 16348 Process Identity - SYSTEM [12-07-2023 00:17:17] New process found: Process Name - winlogon.exe Process ID - 15132 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:17:19] New process found: Process Name - LogonUI.exe Process ID - 13028 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:17:19] New process found: Process Name - dwm.exe Process ID - 15060 Process Identity - Window Manager\DWM-4 [12-07-2023 00:17:29] Process Exited: Process Name - LogonUI.exe Process ID - 13028 [12-07-2023 00:17:29] Process Exited: Process Name - dwm.exe Process ID - 15060 [12-07-2023 00:17:29] Process Exited: Process Name - winlogon.exe Process ID - 15132 [12-07-2023 00:17:29] Process Exited: Process Name - csrss.exe Process ID - 16348 [12-07-2023 00:17:31] Process Exited: Process Name - w3wp.exe Process ID - 6996 Web application pool name - galaxytools.in [12-07-2023 00:17:33] New process found: Process Name - csrss.exe Process ID - 9308 Process Identity - SYSTEM [12-07-2023 00:17:33] New process found: Process Name - winlogon.exe Process ID - 2428 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:17:33] New process found: Process Name - SearchProtocolHost.exe Process ID - 13052 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:17:33] New process found: Process Name - SearchFilterHost.exe Process ID - 13428 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:17:35] New process found: Process Name - LogonUI.exe Process ID - 444 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:17:35] New process found: Process Name - dwm.exe Process ID - 16176 Process Identity - Window Manager\DWM-4 [12-07-2023 00:17:43] New process found: Process Name - w3wp.exe Process ID - 2660 Process Identity - IIS APPPOOL\galaxytools.in Web application pool name - galaxytools.in [12-07-2023 00:17:44] Process Exited: Process Name - LogonUI.exe Process ID - 444 [12-07-2023 00:17:44] Process Exited: Process Name - winlogon.exe Process ID - 2428 [12-07-2023 00:17:44] Process Exited: Process Name - dwm.exe Process ID - 16176 [12-07-2023 00:17:45] Process Exited: Process Name - csrss.exe Process ID - 9308 [12-07-2023 00:17:50] New process found: Process Name - csrss.exe Process ID - 4084 Process Identity - SYSTEM [12-07-2023 00:17:50] New process found: Process Name - winlogon.exe Process ID - 11988 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:17:51] New process found: Process Name - LogonUI.exe Process ID - 9584 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:17:51] New process found: Process Name - dwm.exe Process ID - 16084 Process Identity - Window Manager\DWM-4 [12-07-2023 00:18:00] Process Exited: Process Name - LogonUI.exe Process ID - 9584 [12-07-2023 00:18:00] Process Exited: Process Name - winlogon.exe Process ID - 11988 [12-07-2023 00:18:00] Process Exited: Process Name - dwm.exe Process ID - 16084 [12-07-2023 00:18:01] Process Exited: Process Name - csrss.exe Process ID - 4084 [12-07-2023 00:18:05] New process found: Process Name - csrss.exe Process ID - 11952 Process Identity - SYSTEM [12-07-2023 00:18:05] New process found: Process Name - winlogon.exe Process ID - 10996 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:18:06] New process found: Process Name - LogonUI.exe Process ID - 8300 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:18:06] New process found: Process Name - dwm.exe Process ID - 9872 Process Identity - Window Manager\DWM-4 [12-07-2023 00:18:15] Process Exited: Process Name - LogonUI.exe Process ID - 8300 [12-07-2023 00:18:15] Process Exited: Process Name - dwm.exe Process ID - 9872 [12-07-2023 00:18:15] Process Exited: Process Name - winlogon.exe Process ID - 10996 [12-07-2023 00:18:16] Process Exited: Process Name - csrss.exe Process ID - 11952 [12-07-2023 00:18:18] New process found: Process Name - csrss.exe Process ID - 15352 Process Identity - SYSTEM [12-07-2023 00:18:18] New process found: Process Name - winlogon.exe Process ID - 12224 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:18:19] New process found: Process Name - LogonUI.exe Process ID - 2724 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:18:19] New process found: Process Name - dwm.exe Process ID - 8720 Process Identity - Window Manager\DWM-4 [12-07-2023 00:18:31] Process Exited: Process Name - LogonUI.exe Process ID - 2724 [12-07-2023 00:18:31] Process Exited: Process Name - dwm.exe Process ID - 8720 [12-07-2023 00:18:31] Process Exited: Process Name - winlogon.exe Process ID - 12224 [12-07-2023 00:18:31] Process Exited: Process Name - csrss.exe Process ID - 15352 [12-07-2023 00:18:34] New process found: Process Name - csrss.exe Process ID - 7788 Process Identity - SYSTEM [12-07-2023 00:18:34] New process found: Process Name - winlogon.exe Process ID - 8384 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:18:36] New process found: Process Name - LogonUI.exe Process ID - 6940 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:18:36] New process found: Process Name - dwm.exe Process ID - 2780 Process Identity - Window Manager\DWM-4 [12-07-2023 00:18:46] Process Exited: Process Name - dwm.exe Process ID - 2780 [12-07-2023 00:18:46] Process Exited: Process Name - LogonUI.exe Process ID - 6940 [12-07-2023 00:18:46] Process Exited: Process Name - csrss.exe Process ID - 7788 [12-07-2023 00:18:46] Process Exited: Process Name - winlogon.exe Process ID - 8384 [12-07-2023 00:18:47] Process Exited: Process Name - SearchProtocolHost.exe Process ID - 13052 [12-07-2023 00:18:47] Process Exited: Process Name - SearchFilterHost.exe Process ID - 13428 [12-07-2023 00:18:50] New process found: Process Name - csrss.exe Process ID - 9736 Process Identity - SYSTEM [12-07-2023 00:18:50] New process found: Process Name - winlogon.exe Process ID - 10112 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:18:53] New process found: Process Name - LogonUI.exe Process ID - 5752 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:18:53] New process found: Process Name - dwm.exe Process ID - 10572 Process Identity - Window Manager\DWM-4 [12-07-2023 00:18:54] New process found: Process Name - WmiPrvSE.exe Process ID - 12332 Process Identity - NT AUTHORITY\LOCAL SERVICE [12-07-2023 00:19:01] New process found: Process Name - WmiPrvSE.exe Process ID - 11684 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:19:01] Process Exited: Process Name - LogonUI.exe Process ID - 5752 [12-07-2023 00:19:01] Process Exited: Process Name - csrss.exe Process ID - 9736 [12-07-2023 00:19:01] Process Exited: Process Name - winlogon.exe Process ID - 10112 [12-07-2023 00:19:01] Process Exited: Process Name - dwm.exe Process ID - 10572 [12-07-2023 00:19:15] New process found: Process Name - w3wp.exe Process ID - 11700 Process Identity - KSHITIJSINGHAL-\IWPD_80(acwits) Web application pool name - pharmacy.acwits.in(domain)(4.0)(pool) [12-07-2023 00:19:15] New process found: Process Name - conhost.exe Process ID - 8516 Process Identity - KSHITIJSINGHAL-\IWPD_80(acwits) [12-07-2023 00:19:19] New process found: Process Name - csrss.exe Process ID - 7956 Process Identity - SYSTEM [12-07-2023 00:19:19] New process found: Process Name - winlogon.exe Process ID - 15808 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:19:21] New process found: Process Name - LogonUI.exe Process ID - 16028 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:19:21] New process found: Process Name - dwm.exe Process ID - 7164 Process Identity - Window Manager\DWM-4 [12-07-2023 00:19:27] New process found: Process Name - w3wp.exe Process ID - 14288 Process Identity - IIS APPPOOL\DefaultAppPool Web application pool name - DefaultAppPool [12-07-2023 00:19:30] Process Exited: Process Name - w3wp.exe Process ID - 14904 Web application pool name - cies.org.in(domain)(4.0)(pool) [12-07-2023 00:19:31] Process Exited: Process Name - dwm.exe Process ID - 7164 [12-07-2023 00:19:31] Process Exited: Process Name - csrss.exe Process ID - 7956 [12-07-2023 00:19:31] Process Exited: Process Name - winlogon.exe Process ID - 15808 [12-07-2023 00:19:31] Process Exited: Process Name - LogonUI.exe Process ID - 16028 [12-07-2023 00:19:34] New process found: Process Name - csrss.exe Process ID - 10864 Process Identity - SYSTEM [12-07-2023 00:19:34] New process found: Process Name - winlogon.exe Process ID - 7800 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:19:36] New process found: Process Name - LogonUI.exe Process ID - 16172 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:19:36] New process found: Process Name - dwm.exe Process ID - 9936 Process Identity - Window Manager\DWM-4 [12-07-2023 00:19:40] Process Exited: Process Name - w3wp.exe Process ID - 608 Web application pool name - procurementwebnew.acwits.in(domain)(4.0)(pool) [12-07-2023 00:19:46] Process Exited: Process Name - winlogon.exe Process ID - 7800 [12-07-2023 00:19:46] Process Exited: Process Name - dwm.exe Process ID - 9936 [12-07-2023 00:19:46] Process Exited: Process Name - csrss.exe Process ID - 10864 [12-07-2023 00:19:46] Process Exited: Process Name - LogonUI.exe Process ID - 16172 [12-07-2023 00:19:48] New process found: Process Name - csrss.exe Process ID - 9652 Process Identity - SYSTEM [12-07-2023 00:19:48] New process found: Process Name - winlogon.exe Process ID - 13872 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:19:52] New process found: Process Name - LogonUI.exe Process ID - 16248 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:19:52] New process found: Process Name - dwm.exe Process ID - 9080 Process Identity - Window Manager\DWM-4 [12-07-2023 00:20:01] Process Exited: Process Name - LogonUI.exe Process ID - 16248 [12-07-2023 00:20:02] Process Exited: Process Name - dwm.exe Process ID - 9080 [12-07-2023 00:20:02] Process Exited: Process Name - csrss.exe Process ID - 9652 [12-07-2023 00:20:02] Process Exited: Process Name - winlogon.exe Process ID - 13872 [12-07-2023 00:20:04] New process found: Process Name - smss.exe Process ID - 14292 Process Identity - SYSTEM [12-07-2023 00:20:04] New process found: Process Name - csrss.exe Process ID - 11116 Process Identity - SYSTEM [12-07-2023 00:20:05] New process found: Process Name - winlogon.exe Process ID - 8560 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:20:05] Process Exited: Process Name - smss.exe Process ID - 14292 [12-07-2023 00:20:06] New process found: Process Name - LogonUI.exe Process ID - 7460 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:20:06] New process found: Process Name - dwm.exe Process ID - 9124 Process Identity - Window Manager\DWM-4 [12-07-2023 00:20:18] Process Exited: Process Name - LogonUI.exe Process ID - 7460 [12-07-2023 00:20:18] Process Exited: Process Name - winlogon.exe Process ID - 8560 [12-07-2023 00:20:18] Process Exited: Process Name - dwm.exe Process ID - 9124 [12-07-2023 00:20:18] Process Exited: Process Name - csrss.exe Process ID - 11116 [12-07-2023 00:20:21] New process found: Process Name - smss.exe Process ID - 12604 Process Identity - SYSTEM [12-07-2023 00:20:21] New process found: Process Name - csrss.exe Process ID - 3500 Process Identity - SYSTEM [12-07-2023 00:20:22] New process found: Process Name - winlogon.exe Process ID - 9552 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:20:22] Process Exited: Process Name - smss.exe Process ID - 12604 [12-07-2023 00:20:23] New process found: Process Name - LogonUI.exe Process ID - 2788 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:20:23] New process found: Process Name - dwm.exe Process ID - 2908 Process Identity - Window Manager\DWM-4 [12-07-2023 00:20:24] Process Exited: Process Name - WmiPrvSE.exe Process ID - 11684 [12-07-2023 00:20:24] Process Exited: Process Name - WmiPrvSE.exe Process ID - 12332 [12-07-2023 00:20:34] Process Exited: Process Name - LogonUI.exe Process ID - 2788 [12-07-2023 00:20:34] Process Exited: Process Name - dwm.exe Process ID - 2908 [12-07-2023 00:20:34] Process Exited: Process Name - csrss.exe Process ID - 3500 [12-07-2023 00:20:34] Process Exited: Process Name - winlogon.exe Process ID - 9552 [12-07-2023 00:20:36] New process found: Process Name - csrss.exe Process ID - 10564 Process Identity - SYSTEM [12-07-2023 00:20:36] New process found: Process Name - winlogon.exe Process ID - 15156 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:20:38] New process found: Process Name - LogonUI.exe Process ID - 16208 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:20:38] New process found: Process Name - dwm.exe Process ID - 12608 Process Identity - Window Manager\DWM-4 [12-07-2023 00:20:49] Process Exited: Process Name - csrss.exe Process ID - 10564 [12-07-2023 00:20:49] Process Exited: Process Name - dwm.exe Process ID - 12608 [12-07-2023 00:20:49] Process Exited: Process Name - winlogon.exe Process ID - 15156 [12-07-2023 00:20:49] Process Exited: Process Name - LogonUI.exe Process ID - 16208 [12-07-2023 00:20:52] New process found: Process Name - csrss.exe Process ID - 10436 Process Identity - SYSTEM [12-07-2023 00:20:52] New process found: Process Name - winlogon.exe Process ID - 13868 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:20:54] New process found: Process Name - LogonUI.exe Process ID - 15496 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:20:54] New process found: Process Name - dwm.exe Process ID - 11944 Process Identity - Window Manager\DWM-4 [12-07-2023 00:21:04] Process Exited: Process Name - csrss.exe Process ID - 10436 [12-07-2023 00:21:04] Process Exited: Process Name - dwm.exe Process ID - 11944 [12-07-2023 00:21:04] Process Exited: Process Name - winlogon.exe Process ID - 13868 [12-07-2023 00:21:04] Process Exited: Process Name - LogonUI.exe Process ID - 15496 [12-07-2023 00:21:06] New process found: Process Name - csrss.exe Process ID - 7140 Process Identity - SYSTEM [12-07-2023 00:21:06] New process found: Process Name - winlogon.exe Process ID - 9184 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:21:07] New process found: Process Name - LogonUI.exe Process ID - 14272 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:21:07] New process found: Process Name - dwm.exe Process ID - 4208 Process Identity - Window Manager\DWM-4 [12-07-2023 00:21:21] Process Exited: Process Name - dwm.exe Process ID - 4208 [12-07-2023 00:21:21] Process Exited: Process Name - csrss.exe Process ID - 7140 [12-07-2023 00:21:21] Process Exited: Process Name - winlogon.exe Process ID - 9184 [12-07-2023 00:21:21] Process Exited: Process Name - LogonUI.exe Process ID - 14272 [12-07-2023 00:21:24] New process found: Process Name - csrss.exe Process ID - 1740 Process Identity - SYSTEM [12-07-2023 00:21:24] New process found: Process Name - winlogon.exe Process ID - 15224 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:21:26] New process found: Process Name - LogonUI.exe Process ID - 10780 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:21:26] New process found: Process Name - dwm.exe Process ID - 14544 Process Identity - Window Manager\DWM-4 [12-07-2023 00:21:36] Process Exited: Process Name - csrss.exe Process ID - 1740 [12-07-2023 00:21:36] Process Exited: Process Name - LogonUI.exe Process ID - 10780 [12-07-2023 00:21:36] Process Exited: Process Name - dwm.exe Process ID - 14544 [12-07-2023 00:21:36] Process Exited: Process Name - winlogon.exe Process ID - 15224 [12-07-2023 00:21:38] New process found: Process Name - csrss.exe Process ID - 14932 Process Identity - SYSTEM [12-07-2023 00:21:38] New process found: Process Name - winlogon.exe Process ID - 8376 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:21:39] New process found: Process Name - LogonUI.exe Process ID - 15168 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:21:39] New process found: Process Name - dwm.exe Process ID - 14992 Process Identity - Window Manager\DWM-4 [12-07-2023 00:21:51] Process Exited: Process Name - winlogon.exe Process ID - 8376 [12-07-2023 00:21:51] Process Exited: Process Name - csrss.exe Process ID - 14932 [12-07-2023 00:21:51] Process Exited: Process Name - dwm.exe Process ID - 14992 [12-07-2023 00:21:51] Process Exited: Process Name - LogonUI.exe Process ID - 15168 [12-07-2023 00:21:53] New process found: Process Name - w3wp.exe Process ID - 8796 Process Identity - KSHITIJSINGHAL-\IWPD_6(cies) Web application pool name - cies.org.in(domain)(4.0)(pool) [12-07-2023 00:21:53] New process found: Process Name - smss.exe Process ID - 9236 Process Identity - SYSTEM [12-07-2023 00:21:53] New process found: Process Name - csrss.exe Process ID - 9808 Process Identity - SYSTEM [12-07-2023 00:21:54] New process found: Process Name - winlogon.exe Process ID - 14628 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:21:54] Process Exited: Process Name - smss.exe Process ID - 9236 [12-07-2023 00:21:55] New process found: Process Name - LogonUI.exe Process ID - 9696 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:21:55] New process found: Process Name - dwm.exe Process ID - 15400 Process Identity - Window Manager\DWM-4 [12-07-2023 00:22:06] Process Exited: Process Name - LogonUI.exe Process ID - 9696 [12-07-2023 00:22:06] Process Exited: Process Name - csrss.exe Process ID - 9808 [12-07-2023 00:22:06] Process Exited: Process Name - winlogon.exe Process ID - 14628 [12-07-2023 00:22:06] Process Exited: Process Name - dwm.exe Process ID - 15400 [12-07-2023 00:22:08] New process found: Process Name - csrss.exe Process ID - 8564 Process Identity - SYSTEM [12-07-2023 00:22:08] New process found: Process Name - winlogon.exe Process ID - 7568 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:22:09] New process found: Process Name - w3wp.exe Process ID - 13116 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 00:22:09] Process Exited: Process Name - w3wp.exe Process ID - 10452 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 00:22:10] New process found: Process Name - LogonUI.exe Process ID - 13668 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:22:10] New process found: Process Name - dwm.exe Process ID - 11548 Process Identity - Window Manager\DWM-4 [12-07-2023 00:22:21] Process Exited: Process Name - winlogon.exe Process ID - 7568 [12-07-2023 00:22:21] Process Exited: Process Name - csrss.exe Process ID - 8564 [12-07-2023 00:22:21] Process Exited: Process Name - dwm.exe Process ID - 11548 [12-07-2023 00:22:21] Process Exited: Process Name - LogonUI.exe Process ID - 13668 [12-07-2023 00:22:25] New process found: Process Name - csrss.exe Process ID - 7160 Process Identity - SYSTEM [12-07-2023 00:22:25] New process found: Process Name - winlogon.exe Process ID - 14448 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:22:29] New process found: Process Name - LogonUI.exe Process ID - 8512 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:22:29] New process found: Process Name - dwm.exe Process ID - 6380 Process Identity - Window Manager\DWM-4 [12-07-2023 00:22:37] Process Exited: Process Name - dwm.exe Process ID - 6380 [12-07-2023 00:22:37] Process Exited: Process Name - LogonUI.exe Process ID - 8512 [12-07-2023 00:22:37] Process Exited: Process Name - winlogon.exe Process ID - 14448 [12-07-2023 00:22:38] Process Exited: Process Name - csrss.exe Process ID - 7160 [12-07-2023 00:22:43] New process found: Process Name - csrss.exe Process ID - 10592 Process Identity - SYSTEM [12-07-2023 00:22:43] New process found: Process Name - winlogon.exe Process ID - 14180 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:22:44] New process found: Process Name - LogonUI.exe Process ID - 13804 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:22:44] New process found: Process Name - dwm.exe Process ID - 10376 Process Identity - Window Manager\DWM-4 [12-07-2023 00:22:53] Process Exited: Process Name - dwm.exe Process ID - 10376 [12-07-2023 00:22:53] Process Exited: Process Name - csrss.exe Process ID - 10592 [12-07-2023 00:22:53] Process Exited: Process Name - LogonUI.exe Process ID - 13804 [12-07-2023 00:22:53] Process Exited: Process Name - winlogon.exe Process ID - 14180 [12-07-2023 00:22:57] New process found: Process Name - csrss.exe Process ID - 6800 Process Identity - SYSTEM [12-07-2023 00:22:57] New process found: Process Name - winlogon.exe Process ID - 13992 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:22:59] New process found: Process Name - LogonUI.exe Process ID - 6312 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:22:59] New process found: Process Name - dwm.exe Process ID - 15240 Process Identity - Window Manager\DWM-4 [12-07-2023 00:23:09] Process Exited: Process Name - LogonUI.exe Process ID - 6312 [12-07-2023 00:23:09] Process Exited: Process Name - csrss.exe Process ID - 6800 [12-07-2023 00:23:09] Process Exited: Process Name - winlogon.exe Process ID - 13992 [12-07-2023 00:23:09] Process Exited: Process Name - dwm.exe Process ID - 15240 [12-07-2023 00:23:13] New process found: Process Name - csrss.exe Process ID - 5588 Process Identity - SYSTEM [12-07-2023 00:23:13] New process found: Process Name - winlogon.exe Process ID - 12172 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:23:15] New process found: Process Name - LogonUI.exe Process ID - 9196 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:23:15] New process found: Process Name - dwm.exe Process ID - 13036 Process Identity - Window Manager\DWM-4 [12-07-2023 00:23:24] Process Exited: Process Name - csrss.exe Process ID - 5588 [12-07-2023 00:23:24] Process Exited: Process Name - LogonUI.exe Process ID - 9196 [12-07-2023 00:23:24] Process Exited: Process Name - winlogon.exe Process ID - 12172 [12-07-2023 00:23:24] Process Exited: Process Name - dwm.exe Process ID - 13036 [12-07-2023 00:23:26] New process found: Process Name - csrss.exe Process ID - 5516 Process Identity - SYSTEM [12-07-2023 00:23:26] New process found: Process Name - winlogon.exe Process ID - 14540 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:23:27] New process found: Process Name - LogonUI.exe Process ID - 14404 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:23:27] New process found: Process Name - dwm.exe Process ID - 11008 Process Identity - Window Manager\DWM-4 [12-07-2023 00:23:39] Process Exited: Process Name - csrss.exe Process ID - 5516 [12-07-2023 00:23:39] Process Exited: Process Name - dwm.exe Process ID - 11008 [12-07-2023 00:23:39] Process Exited: Process Name - LogonUI.exe Process ID - 14404 [12-07-2023 00:23:39] Process Exited: Process Name - winlogon.exe Process ID - 14540 [12-07-2023 00:23:42] New process found: Process Name - csrss.exe Process ID - 13620 Process Identity - SYSTEM [12-07-2023 00:23:42] New process found: Process Name - winlogon.exe Process ID - 8372 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:23:42] New process found: Process Name - LogonUI.exe Process ID - 7660 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:23:42] New process found: Process Name - dwm.exe Process ID - 14972 Process Identity - Window Manager\DWM-4 [12-07-2023 00:23:55] Process Exited: Process Name - LogonUI.exe Process ID - 7660 [12-07-2023 00:23:55] Process Exited: Process Name - winlogon.exe Process ID - 8372 [12-07-2023 00:23:55] Process Exited: Process Name - csrss.exe Process ID - 13620 [12-07-2023 00:23:55] Process Exited: Process Name - dwm.exe Process ID - 14972 [12-07-2023 00:23:57] New process found: Process Name - csrss.exe Process ID - 10448 Process Identity - SYSTEM [12-07-2023 00:23:57] New process found: Process Name - winlogon.exe Process ID - 14284 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:23:58] New process found: Process Name - LogonUI.exe Process ID - 6152 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:23:58] New process found: Process Name - dwm.exe Process ID - 10980 Process Identity - Window Manager\DWM-4 [12-07-2023 00:24:10] Process Exited: Process Name - LogonUI.exe Process ID - 6152 [12-07-2023 00:24:10] Process Exited: Process Name - csrss.exe Process ID - 10448 [12-07-2023 00:24:10] Process Exited: Process Name - dwm.exe Process ID - 10980 [12-07-2023 00:24:10] Process Exited: Process Name - winlogon.exe Process ID - 14284 [12-07-2023 00:24:14] New process found: Process Name - csrss.exe Process ID - 2932 Process Identity - SYSTEM [12-07-2023 00:24:14] New process found: Process Name - winlogon.exe Process ID - 7492 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:24:15] New process found: Process Name - LogonUI.exe Process ID - 2356 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:24:15] New process found: Process Name - dwm.exe Process ID - 10688 Process Identity - Window Manager\DWM-4 [12-07-2023 00:24:25] Process Exited: Process Name - LogonUI.exe Process ID - 2356 [12-07-2023 00:24:25] Process Exited: Process Name - csrss.exe Process ID - 2932 [12-07-2023 00:24:25] Process Exited: Process Name - winlogon.exe Process ID - 7492 [12-07-2023 00:24:25] Process Exited: Process Name - dwm.exe Process ID - 10688 [12-07-2023 00:24:27] New process found: Process Name - csrss.exe Process ID - 11844 Process Identity - SYSTEM [12-07-2023 00:24:27] New process found: Process Name - winlogon.exe Process ID - 7452 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:24:29] New process found: Process Name - LogonUI.exe Process ID - 11956 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:24:29] New process found: Process Name - dwm.exe Process ID - 11528 Process Identity - Window Manager\DWM-4 [12-07-2023 00:24:41] Process Exited: Process Name - winlogon.exe Process ID - 7452 [12-07-2023 00:24:41] Process Exited: Process Name - dwm.exe Process ID - 11528 [12-07-2023 00:24:41] Process Exited: Process Name - csrss.exe Process ID - 11844 [12-07-2023 00:24:41] Process Exited: Process Name - LogonUI.exe Process ID - 11956 [12-07-2023 00:24:45] New process found: Process Name - csrss.exe Process ID - 9956 Process Identity - SYSTEM [12-07-2023 00:24:45] New process found: Process Name - winlogon.exe Process ID - 9600 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:24:45] Process Exited: Process Name - w3wp.exe Process ID - 2660 Web application pool name - galaxytools.in [12-07-2023 00:24:48] New process found: Process Name - LogonUI.exe Process ID - 11984 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:24:48] New process found: Process Name - dwm.exe Process ID - 10364 Process Identity - Window Manager\DWM-4 [12-07-2023 00:24:56] Process Exited: Process Name - winlogon.exe Process ID - 9600 [12-07-2023 00:24:56] Process Exited: Process Name - csrss.exe Process ID - 9956 [12-07-2023 00:24:56] Process Exited: Process Name - dwm.exe Process ID - 10364 [12-07-2023 00:24:56] Process Exited: Process Name - LogonUI.exe Process ID - 11984 [12-07-2023 00:25:05] New process found: Process Name - csrss.exe Process ID - 15196 Process Identity - SYSTEM [12-07-2023 00:25:05] New process found: Process Name - winlogon.exe Process ID - 14092 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:25:06] New process found: Process Name - LogonUI.exe Process ID - 6228 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:25:06] New process found: Process Name - dwm.exe Process ID - 10680 Process Identity - Window Manager\DWM-4 [12-07-2023 00:25:11] Process Exited: Process Name - LogonUI.exe Process ID - 6228 [12-07-2023 00:25:11] Process Exited: Process Name - dwm.exe Process ID - 10680 [12-07-2023 00:25:11] Process Exited: Process Name - winlogon.exe Process ID - 14092 [12-07-2023 00:25:11] Process Exited: Process Name - csrss.exe Process ID - 15196 [12-07-2023 00:25:14] New process found: Process Name - csrss.exe Process ID - 9348 Process Identity - SYSTEM [12-07-2023 00:25:14] New process found: Process Name - winlogon.exe Process ID - 12296 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:25:15] New process found: Process Name - LogonUI.exe Process ID - 13672 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:25:15] New process found: Process Name - dwm.exe Process ID - 8932 Process Identity - Window Manager\DWM-4 [12-07-2023 00:25:17] Process Exited: Process Name - conhost.exe Process ID - 8516 [12-07-2023 00:25:17] Process Exited: Process Name - w3wp.exe Process ID - 11700 Web application pool name - pharmacy.acwits.in(domain)(4.0)(pool) [12-07-2023 00:25:26] Process Exited: Process Name - dwm.exe Process ID - 8932 [12-07-2023 00:25:26] Process Exited: Process Name - csrss.exe Process ID - 9348 [12-07-2023 00:25:26] Process Exited: Process Name - winlogon.exe Process ID - 12296 [12-07-2023 00:25:26] Process Exited: Process Name - LogonUI.exe Process ID - 13672 [12-07-2023 00:25:28] New process found: Process Name - csrss.exe Process ID - 5480 Process Identity - SYSTEM [12-07-2023 00:25:28] New process found: Process Name - winlogon.exe Process ID - 7532 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:25:29] New process found: Process Name - LogonUI.exe Process ID - 9628 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:25:29] New process found: Process Name - dwm.exe Process ID - 7560 Process Identity - Window Manager\DWM-4 [12-07-2023 00:25:30] Process Exited: Process Name - w3wp.exe Process ID - 14288 Web application pool name - DefaultAppPool [12-07-2023 00:25:41] Process Exited: Process Name - csrss.exe Process ID - 5480 [12-07-2023 00:25:41] Process Exited: Process Name - winlogon.exe Process ID - 7532 [12-07-2023 00:25:41] Process Exited: Process Name - dwm.exe Process ID - 7560 [12-07-2023 00:25:41] Process Exited: Process Name - LogonUI.exe Process ID - 9628 [12-07-2023 00:25:45] New process found: Process Name - csrss.exe Process ID - 3332 Process Identity - SYSTEM [12-07-2023 00:25:45] New process found: Process Name - winlogon.exe Process ID - 15644 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:25:46] New process found: Process Name - LogonUI.exe Process ID - 2416 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:25:46] New process found: Process Name - dwm.exe Process ID - 8632 Process Identity - Window Manager\DWM-4 [12-07-2023 00:25:56] Process Exited: Process Name - LogonUI.exe Process ID - 2416 [12-07-2023 00:25:56] Process Exited: Process Name - csrss.exe Process ID - 3332 [12-07-2023 00:25:56] Process Exited: Process Name - dwm.exe Process ID - 8632 [12-07-2023 00:25:56] Process Exited: Process Name - winlogon.exe Process ID - 15644 [12-07-2023 00:25:58] New process found: Process Name - csrss.exe Process ID - 6988 Process Identity - SYSTEM [12-07-2023 00:25:58] New process found: Process Name - winlogon.exe Process ID - 11960 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:25:59] New process found: Process Name - LogonUI.exe Process ID - 11156 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:25:59] New process found: Process Name - dwm.exe Process ID - 9952 Process Identity - Window Manager\DWM-4 [12-07-2023 00:26:11] Process Exited: Process Name - csrss.exe Process ID - 6988 [12-07-2023 00:26:11] Process Exited: Process Name - dwm.exe Process ID - 9952 [12-07-2023 00:26:11] Process Exited: Process Name - LogonUI.exe Process ID - 11156 [12-07-2023 00:26:11] Process Exited: Process Name - winlogon.exe Process ID - 11960 [12-07-2023 00:26:15] New process found: Process Name - csrss.exe Process ID - 13044 Process Identity - SYSTEM [12-07-2023 00:26:15] New process found: Process Name - winlogon.exe Process ID - 9436 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:26:17] New process found: Process Name - LogonUI.exe Process ID - 6388 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:26:17] New process found: Process Name - dwm.exe Process ID - 14000 Process Identity - Window Manager\DWM-4 [12-07-2023 00:26:26] Process Exited: Process Name - LogonUI.exe Process ID - 6388 [12-07-2023 00:26:26] Process Exited: Process Name - winlogon.exe Process ID - 9436 [12-07-2023 00:26:26] Process Exited: Process Name - dwm.exe Process ID - 14000 [12-07-2023 00:26:27] Process Exited: Process Name - csrss.exe Process ID - 13044 [12-07-2023 00:26:29] New process found: Process Name - csrss.exe Process ID - 10864 Process Identity - SYSTEM [12-07-2023 00:26:29] New process found: Process Name - winlogon.exe Process ID - 2572 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:26:32] New process found: Process Name - LogonUI.exe Process ID - 4756 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:26:32] New process found: Process Name - dwm.exe Process ID - 9904 Process Identity - Window Manager\DWM-4 [12-07-2023 00:26:42] Process Exited: Process Name - winlogon.exe Process ID - 2572 [12-07-2023 00:26:42] Process Exited: Process Name - LogonUI.exe Process ID - 4756 [12-07-2023 00:26:42] Process Exited: Process Name - dwm.exe Process ID - 9904 [12-07-2023 00:26:42] Process Exited: Process Name - csrss.exe Process ID - 10864 [12-07-2023 00:26:48] New process found: Process Name - csrss.exe Process ID - 15780 Process Identity - SYSTEM [12-07-2023 00:26:48] New process found: Process Name - winlogon.exe Process ID - 13872 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:26:51] New process found: Process Name - LogonUI.exe Process ID - 6620 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:26:51] New process found: Process Name - dwm.exe Process ID - 9196 Process Identity - Window Manager\DWM-4 [12-07-2023 00:26:58] Process Exited: Process Name - LogonUI.exe Process ID - 6620 [12-07-2023 00:26:58] Process Exited: Process Name - dwm.exe Process ID - 9196 [12-07-2023 00:26:58] Process Exited: Process Name - winlogon.exe Process ID - 13872 [12-07-2023 00:26:59] Process Exited: Process Name - csrss.exe Process ID - 15780 [12-07-2023 00:27:04] New process found: Process Name - csrss.exe Process ID - 5088 Process Identity - SYSTEM [12-07-2023 00:27:04] New process found: Process Name - winlogon.exe Process ID - 15800 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:27:06] New process found: Process Name - LogonUI.exe Process ID - 16160 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:27:06] New process found: Process Name - dwm.exe Process ID - 9684 Process Identity - Window Manager\DWM-4 [12-07-2023 00:27:10] New process found: Process Name - w3wp.exe Process ID - 13632 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 00:27:10] Process Exited: Process Name - w3wp.exe Process ID - 13116 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 00:27:14] Process Exited: Process Name - csrss.exe Process ID - 5088 [12-07-2023 00:27:14] Process Exited: Process Name - dwm.exe Process ID - 9684 [12-07-2023 00:27:14] Process Exited: Process Name - winlogon.exe Process ID - 15800 [12-07-2023 00:27:14] Process Exited: Process Name - LogonUI.exe Process ID - 16160 [12-07-2023 00:27:16] New process found: Process Name - csrss.exe Process ID - 10296 Process Identity - SYSTEM [12-07-2023 00:27:16] New process found: Process Name - winlogon.exe Process ID - 13752 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:27:17] New process found: Process Name - LogonUI.exe Process ID - 13056 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:27:17] New process found: Process Name - dwm.exe Process ID - 8800 Process Identity - Window Manager\DWM-4 [12-07-2023 00:27:29] Process Exited: Process Name - dwm.exe Process ID - 8800 [12-07-2023 00:27:29] Process Exited: Process Name - csrss.exe Process ID - 10296 [12-07-2023 00:27:29] Process Exited: Process Name - LogonUI.exe Process ID - 13056 [12-07-2023 00:27:29] Process Exited: Process Name - winlogon.exe Process ID - 13752 [12-07-2023 00:27:34] New process found: Process Name - csrss.exe Process ID - 13224 Process Identity - SYSTEM [12-07-2023 00:27:34] New process found: Process Name - winlogon.exe Process ID - 16304 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:27:35] New process found: Process Name - LogonUI.exe Process ID - 11328 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:27:35] New process found: Process Name - dwm.exe Process ID - 16344 Process Identity - Window Manager\DWM-4 [12-07-2023 00:27:44] Process Exited: Process Name - LogonUI.exe Process ID - 11328 [12-07-2023 00:27:44] Process Exited: Process Name - csrss.exe Process ID - 13224 [12-07-2023 00:27:44] Process Exited: Process Name - winlogon.exe Process ID - 16304 [12-07-2023 00:27:44] Process Exited: Process Name - dwm.exe Process ID - 16344 [12-07-2023 00:27:47] New process found: Process Name - csrss.exe Process ID - 11064 Process Identity - SYSTEM [12-07-2023 00:27:47] New process found: Process Name - winlogon.exe Process ID - 2380 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:27:50] New process found: Process Name - LogonUI.exe Process ID - 15864 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:27:50] New process found: Process Name - dwm.exe Process ID - 12200 Process Identity - Window Manager\DWM-4 [12-07-2023 00:27:54] Process Exited: Process Name - w3wp.exe Process ID - 8796 Web application pool name - cies.org.in(domain)(4.0)(pool) [12-07-2023 00:27:59] Process Exited: Process Name - winlogon.exe Process ID - 2380 [12-07-2023 00:27:59] Process Exited: Process Name - csrss.exe Process ID - 11064 [12-07-2023 00:27:59] Process Exited: Process Name - dwm.exe Process ID - 12200 [12-07-2023 00:27:59] Process Exited: Process Name - LogonUI.exe Process ID - 15864 [12-07-2023 00:28:01] New process found: Process Name - w3wp.exe Process ID - 5640 Process Identity - KSHITIJSINGHAL-\IWPD_33(acwits) Web application pool name - procurementwebnew.acwits.in(domain)(4.0)(pool) [12-07-2023 00:28:01] New process found: Process Name - csrss.exe Process ID - 14788 Process Identity - SYSTEM [12-07-2023 00:28:01] New process found: Process Name - conhost.exe Process ID - 7116 Process Identity - KSHITIJSINGHAL-\IWPD_33(acwits) [12-07-2023 00:28:01] New process found: Process Name - winlogon.exe Process ID - 15028 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:28:05] New process found: Process Name - LogonUI.exe Process ID - 10732 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:28:05] New process found: Process Name - dwm.exe Process ID - 12728 Process Identity - Window Manager\DWM-4 [12-07-2023 00:28:14] Process Exited: Process Name - LogonUI.exe Process ID - 10732 [12-07-2023 00:28:14] Process Exited: Process Name - dwm.exe Process ID - 12728 [12-07-2023 00:28:14] Process Exited: Process Name - csrss.exe Process ID - 14788 [12-07-2023 00:28:14] Process Exited: Process Name - winlogon.exe Process ID - 15028 [12-07-2023 00:28:19] New process found: Process Name - smss.exe Process ID - 13140 Process Identity - SYSTEM [12-07-2023 00:28:19] New process found: Process Name - csrss.exe Process ID - 14124 Process Identity - SYSTEM [12-07-2023 00:28:20] New process found: Process Name - winlogon.exe Process ID - 9956 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:28:20] New process found: Process Name - LogonUI.exe Process ID - 2232 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:28:20] New process found: Process Name - dwm.exe Process ID - 4324 Process Identity - Window Manager\DWM-4 [12-07-2023 00:28:20] Process Exited: Process Name - smss.exe Process ID - 13140 [12-07-2023 00:28:29] Process Exited: Process Name - LogonUI.exe Process ID - 2232 [12-07-2023 00:28:29] Process Exited: Process Name - dwm.exe Process ID - 4324 [12-07-2023 00:28:29] Process Exited: Process Name - winlogon.exe Process ID - 9956 [12-07-2023 00:28:30] Process Exited: Process Name - csrss.exe Process ID - 14124 [12-07-2023 00:28:33] New process found: Process Name - csrss.exe Process ID - 8452 Process Identity - SYSTEM [12-07-2023 00:28:33] New process found: Process Name - winlogon.exe Process ID - 12112 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:28:34] New process found: Process Name - LogonUI.exe Process ID - 2804 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:28:34] New process found: Process Name - dwm.exe Process ID - 2808 Process Identity - Window Manager\DWM-4 [12-07-2023 00:28:44] Process Exited: Process Name - LogonUI.exe Process ID - 2804 [12-07-2023 00:28:45] Process Exited: Process Name - dwm.exe Process ID - 2808 [12-07-2023 00:28:45] Process Exited: Process Name - csrss.exe Process ID - 8452 [12-07-2023 00:28:45] Process Exited: Process Name - winlogon.exe Process ID - 12112 [12-07-2023 00:28:49] New process found: Process Name - csrss.exe Process ID - 15400 Process Identity - SYSTEM [12-07-2023 00:28:49] New process found: Process Name - winlogon.exe Process ID - 840 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:28:50] New process found: Process Name - LogonUI.exe Process ID - 10320 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:28:50] New process found: Process Name - dwm.exe Process ID - 13428 Process Identity - Window Manager\DWM-4 [12-07-2023 00:28:55] New process found: Process Name - WmiPrvSE.exe Process ID - 13472 Process Identity - NT AUTHORITY\LOCAL SERVICE [12-07-2023 00:29:01] Process Exited: Process Name - winlogon.exe Process ID - 840 [12-07-2023 00:29:01] Process Exited: Process Name - LogonUI.exe Process ID - 10320 [12-07-2023 00:29:01] Process Exited: Process Name - dwm.exe Process ID - 13428 [12-07-2023 00:29:01] Process Exited: Process Name - csrss.exe Process ID - 15400 [12-07-2023 00:29:02] New process found: Process Name - WmiPrvSE.exe Process ID - 7404 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:29:04] New process found: Process Name - csrss.exe Process ID - 9056 Process Identity - SYSTEM [12-07-2023 00:29:04] New process found: Process Name - winlogon.exe Process ID - 2552 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:29:04] New process found: Process Name - LogonUI.exe Process ID - 12228 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:29:04] New process found: Process Name - dwm.exe Process ID - 16072 Process Identity - Window Manager\DWM-4 [12-07-2023 00:29:17] Process Exited: Process Name - winlogon.exe Process ID - 2552 [12-07-2023 00:29:17] Process Exited: Process Name - csrss.exe Process ID - 9056 [12-07-2023 00:29:17] Process Exited: Process Name - LogonUI.exe Process ID - 12228 [12-07-2023 00:29:17] Process Exited: Process Name - dwm.exe Process ID - 16072 [12-07-2023 00:29:20] New process found: Process Name - csrss.exe Process ID - 6556 Process Identity - SYSTEM [12-07-2023 00:29:20] New process found: Process Name - winlogon.exe Process ID - 2416 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:29:21] New process found: Process Name - LogonUI.exe Process ID - 8564 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:29:21] New process found: Process Name - dwm.exe Process ID - 16184 Process Identity - Window Manager\DWM-4 [12-07-2023 00:29:32] Process Exited: Process Name - winlogon.exe Process ID - 2416 [12-07-2023 00:29:32] Process Exited: Process Name - csrss.exe Process ID - 6556 [12-07-2023 00:29:32] Process Exited: Process Name - LogonUI.exe Process ID - 8564 [12-07-2023 00:29:32] Process Exited: Process Name - dwm.exe Process ID - 16184 [12-07-2023 00:29:39] New process found: Process Name - csrss.exe Process ID - 11708 Process Identity - SYSTEM [12-07-2023 00:29:39] New process found: Process Name - winlogon.exe Process ID - 15860 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:29:41] New process found: Process Name - LogonUI.exe Process ID - 1928 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:29:41] New process found: Process Name - dwm.exe Process ID - 5344 Process Identity - Window Manager\DWM-4 [12-07-2023 00:29:48] Process Exited: Process Name - LogonUI.exe Process ID - 1928 [12-07-2023 00:29:48] Process Exited: Process Name - dwm.exe Process ID - 5344 [12-07-2023 00:29:48] Process Exited: Process Name - csrss.exe Process ID - 11708 [12-07-2023 00:29:48] Process Exited: Process Name - winlogon.exe Process ID - 15860 [12-07-2023 00:29:48] Service state changed: Service Name - WdiSystemHost Process ID - 0 Current State - SERVICE_STOPPED [12-07-2023 00:29:51] New process found: Process Name - csrss.exe Process ID - 10244 Process Identity - SYSTEM [12-07-2023 00:29:51] New process found: Process Name - winlogon.exe Process ID - 4972 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:29:52] New process found: Process Name - LogonUI.exe Process ID - 7936 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:29:52] New process found: Process Name - dwm.exe Process ID - 10100 Process Identity - Window Manager\DWM-4 [12-07-2023 00:30:03] Process Exited: Process Name - winlogon.exe Process ID - 4972 [12-07-2023 00:30:03] Process Exited: Process Name - LogonUI.exe Process ID - 7936 [12-07-2023 00:30:03] Process Exited: Process Name - dwm.exe Process ID - 10100 [12-07-2023 00:30:03] Process Exited: Process Name - csrss.exe Process ID - 10244 [12-07-2023 00:30:07] New process found: Process Name - csrss.exe Process ID - 14896 Process Identity - SYSTEM [12-07-2023 00:30:07] New process found: Process Name - winlogon.exe Process ID - 7320 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:30:09] New process found: Process Name - LogonUI.exe Process ID - 9212 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:30:09] New process found: Process Name - dwm.exe Process ID - 9936 Process Identity - Window Manager\DWM-4 [12-07-2023 00:30:18] Process Exited: Process Name - winlogon.exe Process ID - 7320 [12-07-2023 00:30:18] Process Exited: Process Name - LogonUI.exe Process ID - 9212 [12-07-2023 00:30:18] Process Exited: Process Name - dwm.exe Process ID - 9936 [12-07-2023 00:30:18] Process Exited: Process Name - csrss.exe Process ID - 14896 [12-07-2023 00:30:22] New process found: Process Name - csrss.exe Process ID - 13872 Process Identity - SYSTEM [12-07-2023 00:30:22] New process found: Process Name - winlogon.exe Process ID - 8780 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:30:23] New process found: Process Name - LogonUI.exe Process ID - 13800 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:30:23] New process found: Process Name - dwm.exe Process ID - 11964 Process Identity - Window Manager\DWM-4 [12-07-2023 00:30:24] Process Exited: Process Name - WmiPrvSE.exe Process ID - 7404 [12-07-2023 00:30:24] Process Exited: Process Name - WmiPrvSE.exe Process ID - 13472 [12-07-2023 00:30:33] Process Exited: Process Name - winlogon.exe Process ID - 8780 [12-07-2023 00:30:33] Process Exited: Process Name - dwm.exe Process ID - 11964 [12-07-2023 00:30:33] Process Exited: Process Name - LogonUI.exe Process ID - 13800 [12-07-2023 00:30:34] Process Exited: Process Name - csrss.exe Process ID - 13872 [12-07-2023 00:30:38] New process found: Process Name - csrss.exe Process ID - 15476 Process Identity - SYSTEM [12-07-2023 00:30:38] New process found: Process Name - winlogon.exe Process ID - 14548 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:30:40] New process found: Process Name - LogonUI.exe Process ID - 6764 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:30:40] New process found: Process Name - dwm.exe Process ID - 11372 Process Identity - Window Manager\DWM-4 [12-07-2023 00:30:44] Process Exited: Process Name - php-cgi.exe Process ID - 13512 [12-07-2023 00:30:44] Process Exited: Process Name - php-cgi.exe Process ID - 14152 [12-07-2023 00:30:46] Process Exited: Process Name - w3wp.exe Process ID - 6612 Web application pool name - PleskControlPanel [12-07-2023 00:30:48] Process Exited: Process Name - LogonUI.exe Process ID - 6764 [12-07-2023 00:30:48] Process Exited: Process Name - dwm.exe Process ID - 11372 [12-07-2023 00:30:48] Process Exited: Process Name - winlogon.exe Process ID - 14548 [12-07-2023 00:30:48] Process Exited: Process Name - csrss.exe Process ID - 15476 [12-07-2023 00:30:51] New process found: Process Name - csrss.exe Process ID - 12680 Process Identity - SYSTEM [12-07-2023 00:30:51] New process found: Process Name - winlogon.exe Process ID - 7664 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:30:52] New process found: Process Name - LogonUI.exe Process ID - 8680 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:30:52] New process found: Process Name - dwm.exe Process ID - 2168 Process Identity - Window Manager\DWM-4 [12-07-2023 00:30:58] New process found: Process Name - w3wp.exe Process ID - 524 Process Identity - KSHITIJSINGHAL-\IWPD_38(capitalbook) Web application pool name - capitalbooks-publishing.com(domain)(4.0)(pool) [12-07-2023 00:31:04] Process Exited: Process Name - dwm.exe Process ID - 2168 [12-07-2023 00:31:04] Process Exited: Process Name - winlogon.exe Process ID - 7664 [12-07-2023 00:31:04] Process Exited: Process Name - LogonUI.exe Process ID - 8680 [12-07-2023 00:31:04] Process Exited: Process Name - csrss.exe Process ID - 12680 [12-07-2023 00:31:06] New process found: Process Name - csrss.exe Process ID - 6760 Process Identity - SYSTEM [12-07-2023 00:31:06] New process found: Process Name - winlogon.exe Process ID - 15004 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:31:08] New process found: Process Name - LogonUI.exe Process ID - 2932 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:31:08] New process found: Process Name - dwm.exe Process ID - 9976 Process Identity - Window Manager\DWM-4 [12-07-2023 00:31:19] Process Exited: Process Name - LogonUI.exe Process ID - 2932 [12-07-2023 00:31:19] Process Exited: Process Name - csrss.exe Process ID - 6760 [12-07-2023 00:31:19] Process Exited: Process Name - dwm.exe Process ID - 9976 [12-07-2023 00:31:19] Process Exited: Process Name - winlogon.exe Process ID - 15004 [12-07-2023 00:31:22] New process found: Process Name - csrss.exe Process ID - 11808 Process Identity - SYSTEM [12-07-2023 00:31:22] New process found: Process Name - winlogon.exe Process ID - 13192 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:31:23] New process found: Process Name - LogonUI.exe Process ID - 8328 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:31:23] New process found: Process Name - dwm.exe Process ID - 2648 Process Identity - Window Manager\DWM-4 [12-07-2023 00:31:34] Process Exited: Process Name - dwm.exe Process ID - 2648 [12-07-2023 00:31:34] Process Exited: Process Name - LogonUI.exe Process ID - 8328 [12-07-2023 00:31:34] Process Exited: Process Name - csrss.exe Process ID - 11808 [12-07-2023 00:31:34] Process Exited: Process Name - winlogon.exe Process ID - 13192 [12-07-2023 00:31:38] New process found: Process Name - csrss.exe Process ID - 2724 Process Identity - SYSTEM [12-07-2023 00:31:38] New process found: Process Name - winlogon.exe Process ID - 15140 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:31:41] New process found: Process Name - LogonUI.exe Process ID - 2232 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:31:41] New process found: Process Name - dwm.exe Process ID - 11472 Process Identity - Window Manager\DWM-4 [12-07-2023 00:31:50] Process Exited: Process Name - LogonUI.exe Process ID - 2232 [12-07-2023 00:31:50] Process Exited: Process Name - csrss.exe Process ID - 2724 [12-07-2023 00:31:50] Process Exited: Process Name - dwm.exe Process ID - 11472 [12-07-2023 00:31:50] Process Exited: Process Name - winlogon.exe Process ID - 15140 [12-07-2023 00:31:52] New process found: Process Name - csrss.exe Process ID - 2780 Process Identity - SYSTEM [12-07-2023 00:31:52] New process found: Process Name - winlogon.exe Process ID - 12940 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:31:53] New process found: Process Name - LogonUI.exe Process ID - 12516 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:31:53] New process found: Process Name - dwm.exe Process ID - 2360 Process Identity - Window Manager\DWM-4 [12-07-2023 00:32:04] New process found: Process Name - w3wp.exe Process ID - 12800 Process Identity - KSHITIJSINGHAL-\IWPD_77(acwits) Web application pool name - kdb.acwits.in(domain)(4.0)(pool) [12-07-2023 00:32:04] New process found: Process Name - conhost.exe Process ID - 9808 Process Identity - KSHITIJSINGHAL-\IWPD_77(acwits) [12-07-2023 00:32:05] Process Exited: Process Name - dwm.exe Process ID - 2360 [12-07-2023 00:32:05] Process Exited: Process Name - LogonUI.exe Process ID - 12516 [12-07-2023 00:32:05] Process Exited: Process Name - winlogon.exe Process ID - 12940 [12-07-2023 00:32:06] Process Exited: Process Name - csrss.exe Process ID - 2780 [12-07-2023 00:32:11] New process found: Process Name - w3wp.exe Process ID - 1832 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 00:32:11] New process found: Process Name - csrss.exe Process ID - 10516 Process Identity - SYSTEM [12-07-2023 00:32:11] New process found: Process Name - winlogon.exe Process ID - 4136 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:32:11] Process Exited: Process Name - w3wp.exe Process ID - 13632 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 00:32:13] New process found: Process Name - LogonUI.exe Process ID - 13052 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:32:13] New process found: Process Name - dwm.exe Process ID - 15680 Process Identity - Window Manager\DWM-4 [12-07-2023 00:32:21] Process Exited: Process Name - winlogon.exe Process ID - 4136 [12-07-2023 00:32:21] Process Exited: Process Name - csrss.exe Process ID - 10516 [12-07-2023 00:32:21] Process Exited: Process Name - LogonUI.exe Process ID - 13052 [12-07-2023 00:32:21] Process Exited: Process Name - dwm.exe Process ID - 15680 [12-07-2023 00:32:25] New process found: Process Name - csrss.exe Process ID - 16264 Process Identity - SYSTEM [12-07-2023 00:32:25] New process found: Process Name - winlogon.exe Process ID - 10452 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:32:26] New process found: Process Name - LogonUI.exe Process ID - 16152 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:32:26] New process found: Process Name - dwm.exe Process ID - 7620 Process Identity - Window Manager\DWM-4 [12-07-2023 00:32:37] Process Exited: Process Name - dwm.exe Process ID - 7620 [12-07-2023 00:32:37] Process Exited: Process Name - winlogon.exe Process ID - 10452 [12-07-2023 00:32:37] Process Exited: Process Name - LogonUI.exe Process ID - 16152 [12-07-2023 00:32:37] Process Exited: Process Name - csrss.exe Process ID - 16264 [12-07-2023 00:32:40] New process found: Process Name - csrss.exe Process ID - 7572 Process Identity - SYSTEM [12-07-2023 00:32:40] New process found: Process Name - winlogon.exe Process ID - 14248 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:32:41] New process found: Process Name - LogonUI.exe Process ID - 14180 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:32:41] New process found: Process Name - dwm.exe Process ID - 6220 Process Identity - Window Manager\DWM-4 [12-07-2023 00:32:53] Process Exited: Process Name - dwm.exe Process ID - 6220 [12-07-2023 00:32:53] Process Exited: Process Name - csrss.exe Process ID - 7572 [12-07-2023 00:32:53] Process Exited: Process Name - LogonUI.exe Process ID - 14180 [12-07-2023 00:32:53] Process Exited: Process Name - winlogon.exe Process ID - 14248 [12-07-2023 00:32:55] New process found: Process Name - csrss.exe Process ID - 11708 Process Identity - SYSTEM [12-07-2023 00:32:55] New process found: Process Name - winlogon.exe Process ID - 14984 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:32:56] New process found: Process Name - LogonUI.exe Process ID - 12204 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:32:56] New process found: Process Name - dwm.exe Process ID - 14708 Process Identity - Window Manager\DWM-4 [12-07-2023 00:33:08] Process Exited: Process Name - csrss.exe Process ID - 11708 [12-07-2023 00:33:08] Process Exited: Process Name - LogonUI.exe Process ID - 12204 [12-07-2023 00:33:08] Process Exited: Process Name - dwm.exe Process ID - 14708 [12-07-2023 00:33:08] Process Exited: Process Name - winlogon.exe Process ID - 14984 [12-07-2023 00:33:11] New process found: Process Name - csrss.exe Process ID - 10244 Process Identity - SYSTEM [12-07-2023 00:33:11] New process found: Process Name - winlogon.exe Process ID - 7732 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:33:14] New process found: Process Name - LogonUI.exe Process ID - 9912 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:33:14] New process found: Process Name - dwm.exe Process ID - 5588 Process Identity - Window Manager\DWM-4 [12-07-2023 00:33:24] Process Exited: Process Name - dwm.exe Process ID - 5588 [12-07-2023 00:33:24] Process Exited: Process Name - winlogon.exe Process ID - 7732 [12-07-2023 00:33:24] Process Exited: Process Name - LogonUI.exe Process ID - 9912 [12-07-2023 00:33:24] Process Exited: Process Name - csrss.exe Process ID - 10244 [12-07-2023 00:33:26] New process found: Process Name - csrss.exe Process ID - 15968 Process Identity - SYSTEM [12-07-2023 00:33:26] New process found: Process Name - winlogon.exe Process ID - 11008 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:33:27] New process found: Process Name - LogonUI.exe Process ID - 13228 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:33:27] New process found: Process Name - dwm.exe Process ID - 9900 Process Identity - Window Manager\DWM-4 [12-07-2023 00:33:38] Process Exited: Process Name - dwm.exe Process ID - 9900 [12-07-2023 00:33:38] Process Exited: Process Name - winlogon.exe Process ID - 11008 [12-07-2023 00:33:38] Process Exited: Process Name - LogonUI.exe Process ID - 13228 [12-07-2023 00:33:39] Process Exited: Process Name - csrss.exe Process ID - 15968 [12-07-2023 00:33:41] New process found: Process Name - csrss.exe Process ID - 10636 Process Identity - SYSTEM [12-07-2023 00:33:41] New process found: Process Name - winlogon.exe Process ID - 412 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:33:42] New process found: Process Name - LogonUI.exe Process ID - 13252 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:33:42] New process found: Process Name - dwm.exe Process ID - 15564 Process Identity - Window Manager\DWM-4 [12-07-2023 00:33:45] New process found: Process Name - w3wp.exe Process ID - 12884 Process Identity - IIS APPPOOL\PleskControlPanel Web application pool name - PleskControlPanel [12-07-2023 00:33:45] New process found: Process Name - php-cgi.exe Process ID - 6708 Process Identity - IIS APPPOOL\PleskControlPanel [12-07-2023 00:33:54] Process Exited: Process Name - winlogon.exe Process ID - 412 [12-07-2023 00:33:54] Process Exited: Process Name - csrss.exe Process ID - 10636 [12-07-2023 00:33:54] Process Exited: Process Name - LogonUI.exe Process ID - 13252 [12-07-2023 00:33:54] Process Exited: Process Name - dwm.exe Process ID - 15564 [12-07-2023 00:33:56] New process found: Process Name - csrss.exe Process ID - 9864 Process Identity - SYSTEM [12-07-2023 00:33:56] New process found: Process Name - winlogon.exe Process ID - 11352 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:33:57] New process found: Process Name - LogonUI.exe Process ID - 7724 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:33:57] New process found: Process Name - dwm.exe Process ID - 10448 Process Identity - Window Manager\DWM-4 [12-07-2023 00:34:03] Process Exited: Process Name - conhost.exe Process ID - 7116 [12-07-2023 00:34:04] Process Exited: Process Name - w3wp.exe Process ID - 5640 Web application pool name - procurementwebnew.acwits.in(domain)(4.0)(pool) [12-07-2023 00:34:09] Process Exited: Process Name - LogonUI.exe Process ID - 7724 [12-07-2023 00:34:09] Process Exited: Process Name - csrss.exe Process ID - 9864 [12-07-2023 00:34:09] Process Exited: Process Name - dwm.exe Process ID - 10448 [12-07-2023 00:34:09] Process Exited: Process Name - winlogon.exe Process ID - 11352 [12-07-2023 00:34:13] New process found: Process Name - csrss.exe Process ID - 8568 Process Identity - SYSTEM [12-07-2023 00:34:13] New process found: Process Name - winlogon.exe Process ID - 12336 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:34:13] New process found: Process Name - LogonUI.exe Process ID - 2556 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:34:13] New process found: Process Name - dwm.exe Process ID - 9632 Process Identity - Window Manager\DWM-4 [12-07-2023 00:34:24] Process Exited: Process Name - LogonUI.exe Process ID - 2556 [12-07-2023 00:34:24] Process Exited: Process Name - dwm.exe Process ID - 9632 [12-07-2023 00:34:24] Process Exited: Process Name - winlogon.exe Process ID - 12336 [12-07-2023 00:34:25] Process Exited: Process Name - csrss.exe Process ID - 8568 [12-07-2023 00:34:27] New process found: Process Name - csrss.exe Process ID - 15104 Process Identity - SYSTEM [12-07-2023 00:34:27] New process found: Process Name - winlogon.exe Process ID - 8872 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:34:29] New process found: Process Name - LogonUI.exe Process ID - 14792 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:34:29] New process found: Process Name - dwm.exe Process ID - 11152 Process Identity - Window Manager\DWM-4 [12-07-2023 00:34:40] Process Exited: Process Name - winlogon.exe Process ID - 8872 [12-07-2023 00:34:40] Process Exited: Process Name - dwm.exe Process ID - 11152 [12-07-2023 00:34:40] Process Exited: Process Name - LogonUI.exe Process ID - 14792 [12-07-2023 00:34:40] Process Exited: Process Name - csrss.exe Process ID - 15104 [12-07-2023 00:34:44] New process found: Process Name - csrss.exe Process ID - 8856 Process Identity - SYSTEM [12-07-2023 00:34:44] New process found: Process Name - winlogon.exe Process ID - 9184 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:34:46] New process found: Process Name - LogonUI.exe Process ID - 12620 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:34:46] New process found: Process Name - dwm.exe Process ID - 8720 Process Identity - Window Manager\DWM-4 [12-07-2023 00:34:55] Process Exited: Process Name - dwm.exe Process ID - 8720 [12-07-2023 00:34:55] Process Exited: Process Name - csrss.exe Process ID - 8856 [12-07-2023 00:34:55] Process Exited: Process Name - winlogon.exe Process ID - 9184 [12-07-2023 00:34:55] Process Exited: Process Name - LogonUI.exe Process ID - 12620 [12-07-2023 00:34:58] New process found: Process Name - csrss.exe Process ID - 8340 Process Identity - SYSTEM [12-07-2023 00:34:58] New process found: Process Name - winlogon.exe Process ID - 10644 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:34:59] New process found: Process Name - LogonUI.exe Process ID - 11212 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:34:59] New process found: Process Name - dwm.exe Process ID - 8552 Process Identity - Window Manager\DWM-4 [12-07-2023 00:35:11] Process Exited: Process Name - csrss.exe Process ID - 8340 [12-07-2023 00:35:11] Process Exited: Process Name - dwm.exe Process ID - 8552 [12-07-2023 00:35:11] Process Exited: Process Name - winlogon.exe Process ID - 10644 [12-07-2023 00:35:11] Process Exited: Process Name - LogonUI.exe Process ID - 11212 [12-07-2023 00:35:14] New process found: Process Name - csrss.exe Process ID - 15088 Process Identity - SYSTEM [12-07-2023 00:35:14] New process found: Process Name - winlogon.exe Process ID - 2944 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:35:16] New process found: Process Name - LogonUI.exe Process ID - 11700 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:35:16] New process found: Process Name - dwm.exe Process ID - 15224 Process Identity - Window Manager\DWM-4 [12-07-2023 00:35:26] Process Exited: Process Name - winlogon.exe Process ID - 2944 [12-07-2023 00:35:26] Process Exited: Process Name - LogonUI.exe Process ID - 11700 [12-07-2023 00:35:26] Process Exited: Process Name - csrss.exe Process ID - 15088 [12-07-2023 00:35:26] Process Exited: Process Name - dwm.exe Process ID - 15224 [12-07-2023 00:35:29] New process found: Process Name - csrss.exe Process ID - 11580 Process Identity - SYSTEM [12-07-2023 00:35:29] New process found: Process Name - winlogon.exe Process ID - 7552 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:35:32] New process found: Process Name - LogonUI.exe Process ID - 14112 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:35:32] New process found: Process Name - dwm.exe Process ID - 7456 Process Identity - Window Manager\DWM-4 [12-07-2023 00:35:37] Process Exited: Process Name - w3wp.exe Process ID - 12956 Web application pool name - kdbps.edu.in [12-07-2023 00:35:37] Process Exited: Process Name - conhost.exe Process ID - 13976 [12-07-2023 00:35:41] Process Exited: Process Name - dwm.exe Process ID - 7456 [12-07-2023 00:35:41] Process Exited: Process Name - winlogon.exe Process ID - 7552 [12-07-2023 00:35:41] Process Exited: Process Name - csrss.exe Process ID - 11580 [12-07-2023 00:35:41] Process Exited: Process Name - LogonUI.exe Process ID - 14112 [12-07-2023 00:35:45] New process found: Process Name - csrss.exe Process ID - 15732 Process Identity - SYSTEM [12-07-2023 00:35:45] New process found: Process Name - winlogon.exe Process ID - 12712 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:35:48] New process found: Process Name - LogonUI.exe Process ID - 7956 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:35:48] New process found: Process Name - dwm.exe Process ID - 9736 Process Identity - Window Manager\DWM-4 [12-07-2023 00:35:57] Process Exited: Process Name - LogonUI.exe Process ID - 7956 [12-07-2023 00:35:57] Process Exited: Process Name - dwm.exe Process ID - 9736 [12-07-2023 00:35:57] Process Exited: Process Name - winlogon.exe Process ID - 12712 [12-07-2023 00:35:57] Process Exited: Process Name - csrss.exe Process ID - 15732 [12-07-2023 00:36:00] New process found: Process Name - csrss.exe Process ID - 11332 Process Identity - SYSTEM [12-07-2023 00:36:00] New process found: Process Name - winlogon.exe Process ID - 10796 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:36:02] New process found: Process Name - LogonUI.exe Process ID - 8980 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:36:03] New process found: Process Name - dwm.exe Process ID - 15368 Process Identity - Window Manager\DWM-4 [12-07-2023 00:36:13] Process Exited: Process Name - LogonUI.exe Process ID - 8980 [12-07-2023 00:36:13] Process Exited: Process Name - winlogon.exe Process ID - 10796 [12-07-2023 00:36:13] Process Exited: Process Name - csrss.exe Process ID - 11332 [12-07-2023 00:36:13] Process Exited: Process Name - dwm.exe Process ID - 15368 [12-07-2023 00:36:16] New process found: Process Name - csrss.exe Process ID - 6388 Process Identity - SYSTEM [12-07-2023 00:36:16] New process found: Process Name - winlogon.exe Process ID - 9860 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:36:17] New process found: Process Name - LogonUI.exe Process ID - 188 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:36:17] New process found: Process Name - dwm.exe Process ID - 1632 Process Identity - Window Manager\DWM-4 [12-07-2023 00:36:27] New process found: Process Name - w3wp.exe Process ID - 2896 Process Identity - IIS APPPOOL\galaxytools.in Web application pool name - galaxytools.in [12-07-2023 00:36:29] Process Exited: Process Name - LogonUI.exe Process ID - 188 [12-07-2023 00:36:29] Process Exited: Process Name - dwm.exe Process ID - 1632 [12-07-2023 00:36:29] Process Exited: Process Name - csrss.exe Process ID - 6388 [12-07-2023 00:36:29] Process Exited: Process Name - winlogon.exe Process ID - 9860 [12-07-2023 00:36:31] New process found: Process Name - csrss.exe Process ID - 4972 Process Identity - SYSTEM [12-07-2023 00:36:31] New process found: Process Name - winlogon.exe Process ID - 9212 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:36:31] New process found: Process Name - LogonUI.exe Process ID - 15256 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:36:31] New process found: Process Name - dwm.exe Process ID - 10376 Process Identity - Window Manager\DWM-4 [12-07-2023 00:36:44] Process Exited: Process Name - csrss.exe Process ID - 4972 [12-07-2023 00:36:44] Process Exited: Process Name - winlogon.exe Process ID - 9212 [12-07-2023 00:36:44] Process Exited: Process Name - dwm.exe Process ID - 10376 [12-07-2023 00:36:44] Process Exited: Process Name - LogonUI.exe Process ID - 15256 [12-07-2023 00:36:46] New process found: Process Name - csrss.exe Process ID - 2952 Process Identity - SYSTEM [12-07-2023 00:36:46] New process found: Process Name - winlogon.exe Process ID - 5648 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:36:47] New process found: Process Name - LogonUI.exe Process ID - 14404 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:36:47] New process found: Process Name - dwm.exe Process ID - 8860 Process Identity - Window Manager\DWM-4 [12-07-2023 00:36:59] Process Exited: Process Name - csrss.exe Process ID - 2952 [12-07-2023 00:36:59] Process Exited: Process Name - winlogon.exe Process ID - 5648 [12-07-2023 00:36:59] Process Exited: Process Name - dwm.exe Process ID - 8860 [12-07-2023 00:36:59] Process Exited: Process Name - LogonUI.exe Process ID - 14404 [12-07-2023 00:37:01] New process found: Process Name - csrss.exe Process ID - 15336 Process Identity - SYSTEM [12-07-2023 00:37:01] New process found: Process Name - winlogon.exe Process ID - 13720 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:37:01] Process Exited: Process Name - w3wp.exe Process ID - 524 Web application pool name - capitalbooks-publishing.com(domain)(4.0)(pool) [12-07-2023 00:37:04] New process found: Process Name - LogonUI.exe Process ID - 6632 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:37:04] New process found: Process Name - dwm.exe Process ID - 15656 Process Identity - Window Manager\DWM-4 [12-07-2023 00:37:13] New process found: Process Name - w3wp.exe Process ID - 16140 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 00:37:13] Process Exited: Process Name - w3wp.exe Process ID - 1832 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 00:37:14] Process Exited: Process Name - LogonUI.exe Process ID - 6632 [12-07-2023 00:37:14] Process Exited: Process Name - winlogon.exe Process ID - 13720 [12-07-2023 00:37:14] Process Exited: Process Name - csrss.exe Process ID - 15336 [12-07-2023 00:37:14] Process Exited: Process Name - dwm.exe Process ID - 15656 [12-07-2023 00:37:21] New process found: Process Name - csrss.exe Process ID - 7368 Process Identity - SYSTEM [12-07-2023 00:37:21] New process found: Process Name - winlogon.exe Process ID - 7360 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:37:25] New process found: Process Name - LogonUI.exe Process ID - 15776 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:37:25] New process found: Process Name - dwm.exe Process ID - 7012 Process Identity - Window Manager\DWM-4 [12-07-2023 00:37:30] Process Exited: Process Name - dwm.exe Process ID - 7012 [12-07-2023 00:37:30] Process Exited: Process Name - winlogon.exe Process ID - 7360 [12-07-2023 00:37:30] Process Exited: Process Name - csrss.exe Process ID - 7368 [12-07-2023 00:37:30] Process Exited: Process Name - LogonUI.exe Process ID - 15776 [12-07-2023 00:37:33] New process found: Process Name - smss.exe Process ID - 14368 Process Identity - SYSTEM [12-07-2023 00:37:33] New process found: Process Name - csrss.exe Process ID - 12504 Process Identity - SYSTEM [12-07-2023 00:37:34] New process found: Process Name - winlogon.exe Process ID - 15584 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:37:34] Process Exited: Process Name - smss.exe Process ID - 14368 [12-07-2023 00:37:35] New process found: Process Name - LogonUI.exe Process ID - 10444 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:37:35] New process found: Process Name - dwm.exe Process ID - 3376 Process Identity - Window Manager\DWM-4 [12-07-2023 00:37:45] Process Exited: Process Name - dwm.exe Process ID - 3376 [12-07-2023 00:37:45] Process Exited: Process Name - LogonUI.exe Process ID - 10444 [12-07-2023 00:37:45] Process Exited: Process Name - csrss.exe Process ID - 12504 [12-07-2023 00:37:45] Process Exited: Process Name - winlogon.exe Process ID - 15584 [12-07-2023 00:37:48] New process found: Process Name - csrss.exe Process ID - 5084 Process Identity - SYSTEM [12-07-2023 00:37:48] New process found: Process Name - winlogon.exe Process ID - 13360 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:37:49] New process found: Process Name - LogonUI.exe Process ID - 10344 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:37:49] New process found: Process Name - dwm.exe Process ID - 368 Process Identity - Window Manager\DWM-4 [12-07-2023 00:38:00] Process Exited: Process Name - dwm.exe Process ID - 368 [12-07-2023 00:38:00] Process Exited: Process Name - csrss.exe Process ID - 5084 [12-07-2023 00:38:00] Process Exited: Process Name - LogonUI.exe Process ID - 10344 [12-07-2023 00:38:00] Process Exited: Process Name - winlogon.exe Process ID - 13360 [12-07-2023 00:38:05] New process found: Process Name - csrss.exe Process ID - 10044 Process Identity - SYSTEM [12-07-2023 00:38:05] New process found: Process Name - winlogon.exe Process ID - 11780 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:38:07] Process Exited: Process Name - conhost.exe Process ID - 9808 [12-07-2023 00:38:07] Process Exited: Process Name - w3wp.exe Process ID - 12800 Web application pool name - kdb.acwits.in(domain)(4.0)(pool) [12-07-2023 00:38:08] New process found: Process Name - LogonUI.exe Process ID - 8656 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:38:08] New process found: Process Name - dwm.exe Process ID - 1760 Process Identity - Window Manager\DWM-4 [12-07-2023 00:38:16] Process Exited: Process Name - dwm.exe Process ID - 1760 [12-07-2023 00:38:16] Process Exited: Process Name - LogonUI.exe Process ID - 8656 [12-07-2023 00:38:16] Process Exited: Process Name - csrss.exe Process ID - 10044 [12-07-2023 00:38:16] Process Exited: Process Name - winlogon.exe Process ID - 11780 [12-07-2023 00:38:18] New process found: Process Name - csrss.exe Process ID - 9276 Process Identity - SYSTEM [12-07-2023 00:38:18] New process found: Process Name - winlogon.exe Process ID - 16128 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:38:19] New process found: Process Name - LogonUI.exe Process ID - 11372 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:38:19] New process found: Process Name - dwm.exe Process ID - 15204 Process Identity - Window Manager\DWM-4 [12-07-2023 00:38:31] Process Exited: Process Name - csrss.exe Process ID - 9276 [12-07-2023 00:38:31] Process Exited: Process Name - LogonUI.exe Process ID - 11372 [12-07-2023 00:38:31] Process Exited: Process Name - dwm.exe Process ID - 15204 [12-07-2023 00:38:31] Process Exited: Process Name - winlogon.exe Process ID - 16128 [12-07-2023 00:38:33] New process found: Process Name - csrss.exe Process ID - 15920 Process Identity - SYSTEM [12-07-2023 00:38:33] New process found: Process Name - winlogon.exe Process ID - 3468 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:38:34] New process found: Process Name - LogonUI.exe Process ID - 13192 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:38:34] New process found: Process Name - dwm.exe Process ID - 9732 Process Identity - Window Manager\DWM-4 [12-07-2023 00:38:46] Process Exited: Process Name - winlogon.exe Process ID - 3468 [12-07-2023 00:38:46] Process Exited: Process Name - dwm.exe Process ID - 9732 [12-07-2023 00:38:46] Process Exited: Process Name - LogonUI.exe Process ID - 13192 [12-07-2023 00:38:47] Process Exited: Process Name - csrss.exe Process ID - 15920 [12-07-2023 00:38:52] New process found: Process Name - csrss.exe Process ID - 9692 Process Identity - SYSTEM [12-07-2023 00:38:52] New process found: Process Name - winlogon.exe Process ID - 13676 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:38:53] New process found: Process Name - LogonUI.exe Process ID - 7728 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:38:53] New process found: Process Name - dwm.exe Process ID - 15480 Process Identity - Window Manager\DWM-4 [12-07-2023 00:38:54] New process found: Process Name - WmiPrvSE.exe Process ID - 15032 Process Identity - NT AUTHORITY\LOCAL SERVICE [12-07-2023 00:39:01] New process found: Process Name - WmiPrvSE.exe Process ID - 14640 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:39:02] Process Exited: Process Name - LogonUI.exe Process ID - 7728 [12-07-2023 00:39:02] Process Exited: Process Name - csrss.exe Process ID - 9692 [12-07-2023 00:39:02] Process Exited: Process Name - winlogon.exe Process ID - 13676 [12-07-2023 00:39:02] Process Exited: Process Name - dwm.exe Process ID - 15480 [12-07-2023 00:39:04] New process found: Process Name - csrss.exe Process ID - 12524 Process Identity - SYSTEM [12-07-2023 00:39:04] New process found: Process Name - winlogon.exe Process ID - 10596 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:39:06] New process found: Process Name - LogonUI.exe Process ID - 11536 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:39:06] New process found: Process Name - dwm.exe Process ID - 8412 Process Identity - Window Manager\DWM-4 [12-07-2023 00:39:18] Process Exited: Process Name - dwm.exe Process ID - 8412 [12-07-2023 00:39:18] Process Exited: Process Name - winlogon.exe Process ID - 10596 [12-07-2023 00:39:18] Process Exited: Process Name - LogonUI.exe Process ID - 11536 [12-07-2023 00:39:18] Process Exited: Process Name - csrss.exe Process ID - 12524 [12-07-2023 00:39:23] New process found: Process Name - csrss.exe Process ID - 6072 Process Identity - SYSTEM [12-07-2023 00:39:23] New process found: Process Name - winlogon.exe Process ID - 10016 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:39:26] New process found: Process Name - LogonUI.exe Process ID - 12868 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:39:26] New process found: Process Name - dwm.exe Process ID - 2476 Process Identity - Window Manager\DWM-4 [12-07-2023 00:39:33] Process Exited: Process Name - dwm.exe Process ID - 2476 [12-07-2023 00:39:33] Process Exited: Process Name - csrss.exe Process ID - 6072 [12-07-2023 00:39:33] Process Exited: Process Name - winlogon.exe Process ID - 10016 [12-07-2023 00:39:33] Process Exited: Process Name - LogonUI.exe Process ID - 12868 [12-07-2023 00:39:36] New process found: Process Name - csrss.exe Process ID - 11664 Process Identity - SYSTEM [12-07-2023 00:39:36] New process found: Process Name - winlogon.exe Process ID - 15740 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:39:38] New process found: Process Name - LogonUI.exe Process ID - 3996 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:39:38] New process found: Process Name - dwm.exe Process ID - 14600 Process Identity - Window Manager\DWM-4 [12-07-2023 00:39:43] New process found: Process Name - w3wp.exe Process ID - 1480 Process Identity - KSHITIJSINGHAL-\IWPD_6(cies) Web application pool name - cies.org.in(domain)(4.0)(pool) [12-07-2023 00:39:45] New process found: Process Name - w3wp.exe Process ID - 9400 Process Identity - IIS APPPOOL\kdbps.edu.in Web application pool name - kdbps.edu.in [12-07-2023 00:39:45] New process found: Process Name - conhost.exe Process ID - 6988 Process Identity - IIS APPPOOL\kdbps.edu.in [12-07-2023 00:39:48] Process Exited: Process Name - LogonUI.exe Process ID - 3996 [12-07-2023 00:39:48] Process Exited: Process Name - csrss.exe Process ID - 11664 [12-07-2023 00:39:48] Process Exited: Process Name - dwm.exe Process ID - 14600 [12-07-2023 00:39:48] Process Exited: Process Name - winlogon.exe Process ID - 15740 [12-07-2023 00:39:54] New process found: Process Name - csrss.exe Process ID - 10804 Process Identity - SYSTEM [12-07-2023 00:39:54] New process found: Process Name - winlogon.exe Process ID - 13892 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:39:57] New process found: Process Name - LogonUI.exe Process ID - 7968 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:39:57] New process found: Process Name - dwm.exe Process ID - 7884 Process Identity - Window Manager\DWM-4 [12-07-2023 00:40:04] Process Exited: Process Name - dwm.exe Process ID - 7884 [12-07-2023 00:40:04] Process Exited: Process Name - LogonUI.exe Process ID - 7968 [12-07-2023 00:40:04] Process Exited: Process Name - csrss.exe Process ID - 10804 [12-07-2023 00:40:04] Process Exited: Process Name - winlogon.exe Process ID - 13892 [12-07-2023 00:40:08] New process found: Process Name - csrss.exe Process ID - 9124 Process Identity - SYSTEM [12-07-2023 00:40:08] New process found: Process Name - winlogon.exe Process ID - 9904 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:40:11] New process found: Process Name - LogonUI.exe Process ID - 11016 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:40:11] New process found: Process Name - dwm.exe Process ID - 6172 Process Identity - Window Manager\DWM-4 [12-07-2023 00:40:19] Process Exited: Process Name - dwm.exe Process ID - 6172 [12-07-2023 00:40:19] Process Exited: Process Name - csrss.exe Process ID - 9124 [12-07-2023 00:40:19] Process Exited: Process Name - winlogon.exe Process ID - 9904 [12-07-2023 00:40:19] Process Exited: Process Name - LogonUI.exe Process ID - 11016 [12-07-2023 00:40:24] New process found: Process Name - csrss.exe Process ID - 15216 Process Identity - SYSTEM [12-07-2023 00:40:24] New process found: Process Name - winlogon.exe Process ID - 13088 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:40:24] Process Exited: Process Name - WmiPrvSE.exe Process ID - 14640 [12-07-2023 00:40:24] Process Exited: Process Name - WmiPrvSE.exe Process ID - 15032 [12-07-2023 00:40:27] New process found: Process Name - LogonUI.exe Process ID - 7192 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:40:27] New process found: Process Name - dwm.exe Process ID - 14936 Process Identity - Window Manager\DWM-4 [12-07-2023 00:40:35] Process Exited: Process Name - LogonUI.exe Process ID - 7192 [12-07-2023 00:40:35] Process Exited: Process Name - winlogon.exe Process ID - 13088 [12-07-2023 00:40:35] Process Exited: Process Name - dwm.exe Process ID - 14936 [12-07-2023 00:40:35] Process Exited: Process Name - csrss.exe Process ID - 15216 [12-07-2023 00:40:38] New process found: Process Name - csrss.exe Process ID - 7292 Process Identity - SYSTEM [12-07-2023 00:40:38] New process found: Process Name - winlogon.exe Process ID - 14904 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:40:41] New process found: Process Name - LogonUI.exe Process ID - 10472 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:40:41] New process found: Process Name - dwm.exe Process ID - 13240 Process Identity - Window Manager\DWM-4 [12-07-2023 00:40:41] Process Exited: Process Name - w3wp.exe Process ID - 7624 Web application pool name - suryaflame.com(domain)(4.0)(pool) [12-07-2023 00:40:41] Process Exited: Process Name - conhost.exe Process ID - 16056 [12-07-2023 00:40:46] New process found: Process Name - w3wp.exe Process ID - 10636 Process Identity - KSHITIJSINGHAL-\IWPD_67(justprew_2v) Web application pool name - justprewedding.com(domain)(4.0)(pool) [12-07-2023 00:40:47] New process found: Process Name - conhost.exe Process ID - 2596 Process Identity - KSHITIJSINGHAL-\IWPD_67(justprew_2v) [12-07-2023 00:40:51] Process Exited: Process Name - csrss.exe Process ID - 7292 [12-07-2023 00:40:51] Process Exited: Process Name - LogonUI.exe Process ID - 10472 [12-07-2023 00:40:51] Process Exited: Process Name - dwm.exe Process ID - 13240 [12-07-2023 00:40:51] Process Exited: Process Name - winlogon.exe Process ID - 14904 [12-07-2023 00:40:54] New process found: Process Name - csrss.exe Process ID - 10312 Process Identity - SYSTEM [12-07-2023 00:40:54] New process found: Process Name - winlogon.exe Process ID - 12072 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:40:56] New process found: Process Name - LogonUI.exe Process ID - 14372 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:40:56] New process found: Process Name - dwm.exe Process ID - 224 Process Identity - Window Manager\DWM-4 [12-07-2023 00:41:06] Process Exited: Process Name - dwm.exe Process ID - 224 [12-07-2023 00:41:06] Process Exited: Process Name - csrss.exe Process ID - 10312 [12-07-2023 00:41:06] Process Exited: Process Name - winlogon.exe Process ID - 12072 [12-07-2023 00:41:06] Process Exited: Process Name - LogonUI.exe Process ID - 14372 [12-07-2023 00:41:08] New process found: Process Name - csrss.exe Process ID - 3500 Process Identity - SYSTEM [12-07-2023 00:41:08] New process found: Process Name - winlogon.exe Process ID - 15116 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:41:10] New process found: Process Name - LogonUI.exe Process ID - 5340 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:41:10] New process found: Process Name - dwm.exe Process ID - 10748 Process Identity - Window Manager\DWM-4 [12-07-2023 00:41:21] Process Exited: Process Name - csrss.exe Process ID - 3500 [12-07-2023 00:41:21] Process Exited: Process Name - LogonUI.exe Process ID - 5340 [12-07-2023 00:41:21] Process Exited: Process Name - dwm.exe Process ID - 10748 [12-07-2023 00:41:21] Process Exited: Process Name - winlogon.exe Process ID - 15116 [12-07-2023 00:41:24] New process found: Process Name - csrss.exe Process ID - 11788 Process Identity - SYSTEM [12-07-2023 00:41:24] New process found: Process Name - winlogon.exe Process ID - 11388 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:41:26] New process found: Process Name - LogonUI.exe Process ID - 10220 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:41:26] New process found: Process Name - dwm.exe Process ID - 10960 Process Identity - Window Manager\DWM-4 [12-07-2023 00:41:37] Process Exited: Process Name - LogonUI.exe Process ID - 10220 [12-07-2023 00:41:37] Process Exited: Process Name - dwm.exe Process ID - 10960 [12-07-2023 00:41:37] Process Exited: Process Name - winlogon.exe Process ID - 11388 [12-07-2023 00:41:37] Process Exited: Process Name - csrss.exe Process ID - 11788 [12-07-2023 00:41:39] New process found: Process Name - csrss.exe Process ID - 12612 Process Identity - SYSTEM [12-07-2023 00:41:39] New process found: Process Name - winlogon.exe Process ID - 2600 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:41:41] New process found: Process Name - LogonUI.exe Process ID - 7140 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:41:41] New process found: Process Name - dwm.exe Process ID - 12240 Process Identity - Window Manager\DWM-4 [12-07-2023 00:41:52] Process Exited: Process Name - winlogon.exe Process ID - 2600 [12-07-2023 00:41:52] Process Exited: Process Name - LogonUI.exe Process ID - 7140 [12-07-2023 00:41:52] Process Exited: Process Name - dwm.exe Process ID - 12240 [12-07-2023 00:41:52] Process Exited: Process Name - csrss.exe Process ID - 12612 [12-07-2023 00:41:55] New process found: Process Name - csrss.exe Process ID - 14156 Process Identity - SYSTEM [12-07-2023 00:41:55] New process found: Process Name - winlogon.exe Process ID - 13108 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:41:57] New process found: Process Name - LogonUI.exe Process ID - 9956 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:41:57] New process found: Process Name - dwm.exe Process ID - 12452 Process Identity - Window Manager\DWM-4 [12-07-2023 00:41:57] New process found: Process Name - ig-2.exe Process ID - 12756 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 00:41:58] New process found: Process Name - ig-5.exe Process ID - 12112 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 00:41:58] Process Exited: Process Name - ig-2.exe Process ID - 12756 [12-07-2023 00:41:59] New process found: Process Name - w3wp.exe Process ID - 14604 Process Identity - KSHITIJSINGHAL-\IWPD_13(perfectbrea) Web application pool name - perfectbread.com(domain)(4.0)(pool) [12-07-2023 00:41:59] New process found: Process Name - ig-8.exe Process ID - 10996 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 00:41:59] Process Exited: Process Name - ig-5.exe Process ID - 12112 [12-07-2023 00:42:00] New process found: Process Name - ig-11.exe Process ID - 10884 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 00:42:00] Process Exited: Process Name - ig-8.exe Process ID - 10996 [12-07-2023 00:42:01] New process found: Process Name - ig-14.exe Process ID - 7464 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 00:42:01] Process Exited: Process Name - ig-11.exe Process ID - 10884 [12-07-2023 00:42:02] New process found: Process Name - ig-17.exe Process ID - 15752 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 00:42:02] Process Exited: Process Name - ig-14.exe Process ID - 7464 [12-07-2023 00:42:03] New process found: Process Name - ig-20.exe Process ID - 8516 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 00:42:03] Process Exited: Process Name - ig-17.exe Process ID - 15752 [12-07-2023 00:42:04] New process found: Process Name - ig-23.exe Process ID - 12440 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 00:42:04] Process Exited: Process Name - ig-20.exe Process ID - 8516 [12-07-2023 00:42:05] New process found: Process Name - ig-26.exe Process ID - 15520 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 00:42:05] Process Exited: Process Name - ig-23.exe Process ID - 12440 [12-07-2023 00:42:06] New process found: Process Name - w3wp.exe Process ID - 10752 Process Identity - IIS APPPOOL\DefaultAppPool Web application pool name - DefaultAppPool [12-07-2023 00:42:06] New process found: Process Name - ig-29.exe Process ID - 15348 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 00:42:06] Process Exited: Process Name - ig-26.exe Process ID - 15520 [12-07-2023 00:42:07] New process found: Process Name - ig-32.exe Process ID - 13248 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 00:42:07] Process Exited: Process Name - LogonUI.exe Process ID - 9956 [12-07-2023 00:42:07] Process Exited: Process Name - dwm.exe Process ID - 12452 [12-07-2023 00:42:07] Process Exited: Process Name - winlogon.exe Process ID - 13108 [12-07-2023 00:42:07] Process Exited: Process Name - csrss.exe Process ID - 14156 [12-07-2023 00:42:07] Process Exited: Process Name - ig-29.exe Process ID - 15348 [12-07-2023 00:42:08] New process found: Process Name - ig-36.exe Process ID - 12624 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 00:42:08] Process Exited: Process Name - ig-32.exe Process ID - 13248 [12-07-2023 00:42:09] New process found: Process Name - csrss.exe Process ID - 15924 Process Identity - SYSTEM [12-07-2023 00:42:09] New process found: Process Name - winlogon.exe Process ID - 14292 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:42:09] Process Exited: Process Name - ig-36.exe Process ID - 12624 [12-07-2023 00:42:10] New process found: Process Name - LogonUI.exe Process ID - 8412 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:42:10] New process found: Process Name - dwm.exe Process ID - 4056 Process Identity - Window Manager\DWM-4 [12-07-2023 00:42:10] New process found: Process Name - ig-40.exe Process ID - 11560 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 00:42:11] New process found: Process Name - ig-44.exe Process ID - 9548 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 00:42:11] Process Exited: Process Name - ig-40.exe Process ID - 11560 [12-07-2023 00:42:12] New process found: Process Name - ig-47.exe Process ID - 15344 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 00:42:12] Process Exited: Process Name - ig-44.exe Process ID - 9548 [12-07-2023 00:42:13] Process Exited: Process Name - ig-47.exe Process ID - 15344 [12-07-2023 00:42:14] New process found: Process Name - w3wp.exe Process ID - 15640 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 00:42:14] Process Exited: Process Name - w3wp.exe Process ID - 16140 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 00:42:22] Process Exited: Process Name - dwm.exe Process ID - 4056 [12-07-2023 00:42:22] Process Exited: Process Name - LogonUI.exe Process ID - 8412 [12-07-2023 00:42:22] Process Exited: Process Name - winlogon.exe Process ID - 14292 [12-07-2023 00:42:22] Process Exited: Process Name - csrss.exe Process ID - 15924 [12-07-2023 00:42:24] New process found: Process Name - csrss.exe Process ID - 14028 Process Identity - SYSTEM [12-07-2023 00:42:24] New process found: Process Name - winlogon.exe Process ID - 7920 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:42:27] New process found: Process Name - LogonUI.exe Process ID - 15044 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:42:27] New process found: Process Name - dwm.exe Process ID - 7864 Process Identity - Window Manager\DWM-4 [12-07-2023 00:42:28] Process Exited: Process Name - w3wp.exe Process ID - 2896 Web application pool name - galaxytools.in [12-07-2023 00:42:37] Process Exited: Process Name - dwm.exe Process ID - 7864 [12-07-2023 00:42:37] Process Exited: Process Name - winlogon.exe Process ID - 7920 [12-07-2023 00:42:37] Process Exited: Process Name - csrss.exe Process ID - 14028 [12-07-2023 00:42:37] Process Exited: Process Name - LogonUI.exe Process ID - 15044 [12-07-2023 00:42:40] New process found: Process Name - csrss.exe Process ID - 11216 Process Identity - SYSTEM [12-07-2023 00:42:40] New process found: Process Name - winlogon.exe Process ID - 15996 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:42:42] New process found: Process Name - LogonUI.exe Process ID - 6836 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:42:42] New process found: Process Name - dwm.exe Process ID - 11696 Process Identity - Window Manager\DWM-4 [12-07-2023 00:42:53] Process Exited: Process Name - LogonUI.exe Process ID - 6836 [12-07-2023 00:42:53] Process Exited: Process Name - csrss.exe Process ID - 11216 [12-07-2023 00:42:53] Process Exited: Process Name - dwm.exe Process ID - 11696 [12-07-2023 00:42:53] Process Exited: Process Name - winlogon.exe Process ID - 15996 [12-07-2023 00:42:56] New process found: Process Name - csrss.exe Process ID - 7828 Process Identity - SYSTEM [12-07-2023 00:42:56] New process found: Process Name - winlogon.exe Process ID - 5912 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:42:57] New process found: Process Name - LogonUI.exe Process ID - 10248 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:42:57] New process found: Process Name - dwm.exe Process ID - 12356 Process Identity - Window Manager\DWM-4 [12-07-2023 00:43:05] New process found: Process Name - w3wp.exe Process ID - 4336 Process Identity - KSHITIJSINGHAL-\IWPD_74(suryafla_aw) Web application pool name - suryaflame.com(domain)(4.0)(pool) [12-07-2023 00:43:05] New process found: Process Name - conhost.exe Process ID - 11724 Process Identity - KSHITIJSINGHAL-\IWPD_74(suryafla_aw) [12-07-2023 00:43:08] Process Exited: Process Name - winlogon.exe Process ID - 5912 [12-07-2023 00:43:08] Process Exited: Process Name - csrss.exe Process ID - 7828 [12-07-2023 00:43:08] Process Exited: Process Name - LogonUI.exe Process ID - 10248 [12-07-2023 00:43:08] Process Exited: Process Name - dwm.exe Process ID - 12356 [12-07-2023 00:43:10] New process found: Process Name - csrss.exe Process ID - 8708 Process Identity - SYSTEM [12-07-2023 00:43:10] New process found: Process Name - winlogon.exe Process ID - 5500 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:43:10] New process found: Process Name - LogonUI.exe Process ID - 7404 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:43:10] New process found: Process Name - dwm.exe Process ID - 14404 Process Identity - Window Manager\DWM-4 [12-07-2023 00:43:23] Process Exited: Process Name - winlogon.exe Process ID - 5500 [12-07-2023 00:43:23] Process Exited: Process Name - LogonUI.exe Process ID - 7404 [12-07-2023 00:43:23] Process Exited: Process Name - csrss.exe Process ID - 8708 [12-07-2023 00:43:23] Process Exited: Process Name - dwm.exe Process ID - 14404 [12-07-2023 00:43:26] New process found: Process Name - csrss.exe Process ID - 11712 Process Identity - SYSTEM [12-07-2023 00:43:26] New process found: Process Name - winlogon.exe Process ID - 4148 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:43:29] New process found: Process Name - LogonUI.exe Process ID - 15888 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:43:29] New process found: Process Name - dwm.exe Process ID - 15532 Process Identity - Window Manager\DWM-4 [12-07-2023 00:43:38] Process Exited: Process Name - winlogon.exe Process ID - 4148 [12-07-2023 00:43:38] Process Exited: Process Name - csrss.exe Process ID - 11712 [12-07-2023 00:43:38] Process Exited: Process Name - dwm.exe Process ID - 15532 [12-07-2023 00:43:38] Process Exited: Process Name - LogonUI.exe Process ID - 15888 [12-07-2023 00:43:43] New process found: Process Name - csrss.exe Process ID - 11008 Process Identity - SYSTEM [12-07-2023 00:43:43] New process found: Process Name - winlogon.exe Process ID - 7900 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:43:47] New process found: Process Name - LogonUI.exe Process ID - 7704 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:43:47] New process found: Process Name - dwm.exe Process ID - 11304 Process Identity - Window Manager\DWM-4 [12-07-2023 00:43:54] Process Exited: Process Name - LogonUI.exe Process ID - 7704 [12-07-2023 00:43:54] Process Exited: Process Name - winlogon.exe Process ID - 7900 [12-07-2023 00:43:54] Process Exited: Process Name - csrss.exe Process ID - 11008 [12-07-2023 00:43:54] Process Exited: Process Name - dwm.exe Process ID - 11304 [12-07-2023 00:43:58] New process found: Process Name - csrss.exe Process ID - 11532 Process Identity - SYSTEM [12-07-2023 00:43:58] New process found: Process Name - winlogon.exe Process ID - 9272 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:44:02] New process found: Process Name - LogonUI.exe Process ID - 4372 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:44:02] New process found: Process Name - dwm.exe Process ID - 14204 Process Identity - Window Manager\DWM-4 [12-07-2023 00:44:10] Process Exited: Process Name - LogonUI.exe Process ID - 4372 [12-07-2023 00:44:10] Process Exited: Process Name - winlogon.exe Process ID - 9272 [12-07-2023 00:44:10] Process Exited: Process Name - dwm.exe Process ID - 14204 [12-07-2023 00:44:11] Process Exited: Process Name - csrss.exe Process ID - 11532 [12-07-2023 00:44:14] New process found: Process Name - csrss.exe Process ID - 11396 Process Identity - SYSTEM [12-07-2023 00:44:14] New process found: Process Name - winlogon.exe Process ID - 6188 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:44:18] New process found: Process Name - LogonUI.exe Process ID - 14924 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:44:18] New process found: Process Name - dwm.exe Process ID - 12604 Process Identity - Window Manager\DWM-4 [12-07-2023 00:44:26] Process Exited: Process Name - winlogon.exe Process ID - 6188 [12-07-2023 00:44:26] Process Exited: Process Name - csrss.exe Process ID - 11396 [12-07-2023 00:44:26] Process Exited: Process Name - dwm.exe Process ID - 12604 [12-07-2023 00:44:26] Process Exited: Process Name - LogonUI.exe Process ID - 14924 [12-07-2023 00:44:31] New process found: Process Name - csrss.exe Process ID - 7984 Process Identity - SYSTEM [12-07-2023 00:44:31] New process found: Process Name - winlogon.exe Process ID - 6480 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:44:33] New process found: Process Name - LogonUI.exe Process ID - 13380 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:44:33] New process found: Process Name - dwm.exe Process ID - 11352 Process Identity - Window Manager\DWM-4 [12-07-2023 00:44:42] Process Exited: Process Name - winlogon.exe Process ID - 6480 [12-07-2023 00:44:42] Process Exited: Process Name - csrss.exe Process ID - 7984 [12-07-2023 00:44:42] Process Exited: Process Name - dwm.exe Process ID - 11352 [12-07-2023 00:44:42] Process Exited: Process Name - LogonUI.exe Process ID - 13380 [12-07-2023 00:44:45] New process found: Process Name - csrss.exe Process ID - 10180 Process Identity - SYSTEM [12-07-2023 00:44:45] New process found: Process Name - winlogon.exe Process ID - 14272 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:44:47] New process found: Process Name - LogonUI.exe Process ID - 5504 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:44:47] New process found: Process Name - dwm.exe Process ID - 10500 Process Identity - Window Manager\DWM-4 [12-07-2023 00:44:57] Process Exited: Process Name - LogonUI.exe Process ID - 5504 [12-07-2023 00:44:57] Process Exited: Process Name - csrss.exe Process ID - 10180 [12-07-2023 00:44:57] Process Exited: Process Name - dwm.exe Process ID - 10500 [12-07-2023 00:44:57] Process Exited: Process Name - winlogon.exe Process ID - 14272 [12-07-2023 00:45:00] New process found: Process Name - csrss.exe Process ID - 12804 Process Identity - SYSTEM [12-07-2023 00:45:00] New process found: Process Name - winlogon.exe Process ID - 14792 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:45:01] New process found: Process Name - LogonUI.exe Process ID - 12904 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:45:01] New process found: Process Name - dwm.exe Process ID - 13376 Process Identity - Window Manager\DWM-4 [12-07-2023 00:45:12] Process Exited: Process Name - csrss.exe Process ID - 12804 [12-07-2023 00:45:12] Process Exited: Process Name - LogonUI.exe Process ID - 12904 [12-07-2023 00:45:12] Process Exited: Process Name - dwm.exe Process ID - 13376 [12-07-2023 00:45:12] Process Exited: Process Name - winlogon.exe Process ID - 14792 [12-07-2023 00:45:19] New process found: Process Name - csrss.exe Process ID - 7696 Process Identity - SYSTEM [12-07-2023 00:45:19] New process found: Process Name - winlogon.exe Process ID - 16324 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:45:21] New process found: Process Name - LogonUI.exe Process ID - 3800 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:45:21] New process found: Process Name - dwm.exe Process ID - 15920 Process Identity - Window Manager\DWM-4 [12-07-2023 00:45:24] New process found: Process Name - w3wp.exe Process ID - 11412 Process Identity - KSHITIJSINGHAL-\IWPD_14(perfectbrea) Web application pool name - adminportal.perfectbread.com(domain)(4.0)(pool) [12-07-2023 00:45:26] New process found: Process Name - where.exe Process ID - 11856 Process Identity - KSHITIJSINGHAL-\IWPD_14(perfectbrea) [12-07-2023 00:45:26] New process found: Process Name - conhost.exe Process ID - 11324 Process Identity - KSHITIJSINGHAL-\IWPD_14(perfectbrea) [12-07-2023 00:45:27] New process found: Process Name - conhost.exe Process ID - 11520 Process Identity - KSHITIJSINGHAL-\IWPD_14(perfectbrea) [12-07-2023 00:45:27] Process Exited: Process Name - conhost.exe Process ID - 11324 [12-07-2023 00:45:27] Process Exited: Process Name - where.exe Process ID - 11856 [12-07-2023 00:45:28] Process Exited: Process Name - LogonUI.exe Process ID - 3800 [12-07-2023 00:45:28] Process Exited: Process Name - csrss.exe Process ID - 7696 [12-07-2023 00:45:28] Process Exited: Process Name - dwm.exe Process ID - 15920 [12-07-2023 00:45:28] Process Exited: Process Name - winlogon.exe Process ID - 16324 [12-07-2023 00:45:31] New process found: Process Name - csrss.exe Process ID - 8448 Process Identity - SYSTEM [12-07-2023 00:45:31] New process found: Process Name - winlogon.exe Process ID - 6484 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:45:32] New process found: Process Name - LogonUI.exe Process ID - 7536 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:45:32] New process found: Process Name - dwm.exe Process ID - 12660 Process Identity - Window Manager\DWM-4 [12-07-2023 00:45:43] Process Exited: Process Name - winlogon.exe Process ID - 6484 [12-07-2023 00:45:43] Process Exited: Process Name - LogonUI.exe Process ID - 7536 [12-07-2023 00:45:43] Process Exited: Process Name - csrss.exe Process ID - 8448 [12-07-2023 00:45:43] Process Exited: Process Name - dwm.exe Process ID - 12660 [12-07-2023 00:45:45] Process Exited: Process Name - w3wp.exe Process ID - 1480 Web application pool name - cies.org.in(domain)(4.0)(pool) [12-07-2023 00:45:50] New process found: Process Name - csrss.exe Process ID - 10648 Process Identity - SYSTEM [12-07-2023 00:45:50] New process found: Process Name - winlogon.exe Process ID - 15512 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:45:51] New process found: Process Name - LogonUI.exe Process ID - 10952 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:45:51] New process found: Process Name - dwm.exe Process ID - 12944 Process Identity - Window Manager\DWM-4 [12-07-2023 00:45:58] Process Exited: Process Name - LogonUI.exe Process ID - 10952 [12-07-2023 00:45:58] Process Exited: Process Name - dwm.exe Process ID - 12944 [12-07-2023 00:45:58] Process Exited: Process Name - winlogon.exe Process ID - 15512 [12-07-2023 00:45:59] Process Exited: Process Name - csrss.exe Process ID - 10648 [12-07-2023 00:46:01] New process found: Process Name - csrss.exe Process ID - 6488 Process Identity - SYSTEM [12-07-2023 00:46:01] New process found: Process Name - winlogon.exe Process ID - 7376 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:46:02] New process found: Process Name - LogonUI.exe Process ID - 11088 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:46:02] New process found: Process Name - dwm.exe Process ID - 13804 Process Identity - Window Manager\DWM-4 [12-07-2023 00:46:14] Process Exited: Process Name - csrss.exe Process ID - 6488 [12-07-2023 00:46:14] Process Exited: Process Name - winlogon.exe Process ID - 7376 [12-07-2023 00:46:14] Process Exited: Process Name - LogonUI.exe Process ID - 11088 [12-07-2023 00:46:14] Process Exited: Process Name - dwm.exe Process ID - 13804 [12-07-2023 00:46:16] New process found: Process Name - csrss.exe Process ID - 12708 Process Identity - SYSTEM [12-07-2023 00:46:16] New process found: Process Name - winlogon.exe Process ID - 1684 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:46:17] New process found: Process Name - LogonUI.exe Process ID - 9952 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:46:17] New process found: Process Name - dwm.exe Process ID - 10956 Process Identity - Window Manager\DWM-4 [12-07-2023 00:46:29] Process Exited: Process Name - winlogon.exe Process ID - 1684 [12-07-2023 00:46:29] Process Exited: Process Name - LogonUI.exe Process ID - 9952 [12-07-2023 00:46:29] Process Exited: Process Name - dwm.exe Process ID - 10956 [12-07-2023 00:46:29] Process Exited: Process Name - csrss.exe Process ID - 12708 [12-07-2023 00:46:31] New process found: Process Name - csrss.exe Process ID - 704 Process Identity - SYSTEM [12-07-2023 00:46:31] New process found: Process Name - winlogon.exe Process ID - 5708 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:46:32] New process found: Process Name - LogonUI.exe Process ID - 15740 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:46:32] New process found: Process Name - dwm.exe Process ID - 3152 Process Identity - Window Manager\DWM-4 [12-07-2023 00:46:44] Process Exited: Process Name - csrss.exe Process ID - 704 [12-07-2023 00:46:44] Process Exited: Process Name - dwm.exe Process ID - 3152 [12-07-2023 00:46:44] Process Exited: Process Name - winlogon.exe Process ID - 5708 [12-07-2023 00:46:44] Process Exited: Process Name - LogonUI.exe Process ID - 15740 [12-07-2023 00:46:48] Process Exited: Process Name - conhost.exe Process ID - 2596 [12-07-2023 00:46:48] Process Exited: Process Name - w3wp.exe Process ID - 10636 Web application pool name - justprewedding.com(domain)(4.0)(pool) [12-07-2023 00:46:51] New process found: Process Name - csrss.exe Process ID - 13700 Process Identity - SYSTEM [12-07-2023 00:46:51] New process found: Process Name - winlogon.exe Process ID - 15240 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:46:53] New process found: Process Name - LogonUI.exe Process ID - 12356 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:46:53] New process found: Process Name - dwm.exe Process ID - 13892 Process Identity - Window Manager\DWM-4 [12-07-2023 00:46:59] Process Exited: Process Name - LogonUI.exe Process ID - 12356 [12-07-2023 00:46:59] Process Exited: Process Name - dwm.exe Process ID - 13892 [12-07-2023 00:46:59] Process Exited: Process Name - winlogon.exe Process ID - 15240 [12-07-2023 00:47:00] Process Exited: Process Name - csrss.exe Process ID - 13700 [12-07-2023 00:47:04] New process found: Process Name - csrss.exe Process ID - 14384 Process Identity - SYSTEM [12-07-2023 00:47:04] New process found: Process Name - winlogon.exe Process ID - 2400 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:47:05] New process found: Process Name - LogonUI.exe Process ID - 15216 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:47:05] New process found: Process Name - dwm.exe Process ID - 12344 Process Identity - Window Manager\DWM-4 [12-07-2023 00:47:15] New process found: Process Name - w3wp.exe Process ID - 16240 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 00:47:15] Process Exited: Process Name - winlogon.exe Process ID - 2400 [12-07-2023 00:47:15] Process Exited: Process Name - dwm.exe Process ID - 12344 [12-07-2023 00:47:15] Process Exited: Process Name - csrss.exe Process ID - 14384 [12-07-2023 00:47:15] Process Exited: Process Name - LogonUI.exe Process ID - 15216 [12-07-2023 00:47:15] Process Exited: Process Name - w3wp.exe Process ID - 15640 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 00:47:21] New process found: Process Name - csrss.exe Process ID - 10940 Process Identity - SYSTEM [12-07-2023 00:47:21] New process found: Process Name - winlogon.exe Process ID - 6644 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:47:24] New process found: Process Name - LogonUI.exe Process ID - 15532 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:47:24] New process found: Process Name - dwm.exe Process ID - 10352 Process Identity - Window Manager\DWM-4 [12-07-2023 00:47:30] Process Exited: Process Name - winlogon.exe Process ID - 6644 [12-07-2023 00:47:30] Process Exited: Process Name - dwm.exe Process ID - 10352 [12-07-2023 00:47:30] Process Exited: Process Name - csrss.exe Process ID - 10940 [12-07-2023 00:47:30] Process Exited: Process Name - LogonUI.exe Process ID - 15532 [12-07-2023 00:47:33] New process found: Process Name - csrss.exe Process ID - 15304 Process Identity - SYSTEM [12-07-2023 00:47:33] New process found: Process Name - winlogon.exe Process ID - 2236 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:47:34] New process found: Process Name - LogonUI.exe Process ID - 15964 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:47:34] New process found: Process Name - dwm.exe Process ID - 15400 Process Identity - Window Manager\DWM-4 [12-07-2023 00:47:46] Process Exited: Process Name - winlogon.exe Process ID - 2236 [12-07-2023 00:47:46] Process Exited: Process Name - csrss.exe Process ID - 15304 [12-07-2023 00:47:46] Process Exited: Process Name - dwm.exe Process ID - 15400 [12-07-2023 00:47:46] Process Exited: Process Name - LogonUI.exe Process ID - 15964 [12-07-2023 00:47:52] New process found: Process Name - csrss.exe Process ID - 12340 Process Identity - SYSTEM [12-07-2023 00:47:52] New process found: Process Name - winlogon.exe Process ID - 7420 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:47:53] New process found: Process Name - LogonUI.exe Process ID - 14944 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:47:53] New process found: Process Name - dwm.exe Process ID - 12168 Process Identity - Window Manager\DWM-4 [12-07-2023 00:48:01] Process Exited: Process Name - winlogon.exe Process ID - 7420 [12-07-2023 00:48:01] Process Exited: Process Name - dwm.exe Process ID - 12168 [12-07-2023 00:48:01] Process Exited: Process Name - csrss.exe Process ID - 12340 [12-07-2023 00:48:01] Process Exited: Process Name - w3wp.exe Process ID - 14604 Web application pool name - perfectbread.com(domain)(4.0)(pool) [12-07-2023 00:48:01] Process Exited: Process Name - LogonUI.exe Process ID - 14944 [12-07-2023 00:48:06] New process found: Process Name - csrss.exe Process ID - 10980 Process Identity - SYSTEM [12-07-2023 00:48:06] New process found: Process Name - winlogon.exe Process ID - 15864 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:48:09] Process Exited: Process Name - w3wp.exe Process ID - 10752 Web application pool name - DefaultAppPool [12-07-2023 00:48:12] New process found: Process Name - LogonUI.exe Process ID - 16220 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:48:12] New process found: Process Name - dwm.exe Process ID - 4128 Process Identity - Window Manager\DWM-4 [12-07-2023 00:48:17] Process Exited: Process Name - dwm.exe Process ID - 4128 [12-07-2023 00:48:17] Process Exited: Process Name - csrss.exe Process ID - 10980 [12-07-2023 00:48:17] Process Exited: Process Name - winlogon.exe Process ID - 15864 [12-07-2023 00:48:17] Process Exited: Process Name - LogonUI.exe Process ID - 16220 [12-07-2023 00:48:20] New process found: Process Name - csrss.exe Process ID - 11640 Process Identity - SYSTEM [12-07-2023 00:48:20] New process found: Process Name - winlogon.exe Process ID - 12484 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:48:23] New process found: Process Name - LogonUI.exe Process ID - 8604 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:48:23] New process found: Process Name - dwm.exe Process ID - 5508 Process Identity - Window Manager\DWM-4 [12-07-2023 00:48:32] Process Exited: Process Name - dwm.exe Process ID - 5508 [12-07-2023 00:48:32] Process Exited: Process Name - LogonUI.exe Process ID - 8604 [12-07-2023 00:48:32] Process Exited: Process Name - csrss.exe Process ID - 11640 [12-07-2023 00:48:32] Process Exited: Process Name - winlogon.exe Process ID - 12484 [12-07-2023 00:48:37] New process found: Process Name - csrss.exe Process ID - 5176 Process Identity - SYSTEM [12-07-2023 00:48:37] New process found: Process Name - winlogon.exe Process ID - 7768 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:48:40] New process found: Process Name - LogonUI.exe Process ID - 11500 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:48:40] New process found: Process Name - dwm.exe Process ID - 5664 Process Identity - Window Manager\DWM-4 [12-07-2023 00:48:47] Process Exited: Process Name - conhost.exe Process ID - 6988 [12-07-2023 00:48:47] Process Exited: Process Name - w3wp.exe Process ID - 9400 Web application pool name - kdbps.edu.in [12-07-2023 00:48:48] Process Exited: Process Name - csrss.exe Process ID - 5176 [12-07-2023 00:48:48] Process Exited: Process Name - dwm.exe Process ID - 5664 [12-07-2023 00:48:48] Process Exited: Process Name - winlogon.exe Process ID - 7768 [12-07-2023 00:48:48] Process Exited: Process Name - LogonUI.exe Process ID - 11500 [12-07-2023 00:48:51] New process found: Process Name - csrss.exe Process ID - 9724 Process Identity - SYSTEM [12-07-2023 00:48:51] New process found: Process Name - winlogon.exe Process ID - 4920 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:48:52] New process found: Process Name - LogonUI.exe Process ID - 12620 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:48:52] New process found: Process Name - dwm.exe Process ID - 14452 Process Identity - Window Manager\DWM-4 [12-07-2023 00:48:54] New process found: Process Name - WmiPrvSE.exe Process ID - 7464 Process Identity - NT AUTHORITY\LOCAL SERVICE [12-07-2023 00:49:01] New process found: Process Name - WmiPrvSE.exe Process ID - 10972 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:49:03] Process Exited: Process Name - winlogon.exe Process ID - 4920 [12-07-2023 00:49:03] Process Exited: Process Name - csrss.exe Process ID - 9724 [12-07-2023 00:49:03] Process Exited: Process Name - LogonUI.exe Process ID - 12620 [12-07-2023 00:49:03] Process Exited: Process Name - dwm.exe Process ID - 14452 [12-07-2023 00:49:05] New process found: Process Name - w3wp.exe Process ID - 8516 Process Identity - KSHITIJSINGHAL-\IWPD_38(capitalbook) Web application pool name - capitalbooks-publishing.com(domain)(4.0)(pool) [12-07-2023 00:49:07] New process found: Process Name - csrss.exe Process ID - 7856 Process Identity - SYSTEM [12-07-2023 00:49:07] New process found: Process Name - winlogon.exe Process ID - 4208 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:49:08] Process Exited: Process Name - w3wp.exe Process ID - 4336 Web application pool name - suryaflame.com(domain)(4.0)(pool) [12-07-2023 00:49:08] Process Exited: Process Name - conhost.exe Process ID - 11724 [12-07-2023 00:49:09] New process found: Process Name - LogonUI.exe Process ID - 10544 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:49:09] New process found: Process Name - dwm.exe Process ID - 10924 Process Identity - Window Manager\DWM-4 [12-07-2023 00:49:14] New process found: Process Name - w3wp.exe Process ID - 13100 Process Identity - IIS APPPOOL\kdbps.edu.in Web application pool name - kdbps.edu.in [12-07-2023 00:49:18] Process Exited: Process Name - winlogon.exe Process ID - 4208 [12-07-2023 00:49:18] Process Exited: Process Name - LogonUI.exe Process ID - 10544 [12-07-2023 00:49:18] Process Exited: Process Name - dwm.exe Process ID - 10924 [12-07-2023 00:49:19] Process Exited: Process Name - csrss.exe Process ID - 7856 [12-07-2023 00:49:21] New process found: Process Name - csrss.exe Process ID - 11460 Process Identity - SYSTEM [12-07-2023 00:49:21] New process found: Process Name - winlogon.exe Process ID - 10584 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:49:21] New process found: Process Name - conhost.exe Process ID - 7700 Process Identity - IIS APPPOOL\kdbps.edu.in [12-07-2023 00:49:22] New process found: Process Name - LogonUI.exe Process ID - 9624 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:49:22] New process found: Process Name - dwm.exe Process ID - 12960 Process Identity - Window Manager\DWM-4 [12-07-2023 00:49:34] Process Exited: Process Name - LogonUI.exe Process ID - 9624 [12-07-2023 00:49:34] Process Exited: Process Name - winlogon.exe Process ID - 10584 [12-07-2023 00:49:34] Process Exited: Process Name - csrss.exe Process ID - 11460 [12-07-2023 00:49:34] Process Exited: Process Name - dwm.exe Process ID - 12960 [12-07-2023 00:49:36] New process found: Process Name - csrss.exe Process ID - 5980 Process Identity - SYSTEM [12-07-2023 00:49:36] New process found: Process Name - winlogon.exe Process ID - 10532 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:49:38] New process found: Process Name - LogonUI.exe Process ID - 9736 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:49:38] New process found: Process Name - dwm.exe Process ID - 7124 Process Identity - Window Manager\DWM-4 [12-07-2023 00:49:49] Process Exited: Process Name - csrss.exe Process ID - 5980 [12-07-2023 00:49:49] Process Exited: Process Name - dwm.exe Process ID - 7124 [12-07-2023 00:49:49] Process Exited: Process Name - LogonUI.exe Process ID - 9736 [12-07-2023 00:49:49] Process Exited: Process Name - winlogon.exe Process ID - 10532 [12-07-2023 00:49:51] New process found: Process Name - smss.exe Process ID - 12712 Process Identity - SYSTEM [12-07-2023 00:49:52] New process found: Process Name - csrss.exe Process ID - 10384 Process Identity - SYSTEM [12-07-2023 00:49:52] New process found: Process Name - winlogon.exe Process ID - 1752 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:49:52] New process found: Process Name - LogonUI.exe Process ID - 9744 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:49:52] New process found: Process Name - dwm.exe Process ID - 16028 Process Identity - Window Manager\DWM-4 [12-07-2023 00:49:52] Process Exited: Process Name - smss.exe Process ID - 12712 [12-07-2023 00:50:04] Process Exited: Process Name - winlogon.exe Process ID - 1752 [12-07-2023 00:50:04] Process Exited: Process Name - LogonUI.exe Process ID - 9744 [12-07-2023 00:50:04] Process Exited: Process Name - csrss.exe Process ID - 10384 [12-07-2023 00:50:04] Process Exited: Process Name - dwm.exe Process ID - 16028 [12-07-2023 00:50:07] New process found: Process Name - csrss.exe Process ID - 12428 Process Identity - SYSTEM [12-07-2023 00:50:07] New process found: Process Name - winlogon.exe Process ID - 12076 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:50:08] New process found: Process Name - LogonUI.exe Process ID - 7108 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:50:08] New process found: Process Name - dwm.exe Process ID - 10864 Process Identity - Window Manager\DWM-4 [12-07-2023 00:50:19] Process Exited: Process Name - LogonUI.exe Process ID - 7108 [12-07-2023 00:50:19] Process Exited: Process Name - dwm.exe Process ID - 10864 [12-07-2023 00:50:19] Process Exited: Process Name - winlogon.exe Process ID - 12076 [12-07-2023 00:50:20] Process Exited: Process Name - csrss.exe Process ID - 12428 [12-07-2023 00:50:22] New process found: Process Name - csrss.exe Process ID - 15596 Process Identity - SYSTEM [12-07-2023 00:50:22] New process found: Process Name - winlogon.exe Process ID - 6268 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:50:24] New process found: Process Name - LogonUI.exe Process ID - 12216 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:50:24] New process found: Process Name - dwm.exe Process ID - 14308 Process Identity - Window Manager\DWM-4 [12-07-2023 00:50:24] Process Exited: Process Name - WmiPrvSE.exe Process ID - 7464 [12-07-2023 00:50:24] Process Exited: Process Name - WmiPrvSE.exe Process ID - 10972 [12-07-2023 00:50:34] Process Exited: Process Name - winlogon.exe Process ID - 6268 [12-07-2023 00:50:34] Process Exited: Process Name - LogonUI.exe Process ID - 12216 [12-07-2023 00:50:34] Process Exited: Process Name - dwm.exe Process ID - 14308 [12-07-2023 00:50:34] Process Exited: Process Name - csrss.exe Process ID - 15596 [12-07-2023 00:50:36] New process found: Process Name - csrss.exe Process ID - 12760 Process Identity - SYSTEM [12-07-2023 00:50:36] New process found: Process Name - winlogon.exe Process ID - 7828 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:50:37] New process found: Process Name - LogonUI.exe Process ID - 13892 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:50:37] New process found: Process Name - dwm.exe Process ID - 14208 Process Identity - Window Manager\DWM-4 [12-07-2023 00:50:49] Process Exited: Process Name - winlogon.exe Process ID - 7828 [12-07-2023 00:50:49] Process Exited: Process Name - LogonUI.exe Process ID - 13892 [12-07-2023 00:50:49] Process Exited: Process Name - dwm.exe Process ID - 14208 [12-07-2023 00:50:50] Process Exited: Process Name - csrss.exe Process ID - 12760 [12-07-2023 00:50:56] New process found: Process Name - csrss.exe Process ID - 9332 Process Identity - SYSTEM [12-07-2023 00:50:56] New process found: Process Name - winlogon.exe Process ID - 11132 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:51:00] New process found: Process Name - LogonUI.exe Process ID - 228 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:51:00] New process found: Process Name - dwm.exe Process ID - 12840 Process Identity - Window Manager\DWM-4 [12-07-2023 00:51:02] New process found: Process Name - w3wp.exe Process ID - 14832 Process Identity - IIS APPPOOL\galaxytools.in Web application pool name - galaxytools.in [12-07-2023 00:51:04] New process found: Process Name - w3wp.exe Process ID - 10900 Process Identity - IIS APPPOOL\DefaultAppPool Web application pool name - DefaultAppPool [12-07-2023 00:51:05] Process Exited: Process Name - LogonUI.exe Process ID - 228 [12-07-2023 00:51:05] Process Exited: Process Name - winlogon.exe Process ID - 11132 [12-07-2023 00:51:05] Process Exited: Process Name - dwm.exe Process ID - 12840 [12-07-2023 00:51:06] Process Exited: Process Name - csrss.exe Process ID - 9332 [12-07-2023 00:51:08] New process found: Process Name - csrss.exe Process ID - 14156 Process Identity - SYSTEM [12-07-2023 00:51:08] New process found: Process Name - winlogon.exe Process ID - 15452 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:51:10] New process found: Process Name - LogonUI.exe Process ID - 11784 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:51:10] New process found: Process Name - dwm.exe Process ID - 8560 Process Identity - Window Manager\DWM-4 [12-07-2023 00:51:21] New process found: Process Name - w3wp.exe Process ID - 8372 Process Identity - KSHITIJSINGHAL-\IWPD_77(acwits) Web application pool name - kdb.acwits.in(domain)(4.0)(pool) [12-07-2023 00:51:21] New process found: Process Name - conhost.exe Process ID - 16284 Process Identity - KSHITIJSINGHAL-\IWPD_77(acwits) [12-07-2023 00:51:21] Process Exited: Process Name - dwm.exe Process ID - 8560 [12-07-2023 00:51:21] Process Exited: Process Name - LogonUI.exe Process ID - 11784 [12-07-2023 00:51:21] Process Exited: Process Name - csrss.exe Process ID - 14156 [12-07-2023 00:51:21] Process Exited: Process Name - winlogon.exe Process ID - 15452 [12-07-2023 00:51:23] New process found: Process Name - csrss.exe Process ID - 8404 Process Identity - SYSTEM [12-07-2023 00:51:23] New process found: Process Name - winlogon.exe Process ID - 16108 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:51:25] New process found: Process Name - LogonUI.exe Process ID - 10692 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:51:25] New process found: Process Name - dwm.exe Process ID - 780 Process Identity - Window Manager\DWM-4 [12-07-2023 00:51:26] Process Exited: Process Name - w3wp.exe Process ID - 11412 Web application pool name - adminportal.perfectbread.com(domain)(4.0)(pool) [12-07-2023 00:51:26] Process Exited: Process Name - conhost.exe Process ID - 11520 [12-07-2023 00:51:36] Process Exited: Process Name - dwm.exe Process ID - 780 [12-07-2023 00:51:36] Process Exited: Process Name - csrss.exe Process ID - 8404 [12-07-2023 00:51:36] Process Exited: Process Name - LogonUI.exe Process ID - 10692 [12-07-2023 00:51:36] Process Exited: Process Name - winlogon.exe Process ID - 16108 [12-07-2023 00:51:38] New process found: Process Name - csrss.exe Process ID - 2556 Process Identity - SYSTEM [12-07-2023 00:51:38] New process found: Process Name - winlogon.exe Process ID - 8700 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:51:41] New process found: Process Name - LogonUI.exe Process ID - 15792 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:51:41] New process found: Process Name - dwm.exe Process ID - 5088 Process Identity - Window Manager\DWM-4 [12-07-2023 00:51:51] Process Exited: Process Name - csrss.exe Process ID - 2556 [12-07-2023 00:51:51] Process Exited: Process Name - dwm.exe Process ID - 5088 [12-07-2023 00:51:51] Process Exited: Process Name - winlogon.exe Process ID - 8700 [12-07-2023 00:51:51] Process Exited: Process Name - LogonUI.exe Process ID - 15792 [12-07-2023 00:51:54] New process found: Process Name - csrss.exe Process ID - 10688 Process Identity - SYSTEM [12-07-2023 00:51:54] New process found: Process Name - winlogon.exe Process ID - 1860 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:51:56] New process found: Process Name - LogonUI.exe Process ID - 10296 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:51:56] New process found: Process Name - dwm.exe Process ID - 13232 Process Identity - Window Manager\DWM-4 [12-07-2023 00:52:08] Process Exited: Process Name - winlogon.exe Process ID - 1860 [12-07-2023 00:52:08] Process Exited: Process Name - LogonUI.exe Process ID - 10296 [12-07-2023 00:52:08] Process Exited: Process Name - csrss.exe Process ID - 10688 [12-07-2023 00:52:08] Process Exited: Process Name - dwm.exe Process ID - 13232 [12-07-2023 00:52:11] New process found: Process Name - csrss.exe Process ID - 14848 Process Identity - SYSTEM [12-07-2023 00:52:11] New process found: Process Name - winlogon.exe Process ID - 12644 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:52:13] New process found: Process Name - LogonUI.exe Process ID - 10568 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:52:13] New process found: Process Name - dwm.exe Process ID - 15372 Process Identity - Window Manager\DWM-4 [12-07-2023 00:52:17] New process found: Process Name - w3wp.exe Process ID - 10044 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 00:52:17] Process Exited: Process Name - w3wp.exe Process ID - 16240 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 00:52:24] Process Exited: Process Name - LogonUI.exe Process ID - 10568 [12-07-2023 00:52:24] Process Exited: Process Name - winlogon.exe Process ID - 12644 [12-07-2023 00:52:24] Process Exited: Process Name - csrss.exe Process ID - 14848 [12-07-2023 00:52:24] Process Exited: Process Name - dwm.exe Process ID - 15372 [12-07-2023 00:52:30] New process found: Process Name - csrss.exe Process ID - 11380 Process Identity - SYSTEM [12-07-2023 00:52:30] New process found: Process Name - winlogon.exe Process ID - 9232 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:52:32] New process found: Process Name - LogonUI.exe Process ID - 15068 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:52:32] New process found: Process Name - dwm.exe Process ID - 16192 Process Identity - Window Manager\DWM-4 [12-07-2023 00:52:39] Process Exited: Process Name - winlogon.exe Process ID - 9232 [12-07-2023 00:52:39] Process Exited: Process Name - csrss.exe Process ID - 11380 [12-07-2023 00:52:39] Process Exited: Process Name - LogonUI.exe Process ID - 15068 [12-07-2023 00:52:39] Process Exited: Process Name - dwm.exe Process ID - 16192 [12-07-2023 00:52:43] New process found: Process Name - csrss.exe Process ID - 1688 Process Identity - SYSTEM [12-07-2023 00:52:43] New process found: Process Name - winlogon.exe Process ID - 11184 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:52:45] New process found: Process Name - LogonUI.exe Process ID - 12696 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:52:45] New process found: Process Name - dwm.exe Process ID - 16248 Process Identity - Window Manager\DWM-4 [12-07-2023 00:52:54] Process Exited: Process Name - csrss.exe Process ID - 1688 [12-07-2023 00:52:54] Process Exited: Process Name - winlogon.exe Process ID - 11184 [12-07-2023 00:52:54] Process Exited: Process Name - LogonUI.exe Process ID - 12696 [12-07-2023 00:52:54] Process Exited: Process Name - dwm.exe Process ID - 16248 [12-07-2023 00:52:58] New process found: Process Name - csrss.exe Process ID - 10020 Process Identity - SYSTEM [12-07-2023 00:52:58] New process found: Process Name - winlogon.exe Process ID - 12660 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:53:00] New process found: Process Name - LogonUI.exe Process ID - 7628 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:53:00] New process found: Process Name - dwm.exe Process ID - 10228 Process Identity - Window Manager\DWM-4 [12-07-2023 00:53:09] Process Exited: Process Name - LogonUI.exe Process ID - 7628 [12-07-2023 00:53:09] Process Exited: Process Name - csrss.exe Process ID - 10020 [12-07-2023 00:53:09] Process Exited: Process Name - dwm.exe Process ID - 10228 [12-07-2023 00:53:09] Process Exited: Process Name - winlogon.exe Process ID - 12660 [12-07-2023 00:53:14] New process found: Process Name - csrss.exe Process ID - 12988 Process Identity - SYSTEM [12-07-2023 00:53:14] New process found: Process Name - winlogon.exe Process ID - 6196 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:53:17] New process found: Process Name - LogonUI.exe Process ID - 9408 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:53:17] New process found: Process Name - dwm.exe Process ID - 14744 Process Identity - Window Manager\DWM-4 [12-07-2023 00:53:25] Process Exited: Process Name - winlogon.exe Process ID - 6196 [12-07-2023 00:53:25] Process Exited: Process Name - LogonUI.exe Process ID - 9408 [12-07-2023 00:53:25] Process Exited: Process Name - csrss.exe Process ID - 12988 [12-07-2023 00:53:25] Process Exited: Process Name - dwm.exe Process ID - 14744 [12-07-2023 00:53:28] New process found: Process Name - csrss.exe Process ID - 8392 Process Identity - SYSTEM [12-07-2023 00:53:28] New process found: Process Name - winlogon.exe Process ID - 8256 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:53:29] New process found: Process Name - LogonUI.exe Process ID - 11484 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:53:29] New process found: Process Name - dwm.exe Process ID - 10016 Process Identity - Window Manager\DWM-4 [12-07-2023 00:53:40] Process Exited: Process Name - winlogon.exe Process ID - 8256 [12-07-2023 00:53:40] Process Exited: Process Name - csrss.exe Process ID - 8392 [12-07-2023 00:53:40] Process Exited: Process Name - dwm.exe Process ID - 10016 [12-07-2023 00:53:40] Process Exited: Process Name - LogonUI.exe Process ID - 11484 [12-07-2023 00:53:43] New process found: Process Name - csrss.exe Process ID - 15924 Process Identity - SYSTEM [12-07-2023 00:53:43] New process found: Process Name - winlogon.exe Process ID - 14212 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:53:44] New process found: Process Name - LogonUI.exe Process ID - 11960 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:53:44] New process found: Process Name - dwm.exe Process ID - 1904 Process Identity - Window Manager\DWM-4 [12-07-2023 00:53:51] New process found: Process Name - w3wp.exe Process ID - 1844 Process Identity - KSHITIJSINGHAL-\IWPD_7(cies) Web application pool name - adminportal.cies.org.in(domain)(4.0)(pool) [12-07-2023 00:53:52] New process found: Process Name - csc.exe Process ID - 6088 Process Identity - KSHITIJSINGHAL-\IWPD_7(cies) [12-07-2023 00:53:52] New process found: Process Name - conhost.exe Process ID - 14144 Process Identity - KSHITIJSINGHAL-\IWPD_7(cies) [12-07-2023 00:53:54] Process Exited: Process Name - csc.exe Process ID - 6088 [12-07-2023 00:53:54] Process Exited: Process Name - conhost.exe Process ID - 14144 [12-07-2023 00:53:55] New process found: Process Name - csc.exe Process ID - 6744 Process Identity - KSHITIJSINGHAL-\IWPD_7(cies) [12-07-2023 00:53:55] New process found: Process Name - conhost.exe Process ID - 4376 Process Identity - KSHITIJSINGHAL-\IWPD_7(cies) [12-07-2023 00:53:55] Process Exited: Process Name - dwm.exe Process ID - 1904 [12-07-2023 00:53:55] Process Exited: Process Name - LogonUI.exe Process ID - 11960 [12-07-2023 00:53:55] Process Exited: Process Name - winlogon.exe Process ID - 14212 [12-07-2023 00:53:55] Process Exited: Process Name - csrss.exe Process ID - 15924 [12-07-2023 00:53:56] Process Exited: Process Name - conhost.exe Process ID - 4376 [12-07-2023 00:53:56] Process Exited: Process Name - csc.exe Process ID - 6744 [12-07-2023 00:53:57] New process found: Process Name - csrss.exe Process ID - 8672 Process Identity - SYSTEM [12-07-2023 00:53:57] New process found: Process Name - winlogon.exe Process ID - 10172 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:54:00] New process found: Process Name - LogonUI.exe Process ID - 2488 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:54:00] New process found: Process Name - dwm.exe Process ID - 10824 Process Identity - Window Manager\DWM-4 [12-07-2023 00:54:10] Process Exited: Process Name - LogonUI.exe Process ID - 2488 [12-07-2023 00:54:10] Process Exited: Process Name - csrss.exe Process ID - 8672 [12-07-2023 00:54:10] Process Exited: Process Name - winlogon.exe Process ID - 10172 [12-07-2023 00:54:10] Process Exited: Process Name - dwm.exe Process ID - 10824 [12-07-2023 00:54:13] New process found: Process Name - csrss.exe Process ID - 15620 Process Identity - SYSTEM [12-07-2023 00:54:13] New process found: Process Name - winlogon.exe Process ID - 640 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:54:14] New process found: Process Name - LogonUI.exe Process ID - 9364 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:54:14] New process found: Process Name - dwm.exe Process ID - 12780 Process Identity - Window Manager\DWM-4 [12-07-2023 00:54:19] New process found: Process Name - w3wp.exe Process ID - 14896 Process Identity - KSHITIJSINGHAL-\IWPD_6(cies) Web application pool name - cies.org.in(domain)(4.0)(pool) [12-07-2023 00:54:26] Process Exited: Process Name - winlogon.exe Process ID - 640 [12-07-2023 00:54:26] Process Exited: Process Name - LogonUI.exe Process ID - 9364 [12-07-2023 00:54:26] Process Exited: Process Name - dwm.exe Process ID - 12780 [12-07-2023 00:54:26] Process Exited: Process Name - csrss.exe Process ID - 15620 [12-07-2023 00:54:28] New process found: Process Name - smss.exe Process ID - 13036 Process Identity - SYSTEM [12-07-2023 00:54:28] New process found: Process Name - csrss.exe Process ID - 15148 Process Identity - SYSTEM [12-07-2023 00:54:29] New process found: Process Name - winlogon.exe Process ID - 14384 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:54:29] Process Exited: Process Name - smss.exe Process ID - 13036 [12-07-2023 00:54:30] New process found: Process Name - LogonUI.exe Process ID - 11996 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:54:30] New process found: Process Name - dwm.exe Process ID - 8212 Process Identity - Window Manager\DWM-4 [12-07-2023 00:54:41] Process Exited: Process Name - dwm.exe Process ID - 8212 [12-07-2023 00:54:41] Process Exited: Process Name - LogonUI.exe Process ID - 11996 [12-07-2023 00:54:41] Process Exited: Process Name - winlogon.exe Process ID - 14384 [12-07-2023 00:54:41] Process Exited: Process Name - csrss.exe Process ID - 15148 [12-07-2023 00:54:44] New process found: Process Name - smss.exe Process ID - 840 Process Identity - SYSTEM [12-07-2023 00:54:44] New process found: Process Name - csrss.exe Process ID - 4212 Process Identity - SYSTEM [12-07-2023 00:54:45] New process found: Process Name - winlogon.exe Process ID - 6824 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:54:45] Process Exited: Process Name - smss.exe Process ID - 840 [12-07-2023 00:54:46] New process found: Process Name - LogonUI.exe Process ID - 15888 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:54:46] New process found: Process Name - dwm.exe Process ID - 10608 Process Identity - Window Manager\DWM-4 [12-07-2023 00:54:56] Process Exited: Process Name - csrss.exe Process ID - 4212 [12-07-2023 00:54:56] Process Exited: Process Name - winlogon.exe Process ID - 6824 [12-07-2023 00:54:56] Process Exited: Process Name - dwm.exe Process ID - 10608 [12-07-2023 00:54:56] Process Exited: Process Name - LogonUI.exe Process ID - 15888 [12-07-2023 00:55:00] New process found: Process Name - csrss.exe Process ID - 592 Process Identity - SYSTEM [12-07-2023 00:55:00] New process found: Process Name - winlogon.exe Process ID - 7280 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:55:02] New process found: Process Name - LogonUI.exe Process ID - 11160 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:55:02] New process found: Process Name - dwm.exe Process ID - 3876 Process Identity - Window Manager\DWM-4 [12-07-2023 00:55:08] Process Exited: Process Name - w3wp.exe Process ID - 8516 Web application pool name - capitalbooks-publishing.com(domain)(4.0)(pool) [12-07-2023 00:55:11] Process Exited: Process Name - csrss.exe Process ID - 592 [12-07-2023 00:55:11] Process Exited: Process Name - dwm.exe Process ID - 3876 [12-07-2023 00:55:11] Process Exited: Process Name - winlogon.exe Process ID - 7280 [12-07-2023 00:55:11] Process Exited: Process Name - LogonUI.exe Process ID - 11160 [12-07-2023 00:55:13] New process found: Process Name - csrss.exe Process ID - 5576 Process Identity - SYSTEM [12-07-2023 00:55:13] New process found: Process Name - winlogon.exe Process ID - 12140 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:55:14] New process found: Process Name - LogonUI.exe Process ID - 15192 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:55:14] New process found: Process Name - dwm.exe Process ID - 14240 Process Identity - Window Manager\DWM-4 [12-07-2023 00:55:27] Process Exited: Process Name - csrss.exe Process ID - 5576 [12-07-2023 00:55:27] Process Exited: Process Name - winlogon.exe Process ID - 12140 [12-07-2023 00:55:27] Process Exited: Process Name - dwm.exe Process ID - 14240 [12-07-2023 00:55:27] Process Exited: Process Name - LogonUI.exe Process ID - 15192 [12-07-2023 00:55:29] New process found: Process Name - csrss.exe Process ID - 14888 Process Identity - SYSTEM [12-07-2023 00:55:29] New process found: Process Name - winlogon.exe Process ID - 11788 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:55:30] New process found: Process Name - LogonUI.exe Process ID - 16156 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:55:30] New process found: Process Name - dwm.exe Process ID - 5072 Process Identity - Window Manager\DWM-4 [12-07-2023 00:55:41] Process Exited: Process Name - dwm.exe Process ID - 5072 [12-07-2023 00:55:41] Process Exited: Process Name - winlogon.exe Process ID - 11788 [12-07-2023 00:55:41] Process Exited: Process Name - LogonUI.exe Process ID - 16156 [12-07-2023 00:55:42] Process Exited: Process Name - csrss.exe Process ID - 14888 [12-07-2023 00:55:44] New process found: Process Name - csrss.exe Process ID - 8756 Process Identity - SYSTEM [12-07-2023 00:55:44] New process found: Process Name - winlogon.exe Process ID - 15676 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:55:45] New process found: Process Name - LogonUI.exe Process ID - 12680 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:55:45] New process found: Process Name - dwm.exe Process ID - 11468 Process Identity - Window Manager\DWM-4 [12-07-2023 00:55:57] Process Exited: Process Name - csrss.exe Process ID - 8756 [12-07-2023 00:55:57] Process Exited: Process Name - dwm.exe Process ID - 11468 [12-07-2023 00:55:57] Process Exited: Process Name - LogonUI.exe Process ID - 12680 [12-07-2023 00:55:57] Process Exited: Process Name - winlogon.exe Process ID - 15676 [12-07-2023 00:55:58] New process found: Process Name - csrss.exe Process ID - 12300 Process Identity - SYSTEM [12-07-2023 00:55:58] New process found: Process Name - winlogon.exe Process ID - 1760 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:55:59] New process found: Process Name - LogonUI.exe Process ID - 9020 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:55:59] New process found: Process Name - dwm.exe Process ID - 660 Process Identity - Window Manager\DWM-4 [12-07-2023 00:56:11] Process Exited: Process Name - LogonUI.exe Process ID - 9020 [12-07-2023 00:56:12] Process Exited: Process Name - dwm.exe Process ID - 660 [12-07-2023 00:56:12] Process Exited: Process Name - winlogon.exe Process ID - 1760 [12-07-2023 00:56:12] Process Exited: Process Name - csrss.exe Process ID - 12300 [12-07-2023 00:56:13] New process found: Process Name - csrss.exe Process ID - 11956 Process Identity - SYSTEM [12-07-2023 00:56:13] New process found: Process Name - winlogon.exe Process ID - 15168 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:56:14] New process found: Process Name - LogonUI.exe Process ID - 11116 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:56:14] New process found: Process Name - dwm.exe Process ID - 14112 Process Identity - Window Manager\DWM-4 [12-07-2023 00:56:27] New process found: Process Name - csrss.exe Process ID - 10364 Process Identity - SYSTEM [12-07-2023 00:56:27] New process found: Process Name - winlogon.exe Process ID - 13284 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:56:27] Process Exited: Process Name - LogonUI.exe Process ID - 11116 [12-07-2023 00:56:27] Process Exited: Process Name - csrss.exe Process ID - 11956 [12-07-2023 00:56:27] Process Exited: Process Name - dwm.exe Process ID - 14112 [12-07-2023 00:56:27] Process Exited: Process Name - winlogon.exe Process ID - 15168 [12-07-2023 00:56:28] New process found: Process Name - LogonUI.exe Process ID - 1344 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:56:28] New process found: Process Name - dwm.exe Process ID - 14956 Process Identity - Window Manager\DWM-4 [12-07-2023 00:56:41] Process Exited: Process Name - LogonUI.exe Process ID - 1344 [12-07-2023 00:56:42] Process Exited: Process Name - csrss.exe Process ID - 10364 [12-07-2023 00:56:42] Process Exited: Process Name - winlogon.exe Process ID - 13284 [12-07-2023 00:56:42] Process Exited: Process Name - dwm.exe Process ID - 14956 [12-07-2023 00:56:43] New process found: Process Name - csrss.exe Process ID - 15224 Process Identity - SYSTEM [12-07-2023 00:56:43] New process found: Process Name - winlogon.exe Process ID - 9100 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:56:43] New process found: Process Name - LogonUI.exe Process ID - 16072 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:56:43] New process found: Process Name - dwm.exe Process ID - 12408 Process Identity - Window Manager\DWM-4 [12-07-2023 00:56:56] Process Exited: Process Name - dwm.exe Process ID - 12408 [12-07-2023 00:56:56] Process Exited: Process Name - LogonUI.exe Process ID - 16072 [12-07-2023 00:56:57] New process found: Process Name - w3wp.exe Process ID - 14776 Process Identity - KSHITIJSINGHAL-\IWPD_33(acwits) Web application pool name - procurementwebnew.acwits.in(domain)(4.0)(pool) [12-07-2023 00:56:57] New process found: Process Name - conhost.exe Process ID - 11012 Process Identity - KSHITIJSINGHAL-\IWPD_33(acwits) [12-07-2023 00:56:57] Process Exited: Process Name - winlogon.exe Process ID - 9100 [12-07-2023 00:56:57] Process Exited: Process Name - csrss.exe Process ID - 15224 [12-07-2023 00:56:59] New process found: Process Name - csrss.exe Process ID - 5348 Process Identity - SYSTEM [12-07-2023 00:56:59] New process found: Process Name - winlogon.exe Process ID - 980 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:56:59] New process found: Process Name - LogonUI.exe Process ID - 14736 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:56:59] New process found: Process Name - dwm.exe Process ID - 13044 Process Identity - Window Manager\DWM-4 [12-07-2023 00:57:12] New process found: Process Name - csrss.exe Process ID - 12948 Process Identity - SYSTEM [12-07-2023 00:57:12] New process found: Process Name - winlogon.exe Process ID - 14628 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:57:12] Process Exited: Process Name - winlogon.exe Process ID - 980 [12-07-2023 00:57:12] Process Exited: Process Name - csrss.exe Process ID - 5348 [12-07-2023 00:57:12] Process Exited: Process Name - dwm.exe Process ID - 13044 [12-07-2023 00:57:12] Process Exited: Process Name - LogonUI.exe Process ID - 14736 [12-07-2023 00:57:15] New process found: Process Name - LogonUI.exe Process ID - 15720 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:57:15] New process found: Process Name - dwm.exe Process ID - 14000 Process Identity - Window Manager\DWM-4 [12-07-2023 00:57:17] New process found: Process Name - w3wp.exe Process ID - 12924 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 00:57:17] Process Exited: Process Name - w3wp.exe Process ID - 10044 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 00:57:23] Process Exited: Process Name - w3wp.exe Process ID - 8372 Web application pool name - kdb.acwits.in(domain)(4.0)(pool) [12-07-2023 00:57:23] Process Exited: Process Name - conhost.exe Process ID - 16284 [12-07-2023 00:57:25] New process found: Process Name - InstallAgent.exe Process ID - 8364 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 00:57:26] Process Exited: Process Name - dwm.exe Process ID - 14000 [12-07-2023 00:57:26] Process Exited: Process Name - winlogon.exe Process ID - 14628 [12-07-2023 00:57:26] Process Exited: Process Name - LogonUI.exe Process ID - 15720 [12-07-2023 00:57:27] New process found: Process Name - csrss.exe Process ID - 15596 Process Identity - SYSTEM [12-07-2023 00:57:27] New process found: Process Name - winlogon.exe Process ID - 16360 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:57:27] Process Exited: Process Name - csrss.exe Process ID - 12948 [12-07-2023 00:57:28] New process found: Process Name - LogonUI.exe Process ID - 6420 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:57:28] New process found: Process Name - dwm.exe Process ID - 14812 Process Identity - Window Manager\DWM-4 [12-07-2023 00:57:30] Process Exited: Process Name - InstallAgent.exe Process ID - 8364 [12-07-2023 00:57:41] Process Exited: Process Name - LogonUI.exe Process ID - 6420 [12-07-2023 00:57:41] Process Exited: Process Name - dwm.exe Process ID - 14812 [12-07-2023 00:57:41] Process Exited: Process Name - winlogon.exe Process ID - 16360 [12-07-2023 00:57:42] New process found: Process Name - csrss.exe Process ID - 15216 Process Identity - SYSTEM [12-07-2023 00:57:42] New process found: Process Name - winlogon.exe Process ID - 11780 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:57:42] Process Exited: Process Name - csrss.exe Process ID - 15596 [12-07-2023 00:57:43] New process found: Process Name - LogonUI.exe Process ID - 13720 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:57:43] New process found: Process Name - dwm.exe Process ID - 11444 Process Identity - Window Manager\DWM-4 [12-07-2023 00:57:56] Process Exited: Process Name - dwm.exe Process ID - 11444 [12-07-2023 00:57:56] Process Exited: Process Name - winlogon.exe Process ID - 11780 [12-07-2023 00:57:56] Process Exited: Process Name - LogonUI.exe Process ID - 13720 [12-07-2023 00:57:57] New process found: Process Name - csrss.exe Process ID - 10404 Process Identity - SYSTEM [12-07-2023 00:57:57] New process found: Process Name - winlogon.exe Process ID - 7332 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:57:57] Process Exited: Process Name - csrss.exe Process ID - 15216 [12-07-2023 00:57:58] New process found: Process Name - LogonUI.exe Process ID - 13600 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:57:58] New process found: Process Name - dwm.exe Process ID - 436 Process Identity - Window Manager\DWM-4 [12-07-2023 00:58:06] Process Exited: Process Name - w3wp.exe Process ID - 10900 Web application pool name - DefaultAppPool [12-07-2023 00:58:11] Process Exited: Process Name - LogonUI.exe Process ID - 13600 [12-07-2023 00:58:12] New process found: Process Name - csrss.exe Process ID - 8052 Process Identity - SYSTEM [12-07-2023 00:58:12] New process found: Process Name - winlogon.exe Process ID - 2080 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:58:12] Process Exited: Process Name - dwm.exe Process ID - 436 [12-07-2023 00:58:12] Process Exited: Process Name - winlogon.exe Process ID - 7332 [12-07-2023 00:58:12] Process Exited: Process Name - csrss.exe Process ID - 10404 [12-07-2023 00:58:14] New process found: Process Name - LogonUI.exe Process ID - 6848 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:58:14] New process found: Process Name - dwm.exe Process ID - 13084 Process Identity - Window Manager\DWM-4 [12-07-2023 00:58:15] Process Exited: Process Name - conhost.exe Process ID - 7700 [12-07-2023 00:58:15] Process Exited: Process Name - w3wp.exe Process ID - 13100 Web application pool name - kdbps.edu.in [12-07-2023 00:58:22] New process found: Process Name - w3wp.exe Process ID - 11476 Process Identity - KSHITIJSINGHAL-\IWPD_50(acwits) Web application pool name - adminmain.acwits.in(domain)(4.0)(pool) [12-07-2023 00:58:22] New process found: Process Name - conhost.exe Process ID - 13680 Process Identity - KSHITIJSINGHAL-\IWPD_50(acwits) [12-07-2023 00:58:26] Process Exited: Process Name - winlogon.exe Process ID - 2080 [12-07-2023 00:58:26] Process Exited: Process Name - LogonUI.exe Process ID - 6848 [12-07-2023 00:58:26] Process Exited: Process Name - csrss.exe Process ID - 8052 [12-07-2023 00:58:26] Process Exited: Process Name - dwm.exe Process ID - 13084 [12-07-2023 00:58:31] New process found: Process Name - csrss.exe Process ID - 3376 Process Identity - SYSTEM [12-07-2023 00:58:31] New process found: Process Name - winlogon.exe Process ID - 7492 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:58:31] New process found: Process Name - LogonUI.exe Process ID - 14260 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:58:31] New process found: Process Name - dwm.exe Process ID - 14240 Process Identity - Window Manager\DWM-4 [12-07-2023 00:58:41] Process Exited: Process Name - csrss.exe Process ID - 3376 [12-07-2023 00:58:41] Process Exited: Process Name - winlogon.exe Process ID - 7492 [12-07-2023 00:58:41] Process Exited: Process Name - dwm.exe Process ID - 14240 [12-07-2023 00:58:41] Process Exited: Process Name - LogonUI.exe Process ID - 14260 [12-07-2023 00:58:43] New process found: Process Name - csrss.exe Process ID - 16156 Process Identity - SYSTEM [12-07-2023 00:58:43] New process found: Process Name - winlogon.exe Process ID - 7984 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:58:45] New process found: Process Name - LogonUI.exe Process ID - 15308 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:58:45] New process found: Process Name - dwm.exe Process ID - 11876 Process Identity - Window Manager\DWM-4 [12-07-2023 00:58:54] New process found: Process Name - WmiPrvSE.exe Process ID - 5108 Process Identity - NT AUTHORITY\LOCAL SERVICE [12-07-2023 00:58:56] Process Exited: Process Name - winlogon.exe Process ID - 7984 [12-07-2023 00:58:56] Process Exited: Process Name - dwm.exe Process ID - 11876 [12-07-2023 00:58:56] Process Exited: Process Name - LogonUI.exe Process ID - 15308 [12-07-2023 00:58:56] Process Exited: Process Name - csrss.exe Process ID - 16156 [12-07-2023 00:58:57] New process found: Process Name - csrss.exe Process ID - 16240 Process Identity - SYSTEM [12-07-2023 00:58:57] New process found: Process Name - winlogon.exe Process ID - 16380 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:58:58] New process found: Process Name - LogonUI.exe Process ID - 12236 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:58:58] New process found: Process Name - dwm.exe Process ID - 14552 Process Identity - Window Manager\DWM-4 [12-07-2023 00:59:01] New process found: Process Name - WmiPrvSE.exe Process ID - 8508 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:59:11] Process Exited: Process Name - LogonUI.exe Process ID - 12236 [12-07-2023 00:59:11] Process Exited: Process Name - dwm.exe Process ID - 14552 [12-07-2023 00:59:11] Process Exited: Process Name - csrss.exe Process ID - 16240 [12-07-2023 00:59:11] Process Exited: Process Name - winlogon.exe Process ID - 16380 [12-07-2023 00:59:12] New process found: Process Name - csrss.exe Process ID - 15752 Process Identity - SYSTEM [12-07-2023 00:59:12] New process found: Process Name - winlogon.exe Process ID - 10644 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:59:13] New process found: Process Name - LogonUI.exe Process ID - 14824 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:59:13] New process found: Process Name - dwm.exe Process ID - 16160 Process Identity - Window Manager\DWM-4 [12-07-2023 00:59:26] Process Exited: Process Name - winlogon.exe Process ID - 10644 [12-07-2023 00:59:26] Process Exited: Process Name - LogonUI.exe Process ID - 14824 [12-07-2023 00:59:26] Process Exited: Process Name - csrss.exe Process ID - 15752 [12-07-2023 00:59:26] Process Exited: Process Name - dwm.exe Process ID - 16160 [12-07-2023 00:59:27] New process found: Process Name - csrss.exe Process ID - 10516 Process Identity - SYSTEM [12-07-2023 00:59:27] New process found: Process Name - winlogon.exe Process ID - 10544 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:59:28] New process found: Process Name - LogonUI.exe Process ID - 9760 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:59:28] New process found: Process Name - dwm.exe Process ID - 7480 Process Identity - Window Manager\DWM-4 [12-07-2023 00:59:41] Process Exited: Process Name - dwm.exe Process ID - 7480 [12-07-2023 00:59:41] Process Exited: Process Name - LogonUI.exe Process ID - 9760 [12-07-2023 00:59:41] Process Exited: Process Name - csrss.exe Process ID - 10516 [12-07-2023 00:59:41] Process Exited: Process Name - winlogon.exe Process ID - 10544 [12-07-2023 00:59:43] New process found: Process Name - smss.exe Process ID - 14292 Process Identity - SYSTEM [12-07-2023 00:59:43] New process found: Process Name - csrss.exe Process ID - 14744 Process Identity - SYSTEM [12-07-2023 00:59:44] New process found: Process Name - winlogon.exe Process ID - 608 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:59:44] New process found: Process Name - LogonUI.exe Process ID - 10596 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 00:59:44] New process found: Process Name - dwm.exe Process ID - 4008 Process Identity - Window Manager\DWM-4 [12-07-2023 00:59:44] Process Exited: Process Name - smss.exe Process ID - 14292 [12-07-2023 00:59:52] Process Exited: Process Name - w3wp.exe Process ID - 1844 Web application pool name - adminportal.cies.org.in(domain)(4.0)(pool) [12-07-2023 00:59:56] Process Exited: Process Name - winlogon.exe Process ID - 608 [12-07-2023 00:59:56] Process Exited: Process Name - dwm.exe Process ID - 4008 [12-07-2023 00:59:56] Process Exited: Process Name - LogonUI.exe Process ID - 10596 [12-07-2023 00:59:56] Process Exited: Process Name - csrss.exe Process ID - 14744 [12-07-2023 01:00:01] New process found: Process Name - csrss.exe Process ID - 2248 Process Identity - SYSTEM [12-07-2023 01:00:01] New process found: Process Name - winlogon.exe Process ID - 10440 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:00:03] New process found: Process Name - dwm.exe Process ID - 14028 Process Identity - Window Manager\DWM-4 [12-07-2023 01:00:03] New process found: Process Name - LogonUI.exe Process ID - 13044 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:00:12] Process Exited: Process Name - winlogon.exe Process ID - 10440 [12-07-2023 01:00:12] Process Exited: Process Name - LogonUI.exe Process ID - 13044 [12-07-2023 01:00:12] Process Exited: Process Name - dwm.exe Process ID - 14028 [12-07-2023 01:00:13] New process found: Process Name - w3wp.exe Process ID - 6984 Process Identity - KSHITIJSINGHAL-\IWPD_74(suryafla_aw) Web application pool name - suryaflame.com(domain)(4.0)(pool) [12-07-2023 01:00:13] New process found: Process Name - conhost.exe Process ID - 11608 Process Identity - KSHITIJSINGHAL-\IWPD_74(suryafla_aw) [12-07-2023 01:00:13] Process Exited: Process Name - csrss.exe Process ID - 2248 [12-07-2023 01:00:18] New process found: Process Name - csrss.exe Process ID - 9008 Process Identity - SYSTEM [12-07-2023 01:00:18] New process found: Process Name - winlogon.exe Process ID - 13872 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:00:20] New process found: Process Name - LogonUI.exe Process ID - 7464 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:00:20] New process found: Process Name - dwm.exe Process ID - 15720 Process Identity - Window Manager\DWM-4 [12-07-2023 01:00:22] Process Exited: Process Name - w3wp.exe Process ID - 14896 Web application pool name - cies.org.in(domain)(4.0)(pool) [12-07-2023 01:00:25] Process Exited: Process Name - WmiPrvSE.exe Process ID - 5108 [12-07-2023 01:00:25] Process Exited: Process Name - WmiPrvSE.exe Process ID - 8508 [12-07-2023 01:00:27] Process Exited: Process Name - LogonUI.exe Process ID - 7464 [12-07-2023 01:00:27] Process Exited: Process Name - winlogon.exe Process ID - 13872 [12-07-2023 01:00:27] Process Exited: Process Name - dwm.exe Process ID - 15720 [12-07-2023 01:00:28] Process Exited: Process Name - csrss.exe Process ID - 9008 [12-07-2023 01:00:29] New process found: Process Name - csrss.exe Process ID - 8948 Process Identity - SYSTEM [12-07-2023 01:00:29] New process found: Process Name - winlogon.exe Process ID - 13700 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:00:29] New process found: Process Name - LogonUI.exe Process ID - 13372 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:00:29] New process found: Process Name - dwm.exe Process ID - 7044 Process Identity - Window Manager\DWM-4 [12-07-2023 01:00:42] Process Exited: Process Name - dwm.exe Process ID - 7044 [12-07-2023 01:00:42] Process Exited: Process Name - csrss.exe Process ID - 8948 [12-07-2023 01:00:42] Process Exited: Process Name - LogonUI.exe Process ID - 13372 [12-07-2023 01:00:42] Process Exited: Process Name - winlogon.exe Process ID - 13700 [12-07-2023 01:00:43] New process found: Process Name - csrss.exe Process ID - 13368 Process Identity - SYSTEM [12-07-2023 01:00:43] New process found: Process Name - winlogon.exe Process ID - 11428 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:00:45] New process found: Process Name - LogonUI.exe Process ID - 12260 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:00:45] New process found: Process Name - dwm.exe Process ID - 15504 Process Identity - Window Manager\DWM-4 [12-07-2023 01:00:56] New process found: Process Name - w3wp.exe Process ID - 12080 Process Identity - KSHITIJSINGHAL-\IWPD_38(capitalbook) Web application pool name - capitalbooks-publishing.com(domain)(4.0)(pool) [12-07-2023 01:00:57] Process Exited: Process Name - winlogon.exe Process ID - 11428 [12-07-2023 01:00:57] Process Exited: Process Name - LogonUI.exe Process ID - 12260 [12-07-2023 01:00:57] Process Exited: Process Name - csrss.exe Process ID - 13368 [12-07-2023 01:00:57] Process Exited: Process Name - dwm.exe Process ID - 15504 [12-07-2023 01:00:59] New process found: Process Name - csrss.exe Process ID - 15528 Process Identity - SYSTEM [12-07-2023 01:00:59] New process found: Process Name - winlogon.exe Process ID - 15888 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:01:00] New process found: Process Name - LogonUI.exe Process ID - 9068 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:01:00] New process found: Process Name - dwm.exe Process ID - 14864 Process Identity - Window Manager\DWM-4 [12-07-2023 01:01:12] Process Exited: Process Name - LogonUI.exe Process ID - 9068 [12-07-2023 01:01:12] Process Exited: Process Name - dwm.exe Process ID - 14864 [12-07-2023 01:01:12] Process Exited: Process Name - csrss.exe Process ID - 15528 [12-07-2023 01:01:12] Process Exited: Process Name - winlogon.exe Process ID - 15888 [12-07-2023 01:01:17] New process found: Process Name - csrss.exe Process ID - 15412 Process Identity - SYSTEM [12-07-2023 01:01:17] New process found: Process Name - winlogon.exe Process ID - 12168 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:01:18] New process found: Process Name - LogonUI.exe Process ID - 8848 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:01:18] New process found: Process Name - dwm.exe Process ID - 1868 Process Identity - Window Manager\DWM-4 [12-07-2023 01:01:23] New process found: Process Name - w3wp.exe Process ID - 12200 Process Identity - IIS APPPOOL\kdbps.edu.in Web application pool name - kdbps.edu.in [12-07-2023 01:01:23] New process found: Process Name - conhost.exe Process ID - 8052 Process Identity - IIS APPPOOL\kdbps.edu.in [12-07-2023 01:01:27] Process Exited: Process Name - dwm.exe Process ID - 1868 [12-07-2023 01:01:27] Process Exited: Process Name - LogonUI.exe Process ID - 8848 [12-07-2023 01:01:27] Process Exited: Process Name - winlogon.exe Process ID - 12168 [12-07-2023 01:01:27] Process Exited: Process Name - csrss.exe Process ID - 15412 [12-07-2023 01:01:29] New process found: Process Name - csrss.exe Process ID - 11148 Process Identity - SYSTEM [12-07-2023 01:01:29] New process found: Process Name - winlogon.exe Process ID - 8520 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:01:30] New process found: Process Name - LogonUI.exe Process ID - 10960 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:01:30] New process found: Process Name - dwm.exe Process ID - 11064 Process Identity - Window Manager\DWM-4 [12-07-2023 01:01:42] Process Exited: Process Name - winlogon.exe Process ID - 8520 [12-07-2023 01:01:42] Process Exited: Process Name - LogonUI.exe Process ID - 10960 [12-07-2023 01:01:42] Process Exited: Process Name - dwm.exe Process ID - 11064 [12-07-2023 01:01:42] Process Exited: Process Name - csrss.exe Process ID - 11148 [12-07-2023 01:01:46] New process found: Process Name - csrss.exe Process ID - 14440 Process Identity - SYSTEM [12-07-2023 01:01:46] New process found: Process Name - winlogon.exe Process ID - 3640 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:01:48] New process found: Process Name - LogonUI.exe Process ID - 15860 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:01:48] New process found: Process Name - dwm.exe Process ID - 8296 Process Identity - Window Manager\DWM-4 [12-07-2023 01:01:57] Process Exited: Process Name - winlogon.exe Process ID - 3640 [12-07-2023 01:01:57] Process Exited: Process Name - dwm.exe Process ID - 8296 [12-07-2023 01:01:57] Process Exited: Process Name - csrss.exe Process ID - 14440 [12-07-2023 01:01:57] Process Exited: Process Name - LogonUI.exe Process ID - 15860 [12-07-2023 01:02:03] New process found: Process Name - csrss.exe Process ID - 2360 Process Identity - SYSTEM [12-07-2023 01:02:03] New process found: Process Name - winlogon.exe Process ID - 13756 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:02:04] New process found: Process Name - LogonUI.exe Process ID - 13816 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:02:04] New process found: Process Name - dwm.exe Process ID - 14448 Process Identity - Window Manager\DWM-4 [12-07-2023 01:02:13] Process Exited: Process Name - csrss.exe Process ID - 2360 [12-07-2023 01:02:13] Process Exited: Process Name - winlogon.exe Process ID - 13756 [12-07-2023 01:02:13] Process Exited: Process Name - LogonUI.exe Process ID - 13816 [12-07-2023 01:02:13] Process Exited: Process Name - dwm.exe Process ID - 14448 [12-07-2023 01:02:19] New process found: Process Name - csrss.exe Process ID - 6216 Process Identity - SYSTEM [12-07-2023 01:02:19] New process found: Process Name - winlogon.exe Process ID - 10732 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:02:19] New process found: Process Name - w3wp.exe Process ID - 3332 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 01:02:19] Process Exited: Process Name - w3wp.exe Process ID - 12924 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 01:02:21] New process found: Process Name - LogonUI.exe Process ID - 9164 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:02:21] New process found: Process Name - dwm.exe Process ID - 3416 Process Identity - Window Manager\DWM-4 [12-07-2023 01:02:29] Process Exited: Process Name - dwm.exe Process ID - 3416 [12-07-2023 01:02:29] Process Exited: Process Name - csrss.exe Process ID - 6216 [12-07-2023 01:02:29] Process Exited: Process Name - LogonUI.exe Process ID - 9164 [12-07-2023 01:02:29] Process Exited: Process Name - winlogon.exe Process ID - 10732 [12-07-2023 01:02:32] New process found: Process Name - csrss.exe Process ID - 8412 Process Identity - SYSTEM [12-07-2023 01:02:32] New process found: Process Name - winlogon.exe Process ID - 11280 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:02:35] New process found: Process Name - LogonUI.exe Process ID - 16340 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:02:35] New process found: Process Name - dwm.exe Process ID - 12524 Process Identity - Window Manager\DWM-4 [12-07-2023 01:02:45] Process Exited: Process Name - csrss.exe Process ID - 8412 [12-07-2023 01:02:45] Process Exited: Process Name - winlogon.exe Process ID - 11280 [12-07-2023 01:02:45] Process Exited: Process Name - dwm.exe Process ID - 12524 [12-07-2023 01:02:45] Process Exited: Process Name - LogonUI.exe Process ID - 16340 [12-07-2023 01:02:48] New process found: Process Name - csrss.exe Process ID - 15148 Process Identity - SYSTEM [12-07-2023 01:02:48] New process found: Process Name - winlogon.exe Process ID - 7572 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:02:50] New process found: Process Name - LogonUI.exe Process ID - 15256 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:02:50] New process found: Process Name - dwm.exe Process ID - 12568 Process Identity - Window Manager\DWM-4 [12-07-2023 01:02:59] Process Exited: Process Name - conhost.exe Process ID - 11012 [12-07-2023 01:02:59] Process Exited: Process Name - w3wp.exe Process ID - 14776 Web application pool name - procurementwebnew.acwits.in(domain)(4.0)(pool) [12-07-2023 01:03:01] Process Exited: Process Name - winlogon.exe Process ID - 7572 [12-07-2023 01:03:01] Process Exited: Process Name - dwm.exe Process ID - 12568 [12-07-2023 01:03:01] Process Exited: Process Name - csrss.exe Process ID - 15148 [12-07-2023 01:03:01] Process Exited: Process Name - LogonUI.exe Process ID - 15256 [12-07-2023 01:03:04] New process found: Process Name - csrss.exe Process ID - 11660 Process Identity - SYSTEM [12-07-2023 01:03:04] New process found: Process Name - winlogon.exe Process ID - 15512 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:03:05] New process found: Process Name - LogonUI.exe Process ID - 8576 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:03:05] New process found: Process Name - dwm.exe Process ID - 12596 Process Identity - Window Manager\DWM-4 [12-07-2023 01:03:16] Process Exited: Process Name - LogonUI.exe Process ID - 8576 [12-07-2023 01:03:16] Process Exited: Process Name - csrss.exe Process ID - 11660 [12-07-2023 01:03:16] Process Exited: Process Name - dwm.exe Process ID - 12596 [12-07-2023 01:03:16] Process Exited: Process Name - winlogon.exe Process ID - 15512 [12-07-2023 01:03:22] New process found: Process Name - csrss.exe Process ID - 792 Process Identity - SYSTEM [12-07-2023 01:03:22] New process found: Process Name - winlogon.exe Process ID - 2248 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:03:24] New process found: Process Name - LogonUI.exe Process ID - 15304 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:03:24] New process found: Process Name - dwm.exe Process ID - 10824 Process Identity - Window Manager\DWM-4 [12-07-2023 01:03:32] Process Exited: Process Name - csrss.exe Process ID - 792 [12-07-2023 01:03:32] Process Exited: Process Name - winlogon.exe Process ID - 2248 [12-07-2023 01:03:32] Process Exited: Process Name - dwm.exe Process ID - 10824 [12-07-2023 01:03:32] Process Exited: Process Name - LogonUI.exe Process ID - 15304 [12-07-2023 01:03:34] New process found: Process Name - csrss.exe Process ID - 15436 Process Identity - SYSTEM [12-07-2023 01:03:34] New process found: Process Name - winlogon.exe Process ID - 14560 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:03:37] New process found: Process Name - LogonUI.exe Process ID - 2428 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:03:37] New process found: Process Name - dwm.exe Process ID - 11924 Process Identity - Window Manager\DWM-4 [12-07-2023 01:03:47] Process Exited: Process Name - LogonUI.exe Process ID - 2428 [12-07-2023 01:03:47] Process Exited: Process Name - dwm.exe Process ID - 11924 [12-07-2023 01:03:47] Process Exited: Process Name - winlogon.exe Process ID - 14560 [12-07-2023 01:03:47] Process Exited: Process Name - csrss.exe Process ID - 15436 [12-07-2023 01:03:50] New process found: Process Name - csrss.exe Process ID - 5348 Process Identity - SYSTEM [12-07-2023 01:03:50] New process found: Process Name - winlogon.exe Process ID - 10244 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:03:52] New process found: Process Name - LogonUI.exe Process ID - 6376 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:03:52] New process found: Process Name - dwm.exe Process ID - 11112 Process Identity - Window Manager\DWM-4 [12-07-2023 01:04:02] Process Exited: Process Name - LogonUI.exe Process ID - 6376 [12-07-2023 01:04:02] Process Exited: Process Name - winlogon.exe Process ID - 10244 [12-07-2023 01:04:02] Process Exited: Process Name - dwm.exe Process ID - 11112 [12-07-2023 01:04:03] Process Exited: Process Name - csrss.exe Process ID - 5348 [12-07-2023 01:04:05] New process found: Process Name - csrss.exe Process ID - 13256 Process Identity - SYSTEM [12-07-2023 01:04:05] New process found: Process Name - winlogon.exe Process ID - 8560 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:04:06] New process found: Process Name - LogonUI.exe Process ID - 15620 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:04:06] New process found: Process Name - dwm.exe Process ID - 10636 Process Identity - Window Manager\DWM-4 [12-07-2023 01:04:18] Process Exited: Process Name - LogonUI.exe Process ID - 15620 [12-07-2023 01:04:19] Process Exited: Process Name - winlogon.exe Process ID - 8560 [12-07-2023 01:04:19] Process Exited: Process Name - dwm.exe Process ID - 10636 [12-07-2023 01:04:19] Process Exited: Process Name - csrss.exe Process ID - 13256 [12-07-2023 01:04:21] New process found: Process Name - csrss.exe Process ID - 15876 Process Identity - SYSTEM [12-07-2023 01:04:21] New process found: Process Name - winlogon.exe Process ID - 6248 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:04:24] New process found: Process Name - LogonUI.exe Process ID - 7532 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:04:24] New process found: Process Name - dwm.exe Process ID - 12324 Process Identity - Window Manager\DWM-4 [12-07-2023 01:04:24] Process Exited: Process Name - w3wp.exe Process ID - 11476 Web application pool name - adminmain.acwits.in(domain)(4.0)(pool) [12-07-2023 01:04:24] Process Exited: Process Name - conhost.exe Process ID - 13680 [12-07-2023 01:04:34] Process Exited: Process Name - winlogon.exe Process ID - 6248 [12-07-2023 01:04:34] Process Exited: Process Name - LogonUI.exe Process ID - 7532 [12-07-2023 01:04:34] Process Exited: Process Name - dwm.exe Process ID - 12324 [12-07-2023 01:04:34] Process Exited: Process Name - csrss.exe Process ID - 15876 [12-07-2023 01:04:36] New process found: Process Name - csrss.exe Process ID - 13248 Process Identity - SYSTEM [12-07-2023 01:04:36] New process found: Process Name - winlogon.exe Process ID - 11092 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:04:39] New process found: Process Name - LogonUI.exe Process ID - 13008 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:04:39] New process found: Process Name - dwm.exe Process ID - 7788 Process Identity - Window Manager\DWM-4 [12-07-2023 01:04:46] Process Exited: Process Name - php-cgi.exe Process ID - 6708 [12-07-2023 01:04:48] Process Exited: Process Name - w3wp.exe Process ID - 12884 Web application pool name - PleskControlPanel [12-07-2023 01:04:49] Process Exited: Process Name - dwm.exe Process ID - 7788 [12-07-2023 01:04:49] Process Exited: Process Name - winlogon.exe Process ID - 11092 [12-07-2023 01:04:49] Process Exited: Process Name - LogonUI.exe Process ID - 13008 [12-07-2023 01:04:49] Process Exited: Process Name - csrss.exe Process ID - 13248 [12-07-2023 01:04:53] New process found: Process Name - csrss.exe Process ID - 3876 Process Identity - SYSTEM [12-07-2023 01:04:53] New process found: Process Name - winlogon.exe Process ID - 8908 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:04:54] New process found: Process Name - LogonUI.exe Process ID - 14284 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:04:54] New process found: Process Name - dwm.exe Process ID - 6272 Process Identity - Window Manager\DWM-4 [12-07-2023 01:05:04] Process Exited: Process Name - csrss.exe Process ID - 3876 [12-07-2023 01:05:04] Process Exited: Process Name - dwm.exe Process ID - 6272 [12-07-2023 01:05:04] Process Exited: Process Name - winlogon.exe Process ID - 8908 [12-07-2023 01:05:04] Process Exited: Process Name - LogonUI.exe Process ID - 14284 [12-07-2023 01:05:05] Process Exited: Process Name - w3wp.exe Process ID - 14832 Web application pool name - galaxytools.in [12-07-2023 01:05:07] New process found: Process Name - csrss.exe Process ID - 14192 Process Identity - SYSTEM [12-07-2023 01:05:07] New process found: Process Name - winlogon.exe Process ID - 16052 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:05:09] New process found: Process Name - LogonUI.exe Process ID - 2324 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:05:09] New process found: Process Name - dwm.exe Process ID - 11144 Process Identity - Window Manager\DWM-4 [12-07-2023 01:05:20] Process Exited: Process Name - LogonUI.exe Process ID - 2324 [12-07-2023 01:05:20] Process Exited: Process Name - dwm.exe Process ID - 11144 [12-07-2023 01:05:20] Process Exited: Process Name - csrss.exe Process ID - 14192 [12-07-2023 01:05:20] Process Exited: Process Name - winlogon.exe Process ID - 16052 [12-07-2023 01:05:22] New process found: Process Name - csrss.exe Process ID - 6780 Process Identity - SYSTEM [12-07-2023 01:05:22] New process found: Process Name - winlogon.exe Process ID - 14152 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:05:23] New process found: Process Name - LogonUI.exe Process ID - 15496 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:05:23] New process found: Process Name - dwm.exe Process ID - 3860 Process Identity - Window Manager\DWM-4 [12-07-2023 01:05:35] Process Exited: Process Name - dwm.exe Process ID - 3860 [12-07-2023 01:05:35] Process Exited: Process Name - csrss.exe Process ID - 6780 [12-07-2023 01:05:35] Process Exited: Process Name - winlogon.exe Process ID - 14152 [12-07-2023 01:05:35] Process Exited: Process Name - LogonUI.exe Process ID - 15496 [12-07-2023 01:05:40] New process found: Process Name - csrss.exe Process ID - 3468 Process Identity - SYSTEM [12-07-2023 01:05:40] New process found: Process Name - winlogon.exe Process ID - 10416 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:05:41] New process found: Process Name - LogonUI.exe Process ID - 15668 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:05:41] New process found: Process Name - dwm.exe Process ID - 16240 Process Identity - Window Manager\DWM-4 [12-07-2023 01:05:50] Process Exited: Process Name - csrss.exe Process ID - 3468 [12-07-2023 01:05:50] Process Exited: Process Name - winlogon.exe Process ID - 10416 [12-07-2023 01:05:50] Process Exited: Process Name - LogonUI.exe Process ID - 15668 [12-07-2023 01:05:50] Process Exited: Process Name - dwm.exe Process ID - 16240 [12-07-2023 01:05:52] New process found: Process Name - csrss.exe Process ID - 15392 Process Identity - SYSTEM [12-07-2023 01:05:52] New process found: Process Name - winlogon.exe Process ID - 11540 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:05:53] New process found: Process Name - LogonUI.exe Process ID - 2968 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:05:53] New process found: Process Name - dwm.exe Process ID - 15356 Process Identity - Window Manager\DWM-4 [12-07-2023 01:06:00] New process found: Process Name - w3wp.exe Process ID - 10316 Process Identity - IIS APPPOOL\DefaultAppPool Web application pool name - DefaultAppPool [12-07-2023 01:06:03] New process found: Process Name - GoogleUpdate.exe Process ID - 7512 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:06:04] Process Exited: Process Name - GoogleUpdate.exe Process ID - 7512 [12-07-2023 01:06:06] Process Exited: Process Name - LogonUI.exe Process ID - 2968 [12-07-2023 01:06:06] Process Exited: Process Name - winlogon.exe Process ID - 11540 [12-07-2023 01:06:06] Process Exited: Process Name - dwm.exe Process ID - 15356 [12-07-2023 01:06:06] Process Exited: Process Name - csrss.exe Process ID - 15392 [12-07-2023 01:06:10] New process found: Process Name - csrss.exe Process ID - 10516 Process Identity - SYSTEM [12-07-2023 01:06:10] New process found: Process Name - winlogon.exe Process ID - 12624 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:06:14] New process found: Process Name - LogonUI.exe Process ID - 12524 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:06:14] New process found: Process Name - dwm.exe Process ID - 14376 Process Identity - Window Manager\DWM-4 [12-07-2023 01:06:22] Process Exited: Process Name - csrss.exe Process ID - 10516 [12-07-2023 01:06:22] Process Exited: Process Name - LogonUI.exe Process ID - 12524 [12-07-2023 01:06:22] Process Exited: Process Name - winlogon.exe Process ID - 12624 [12-07-2023 01:06:22] Process Exited: Process Name - dwm.exe Process ID - 14376 [12-07-2023 01:06:23] New process found: Process Name - smss.exe Process ID - 16116 Process Identity - SYSTEM [12-07-2023 01:06:24] New process found: Process Name - csrss.exe Process ID - 15848 Process Identity - SYSTEM [12-07-2023 01:06:24] New process found: Process Name - winlogon.exe Process ID - 6280 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:06:24] New process found: Process Name - LogonUI.exe Process ID - 14984 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:06:24] New process found: Process Name - dwm.exe Process ID - 7164 Process Identity - Window Manager\DWM-4 [12-07-2023 01:06:24] Process Exited: Process Name - smss.exe Process ID - 16116 [12-07-2023 01:06:37] Process Exited: Process Name - winlogon.exe Process ID - 6280 [12-07-2023 01:06:37] Process Exited: Process Name - dwm.exe Process ID - 7164 [12-07-2023 01:06:37] Process Exited: Process Name - LogonUI.exe Process ID - 14984 [12-07-2023 01:06:37] Process Exited: Process Name - csrss.exe Process ID - 15848 [12-07-2023 01:06:39] New process found: Process Name - csrss.exe Process ID - 9692 Process Identity - SYSTEM [12-07-2023 01:06:39] New process found: Process Name - winlogon.exe Process ID - 2420 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:06:41] New process found: Process Name - LogonUI.exe Process ID - 15852 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:06:41] New process found: Process Name - dwm.exe Process ID - 6992 Process Identity - Window Manager\DWM-4 [12-07-2023 01:06:52] Process Exited: Process Name - winlogon.exe Process ID - 2420 [12-07-2023 01:06:52] Process Exited: Process Name - dwm.exe Process ID - 6992 [12-07-2023 01:06:52] Process Exited: Process Name - csrss.exe Process ID - 9692 [12-07-2023 01:06:52] Process Exited: Process Name - LogonUI.exe Process ID - 15852 [12-07-2023 01:06:54] New process found: Process Name - csrss.exe Process ID - 1428 Process Identity - SYSTEM [12-07-2023 01:06:54] New process found: Process Name - winlogon.exe Process ID - 3364 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:06:55] New process found: Process Name - LogonUI.exe Process ID - 11508 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:06:55] New process found: Process Name - dwm.exe Process ID - 10012 Process Identity - Window Manager\DWM-4 [12-07-2023 01:07:07] Process Exited: Process Name - csrss.exe Process ID - 1428 [12-07-2023 01:07:07] Process Exited: Process Name - winlogon.exe Process ID - 3364 [12-07-2023 01:07:07] Process Exited: Process Name - dwm.exe Process ID - 10012 [12-07-2023 01:07:07] Process Exited: Process Name - LogonUI.exe Process ID - 11508 [12-07-2023 01:07:08] New process found: Process Name - smss.exe Process ID - 15908 Process Identity - SYSTEM [12-07-2023 01:07:08] New process found: Process Name - csrss.exe Process ID - 12280 Process Identity - SYSTEM [12-07-2023 01:07:09] New process found: Process Name - winlogon.exe Process ID - 14936 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:07:09] New process found: Process Name - LogonUI.exe Process ID - 14304 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:07:09] New process found: Process Name - dwm.exe Process ID - 13976 Process Identity - Window Manager\DWM-4 [12-07-2023 01:07:09] Process Exited: Process Name - smss.exe Process ID - 15908 [12-07-2023 01:07:20] New process found: Process Name - w3wp.exe Process ID - 7388 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 01:07:20] Process Exited: Process Name - w3wp.exe Process ID - 3332 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 01:07:22] Process Exited: Process Name - csrss.exe Process ID - 12280 [12-07-2023 01:07:22] Process Exited: Process Name - dwm.exe Process ID - 13976 [12-07-2023 01:07:22] Process Exited: Process Name - LogonUI.exe Process ID - 14304 [12-07-2023 01:07:22] Process Exited: Process Name - winlogon.exe Process ID - 14936 [12-07-2023 01:07:25] New process found: Process Name - csrss.exe Process ID - 5648 Process Identity - SYSTEM [12-07-2023 01:07:25] New process found: Process Name - winlogon.exe Process ID - 1640 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:07:26] New process found: Process Name - LogonUI.exe Process ID - 4900 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:07:26] New process found: Process Name - dwm.exe Process ID - 13892 Process Identity - Window Manager\DWM-4 [12-07-2023 01:07:39] Process Exited: Process Name - winlogon.exe Process ID - 1640 [12-07-2023 01:07:39] Process Exited: Process Name - LogonUI.exe Process ID - 4900 [12-07-2023 01:07:39] Process Exited: Process Name - csrss.exe Process ID - 5648 [12-07-2023 01:07:39] Process Exited: Process Name - dwm.exe Process ID - 13892 [12-07-2023 01:07:44] New process found: Process Name - csrss.exe Process ID - 11512 Process Identity - SYSTEM [12-07-2023 01:07:44] New process found: Process Name - winlogon.exe Process ID - 5348 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:07:45] New process found: Process Name - LogonUI.exe Process ID - 9092 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:07:45] New process found: Process Name - dwm.exe Process ID - 7100 Process Identity - Window Manager\DWM-4 [12-07-2023 01:07:54] New process found: Process Name - w3wp.exe Process ID - 15620 Process Identity - IIS APPPOOL\adminportal.galaxytools.in Web application pool name - adminportal.galaxytools.in [12-07-2023 01:07:54] Process Exited: Process Name - winlogon.exe Process ID - 5348 [12-07-2023 01:07:54] Process Exited: Process Name - dwm.exe Process ID - 7100 [12-07-2023 01:07:54] Process Exited: Process Name - LogonUI.exe Process ID - 9092 [12-07-2023 01:07:54] Process Exited: Process Name - csrss.exe Process ID - 11512 [12-07-2023 01:07:56] New process found: Process Name - csrss.exe Process ID - 14604 Process Identity - SYSTEM [12-07-2023 01:07:56] New process found: Process Name - winlogon.exe Process ID - 5640 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:07:59] New process found: Process Name - LogonUI.exe Process ID - 12772 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:07:59] New process found: Process Name - dwm.exe Process ID - 2556 Process Identity - Window Manager\DWM-4 [12-07-2023 01:08:09] Process Exited: Process Name - dwm.exe Process ID - 2556 [12-07-2023 01:08:09] Process Exited: Process Name - winlogon.exe Process ID - 5640 [12-07-2023 01:08:09] Process Exited: Process Name - LogonUI.exe Process ID - 12772 [12-07-2023 01:08:09] Process Exited: Process Name - csrss.exe Process ID - 14604 [12-07-2023 01:08:12] New process found: Process Name - csrss.exe Process ID - 9780 Process Identity - SYSTEM [12-07-2023 01:08:12] New process found: Process Name - winlogon.exe Process ID - 16244 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:08:13] New process found: Process Name - LogonUI.exe Process ID - 14352 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:08:13] New process found: Process Name - dwm.exe Process ID - 15228 Process Identity - Window Manager\DWM-4 [12-07-2023 01:08:24] Process Exited: Process Name - csrss.exe Process ID - 9780 [12-07-2023 01:08:24] Process Exited: Process Name - LogonUI.exe Process ID - 14352 [12-07-2023 01:08:24] Process Exited: Process Name - dwm.exe Process ID - 15228 [12-07-2023 01:08:24] Process Exited: Process Name - winlogon.exe Process ID - 16244 [12-07-2023 01:08:27] New process found: Process Name - csrss.exe Process ID - 13448 Process Identity - SYSTEM [12-07-2023 01:08:27] New process found: Process Name - winlogon.exe Process ID - 7848 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:08:29] New process found: Process Name - LogonUI.exe Process ID - 7860 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:08:29] New process found: Process Name - dwm.exe Process ID - 13108 Process Identity - Window Manager\DWM-4 [12-07-2023 01:08:39] Process Exited: Process Name - winlogon.exe Process ID - 7848 [12-07-2023 01:08:39] Process Exited: Process Name - LogonUI.exe Process ID - 7860 [12-07-2023 01:08:39] Process Exited: Process Name - dwm.exe Process ID - 13108 [12-07-2023 01:08:40] Process Exited: Process Name - csrss.exe Process ID - 13448 [12-07-2023 01:08:41] New process found: Process Name - smss.exe Process ID - 15488 Process Identity - SYSTEM [12-07-2023 01:08:41] New process found: Process Name - csrss.exe Process ID - 10548 Process Identity - SYSTEM [12-07-2023 01:08:42] New process found: Process Name - winlogon.exe Process ID - 968 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:08:42] New process found: Process Name - LogonUI.exe Process ID - 9316 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:08:42] New process found: Process Name - dwm.exe Process ID - 13908 Process Identity - Window Manager\DWM-4 [12-07-2023 01:08:42] Process Exited: Process Name - smss.exe Process ID - 15488 [12-07-2023 01:08:55] New process found: Process Name - WmiPrvSE.exe Process ID - 15584 Process Identity - NT AUTHORITY\LOCAL SERVICE [12-07-2023 01:08:55] Process Exited: Process Name - winlogon.exe Process ID - 968 [12-07-2023 01:08:55] Process Exited: Process Name - LogonUI.exe Process ID - 9316 [12-07-2023 01:08:55] Process Exited: Process Name - csrss.exe Process ID - 10548 [12-07-2023 01:08:55] Process Exited: Process Name - dwm.exe Process ID - 13908 [12-07-2023 01:08:59] New process found: Process Name - csrss.exe Process ID - 11776 Process Identity - SYSTEM [12-07-2023 01:08:59] New process found: Process Name - winlogon.exe Process ID - 14944 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:09:00] New process found: Process Name - LogonUI.exe Process ID - 2064 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:09:00] New process found: Process Name - dwm.exe Process ID - 3500 Process Identity - Window Manager\DWM-4 [12-07-2023 01:09:01] New process found: Process Name - WmiPrvSE.exe Process ID - 2808 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:09:10] Process Exited: Process Name - LogonUI.exe Process ID - 2064 [12-07-2023 01:09:10] Process Exited: Process Name - dwm.exe Process ID - 3500 [12-07-2023 01:09:10] Process Exited: Process Name - csrss.exe Process ID - 11776 [12-07-2023 01:09:10] Process Exited: Process Name - winlogon.exe Process ID - 14944 [12-07-2023 01:09:13] New process found: Process Name - csrss.exe Process ID - 14012 Process Identity - SYSTEM [12-07-2023 01:09:13] New process found: Process Name - winlogon.exe Process ID - 14860 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:09:14] New process found: Process Name - LogonUI.exe Process ID - 2824 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:09:14] New process found: Process Name - dwm.exe Process ID - 14852 Process Identity - Window Manager\DWM-4 [12-07-2023 01:09:25] Process Exited: Process Name - LogonUI.exe Process ID - 2824 [12-07-2023 01:09:25] Process Exited: Process Name - csrss.exe Process ID - 14012 [12-07-2023 01:09:25] Process Exited: Process Name - dwm.exe Process ID - 14852 [12-07-2023 01:09:25] Process Exited: Process Name - winlogon.exe Process ID - 14860 [12-07-2023 01:09:27] New process found: Process Name - csrss.exe Process ID - 3380 Process Identity - SYSTEM [12-07-2023 01:09:27] New process found: Process Name - winlogon.exe Process ID - 9532 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:09:28] New process found: Process Name - LogonUI.exe Process ID - 11260 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:09:28] New process found: Process Name - dwm.exe Process ID - 11828 Process Identity - Window Manager\DWM-4 [12-07-2023 01:09:40] Process Exited: Process Name - csrss.exe Process ID - 3380 [12-07-2023 01:09:40] Process Exited: Process Name - winlogon.exe Process ID - 9532 [12-07-2023 01:09:40] Process Exited: Process Name - LogonUI.exe Process ID - 11260 [12-07-2023 01:09:40] Process Exited: Process Name - dwm.exe Process ID - 11828 [12-07-2023 01:09:43] New process found: Process Name - csrss.exe Process ID - 16128 Process Identity - SYSTEM [12-07-2023 01:09:43] New process found: Process Name - winlogon.exe Process ID - 15480 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:09:44] New process found: Process Name - LogonUI.exe Process ID - 15328 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:09:44] New process found: Process Name - dwm.exe Process ID - 7784 Process Identity - Window Manager\DWM-4 [12-07-2023 01:09:56] Process Exited: Process Name - dwm.exe Process ID - 7784 [12-07-2023 01:09:56] Process Exited: Process Name - LogonUI.exe Process ID - 15328 [12-07-2023 01:09:56] Process Exited: Process Name - winlogon.exe Process ID - 15480 [12-07-2023 01:09:56] Process Exited: Process Name - csrss.exe Process ID - 16128 [12-07-2023 01:09:58] New process found: Process Name - csrss.exe Process ID - 10528 Process Identity - SYSTEM [12-07-2023 01:09:58] New process found: Process Name - winlogon.exe Process ID - 11420 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:10:00] New process found: Process Name - LogonUI.exe Process ID - 7124 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:10:00] New process found: Process Name - dwm.exe Process ID - 16152 Process Identity - Window Manager\DWM-4 [12-07-2023 01:10:11] Process Exited: Process Name - LogonUI.exe Process ID - 7124 [12-07-2023 01:10:11] Process Exited: Process Name - csrss.exe Process ID - 10528 [12-07-2023 01:10:11] Process Exited: Process Name - winlogon.exe Process ID - 11420 [12-07-2023 01:10:11] Process Exited: Process Name - dwm.exe Process ID - 16152 [12-07-2023 01:10:15] New process found: Process Name - csrss.exe Process ID - 932 Process Identity - SYSTEM [12-07-2023 01:10:15] New process found: Process Name - winlogon.exe Process ID - 12676 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:10:17] New process found: Process Name - LogonUI.exe Process ID - 7896 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:10:17] New process found: Process Name - dwm.exe Process ID - 11484 Process Identity - Window Manager\DWM-4 [12-07-2023 01:10:24] Process Exited: Process Name - WmiPrvSE.exe Process ID - 2808 [12-07-2023 01:10:24] Process Exited: Process Name - WmiPrvSE.exe Process ID - 15584 [12-07-2023 01:10:26] Process Exited: Process Name - csrss.exe Process ID - 932 [12-07-2023 01:10:26] Process Exited: Process Name - LogonUI.exe Process ID - 7896 [12-07-2023 01:10:26] Process Exited: Process Name - dwm.exe Process ID - 11484 [12-07-2023 01:10:26] Process Exited: Process Name - winlogon.exe Process ID - 12676 [12-07-2023 01:10:28] New process found: Process Name - csrss.exe Process ID - 12960 Process Identity - SYSTEM [12-07-2023 01:10:28] New process found: Process Name - winlogon.exe Process ID - 15148 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:10:29] New process found: Process Name - LogonUI.exe Process ID - 5404 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:10:29] New process found: Process Name - dwm.exe Process ID - 12876 Process Identity - Window Manager\DWM-4 [12-07-2023 01:10:41] Process Exited: Process Name - LogonUI.exe Process ID - 5404 [12-07-2023 01:10:41] Process Exited: Process Name - dwm.exe Process ID - 12876 [12-07-2023 01:10:41] Process Exited: Process Name - csrss.exe Process ID - 12960 [12-07-2023 01:10:41] Process Exited: Process Name - winlogon.exe Process ID - 15148 [12-07-2023 01:10:43] New process found: Process Name - csrss.exe Process ID - 8500 Process Identity - SYSTEM [12-07-2023 01:10:43] New process found: Process Name - winlogon.exe Process ID - 14292 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:10:44] New process found: Process Name - LogonUI.exe Process ID - 11656 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:10:44] New process found: Process Name - dwm.exe Process ID - 14456 Process Identity - Window Manager\DWM-4 [12-07-2023 01:10:56] Process Exited: Process Name - csrss.exe Process ID - 8500 [12-07-2023 01:10:56] Process Exited: Process Name - LogonUI.exe Process ID - 11656 [12-07-2023 01:10:56] Process Exited: Process Name - winlogon.exe Process ID - 14292 [12-07-2023 01:10:56] Process Exited: Process Name - dwm.exe Process ID - 14456 [12-07-2023 01:10:58] New process found: Process Name - smss.exe Process ID - 14308 Process Identity - SYSTEM [12-07-2023 01:10:59] New process found: Process Name - csrss.exe Process ID - 12172 Process Identity - SYSTEM [12-07-2023 01:10:59] New process found: Process Name - winlogon.exe Process ID - 7828 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:10:59] Process Exited: Process Name - smss.exe Process ID - 14308 [12-07-2023 01:11:00] New process found: Process Name - LogonUI.exe Process ID - 10440 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:11:00] New process found: Process Name - dwm.exe Process ID - 15664 Process Identity - Window Manager\DWM-4 [12-07-2023 01:11:12] Process Exited: Process Name - winlogon.exe Process ID - 7828 [12-07-2023 01:11:12] Process Exited: Process Name - LogonUI.exe Process ID - 10440 [12-07-2023 01:11:12] Process Exited: Process Name - csrss.exe Process ID - 12172 [12-07-2023 01:11:12] Process Exited: Process Name - dwm.exe Process ID - 15664 [12-07-2023 01:11:18] New process found: Process Name - csrss.exe Process ID - 7600 Process Identity - SYSTEM [12-07-2023 01:11:18] New process found: Process Name - winlogon.exe Process ID - 15176 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:11:19] New process found: Process Name - LogonUI.exe Process ID - 4900 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:11:19] New process found: Process Name - dwm.exe Process ID - 7944 Process Identity - Window Manager\DWM-4 [12-07-2023 01:11:27] Process Exited: Process Name - LogonUI.exe Process ID - 4900 [12-07-2023 01:11:27] Process Exited: Process Name - csrss.exe Process ID - 7600 [12-07-2023 01:11:27] Process Exited: Process Name - dwm.exe Process ID - 7944 [12-07-2023 01:11:27] Process Exited: Process Name - winlogon.exe Process ID - 15176 [12-07-2023 01:11:31] New process found: Process Name - csrss.exe Process ID - 6808 Process Identity - SYSTEM [12-07-2023 01:11:31] New process found: Process Name - winlogon.exe Process ID - 11412 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:11:33] New process found: Process Name - LogonUI.exe Process ID - 6616 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:11:33] New process found: Process Name - dwm.exe Process ID - 11564 Process Identity - Window Manager\DWM-4 [12-07-2023 01:11:46] New process found: Process Name - csrss.exe Process ID - 7880 Process Identity - SYSTEM [12-07-2023 01:11:46] New process found: Process Name - winlogon.exe Process ID - 11520 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:11:47] New process found: Process Name - LogonUI.exe Process ID - 11528 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:11:47] New process found: Process Name - dwm.exe Process ID - 5148 Process Identity - Window Manager\DWM-5 [12-07-2023 01:11:58] Process Exited: Process Name - dwm.exe Process ID - 5148 [12-07-2023 01:11:58] Process Exited: Process Name - csrss.exe Process ID - 7880 [12-07-2023 01:11:58] Process Exited: Process Name - winlogon.exe Process ID - 11520 [12-07-2023 01:11:58] Process Exited: Process Name - LogonUI.exe Process ID - 11528 [12-07-2023 01:12:03] Process Exited: Process Name - w3wp.exe Process ID - 10316 Web application pool name - DefaultAppPool [12-07-2023 01:12:04] Process Exited: Process Name - LogonUI.exe Process ID - 6616 [12-07-2023 01:12:04] Process Exited: Process Name - csrss.exe Process ID - 6808 [12-07-2023 01:12:04] Process Exited: Process Name - winlogon.exe Process ID - 11412 [12-07-2023 01:12:04] Process Exited: Process Name - dwm.exe Process ID - 11564 [12-07-2023 01:12:05] New process found: Process Name - csrss.exe Process ID - 15764 Process Identity - SYSTEM [12-07-2023 01:12:05] New process found: Process Name - winlogon.exe Process ID - 10348 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:12:07] New process found: Process Name - LogonUI.exe Process ID - 5644 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:12:07] New process found: Process Name - dwm.exe Process ID - 13992 Process Identity - Window Manager\DWM-4 [12-07-2023 01:12:13] Process Exited: Process Name - LogonUI.exe Process ID - 5644 [12-07-2023 01:12:13] Process Exited: Process Name - winlogon.exe Process ID - 10348 [12-07-2023 01:12:13] Process Exited: Process Name - dwm.exe Process ID - 13992 [12-07-2023 01:12:13] Process Exited: Process Name - csrss.exe Process ID - 15764 [12-07-2023 01:12:17] New process found: Process Name - csrss.exe Process ID - 12372 Process Identity - SYSTEM [12-07-2023 01:12:17] New process found: Process Name - winlogon.exe Process ID - 14492 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:12:20] New process found: Process Name - LogonUI.exe Process ID - 13144 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:12:20] New process found: Process Name - dwm.exe Process ID - 9400 Process Identity - Window Manager\DWM-4 [12-07-2023 01:12:25] Process Exited: Process Name - conhost.exe Process ID - 8052 [12-07-2023 01:12:25] Process Exited: Process Name - w3wp.exe Process ID - 12200 Web application pool name - kdbps.edu.in [12-07-2023 01:12:28] Process Exited: Process Name - dwm.exe Process ID - 9400 [12-07-2023 01:12:28] Process Exited: Process Name - LogonUI.exe Process ID - 13144 [12-07-2023 01:12:28] Process Exited: Process Name - winlogon.exe Process ID - 14492 [12-07-2023 01:12:29] Process Exited: Process Name - csrss.exe Process ID - 12372 [12-07-2023 01:12:33] New process found: Process Name - csrss.exe Process ID - 14596 Process Identity - SYSTEM [12-07-2023 01:12:33] New process found: Process Name - winlogon.exe Process ID - 10660 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:12:36] New process found: Process Name - LogonUI.exe Process ID - 5076 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:12:36] New process found: Process Name - dwm.exe Process ID - 15716 Process Identity - Window Manager\DWM-4 [12-07-2023 01:12:44] Process Exited: Process Name - LogonUI.exe Process ID - 5076 [12-07-2023 01:12:44] Process Exited: Process Name - winlogon.exe Process ID - 10660 [12-07-2023 01:12:44] Process Exited: Process Name - csrss.exe Process ID - 14596 [12-07-2023 01:12:44] Process Exited: Process Name - dwm.exe Process ID - 15716 [12-07-2023 01:12:45] New process found: Process Name - csrss.exe Process ID - 16132 Process Identity - SYSTEM [12-07-2023 01:12:45] New process found: Process Name - winlogon.exe Process ID - 16052 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:12:47] New process found: Process Name - LogonUI.exe Process ID - 11324 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:12:47] New process found: Process Name - dwm.exe Process ID - 14192 Process Identity - Window Manager\DWM-4 [12-07-2023 01:12:58] Process Exited: Process Name - w3wp.exe Process ID - 12080 Web application pool name - capitalbooks-publishing.com(domain)(4.0)(pool) [12-07-2023 01:12:59] Process Exited: Process Name - LogonUI.exe Process ID - 11324 [12-07-2023 01:12:59] Process Exited: Process Name - dwm.exe Process ID - 14192 [12-07-2023 01:12:59] Process Exited: Process Name - winlogon.exe Process ID - 16052 [12-07-2023 01:12:59] Process Exited: Process Name - csrss.exe Process ID - 16132 [12-07-2023 01:13:03] New process found: Process Name - csrss.exe Process ID - 11876 Process Identity - SYSTEM [12-07-2023 01:13:03] New process found: Process Name - winlogon.exe Process ID - 9364 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:13:05] New process found: Process Name - LogonUI.exe Process ID - 15832 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:13:05] New process found: Process Name - dwm.exe Process ID - 11356 Process Identity - Window Manager\DWM-4 [12-07-2023 01:13:07] New process found: Process Name - w3wp.exe Process ID - 4252 Process Identity - IIS APPPOOL\kdbps.edu.in Web application pool name - kdbps.edu.in [12-07-2023 01:13:07] New process found: Process Name - conhost.exe Process ID - 9352 Process Identity - IIS APPPOOL\kdbps.edu.in [12-07-2023 01:13:14] Process Exited: Process Name - winlogon.exe Process ID - 9364 [12-07-2023 01:13:14] Process Exited: Process Name - dwm.exe Process ID - 11356 [12-07-2023 01:13:14] Process Exited: Process Name - csrss.exe Process ID - 11876 [12-07-2023 01:13:14] Process Exited: Process Name - LogonUI.exe Process ID - 15832 [12-07-2023 01:13:17] New process found: Process Name - csrss.exe Process ID - 14848 Process Identity - SYSTEM [12-07-2023 01:13:17] New process found: Process Name - winlogon.exe Process ID - 12256 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:13:20] New process found: Process Name - LogonUI.exe Process ID - 13756 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:13:20] New process found: Process Name - dwm.exe Process ID - 4408 Process Identity - Window Manager\DWM-4 [12-07-2023 01:13:29] Process Exited: Process Name - dwm.exe Process ID - 4408 [12-07-2023 01:13:29] Process Exited: Process Name - winlogon.exe Process ID - 12256 [12-07-2023 01:13:29] Process Exited: Process Name - LogonUI.exe Process ID - 13756 [12-07-2023 01:13:30] Process Exited: Process Name - csrss.exe Process ID - 14848 [12-07-2023 01:13:33] New process found: Process Name - csrss.exe Process ID - 15704 Process Identity - SYSTEM [12-07-2023 01:13:33] New process found: Process Name - winlogon.exe Process ID - 4116 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:13:37] New process found: Process Name - LogonUI.exe Process ID - 2284 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:13:37] New process found: Process Name - dwm.exe Process ID - 11344 Process Identity - Window Manager\DWM-4 [12-07-2023 01:13:45] New process found: Process Name - w3wp.exe Process ID - 8644 Process Identity - KSHITIJSINGHAL-\IWPD_38(capitalbook) Web application pool name - capitalbooks-publishing.com(domain)(4.0)(pool) [12-07-2023 01:13:45] Process Exited: Process Name - LogonUI.exe Process ID - 2284 [12-07-2023 01:13:45] Process Exited: Process Name - winlogon.exe Process ID - 4116 [12-07-2023 01:13:45] Process Exited: Process Name - dwm.exe Process ID - 11344 [12-07-2023 01:13:45] Process Exited: Process Name - csrss.exe Process ID - 15704 [12-07-2023 01:13:47] New process found: Process Name - csrss.exe Process ID - 2584 Process Identity - SYSTEM [12-07-2023 01:13:47] New process found: Process Name - winlogon.exe Process ID - 13712 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:13:48] New process found: Process Name - LogonUI.exe Process ID - 10312 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:13:48] New process found: Process Name - dwm.exe Process ID - 15044 Process Identity - Window Manager\DWM-4 [12-07-2023 01:13:55] Process Exited: Process Name - w3wp.exe Process ID - 15620 Web application pool name - adminportal.galaxytools.in [12-07-2023 01:14:00] Process Exited: Process Name - csrss.exe Process ID - 2584 [12-07-2023 01:14:00] Process Exited: Process Name - LogonUI.exe Process ID - 10312 [12-07-2023 01:14:00] Process Exited: Process Name - winlogon.exe Process ID - 13712 [12-07-2023 01:14:00] Process Exited: Process Name - dwm.exe Process ID - 15044 [12-07-2023 01:14:04] New process found: Process Name - csrss.exe Process ID - 11484 Process Identity - SYSTEM [12-07-2023 01:14:04] New process found: Process Name - winlogon.exe Process ID - 9048 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:14:05] New process found: Process Name - LogonUI.exe Process ID - 12676 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:14:05] New process found: Process Name - dwm.exe Process ID - 10792 Process Identity - Window Manager\DWM-4 [12-07-2023 01:14:07] New process found: Process Name - w3wp.exe Process ID - 6196 Process Identity - IIS APPPOOL\DefaultAppPool Web application pool name - DefaultAppPool [12-07-2023 01:14:15] Process Exited: Process Name - winlogon.exe Process ID - 9048 [12-07-2023 01:14:15] Process Exited: Process Name - dwm.exe Process ID - 10792 [12-07-2023 01:14:15] Process Exited: Process Name - csrss.exe Process ID - 11484 [12-07-2023 01:14:15] Process Exited: Process Name - LogonUI.exe Process ID - 12676 [12-07-2023 01:14:17] New process found: Process Name - csrss.exe Process ID - 12960 Process Identity - SYSTEM [12-07-2023 01:14:17] New process found: Process Name - winlogon.exe Process ID - 7404 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:14:19] New process found: Process Name - LogonUI.exe Process ID - 9788 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:14:19] New process found: Process Name - dwm.exe Process ID - 12804 Process Identity - Window Manager\DWM-4 [12-07-2023 01:14:30] Process Exited: Process Name - LogonUI.exe Process ID - 9788 [12-07-2023 01:14:31] Process Exited: Process Name - winlogon.exe Process ID - 7404 [12-07-2023 01:14:31] Process Exited: Process Name - dwm.exe Process ID - 12804 [12-07-2023 01:14:31] Process Exited: Process Name - csrss.exe Process ID - 12960 [12-07-2023 01:14:33] New process found: Process Name - csrss.exe Process ID - 11432 Process Identity - SYSTEM [12-07-2023 01:14:33] New process found: Process Name - winlogon.exe Process ID - 15924 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:14:34] New process found: Process Name - LogonUI.exe Process ID - 13472 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:14:34] New process found: Process Name - dwm.exe Process ID - 10008 Process Identity - Window Manager\DWM-4 [12-07-2023 01:14:46] New process found: Process Name - w3wp.exe Process ID - 11488 Process Identity - IIS APPPOOL\adminportal.galaxytools.in Web application pool name - adminportal.galaxytools.in [12-07-2023 01:14:46] Process Exited: Process Name - dwm.exe Process ID - 10008 [12-07-2023 01:14:46] Process Exited: Process Name - csrss.exe Process ID - 11432 [12-07-2023 01:14:46] Process Exited: Process Name - LogonUI.exe Process ID - 13472 [12-07-2023 01:14:46] Process Exited: Process Name - winlogon.exe Process ID - 15924 [12-07-2023 01:14:48] New process found: Process Name - smss.exe Process ID - 5588 Process Identity - SYSTEM [12-07-2023 01:14:48] New process found: Process Name - csrss.exe Process ID - 10572 Process Identity - SYSTEM [12-07-2023 01:14:49] New process found: Process Name - winlogon.exe Process ID - 12344 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:14:49] Process Exited: Process Name - smss.exe Process ID - 5588 [12-07-2023 01:14:50] New process found: Process Name - LogonUI.exe Process ID - 13872 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:14:50] New process found: Process Name - dwm.exe Process ID - 8016 Process Identity - Window Manager\DWM-4 [12-07-2023 01:15:01] Process Exited: Process Name - dwm.exe Process ID - 8016 [12-07-2023 01:15:01] Process Exited: Process Name - winlogon.exe Process ID - 12344 [12-07-2023 01:15:01] Process Exited: Process Name - LogonUI.exe Process ID - 13872 [12-07-2023 01:15:02] Process Exited: Process Name - csrss.exe Process ID - 10572 [12-07-2023 01:15:07] New process found: Process Name - csrss.exe Process ID - 10828 Process Identity - SYSTEM [12-07-2023 01:15:07] New process found: Process Name - winlogon.exe Process ID - 11952 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:15:08] New process found: Process Name - LogonUI.exe Process ID - 12104 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:15:08] New process found: Process Name - dwm.exe Process ID - 10520 Process Identity - Window Manager\DWM-4 [12-07-2023 01:15:17] Process Exited: Process Name - dwm.exe Process ID - 10520 [12-07-2023 01:15:17] Process Exited: Process Name - csrss.exe Process ID - 10828 [12-07-2023 01:15:17] Process Exited: Process Name - winlogon.exe Process ID - 11952 [12-07-2023 01:15:17] Process Exited: Process Name - LogonUI.exe Process ID - 12104 [12-07-2023 01:15:19] New process found: Process Name - csrss.exe Process ID - 13612 Process Identity - SYSTEM [12-07-2023 01:15:19] New process found: Process Name - winlogon.exe Process ID - 12568 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:15:20] New process found: Process Name - LogonUI.exe Process ID - 6764 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:15:20] New process found: Process Name - dwm.exe Process ID - 7704 Process Identity - Window Manager\DWM-4 [12-07-2023 01:15:32] Process Exited: Process Name - LogonUI.exe Process ID - 6764 [12-07-2023 01:15:32] Process Exited: Process Name - dwm.exe Process ID - 7704 [12-07-2023 01:15:32] Process Exited: Process Name - winlogon.exe Process ID - 12568 [12-07-2023 01:15:32] Process Exited: Process Name - csrss.exe Process ID - 13612 [12-07-2023 01:15:34] New process found: Process Name - csrss.exe Process ID - 12692 Process Identity - SYSTEM [12-07-2023 01:15:34] New process found: Process Name - winlogon.exe Process ID - 7196 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:15:34] New process found: Process Name - LogonUI.exe Process ID - 1868 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:15:34] New process found: Process Name - dwm.exe Process ID - 10692 Process Identity - Window Manager\DWM-4 [12-07-2023 01:15:48] Process Exited: Process Name - LogonUI.exe Process ID - 1868 [12-07-2023 01:15:48] Process Exited: Process Name - winlogon.exe Process ID - 7196 [12-07-2023 01:15:48] Process Exited: Process Name - dwm.exe Process ID - 10692 [12-07-2023 01:15:48] Process Exited: Process Name - csrss.exe Process ID - 12692 [12-07-2023 01:15:50] New process found: Process Name - csrss.exe Process ID - 10648 Process Identity - SYSTEM [12-07-2023 01:15:50] New process found: Process Name - winlogon.exe Process ID - 10636 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:15:50] New process found: Process Name - LogonUI.exe Process ID - 16332 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:15:50] New process found: Process Name - dwm.exe Process ID - 9156 Process Identity - Window Manager\DWM-4 [12-07-2023 01:16:00] New process found: Process Name - w3wp.exe Process ID - 9400 Process Identity - KSHITIJSINGHAL-\IWPD_47(acwits) Web application pool name - legal.acwits.in(domain)(4.0)(pool) [12-07-2023 01:16:02] New process found: Process Name - conhost.exe Process ID - 11544 Process Identity - KSHITIJSINGHAL-\IWPD_47(acwits) [12-07-2023 01:16:03] Process Exited: Process Name - dwm.exe Process ID - 9156 [12-07-2023 01:16:03] Process Exited: Process Name - winlogon.exe Process ID - 10636 [12-07-2023 01:16:03] Process Exited: Process Name - csrss.exe Process ID - 10648 [12-07-2023 01:16:03] Process Exited: Process Name - LogonUI.exe Process ID - 16332 [12-07-2023 01:16:07] New process found: Process Name - csrss.exe Process ID - 1480 Process Identity - SYSTEM [12-07-2023 01:16:07] New process found: Process Name - winlogon.exe Process ID - 13908 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:16:08] New process found: Process Name - LogonUI.exe Process ID - 11408 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:16:08] New process found: Process Name - dwm.exe Process ID - 14072 Process Identity - Window Manager\DWM-4 [12-07-2023 01:16:18] Process Exited: Process Name - csrss.exe Process ID - 1480 [12-07-2023 01:16:18] Process Exited: Process Name - LogonUI.exe Process ID - 11408 [12-07-2023 01:16:18] Process Exited: Process Name - winlogon.exe Process ID - 13908 [12-07-2023 01:16:18] Process Exited: Process Name - dwm.exe Process ID - 14072 [12-07-2023 01:16:24] New process found: Process Name - csrss.exe Process ID - 11044 Process Identity - SYSTEM [12-07-2023 01:16:24] New process found: Process Name - winlogon.exe Process ID - 4248 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:16:26] New process found: Process Name - LogonUI.exe Process ID - 6560 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:16:26] New process found: Process Name - dwm.exe Process ID - 12064 Process Identity - Window Manager\DWM-4 [12-07-2023 01:16:34] Process Exited: Process Name - winlogon.exe Process ID - 4248 [12-07-2023 01:16:34] Process Exited: Process Name - LogonUI.exe Process ID - 6560 [12-07-2023 01:16:34] Process Exited: Process Name - csrss.exe Process ID - 11044 [12-07-2023 01:16:34] Process Exited: Process Name - dwm.exe Process ID - 12064 [12-07-2023 01:16:39] New process found: Process Name - csrss.exe Process ID - 4924 Process Identity - SYSTEM [12-07-2023 01:16:39] New process found: Process Name - winlogon.exe Process ID - 12936 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:16:40] New process found: Process Name - LogonUI.exe Process ID - 14840 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:16:40] New process found: Process Name - dwm.exe Process ID - 8732 Process Identity - Window Manager\DWM-4 [12-07-2023 01:16:49] Process Exited: Process Name - csrss.exe Process ID - 4924 [12-07-2023 01:16:49] Process Exited: Process Name - dwm.exe Process ID - 8732 [12-07-2023 01:16:49] Process Exited: Process Name - winlogon.exe Process ID - 12936 [12-07-2023 01:16:49] Process Exited: Process Name - LogonUI.exe Process ID - 14840 [12-07-2023 01:16:52] New process found: Process Name - csrss.exe Process ID - 13064 Process Identity - SYSTEM [12-07-2023 01:16:52] New process found: Process Name - winlogon.exe Process ID - 6168 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:16:53] New process found: Process Name - LogonUI.exe Process ID - 2964 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:16:53] New process found: Process Name - dwm.exe Process ID - 14980 Process Identity - Window Manager\DWM-4 [12-07-2023 01:17:04] Process Exited: Process Name - LogonUI.exe Process ID - 2964 [12-07-2023 01:17:04] Process Exited: Process Name - winlogon.exe Process ID - 6168 [12-07-2023 01:17:04] Process Exited: Process Name - csrss.exe Process ID - 13064 [12-07-2023 01:17:04] Process Exited: Process Name - dwm.exe Process ID - 14980 [12-07-2023 01:17:07] New process found: Process Name - csrss.exe Process ID - 14452 Process Identity - SYSTEM [12-07-2023 01:17:07] New process found: Process Name - winlogon.exe Process ID - 5068 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:17:08] New process found: Process Name - LogonUI.exe Process ID - 6556 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:17:08] New process found: Process Name - dwm.exe Process ID - 16072 Process Identity - Window Manager\DWM-4 [12-07-2023 01:17:20] Process Exited: Process Name - winlogon.exe Process ID - 5068 [12-07-2023 01:17:20] Process Exited: Process Name - LogonUI.exe Process ID - 6556 [12-07-2023 01:17:20] Process Exited: Process Name - csrss.exe Process ID - 14452 [12-07-2023 01:17:20] Process Exited: Process Name - dwm.exe Process ID - 16072 [12-07-2023 01:17:22] New process found: Process Name - w3wp.exe Process ID - 15772 Process Identity - IIS APPPOOL\galaxytools.in Web application pool name - galaxytools.in [12-07-2023 01:17:23] New process found: Process Name - w3wp.exe Process ID - 12672 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 01:17:23] Process Exited: Process Name - w3wp.exe Process ID - 7388 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 01:17:27] New process found: Process Name - csrss.exe Process ID - 7372 Process Identity - SYSTEM [12-07-2023 01:17:27] New process found: Process Name - winlogon.exe Process ID - 16196 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:17:30] New process found: Process Name - LogonUI.exe Process ID - 4972 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:17:30] New process found: Process Name - dwm.exe Process ID - 13304 Process Identity - Window Manager\DWM-4 [12-07-2023 01:17:34] New process found: Process Name - SearchProtocolHost.exe Process ID - 10884 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:17:34] New process found: Process Name - SearchFilterHost.exe Process ID - 8392 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:17:36] Process Exited: Process Name - LogonUI.exe Process ID - 4972 [12-07-2023 01:17:36] Process Exited: Process Name - csrss.exe Process ID - 7372 [12-07-2023 01:17:36] Process Exited: Process Name - dwm.exe Process ID - 13304 [12-07-2023 01:17:36] Process Exited: Process Name - winlogon.exe Process ID - 16196 [12-07-2023 01:17:39] New process found: Process Name - csrss.exe Process ID - 15256 Process Identity - SYSTEM [12-07-2023 01:17:39] New process found: Process Name - winlogon.exe Process ID - 8256 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:17:42] New process found: Process Name - LogonUI.exe Process ID - 14776 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:17:42] New process found: Process Name - dwm.exe Process ID - 5972 Process Identity - Window Manager\DWM-4 [12-07-2023 01:17:51] Process Exited: Process Name - dwm.exe Process ID - 5972 [12-07-2023 01:17:51] Process Exited: Process Name - winlogon.exe Process ID - 8256 [12-07-2023 01:17:51] Process Exited: Process Name - LogonUI.exe Process ID - 14776 [12-07-2023 01:17:51] Process Exited: Process Name - csrss.exe Process ID - 15256 [12-07-2023 01:17:53] New process found: Process Name - csrss.exe Process ID - 1324 Process Identity - SYSTEM [12-07-2023 01:17:53] New process found: Process Name - winlogon.exe Process ID - 15420 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:17:54] New process found: Process Name - LogonUI.exe Process ID - 12504 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:17:54] New process found: Process Name - dwm.exe Process ID - 7744 Process Identity - Window Manager\DWM-4 [12-07-2023 01:18:06] Process Exited: Process Name - csrss.exe Process ID - 1324 [12-07-2023 01:18:06] Process Exited: Process Name - dwm.exe Process ID - 7744 [12-07-2023 01:18:06] Process Exited: Process Name - LogonUI.exe Process ID - 12504 [12-07-2023 01:18:06] Process Exited: Process Name - winlogon.exe Process ID - 15420 [12-07-2023 01:18:08] New process found: Process Name - csrss.exe Process ID - 8952 Process Identity - SYSTEM [12-07-2023 01:18:08] New process found: Process Name - winlogon.exe Process ID - 6612 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:18:09] New process found: Process Name - LogonUI.exe Process ID - 14380 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:18:09] New process found: Process Name - dwm.exe Process ID - 11916 Process Identity - Window Manager\DWM-4 [12-07-2023 01:18:21] Process Exited: Process Name - winlogon.exe Process ID - 6612 [12-07-2023 01:18:21] Process Exited: Process Name - csrss.exe Process ID - 8952 [12-07-2023 01:18:21] Process Exited: Process Name - dwm.exe Process ID - 11916 [12-07-2023 01:18:21] Process Exited: Process Name - LogonUI.exe Process ID - 14380 [12-07-2023 01:18:23] New process found: Process Name - csrss.exe Process ID - 5480 Process Identity - SYSTEM [12-07-2023 01:18:23] New process found: Process Name - winlogon.exe Process ID - 1856 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:18:24] New process found: Process Name - LogonUI.exe Process ID - 10776 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:18:24] New process found: Process Name - dwm.exe Process ID - 188 Process Identity - Window Manager\DWM-4 [12-07-2023 01:18:36] Process Exited: Process Name - dwm.exe Process ID - 188 [12-07-2023 01:18:36] Process Exited: Process Name - winlogon.exe Process ID - 1856 [12-07-2023 01:18:36] Process Exited: Process Name - csrss.exe Process ID - 5480 [12-07-2023 01:18:36] Process Exited: Process Name - LogonUI.exe Process ID - 10776 [12-07-2023 01:18:38] New process found: Process Name - w3wp.exe Process ID - 10980 Process Identity - KSHITIJSINGHAL-\IWPD_6(cies) Web application pool name - cies.org.in(domain)(4.0)(pool) [12-07-2023 01:18:41] New process found: Process Name - csrss.exe Process ID - 6808 Process Identity - SYSTEM [12-07-2023 01:18:41] New process found: Process Name - winlogon.exe Process ID - 12884 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:18:43] New process found: Process Name - LogonUI.exe Process ID - 7912 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:18:43] New process found: Process Name - dwm.exe Process ID - 15932 Process Identity - Window Manager\DWM-4 [12-07-2023 01:18:47] Process Exited: Process Name - SearchFilterHost.exe Process ID - 8392 [12-07-2023 01:18:47] Process Exited: Process Name - SearchProtocolHost.exe Process ID - 10884 [12-07-2023 01:18:52] Process Exited: Process Name - csrss.exe Process ID - 6808 [12-07-2023 01:18:52] Process Exited: Process Name - LogonUI.exe Process ID - 7912 [12-07-2023 01:18:52] Process Exited: Process Name - winlogon.exe Process ID - 12884 [12-07-2023 01:18:52] Process Exited: Process Name - dwm.exe Process ID - 15932 [12-07-2023 01:18:54] New process found: Process Name - WmiPrvSE.exe Process ID - 2704 Process Identity - NT AUTHORITY\LOCAL SERVICE [12-07-2023 01:18:55] New process found: Process Name - csrss.exe Process ID - 12172 Process Identity - SYSTEM [12-07-2023 01:18:55] New process found: Process Name - winlogon.exe Process ID - 10380 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:18:56] New process found: Process Name - LogonUI.exe Process ID - 12940 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:18:56] New process found: Process Name - dwm.exe Process ID - 5460 Process Identity - Window Manager\DWM-4 [12-07-2023 01:19:01] New process found: Process Name - WmiPrvSE.exe Process ID - 9608 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:19:08] Process Exited: Process Name - dwm.exe Process ID - 5460 [12-07-2023 01:19:08] Process Exited: Process Name - winlogon.exe Process ID - 10380 [12-07-2023 01:19:08] Process Exited: Process Name - csrss.exe Process ID - 12172 [12-07-2023 01:19:08] Process Exited: Process Name - LogonUI.exe Process ID - 12940 [12-07-2023 01:19:10] New process found: Process Name - csrss.exe Process ID - 708 Process Identity - SYSTEM [12-07-2023 01:19:10] New process found: Process Name - winlogon.exe Process ID - 10708 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:19:13] New process found: Process Name - LogonUI.exe Process ID - 12740 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:19:13] New process found: Process Name - dwm.exe Process ID - 12200 Process Identity - Window Manager\DWM-4 [12-07-2023 01:19:23] Process Exited: Process Name - csrss.exe Process ID - 708 [12-07-2023 01:19:23] Process Exited: Process Name - winlogon.exe Process ID - 10708 [12-07-2023 01:19:23] Process Exited: Process Name - dwm.exe Process ID - 12200 [12-07-2023 01:19:23] Process Exited: Process Name - LogonUI.exe Process ID - 12740 [12-07-2023 01:19:26] New process found: Process Name - csrss.exe Process ID - 4104 Process Identity - SYSTEM [12-07-2023 01:19:26] New process found: Process Name - winlogon.exe Process ID - 6600 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:19:27] New process found: Process Name - LogonUI.exe Process ID - 11592 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:19:27] New process found: Process Name - dwm.exe Process ID - 10616 Process Identity - Window Manager\DWM-4 [12-07-2023 01:19:39] Process Exited: Process Name - csrss.exe Process ID - 4104 [12-07-2023 01:19:39] Process Exited: Process Name - winlogon.exe Process ID - 6600 [12-07-2023 01:19:39] Process Exited: Process Name - dwm.exe Process ID - 10616 [12-07-2023 01:19:39] Process Exited: Process Name - LogonUI.exe Process ID - 11592 [12-07-2023 01:19:40] New process found: Process Name - csrss.exe Process ID - 3500 Process Identity - SYSTEM [12-07-2023 01:19:40] New process found: Process Name - winlogon.exe Process ID - 16132 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:19:41] New process found: Process Name - LogonUI.exe Process ID - 13380 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:19:41] New process found: Process Name - dwm.exe Process ID - 11812 Process Identity - Window Manager\DWM-4 [12-07-2023 01:19:47] Process Exited: Process Name - w3wp.exe Process ID - 8644 Web application pool name - capitalbooks-publishing.com(domain)(4.0)(pool) [12-07-2023 01:19:54] Process Exited: Process Name - csrss.exe Process ID - 3500 [12-07-2023 01:19:54] Process Exited: Process Name - dwm.exe Process ID - 11812 [12-07-2023 01:19:54] Process Exited: Process Name - LogonUI.exe Process ID - 13380 [12-07-2023 01:19:54] Process Exited: Process Name - winlogon.exe Process ID - 16132 [12-07-2023 01:19:58] New process found: Process Name - csrss.exe Process ID - 12208 Process Identity - SYSTEM [12-07-2023 01:19:58] New process found: Process Name - winlogon.exe Process ID - 14840 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:20:00] New process found: Process Name - LogonUI.exe Process ID - 12216 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:20:00] New process found: Process Name - dwm.exe Process ID - 9240 Process Identity - Window Manager\DWM-4 [12-07-2023 01:20:09] Process Exited: Process Name - dwm.exe Process ID - 9240 [12-07-2023 01:20:09] Process Exited: Process Name - csrss.exe Process ID - 12208 [12-07-2023 01:20:09] Process Exited: Process Name - LogonUI.exe Process ID - 12216 [12-07-2023 01:20:09] Process Exited: Process Name - winlogon.exe Process ID - 14840 [12-07-2023 01:20:12] New process found: Process Name - csrss.exe Process ID - 10760 Process Identity - SYSTEM [12-07-2023 01:20:12] New process found: Process Name - winlogon.exe Process ID - 11856 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:20:15] New process found: Process Name - LogonUI.exe Process ID - 16064 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:20:15] New process found: Process Name - dwm.exe Process ID - 4764 Process Identity - Window Manager\DWM-4 [12-07-2023 01:20:24] Process Exited: Process Name - WmiPrvSE.exe Process ID - 2704 [12-07-2023 01:20:24] Process Exited: Process Name - dwm.exe Process ID - 4764 [12-07-2023 01:20:24] Process Exited: Process Name - WmiPrvSE.exe Process ID - 9608 [12-07-2023 01:20:24] Process Exited: Process Name - csrss.exe Process ID - 10760 [12-07-2023 01:20:24] Process Exited: Process Name - winlogon.exe Process ID - 11856 [12-07-2023 01:20:24] Process Exited: Process Name - LogonUI.exe Process ID - 16064 [12-07-2023 01:20:29] New process found: Process Name - csrss.exe Process ID - 12988 Process Identity - SYSTEM [12-07-2023 01:20:29] New process found: Process Name - winlogon.exe Process ID - 10020 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:20:32] New process found: Process Name - LogonUI.exe Process ID - 15944 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:20:32] New process found: Process Name - dwm.exe Process ID - 16264 Process Identity - Window Manager\DWM-4 [12-07-2023 01:20:40] Process Exited: Process Name - winlogon.exe Process ID - 10020 [12-07-2023 01:20:40] Process Exited: Process Name - csrss.exe Process ID - 12988 [12-07-2023 01:20:40] Process Exited: Process Name - LogonUI.exe Process ID - 15944 [12-07-2023 01:20:40] Process Exited: Process Name - dwm.exe Process ID - 16264 [12-07-2023 01:20:46] New process found: Process Name - csrss.exe Process ID - 9276 Process Identity - SYSTEM [12-07-2023 01:20:46] New process found: Process Name - winlogon.exe Process ID - 11696 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:20:46] New process found: Process Name - LogonUI.exe Process ID - 4108 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:20:46] New process found: Process Name - dwm.exe Process ID - 8856 Process Identity - Window Manager\DWM-4 [12-07-2023 01:20:57] Process Exited: Process Name - LogonUI.exe Process ID - 4108 [12-07-2023 01:20:57] Process Exited: Process Name - dwm.exe Process ID - 8856 [12-07-2023 01:20:57] Process Exited: Process Name - csrss.exe Process ID - 9276 [12-07-2023 01:20:57] Process Exited: Process Name - winlogon.exe Process ID - 11696 [12-07-2023 01:21:06] New process found: Process Name - csrss.exe Process ID - 12864 Process Identity - SYSTEM [12-07-2023 01:21:06] New process found: Process Name - winlogon.exe Process ID - 12908 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:21:07] New process found: Process Name - LogonUI.exe Process ID - 13736 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:21:07] New process found: Process Name - dwm.exe Process ID - 10892 Process Identity - Window Manager\DWM-4 [12-07-2023 01:21:10] Process Exited: Process Name - w3wp.exe Process ID - 6196 Web application pool name - DefaultAppPool [12-07-2023 01:21:13] Process Exited: Process Name - dwm.exe Process ID - 10892 [12-07-2023 01:21:13] Process Exited: Process Name - csrss.exe Process ID - 12864 [12-07-2023 01:21:13] Process Exited: Process Name - winlogon.exe Process ID - 12908 [12-07-2023 01:21:13] Process Exited: Process Name - LogonUI.exe Process ID - 13736 [12-07-2023 01:21:19] New process found: Process Name - csrss.exe Process ID - 14328 Process Identity - SYSTEM [12-07-2023 01:21:19] New process found: Process Name - winlogon.exe Process ID - 16112 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:21:20] New process found: Process Name - LogonUI.exe Process ID - 11360 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:21:20] New process found: Process Name - dwm.exe Process ID - 9624 Process Identity - Window Manager\DWM-4 [12-07-2023 01:21:28] Process Exited: Process Name - dwm.exe Process ID - 9624 [12-07-2023 01:21:28] Process Exited: Process Name - LogonUI.exe Process ID - 11360 [12-07-2023 01:21:28] Process Exited: Process Name - csrss.exe Process ID - 14328 [12-07-2023 01:21:28] Process Exited: Process Name - winlogon.exe Process ID - 16112 [12-07-2023 01:21:30] New process found: Process Name - csrss.exe Process ID - 11916 Process Identity - SYSTEM [12-07-2023 01:21:30] New process found: Process Name - winlogon.exe Process ID - 2480 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:21:31] New process found: Process Name - LogonUI.exe Process ID - 8952 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:21:31] New process found: Process Name - dwm.exe Process ID - 13316 Process Identity - Window Manager\DWM-4 [12-07-2023 01:21:33] New process found: Process Name - w3wp.exe Process ID - 12388 Process Identity - KSHITIJSINGHAL-\IWPD_50(acwits) Web application pool name - adminmain.acwits.in(domain)(4.0)(pool) [12-07-2023 01:21:33] New process found: Process Name - where.exe Process ID - 11008 Process Identity - KSHITIJSINGHAL-\IWPD_50(acwits) [12-07-2023 01:21:33] New process found: Process Name - conhost.exe Process ID - 12516 Process Identity - KSHITIJSINGHAL-\IWPD_50(acwits) [12-07-2023 01:21:34] New process found: Process Name - conhost.exe Process ID - 5684 Process Identity - KSHITIJSINGHAL-\IWPD_50(acwits) [12-07-2023 01:21:34] Process Exited: Process Name - where.exe Process ID - 11008 [12-07-2023 01:21:34] Process Exited: Process Name - conhost.exe Process ID - 12516 [12-07-2023 01:21:43] Process Exited: Process Name - winlogon.exe Process ID - 2480 [12-07-2023 01:21:43] Process Exited: Process Name - LogonUI.exe Process ID - 8952 [12-07-2023 01:21:43] Process Exited: Process Name - csrss.exe Process ID - 11916 [12-07-2023 01:21:43] Process Exited: Process Name - dwm.exe Process ID - 13316 [12-07-2023 01:21:45] New process found: Process Name - csrss.exe Process ID - 9712 Process Identity - SYSTEM [12-07-2023 01:21:45] New process found: Process Name - winlogon.exe Process ID - 12248 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:21:46] New process found: Process Name - LogonUI.exe Process ID - 640 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:21:46] New process found: Process Name - dwm.exe Process ID - 6552 Process Identity - Window Manager\DWM-4 [12-07-2023 01:21:49] Process Exited: Process Name - w3wp.exe Process ID - 11488 Web application pool name - adminportal.galaxytools.in [12-07-2023 01:21:58] Process Exited: Process Name - LogonUI.exe Process ID - 640 [12-07-2023 01:21:58] Process Exited: Process Name - dwm.exe Process ID - 6552 [12-07-2023 01:21:58] Process Exited: Process Name - csrss.exe Process ID - 9712 [12-07-2023 01:21:58] Process Exited: Process Name - winlogon.exe Process ID - 12248 [12-07-2023 01:22:01] New process found: Process Name - csrss.exe Process ID - 7492 Process Identity - SYSTEM [12-07-2023 01:22:01] New process found: Process Name - winlogon.exe Process ID - 14164 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:22:02] Process Exited: Process Name - w3wp.exe Process ID - 9400 Web application pool name - legal.acwits.in(domain)(4.0)(pool) [12-07-2023 01:22:02] Process Exited: Process Name - conhost.exe Process ID - 11544 [12-07-2023 01:22:05] New process found: Process Name - LogonUI.exe Process ID - 14832 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:22:05] New process found: Process Name - dwm.exe Process ID - 7788 Process Identity - Window Manager\DWM-4 [12-07-2023 01:22:13] Process Exited: Process Name - csrss.exe Process ID - 7492 [12-07-2023 01:22:13] Process Exited: Process Name - dwm.exe Process ID - 7788 [12-07-2023 01:22:13] Process Exited: Process Name - winlogon.exe Process ID - 14164 [12-07-2023 01:22:13] Process Exited: Process Name - LogonUI.exe Process ID - 14832 [12-07-2023 01:22:17] New process found: Process Name - csrss.exe Process ID - 13424 Process Identity - SYSTEM [12-07-2023 01:22:17] New process found: Process Name - winlogon.exe Process ID - 3652 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:22:19] New process found: Process Name - LogonUI.exe Process ID - 15324 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:22:19] New process found: Process Name - dwm.exe Process ID - 7520 Process Identity - Window Manager\DWM-4 [12-07-2023 01:22:23] New process found: Process Name - w3wp.exe Process ID - 12608 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 01:22:23] Process Exited: Process Name - w3wp.exe Process ID - 12672 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 01:22:28] Process Exited: Process Name - winlogon.exe Process ID - 3652 [12-07-2023 01:22:28] Process Exited: Process Name - dwm.exe Process ID - 7520 [12-07-2023 01:22:28] Process Exited: Process Name - csrss.exe Process ID - 13424 [12-07-2023 01:22:28] Process Exited: Process Name - LogonUI.exe Process ID - 15324 [12-07-2023 01:22:30] New process found: Process Name - csrss.exe Process ID - 8600 Process Identity - SYSTEM [12-07-2023 01:22:30] New process found: Process Name - winlogon.exe Process ID - 10540 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:22:31] New process found: Process Name - LogonUI.exe Process ID - 16188 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:22:31] New process found: Process Name - dwm.exe Process ID - 9720 Process Identity - Window Manager\DWM-4 [12-07-2023 01:22:43] Process Exited: Process Name - csrss.exe Process ID - 8600 [12-07-2023 01:22:43] Process Exited: Process Name - dwm.exe Process ID - 9720 [12-07-2023 01:22:43] Process Exited: Process Name - winlogon.exe Process ID - 10540 [12-07-2023 01:22:43] Process Exited: Process Name - LogonUI.exe Process ID - 16188 [12-07-2023 01:22:45] New process found: Process Name - csrss.exe Process ID - 14888 Process Identity - SYSTEM [12-07-2023 01:22:45] New process found: Process Name - winlogon.exe Process ID - 10812 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:22:46] New process found: Process Name - LogonUI.exe Process ID - 14892 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:22:46] New process found: Process Name - dwm.exe Process ID - 11104 Process Identity - Window Manager\DWM-4 [12-07-2023 01:22:59] Process Exited: Process Name - winlogon.exe Process ID - 10812 [12-07-2023 01:22:59] Process Exited: Process Name - dwm.exe Process ID - 11104 [12-07-2023 01:22:59] Process Exited: Process Name - csrss.exe Process ID - 14888 [12-07-2023 01:22:59] Process Exited: Process Name - LogonUI.exe Process ID - 14892 [12-07-2023 01:23:02] New process found: Process Name - csrss.exe Process ID - 12964 Process Identity - SYSTEM [12-07-2023 01:23:02] New process found: Process Name - winlogon.exe Process ID - 840 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:23:03] New process found: Process Name - LogonUI.exe Process ID - 12196 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:23:03] New process found: Process Name - dwm.exe Process ID - 10476 Process Identity - Window Manager\DWM-4 [12-07-2023 01:23:13] Process Exited: Process Name - winlogon.exe Process ID - 840 [12-07-2023 01:23:14] Process Exited: Process Name - dwm.exe Process ID - 10476 [12-07-2023 01:23:14] Process Exited: Process Name - LogonUI.exe Process ID - 12196 [12-07-2023 01:23:14] Process Exited: Process Name - csrss.exe Process ID - 12964 [12-07-2023 01:23:17] New process found: Process Name - csrss.exe Process ID - 6988 Process Identity - SYSTEM [12-07-2023 01:23:17] New process found: Process Name - winlogon.exe Process ID - 9240 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:23:18] New process found: Process Name - LogonUI.exe Process ID - 15164 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:23:18] New process found: Process Name - dwm.exe Process ID - 13120 Process Identity - Window Manager\DWM-4 [12-07-2023 01:23:30] Process Exited: Process Name - csrss.exe Process ID - 6988 [12-07-2023 01:23:30] Process Exited: Process Name - winlogon.exe Process ID - 9240 [12-07-2023 01:23:30] Process Exited: Process Name - dwm.exe Process ID - 13120 [12-07-2023 01:23:30] Process Exited: Process Name - LogonUI.exe Process ID - 15164 [12-07-2023 01:23:33] New process found: Process Name - csrss.exe Process ID - 10180 Process Identity - SYSTEM [12-07-2023 01:23:33] New process found: Process Name - winlogon.exe Process ID - 7456 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:23:34] New process found: Process Name - LogonUI.exe Process ID - 15460 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:23:34] New process found: Process Name - dwm.exe Process ID - 6800 Process Identity - Window Manager\DWM-4 [12-07-2023 01:23:45] Process Exited: Process Name - dwm.exe Process ID - 6800 [12-07-2023 01:23:45] Process Exited: Process Name - winlogon.exe Process ID - 7456 [12-07-2023 01:23:45] Process Exited: Process Name - csrss.exe Process ID - 10180 [12-07-2023 01:23:45] Process Exited: Process Name - LogonUI.exe Process ID - 15460 [12-07-2023 01:23:49] New process found: Process Name - csrss.exe Process ID - 9184 Process Identity - SYSTEM [12-07-2023 01:23:49] New process found: Process Name - winlogon.exe Process ID - 5176 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:23:54] New process found: Process Name - LogonUI.exe Process ID - 12980 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:23:54] New process found: Process Name - dwm.exe Process ID - 15540 Process Identity - Window Manager\DWM-4 [12-07-2023 01:24:00] Process Exited: Process Name - winlogon.exe Process ID - 5176 [12-07-2023 01:24:00] Process Exited: Process Name - LogonUI.exe Process ID - 12980 [12-07-2023 01:24:00] Process Exited: Process Name - dwm.exe Process ID - 15540 [12-07-2023 01:24:01] Process Exited: Process Name - csrss.exe Process ID - 9184 [12-07-2023 01:24:06] New process found: Process Name - csrss.exe Process ID - 11708 Process Identity - SYSTEM [12-07-2023 01:24:06] New process found: Process Name - winlogon.exe Process ID - 16152 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:24:08] New process found: Process Name - LogonUI.exe Process ID - 11252 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:24:08] New process found: Process Name - dwm.exe Process ID - 2764 Process Identity - Window Manager\DWM-4 [12-07-2023 01:24:16] Process Exited: Process Name - dwm.exe Process ID - 2764 [12-07-2023 01:24:16] Process Exited: Process Name - LogonUI.exe Process ID - 11252 [12-07-2023 01:24:16] Process Exited: Process Name - csrss.exe Process ID - 11708 [12-07-2023 01:24:16] Process Exited: Process Name - winlogon.exe Process ID - 16152 [12-07-2023 01:24:18] New process found: Process Name - csrss.exe Process ID - 6972 Process Identity - SYSTEM [12-07-2023 01:24:18] New process found: Process Name - winlogon.exe Process ID - 15016 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:24:19] New process found: Process Name - LogonUI.exe Process ID - 6196 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:24:19] New process found: Process Name - dwm.exe Process ID - 6312 Process Identity - Window Manager\DWM-4 [12-07-2023 01:24:31] Process Exited: Process Name - LogonUI.exe Process ID - 6196 [12-07-2023 01:24:31] Process Exited: Process Name - dwm.exe Process ID - 6312 [12-07-2023 01:24:31] Process Exited: Process Name - csrss.exe Process ID - 6972 [12-07-2023 01:24:31] Process Exited: Process Name - winlogon.exe Process ID - 15016 [12-07-2023 01:24:37] New process found: Process Name - csrss.exe Process ID - 9124 Process Identity - SYSTEM [12-07-2023 01:24:37] New process found: Process Name - winlogon.exe Process ID - 14716 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:24:40] New process found: Process Name - LogonUI.exe Process ID - 2236 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:24:40] New process found: Process Name - dwm.exe Process ID - 6868 Process Identity - Window Manager\DWM-4 [12-07-2023 01:24:41] Process Exited: Process Name - w3wp.exe Process ID - 10980 Web application pool name - cies.org.in(domain)(4.0)(pool) [12-07-2023 01:24:46] Process Exited: Process Name - LogonUI.exe Process ID - 2236 [12-07-2023 01:24:47] New process found: Process Name - w3wp.exe Process ID - 13684 Process Identity - KSHITIJSINGHAL-\IWPD_6(cies) Web application pool name - cies.org.in(domain)(4.0)(pool) [12-07-2023 01:24:47] Process Exited: Process Name - dwm.exe Process ID - 6868 [12-07-2023 01:24:47] Process Exited: Process Name - csrss.exe Process ID - 9124 [12-07-2023 01:24:47] Process Exited: Process Name - winlogon.exe Process ID - 14716 [12-07-2023 01:24:50] New process found: Process Name - csrss.exe Process ID - 7044 Process Identity - SYSTEM [12-07-2023 01:24:50] New process found: Process Name - winlogon.exe Process ID - 7732 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:24:50] New process found: Process Name - w3wp.exe Process ID - 7660 Process Identity - KSHITIJSINGHAL-\IWPD_82(medblink) Web application pool name - blogs.medblinkit.com(domain)(4.0)(pool) [12-07-2023 01:24:51] New process found: Process Name - LogonUI.exe Process ID - 13564 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:24:51] New process found: Process Name - dwm.exe Process ID - 12028 Process Identity - Window Manager\DWM-4 [12-07-2023 01:24:51] New process found: Process Name - where.exe Process ID - 10748 Process Identity - KSHITIJSINGHAL-\IWPD_82(medblink) [12-07-2023 01:24:51] New process found: Process Name - conhost.exe Process ID - 660 Process Identity - KSHITIJSINGHAL-\IWPD_82(medblink) [12-07-2023 01:24:52] New process found: Process Name - conhost.exe Process ID - 6420 Process Identity - KSHITIJSINGHAL-\IWPD_82(medblink) [12-07-2023 01:24:52] Process Exited: Process Name - conhost.exe Process ID - 660 [12-07-2023 01:24:52] Process Exited: Process Name - where.exe Process ID - 10748 [12-07-2023 01:25:01] Process Exited: Process Name - winlogon.exe Process ID - 7732 [12-07-2023 01:25:01] Process Exited: Process Name - dwm.exe Process ID - 12028 [12-07-2023 01:25:01] Process Exited: Process Name - LogonUI.exe Process ID - 13564 [12-07-2023 01:25:02] Process Exited: Process Name - csrss.exe Process ID - 7044 [12-07-2023 01:25:04] New process found: Process Name - csrss.exe Process ID - 11416 Process Identity - SYSTEM [12-07-2023 01:25:04] New process found: Process Name - winlogon.exe Process ID - 7100 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:25:06] New process found: Process Name - LogonUI.exe Process ID - 7752 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:25:06] New process found: Process Name - dwm.exe Process ID - 7196 Process Identity - Window Manager\DWM-4 [12-07-2023 01:25:17] Process Exited: Process Name - winlogon.exe Process ID - 7100 [12-07-2023 01:25:17] Process Exited: Process Name - dwm.exe Process ID - 7196 [12-07-2023 01:25:17] Process Exited: Process Name - LogonUI.exe Process ID - 7752 [12-07-2023 01:25:17] Process Exited: Process Name - csrss.exe Process ID - 11416 [12-07-2023 01:25:19] New process found: Process Name - csrss.exe Process ID - 5660 Process Identity - SYSTEM [12-07-2023 01:25:19] New process found: Process Name - winlogon.exe Process ID - 3760 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:25:20] New process found: Process Name - LogonUI.exe Process ID - 11292 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:25:20] New process found: Process Name - dwm.exe Process ID - 15872 Process Identity - Window Manager\DWM-4 [12-07-2023 01:25:32] Process Exited: Process Name - winlogon.exe Process ID - 3760 [12-07-2023 01:25:32] Process Exited: Process Name - csrss.exe Process ID - 5660 [12-07-2023 01:25:32] Process Exited: Process Name - LogonUI.exe Process ID - 11292 [12-07-2023 01:25:32] Process Exited: Process Name - dwm.exe Process ID - 15872 [12-07-2023 01:25:34] New process found: Process Name - csrss.exe Process ID - 15472 Process Identity - SYSTEM [12-07-2023 01:25:34] New process found: Process Name - winlogon.exe Process ID - 12292 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:25:37] New process found: Process Name - LogonUI.exe Process ID - 12264 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:25:37] New process found: Process Name - dwm.exe Process ID - 14712 Process Identity - Window Manager\DWM-4 [12-07-2023 01:25:47] Process Exited: Process Name - LogonUI.exe Process ID - 12264 [12-07-2023 01:25:47] Process Exited: Process Name - winlogon.exe Process ID - 12292 [12-07-2023 01:25:47] Process Exited: Process Name - dwm.exe Process ID - 14712 [12-07-2023 01:25:48] Process Exited: Process Name - csrss.exe Process ID - 15472 [12-07-2023 01:25:50] New process found: Process Name - csrss.exe Process ID - 8252 Process Identity - SYSTEM [12-07-2023 01:25:50] New process found: Process Name - winlogon.exe Process ID - 15796 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:25:52] New process found: Process Name - LogonUI.exe Process ID - 1636 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:25:52] New process found: Process Name - dwm.exe Process ID - 15076 Process Identity - Window Manager\DWM-4 [12-07-2023 01:26:02] New process found: Process Name - w3wp.exe Process ID - 968 Process Identity - KSHITIJSINGHAL-\IWPD_69(acwits) Web application pool name - imarc.acwits.in(domain)(4.0)(pool) [12-07-2023 01:26:02] New process found: Process Name - conhost.exe Process ID - 14356 Process Identity - KSHITIJSINGHAL-\IWPD_69(acwits) [12-07-2023 01:26:02] Process Exited: Process Name - LogonUI.exe Process ID - 1636 [12-07-2023 01:26:02] Process Exited: Process Name - dwm.exe Process ID - 15076 [12-07-2023 01:26:02] Process Exited: Process Name - winlogon.exe Process ID - 15796 [12-07-2023 01:26:03] Process Exited: Process Name - csrss.exe Process ID - 8252 [12-07-2023 01:26:07] New process found: Process Name - csrss.exe Process ID - 7776 Process Identity - SYSTEM [12-07-2023 01:26:07] New process found: Process Name - winlogon.exe Process ID - 15712 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:26:08] New process found: Process Name - LogonUI.exe Process ID - 15072 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:26:08] New process found: Process Name - dwm.exe Process ID - 13376 Process Identity - Window Manager\DWM-4 [12-07-2023 01:26:18] Process Exited: Process Name - csrss.exe Process ID - 7776 [12-07-2023 01:26:18] Process Exited: Process Name - dwm.exe Process ID - 13376 [12-07-2023 01:26:18] Process Exited: Process Name - LogonUI.exe Process ID - 15072 [12-07-2023 01:26:18] Process Exited: Process Name - winlogon.exe Process ID - 15712 [12-07-2023 01:26:20] New process found: Process Name - csrss.exe Process ID - 15356 Process Identity - SYSTEM [12-07-2023 01:26:20] New process found: Process Name - winlogon.exe Process ID - 14568 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:26:21] New process found: Process Name - LogonUI.exe Process ID - 2440 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:26:21] New process found: Process Name - dwm.exe Process ID - 12728 Process Identity - Window Manager\DWM-4 [12-07-2023 01:26:24] Process Exited: Process Name - w3wp.exe Process ID - 15772 Web application pool name - galaxytools.in [12-07-2023 01:26:32] New process found: Process Name - w3wp.exe Process ID - 6848 Process Identity - IIS APPPOOL\DefaultAppPool Web application pool name - DefaultAppPool [12-07-2023 01:26:33] Process Exited: Process Name - LogonUI.exe Process ID - 2440 [12-07-2023 01:26:33] Process Exited: Process Name - dwm.exe Process ID - 12728 [12-07-2023 01:26:33] Process Exited: Process Name - winlogon.exe Process ID - 14568 [12-07-2023 01:26:33] Process Exited: Process Name - csrss.exe Process ID - 15356 [12-07-2023 01:26:37] New process found: Process Name - csrss.exe Process ID - 14084 Process Identity - SYSTEM [12-07-2023 01:26:37] New process found: Process Name - winlogon.exe Process ID - 12300 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:26:38] New process found: Process Name - LogonUI.exe Process ID - 8416 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:26:38] New process found: Process Name - dwm.exe Process ID - 15828 Process Identity - Window Manager\DWM-4 [12-07-2023 01:26:49] Process Exited: Process Name - LogonUI.exe Process ID - 8416 [12-07-2023 01:26:49] Process Exited: Process Name - winlogon.exe Process ID - 12300 [12-07-2023 01:26:49] Process Exited: Process Name - csrss.exe Process ID - 14084 [12-07-2023 01:26:49] Process Exited: Process Name - dwm.exe Process ID - 15828 [12-07-2023 01:26:58] New process found: Process Name - csrss.exe Process ID - 8560 Process Identity - SYSTEM [12-07-2023 01:26:58] New process found: Process Name - winlogon.exe Process ID - 16064 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:26:59] New process found: Process Name - LogonUI.exe Process ID - 15460 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:26:59] New process found: Process Name - dwm.exe Process ID - 12400 Process Identity - Window Manager\DWM-4 [12-07-2023 01:27:04] Process Exited: Process Name - csrss.exe Process ID - 8560 [12-07-2023 01:27:04] Process Exited: Process Name - dwm.exe Process ID - 12400 [12-07-2023 01:27:04] Process Exited: Process Name - LogonUI.exe Process ID - 15460 [12-07-2023 01:27:04] Process Exited: Process Name - winlogon.exe Process ID - 16064 [12-07-2023 01:27:06] New process found: Process Name - csrss.exe Process ID - 12096 Process Identity - SYSTEM [12-07-2023 01:27:06] New process found: Process Name - winlogon.exe Process ID - 16264 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:27:06] New process found: Process Name - w3wp.exe Process ID - 12888 Process Identity - KSHITIJSINGHAL-\IWPD_13(perfectbrea) Web application pool name - perfectbread.com(domain)(4.0)(pool) [12-07-2023 01:27:08] New process found: Process Name - LogonUI.exe Process ID - 9320 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:27:08] New process found: Process Name - dwm.exe Process ID - 13764 Process Identity - Window Manager\DWM-4 [12-07-2023 01:27:10] New process found: Process Name - conhost.exe Process ID - 7836 Process Identity - KSHITIJSINGHAL-\IWPD_13(perfectbrea) [12-07-2023 01:27:19] Process Exited: Process Name - LogonUI.exe Process ID - 9320 [12-07-2023 01:27:19] Process Exited: Process Name - csrss.exe Process ID - 12096 [12-07-2023 01:27:19] Process Exited: Process Name - dwm.exe Process ID - 13764 [12-07-2023 01:27:19] Process Exited: Process Name - winlogon.exe Process ID - 16264 [12-07-2023 01:27:22] New process found: Process Name - csrss.exe Process ID - 11088 Process Identity - SYSTEM [12-07-2023 01:27:22] New process found: Process Name - winlogon.exe Process ID - 10676 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:27:24] New process found: Process Name - LogonUI.exe Process ID - 8256 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:27:24] New process found: Process Name - dwm.exe Process ID - 2264 Process Identity - Window Manager\DWM-4 [12-07-2023 01:27:25] New process found: Process Name - w3wp.exe Process ID - 15188 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 01:27:25] Process Exited: Process Name - w3wp.exe Process ID - 12608 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 01:27:34] Process Exited: Process Name - dwm.exe Process ID - 2264 [12-07-2023 01:27:34] Process Exited: Process Name - LogonUI.exe Process ID - 8256 [12-07-2023 01:27:34] Process Exited: Process Name - winlogon.exe Process ID - 10676 [12-07-2023 01:27:34] Process Exited: Process Name - csrss.exe Process ID - 11088 [12-07-2023 01:27:36] Process Exited: Process Name - conhost.exe Process ID - 5684 [12-07-2023 01:27:36] Process Exited: Process Name - w3wp.exe Process ID - 12388 Web application pool name - adminmain.acwits.in(domain)(4.0)(pool) [12-07-2023 01:27:38] New process found: Process Name - csrss.exe Process ID - 544 Process Identity - SYSTEM [12-07-2023 01:27:38] New process found: Process Name - winlogon.exe Process ID - 16360 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:27:42] New process found: Process Name - LogonUI.exe Process ID - 10980 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:27:42] New process found: Process Name - dwm.exe Process ID - 10592 Process Identity - Window Manager\DWM-4 [12-07-2023 01:27:49] Process Exited: Process Name - dwm.exe Process ID - 10592 [12-07-2023 01:27:49] Process Exited: Process Name - LogonUI.exe Process ID - 10980 [12-07-2023 01:27:49] Process Exited: Process Name - winlogon.exe Process ID - 16360 [12-07-2023 01:27:50] Process Exited: Process Name - csrss.exe Process ID - 544 [12-07-2023 01:27:52] New process found: Process Name - csrss.exe Process ID - 7240 Process Identity - SYSTEM [12-07-2023 01:27:52] New process found: Process Name - winlogon.exe Process ID - 12224 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:27:54] New process found: Process Name - LogonUI.exe Process ID - 9004 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:27:54] New process found: Process Name - dwm.exe Process ID - 660 Process Identity - Window Manager\DWM-4 [12-07-2023 01:28:04] Process Exited: Process Name - dwm.exe Process ID - 660 [12-07-2023 01:28:04] Process Exited: Process Name - LogonUI.exe Process ID - 9004 [12-07-2023 01:28:04] Process Exited: Process Name - winlogon.exe Process ID - 12224 [12-07-2023 01:28:05] Process Exited: Process Name - csrss.exe Process ID - 7240 [12-07-2023 01:28:11] New process found: Process Name - w3wp.exe Process ID - 13700 Process Identity - KSHITIJSINGHAL-\IWPD_73(acwits) Web application pool name - syndicated.acwits.in(domain)(4.0)(pool) [12-07-2023 01:28:11] New process found: Process Name - conhost.exe Process ID - 14756 Process Identity - KSHITIJSINGHAL-\IWPD_73(acwits) [12-07-2023 01:28:12] New process found: Process Name - csrss.exe Process ID - 12736 Process Identity - SYSTEM [12-07-2023 01:28:12] New process found: Process Name - winlogon.exe Process ID - 7236 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:28:14] New process found: Process Name - LogonUI.exe Process ID - 6552 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:28:14] New process found: Process Name - dwm.exe Process ID - 228 Process Identity - Window Manager\DWM-4 [12-07-2023 01:28:19] Process Exited: Process Name - dwm.exe Process ID - 228 [12-07-2023 01:28:19] Process Exited: Process Name - LogonUI.exe Process ID - 6552 [12-07-2023 01:28:19] Process Exited: Process Name - winlogon.exe Process ID - 7236 [12-07-2023 01:28:20] Process Exited: Process Name - csrss.exe Process ID - 12736 [12-07-2023 01:28:22] New process found: Process Name - csrss.exe Process ID - 1616 Process Identity - SYSTEM [12-07-2023 01:28:22] New process found: Process Name - winlogon.exe Process ID - 6408 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:28:24] New process found: Process Name - LogonUI.exe Process ID - 15292 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:28:24] New process found: Process Name - dwm.exe Process ID - 13252 Process Identity - Window Manager\DWM-4 [12-07-2023 01:28:26] New process found: Process Name - w3wp.exe Process ID - 15656 Process Identity - IIS APPPOOL\galaxytools.in Web application pool name - galaxytools.in [12-07-2023 01:28:35] Process Exited: Process Name - csrss.exe Process ID - 1616 [12-07-2023 01:28:35] Process Exited: Process Name - winlogon.exe Process ID - 6408 [12-07-2023 01:28:35] Process Exited: Process Name - dwm.exe Process ID - 13252 [12-07-2023 01:28:35] Process Exited: Process Name - LogonUI.exe Process ID - 15292 [12-07-2023 01:28:40] New process found: Process Name - csrss.exe Process ID - 16216 Process Identity - SYSTEM [12-07-2023 01:28:40] New process found: Process Name - winlogon.exe Process ID - 14004 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:28:44] New process found: Process Name - LogonUI.exe Process ID - 12520 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:28:44] New process found: Process Name - dwm.exe Process ID - 12236 Process Identity - Window Manager\DWM-4 [12-07-2023 01:28:50] Process Exited: Process Name - dwm.exe Process ID - 12236 [12-07-2023 01:28:50] Process Exited: Process Name - LogonUI.exe Process ID - 12520 [12-07-2023 01:28:50] Process Exited: Process Name - winlogon.exe Process ID - 14004 [12-07-2023 01:28:50] Process Exited: Process Name - csrss.exe Process ID - 16216 [12-07-2023 01:28:53] New process found: Process Name - csrss.exe Process ID - 12036 Process Identity - SYSTEM [12-07-2023 01:28:53] New process found: Process Name - winlogon.exe Process ID - 3652 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:28:54] New process found: Process Name - WmiPrvSE.exe Process ID - 11976 Process Identity - NT AUTHORITY\LOCAL SERVICE [12-07-2023 01:28:54] New process found: Process Name - LogonUI.exe Process ID - 6756 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:28:54] New process found: Process Name - dwm.exe Process ID - 15796 Process Identity - Window Manager\DWM-4 [12-07-2023 01:29:01] New process found: Process Name - WmiPrvSE.exe Process ID - 14892 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:29:05] Process Exited: Process Name - winlogon.exe Process ID - 3652 [12-07-2023 01:29:05] Process Exited: Process Name - LogonUI.exe Process ID - 6756 [12-07-2023 01:29:05] Process Exited: Process Name - dwm.exe Process ID - 15796 [12-07-2023 01:29:06] Process Exited: Process Name - csrss.exe Process ID - 12036 [12-07-2023 01:29:09] New process found: Process Name - csrss.exe Process ID - 13360 Process Identity - SYSTEM [12-07-2023 01:29:09] New process found: Process Name - winlogon.exe Process ID - 12920 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:29:11] New process found: Process Name - LogonUI.exe Process ID - 9532 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:29:11] New process found: Process Name - dwm.exe Process ID - 6600 Process Identity - Window Manager\DWM-4 [12-07-2023 01:29:21] Process Exited: Process Name - dwm.exe Process ID - 6600 [12-07-2023 01:29:21] Process Exited: Process Name - LogonUI.exe Process ID - 9532 [12-07-2023 01:29:21] Process Exited: Process Name - winlogon.exe Process ID - 12920 [12-07-2023 01:29:21] Process Exited: Process Name - csrss.exe Process ID - 13360 [12-07-2023 01:29:24] New process found: Process Name - csrss.exe Process ID - 12664 Process Identity - SYSTEM [12-07-2023 01:29:24] New process found: Process Name - winlogon.exe Process ID - 9252 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:29:25] New process found: Process Name - LogonUI.exe Process ID - 12216 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:29:25] New process found: Process Name - dwm.exe Process ID - 10880 Process Identity - Window Manager\DWM-4 [12-07-2023 01:29:36] Process Exited: Process Name - winlogon.exe Process ID - 9252 [12-07-2023 01:29:36] Process Exited: Process Name - dwm.exe Process ID - 10880 [12-07-2023 01:29:36] Process Exited: Process Name - LogonUI.exe Process ID - 12216 [12-07-2023 01:29:36] Process Exited: Process Name - csrss.exe Process ID - 12664 [12-07-2023 01:29:39] New process found: Process Name - csrss.exe Process ID - 10588 Process Identity - SYSTEM [12-07-2023 01:29:39] New process found: Process Name - winlogon.exe Process ID - 12208 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:29:41] New process found: Process Name - LogonUI.exe Process ID - 15464 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:29:41] New process found: Process Name - dwm.exe Process ID - 13172 Process Identity - Window Manager\DWM-4 [12-07-2023 01:29:51] Process Exited: Process Name - csrss.exe Process ID - 10588 [12-07-2023 01:29:51] Process Exited: Process Name - winlogon.exe Process ID - 12208 [12-07-2023 01:29:51] Process Exited: Process Name - dwm.exe Process ID - 13172 [12-07-2023 01:29:51] Process Exited: Process Name - LogonUI.exe Process ID - 15464 [12-07-2023 01:29:57] New process found: Process Name - csrss.exe Process ID - 11936 Process Identity - SYSTEM [12-07-2023 01:29:57] New process found: Process Name - winlogon.exe Process ID - 3476 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:29:58] New process found: Process Name - LogonUI.exe Process ID - 10756 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:29:58] New process found: Process Name - dwm.exe Process ID - 692 Process Identity - Window Manager\DWM-4 [12-07-2023 01:30:06] Process Exited: Process Name - dwm.exe Process ID - 692 [12-07-2023 01:30:06] Process Exited: Process Name - winlogon.exe Process ID - 3476 [12-07-2023 01:30:06] Process Exited: Process Name - LogonUI.exe Process ID - 10756 [12-07-2023 01:30:06] Process Exited: Process Name - csrss.exe Process ID - 11936 [12-07-2023 01:30:09] New process found: Process Name - csrss.exe Process ID - 2264 Process Identity - SYSTEM [12-07-2023 01:30:09] New process found: Process Name - winlogon.exe Process ID - 13156 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:30:09] New process found: Process Name - LogonUI.exe Process ID - 15400 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:30:09] New process found: Process Name - dwm.exe Process ID - 8904 Process Identity - Window Manager\DWM-4 [12-07-2023 01:30:21] Process Exited: Process Name - dwm.exe Process ID - 8904 [12-07-2023 01:30:21] Process Exited: Process Name - winlogon.exe Process ID - 13156 [12-07-2023 01:30:21] Process Exited: Process Name - LogonUI.exe Process ID - 15400 [12-07-2023 01:30:22] Process Exited: Process Name - csrss.exe Process ID - 2264 [12-07-2023 01:30:24] New process found: Process Name - csrss.exe Process ID - 10460 Process Identity - SYSTEM [12-07-2023 01:30:24] New process found: Process Name - winlogon.exe Process ID - 1548 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:30:24] Process Exited: Process Name - WmiPrvSE.exe Process ID - 11976 [12-07-2023 01:30:24] Process Exited: Process Name - WmiPrvSE.exe Process ID - 14892 [12-07-2023 01:30:25] New process found: Process Name - LogonUI.exe Process ID - 8780 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:30:25] New process found: Process Name - dwm.exe Process ID - 14500 Process Identity - Window Manager\DWM-4 [12-07-2023 01:30:37] Process Exited: Process Name - winlogon.exe Process ID - 1548 [12-07-2023 01:30:37] Process Exited: Process Name - LogonUI.exe Process ID - 8780 [12-07-2023 01:30:37] Process Exited: Process Name - dwm.exe Process ID - 14500 [12-07-2023 01:30:38] Process Exited: Process Name - csrss.exe Process ID - 10460 [12-07-2023 01:30:40] New process found: Process Name - csrss.exe Process ID - 14240 Process Identity - SYSTEM [12-07-2023 01:30:40] New process found: Process Name - winlogon.exe Process ID - 16148 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:30:41] New process found: Process Name - LogonUI.exe Process ID - 1360 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:30:41] New process found: Process Name - dwm.exe Process ID - 15280 Process Identity - Window Manager\DWM-4 [12-07-2023 01:30:50] Process Exited: Process Name - w3wp.exe Process ID - 13684 Web application pool name - cies.org.in(domain)(4.0)(pool) [12-07-2023 01:30:52] Process Exited: Process Name - LogonUI.exe Process ID - 1360 [12-07-2023 01:30:52] Process Exited: Process Name - conhost.exe Process ID - 6420 [12-07-2023 01:30:52] Process Exited: Process Name - w3wp.exe Process ID - 7660 Web application pool name - blogs.medblinkit.com(domain)(4.0)(pool) [12-07-2023 01:30:52] Process Exited: Process Name - csrss.exe Process ID - 14240 [12-07-2023 01:30:52] Process Exited: Process Name - dwm.exe Process ID - 15280 [12-07-2023 01:30:52] Process Exited: Process Name - winlogon.exe Process ID - 16148 [12-07-2023 01:30:56] New process found: Process Name - w3wp.exe Process ID - 15380 Process Identity - KSHITIJSINGHAL-\IWPD_38(capitalbook) Web application pool name - capitalbooks-publishing.com(domain)(4.0)(pool) [12-07-2023 01:30:57] New process found: Process Name - csrss.exe Process ID - 1464 Process Identity - SYSTEM [12-07-2023 01:30:57] New process found: Process Name - winlogon.exe Process ID - 11512 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:30:58] New process found: Process Name - LogonUI.exe Process ID - 4248 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:30:58] New process found: Process Name - dwm.exe Process ID - 15752 Process Identity - Window Manager\DWM-4 [12-07-2023 01:31:08] Process Exited: Process Name - csrss.exe Process ID - 1464 [12-07-2023 01:31:08] Process Exited: Process Name - LogonUI.exe Process ID - 4248 [12-07-2023 01:31:08] Process Exited: Process Name - winlogon.exe Process ID - 11512 [12-07-2023 01:31:08] Process Exited: Process Name - dwm.exe Process ID - 15752 [12-07-2023 01:31:10] New process found: Process Name - csrss.exe Process ID - 14520 Process Identity - SYSTEM [12-07-2023 01:31:10] New process found: Process Name - winlogon.exe Process ID - 6560 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:31:11] New process found: Process Name - LogonUI.exe Process ID - 10456 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:31:11] New process found: Process Name - dwm.exe Process ID - 11396 Process Identity - Window Manager\DWM-4 [12-07-2023 01:31:23] Process Exited: Process Name - winlogon.exe Process ID - 6560 [12-07-2023 01:31:23] Process Exited: Process Name - LogonUI.exe Process ID - 10456 [12-07-2023 01:31:23] Process Exited: Process Name - dwm.exe Process ID - 11396 [12-07-2023 01:31:23] Process Exited: Process Name - csrss.exe Process ID - 14520 [12-07-2023 01:31:26] New process found: Process Name - csrss.exe Process ID - 6876 Process Identity - SYSTEM [12-07-2023 01:31:26] New process found: Process Name - winlogon.exe Process ID - 13244 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:31:26] New process found: Process Name - LogonUI.exe Process ID - 12664 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:31:26] New process found: Process Name - dwm.exe Process ID - 2824 Process Identity - Window Manager\DWM-4 [12-07-2023 01:31:38] Process Exited: Process Name - dwm.exe Process ID - 2824 [12-07-2023 01:31:38] Process Exited: Process Name - csrss.exe Process ID - 6876 [12-07-2023 01:31:38] Process Exited: Process Name - LogonUI.exe Process ID - 12664 [12-07-2023 01:31:38] Process Exited: Process Name - winlogon.exe Process ID - 13244 [12-07-2023 01:31:41] New process found: Process Name - csrss.exe Process ID - 16000 Process Identity - SYSTEM [12-07-2023 01:31:41] New process found: Process Name - winlogon.exe Process ID - 1084 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:31:42] New process found: Process Name - LogonUI.exe Process ID - 8856 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:31:42] New process found: Process Name - dwm.exe Process ID - 7164 Process Identity - Window Manager\DWM-4 [12-07-2023 01:31:53] Process Exited: Process Name - winlogon.exe Process ID - 1084 [12-07-2023 01:31:53] Process Exited: Process Name - dwm.exe Process ID - 7164 [12-07-2023 01:31:53] Process Exited: Process Name - LogonUI.exe Process ID - 8856 [12-07-2023 01:31:53] Process Exited: Process Name - csrss.exe Process ID - 16000 [12-07-2023 01:31:59] New process found: Process Name - csrss.exe Process ID - 13304 Process Identity - SYSTEM [12-07-2023 01:31:59] New process found: Process Name - winlogon.exe Process ID - 4108 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:32:02] New process found: Process Name - LogonUI.exe Process ID - 6156 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:32:02] New process found: Process Name - dwm.exe Process ID - 6012 Process Identity - Window Manager\DWM-4 [12-07-2023 01:32:04] Process Exited: Process Name - w3wp.exe Process ID - 968 Web application pool name - imarc.acwits.in(domain)(4.0)(pool) [12-07-2023 01:32:04] Process Exited: Process Name - conhost.exe Process ID - 14356 [12-07-2023 01:32:09] Process Exited: Process Name - winlogon.exe Process ID - 4108 [12-07-2023 01:32:09] Process Exited: Process Name - dwm.exe Process ID - 6012 [12-07-2023 01:32:09] Process Exited: Process Name - LogonUI.exe Process ID - 6156 [12-07-2023 01:32:09] Process Exited: Process Name - csrss.exe Process ID - 13304 [12-07-2023 01:32:14] New process found: Process Name - csrss.exe Process ID - 9524 Process Identity - SYSTEM [12-07-2023 01:32:14] New process found: Process Name - winlogon.exe Process ID - 16280 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:32:15] New process found: Process Name - LogonUI.exe Process ID - 8860 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:32:15] New process found: Process Name - dwm.exe Process ID - 7852 Process Identity - Window Manager\DWM-4 [12-07-2023 01:32:25] Process Exited: Process Name - dwm.exe Process ID - 7852 [12-07-2023 01:32:25] Process Exited: Process Name - LogonUI.exe Process ID - 8860 [12-07-2023 01:32:25] Process Exited: Process Name - csrss.exe Process ID - 9524 [12-07-2023 01:32:25] Process Exited: Process Name - winlogon.exe Process ID - 16280 [12-07-2023 01:32:26] New process found: Process Name - w3wp.exe Process ID - 9092 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 01:32:26] Process Exited: Process Name - w3wp.exe Process ID - 15188 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 01:32:27] New process found: Process Name - csrss.exe Process ID - 10884 Process Identity - SYSTEM [12-07-2023 01:32:27] New process found: Process Name - winlogon.exe Process ID - 6648 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:32:28] New process found: Process Name - LogonUI.exe Process ID - 10656 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:32:28] New process found: Process Name - dwm.exe Process ID - 14328 Process Identity - Window Manager\DWM-4 [12-07-2023 01:32:34] New process found: Process Name - SearchProtocolHost.exe Process ID - 15528 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:32:34] New process found: Process Name - SearchFilterHost.exe Process ID - 6576 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:32:35] New process found: Process Name - w3wp.exe Process ID - 15268 Process Identity - IIS APPPOOL\DefaultAppPool Web application pool name - DefaultAppPool [12-07-2023 01:32:35] Process Exited: Process Name - w3wp.exe Process ID - 6848 Web application pool name - DefaultAppPool [12-07-2023 01:32:40] Process Exited: Process Name - winlogon.exe Process ID - 6648 [12-07-2023 01:32:40] Process Exited: Process Name - LogonUI.exe Process ID - 10656 [12-07-2023 01:32:40] Process Exited: Process Name - csrss.exe Process ID - 10884 [12-07-2023 01:32:40] Process Exited: Process Name - dwm.exe Process ID - 14328 [12-07-2023 01:32:43] New process found: Process Name - csrss.exe Process ID - 5516 Process Identity - SYSTEM [12-07-2023 01:32:43] New process found: Process Name - winlogon.exe Process ID - 9068 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:32:44] New process found: Process Name - LogonUI.exe Process ID - 12168 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:32:44] New process found: Process Name - dwm.exe Process ID - 8940 Process Identity - Window Manager\DWM-4 [12-07-2023 01:32:55] Process Exited: Process Name - csrss.exe Process ID - 5516 [12-07-2023 01:32:55] Process Exited: Process Name - dwm.exe Process ID - 8940 [12-07-2023 01:32:55] Process Exited: Process Name - winlogon.exe Process ID - 9068 [12-07-2023 01:32:55] Process Exited: Process Name - LogonUI.exe Process ID - 12168 [12-07-2023 01:32:58] New process found: Process Name - csrss.exe Process ID - 12256 Process Identity - SYSTEM [12-07-2023 01:32:58] New process found: Process Name - winlogon.exe Process ID - 13368 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:32:59] New process found: Process Name - LogonUI.exe Process ID - 6192 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:32:59] New process found: Process Name - dwm.exe Process ID - 13460 Process Identity - Window Manager\DWM-4 [12-07-2023 01:33:10] Process Exited: Process Name - LogonUI.exe Process ID - 6192 [12-07-2023 01:33:10] Process Exited: Process Name - csrss.exe Process ID - 12256 [12-07-2023 01:33:10] Process Exited: Process Name - winlogon.exe Process ID - 13368 [12-07-2023 01:33:10] Process Exited: Process Name - dwm.exe Process ID - 13460 [12-07-2023 01:33:12] New process found: Process Name - csrss.exe Process ID - 12772 Process Identity - SYSTEM [12-07-2023 01:33:12] New process found: Process Name - winlogon.exe Process ID - 11300 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:33:13] New process found: Process Name - LogonUI.exe Process ID - 888 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:33:13] New process found: Process Name - dwm.exe Process ID - 8476 Process Identity - Window Manager\DWM-4 [12-07-2023 01:33:25] Process Exited: Process Name - LogonUI.exe Process ID - 888 [12-07-2023 01:33:25] Process Exited: Process Name - dwm.exe Process ID - 8476 [12-07-2023 01:33:25] Process Exited: Process Name - winlogon.exe Process ID - 11300 [12-07-2023 01:33:25] Process Exited: Process Name - csrss.exe Process ID - 12772 [12-07-2023 01:33:27] New process found: Process Name - csrss.exe Process ID - 16348 Process Identity - SYSTEM [12-07-2023 01:33:27] New process found: Process Name - winlogon.exe Process ID - 5116 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:33:28] New process found: Process Name - LogonUI.exe Process ID - 368 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:33:28] New process found: Process Name - dwm.exe Process ID - 732 Process Identity - Window Manager\DWM-4 [12-07-2023 01:33:34] New process found: Process Name - w3wp.exe Process ID - 14220 Process Identity - IIS APPPOOL\PleskControlPanel Web application pool name - PleskControlPanel [12-07-2023 01:33:34] New process found: Process Name - php-cgi.exe Process ID - 4944 Process Identity - IIS APPPOOL\PleskControlPanel [12-07-2023 01:33:40] Process Exited: Process Name - LogonUI.exe Process ID - 368 [12-07-2023 01:33:40] Process Exited: Process Name - dwm.exe Process ID - 732 [12-07-2023 01:33:40] Process Exited: Process Name - winlogon.exe Process ID - 5116 [12-07-2023 01:33:40] Process Exited: Process Name - csrss.exe Process ID - 16348 [12-07-2023 01:33:42] New process found: Process Name - smss.exe Process ID - 12024 Process Identity - SYSTEM [12-07-2023 01:33:42] New process found: Process Name - csrss.exe Process ID - 11324 Process Identity - SYSTEM [12-07-2023 01:33:43] New process found: Process Name - winlogon.exe Process ID - 11356 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:33:43] New process found: Process Name - LogonUI.exe Process ID - 12872 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:33:43] New process found: Process Name - dwm.exe Process ID - 14136 Process Identity - Window Manager\DWM-4 [12-07-2023 01:33:43] Process Exited: Process Name - smss.exe Process ID - 12024 [12-07-2023 01:33:55] Process Exited: Process Name - csrss.exe Process ID - 11324 [12-07-2023 01:33:55] Process Exited: Process Name - winlogon.exe Process ID - 11356 [12-07-2023 01:33:55] Process Exited: Process Name - LogonUI.exe Process ID - 12872 [12-07-2023 01:33:55] Process Exited: Process Name - dwm.exe Process ID - 14136 [12-07-2023 01:33:58] New process found: Process Name - csrss.exe Process ID - 14800 Process Identity - SYSTEM [12-07-2023 01:33:58] New process found: Process Name - winlogon.exe Process ID - 15108 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:33:59] New process found: Process Name - LogonUI.exe Process ID - 4176 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:33:59] New process found: Process Name - dwm.exe Process ID - 13632 Process Identity - Window Manager\DWM-4 [12-07-2023 01:34:10] Process Exited: Process Name - LogonUI.exe Process ID - 4176 [12-07-2023 01:34:10] Process Exited: Process Name - dwm.exe Process ID - 13632 [12-07-2023 01:34:10] Process Exited: Process Name - winlogon.exe Process ID - 15108 [12-07-2023 01:34:11] Process Exited: Process Name - csrss.exe Process ID - 14800 [12-07-2023 01:34:13] Process Exited: Process Name - w3wp.exe Process ID - 13700 Web application pool name - syndicated.acwits.in(domain)(4.0)(pool) [12-07-2023 01:34:13] Process Exited: Process Name - conhost.exe Process ID - 14756 [12-07-2023 01:34:14] New process found: Process Name - csrss.exe Process ID - 10836 Process Identity - SYSTEM [12-07-2023 01:34:14] New process found: Process Name - winlogon.exe Process ID - 6732 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:34:15] New process found: Process Name - LogonUI.exe Process ID - 9252 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:34:15] New process found: Process Name - dwm.exe Process ID - 6916 Process Identity - Window Manager\DWM-4 [12-07-2023 01:34:26] Process Exited: Process Name - winlogon.exe Process ID - 6732 [12-07-2023 01:34:26] Process Exited: Process Name - dwm.exe Process ID - 6916 [12-07-2023 01:34:26] Process Exited: Process Name - LogonUI.exe Process ID - 9252 [12-07-2023 01:34:26] Process Exited: Process Name - csrss.exe Process ID - 10836 [12-07-2023 01:34:29] New process found: Process Name - csrss.exe Process ID - 13704 Process Identity - SYSTEM [12-07-2023 01:34:29] New process found: Process Name - winlogon.exe Process ID - 10860 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:34:31] New process found: Process Name - LogonUI.exe Process ID - 4136 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:34:31] New process found: Process Name - dwm.exe Process ID - 6780 Process Identity - Window Manager\DWM-4 [12-07-2023 01:34:41] Process Exited: Process Name - LogonUI.exe Process ID - 4136 [12-07-2023 01:34:41] Process Exited: Process Name - dwm.exe Process ID - 6780 [12-07-2023 01:34:41] Process Exited: Process Name - winlogon.exe Process ID - 10860 [12-07-2023 01:34:41] Process Exited: Process Name - csrss.exe Process ID - 13704 [12-07-2023 01:34:43] New process found: Process Name - csrss.exe Process ID - 16188 Process Identity - SYSTEM [12-07-2023 01:34:43] New process found: Process Name - winlogon.exe Process ID - 15768 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:34:44] New process found: Process Name - LogonUI.exe Process ID - 6912 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:34:44] New process found: Process Name - dwm.exe Process ID - 9928 Process Identity - Window Manager\DWM-4 [12-07-2023 01:34:47] Process Exited: Process Name - SearchFilterHost.exe Process ID - 6576 [12-07-2023 01:34:47] Process Exited: Process Name - SearchProtocolHost.exe Process ID - 15528 [12-07-2023 01:34:56] Process Exited: Process Name - LogonUI.exe Process ID - 6912 [12-07-2023 01:34:56] Process Exited: Process Name - dwm.exe Process ID - 9928 [12-07-2023 01:34:56] Process Exited: Process Name - winlogon.exe Process ID - 15768 [12-07-2023 01:34:56] Process Exited: Process Name - csrss.exe Process ID - 16188 [12-07-2023 01:35:01] New process found: Process Name - smss.exe Process ID - 11704 Process Identity - SYSTEM [12-07-2023 01:35:01] New process found: Process Name - csrss.exe Process ID - 5072 Process Identity - SYSTEM [12-07-2023 01:35:02] New process found: Process Name - winlogon.exe Process ID - 14524 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:35:02] Process Exited: Process Name - smss.exe Process ID - 11704 [12-07-2023 01:35:03] New process found: Process Name - LogonUI.exe Process ID - 2780 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:35:03] New process found: Process Name - dwm.exe Process ID - 15512 Process Identity - Window Manager\DWM-4 [12-07-2023 01:35:08] Process Exited: Process Name - conhost.exe Process ID - 7836 [12-07-2023 01:35:08] Process Exited: Process Name - w3wp.exe Process ID - 12888 Web application pool name - perfectbread.com(domain)(4.0)(pool) [12-07-2023 01:35:11] Process Exited: Process Name - LogonUI.exe Process ID - 2780 [12-07-2023 01:35:11] Process Exited: Process Name - winlogon.exe Process ID - 14524 [12-07-2023 01:35:11] Process Exited: Process Name - dwm.exe Process ID - 15512 [12-07-2023 01:35:12] Process Exited: Process Name - csrss.exe Process ID - 5072 [12-07-2023 01:35:15] New process found: Process Name - csrss.exe Process ID - 13280 Process Identity - SYSTEM [12-07-2023 01:35:15] New process found: Process Name - winlogon.exe Process ID - 16168 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:35:16] New process found: Process Name - LogonUI.exe Process ID - 9740 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:35:16] New process found: Process Name - dwm.exe Process ID - 10172 Process Identity - Window Manager\DWM-4 [12-07-2023 01:35:27] Process Exited: Process Name - LogonUI.exe Process ID - 9740 [12-07-2023 01:35:27] Process Exited: Process Name - dwm.exe Process ID - 10172 [12-07-2023 01:35:27] Process Exited: Process Name - csrss.exe Process ID - 13280 [12-07-2023 01:35:27] Process Exited: Process Name - winlogon.exe Process ID - 16168 [12-07-2023 01:35:29] New process found: Process Name - csrss.exe Process ID - 11756 Process Identity - SYSTEM [12-07-2023 01:35:29] New process found: Process Name - winlogon.exe Process ID - 12228 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:35:30] New process found: Process Name - LogonUI.exe Process ID - 2232 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:35:30] New process found: Process Name - dwm.exe Process ID - 12372 Process Identity - Window Manager\DWM-4 [12-07-2023 01:35:42] Process Exited: Process Name - LogonUI.exe Process ID - 2232 [12-07-2023 01:35:42] Process Exited: Process Name - csrss.exe Process ID - 11756 [12-07-2023 01:35:42] Process Exited: Process Name - winlogon.exe Process ID - 12228 [12-07-2023 01:35:42] Process Exited: Process Name - dwm.exe Process ID - 12372 [12-07-2023 01:35:44] New process found: Process Name - csrss.exe Process ID - 1844 Process Identity - SYSTEM [12-07-2023 01:35:44] New process found: Process Name - winlogon.exe Process ID - 7316 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:35:46] New process found: Process Name - LogonUI.exe Process ID - 3364 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:35:46] New process found: Process Name - dwm.exe Process ID - 13236 Process Identity - Window Manager\DWM-4 [12-07-2023 01:35:57] Process Exited: Process Name - csrss.exe Process ID - 1844 [12-07-2023 01:35:57] Process Exited: Process Name - LogonUI.exe Process ID - 3364 [12-07-2023 01:35:57] Process Exited: Process Name - winlogon.exe Process ID - 7316 [12-07-2023 01:35:57] Process Exited: Process Name - dwm.exe Process ID - 13236 [12-07-2023 01:36:00] New process found: Process Name - csrss.exe Process ID - 12276 Process Identity - SYSTEM [12-07-2023 01:36:00] New process found: Process Name - winlogon.exe Process ID - 5516 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:36:02] New process found: Process Name - LogonUI.exe Process ID - 6664 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:36:02] New process found: Process Name - dwm.exe Process ID - 6792 Process Identity - Window Manager\DWM-4 [12-07-2023 01:36:12] Process Exited: Process Name - winlogon.exe Process ID - 5516 [12-07-2023 01:36:12] Process Exited: Process Name - LogonUI.exe Process ID - 6664 [12-07-2023 01:36:12] Process Exited: Process Name - dwm.exe Process ID - 6792 [12-07-2023 01:36:12] Process Exited: Process Name - csrss.exe Process ID - 12276 [12-07-2023 01:36:13] New process found: Process Name - w3wp.exe Process ID - 13460 Process Identity - KSHITIJSINGHAL-\IWPD_6(cies) Web application pool name - cies.org.in(domain)(4.0)(pool) [12-07-2023 01:36:17] New process found: Process Name - csrss.exe Process ID - 7360 Process Identity - SYSTEM [12-07-2023 01:36:17] New process found: Process Name - winlogon.exe Process ID - 14724 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:36:20] New process found: Process Name - LogonUI.exe Process ID - 10788 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:36:20] New process found: Process Name - dwm.exe Process ID - 7920 Process Identity - Window Manager\DWM-4 [12-07-2023 01:36:27] Process Exited: Process Name - csrss.exe Process ID - 7360 [12-07-2023 01:36:27] Process Exited: Process Name - dwm.exe Process ID - 7920 [12-07-2023 01:36:27] Process Exited: Process Name - LogonUI.exe Process ID - 10788 [12-07-2023 01:36:27] Process Exited: Process Name - winlogon.exe Process ID - 14724 [12-07-2023 01:36:29] New process found: Process Name - csrss.exe Process ID - 10816 Process Identity - SYSTEM [12-07-2023 01:36:29] New process found: Process Name - winlogon.exe Process ID - 11436 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:36:30] New process found: Process Name - LogonUI.exe Process ID - 13612 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:36:30] New process found: Process Name - dwm.exe Process ID - 15212 Process Identity - Window Manager\DWM-4 [12-07-2023 01:36:42] Process Exited: Process Name - csrss.exe Process ID - 10816 [12-07-2023 01:36:42] Process Exited: Process Name - winlogon.exe Process ID - 11436 [12-07-2023 01:36:42] Process Exited: Process Name - LogonUI.exe Process ID - 13612 [12-07-2023 01:36:42] Process Exited: Process Name - dwm.exe Process ID - 15212 [12-07-2023 01:36:47] New process found: Process Name - smss.exe Process ID - 7492 Process Identity - SYSTEM [12-07-2023 01:36:47] New process found: Process Name - csrss.exe Process ID - 14416 Process Identity - SYSTEM [12-07-2023 01:36:48] New process found: Process Name - winlogon.exe Process ID - 14484 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:36:48] Process Exited: Process Name - smss.exe Process ID - 7492 [12-07-2023 01:36:49] New process found: Process Name - LogonUI.exe Process ID - 14384 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:36:49] New process found: Process Name - dwm.exe Process ID - 2676 Process Identity - Window Manager\DWM-4 [12-07-2023 01:36:58] Process Exited: Process Name - dwm.exe Process ID - 2676 [12-07-2023 01:36:58] Process Exited: Process Name - LogonUI.exe Process ID - 14384 [12-07-2023 01:36:58] Process Exited: Process Name - csrss.exe Process ID - 14416 [12-07-2023 01:36:58] Process Exited: Process Name - winlogon.exe Process ID - 14484 [12-07-2023 01:37:00] New process found: Process Name - csrss.exe Process ID - 15484 Process Identity - SYSTEM [12-07-2023 01:37:00] New process found: Process Name - winlogon.exe Process ID - 2056 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:37:01] New process found: Process Name - LogonUI.exe Process ID - 12556 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:37:01] New process found: Process Name - dwm.exe Process ID - 16300 Process Identity - Window Manager\DWM-4 [12-07-2023 01:37:13] Process Exited: Process Name - winlogon.exe Process ID - 2056 [12-07-2023 01:37:13] Process Exited: Process Name - LogonUI.exe Process ID - 12556 [12-07-2023 01:37:13] Process Exited: Process Name - csrss.exe Process ID - 15484 [12-07-2023 01:37:13] Process Exited: Process Name - dwm.exe Process ID - 16300 [12-07-2023 01:37:14] New process found: Process Name - w3wp.exe Process ID - 11672 Process Identity - KSHITIJSINGHAL-\IWPD_13(perfectbrea) Web application pool name - perfectbread.com(domain)(4.0)(pool) [12-07-2023 01:37:14] Process Exited: Process Name - w3wp.exe Process ID - 6984 Web application pool name - suryaflame.com(domain)(4.0)(pool) [12-07-2023 01:37:14] Process Exited: Process Name - conhost.exe Process ID - 11608 [12-07-2023 01:37:16] New process found: Process Name - csrss.exe Process ID - 3500 Process Identity - SYSTEM [12-07-2023 01:37:16] New process found: Process Name - winlogon.exe Process ID - 13632 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:37:19] New process found: Process Name - LogonUI.exe Process ID - 1724 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:37:19] New process found: Process Name - dwm.exe Process ID - 12440 Process Identity - Window Manager\DWM-4 [12-07-2023 01:37:27] New process found: Process Name - w3wp.exe Process ID - 8984 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 01:37:27] Process Exited: Process Name - w3wp.exe Process ID - 9092 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 01:37:28] Process Exited: Process Name - LogonUI.exe Process ID - 1724 [12-07-2023 01:37:28] Process Exited: Process Name - csrss.exe Process ID - 3500 [12-07-2023 01:37:28] Process Exited: Process Name - dwm.exe Process ID - 12440 [12-07-2023 01:37:28] Process Exited: Process Name - winlogon.exe Process ID - 13632 [12-07-2023 01:37:31] New process found: Process Name - csrss.exe Process ID - 14096 Process Identity - SYSTEM [12-07-2023 01:37:31] New process found: Process Name - winlogon.exe Process ID - 14256 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:37:32] New process found: Process Name - LogonUI.exe Process ID - 12312 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:37:32] New process found: Process Name - dwm.exe Process ID - 12140 Process Identity - Window Manager\DWM-4 [12-07-2023 01:37:43] Process Exited: Process Name - dwm.exe Process ID - 12140 [12-07-2023 01:37:43] Process Exited: Process Name - LogonUI.exe Process ID - 12312 [12-07-2023 01:37:43] Process Exited: Process Name - csrss.exe Process ID - 14096 [12-07-2023 01:37:43] Process Exited: Process Name - winlogon.exe Process ID - 14256 [12-07-2023 01:37:46] New process found: Process Name - csrss.exe Process ID - 6996 Process Identity - SYSTEM [12-07-2023 01:37:46] New process found: Process Name - winlogon.exe Process ID - 6060 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:37:48] New process found: Process Name - LogonUI.exe Process ID - 14840 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:37:48] New process found: Process Name - dwm.exe Process ID - 2788 Process Identity - Window Manager\DWM-4 [12-07-2023 01:37:57] Process Exited: Process Name - w3wp.exe Process ID - 15380 Web application pool name - capitalbooks-publishing.com(domain)(4.0)(pool) [12-07-2023 01:37:59] Process Exited: Process Name - dwm.exe Process ID - 2788 [12-07-2023 01:37:59] Process Exited: Process Name - winlogon.exe Process ID - 6060 [12-07-2023 01:37:59] Process Exited: Process Name - csrss.exe Process ID - 6996 [12-07-2023 01:37:59] Process Exited: Process Name - LogonUI.exe Process ID - 14840 [12-07-2023 01:38:01] New process found: Process Name - csrss.exe Process ID - 8560 Process Identity - SYSTEM [12-07-2023 01:38:01] New process found: Process Name - winlogon.exe Process ID - 8668 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:38:02] New process found: Process Name - LogonUI.exe Process ID - 7556 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:38:02] New process found: Process Name - dwm.exe Process ID - 14904 Process Identity - Window Manager\DWM-4 [12-07-2023 01:38:15] Process Exited: Process Name - LogonUI.exe Process ID - 7556 [12-07-2023 01:38:15] Process Exited: Process Name - csrss.exe Process ID - 8560 [12-07-2023 01:38:15] Process Exited: Process Name - winlogon.exe Process ID - 8668 [12-07-2023 01:38:15] Process Exited: Process Name - dwm.exe Process ID - 14904 [12-07-2023 01:38:20] New process found: Process Name - csrss.exe Process ID - 7804 Process Identity - SYSTEM [12-07-2023 01:38:20] New process found: Process Name - winlogon.exe Process ID - 13956 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:38:21] New process found: Process Name - LogonUI.exe Process ID - 12712 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:38:21] New process found: Process Name - dwm.exe Process ID - 7148 Process Identity - Window Manager\DWM-4 [12-07-2023 01:38:27] New process found: Process Name - w3wp.exe Process ID - 14784 Process Identity - KSHITIJSINGHAL-\IWPD_33(acwits) Web application pool name - procurementwebnew.acwits.in(domain)(4.0)(pool) [12-07-2023 01:38:27] New process found: Process Name - conhost.exe Process ID - 8656 Process Identity - KSHITIJSINGHAL-\IWPD_33(acwits) [12-07-2023 01:38:31] Process Exited: Process Name - dwm.exe Process ID - 7148 [12-07-2023 01:38:31] Process Exited: Process Name - csrss.exe Process ID - 7804 [12-07-2023 01:38:31] Process Exited: Process Name - LogonUI.exe Process ID - 12712 [12-07-2023 01:38:31] Process Exited: Process Name - winlogon.exe Process ID - 13956 [12-07-2023 01:38:36] New process found: Process Name - csrss.exe Process ID - 15024 Process Identity - SYSTEM [12-07-2023 01:38:36] New process found: Process Name - winlogon.exe Process ID - 15860 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:38:37] Process Exited: Process Name - w3wp.exe Process ID - 15268 Web application pool name - DefaultAppPool [12-07-2023 01:38:38] New process found: Process Name - LogonUI.exe Process ID - 4920 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:38:38] New process found: Process Name - dwm.exe Process ID - 9944 Process Identity - Window Manager\DWM-4 [12-07-2023 01:38:46] Process Exited: Process Name - LogonUI.exe Process ID - 4920 [12-07-2023 01:38:46] Process Exited: Process Name - dwm.exe Process ID - 9944 [12-07-2023 01:38:46] Process Exited: Process Name - csrss.exe Process ID - 15024 [12-07-2023 01:38:46] Process Exited: Process Name - winlogon.exe Process ID - 15860 [12-07-2023 01:38:55] New process found: Process Name - csrss.exe Process ID - 7816 Process Identity - SYSTEM [12-07-2023 01:38:55] New process found: Process Name - winlogon.exe Process ID - 11564 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:39:00] New process found: Process Name - WmiPrvSE.exe Process ID - 14248 Process Identity - NT AUTHORITY\LOCAL SERVICE [12-07-2023 01:39:00] New process found: Process Name - LogonUI.exe Process ID - 6768 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:39:00] New process found: Process Name - dwm.exe Process ID - 2604 Process Identity - Window Manager\DWM-4 [12-07-2023 01:39:02] Process Exited: Process Name - dwm.exe Process ID - 2604 [12-07-2023 01:39:02] Process Exited: Process Name - LogonUI.exe Process ID - 6768 [12-07-2023 01:39:02] Process Exited: Process Name - csrss.exe Process ID - 7816 [12-07-2023 01:39:02] Process Exited: Process Name - winlogon.exe Process ID - 11564 [12-07-2023 01:39:05] New process found: Process Name - csrss.exe Process ID - 14364 Process Identity - SYSTEM [12-07-2023 01:39:05] New process found: Process Name - winlogon.exe Process ID - 14968 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:39:07] New process found: Process Name - LogonUI.exe Process ID - 14848 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:39:07] New process found: Process Name - dwm.exe Process ID - 2088 Process Identity - Window Manager\DWM-4 [12-07-2023 01:39:07] New process found: Process Name - WmiPrvSE.exe Process ID - 8688 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:39:18] Process Exited: Process Name - dwm.exe Process ID - 2088 [12-07-2023 01:39:18] Process Exited: Process Name - csrss.exe Process ID - 14364 [12-07-2023 01:39:18] Process Exited: Process Name - LogonUI.exe Process ID - 14848 [12-07-2023 01:39:18] Process Exited: Process Name - winlogon.exe Process ID - 14968 [12-07-2023 01:39:23] New process found: Process Name - csrss.exe Process ID - 13684 Process Identity - SYSTEM [12-07-2023 01:39:23] New process found: Process Name - winlogon.exe Process ID - 4128 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:39:24] New process found: Process Name - LogonUI.exe Process ID - 2596 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:39:24] New process found: Process Name - dwm.exe Process ID - 10776 Process Identity - Window Manager\DWM-4 [12-07-2023 01:39:26] New process found: Process Name - w3wp.exe Process ID - 9852 Process Identity - IIS APPPOOL\DefaultAppPool Web application pool name - DefaultAppPool [12-07-2023 01:39:33] Process Exited: Process Name - LogonUI.exe Process ID - 2596 [12-07-2023 01:39:33] Process Exited: Process Name - winlogon.exe Process ID - 4128 [12-07-2023 01:39:33] Process Exited: Process Name - dwm.exe Process ID - 10776 [12-07-2023 01:39:33] Process Exited: Process Name - csrss.exe Process ID - 13684 [12-07-2023 01:39:35] New process found: Process Name - csrss.exe Process ID - 13108 Process Identity - SYSTEM [12-07-2023 01:39:35] New process found: Process Name - winlogon.exe Process ID - 13072 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:39:36] New process found: Process Name - LogonUI.exe Process ID - 1360 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:39:36] New process found: Process Name - dwm.exe Process ID - 10792 Process Identity - Window Manager\DWM-4 [12-07-2023 01:39:48] Process Exited: Process Name - LogonUI.exe Process ID - 1360 [12-07-2023 01:39:48] Process Exited: Process Name - dwm.exe Process ID - 10792 [12-07-2023 01:39:48] Process Exited: Process Name - winlogon.exe Process ID - 13072 [12-07-2023 01:39:48] Process Exited: Process Name - csrss.exe Process ID - 13108 [12-07-2023 01:39:51] New process found: Process Name - csrss.exe Process ID - 15384 Process Identity - SYSTEM [12-07-2023 01:39:51] New process found: Process Name - winlogon.exe Process ID - 10924 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:39:53] New process found: Process Name - LogonUI.exe Process ID - 7000 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:39:53] New process found: Process Name - dwm.exe Process ID - 6624 Process Identity - Window Manager\DWM-4 [12-07-2023 01:40:04] Process Exited: Process Name - dwm.exe Process ID - 6624 [12-07-2023 01:40:04] Process Exited: Process Name - LogonUI.exe Process ID - 7000 [12-07-2023 01:40:04] Process Exited: Process Name - winlogon.exe Process ID - 10924 [12-07-2023 01:40:04] Process Exited: Process Name - csrss.exe Process ID - 15384 [12-07-2023 01:40:07] New process found: Process Name - csrss.exe Process ID - 10704 Process Identity - SYSTEM [12-07-2023 01:40:07] New process found: Process Name - winlogon.exe Process ID - 1320 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:40:09] New process found: Process Name - LogonUI.exe Process ID - 12352 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:40:09] New process found: Process Name - dwm.exe Process ID - 2880 Process Identity - Window Manager\DWM-4 [12-07-2023 01:40:11] New process found: Process Name - conhost.exe Process ID - 9432 Process Identity - KSHITIJSINGHAL-\IWPD_13(perfectbrea) [12-07-2023 01:40:16] New process found: Process Name - w3wp.exe Process ID - 14976 Process Identity - KSHITIJSINGHAL-\IWPD_74(suryafla_aw) Web application pool name - suryaflame.com(domain)(4.0)(pool) [12-07-2023 01:40:19] Process Exited: Process Name - winlogon.exe Process ID - 1320 [12-07-2023 01:40:19] Process Exited: Process Name - dwm.exe Process ID - 2880 [12-07-2023 01:40:19] Process Exited: Process Name - csrss.exe Process ID - 10704 [12-07-2023 01:40:19] Process Exited: Process Name - LogonUI.exe Process ID - 12352 [12-07-2023 01:40:21] New process found: Process Name - csrss.exe Process ID - 8932 Process Identity - SYSTEM [12-07-2023 01:40:21] New process found: Process Name - winlogon.exe Process ID - 13632 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:40:22] New process found: Process Name - LogonUI.exe Process ID - 12460 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:40:22] New process found: Process Name - dwm.exe Process ID - 14376 Process Identity - Window Manager\DWM-4 [12-07-2023 01:40:30] Process Exited: Process Name - WmiPrvSE.exe Process ID - 8688 [12-07-2023 01:40:30] Process Exited: Process Name - WmiPrvSE.exe Process ID - 14248 [12-07-2023 01:40:32] New process found: Process Name - conhost.exe Process ID - 9376 Process Identity - KSHITIJSINGHAL-\IWPD_74(suryafla_aw) [12-07-2023 01:40:34] Process Exited: Process Name - csrss.exe Process ID - 8932 [12-07-2023 01:40:34] Process Exited: Process Name - LogonUI.exe Process ID - 12460 [12-07-2023 01:40:34] Process Exited: Process Name - winlogon.exe Process ID - 13632 [12-07-2023 01:40:34] Process Exited: Process Name - dwm.exe Process ID - 14376 [12-07-2023 01:40:36] New process found: Process Name - csrss.exe Process ID - 15760 Process Identity - SYSTEM [12-07-2023 01:40:36] New process found: Process Name - winlogon.exe Process ID - 12692 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:40:37] New process found: Process Name - LogonUI.exe Process ID - 14852 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:40:37] New process found: Process Name - dwm.exe Process ID - 5664 Process Identity - Window Manager\DWM-4 [12-07-2023 01:40:49] Process Exited: Process Name - dwm.exe Process ID - 5664 [12-07-2023 01:40:49] Process Exited: Process Name - winlogon.exe Process ID - 12692 [12-07-2023 01:40:49] Process Exited: Process Name - LogonUI.exe Process ID - 14852 [12-07-2023 01:40:50] Process Exited: Process Name - csrss.exe Process ID - 15760 [12-07-2023 01:40:52] New process found: Process Name - csrss.exe Process ID - 10984 Process Identity - SYSTEM [12-07-2023 01:40:52] New process found: Process Name - winlogon.exe Process ID - 13120 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:40:53] New process found: Process Name - LogonUI.exe Process ID - 8472 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:40:53] New process found: Process Name - dwm.exe Process ID - 15768 Process Identity - Window Manager\DWM-4 [12-07-2023 01:41:05] Process Exited: Process Name - LogonUI.exe Process ID - 8472 [12-07-2023 01:41:05] Process Exited: Process Name - csrss.exe Process ID - 10984 [12-07-2023 01:41:05] Process Exited: Process Name - winlogon.exe Process ID - 13120 [12-07-2023 01:41:05] Process Exited: Process Name - dwm.exe Process ID - 15768 [12-07-2023 01:41:07] New process found: Process Name - csrss.exe Process ID - 8036 Process Identity - SYSTEM [12-07-2023 01:41:07] New process found: Process Name - winlogon.exe Process ID - 4756 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:41:08] New process found: Process Name - LogonUI.exe Process ID - 8708 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:41:08] New process found: Process Name - dwm.exe Process ID - 4376 Process Identity - Window Manager\DWM-4 [12-07-2023 01:41:20] Process Exited: Process Name - dwm.exe Process ID - 4376 [12-07-2023 01:41:20] Process Exited: Process Name - winlogon.exe Process ID - 4756 [12-07-2023 01:41:20] Process Exited: Process Name - csrss.exe Process ID - 8036 [12-07-2023 01:41:20] Process Exited: Process Name - LogonUI.exe Process ID - 8708 [12-07-2023 01:41:23] New process found: Process Name - csrss.exe Process ID - 8372 Process Identity - SYSTEM [12-07-2023 01:41:23] New process found: Process Name - winlogon.exe Process ID - 11220 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:41:25] New process found: Process Name - LogonUI.exe Process ID - 15016 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:41:25] New process found: Process Name - dwm.exe Process ID - 9416 Process Identity - Window Manager\DWM-4 [12-07-2023 01:41:29] Process Exited: Process Name - w3wp.exe Process ID - 15656 Web application pool name - galaxytools.in [12-07-2023 01:41:36] Process Exited: Process Name - csrss.exe Process ID - 8372 [12-07-2023 01:41:36] Process Exited: Process Name - dwm.exe Process ID - 9416 [12-07-2023 01:41:36] Process Exited: Process Name - winlogon.exe Process ID - 11220 [12-07-2023 01:41:36] Process Exited: Process Name - LogonUI.exe Process ID - 15016 [12-07-2023 01:41:40] New process found: Process Name - csrss.exe Process ID - 5800 Process Identity - SYSTEM [12-07-2023 01:41:40] New process found: Process Name - winlogon.exe Process ID - 11580 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:41:43] New process found: Process Name - LogonUI.exe Process ID - 660 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:41:43] New process found: Process Name - dwm.exe Process ID - 88 Process Identity - Window Manager\DWM-4 [12-07-2023 01:41:51] Process Exited: Process Name - dwm.exe Process ID - 88 [12-07-2023 01:41:51] Process Exited: Process Name - LogonUI.exe Process ID - 660 [12-07-2023 01:41:51] Process Exited: Process Name - csrss.exe Process ID - 5800 [12-07-2023 01:41:51] Process Exited: Process Name - winlogon.exe Process ID - 11580 [12-07-2023 01:41:56] New process found: Process Name - csrss.exe Process ID - 10884 Process Identity - SYSTEM [12-07-2023 01:41:56] New process found: Process Name - winlogon.exe Process ID - 10564 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:41:56] New process found: Process Name - LogonUI.exe Process ID - 11128 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:41:56] New process found: Process Name - dwm.exe Process ID - 14668 Process Identity - Window Manager\DWM-4 [12-07-2023 01:42:07] Process Exited: Process Name - winlogon.exe Process ID - 10564 [12-07-2023 01:42:07] Process Exited: Process Name - csrss.exe Process ID - 10884 [12-07-2023 01:42:07] Process Exited: Process Name - LogonUI.exe Process ID - 11128 [12-07-2023 01:42:07] Process Exited: Process Name - dwm.exe Process ID - 14668 [12-07-2023 01:42:15] Process Exited: Process Name - w3wp.exe Process ID - 13460 Web application pool name - cies.org.in(domain)(4.0)(pool) [12-07-2023 01:42:16] New process found: Process Name - csrss.exe Process ID - 11012 Process Identity - SYSTEM [12-07-2023 01:42:16] New process found: Process Name - winlogon.exe Process ID - 8844 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:42:16] New process found: Process Name - LogonUI.exe Process ID - 4780 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:42:16] New process found: Process Name - dwm.exe Process ID - 9712 Process Identity - Window Manager\DWM-4 [12-07-2023 01:42:22] Process Exited: Process Name - LogonUI.exe Process ID - 4780 [12-07-2023 01:42:22] Process Exited: Process Name - winlogon.exe Process ID - 8844 [12-07-2023 01:42:22] Process Exited: Process Name - dwm.exe Process ID - 9712 [12-07-2023 01:42:22] Process Exited: Process Name - csrss.exe Process ID - 11012 [12-07-2023 01:42:24] New process found: Process Name - csrss.exe Process ID - 11924 Process Identity - SYSTEM [12-07-2023 01:42:24] New process found: Process Name - winlogon.exe Process ID - 12340 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:42:24] New process found: Process Name - LogonUI.exe Process ID - 11756 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:42:24] New process found: Process Name - dwm.exe Process ID - 4108 Process Identity - Window Manager\DWM-4 [12-07-2023 01:42:29] New process found: Process Name - w3wp.exe Process ID - 11676 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 01:42:29] Process Exited: Process Name - w3wp.exe Process ID - 8984 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 01:42:37] Process Exited: Process Name - dwm.exe Process ID - 4108 [12-07-2023 01:42:37] Process Exited: Process Name - LogonUI.exe Process ID - 11756 [12-07-2023 01:42:37] Process Exited: Process Name - csrss.exe Process ID - 11924 [12-07-2023 01:42:37] Process Exited: Process Name - winlogon.exe Process ID - 12340 [12-07-2023 01:42:41] New process found: Process Name - csrss.exe Process ID - 12036 Process Identity - SYSTEM [12-07-2023 01:42:41] New process found: Process Name - winlogon.exe Process ID - 11720 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:42:42] New process found: Process Name - LogonUI.exe Process ID - 13372 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:42:42] New process found: Process Name - dwm.exe Process ID - 11104 Process Identity - Window Manager\DWM-4 [12-07-2023 01:42:52] Process Exited: Process Name - dwm.exe Process ID - 11104 [12-07-2023 01:42:52] Process Exited: Process Name - winlogon.exe Process ID - 11720 [12-07-2023 01:42:52] Process Exited: Process Name - csrss.exe Process ID - 12036 [12-07-2023 01:42:52] Process Exited: Process Name - LogonUI.exe Process ID - 13372 [12-07-2023 01:42:59] New process found: Process Name - csrss.exe Process ID - 7840 Process Identity - SYSTEM [12-07-2023 01:42:59] New process found: Process Name - winlogon.exe Process ID - 15752 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:43:01] New process found: Process Name - LogonUI.exe Process ID - 12872 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:43:01] New process found: Process Name - dwm.exe Process ID - 13204 Process Identity - Window Manager\DWM-4 [12-07-2023 01:43:08] Process Exited: Process Name - csrss.exe Process ID - 7840 [12-07-2023 01:43:08] Process Exited: Process Name - LogonUI.exe Process ID - 12872 [12-07-2023 01:43:08] Process Exited: Process Name - dwm.exe Process ID - 13204 [12-07-2023 01:43:08] Process Exited: Process Name - winlogon.exe Process ID - 15752 [12-07-2023 01:43:12] New process found: Process Name - csrss.exe Process ID - 2284 Process Identity - SYSTEM [12-07-2023 01:43:12] New process found: Process Name - winlogon.exe Process ID - 9624 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:43:14] New process found: Process Name - LogonUI.exe Process ID - 15980 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:43:14] New process found: Process Name - dwm.exe Process ID - 14008 Process Identity - Window Manager\DWM-4 [12-07-2023 01:43:23] Process Exited: Process Name - csrss.exe Process ID - 2284 [12-07-2023 01:43:23] Process Exited: Process Name - winlogon.exe Process ID - 9624 [12-07-2023 01:43:23] Process Exited: Process Name - dwm.exe Process ID - 14008 [12-07-2023 01:43:23] Process Exited: Process Name - LogonUI.exe Process ID - 15980 [12-07-2023 01:43:26] New process found: Process Name - csrss.exe Process ID - 10704 Process Identity - SYSTEM [12-07-2023 01:43:26] New process found: Process Name - winlogon.exe Process ID - 6620 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:43:27] New process found: Process Name - LogonUI.exe Process ID - 15532 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:43:27] New process found: Process Name - dwm.exe Process ID - 13960 Process Identity - Window Manager\DWM-4 [12-07-2023 01:43:39] Process Exited: Process Name - winlogon.exe Process ID - 6620 [12-07-2023 01:43:39] Process Exited: Process Name - csrss.exe Process ID - 10704 [12-07-2023 01:43:39] Process Exited: Process Name - dwm.exe Process ID - 13960 [12-07-2023 01:43:39] Process Exited: Process Name - LogonUI.exe Process ID - 15532 [12-07-2023 01:43:42] New process found: Process Name - csrss.exe Process ID - 9976 Process Identity - SYSTEM [12-07-2023 01:43:42] New process found: Process Name - winlogon.exe Process ID - 7828 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:43:43] New process found: Process Name - LogonUI.exe Process ID - 10420 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:43:43] New process found: Process Name - dwm.exe Process ID - 10868 Process Identity - Window Manager\DWM-4 [12-07-2023 01:43:56] Process Exited: Process Name - winlogon.exe Process ID - 7828 [12-07-2023 01:43:56] Process Exited: Process Name - LogonUI.exe Process ID - 10420 [12-07-2023 01:43:56] Process Exited: Process Name - dwm.exe Process ID - 10868 [12-07-2023 01:43:57] Process Exited: Process Name - csrss.exe Process ID - 9976 [12-07-2023 01:43:59] New process found: Process Name - csrss.exe Process ID - 1860 Process Identity - SYSTEM [12-07-2023 01:43:59] New process found: Process Name - winlogon.exe Process ID - 14476 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:44:04] New process found: Process Name - LogonUI.exe Process ID - 9924 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:44:04] New process found: Process Name - dwm.exe Process ID - 8796 Process Identity - Window Manager\DWM-4 [12-07-2023 01:44:12] Process Exited: Process Name - csrss.exe Process ID - 1860 [12-07-2023 01:44:12] Process Exited: Process Name - dwm.exe Process ID - 8796 [12-07-2023 01:44:12] Process Exited: Process Name - LogonUI.exe Process ID - 9924 [12-07-2023 01:44:12] Process Exited: Process Name - winlogon.exe Process ID - 14476 [12-07-2023 01:44:17] New process found: Process Name - csrss.exe Process ID - 10964 Process Identity - SYSTEM [12-07-2023 01:44:17] New process found: Process Name - winlogon.exe Process ID - 220 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:44:26] New process found: Process Name - LogonUI.exe Process ID - 11524 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:44:26] New process found: Process Name - dwm.exe Process ID - 10864 Process Identity - Window Manager\DWM-4 [12-07-2023 01:44:27] Process Exited: Process Name - winlogon.exe Process ID - 220 [12-07-2023 01:44:27] Process Exited: Process Name - dwm.exe Process ID - 10864 [12-07-2023 01:44:27] Process Exited: Process Name - csrss.exe Process ID - 10964 [12-07-2023 01:44:27] Process Exited: Process Name - LogonUI.exe Process ID - 11524 [12-07-2023 01:44:29] New process found: Process Name - csrss.exe Process ID - 14480 Process Identity - SYSTEM [12-07-2023 01:44:29] New process found: Process Name - winlogon.exe Process ID - 9912 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:44:29] Process Exited: Process Name - conhost.exe Process ID - 8656 [12-07-2023 01:44:29] Process Exited: Process Name - w3wp.exe Process ID - 14784 Web application pool name - procurementwebnew.acwits.in(domain)(4.0)(pool) [12-07-2023 01:44:30] New process found: Process Name - LogonUI.exe Process ID - 16064 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:44:30] New process found: Process Name - dwm.exe Process ID - 212 Process Identity - Window Manager\DWM-4 [12-07-2023 01:44:42] Process Exited: Process Name - dwm.exe Process ID - 212 [12-07-2023 01:44:42] Process Exited: Process Name - winlogon.exe Process ID - 9912 [12-07-2023 01:44:42] Process Exited: Process Name - csrss.exe Process ID - 14480 [12-07-2023 01:44:42] Process Exited: Process Name - LogonUI.exe Process ID - 16064 [12-07-2023 01:44:46] New process found: Process Name - csrss.exe Process ID - 15088 Process Identity - SYSTEM [12-07-2023 01:44:46] New process found: Process Name - winlogon.exe Process ID - 14752 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:44:48] New process found: Process Name - LogonUI.exe Process ID - 1856 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:44:48] New process found: Process Name - dwm.exe Process ID - 16008 Process Identity - Window Manager\DWM-4 [12-07-2023 01:44:58] Process Exited: Process Name - LogonUI.exe Process ID - 1856 [12-07-2023 01:44:58] Process Exited: Process Name - winlogon.exe Process ID - 14752 [12-07-2023 01:44:58] Process Exited: Process Name - csrss.exe Process ID - 15088 [12-07-2023 01:44:58] Process Exited: Process Name - dwm.exe Process ID - 16008 [12-07-2023 01:45:01] New process found: Process Name - csrss.exe Process ID - 6616 Process Identity - SYSTEM [12-07-2023 01:45:01] New process found: Process Name - winlogon.exe Process ID - 11376 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:45:02] New process found: Process Name - LogonUI.exe Process ID - 9364 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:45:02] New process found: Process Name - dwm.exe Process ID - 12780 Process Identity - Window Manager\DWM-4 [12-07-2023 01:45:13] Process Exited: Process Name - csrss.exe Process ID - 6616 [12-07-2023 01:45:13] Process Exited: Process Name - LogonUI.exe Process ID - 9364 [12-07-2023 01:45:13] Process Exited: Process Name - winlogon.exe Process ID - 11376 [12-07-2023 01:45:13] Process Exited: Process Name - dwm.exe Process ID - 12780 [12-07-2023 01:45:17] New process found: Process Name - csrss.exe Process ID - 12644 Process Identity - SYSTEM [12-07-2023 01:45:17] New process found: Process Name - winlogon.exe Process ID - 12360 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:45:17] Process Exited: Process Name - conhost.exe Process ID - 9432 [12-07-2023 01:45:17] Process Exited: Process Name - w3wp.exe Process ID - 11672 Web application pool name - perfectbread.com(domain)(4.0)(pool) [12-07-2023 01:45:18] New process found: Process Name - LogonUI.exe Process ID - 2604 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:45:18] New process found: Process Name - dwm.exe Process ID - 11348 Process Identity - Window Manager\DWM-4 [12-07-2023 01:45:28] Process Exited: Process Name - LogonUI.exe Process ID - 2604 [12-07-2023 01:45:28] Process Exited: Process Name - dwm.exe Process ID - 11348 [12-07-2023 01:45:28] Process Exited: Process Name - winlogon.exe Process ID - 12360 [12-07-2023 01:45:28] Process Exited: Process Name - csrss.exe Process ID - 12644 [12-07-2023 01:45:35] New process found: Process Name - csrss.exe Process ID - 7320 Process Identity - SYSTEM [12-07-2023 01:45:35] New process found: Process Name - winlogon.exe Process ID - 7296 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:45:39] New process found: Process Name - LogonUI.exe Process ID - 13800 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:45:39] New process found: Process Name - dwm.exe Process ID - 11508 Process Identity - Window Manager\DWM-4 [12-07-2023 01:45:43] Process Exited: Process Name - winlogon.exe Process ID - 7296 [12-07-2023 01:45:43] Process Exited: Process Name - csrss.exe Process ID - 7320 [12-07-2023 01:45:43] Process Exited: Process Name - dwm.exe Process ID - 11508 [12-07-2023 01:45:43] Process Exited: Process Name - LogonUI.exe Process ID - 13800 [12-07-2023 01:45:46] New process found: Process Name - w3wp.exe Process ID - 14164 Process Identity - KSHITIJSINGHAL-\IWPD_67(justprew_2v) Web application pool name - justprewedding.com(domain)(4.0)(pool) [12-07-2023 01:45:47] New process found: Process Name - csrss.exe Process ID - 7360 Process Identity - SYSTEM [12-07-2023 01:45:47] New process found: Process Name - winlogon.exe Process ID - 15480 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:45:50] New process found: Process Name - LogonUI.exe Process ID - 176 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:45:51] New process found: Process Name - dwm.exe Process ID - 15940 Process Identity - Window Manager\DWM-4 [12-07-2023 01:45:58] Process Exited: Process Name - LogonUI.exe Process ID - 176 [12-07-2023 01:45:58] Process Exited: Process Name - csrss.exe Process ID - 7360 [12-07-2023 01:45:58] Process Exited: Process Name - winlogon.exe Process ID - 15480 [12-07-2023 01:45:58] Process Exited: Process Name - dwm.exe Process ID - 15940 [12-07-2023 01:46:04] New process found: Process Name - csrss.exe Process ID - 7944 Process Identity - SYSTEM [12-07-2023 01:46:04] New process found: Process Name - winlogon.exe Process ID - 14968 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:46:09] New process found: Process Name - LogonUI.exe Process ID - 3876 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:46:09] New process found: Process Name - dwm.exe Process ID - 8476 Process Identity - Window Manager\DWM-4 [12-07-2023 01:46:15] Process Exited: Process Name - LogonUI.exe Process ID - 3876 [12-07-2023 01:46:15] Process Exited: Process Name - csrss.exe Process ID - 7944 [12-07-2023 01:46:15] Process Exited: Process Name - dwm.exe Process ID - 8476 [12-07-2023 01:46:15] Process Exited: Process Name - winlogon.exe Process ID - 14968 [12-07-2023 01:46:23] New process found: Process Name - csrss.exe Process ID - 11544 Process Identity - SYSTEM [12-07-2023 01:46:23] New process found: Process Name - winlogon.exe Process ID - 2640 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:46:28] New process found: Process Name - LogonUI.exe Process ID - 6868 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:46:28] New process found: Process Name - dwm.exe Process ID - 13728 Process Identity - Window Manager\DWM-4 [12-07-2023 01:46:28] New process found: Process Name - w3wp.exe Process ID - 14856 Process Identity - KSHITIJSINGHAL-\IWPD_69(acwits) Web application pool name - imarc.acwits.in(domain)(4.0)(pool) [12-07-2023 01:46:28] New process found: Process Name - where.exe Process ID - 14896 Process Identity - KSHITIJSINGHAL-\IWPD_69(acwits) [12-07-2023 01:46:28] New process found: Process Name - conhost.exe Process ID - 10924 Process Identity - KSHITIJSINGHAL-\IWPD_69(acwits) [12-07-2023 01:46:29] New process found: Process Name - conhost.exe Process ID - 14484 Process Identity - KSHITIJSINGHAL-\IWPD_69(acwits) [12-07-2023 01:46:29] Process Exited: Process Name - w3wp.exe Process ID - 9852 Web application pool name - DefaultAppPool [12-07-2023 01:46:29] Process Exited: Process Name - conhost.exe Process ID - 10924 [12-07-2023 01:46:29] Process Exited: Process Name - where.exe Process ID - 14896 [12-07-2023 01:46:31] Process Exited: Process Name - winlogon.exe Process ID - 2640 [12-07-2023 01:46:31] Process Exited: Process Name - LogonUI.exe Process ID - 6868 [12-07-2023 01:46:31] Process Exited: Process Name - csrss.exe Process ID - 11544 [12-07-2023 01:46:31] Process Exited: Process Name - dwm.exe Process ID - 13728 [12-07-2023 01:46:34] New process found: Process Name - csrss.exe Process ID - 14120 Process Identity - SYSTEM [12-07-2023 01:46:34] New process found: Process Name - winlogon.exe Process ID - 14304 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:46:37] New process found: Process Name - LogonUI.exe Process ID - 7368 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:46:37] New process found: Process Name - dwm.exe Process ID - 8528 Process Identity - Window Manager\DWM-4 [12-07-2023 01:46:46] Process Exited: Process Name - LogonUI.exe Process ID - 7368 [12-07-2023 01:46:46] Process Exited: Process Name - dwm.exe Process ID - 8528 [12-07-2023 01:46:46] Process Exited: Process Name - csrss.exe Process ID - 14120 [12-07-2023 01:46:46] Process Exited: Process Name - winlogon.exe Process ID - 14304 [12-07-2023 01:46:49] New process found: Process Name - csrss.exe Process ID - 4004 Process Identity - SYSTEM [12-07-2023 01:46:49] New process found: Process Name - winlogon.exe Process ID - 6324 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:46:52] New process found: Process Name - LogonUI.exe Process ID - 9252 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:46:52] New process found: Process Name - dwm.exe Process ID - 15320 Process Identity - Window Manager\DWM-4 [12-07-2023 01:47:01] Process Exited: Process Name - csrss.exe Process ID - 4004 [12-07-2023 01:47:01] Process Exited: Process Name - winlogon.exe Process ID - 6324 [12-07-2023 01:47:01] Process Exited: Process Name - LogonUI.exe Process ID - 9252 [12-07-2023 01:47:01] Process Exited: Process Name - dwm.exe Process ID - 15320 [12-07-2023 01:47:05] New process found: Process Name - csrss.exe Process ID - 7984 Process Identity - SYSTEM [12-07-2023 01:47:05] New process found: Process Name - winlogon.exe Process ID - 6976 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:47:10] New process found: Process Name - LogonUI.exe Process ID - 13328 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:47:10] New process found: Process Name - dwm.exe Process ID - 7012 Process Identity - Window Manager\DWM-4 [12-07-2023 01:47:17] Process Exited: Process Name - winlogon.exe Process ID - 6976 [12-07-2023 01:47:17] Process Exited: Process Name - dwm.exe Process ID - 7012 [12-07-2023 01:47:17] Process Exited: Process Name - csrss.exe Process ID - 7984 [12-07-2023 01:47:17] Process Exited: Process Name - LogonUI.exe Process ID - 13328 [12-07-2023 01:47:20] New process found: Process Name - csrss.exe Process ID - 15740 Process Identity - SYSTEM [12-07-2023 01:47:20] New process found: Process Name - winlogon.exe Process ID - 5344 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:47:21] New process found: Process Name - LogonUI.exe Process ID - 14192 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:47:21] New process found: Process Name - dwm.exe Process ID - 6156 Process Identity - Window Manager\DWM-4 [12-07-2023 01:47:30] New process found: Process Name - w3wp.exe Process ID - 11688 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 01:47:30] Process Exited: Process Name - w3wp.exe Process ID - 11676 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 01:47:32] Process Exited: Process Name - winlogon.exe Process ID - 5344 [12-07-2023 01:47:32] Process Exited: Process Name - dwm.exe Process ID - 6156 [12-07-2023 01:47:32] Process Exited: Process Name - LogonUI.exe Process ID - 14192 [12-07-2023 01:47:32] Process Exited: Process Name - csrss.exe Process ID - 15740 [12-07-2023 01:47:36] New process found: Process Name - csrss.exe Process ID - 12692 Process Identity - SYSTEM [12-07-2023 01:47:36] New process found: Process Name - winlogon.exe Process ID - 12084 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:47:36] New process found: Process Name - LogonUI.exe Process ID - 11984 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:47:36] New process found: Process Name - dwm.exe Process ID - 8992 Process Identity - Window Manager\DWM-4 [12-07-2023 01:47:47] Process Exited: Process Name - dwm.exe Process ID - 8992 [12-07-2023 01:47:47] Process Exited: Process Name - LogonUI.exe Process ID - 11984 [12-07-2023 01:47:47] Process Exited: Process Name - winlogon.exe Process ID - 12084 [12-07-2023 01:47:47] Process Exited: Process Name - csrss.exe Process ID - 12692 [12-07-2023 01:47:49] New process found: Process Name - smss.exe Process ID - 10388 Process Identity - SYSTEM [12-07-2023 01:47:49] New process found: Process Name - csrss.exe Process ID - 6228 Process Identity - SYSTEM [12-07-2023 01:47:50] New process found: Process Name - winlogon.exe Process ID - 10372 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:47:50] Process Exited: Process Name - smss.exe Process ID - 10388 [12-07-2023 01:47:51] New process found: Process Name - LogonUI.exe Process ID - 11484 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:47:51] New process found: Process Name - dwm.exe Process ID - 16084 Process Identity - Window Manager\DWM-4 [12-07-2023 01:48:02] Process Exited: Process Name - csrss.exe Process ID - 6228 [12-07-2023 01:48:02] Process Exited: Process Name - winlogon.exe Process ID - 10372 [12-07-2023 01:48:02] Process Exited: Process Name - LogonUI.exe Process ID - 11484 [12-07-2023 01:48:02] Process Exited: Process Name - dwm.exe Process ID - 16084 [12-07-2023 01:48:06] New process found: Process Name - csrss.exe Process ID - 3996 Process Identity - SYSTEM [12-07-2023 01:48:06] New process found: Process Name - winlogon.exe Process ID - 7192 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:48:07] New process found: Process Name - LogonUI.exe Process ID - 11520 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:48:07] New process found: Process Name - dwm.exe Process ID - 14628 Process Identity - Window Manager\DWM-4 [12-07-2023 01:48:12] New process found: Process Name - w3wp.exe Process ID - 15476 Process Identity - KSHITIJSINGHAL-\IWPD_80(acwits) Web application pool name - pharmacy.acwits.in(domain)(4.0)(pool) [12-07-2023 01:48:12] New process found: Process Name - conhost.exe Process ID - 13956 Process Identity - KSHITIJSINGHAL-\IWPD_80(acwits) [12-07-2023 01:48:17] Process Exited: Process Name - csrss.exe Process ID - 3996 [12-07-2023 01:48:17] Process Exited: Process Name - winlogon.exe Process ID - 7192 [12-07-2023 01:48:17] Process Exited: Process Name - LogonUI.exe Process ID - 11520 [12-07-2023 01:48:17] Process Exited: Process Name - dwm.exe Process ID - 14628 [12-07-2023 01:48:19] New process found: Process Name - csrss.exe Process ID - 16200 Process Identity - SYSTEM [12-07-2023 01:48:19] New process found: Process Name - winlogon.exe Process ID - 9920 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:48:20] New process found: Process Name - LogonUI.exe Process ID - 8672 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:48:20] New process found: Process Name - dwm.exe Process ID - 10748 Process Identity - Window Manager\DWM-4 [12-07-2023 01:48:28] New process found: Process Name - w3wp.exe Process ID - 8388 Process Identity - KSHITIJSINGHAL-\IWPD_33(acwits) Web application pool name - procurementwebnew.acwits.in(domain)(4.0)(pool) [12-07-2023 01:48:28] New process found: Process Name - conhost.exe Process ID - 5348 Process Identity - KSHITIJSINGHAL-\IWPD_33(acwits) [12-07-2023 01:48:32] Process Exited: Process Name - LogonUI.exe Process ID - 8672 [12-07-2023 01:48:32] Process Exited: Process Name - winlogon.exe Process ID - 9920 [12-07-2023 01:48:32] Process Exited: Process Name - dwm.exe Process ID - 10748 [12-07-2023 01:48:32] Process Exited: Process Name - csrss.exe Process ID - 16200 [12-07-2023 01:48:35] New process found: Process Name - csrss.exe Process ID - 1640 Process Identity - SYSTEM [12-07-2023 01:48:35] New process found: Process Name - winlogon.exe Process ID - 6468 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:48:37] New process found: Process Name - LogonUI.exe Process ID - 12864 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:48:37] New process found: Process Name - dwm.exe Process ID - 11888 Process Identity - Window Manager\DWM-4 [12-07-2023 01:48:37] New process found: Process Name - w3wp.exe Process ID - 14900 Process Identity - KSHITIJSINGHAL-\IWPD_12(acwits) Web application pool name - procurementnew.acwits.in(domain)(4.0)(pool) [12-07-2023 01:48:37] New process found: Process Name - conhost.exe Process ID - 13008 Process Identity - KSHITIJSINGHAL-\IWPD_12(acwits) [12-07-2023 01:48:48] Process Exited: Process Name - csrss.exe Process ID - 1640 [12-07-2023 01:48:48] Process Exited: Process Name - winlogon.exe Process ID - 6468 [12-07-2023 01:48:48] Process Exited: Process Name - dwm.exe Process ID - 11888 [12-07-2023 01:48:48] Process Exited: Process Name - LogonUI.exe Process ID - 12864 [12-07-2023 01:48:53] New process found: Process Name - smss.exe Process ID - 13764 Process Identity - SYSTEM [12-07-2023 01:48:53] New process found: Process Name - csrss.exe Process ID - 10532 Process Identity - SYSTEM [12-07-2023 01:48:53] New process found: Process Name - winlogon.exe Process ID - 11952 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:48:54] Process Exited: Process Name - smss.exe Process ID - 13764 [12-07-2023 01:48:55] New process found: Process Name - WmiPrvSE.exe Process ID - 2064 Process Identity - NT AUTHORITY\LOCAL SERVICE [12-07-2023 01:48:55] New process found: Process Name - LogonUI.exe Process ID - 5660 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:48:55] New process found: Process Name - dwm.exe Process ID - 8908 Process Identity - Window Manager\DWM-4 [12-07-2023 01:49:02] New process found: Process Name - WmiPrvSE.exe Process ID - 13072 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:49:03] Process Exited: Process Name - LogonUI.exe Process ID - 5660 [12-07-2023 01:49:03] Process Exited: Process Name - dwm.exe Process ID - 8908 [12-07-2023 01:49:03] Process Exited: Process Name - csrss.exe Process ID - 10532 [12-07-2023 01:49:03] Process Exited: Process Name - winlogon.exe Process ID - 11952 [12-07-2023 01:49:07] New process found: Process Name - csrss.exe Process ID - 8592 Process Identity - SYSTEM [12-07-2023 01:49:07] New process found: Process Name - winlogon.exe Process ID - 14324 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:49:08] New process found: Process Name - LogonUI.exe Process ID - 10376 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:49:08] New process found: Process Name - dwm.exe Process ID - 11720 Process Identity - Window Manager\DWM-4 [12-07-2023 01:49:19] Process Exited: Process Name - csrss.exe Process ID - 8592 [12-07-2023 01:49:19] Process Exited: Process Name - LogonUI.exe Process ID - 10376 [12-07-2023 01:49:19] Process Exited: Process Name - dwm.exe Process ID - 11720 [12-07-2023 01:49:19] Process Exited: Process Name - winlogon.exe Process ID - 14324 [12-07-2023 01:49:23] New process found: Process Name - csrss.exe Process ID - 15644 Process Identity - SYSTEM [12-07-2023 01:49:23] New process found: Process Name - winlogon.exe Process ID - 2760 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:49:27] New process found: Process Name - LogonUI.exe Process ID - 6388 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:49:27] New process found: Process Name - dwm.exe Process ID - 12568 Process Identity - Window Manager\DWM-4 [12-07-2023 01:49:35] Process Exited: Process Name - winlogon.exe Process ID - 2760 [12-07-2023 01:49:35] Process Exited: Process Name - LogonUI.exe Process ID - 6388 [12-07-2023 01:49:35] Process Exited: Process Name - dwm.exe Process ID - 12568 [12-07-2023 01:49:35] Process Exited: Process Name - csrss.exe Process ID - 15644 [12-07-2023 01:49:38] New process found: Process Name - csrss.exe Process ID - 16376 Process Identity - SYSTEM [12-07-2023 01:49:38] New process found: Process Name - winlogon.exe Process ID - 14228 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:49:39] New process found: Process Name - LogonUI.exe Process ID - 12884 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:49:39] New process found: Process Name - dwm.exe Process ID - 12572 Process Identity - Window Manager\DWM-4 [12-07-2023 01:49:50] Process Exited: Process Name - dwm.exe Process ID - 12572 [12-07-2023 01:49:50] Process Exited: Process Name - LogonUI.exe Process ID - 12884 [12-07-2023 01:49:50] Process Exited: Process Name - winlogon.exe Process ID - 14228 [12-07-2023 01:49:50] Process Exited: Process Name - csrss.exe Process ID - 16376 [12-07-2023 01:49:53] New process found: Process Name - csrss.exe Process ID - 13972 Process Identity - SYSTEM [12-07-2023 01:49:53] New process found: Process Name - winlogon.exe Process ID - 6896 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:49:55] New process found: Process Name - LogonUI.exe Process ID - 2028 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:49:55] New process found: Process Name - dwm.exe Process ID - 3500 Process Identity - Window Manager\DWM-4 [12-07-2023 01:50:06] Process Exited: Process Name - LogonUI.exe Process ID - 2028 [12-07-2023 01:50:06] Process Exited: Process Name - dwm.exe Process ID - 3500 [12-07-2023 01:50:06] Process Exited: Process Name - winlogon.exe Process ID - 6896 [12-07-2023 01:50:06] Process Exited: Process Name - csrss.exe Process ID - 13972 [12-07-2023 01:50:08] New process found: Process Name - csrss.exe Process ID - 3476 Process Identity - SYSTEM [12-07-2023 01:50:08] New process found: Process Name - winlogon.exe Process ID - 10436 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:50:09] New process found: Process Name - LogonUI.exe Process ID - 8956 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:50:09] New process found: Process Name - dwm.exe Process ID - 9928 Process Identity - Window Manager\DWM-4 [12-07-2023 01:50:21] Process Exited: Process Name - csrss.exe Process ID - 3476 [12-07-2023 01:50:21] Process Exited: Process Name - LogonUI.exe Process ID - 8956 [12-07-2023 01:50:21] Process Exited: Process Name - dwm.exe Process ID - 9928 [12-07-2023 01:50:21] Process Exited: Process Name - winlogon.exe Process ID - 10436 [12-07-2023 01:50:23] New process found: Process Name - csrss.exe Process ID - 11988 Process Identity - SYSTEM [12-07-2023 01:50:23] New process found: Process Name - winlogon.exe Process ID - 6312 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:50:24] New process found: Process Name - LogonUI.exe Process ID - 13736 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:50:24] New process found: Process Name - dwm.exe Process ID - 11656 Process Identity - Window Manager\DWM-4 [12-07-2023 01:50:25] Process Exited: Process Name - WmiPrvSE.exe Process ID - 2064 [12-07-2023 01:50:25] Process Exited: Process Name - WmiPrvSE.exe Process ID - 13072 [12-07-2023 01:50:36] Process Exited: Process Name - winlogon.exe Process ID - 6312 [12-07-2023 01:50:36] Process Exited: Process Name - dwm.exe Process ID - 11656 [12-07-2023 01:50:36] Process Exited: Process Name - csrss.exe Process ID - 11988 [12-07-2023 01:50:36] Process Exited: Process Name - LogonUI.exe Process ID - 13736 [12-07-2023 01:50:39] New process found: Process Name - csrss.exe Process ID - 12804 Process Identity - SYSTEM [12-07-2023 01:50:39] New process found: Process Name - winlogon.exe Process ID - 10008 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:50:40] New process found: Process Name - LogonUI.exe Process ID - 1432 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:50:40] New process found: Process Name - dwm.exe Process ID - 4156 Process Identity - Window Manager\DWM-4 [12-07-2023 01:50:51] Process Exited: Process Name - LogonUI.exe Process ID - 1432 [12-07-2023 01:50:51] Process Exited: Process Name - dwm.exe Process ID - 4156 [12-07-2023 01:50:51] Process Exited: Process Name - winlogon.exe Process ID - 10008 [12-07-2023 01:50:51] Process Exited: Process Name - csrss.exe Process ID - 12804 [12-07-2023 01:50:53] New process found: Process Name - csrss.exe Process ID - 12840 Process Identity - SYSTEM [12-07-2023 01:50:53] New process found: Process Name - winlogon.exe Process ID - 6836 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:50:55] New process found: Process Name - LogonUI.exe Process ID - 11520 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:50:55] New process found: Process Name - dwm.exe Process ID - 8036 Process Identity - Window Manager\DWM-4 [12-07-2023 01:51:06] Process Exited: Process Name - winlogon.exe Process ID - 6836 [12-07-2023 01:51:06] Process Exited: Process Name - dwm.exe Process ID - 8036 [12-07-2023 01:51:06] Process Exited: Process Name - LogonUI.exe Process ID - 11520 [12-07-2023 01:51:06] Process Exited: Process Name - csrss.exe Process ID - 12840 [12-07-2023 01:51:09] New process found: Process Name - csrss.exe Process ID - 10724 Process Identity - SYSTEM [12-07-2023 01:51:09] New process found: Process Name - winlogon.exe Process ID - 2212 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:51:10] New process found: Process Name - LogonUI.exe Process ID - 13168 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:51:10] New process found: Process Name - dwm.exe Process ID - 14892 Process Identity - Window Manager\DWM-4 [12-07-2023 01:51:22] Process Exited: Process Name - winlogon.exe Process ID - 2212 [12-07-2023 01:51:22] Process Exited: Process Name - csrss.exe Process ID - 10724 [12-07-2023 01:51:22] Process Exited: Process Name - LogonUI.exe Process ID - 13168 [12-07-2023 01:51:22] Process Exited: Process Name - dwm.exe Process ID - 14892 [12-07-2023 01:51:28] New process found: Process Name - csrss.exe Process ID - 9712 Process Identity - SYSTEM [12-07-2023 01:51:28] New process found: Process Name - winlogon.exe Process ID - 9724 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:51:32] New process found: Process Name - LogonUI.exe Process ID - 8948 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:51:32] New process found: Process Name - dwm.exe Process ID - 15872 Process Identity - Window Manager\DWM-4 [12-07-2023 01:51:33] New process found: Process Name - w3wp.exe Process ID - 8984 Process Identity - KSHITIJSINGHAL-\IWPD_38(capitalbook) Web application pool name - capitalbooks-publishing.com(domain)(4.0)(pool) [12-07-2023 01:51:38] Process Exited: Process Name - LogonUI.exe Process ID - 8948 [12-07-2023 01:51:38] Process Exited: Process Name - csrss.exe Process ID - 9712 [12-07-2023 01:51:38] Process Exited: Process Name - winlogon.exe Process ID - 9724 [12-07-2023 01:51:38] Process Exited: Process Name - dwm.exe Process ID - 15872 [12-07-2023 01:51:41] New process found: Process Name - csrss.exe Process ID - 15012 Process Identity - SYSTEM [12-07-2023 01:51:41] New process found: Process Name - winlogon.exe Process ID - 11408 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:51:42] New process found: Process Name - LogonUI.exe Process ID - 12832 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:51:42] New process found: Process Name - dwm.exe Process ID - 15952 Process Identity - Window Manager\DWM-4 [12-07-2023 01:51:49] Process Exited: Process Name - w3wp.exe Process ID - 14164 Web application pool name - justprewedding.com(domain)(4.0)(pool) [12-07-2023 01:51:53] Process Exited: Process Name - winlogon.exe Process ID - 11408 [12-07-2023 01:51:53] Process Exited: Process Name - LogonUI.exe Process ID - 12832 [12-07-2023 01:51:53] Process Exited: Process Name - csrss.exe Process ID - 15012 [12-07-2023 01:51:53] Process Exited: Process Name - dwm.exe Process ID - 15952 [12-07-2023 01:51:56] New process found: Process Name - csrss.exe Process ID - 2556 Process Identity - SYSTEM [12-07-2023 01:51:56] New process found: Process Name - winlogon.exe Process ID - 1704 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:51:57] New process found: Process Name - LogonUI.exe Process ID - 14712 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:51:57] New process found: Process Name - dwm.exe Process ID - 15788 Process Identity - Window Manager\DWM-4 [12-07-2023 01:52:08] Process Exited: Process Name - winlogon.exe Process ID - 1704 [12-07-2023 01:52:08] Process Exited: Process Name - csrss.exe Process ID - 2556 [12-07-2023 01:52:08] Process Exited: Process Name - LogonUI.exe Process ID - 14712 [12-07-2023 01:52:08] Process Exited: Process Name - dwm.exe Process ID - 15788 [12-07-2023 01:52:12] New process found: Process Name - csrss.exe Process ID - 6988 Process Identity - SYSTEM [12-07-2023 01:52:12] New process found: Process Name - winlogon.exe Process ID - 8328 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:52:13] New process found: Process Name - LogonUI.exe Process ID - 12364 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:52:13] New process found: Process Name - dwm.exe Process ID - 7400 Process Identity - Window Manager\DWM-4 [12-07-2023 01:52:24] Process Exited: Process Name - csrss.exe Process ID - 6988 [12-07-2023 01:52:24] Process Exited: Process Name - dwm.exe Process ID - 7400 [12-07-2023 01:52:24] Process Exited: Process Name - winlogon.exe Process ID - 8328 [12-07-2023 01:52:24] Process Exited: Process Name - LogonUI.exe Process ID - 12364 [12-07-2023 01:52:26] New process found: Process Name - csrss.exe Process ID - 6884 Process Identity - SYSTEM [12-07-2023 01:52:26] New process found: Process Name - winlogon.exe Process ID - 6756 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:52:27] New process found: Process Name - LogonUI.exe Process ID - 10836 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:52:27] New process found: Process Name - dwm.exe Process ID - 8688 Process Identity - Window Manager\DWM-4 [12-07-2023 01:52:30] Process Exited: Process Name - conhost.exe Process ID - 14484 [12-07-2023 01:52:30] Process Exited: Process Name - w3wp.exe Process ID - 14856 Web application pool name - imarc.acwits.in(domain)(4.0)(pool) [12-07-2023 01:52:31] New process found: Process Name - w3wp.exe Process ID - 15508 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 01:52:31] Process Exited: Process Name - w3wp.exe Process ID - 11688 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 01:52:39] Process Exited: Process Name - winlogon.exe Process ID - 6756 [12-07-2023 01:52:39] Process Exited: Process Name - csrss.exe Process ID - 6884 [12-07-2023 01:52:39] Process Exited: Process Name - dwm.exe Process ID - 8688 [12-07-2023 01:52:39] Process Exited: Process Name - LogonUI.exe Process ID - 10836 [12-07-2023 01:52:41] New process found: Process Name - csrss.exe Process ID - 7768 Process Identity - SYSTEM [12-07-2023 01:52:41] New process found: Process Name - winlogon.exe Process ID - 10352 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:52:42] New process found: Process Name - LogonUI.exe Process ID - 7772 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:52:42] New process found: Process Name - dwm.exe Process ID - 9768 Process Identity - Window Manager\DWM-4 [12-07-2023 01:52:54] Process Exited: Process Name - csrss.exe Process ID - 7768 [12-07-2023 01:52:54] Process Exited: Process Name - LogonUI.exe Process ID - 7772 [12-07-2023 01:52:54] Process Exited: Process Name - dwm.exe Process ID - 9768 [12-07-2023 01:52:54] Process Exited: Process Name - winlogon.exe Process ID - 10352 [12-07-2023 01:52:57] New process found: Process Name - csrss.exe Process ID - 744 Process Identity - SYSTEM [12-07-2023 01:52:57] New process found: Process Name - winlogon.exe Process ID - 7160 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:52:59] New process found: Process Name - LogonUI.exe Process ID - 9304 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:52:59] New process found: Process Name - dwm.exe Process ID - 3368 Process Identity - Window Manager\DWM-4 [12-07-2023 01:53:10] Process Exited: Process Name - csrss.exe Process ID - 744 [12-07-2023 01:53:10] Process Exited: Process Name - dwm.exe Process ID - 3368 [12-07-2023 01:53:10] Process Exited: Process Name - winlogon.exe Process ID - 7160 [12-07-2023 01:53:10] Process Exited: Process Name - LogonUI.exe Process ID - 9304 [12-07-2023 01:53:12] New process found: Process Name - csrss.exe Process ID - 13860 Process Identity - SYSTEM [12-07-2023 01:53:12] New process found: Process Name - winlogon.exe Process ID - 12408 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:53:13] New process found: Process Name - LogonUI.exe Process ID - 11656 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:53:13] New process found: Process Name - dwm.exe Process ID - 13140 Process Identity - Window Manager\DWM-4 [12-07-2023 01:53:23] New process found: Process Name - w3wp.exe Process ID - 9096 Process Identity - KSHITIJSINGHAL-\IWPD_6(cies) Web application pool name - cies.org.in(domain)(4.0)(pool) [12-07-2023 01:53:25] Process Exited: Process Name - LogonUI.exe Process ID - 11656 [12-07-2023 01:53:25] Process Exited: Process Name - winlogon.exe Process ID - 12408 [12-07-2023 01:53:25] Process Exited: Process Name - dwm.exe Process ID - 13140 [12-07-2023 01:53:25] Process Exited: Process Name - csrss.exe Process ID - 13860 [12-07-2023 01:53:27] New process found: Process Name - csrss.exe Process ID - 10148 Process Identity - SYSTEM [12-07-2023 01:53:27] New process found: Process Name - winlogon.exe Process ID - 15948 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:53:28] New process found: Process Name - LogonUI.exe Process ID - 13096 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:53:28] New process found: Process Name - dwm.exe Process ID - 13316 Process Identity - Window Manager\DWM-4 [12-07-2023 01:53:40] Process Exited: Process Name - csrss.exe Process ID - 10148 [12-07-2023 01:53:40] Process Exited: Process Name - LogonUI.exe Process ID - 13096 [12-07-2023 01:53:40] Process Exited: Process Name - dwm.exe Process ID - 13316 [12-07-2023 01:53:40] Process Exited: Process Name - winlogon.exe Process ID - 15948 [12-07-2023 01:53:43] New process found: Process Name - csrss.exe Process ID - 12840 Process Identity - SYSTEM [12-07-2023 01:53:43] New process found: Process Name - winlogon.exe Process ID - 14156 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:53:43] New process found: Process Name - LogonUI.exe Process ID - 7572 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:53:43] New process found: Process Name - dwm.exe Process ID - 5076 Process Identity - Window Manager\DWM-4 [12-07-2023 01:53:56] Process Exited: Process Name - dwm.exe Process ID - 5076 [12-07-2023 01:53:56] Process Exited: Process Name - LogonUI.exe Process ID - 7572 [12-07-2023 01:53:56] Process Exited: Process Name - csrss.exe Process ID - 12840 [12-07-2023 01:53:56] Process Exited: Process Name - winlogon.exe Process ID - 14156 [12-07-2023 01:53:58] New process found: Process Name - csrss.exe Process ID - 856 Process Identity - SYSTEM [12-07-2023 01:53:58] New process found: Process Name - winlogon.exe Process ID - 10068 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:53:59] New process found: Process Name - LogonUI.exe Process ID - 3456 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:53:59] New process found: Process Name - dwm.exe Process ID - 10976 Process Identity - Window Manager\DWM-4 [12-07-2023 01:54:10] Process Exited: Process Name - LogonUI.exe Process ID - 3456 [12-07-2023 01:54:10] Process Exited: Process Name - winlogon.exe Process ID - 10068 [12-07-2023 01:54:10] Process Exited: Process Name - dwm.exe Process ID - 10976 [12-07-2023 01:54:11] Process Exited: Process Name - csrss.exe Process ID - 856 [12-07-2023 01:54:13] New process found: Process Name - csrss.exe Process ID - 11092 Process Identity - SYSTEM [12-07-2023 01:54:13] New process found: Process Name - winlogon.exe Process ID - 11340 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:54:13] New process found: Process Name - LogonUI.exe Process ID - 11664 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:54:13] New process found: Process Name - dwm.exe Process ID - 8712 Process Identity - Window Manager\DWM-4 [12-07-2023 01:54:14] Process Exited: Process Name - conhost.exe Process ID - 13956 [12-07-2023 01:54:14] Process Exited: Process Name - w3wp.exe Process ID - 15476 Web application pool name - pharmacy.acwits.in(domain)(4.0)(pool) [12-07-2023 01:54:25] Process Exited: Process Name - dwm.exe Process ID - 8712 [12-07-2023 01:54:25] Process Exited: Process Name - winlogon.exe Process ID - 11340 [12-07-2023 01:54:25] Process Exited: Process Name - LogonUI.exe Process ID - 11664 [12-07-2023 01:54:26] Process Exited: Process Name - csrss.exe Process ID - 11092 [12-07-2023 01:54:27] New process found: Process Name - smss.exe Process ID - 7236 Process Identity - SYSTEM [12-07-2023 01:54:27] New process found: Process Name - csrss.exe Process ID - 15956 Process Identity - SYSTEM [12-07-2023 01:54:28] New process found: Process Name - winlogon.exe Process ID - 11408 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:54:28] Process Exited: Process Name - smss.exe Process ID - 7236 [12-07-2023 01:54:29] New process found: Process Name - LogonUI.exe Process ID - 2676 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:54:29] New process found: Process Name - dwm.exe Process ID - 11744 Process Identity - Window Manager\DWM-4 [12-07-2023 01:54:30] Process Exited: Process Name - conhost.exe Process ID - 5348 [12-07-2023 01:54:30] Process Exited: Process Name - w3wp.exe Process ID - 8388 Web application pool name - procurementwebnew.acwits.in(domain)(4.0)(pool) [12-07-2023 01:54:39] Process Exited: Process Name - conhost.exe Process ID - 13008 [12-07-2023 01:54:39] Process Exited: Process Name - w3wp.exe Process ID - 14900 Web application pool name - procurementnew.acwits.in(domain)(4.0)(pool) [12-07-2023 01:54:40] Process Exited: Process Name - LogonUI.exe Process ID - 2676 [12-07-2023 01:54:40] Process Exited: Process Name - winlogon.exe Process ID - 11408 [12-07-2023 01:54:40] Process Exited: Process Name - dwm.exe Process ID - 11744 [12-07-2023 01:54:41] Process Exited: Process Name - csrss.exe Process ID - 15956 [12-07-2023 01:54:44] New process found: Process Name - csrss.exe Process ID - 3760 Process Identity - SYSTEM [12-07-2023 01:54:44] New process found: Process Name - winlogon.exe Process ID - 13416 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:54:45] New process found: Process Name - LogonUI.exe Process ID - 12440 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:54:45] New process found: Process Name - dwm.exe Process ID - 9584 Process Identity - Window Manager\DWM-4 [12-07-2023 01:54:55] Process Exited: Process Name - csrss.exe Process ID - 3760 [12-07-2023 01:54:55] Process Exited: Process Name - dwm.exe Process ID - 9584 [12-07-2023 01:54:55] Process Exited: Process Name - LogonUI.exe Process ID - 12440 [12-07-2023 01:54:55] Process Exited: Process Name - winlogon.exe Process ID - 13416 [12-07-2023 01:54:58] New process found: Process Name - csrss.exe Process ID - 14612 Process Identity - SYSTEM [12-07-2023 01:54:58] New process found: Process Name - winlogon.exe Process ID - 13116 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:54:59] New process found: Process Name - LogonUI.exe Process ID - 4208 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:54:59] New process found: Process Name - dwm.exe Process ID - 16348 Process Identity - Window Manager\DWM-4 [12-07-2023 01:55:11] Process Exited: Process Name - LogonUI.exe Process ID - 4208 [12-07-2023 01:55:11] Process Exited: Process Name - winlogon.exe Process ID - 13116 [12-07-2023 01:55:11] Process Exited: Process Name - csrss.exe Process ID - 14612 [12-07-2023 01:55:11] Process Exited: Process Name - dwm.exe Process ID - 16348 [12-07-2023 01:55:13] New process found: Process Name - smss.exe Process ID - 2652 Process Identity - SYSTEM [12-07-2023 01:55:14] New process found: Process Name - csrss.exe Process ID - 11004 Process Identity - SYSTEM [12-07-2023 01:55:14] New process found: Process Name - winlogon.exe Process ID - 9088 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:55:14] Process Exited: Process Name - smss.exe Process ID - 2652 [12-07-2023 01:55:15] New process found: Process Name - LogonUI.exe Process ID - 16376 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:55:15] New process found: Process Name - dwm.exe Process ID - 6560 Process Identity - Window Manager\DWM-4 [12-07-2023 01:55:26] Process Exited: Process Name - dwm.exe Process ID - 6560 [12-07-2023 01:55:26] Process Exited: Process Name - winlogon.exe Process ID - 9088 [12-07-2023 01:55:26] Process Exited: Process Name - LogonUI.exe Process ID - 16376 [12-07-2023 01:55:27] Process Exited: Process Name - csrss.exe Process ID - 11004 [12-07-2023 01:55:29] New process found: Process Name - csrss.exe Process ID - 10948 Process Identity - SYSTEM [12-07-2023 01:55:29] New process found: Process Name - winlogon.exe Process ID - 10320 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:55:32] New process found: Process Name - LogonUI.exe Process ID - 6576 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:55:32] New process found: Process Name - dwm.exe Process ID - 11248 Process Identity - Window Manager\DWM-4 [12-07-2023 01:55:42] Process Exited: Process Name - LogonUI.exe Process ID - 6576 [12-07-2023 01:55:42] Process Exited: Process Name - winlogon.exe Process ID - 10320 [12-07-2023 01:55:42] Process Exited: Process Name - csrss.exe Process ID - 10948 [12-07-2023 01:55:42] Process Exited: Process Name - dwm.exe Process ID - 11248 [12-07-2023 01:55:47] New process found: Process Name - csrss.exe Process ID - 7768 Process Identity - SYSTEM [12-07-2023 01:55:47] New process found: Process Name - winlogon.exe Process ID - 11784 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:55:48] New process found: Process Name - LogonUI.exe Process ID - 14932 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:55:48] New process found: Process Name - dwm.exe Process ID - 10676 Process Identity - Window Manager\DWM-4 [12-07-2023 01:55:57] Process Exited: Process Name - csrss.exe Process ID - 7768 [12-07-2023 01:55:57] Process Exited: Process Name - dwm.exe Process ID - 10676 [12-07-2023 01:55:57] Process Exited: Process Name - winlogon.exe Process ID - 11784 [12-07-2023 01:55:57] Process Exited: Process Name - LogonUI.exe Process ID - 14932 [12-07-2023 01:55:59] New process found: Process Name - csrss.exe Process ID - 704 Process Identity - SYSTEM [12-07-2023 01:55:59] New process found: Process Name - winlogon.exe Process ID - 6900 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:56:00] New process found: Process Name - LogonUI.exe Process ID - 11444 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:56:00] New process found: Process Name - dwm.exe Process ID - 7160 Process Identity - Window Manager\DWM-4 [12-07-2023 01:56:12] Process Exited: Process Name - csrss.exe Process ID - 704 [12-07-2023 01:56:12] Process Exited: Process Name - winlogon.exe Process ID - 6900 [12-07-2023 01:56:12] Process Exited: Process Name - dwm.exe Process ID - 7160 [12-07-2023 01:56:12] Process Exited: Process Name - LogonUI.exe Process ID - 11444 [12-07-2023 01:56:14] New process found: Process Name - csrss.exe Process ID - 2780 Process Identity - SYSTEM [12-07-2023 01:56:14] New process found: Process Name - winlogon.exe Process ID - 980 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:56:15] New process found: Process Name - LogonUI.exe Process ID - 2464 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:56:15] New process found: Process Name - dwm.exe Process ID - 1556 Process Identity - Window Manager\DWM-4 [12-07-2023 01:56:27] Process Exited: Process Name - winlogon.exe Process ID - 980 [12-07-2023 01:56:27] Process Exited: Process Name - dwm.exe Process ID - 1556 [12-07-2023 01:56:27] Process Exited: Process Name - LogonUI.exe Process ID - 2464 [12-07-2023 01:56:27] Process Exited: Process Name - csrss.exe Process ID - 2780 [12-07-2023 01:56:32] New process found: Process Name - csrss.exe Process ID - 13280 Process Identity - SYSTEM [12-07-2023 01:56:32] New process found: Process Name - winlogon.exe Process ID - 1336 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:56:33] New process found: Process Name - LogonUI.exe Process ID - 15764 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:56:33] New process found: Process Name - dwm.exe Process ID - 7192 Process Identity - Window Manager\DWM-4 [12-07-2023 01:56:42] Process Exited: Process Name - winlogon.exe Process ID - 1336 [12-07-2023 01:56:42] Process Exited: Process Name - dwm.exe Process ID - 7192 [12-07-2023 01:56:42] Process Exited: Process Name - LogonUI.exe Process ID - 15764 [12-07-2023 01:56:43] Process Exited: Process Name - csrss.exe Process ID - 13280 [12-07-2023 01:56:47] New process found: Process Name - csrss.exe Process ID - 8372 Process Identity - SYSTEM [12-07-2023 01:56:47] New process found: Process Name - winlogon.exe Process ID - 15452 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:56:49] New process found: Process Name - LogonUI.exe Process ID - 2468 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:56:49] New process found: Process Name - dwm.exe Process ID - 12180 Process Identity - Window Manager\DWM-4 [12-07-2023 01:56:58] Process Exited: Process Name - LogonUI.exe Process ID - 2468 [12-07-2023 01:56:58] Process Exited: Process Name - csrss.exe Process ID - 8372 [12-07-2023 01:56:58] Process Exited: Process Name - dwm.exe Process ID - 12180 [12-07-2023 01:56:58] Process Exited: Process Name - winlogon.exe Process ID - 15452 [12-07-2023 01:57:01] New process found: Process Name - csrss.exe Process ID - 12944 Process Identity - SYSTEM [12-07-2023 01:57:01] New process found: Process Name - winlogon.exe Process ID - 12684 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:57:04] New process found: Process Name - LogonUI.exe Process ID - 12168 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:57:04] New process found: Process Name - dwm.exe Process ID - 8412 Process Identity - Window Manager\DWM-4 [12-07-2023 01:57:14] Process Exited: Process Name - dwm.exe Process ID - 8412 [12-07-2023 01:57:14] Process Exited: Process Name - LogonUI.exe Process ID - 12168 [12-07-2023 01:57:14] Process Exited: Process Name - winlogon.exe Process ID - 12684 [12-07-2023 01:57:14] Process Exited: Process Name - csrss.exe Process ID - 12944 [12-07-2023 01:57:16] New process found: Process Name - csrss.exe Process ID - 9416 Process Identity - SYSTEM [12-07-2023 01:57:16] New process found: Process Name - winlogon.exe Process ID - 8340 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:57:17] New process found: Process Name - LogonUI.exe Process ID - 15176 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:57:17] New process found: Process Name - dwm.exe Process ID - 13676 Process Identity - Window Manager\DWM-4 [12-07-2023 01:57:28] Process Exited: Process Name - winlogon.exe Process ID - 8340 [12-07-2023 01:57:28] Process Exited: Process Name - dwm.exe Process ID - 13676 [12-07-2023 01:57:28] Process Exited: Process Name - LogonUI.exe Process ID - 15176 [12-07-2023 01:57:29] Process Exited: Process Name - csrss.exe Process ID - 9416 [12-07-2023 01:57:32] New process found: Process Name - w3wp.exe Process ID - 16356 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 01:57:32] Process Exited: Process Name - w3wp.exe Process ID - 15508 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 01:57:34] New process found: Process Name - csrss.exe Process ID - 9896 Process Identity - SYSTEM [12-07-2023 01:57:34] New process found: Process Name - winlogon.exe Process ID - 9780 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:57:35] New process found: Process Name - LogonUI.exe Process ID - 2952 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:57:35] New process found: Process Name - dwm.exe Process ID - 7412 Process Identity - Window Manager\DWM-4 [12-07-2023 01:57:36] Process Exited: Process Name - w3wp.exe Process ID - 8984 Web application pool name - capitalbooks-publishing.com(domain)(4.0)(pool) [12-07-2023 01:57:41] New process found: Process Name - w3wp.exe Process ID - 5800 Process Identity - KSHITIJSINGHAL-\IWPD_13(perfectbrea) Web application pool name - perfectbread.com(domain)(4.0)(pool) [12-07-2023 01:57:41] New process found: Process Name - conhost.exe Process ID - 4980 Process Identity - KSHITIJSINGHAL-\IWPD_13(perfectbrea) [12-07-2023 01:57:46] Process Exited: Process Name - LogonUI.exe Process ID - 2952 [12-07-2023 01:57:46] Process Exited: Process Name - dwm.exe Process ID - 7412 [12-07-2023 01:57:46] Process Exited: Process Name - winlogon.exe Process ID - 9780 [12-07-2023 01:57:46] Process Exited: Process Name - csrss.exe Process ID - 9896 [12-07-2023 01:57:49] New process found: Process Name - csrss.exe Process ID - 13892 Process Identity - SYSTEM [12-07-2023 01:57:49] New process found: Process Name - winlogon.exe Process ID - 8776 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:57:52] New process found: Process Name - LogonUI.exe Process ID - 5092 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:57:52] New process found: Process Name - dwm.exe Process ID - 13740 Process Identity - Window Manager\DWM-4 [12-07-2023 01:58:01] Process Exited: Process Name - LogonUI.exe Process ID - 5092 [12-07-2023 01:58:01] Process Exited: Process Name - winlogon.exe Process ID - 8776 [12-07-2023 01:58:01] Process Exited: Process Name - dwm.exe Process ID - 13740 [12-07-2023 01:58:01] Process Exited: Process Name - csrss.exe Process ID - 13892 [12-07-2023 01:58:03] New process found: Process Name - csrss.exe Process ID - 16092 Process Identity - SYSTEM [12-07-2023 01:58:03] New process found: Process Name - winlogon.exe Process ID - 15408 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:58:04] New process found: Process Name - LogonUI.exe Process ID - 12328 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:58:04] New process found: Process Name - dwm.exe Process ID - 16004 Process Identity - Window Manager\DWM-4 [12-07-2023 01:58:16] Process Exited: Process Name - LogonUI.exe Process ID - 12328 [12-07-2023 01:58:16] Process Exited: Process Name - winlogon.exe Process ID - 15408 [12-07-2023 01:58:16] Process Exited: Process Name - dwm.exe Process ID - 16004 [12-07-2023 01:58:16] Process Exited: Process Name - csrss.exe Process ID - 16092 [12-07-2023 01:58:22] New process found: Process Name - csrss.exe Process ID - 14916 Process Identity - SYSTEM [12-07-2023 01:58:22] New process found: Process Name - winlogon.exe Process ID - 15680 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:58:24] New process found: Process Name - LogonUI.exe Process ID - 4964 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:58:24] New process found: Process Name - dwm.exe Process ID - 6388 Process Identity - Window Manager\DWM-4 [12-07-2023 01:58:31] Process Exited: Process Name - LogonUI.exe Process ID - 4964 [12-07-2023 01:58:31] Process Exited: Process Name - dwm.exe Process ID - 6388 [12-07-2023 01:58:31] Process Exited: Process Name - csrss.exe Process ID - 14916 [12-07-2023 01:58:31] Process Exited: Process Name - winlogon.exe Process ID - 15680 [12-07-2023 01:58:33] New process found: Process Name - csrss.exe Process ID - 4984 Process Identity - SYSTEM [12-07-2023 01:58:33] New process found: Process Name - winlogon.exe Process ID - 15836 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:58:34] New process found: Process Name - LogonUI.exe Process ID - 5460 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:58:34] New process found: Process Name - dwm.exe Process ID - 2664 Process Identity - Window Manager\DWM-4 [12-07-2023 01:58:46] Process Exited: Process Name - dwm.exe Process ID - 2664 [12-07-2023 01:58:46] Process Exited: Process Name - csrss.exe Process ID - 4984 [12-07-2023 01:58:46] Process Exited: Process Name - LogonUI.exe Process ID - 5460 [12-07-2023 01:58:46] Process Exited: Process Name - winlogon.exe Process ID - 15836 [12-07-2023 01:58:49] New process found: Process Name - csrss.exe Process ID - 16372 Process Identity - SYSTEM [12-07-2023 01:58:49] New process found: Process Name - winlogon.exe Process ID - 14140 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:58:51] New process found: Process Name - LogonUI.exe Process ID - 12704 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:58:51] New process found: Process Name - dwm.exe Process ID - 1320 Process Identity - Window Manager\DWM-4 [12-07-2023 01:58:54] New process found: Process Name - WmiPrvSE.exe Process ID - 15852 Process Identity - NT AUTHORITY\LOCAL SERVICE [12-07-2023 01:59:01] New process found: Process Name - WmiPrvSE.exe Process ID - 15132 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:59:02] Process Exited: Process Name - dwm.exe Process ID - 1320 [12-07-2023 01:59:02] Process Exited: Process Name - LogonUI.exe Process ID - 12704 [12-07-2023 01:59:02] Process Exited: Process Name - winlogon.exe Process ID - 14140 [12-07-2023 01:59:02] Process Exited: Process Name - csrss.exe Process ID - 16372 [12-07-2023 01:59:07] New process found: Process Name - csrss.exe Process ID - 13088 Process Identity - SYSTEM [12-07-2023 01:59:07] New process found: Process Name - winlogon.exe Process ID - 12860 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:59:10] New process found: Process Name - LogonUI.exe Process ID - 12208 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 01:59:10] New process found: Process Name - dwm.exe Process ID - 9240 Process Identity - Window Manager\DWM-4 [12-07-2023 01:59:18] Process Exited: Process Name - dwm.exe Process ID - 9240 [12-07-2023 01:59:18] Process Exited: Process Name - conhost.exe Process ID - 9376 [12-07-2023 01:59:18] Process Exited: Process Name - LogonUI.exe Process ID - 12208 [12-07-2023 01:59:18] Process Exited: Process Name - winlogon.exe Process ID - 12860 [12-07-2023 01:59:18] Process Exited: Process Name - csrss.exe Process ID - 13088 [12-07-2023 01:59:18] Process Exited: Process Name - w3wp.exe Process ID - 14976 Web application pool name - suryaflame.com(domain)(4.0)(pool) [12-07-2023 01:59:24] New process found: Process Name - w3wp.exe Process ID - 7672 Process Identity - IIS APPPOOL\DefaultAppPool Web application pool name - DefaultAppPool [12-07-2023 01:59:26] Process Exited: Process Name - w3wp.exe Process ID - 9096 Web application pool name - cies.org.in(domain)(4.0)(pool) [12-07-2023 02:00:13] New process found: Process Name - w3wp.exe Process ID - 14912 Process Identity - KSHITIJSINGHAL-\IWPD_74(suryafla_aw) Web application pool name - suryaflame.com(domain)(4.0)(pool) [12-07-2023 02:00:13] New process found: Process Name - conhost.exe Process ID - 15092 Process Identity - KSHITIJSINGHAL-\IWPD_74(suryafla_aw) [12-07-2023 02:00:24] Process Exited: Process Name - WmiPrvSE.exe Process ID - 15132 [12-07-2023 02:00:24] Process Exited: Process Name - WmiPrvSE.exe Process ID - 15852 [12-07-2023 02:00:55] New process found: Process Name - w3wp.exe Process ID - 10348 Process Identity - KSHITIJSINGHAL-\IWPD_38(capitalbook) Web application pool name - capitalbooks-publishing.com(domain)(4.0)(pool) [12-07-2023 02:01:41] New process found: Process Name - w3wp.exe Process ID - 15948 Process Identity - IIS APPPOOL\galaxytools.in Web application pool name - galaxytools.in [12-07-2023 02:02:34] New process found: Process Name - w3wp.exe Process ID - 12340 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 02:02:34] Process Exited: Process Name - w3wp.exe Process ID - 16356 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 02:03:43] Process Exited: Process Name - conhost.exe Process ID - 4980 [12-07-2023 02:03:43] Process Exited: Process Name - w3wp.exe Process ID - 5800 Web application pool name - perfectbread.com(domain)(4.0)(pool) [12-07-2023 02:04:35] Process Exited: Process Name - php-cgi.exe Process ID - 4944 [12-07-2023 02:04:36] Process Exited: Process Name - w3wp.exe Process ID - 14220 Web application pool name - PleskControlPanel [12-07-2023 02:05:27] Process Exited: Process Name - w3wp.exe Process ID - 7672 Web application pool name - DefaultAppPool [12-07-2023 02:06:58] Process Exited: Process Name - w3wp.exe Process ID - 10348 Web application pool name - capitalbooks-publishing.com(domain)(4.0)(pool) [12-07-2023 02:07:15] Process Exited: Process Name - w3wp.exe Process ID - 14912 Web application pool name - suryaflame.com(domain)(4.0)(pool) [12-07-2023 02:07:15] Process Exited: Process Name - conhost.exe Process ID - 15092 [12-07-2023 02:07:35] New process found: Process Name - w3wp.exe Process ID - 12596 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 02:07:35] Process Exited: Process Name - w3wp.exe Process ID - 12340 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 02:07:43] Process Exited: Process Name - w3wp.exe Process ID - 15948 Web application pool name - galaxytools.in [12-07-2023 02:08:54] New process found: Process Name - WmiPrvSE.exe Process ID - 7568 Process Identity - NT AUTHORITY\LOCAL SERVICE [12-07-2023 02:09:01] New process found: Process Name - WmiPrvSE.exe Process ID - 7952 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 02:10:24] Process Exited: Process Name - WmiPrvSE.exe Process ID - 7568 [12-07-2023 02:10:24] Process Exited: Process Name - WmiPrvSE.exe Process ID - 7952 [12-07-2023 02:11:02] New process found: Process Name - w3wp.exe Process ID - 8508 Process Identity - KSHITIJSINGHAL-\IWPD_38(capitalbook) Web application pool name - capitalbooks-publishing.com(domain)(4.0)(pool) [12-07-2023 02:11:37] New process found: Process Name - w3wp.exe Process ID - 2168 Process Identity - IIS APPPOOL\galaxytools.in Web application pool name - galaxytools.in [12-07-2023 02:12:34] New process found: Process Name - w3wp.exe Process ID - 11676 Process Identity - IIS APPPOOL\DefaultAppPool Web application pool name - DefaultAppPool [12-07-2023 02:12:35] New process found: Process Name - w3wp.exe Process ID - 13908 Process Identity - KSHITIJSINGHAL-\IWPD_74(suryafla_aw) Web application pool name - suryaflame.com(domain)(4.0)(pool) [12-07-2023 02:12:37] New process found: Process Name - w3wp.exe Process ID - 10864 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 02:12:37] New process found: Process Name - conhost.exe Process ID - 15768 Process Identity - KSHITIJSINGHAL-\IWPD_74(suryafla_aw) [12-07-2023 02:12:37] Process Exited: Process Name - w3wp.exe Process ID - 12596 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 02:16:07] New process found: Process Name - w3wp.exe Process ID - 9688 Process Identity - KSHITIJSINGHAL-\IWPD_6(cies) Web application pool name - cies.org.in(domain)(4.0)(pool) [12-07-2023 02:16:13] New process found: Process Name - w3wp.exe Process ID - 11376 Process Identity - KSHITIJSINGHAL-\IWPD_12(acwits) Web application pool name - procurementnew.acwits.in(domain)(4.0)(pool) [12-07-2023 02:16:13] New process found: Process Name - conhost.exe Process ID - 11628 Process Identity - KSHITIJSINGHAL-\IWPD_12(acwits) [12-07-2023 02:17:37] New process found: Process Name - w3wp.exe Process ID - 5772 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 02:17:37] Process Exited: Process Name - w3wp.exe Process ID - 10864 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 02:18:16] New process found: Process Name - w3wp.exe Process ID - 8932 Process Identity - KSHITIJSINGHAL-\IWPD_7(cies) Web application pool name - adminportal.cies.org.in(domain)(4.0)(pool) [12-07-2023 02:18:54] New process found: Process Name - WmiPrvSE.exe Process ID - 8608 Process Identity - NT AUTHORITY\LOCAL SERVICE [12-07-2023 02:19:01] New process found: Process Name - WmiPrvSE.exe Process ID - 10348 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 02:19:48] New process found: Process Name - w3wp.exe Process ID - 544 Process Identity - KSHITIJSINGHAL-\IWPD_13(perfectbrea) Web application pool name - perfectbread.com(domain)(4.0)(pool) [12-07-2023 02:20:25] Process Exited: Process Name - WmiPrvSE.exe Process ID - 8608 [12-07-2023 02:20:25] Process Exited: Process Name - WmiPrvSE.exe Process ID - 10348 [12-07-2023 02:22:01] New process found: Process Name - where.exe Process ID - 15316 Process Identity - KSHITIJSINGHAL-\IWPD_13(perfectbrea) [12-07-2023 02:22:01] New process found: Process Name - conhost.exe Process ID - 14008 Process Identity - KSHITIJSINGHAL-\IWPD_13(perfectbrea) [12-07-2023 02:22:02] New process found: Process Name - conhost.exe Process ID - 2664 Process Identity - KSHITIJSINGHAL-\IWPD_13(perfectbrea) [12-07-2023 02:22:02] Process Exited: Process Name - conhost.exe Process ID - 14008 [12-07-2023 02:22:02] Process Exited: Process Name - where.exe Process ID - 15316 [12-07-2023 02:22:04] Process Exited: Process Name - w3wp.exe Process ID - 8508 Web application pool name - capitalbooks-publishing.com(domain)(4.0)(pool) [12-07-2023 02:22:09] Process Exited: Process Name - w3wp.exe Process ID - 9688 Web application pool name - cies.org.in(domain)(4.0)(pool) [12-07-2023 02:22:15] Process Exited: Process Name - w3wp.exe Process ID - 11376 Web application pool name - procurementnew.acwits.in(domain)(4.0)(pool) [12-07-2023 02:22:15] Process Exited: Process Name - conhost.exe Process ID - 11628 [12-07-2023 02:23:10] Process Exited: Process Name - w3wp.exe Process ID - 4252 Web application pool name - kdbps.edu.in [12-07-2023 02:23:10] Process Exited: Process Name - conhost.exe Process ID - 9352 [12-07-2023 02:24:19] Process Exited: Process Name - w3wp.exe Process ID - 8932 Web application pool name - adminportal.cies.org.in(domain)(4.0)(pool) [12-07-2023 02:24:33] New process found: Process Name - w3wp.exe Process ID - 10676 Process Identity - IIS APPPOOL\kdbps.edu.in Web application pool name - kdbps.edu.in [12-07-2023 02:24:33] New process found: Process Name - conhost.exe Process ID - 14660 Process Identity - IIS APPPOOL\kdbps.edu.in [12-07-2023 02:24:39] Process Exited: Process Name - w3wp.exe Process ID - 2168 Web application pool name - galaxytools.in [12-07-2023 02:24:40] New process found: Process Name - w3wp.exe Process ID - 7552 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 02:24:40] Process Exited: Process Name - w3wp.exe Process ID - 5772 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 02:25:00] New process found: Process Name - w3wp.exe Process ID - 6272 Process Identity - KSHITIJSINGHAL-\IWPD_7(cies) Web application pool name - adminportal.cies.org.in(domain)(4.0)(pool) [12-07-2023 02:25:23] New process found: Process Name - w3wp.exe Process ID - 16264 Process Identity - IIS APPPOOL\PleskControlPanel Web application pool name - PleskControlPanel [12-07-2023 02:25:24] New process found: Process Name - php-cgi.exe Process ID - 1756 Process Identity - IIS APPPOOL\PleskControlPanel [12-07-2023 02:27:49] Process Exited: Process Name - w3wp.exe Process ID - 544 Web application pool name - perfectbread.com(domain)(4.0)(pool) [12-07-2023 02:27:49] Process Exited: Process Name - conhost.exe Process ID - 2664 [12-07-2023 02:28:55] New process found: Process Name - WmiPrvSE.exe Process ID - 8600 Process Identity - NT AUTHORITY\LOCAL SERVICE [12-07-2023 02:29:02] New process found: Process Name - WmiPrvSE.exe Process ID - 16124 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 02:29:41] New process found: Process Name - w3wp.exe Process ID - 12728 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 02:29:41] Process Exited: Process Name - w3wp.exe Process ID - 7552 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 02:29:47] New process found: Process Name - w3wp.exe Process ID - 11284 Process Identity - KSHITIJSINGHAL-\IWPD_67(justprew_2v) Web application pool name - justprewedding.com(domain)(4.0)(pool) [12-07-2023 02:29:48] New process found: Process Name - conhost.exe Process ID - 12196 Process Identity - KSHITIJSINGHAL-\IWPD_67(justprew_2v) [12-07-2023 02:30:29] New process found: Process Name - w3wp.exe Process ID - 6876 Process Identity - KSHITIJSINGHAL-\IWPD_38(capitalbook) Web application pool name - capitalbooks-publishing.com(domain)(4.0)(pool) [12-07-2023 02:30:33] Process Exited: Process Name - WmiPrvSE.exe Process ID - 8600 [12-07-2023 02:30:33] Process Exited: Process Name - WmiPrvSE.exe Process ID - 16124 [12-07-2023 02:30:39] New process found: Process Name - w3wp.exe Process ID - 13612 Process Identity - KSHITIJSINGHAL-\IWPD_6(cies) Web application pool name - cies.org.in(domain)(4.0)(pool) [12-07-2023 02:31:01] New process found: Process Name - cmd.exe Process ID - 15388 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 02:31:01] New process found: Process Name - conhost.exe Process ID - 6468 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 02:31:02] New process found: Process Name - runtask.exe Process ID - 2236 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 02:31:03] Process Exited: Process Name - w3wp.exe Process ID - 6272 Web application pool name - adminportal.cies.org.in(domain)(4.0)(pool) [12-07-2023 02:31:04] New process found: Process Name - csc.exe Process ID - 8552 Process Identity - KSHITIJSINGHAL-\IWPD_6(cies) [12-07-2023 02:31:04] New process found: Process Name - php.exe Process ID - 15040 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 02:31:04] New process found: Process Name - conhost.exe Process ID - 8448 Process Identity - KSHITIJSINGHAL-\IWPD_6(cies) [12-07-2023 02:31:04] New process found: Process Name - conhost.exe Process ID - 10496 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 02:31:07] Process Exited: Process Name - conhost.exe Process ID - 8448 [12-07-2023 02:31:07] Process Exited: Process Name - csc.exe Process ID - 8552 [12-07-2023 02:31:19] Process Exited: Process Name - runtask.exe Process ID - 2236 [12-07-2023 02:31:19] Process Exited: Process Name - conhost.exe Process ID - 6468 [12-07-2023 02:31:19] Process Exited: Process Name - conhost.exe Process ID - 10496 [12-07-2023 02:31:19] Process Exited: Process Name - php.exe Process ID - 15040 [12-07-2023 02:31:19] Process Exited: Process Name - cmd.exe Process ID - 15388 [12-07-2023 02:31:36] New process found: Process Name - ig-2.exe Process ID - 9612 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 02:31:37] New process found: Process Name - ig-5.exe Process ID - 10096 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 02:31:37] Process Exited: Process Name - ig-2.exe Process ID - 9612 [12-07-2023 02:31:38] New process found: Process Name - ig-9.exe Process ID - 8848 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 02:31:38] Process Exited: Process Name - ig-5.exe Process ID - 10096 [12-07-2023 02:31:39] Process Exited: Process Name - ig-9.exe Process ID - 8848 [12-07-2023 02:33:35] Process Exited: Process Name - w3wp.exe Process ID - 11676 Web application pool name - DefaultAppPool [12-07-2023 02:33:39] New process found: Process Name - w3wp.exe Process ID - 9436 Process Identity - KSHITIJSINGHAL-\IWPD_13(perfectbrea) Web application pool name - perfectbread.com(domain)(4.0)(pool) [12-07-2023 02:33:39] New process found: Process Name - conhost.exe Process ID - 10420 Process Identity - KSHITIJSINGHAL-\IWPD_13(perfectbrea) [12-07-2023 02:34:28] New process found: Process Name - w3wp.exe Process ID - 2564 Process Identity - IIS APPPOOL\DefaultAppPool Web application pool name - DefaultAppPool [12-07-2023 02:34:43] New process found: Process Name - w3wp.exe Process ID - 7764 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 02:34:43] Process Exited: Process Name - w3wp.exe Process ID - 12728 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 02:35:49] Process Exited: Process Name - w3wp.exe Process ID - 11284 Web application pool name - justprewedding.com(domain)(4.0)(pool) [12-07-2023 02:35:49] Process Exited: Process Name - conhost.exe Process ID - 12196 [12-07-2023 02:36:33] Process Exited: Process Name - w3wp.exe Process ID - 6876 Web application pool name - capitalbooks-publishing.com(domain)(4.0)(pool) [12-07-2023 02:36:42] Process Exited: Process Name - w3wp.exe Process ID - 13612 Web application pool name - cies.org.in(domain)(4.0)(pool) [12-07-2023 02:38:54] New process found: Process Name - WmiPrvSE.exe Process ID - 11596 Process Identity - NT AUTHORITY\LOCAL SERVICE [12-07-2023 02:39:01] New process found: Process Name - WmiPrvSE.exe Process ID - 15600 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 02:39:37] Process Exited: Process Name - w3wp.exe Process ID - 13908 Web application pool name - suryaflame.com(domain)(4.0)(pool) [12-07-2023 02:39:37] Process Exited: Process Name - conhost.exe Process ID - 15768 [12-07-2023 02:39:42] Process Exited: Process Name - w3wp.exe Process ID - 9436 Web application pool name - perfectbread.com(domain)(4.0)(pool) [12-07-2023 02:39:42] Process Exited: Process Name - conhost.exe Process ID - 10420 [12-07-2023 02:39:44] New process found: Process Name - w3wp.exe Process ID - 6940 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 02:39:44] Process Exited: Process Name - w3wp.exe Process ID - 7764 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 02:40:00] New process found: Process Name - cmd.exe Process ID - 15944 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 02:40:00] New process found: Process Name - conhost.exe Process ID - 14108 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 02:40:00] New process found: Process Name - runtask.exe Process ID - 11240 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 02:40:00] New process found: Process Name - php.exe Process ID - 15648 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 02:40:00] New process found: Process Name - conhost.exe Process ID - 15212 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 02:40:03] Process Exited: Process Name - runtask.exe Process ID - 11240 [12-07-2023 02:40:03] Process Exited: Process Name - conhost.exe Process ID - 14108 [12-07-2023 02:40:03] Process Exited: Process Name - conhost.exe Process ID - 15212 [12-07-2023 02:40:03] Process Exited: Process Name - php.exe Process ID - 15648 [12-07-2023 02:40:03] Process Exited: Process Name - cmd.exe Process ID - 15944 [12-07-2023 02:40:24] Process Exited: Process Name - WmiPrvSE.exe Process ID - 11596 [12-07-2023 02:40:24] Process Exited: Process Name - WmiPrvSE.exe Process ID - 15600 [12-07-2023 02:40:30] Process Exited: Process Name - w3wp.exe Process ID - 2564 Web application pool name - DefaultAppPool [12-07-2023 02:40:41] New process found: Process Name - w3wp.exe Process ID - 15504 Process Identity - KSHITIJSINGHAL-\IWPD_74(suryafla_aw) Web application pool name - suryaflame.com(domain)(4.0)(pool) [12-07-2023 02:41:54] New process found: Process Name - w3wp.exe Process ID - 6328 Process Identity - KSHITIJSINGHAL-\IWPD_33(acwits) Web application pool name - procurementwebnew.acwits.in(domain)(4.0)(pool) [12-07-2023 02:41:55] New process found: Process Name - conhost.exe Process ID - 2372 Process Identity - KSHITIJSINGHAL-\IWPD_33(acwits) [12-07-2023 02:43:03] New process found: Process Name - w3wp.exe Process ID - 15384 Process Identity - IIS APPPOOL\shop.galaxytools.in Web application pool name - shop.galaxytools.in [12-07-2023 02:44:45] New process found: Process Name - w3wp.exe Process ID - 7492 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 02:44:45] Process Exited: Process Name - w3wp.exe Process ID - 6940 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 02:45:18] New process found: Process Name - conhost.exe Process ID - 8928 Process Identity - KSHITIJSINGHAL-\IWPD_74(suryafla_aw) [12-07-2023 02:47:33] New process found: Process Name - SearchProtocolHost.exe Process ID - 13592 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 02:47:33] New process found: Process Name - SearchFilterHost.exe Process ID - 15828 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 02:47:35] Process Exited: Process Name - w3wp.exe Process ID - 10676 Web application pool name - kdbps.edu.in [12-07-2023 02:47:35] Process Exited: Process Name - conhost.exe Process ID - 14660 [12-07-2023 02:47:54] New process found: Process Name - w3wp.exe Process ID - 12644 Process Identity - KSHITIJSINGHAL-\IWPD_38(capitalbook) Web application pool name - capitalbooks-publishing.com(domain)(4.0)(pool) [12-07-2023 02:47:57] Process Exited: Process Name - conhost.exe Process ID - 2372 [12-07-2023 02:47:57] Process Exited: Process Name - w3wp.exe Process ID - 6328 Web application pool name - procurementwebnew.acwits.in(domain)(4.0)(pool) [12-07-2023 02:48:23] New process found: Process Name - w3wp.exe Process ID - 13092 Process Identity - KSHITIJSINGHAL-\IWPD_33(acwits) Web application pool name - procurementwebnew.acwits.in(domain)(4.0)(pool) [12-07-2023 02:48:23] New process found: Process Name - conhost.exe Process ID - 12680 Process Identity - KSHITIJSINGHAL-\IWPD_33(acwits) [12-07-2023 02:48:47] Process Exited: Process Name - SearchProtocolHost.exe Process ID - 13592 [12-07-2023 02:48:47] Process Exited: Process Name - SearchFilterHost.exe Process ID - 15828 [12-07-2023 02:48:54] New process found: Process Name - WmiPrvSE.exe Process ID - 12148 Process Identity - NT AUTHORITY\LOCAL SERVICE [12-07-2023 02:49:01] New process found: Process Name - WmiPrvSE.exe Process ID - 3356 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 02:49:06] Process Exited: Process Name - w3wp.exe Process ID - 15384 Web application pool name - shop.galaxytools.in [12-07-2023 02:49:46] New process found: Process Name - w3wp.exe Process ID - 6972 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 02:49:46] Process Exited: Process Name - w3wp.exe Process ID - 7492 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 02:50:24] Process Exited: Process Name - WmiPrvSE.exe Process ID - 3356 [12-07-2023 02:50:24] Process Exited: Process Name - WmiPrvSE.exe Process ID - 12148 [12-07-2023 02:52:15] New process found: Process Name - w3wp.exe Process ID - 12740 Process Identity - IIS APPPOOL\kdbps.edu.in Web application pool name - kdbps.edu.in [12-07-2023 02:52:16] New process found: Process Name - conhost.exe Process ID - 14144 Process Identity - IIS APPPOOL\kdbps.edu.in [12-07-2023 02:52:17] New process found: Process Name - w3wp.exe Process ID - 16064 Process Identity - KSHITIJSINGHAL-\IWPD_6(cies) Web application pool name - cies.org.in(domain)(4.0)(pool) [12-07-2023 02:53:54] New process found: Process Name - w3wp.exe Process ID - 13088 Process Identity - IIS APPPOOL\galaxytools.in Web application pool name - galaxytools.in [12-07-2023 02:53:57] Process Exited: Process Name - w3wp.exe Process ID - 12644 Web application pool name - capitalbooks-publishing.com(domain)(4.0)(pool) [12-07-2023 02:54:47] New process found: Process Name - w3wp.exe Process ID - 15136 Process Identity - IIS APPPOOL\DefaultAppPool Web application pool name - DefaultAppPool [12-07-2023 02:54:48] New process found: Process Name - w3wp.exe Process ID - 12244 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 02:54:48] Process Exited: Process Name - w3wp.exe Process ID - 6972 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 02:55:25] Process Exited: Process Name - conhost.exe Process ID - 12680 [12-07-2023 02:55:25] Process Exited: Process Name - w3wp.exe Process ID - 13092 Web application pool name - procurementwebnew.acwits.in(domain)(4.0)(pool) [12-07-2023 02:56:43] Process Exited: Process Name - conhost.exe Process ID - 8928 [12-07-2023 02:56:43] Process Exited: Process Name - w3wp.exe Process ID - 15504 Web application pool name - suryaflame.com(domain)(4.0)(pool) [12-07-2023 02:58:54] New process found: Process Name - WmiPrvSE.exe Process ID - 14376 Process Identity - NT AUTHORITY\LOCAL SERVICE [12-07-2023 02:59:01] New process found: Process Name - WmiPrvSE.exe Process ID - 13420 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 02:59:48] New process found: Process Name - w3wp.exe Process ID - 7704 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 02:59:48] Process Exited: Process Name - w3wp.exe Process ID - 12244 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 02:59:56] Process Exited: Process Name - w3wp.exe Process ID - 13088 Web application pool name - galaxytools.in [12-07-2023 03:00:24] Process Exited: Process Name - WmiPrvSE.exe Process ID - 13420 [12-07-2023 03:00:24] Process Exited: Process Name - WmiPrvSE.exe Process ID - 14376 [12-07-2023 03:00:29] New process found: Process Name - w3wp.exe Process ID - 5072 Process Identity - KSHITIJSINGHAL-\IWPD_13(perfectbrea) Web application pool name - perfectbread.com(domain)(4.0)(pool) [12-07-2023 03:00:29] New process found: Process Name - where.exe Process ID - 10956 Process Identity - KSHITIJSINGHAL-\IWPD_13(perfectbrea) [12-07-2023 03:00:29] New process found: Process Name - conhost.exe Process ID - 13880 Process Identity - KSHITIJSINGHAL-\IWPD_13(perfectbrea) [12-07-2023 03:00:30] New process found: Process Name - conhost.exe Process ID - 12856 Process Identity - KSHITIJSINGHAL-\IWPD_13(perfectbrea) [12-07-2023 03:00:30] Process Exited: Process Name - where.exe Process ID - 10956 [12-07-2023 03:00:30] Process Exited: Process Name - conhost.exe Process ID - 13880 [12-07-2023 03:00:49] Process Exited: Process Name - w3wp.exe Process ID - 15136 Web application pool name - DefaultAppPool [12-07-2023 03:00:56] New process found: Process Name - w3wp.exe Process ID - 15396 Process Identity - KSHITIJSINGHAL-\IWPD_38(capitalbook) Web application pool name - capitalbooks-publishing.com(domain)(4.0)(pool) [12-07-2023 03:02:18] Process Exited: Process Name - w3wp.exe Process ID - 12740 Web application pool name - kdbps.edu.in [12-07-2023 03:02:18] Process Exited: Process Name - conhost.exe Process ID - 14144 [12-07-2023 03:02:33] New process found: Process Name - SearchProtocolHost.exe Process ID - 6220 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 03:02:33] New process found: Process Name - SearchFilterHost.exe Process ID - 8296 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 03:04:24] New process found: Process Name - w3wp.exe Process ID - 8456 Process Identity - IIS APPPOOL\DefaultAppPool Web application pool name - DefaultAppPool [12-07-2023 03:04:47] Process Exited: Process Name - SearchProtocolHost.exe Process ID - 6220 [12-07-2023 03:04:47] Process Exited: Process Name - SearchFilterHost.exe Process ID - 8296 [12-07-2023 03:04:50] New process found: Process Name - w3wp.exe Process ID - 8452 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 03:04:50] Process Exited: Process Name - w3wp.exe Process ID - 7704 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 03:05:20] New process found: Process Name - w3wp.exe Process ID - 15240 Process Identity - KSHITIJSINGHAL-\IWPD_74(suryafla_aw) Web application pool name - suryaflame.com(domain)(4.0)(pool) [12-07-2023 03:05:20] New process found: Process Name - conhost.exe Process ID - 11528 Process Identity - KSHITIJSINGHAL-\IWPD_74(suryafla_aw) [12-07-2023 03:05:22] New process found: Process Name - w3wp.exe Process ID - 14736 Process Identity - IIS APPPOOL\acme-challenge Web application pool name - acme-challenge [12-07-2023 03:06:20] Process Exited: Process Name - w3wp.exe Process ID - 16064 Web application pool name - cies.org.in(domain)(4.0)(pool) [12-07-2023 03:06:32] Process Exited: Process Name - w3wp.exe Process ID - 5072 Web application pool name - perfectbread.com(domain)(4.0)(pool) [12-07-2023 03:06:32] Process Exited: Process Name - conhost.exe Process ID - 12856 [12-07-2023 03:06:44] New process found: Process Name - w3wp.exe Process ID - 16080 Process Identity - KSHITIJSINGHAL-\IWPD_47(acwits) Web application pool name - legal.acwits.in(domain)(4.0)(pool) [12-07-2023 03:06:44] New process found: Process Name - conhost.exe Process ID - 11492 Process Identity - KSHITIJSINGHAL-\IWPD_47(acwits) [12-07-2023 03:06:58] Process Exited: Process Name - w3wp.exe Process ID - 15396 Web application pool name - capitalbooks-publishing.com(domain)(4.0)(pool) [12-07-2023 03:07:46] New process found: Process Name - w3wp.exe Process ID - 6292 Process Identity - KSHITIJSINGHAL-\IWPD_6(cies) Web application pool name - cies.org.in(domain)(4.0)(pool) [12-07-2023 03:08:54] New process found: Process Name - WmiPrvSE.exe Process ID - 11596 Process Identity - NT AUTHORITY\LOCAL SERVICE [12-07-2023 03:09:01] New process found: Process Name - WmiPrvSE.exe Process ID - 11788 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 03:09:51] New process found: Process Name - w3wp.exe Process ID - 9732 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 03:09:51] Process Exited: Process Name - w3wp.exe Process ID - 8452 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 03:10:24] Process Exited: Process Name - WmiPrvSE.exe Process ID - 11596 [12-07-2023 03:10:24] Process Exited: Process Name - WmiPrvSE.exe Process ID - 11788 [12-07-2023 03:11:24] Process Exited: Process Name - w3wp.exe Process ID - 14736 Web application pool name - acme-challenge [12-07-2023 03:11:27] Process Exited: Process Name - w3wp.exe Process ID - 8456 Web application pool name - DefaultAppPool [12-07-2023 03:12:12] New process found: Process Name - w3wp.exe Process ID - 5936 Process Identity - KSHITIJSINGHAL-\IWPD_13(perfectbrea) Web application pool name - perfectbread.com(domain)(4.0)(pool) [12-07-2023 03:12:12] New process found: Process Name - conhost.exe Process ID - 5436 Process Identity - KSHITIJSINGHAL-\IWPD_13(perfectbrea) [12-07-2023 03:12:47] Process Exited: Process Name - conhost.exe Process ID - 11492 [12-07-2023 03:12:47] Process Exited: Process Name - w3wp.exe Process ID - 16080 Web application pool name - legal.acwits.in(domain)(4.0)(pool) [12-07-2023 03:13:22] Process Exited: Process Name - conhost.exe Process ID - 11528 [12-07-2023 03:13:22] Process Exited: Process Name - w3wp.exe Process ID - 15240 Web application pool name - suryaflame.com(domain)(4.0)(pool) [12-07-2023 03:13:33] New process found: Process Name - w3wp.exe Process ID - 1044 Process Identity - IIS APPPOOL\kdbps.edu.in Web application pool name - kdbps.edu.in [12-07-2023 03:13:34] New process found: Process Name - conhost.exe Process ID - 15964 Process Identity - IIS APPPOOL\kdbps.edu.in [12-07-2023 03:13:57] New process found: Process Name - w3wp.exe Process ID - 3032 Process Identity - KSHITIJSINGHAL-\IWPD_74(suryafla_aw) Web application pool name - suryaflame.com(domain)(4.0)(pool) [12-07-2023 03:13:57] New process found: Process Name - where.exe Process ID - 10784 Process Identity - KSHITIJSINGHAL-\IWPD_74(suryafla_aw) [12-07-2023 03:13:57] New process found: Process Name - conhost.exe Process ID - 14484 Process Identity - KSHITIJSINGHAL-\IWPD_74(suryafla_aw) [12-07-2023 03:13:58] New process found: Process Name - conhost.exe Process ID - 15944 Process Identity - KSHITIJSINGHAL-\IWPD_74(suryafla_aw) [12-07-2023 03:13:58] Process Exited: Process Name - where.exe Process ID - 10784 [12-07-2023 03:13:58] Process Exited: Process Name - conhost.exe Process ID - 14484 [12-07-2023 03:14:52] New process found: Process Name - w3wp.exe Process ID - 13944 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 03:14:52] Process Exited: Process Name - w3wp.exe Process ID - 9732 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 03:15:49] Process Exited: Process Name - w3wp.exe Process ID - 6292 Web application pool name - cies.org.in(domain)(4.0)(pool) [12-07-2023 03:16:47] New process found: Process Name - w3wp.exe Process ID - 11676 Process Identity - KSHITIJSINGHAL-\IWPD_6(cies) Web application pool name - cies.org.in(domain)(4.0)(pool) [12-07-2023 03:18:01] New process found: Process Name - w3wp.exe Process ID - 4068 Process Identity - KSHITIJSINGHAL-\IWPD_80(acwits) Web application pool name - pharmacy.acwits.in(domain)(4.0)(pool) [12-07-2023 03:18:01] New process found: Process Name - conhost.exe Process ID - 13804 Process Identity - KSHITIJSINGHAL-\IWPD_80(acwits) [12-07-2023 03:18:13] Process Exited: Process Name - conhost.exe Process ID - 5436 [12-07-2023 03:18:13] Process Exited: Process Name - w3wp.exe Process ID - 5936 Web application pool name - perfectbread.com(domain)(4.0)(pool) [12-07-2023 03:18:43] New process found: Process Name - w3wp.exe Process ID - 6216 Process Identity - IIS APPPOOL\DefaultAppPool Web application pool name - DefaultAppPool [12-07-2023 03:18:54] New process found: Process Name - WmiPrvSE.exe Process ID - 6576 Process Identity - NT AUTHORITY\LOCAL SERVICE [12-07-2023 03:19:01] New process found: Process Name - WmiPrvSE.exe Process ID - 10884 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 03:19:53] New process found: Process Name - w3wp.exe Process ID - 1428 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 03:19:53] Process Exited: Process Name - w3wp.exe Process ID - 13944 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 03:19:58] Process Exited: Process Name - w3wp.exe Process ID - 3032 Web application pool name - suryaflame.com(domain)(4.0)(pool) [12-07-2023 03:19:58] Process Exited: Process Name - conhost.exe Process ID - 15944 [12-07-2023 03:20:24] Process Exited: Process Name - WmiPrvSE.exe Process ID - 6576 [12-07-2023 03:20:24] Process Exited: Process Name - WmiPrvSE.exe Process ID - 10884 [12-07-2023 03:20:29] New process found: Process Name - w3wp.exe Process ID - 12668 Process Identity - KSHITIJSINGHAL-\IWPD_74(suryafla_aw) Web application pool name - suryaflame.com(domain)(4.0)(pool) [12-07-2023 03:20:29] New process found: Process Name - conhost.exe Process ID - 10044 Process Identity - KSHITIJSINGHAL-\IWPD_74(suryafla_aw) [12-07-2023 03:21:27] New process found: Process Name - w3wp.exe Process ID - 2648 Process Identity - KSHITIJSINGHAL-\IWPD_82(medblink) Web application pool name - blogs.medblinkit.com(domain)(4.0)(pool) [12-07-2023 03:21:27] New process found: Process Name - conhost.exe Process ID - 16176 Process Identity - KSHITIJSINGHAL-\IWPD_82(medblink) [12-07-2023 03:22:01] New process found: Process Name - w3wp.exe Process ID - 7776 Process Identity - KSHITIJSINGHAL-\IWPD_66(acwits) Web application pool name - 20fpsweb.acwits.in(domain)(4.0)(pool) [12-07-2023 03:22:01] New process found: Process Name - conhost.exe Process ID - 992 Process Identity - KSHITIJSINGHAL-\IWPD_66(acwits) [12-07-2023 03:24:03] Process Exited: Process Name - w3wp.exe Process ID - 4068 Web application pool name - pharmacy.acwits.in(domain)(4.0)(pool) [12-07-2023 03:24:03] Process Exited: Process Name - conhost.exe Process ID - 13804 [12-07-2023 03:24:36] Process Exited: Process Name - w3wp.exe Process ID - 1044 Web application pool name - kdbps.edu.in [12-07-2023 03:24:36] Process Exited: Process Name - conhost.exe Process ID - 15964 [12-07-2023 03:24:46] Process Exited: Process Name - w3wp.exe Process ID - 6216 Web application pool name - DefaultAppPool [12-07-2023 03:24:49] Process Exited: Process Name - w3wp.exe Process ID - 11676 Web application pool name - cies.org.in(domain)(4.0)(pool) [12-07-2023 03:24:55] New process found: Process Name - w3wp.exe Process ID - 11540 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 03:24:55] Process Exited: Process Name - w3wp.exe Process ID - 1428 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 03:24:58] New process found: Process Name - w3wp.exe Process ID - 4416 Process Identity - KSHITIJSINGHAL-\IWPD_6(cies) Web application pool name - cies.org.in(domain)(4.0)(pool) [12-07-2023 03:26:10] New process found: Process Name - w3wp.exe Process ID - 10172 Process Identity - IIS APPPOOL\galaxytools.in Web application pool name - galaxytools.in [12-07-2023 03:27:28] Process Exited: Process Name - w3wp.exe Process ID - 2648 Web application pool name - blogs.medblinkit.com(domain)(4.0)(pool) [12-07-2023 03:27:28] Process Exited: Process Name - conhost.exe Process ID - 16176 [12-07-2023 03:28:02] Process Exited: Process Name - conhost.exe Process ID - 992 [12-07-2023 03:28:02] Process Exited: Process Name - w3wp.exe Process ID - 7776 Web application pool name - 20fpsweb.acwits.in(domain)(4.0)(pool) [12-07-2023 03:28:46] New process found: Process Name - w3wp.exe Process ID - 15304 Process Identity - IIS APPPOOL\kdbps.edu.in Web application pool name - kdbps.edu.in [12-07-2023 03:28:54] New process found: Process Name - WmiPrvSE.exe Process ID - 13024 Process Identity - NT AUTHORITY\LOCAL SERVICE [12-07-2023 03:28:58] New process found: Process Name - where.exe Process ID - 4924 Process Identity - IIS APPPOOL\kdbps.edu.in [12-07-2023 03:28:58] New process found: Process Name - conhost.exe Process ID - 7340 Process Identity - IIS APPPOOL\kdbps.edu.in [12-07-2023 03:28:59] New process found: Process Name - conhost.exe Process ID - 13020 Process Identity - IIS APPPOOL\kdbps.edu.in [12-07-2023 03:28:59] Process Exited: Process Name - where.exe Process ID - 4924 [12-07-2023 03:28:59] Process Exited: Process Name - conhost.exe Process ID - 7340 [12-07-2023 03:29:01] New process found: Process Name - WmiPrvSE.exe Process ID - 4920 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 03:29:56] New process found: Process Name - w3wp.exe Process ID - 15612 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 03:29:56] Process Exited: Process Name - w3wp.exe Process ID - 11540 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 03:30:25] Process Exited: Process Name - WmiPrvSE.exe Process ID - 4920 [12-07-2023 03:30:25] Process Exited: Process Name - WmiPrvSE.exe Process ID - 13024 [12-07-2023 03:30:56] New process found: Process Name - w3wp.exe Process ID - 9080 Process Identity - KSHITIJSINGHAL-\IWPD_38(capitalbook) Web application pool name - capitalbooks-publishing.com(domain)(4.0)(pool) [12-07-2023 03:32:00] Process Exited: Process Name - w3wp.exe Process ID - 4416 Web application pool name - cies.org.in(domain)(4.0)(pool) [12-07-2023 03:32:32] Process Exited: Process Name - conhost.exe Process ID - 10044 [12-07-2023 03:32:32] Process Exited: Process Name - w3wp.exe Process ID - 12668 Web application pool name - suryaflame.com(domain)(4.0)(pool) [12-07-2023 03:32:34] New process found: Process Name - SearchProtocolHost.exe Process ID - 364 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 03:32:34] New process found: Process Name - SearchFilterHost.exe Process ID - 14152 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 03:33:25] Process Exited: Process Name - php-cgi.exe Process ID - 1756 [12-07-2023 03:33:26] Process Exited: Process Name - w3wp.exe Process ID - 16264 Web application pool name - PleskControlPanel [12-07-2023 03:33:27] New process found: Process Name - w3wp.exe Process ID - 9164 Process Identity - IIS APPPOOL\DefaultAppPool Web application pool name - DefaultAppPool [12-07-2023 03:34:32] New process found: Process Name - w3wp.exe Process ID - 6324 Process Identity - KSHITIJSINGHAL-\IWPD_14(perfectbrea) Web application pool name - adminportal.perfectbread.com(domain)(4.0)(pool) [12-07-2023 03:34:32] New process found: Process Name - conhost.exe Process ID - 6772 Process Identity - KSHITIJSINGHAL-\IWPD_14(perfectbrea) [12-07-2023 03:34:47] Process Exited: Process Name - SearchProtocolHost.exe Process ID - 364 [12-07-2023 03:34:47] Process Exited: Process Name - SearchFilterHost.exe Process ID - 14152 [12-07-2023 03:34:57] New process found: Process Name - w3wp.exe Process ID - 8720 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 03:34:57] Process Exited: Process Name - w3wp.exe Process ID - 15612 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 03:36:58] Process Exited: Process Name - w3wp.exe Process ID - 9080 Web application pool name - capitalbooks-publishing.com(domain)(4.0)(pool) [12-07-2023 03:37:43] New process found: Process Name - w3wp.exe Process ID - 16104 Process Identity - KSHITIJSINGHAL-\IWPD_74(suryafla_aw) Web application pool name - suryaflame.com(domain)(4.0)(pool) [12-07-2023 03:38:18] New process found: Process Name - w3wp.exe Process ID - 10828 Process Identity - KSHITIJSINGHAL-\IWPD_6(cies) Web application pool name - cies.org.in(domain)(4.0)(pool) [12-07-2023 03:38:41] New process found: Process Name - w3wp.exe Process ID - 12452 Process Identity - KSHITIJSINGHAL-\IWPD_33(acwits) Web application pool name - procurementwebnew.acwits.in(domain)(4.0)(pool) [12-07-2023 03:38:41] New process found: Process Name - conhost.exe Process ID - 1556 Process Identity - KSHITIJSINGHAL-\IWPD_33(acwits) [12-07-2023 03:38:46] New process found: Process Name - w3wp.exe Process ID - 12640 Process Identity - IIS APPPOOL\PleskControlPanel Web application pool name - PleskControlPanel [12-07-2023 03:38:46] New process found: Process Name - php-cgi.exe Process ID - 14952 Process Identity - IIS APPPOOL\PleskControlPanel [12-07-2023 03:38:54] New process found: Process Name - WmiPrvSE.exe Process ID - 8952 Process Identity - NT AUTHORITY\LOCAL SERVICE [12-07-2023 03:39:01] New process found: Process Name - WmiPrvSE.exe Process ID - 8860 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 03:39:59] New process found: Process Name - w3wp.exe Process ID - 12936 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 03:39:59] Process Exited: Process Name - w3wp.exe Process ID - 8720 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 03:40:25] Process Exited: Process Name - WmiPrvSE.exe Process ID - 8860 [12-07-2023 03:40:25] Process Exited: Process Name - WmiPrvSE.exe Process ID - 8952 [12-07-2023 03:40:34] Process Exited: Process Name - w3wp.exe Process ID - 6324 Web application pool name - adminportal.perfectbread.com(domain)(4.0)(pool) [12-07-2023 03:40:34] Process Exited: Process Name - conhost.exe Process ID - 6772 [12-07-2023 03:40:44] New process found: Process Name - w3wp.exe Process ID - 14728 Process Identity - KSHITIJSINGHAL-\IWPD_38(capitalbook) Web application pool name - capitalbooks-publishing.com(domain)(4.0)(pool) [12-07-2023 03:41:13] Process Exited: Process Name - w3wp.exe Process ID - 10172 Web application pool name - galaxytools.in [12-07-2023 03:41:22] New process found: Process Name - conhost.exe Process ID - 5576 Process Identity - KSHITIJSINGHAL-\IWPD_74(suryafla_aw) [12-07-2023 03:41:53] New process found: Process Name - ig.exe Process ID - 12672 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 03:41:54] New process found: Process Name - ig-2.exe Process ID - 2676 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 03:41:54] Process Exited: Process Name - ig.exe Process ID - 12672 [12-07-2023 03:41:55] New process found: Process Name - ig-5.exe Process ID - 7792 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 03:41:55] Process Exited: Process Name - ig-2.exe Process ID - 2676 [12-07-2023 03:41:56] New process found: Process Name - ig-8.exe Process ID - 2356 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 03:41:56] Process Exited: Process Name - ig-5.exe Process ID - 7792 [12-07-2023 03:41:57] New process found: Process Name - ig-11.exe Process ID - 2440 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 03:41:57] Process Exited: Process Name - ig-8.exe Process ID - 2356 [12-07-2023 03:41:58] New process found: Process Name - ig-15.exe Process ID - 5488 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 03:41:58] Process Exited: Process Name - ig-11.exe Process ID - 2440 [12-07-2023 03:41:59] New process found: Process Name - ig-18.exe Process ID - 10376 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 03:41:59] Process Exited: Process Name - ig-15.exe Process ID - 5488 [12-07-2023 03:42:00] New process found: Process Name - ig-21.exe Process ID - 2280 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 03:42:00] Process Exited: Process Name - ig-18.exe Process ID - 10376 [12-07-2023 03:42:01] Process Exited: Process Name - ig-21.exe Process ID - 2280 [12-07-2023 03:42:02] New process found: Process Name - ig-26.exe Process ID - 11940 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 03:42:03] New process found: Process Name - ig-30.exe Process ID - 10044 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 03:42:03] Process Exited: Process Name - ig-26.exe Process ID - 11940 [12-07-2023 03:42:04] New process found: Process Name - ig-33.exe Process ID - 12304 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 03:42:04] Process Exited: Process Name - ig-30.exe Process ID - 10044 [12-07-2023 03:42:05] New process found: Process Name - ig-36.exe Process ID - 16112 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 03:42:05] Process Exited: Process Name - ig-33.exe Process ID - 12304 [12-07-2023 03:42:06] New process found: Process Name - ig-39.exe Process ID - 13344 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 03:42:06] Process Exited: Process Name - ig-36.exe Process ID - 16112 [12-07-2023 03:42:07] New process found: Process Name - ig-42.exe Process ID - 10528 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 03:42:07] Process Exited: Process Name - ig-39.exe Process ID - 13344 [12-07-2023 03:42:08] New process found: Process Name - ig-46.exe Process ID - 6936 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 03:42:08] Process Exited: Process Name - ig-42.exe Process ID - 10528 [12-07-2023 03:42:09] New process found: Process Name - ig-49.exe Process ID - 10508 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 03:42:09] Process Exited: Process Name - ig-46.exe Process ID - 6936 [12-07-2023 03:42:10] Process Exited: Process Name - ig-49.exe Process ID - 10508 [12-07-2023 03:43:29] Process Exited: Process Name - w3wp.exe Process ID - 9164 Web application pool name - DefaultAppPool [12-07-2023 03:44:02] New process found: Process Name - w3wp.exe Process ID - 11628 Process Identity - KSHITIJSINGHAL-\IWPD_13(perfectbrea) Web application pool name - perfectbread.com(domain)(4.0)(pool) [12-07-2023 03:44:04] New process found: Process Name - conhost.exe Process ID - 9780 Process Identity - KSHITIJSINGHAL-\IWPD_13(perfectbrea) [12-07-2023 03:44:20] Process Exited: Process Name - w3wp.exe Process ID - 10828 Web application pool name - cies.org.in(domain)(4.0)(pool) [12-07-2023 03:44:43] Process Exited: Process Name - conhost.exe Process ID - 1556 [12-07-2023 03:44:43] Process Exited: Process Name - w3wp.exe Process ID - 12452 Web application pool name - procurementwebnew.acwits.in(domain)(4.0)(pool) [12-07-2023 03:45:00] New process found: Process Name - w3wp.exe Process ID - 15608 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 03:45:00] Process Exited: Process Name - w3wp.exe Process ID - 12936 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 03:46:00] New process found: Process Name - cmd.exe Process ID - 15812 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 03:46:00] New process found: Process Name - conhost.exe Process ID - 9080 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 03:46:00] New process found: Process Name - runtask.exe Process ID - 5504 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 03:46:00] New process found: Process Name - php.exe Process ID - 1948 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 03:46:00] New process found: Process Name - conhost.exe Process ID - 7916 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 03:46:01] Process Exited: Process Name - php.exe Process ID - 1948 [12-07-2023 03:46:01] Process Exited: Process Name - runtask.exe Process ID - 5504 [12-07-2023 03:46:01] Process Exited: Process Name - conhost.exe Process ID - 7916 [12-07-2023 03:46:01] Process Exited: Process Name - conhost.exe Process ID - 9080 [12-07-2023 03:46:01] Process Exited: Process Name - cmd.exe Process ID - 15812 [12-07-2023 03:46:46] Process Exited: Process Name - w3wp.exe Process ID - 14728 Web application pool name - capitalbooks-publishing.com(domain)(4.0)(pool) [12-07-2023 03:48:55] New process found: Process Name - WmiPrvSE.exe Process ID - 14464 Process Identity - NT AUTHORITY\LOCAL SERVICE [12-07-2023 03:49:02] New process found: Process Name - WmiPrvSE.exe Process ID - 7104 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 03:49:26] New process found: Process Name - w3wp.exe Process ID - 15852 Process Identity - KSHITIJSINGHAL-\IWPD_77(acwits) Web application pool name - kdb.acwits.in(domain)(4.0)(pool) [12-07-2023 03:49:26] New process found: Process Name - conhost.exe Process ID - 11960 Process Identity - KSHITIJSINGHAL-\IWPD_77(acwits) [12-07-2023 03:49:31] New process found: Process Name - w3wp.exe Process ID - 12516 Process Identity - KSHITIJSINGHAL-\IWPD_6(cies) Web application pool name - cies.org.in(domain)(4.0)(pool) [12-07-2023 03:49:35] New process found: Process Name - w3wp.exe Process ID - 12612 Process Identity - KSHITIJSINGHAL-\IWPD_76(organicdisr) Web application pool name - organicdisruption.org(domain)(4.0)(pool) [12-07-2023 03:49:35] New process found: Process Name - conhost.exe Process ID - 4336 Process Identity - KSHITIJSINGHAL-\IWPD_76(organicdisr) [12-07-2023 03:50:02] New process found: Process Name - w3wp.exe Process ID - 8316 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 03:50:02] Process Exited: Process Name - w3wp.exe Process ID - 15608 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 03:50:05] Process Exited: Process Name - conhost.exe Process ID - 9780 [12-07-2023 03:50:05] Process Exited: Process Name - w3wp.exe Process ID - 11628 Web application pool name - perfectbread.com(domain)(4.0)(pool) [12-07-2023 03:50:25] Process Exited: Process Name - WmiPrvSE.exe Process ID - 7104 [12-07-2023 03:50:25] Process Exited: Process Name - WmiPrvSE.exe Process ID - 14464 [12-07-2023 03:54:45] Process Exited: Process Name - conhost.exe Process ID - 5576 [12-07-2023 03:54:45] Process Exited: Process Name - w3wp.exe Process ID - 16104 Web application pool name - suryaflame.com(domain)(4.0)(pool) [12-07-2023 03:55:02] New process found: Process Name - w3wp.exe Process ID - 8636 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 03:55:02] Process Exited: Process Name - w3wp.exe Process ID - 8316 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 03:55:27] Process Exited: Process Name - conhost.exe Process ID - 11960 [12-07-2023 03:55:27] Process Exited: Process Name - w3wp.exe Process ID - 15852 Web application pool name - kdb.acwits.in(domain)(4.0)(pool) [12-07-2023 03:55:33] Process Exited: Process Name - w3wp.exe Process ID - 12516 Web application pool name - cies.org.in(domain)(4.0)(pool) [12-07-2023 03:55:36] Process Exited: Process Name - conhost.exe Process ID - 4336 [12-07-2023 03:55:36] Process Exited: Process Name - w3wp.exe Process ID - 12612 Web application pool name - organicdisruption.org(domain)(4.0)(pool) [12-07-2023 03:56:10] New process found: Process Name - w3wp.exe Process ID - 14716 Process Identity - KSHITIJSINGHAL-\IWPD_13(perfectbrea) Web application pool name - perfectbread.com(domain)(4.0)(pool) [12-07-2023 03:56:11] New process found: Process Name - conhost.exe Process ID - 10412 Process Identity - KSHITIJSINGHAL-\IWPD_13(perfectbrea) [12-07-2023 03:56:59] New process found: Process Name - w3wp.exe Process ID - 10424 Process Identity - KSHITIJSINGHAL-\IWPD_67(justprew_2v) Web application pool name - justprewedding.com(domain)(4.0)(pool) [12-07-2023 03:57:00] New process found: Process Name - conhost.exe Process ID - 15276 Process Identity - KSHITIJSINGHAL-\IWPD_67(justprew_2v) [12-07-2023 03:57:41] New process found: Process Name - w3wp.exe Process ID - 15944 Process Identity - KSHITIJSINGHAL-\IWPD_74(suryafla_aw) Web application pool name - suryaflame.com(domain)(4.0)(pool) [12-07-2023 03:57:43] New process found: Process Name - conhost.exe Process ID - 2488 Process Identity - KSHITIJSINGHAL-\IWPD_74(suryafla_aw) [12-07-2023 03:57:48] Process Exited: Process Name - conhost.exe Process ID - 13020 [12-07-2023 03:57:48] Process Exited: Process Name - w3wp.exe Process ID - 15304 Web application pool name - kdbps.edu.in [12-07-2023 03:58:27] New process found: Process Name - w3wp.exe Process ID - 16340 Process Identity - KSHITIJSINGHAL-\IWPD_6(cies) Web application pool name - cies.org.in(domain)(4.0)(pool) [12-07-2023 03:58:55] New process found: Process Name - WmiPrvSE.exe Process ID - 3496 Process Identity - NT AUTHORITY\LOCAL SERVICE [12-07-2023 03:58:57] New process found: Process Name - csc.exe Process ID - 7644 Process Identity - KSHITIJSINGHAL-\IWPD_6(cies) [12-07-2023 03:58:57] New process found: Process Name - conhost.exe Process ID - 12832 Process Identity - KSHITIJSINGHAL-\IWPD_6(cies) [12-07-2023 03:58:58] Process Exited: Process Name - csc.exe Process ID - 7644 [12-07-2023 03:58:58] Process Exited: Process Name - conhost.exe Process ID - 12832 [12-07-2023 03:59:02] New process found: Process Name - WmiPrvSE.exe Process ID - 1788 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:00:04] New process found: Process Name - w3wp.exe Process ID - 1556 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 04:00:04] Process Exited: Process Name - w3wp.exe Process ID - 8636 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 04:00:25] Process Exited: Process Name - WmiPrvSE.exe Process ID - 1788 [12-07-2023 04:00:25] Process Exited: Process Name - WmiPrvSE.exe Process ID - 3496 [12-07-2023 04:00:50] New process found: Process Name - w3wp.exe Process ID - 12768 Process Identity - IIS APPPOOL\kdbps.edu.in Web application pool name - kdbps.edu.in [12-07-2023 04:00:50] New process found: Process Name - conhost.exe Process ID - 14872 Process Identity - IIS APPPOOL\kdbps.edu.in [12-07-2023 04:01:04] New process found: Process Name - w3wp.exe Process ID - 13832 Process Identity - KSHITIJSINGHAL-\IWPD_38(capitalbook) Web application pool name - capitalbooks-publishing.com(domain)(4.0)(pool) [12-07-2023 04:02:13] Process Exited: Process Name - conhost.exe Process ID - 10412 [12-07-2023 04:02:13] Process Exited: Process Name - w3wp.exe Process ID - 14716 Web application pool name - perfectbread.com(domain)(4.0)(pool) [12-07-2023 04:02:31] New process found: Process Name - w3wp.exe Process ID - 11040 Process Identity - IIS APPPOOL\galaxytools.in Web application pool name - galaxytools.in [12-07-2023 04:03:02] Process Exited: Process Name - w3wp.exe Process ID - 10424 Web application pool name - justprewedding.com(domain)(4.0)(pool) [12-07-2023 04:03:02] Process Exited: Process Name - conhost.exe Process ID - 15276 [12-07-2023 04:03:44] Process Exited: Process Name - conhost.exe Process ID - 2488 [12-07-2023 04:03:44] Process Exited: Process Name - w3wp.exe Process ID - 15944 Web application pool name - suryaflame.com(domain)(4.0)(pool) [12-07-2023 04:04:12] New process found: Process Name - w3wp.exe Process ID - 13424 Process Identity - KSHITIJSINGHAL-\IWPD_14(perfectbrea) Web application pool name - adminportal.perfectbread.com(domain)(4.0)(pool) [12-07-2023 04:04:12] New process found: Process Name - conhost.exe Process ID - 14548 Process Identity - KSHITIJSINGHAL-\IWPD_14(perfectbrea) [12-07-2023 04:04:29] New process found: Process Name - w3wp.exe Process ID - 2056 Process Identity - KSHITIJSINGHAL-\IWPD_33(acwits) Web application pool name - procurementwebnew.acwits.in(domain)(4.0)(pool) [12-07-2023 04:04:29] New process found: Process Name - conhost.exe Process ID - 11432 Process Identity - KSHITIJSINGHAL-\IWPD_33(acwits) [12-07-2023 04:05:00] New process found: Process Name - cmd.exe Process ID - 2384 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:05:00] New process found: Process Name - conhost.exe Process ID - 7760 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:05:00] New process found: Process Name - runtask.exe Process ID - 12484 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:05:00] New process found: Process Name - php.exe Process ID - 8332 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 04:05:00] New process found: Process Name - conhost.exe Process ID - 6208 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 04:05:05] New process found: Process Name - w3wp.exe Process ID - 12924 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 04:05:05] New process found: Process Name - crontabmng.exe Process ID - 15260 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:05:05] New process found: Process Name - conhost.exe Process ID - 9336 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:05:05] Process Exited: Process Name - w3wp.exe Process ID - 1556 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 04:05:06] Process Exited: Process Name - conhost.exe Process ID - 9336 [12-07-2023 04:05:06] Process Exited: Process Name - crontabmng.exe Process ID - 15260 [12-07-2023 04:05:08] Process Exited: Process Name - cmd.exe Process ID - 2384 [12-07-2023 04:05:08] Process Exited: Process Name - conhost.exe Process ID - 6208 [12-07-2023 04:05:08] Process Exited: Process Name - conhost.exe Process ID - 7760 [12-07-2023 04:05:08] Process Exited: Process Name - php.exe Process ID - 8332 [12-07-2023 04:05:08] Process Exited: Process Name - runtask.exe Process ID - 12484 [12-07-2023 04:05:52] New process found: Process Name - w3wp.exe Process ID - 12968 Process Identity - KSHITIJSINGHAL-\IWPD_74(suryafla_aw) Web application pool name - suryaflame.com(domain)(4.0)(pool) [12-07-2023 04:05:52] New process found: Process Name - conhost.exe Process ID - 7360 Process Identity - KSHITIJSINGHAL-\IWPD_74(suryafla_aw) [12-07-2023 04:06:03] New process found: Process Name - GoogleUpdate.exe Process ID - 13420 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:06:15] New process found: Process Name - GoogleUpdate.exe Process ID - 11036 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:06:15] Service state changed: Service Name - gupdate Process ID - 11036 Current State - SERVICE_RUNNING [12-07-2023 04:06:16] Process Exited: Process Name - GoogleUpdate.exe Process ID - 11036 [12-07-2023 04:06:16] Process Exited: Process Name - GoogleUpdate.exe Process ID - 13420 [12-07-2023 04:06:16] Service state changed: Service Name - gupdate Process ID - 0 Current State - SERVICE_STOPPED [12-07-2023 04:06:28] Process Exited: Process Name - w3wp.exe Process ID - 16340 Web application pool name - cies.org.in(domain)(4.0)(pool) [12-07-2023 04:06:52] Process Exited: Process Name - w3wp.exe Process ID - 12768 Web application pool name - kdbps.edu.in [12-07-2023 04:06:52] Process Exited: Process Name - conhost.exe Process ID - 14872 [12-07-2023 04:07:06] Process Exited: Process Name - w3wp.exe Process ID - 13832 Web application pool name - capitalbooks-publishing.com(domain)(4.0)(pool) [12-07-2023 04:07:53] New process found: Process Name - w3wp.exe Process ID - 14072 Process Identity - IIS APPPOOL\kdbps.edu.in Web application pool name - kdbps.edu.in [12-07-2023 04:07:53] New process found: Process Name - where.exe Process ID - 13764 Process Identity - IIS APPPOOL\kdbps.edu.in [12-07-2023 04:07:53] New process found: Process Name - conhost.exe Process ID - 9232 Process Identity - IIS APPPOOL\kdbps.edu.in [12-07-2023 04:07:54] New process found: Process Name - conhost.exe Process ID - 8656 Process Identity - IIS APPPOOL\kdbps.edu.in [12-07-2023 04:07:54] Process Exited: Process Name - conhost.exe Process ID - 9232 [12-07-2023 04:07:54] Process Exited: Process Name - where.exe Process ID - 13764 [12-07-2023 04:08:30] New process found: Process Name - w3wp.exe Process ID - 13972 Process Identity - KSHITIJSINGHAL-\IWPD_6(cies) Web application pool name - cies.org.in(domain)(4.0)(pool) [12-07-2023 04:08:55] New process found: Process Name - WmiPrvSE.exe Process ID - 16048 Process Identity - NT AUTHORITY\LOCAL SERVICE [12-07-2023 04:09:01] New process found: Process Name - WmiPrvSE.exe Process ID - 14144 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:09:34] Process Exited: Process Name - w3wp.exe Process ID - 11040 Web application pool name - galaxytools.in [12-07-2023 04:09:39] New process found: Process Name - w3wp.exe Process ID - 12804 Process Identity - IIS APPPOOL\galaxytools.in Web application pool name - galaxytools.in [12-07-2023 04:09:40] New process found: Process Name - w3wp.exe Process ID - 14712 Process Identity - KSHITIJSINGHAL-\IWPD_50(acwits) Web application pool name - adminmain.acwits.in(domain)(4.0)(pool) [12-07-2023 04:10:06] New process found: Process Name - w3wp.exe Process ID - 16212 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 04:10:06] Process Exited: Process Name - w3wp.exe Process ID - 12924 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 04:10:15] Process Exited: Process Name - w3wp.exe Process ID - 13424 Web application pool name - adminportal.perfectbread.com(domain)(4.0)(pool) [12-07-2023 04:10:15] Process Exited: Process Name - conhost.exe Process ID - 14548 [12-07-2023 04:10:24] Process Exited: Process Name - WmiPrvSE.exe Process ID - 14144 [12-07-2023 04:10:24] Process Exited: Process Name - WmiPrvSE.exe Process ID - 16048 [12-07-2023 04:11:00] New process found: Process Name - w3wp.exe Process ID - 13432 Process Identity - IIS APPPOOL\DefaultAppPool Web application pool name - DefaultAppPool [12-07-2023 04:11:55] Process Exited: Process Name - conhost.exe Process ID - 7360 [12-07-2023 04:11:55] Process Exited: Process Name - w3wp.exe Process ID - 12968 Web application pool name - suryaflame.com(domain)(4.0)(pool) [12-07-2023 04:13:31] Process Exited: Process Name - w3wp.exe Process ID - 2056 Web application pool name - procurementwebnew.acwits.in(domain)(4.0)(pool) [12-07-2023 04:13:31] Process Exited: Process Name - conhost.exe Process ID - 11432 [12-07-2023 04:14:00] New process found: Process Name - cmd.exe Process ID - 14384 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:14:00] New process found: Process Name - conhost.exe Process ID - 13316 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:14:00] New process found: Process Name - runtask.exe Process ID - 4324 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:14:00] New process found: Process Name - dllhost.exe Process ID - 7804 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:14:00] New process found: Process Name - web_statistics_executor.exe Process ID - 2508 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:14:00] New process found: Process Name - conhost.exe Process ID - 1728 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:14:00] New process found: Process Name - cmd.exe Process ID - 11552 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:14:00] New process found: Process Name - conhost.exe Process ID - 15952 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:14:00] New process found: Process Name - sort.exe Process ID - 13192 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:14:01] New process found: Process Name - perl.exe Process ID - 2092 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:14:01] New process found: Process Name - conhost.exe Process ID - 11476 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:14:01] Process Exited: Process Name - cmd.exe Process ID - 11552 [12-07-2023 04:14:01] Process Exited: Process Name - sort.exe Process ID - 13192 [12-07-2023 04:14:01] Process Exited: Process Name - conhost.exe Process ID - 15952 [12-07-2023 04:14:02] New process found: Process Name - perl.exe Process ID - 14048 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:14:02] New process found: Process Name - SearchProtocolHost.exe Process ID - 15484 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:14:02] New process found: Process Name - conhost.exe Process ID - 13492 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:14:02] New process found: Process Name - SearchFilterHost.exe Process ID - 15908 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:14:02] Process Exited: Process Name - perl.exe Process ID - 2092 [12-07-2023 04:14:02] Process Exited: Process Name - conhost.exe Process ID - 11476 [12-07-2023 04:14:03] New process found: Process Name - perl.exe Process ID - 14436 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:14:03] New process found: Process Name - conhost.exe Process ID - 11000 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:14:03] Process Exited: Process Name - conhost.exe Process ID - 13492 [12-07-2023 04:14:03] Process Exited: Process Name - perl.exe Process ID - 14048 [12-07-2023 04:14:04] New process found: Process Name - perl.exe Process ID - 6884 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:14:04] New process found: Process Name - conhost.exe Process ID - 15084 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:14:04] Process Exited: Process Name - conhost.exe Process ID - 11000 [12-07-2023 04:14:04] Process Exited: Process Name - perl.exe Process ID - 14436 [12-07-2023 04:14:05] New process found: Process Name - perl.exe Process ID - 14260 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:14:05] New process found: Process Name - conhost.exe Process ID - 7148 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:14:05] Process Exited: Process Name - perl.exe Process ID - 6884 [12-07-2023 04:14:05] Process Exited: Process Name - dllhost.exe Process ID - 7804 [12-07-2023 04:14:05] Process Exited: Process Name - conhost.exe Process ID - 15084 [12-07-2023 04:14:06] New process found: Process Name - perl.exe Process ID - 6900 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:14:06] New process found: Process Name - conhost.exe Process ID - 6452 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:14:06] Process Exited: Process Name - conhost.exe Process ID - 7148 [12-07-2023 04:14:06] Process Exited: Process Name - perl.exe Process ID - 14260 [12-07-2023 04:14:07] New process found: Process Name - perl.exe Process ID - 6264 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:14:07] New process found: Process Name - conhost.exe Process ID - 16344 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:14:07] Process Exited: Process Name - conhost.exe Process ID - 6452 [12-07-2023 04:14:07] Process Exited: Process Name - perl.exe Process ID - 6900 [12-07-2023 04:14:08] New process found: Process Name - perl.exe Process ID - 9280 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:14:08] New process found: Process Name - conhost.exe Process ID - 8400 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:14:08] Process Exited: Process Name - perl.exe Process ID - 6264 [12-07-2023 04:14:08] Process Exited: Process Name - conhost.exe Process ID - 16344 [12-07-2023 04:14:09] New process found: Process Name - DeviceCensus.exe Process ID - 9768 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:14:09] New process found: Process Name - conhost.exe Process ID - 15000 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:14:09] New process found: Process Name - WmiPrvSE.exe Process ID - 676 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:14:09] New process found: Process Name - perl.exe Process ID - 5932 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:14:09] New process found: Process Name - conhost.exe Process ID - 10984 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:14:09] New process found: Process Name - sppsvc.exe Process ID - 13036 Process Identity - SYSTEM [12-07-2023 04:14:09] Process Exited: Process Name - conhost.exe Process ID - 8400 [12-07-2023 04:14:09] Process Exited: Process Name - perl.exe Process ID - 9280 [12-07-2023 04:14:09] Service state changed: Service Name - sppsvc Process ID - 13036 Current State - SERVICE_RUNNING [12-07-2023 04:14:10] New process found: Process Name - perl.exe Process ID - 7336 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:14:10] New process found: Process Name - conhost.exe Process ID - 10852 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:14:10] Process Exited: Process Name - perl.exe Process ID - 5932 [12-07-2023 04:14:10] Process Exited: Process Name - DeviceCensus.exe Process ID - 9768 [12-07-2023 04:14:10] Process Exited: Process Name - conhost.exe Process ID - 10984 [12-07-2023 04:14:10] Process Exited: Process Name - conhost.exe Process ID - 15000 [12-07-2023 04:14:11] Process Exited: Process Name - perl.exe Process ID - 7336 [12-07-2023 04:14:11] Process Exited: Process Name - conhost.exe Process ID - 10852 [12-07-2023 04:14:12] New process found: Process Name - perl.exe Process ID - 13960 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:14:12] New process found: Process Name - conhost.exe Process ID - 11164 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:14:13] New process found: Process Name - perl.exe Process ID - 7892 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:14:13] New process found: Process Name - conhost.exe Process ID - 12672 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:14:13] Process Exited: Process Name - conhost.exe Process ID - 11164 [12-07-2023 04:14:13] Process Exited: Process Name - perl.exe Process ID - 13960 [12-07-2023 04:14:14] Process Exited: Process Name - perl.exe Process ID - 7892 [12-07-2023 04:14:14] Process Exited: Process Name - conhost.exe Process ID - 12672 [12-07-2023 04:14:15] New process found: Process Name - perl.exe Process ID - 8384 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:14:15] New process found: Process Name - conhost.exe Process ID - 5104 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:14:16] New process found: Process Name - perl.exe Process ID - 8740 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:14:16] New process found: Process Name - conhost.exe Process ID - 16104 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:14:16] Process Exited: Process Name - conhost.exe Process ID - 5104 [12-07-2023 04:14:16] Process Exited: Process Name - perl.exe Process ID - 8384 [12-07-2023 04:14:17] New process found: Process Name - perl.exe Process ID - 8660 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:14:17] New process found: Process Name - conhost.exe Process ID - 9076 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:14:17] Process Exited: Process Name - perl.exe Process ID - 8740 [12-07-2023 04:14:17] Process Exited: Process Name - conhost.exe Process ID - 16104 [12-07-2023 04:14:18] New process found: Process Name - perl.exe Process ID - 13436 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:14:18] New process found: Process Name - conhost.exe Process ID - 4956 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:14:18] Process Exited: Process Name - perl.exe Process ID - 8660 [12-07-2023 04:14:18] Process Exited: Process Name - conhost.exe Process ID - 9076 [12-07-2023 04:14:19] New process found: Process Name - perl.exe Process ID - 12768 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:14:19] New process found: Process Name - conhost.exe Process ID - 10916 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:14:19] Process Exited: Process Name - conhost.exe Process ID - 4956 [12-07-2023 04:14:19] Process Exited: Process Name - perl.exe Process ID - 13436 [12-07-2023 04:14:20] New process found: Process Name - perl.exe Process ID - 640 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:14:20] New process found: Process Name - conhost.exe Process ID - 5480 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:14:20] Process Exited: Process Name - conhost.exe Process ID - 10916 [12-07-2023 04:14:20] Process Exited: Process Name - perl.exe Process ID - 12768 [12-07-2023 04:14:21] New process found: Process Name - perl.exe Process ID - 7904 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:14:21] New process found: Process Name - conhost.exe Process ID - 15588 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:14:21] Process Exited: Process Name - perl.exe Process ID - 640 [12-07-2023 04:14:21] Process Exited: Process Name - conhost.exe Process ID - 5480 [12-07-2023 04:14:22] New process found: Process Name - perl.exe Process ID - 14148 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:14:22] New process found: Process Name - conhost.exe Process ID - 10212 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:14:22] Process Exited: Process Name - perl.exe Process ID - 7904 [12-07-2023 04:14:22] Process Exited: Process Name - conhost.exe Process ID - 15588 [12-07-2023 04:14:23] New process found: Process Name - perl.exe Process ID - 1684 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:14:23] New process found: Process Name - conhost.exe Process ID - 15792 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:14:23] Process Exited: Process Name - conhost.exe Process ID - 10212 [12-07-2023 04:14:23] Process Exited: Process Name - perl.exe Process ID - 14148 [12-07-2023 04:14:24] New process found: Process Name - perl.exe Process ID - 4724 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:14:24] New process found: Process Name - conhost.exe Process ID - 11128 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:14:24] Process Exited: Process Name - perl.exe Process ID - 1684 [12-07-2023 04:14:24] Process Exited: Process Name - conhost.exe Process ID - 15792 [12-07-2023 04:14:25] New process found: Process Name - perl.exe Process ID - 15292 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:14:25] New process found: Process Name - conhost.exe Process ID - 11576 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:14:25] Process Exited: Process Name - perl.exe Process ID - 4724 [12-07-2023 04:14:25] Process Exited: Process Name - conhost.exe Process ID - 11128 [12-07-2023 04:14:26] New process found: Process Name - perl.exe Process ID - 10592 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:14:26] New process found: Process Name - conhost.exe Process ID - 11044 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:14:26] Process Exited: Process Name - conhost.exe Process ID - 11576 [12-07-2023 04:14:26] Process Exited: Process Name - perl.exe Process ID - 15292 [12-07-2023 04:14:27] New process found: Process Name - perl.exe Process ID - 8296 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:14:27] New process found: Process Name - conhost.exe Process ID - 16272 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:14:27] Process Exited: Process Name - perl.exe Process ID - 10592 [12-07-2023 04:14:27] Process Exited: Process Name - conhost.exe Process ID - 11044 [12-07-2023 04:14:28] New process found: Process Name - perl.exe Process ID - 6284 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:14:28] New process found: Process Name - conhost.exe Process ID - 15412 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:14:28] Process Exited: Process Name - perl.exe Process ID - 8296 [12-07-2023 04:14:28] Process Exited: Process Name - conhost.exe Process ID - 16272 [12-07-2023 04:14:29] New process found: Process Name - perl.exe Process ID - 16300 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:14:29] New process found: Process Name - conhost.exe Process ID - 1716 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:14:29] Process Exited: Process Name - perl.exe Process ID - 6284 [12-07-2023 04:14:29] Process Exited: Process Name - conhost.exe Process ID - 15412 [12-07-2023 04:14:30] New process found: Process Name - perl.exe Process ID - 2428 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:14:30] New process found: Process Name - conhost.exe Process ID - 336 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:14:30] Process Exited: Process Name - conhost.exe Process ID - 1716 [12-07-2023 04:14:30] Process Exited: Process Name - perl.exe Process ID - 16300 [12-07-2023 04:14:31] New process found: Process Name - perl.exe Process ID - 6836 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:14:31] New process found: Process Name - conhost.exe Process ID - 15180 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:14:31] Process Exited: Process Name - conhost.exe Process ID - 336 [12-07-2023 04:14:31] Process Exited: Process Name - perl.exe Process ID - 2428 [12-07-2023 04:14:32] New process found: Process Name - perl.exe Process ID - 5460 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:14:32] New process found: Process Name - conhost.exe Process ID - 6260 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:14:32] Process Exited: Process Name - perl.exe Process ID - 6836 [12-07-2023 04:14:32] Process Exited: Process Name - conhost.exe Process ID - 15180 [12-07-2023 04:14:33] New process found: Process Name - perl.exe Process ID - 8340 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:14:33] New process found: Process Name - conhost.exe Process ID - 13976 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:14:33] Process Exited: Process Name - perl.exe Process ID - 5460 [12-07-2023 04:14:33] Process Exited: Process Name - conhost.exe Process ID - 6260 [12-07-2023 04:14:34] New process found: Process Name - perl.exe Process ID - 12180 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:14:34] New process found: Process Name - conhost.exe Process ID - 5952 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:14:34] Process Exited: Process Name - perl.exe Process ID - 8340 [12-07-2023 04:14:34] Process Exited: Process Name - conhost.exe Process ID - 13976 [12-07-2023 04:14:35] New process found: Process Name - perl.exe Process ID - 13464 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:14:35] New process found: Process Name - conhost.exe Process ID - 6504 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:14:35] Process Exited: Process Name - conhost.exe Process ID - 5952 [12-07-2023 04:14:35] Process Exited: Process Name - perl.exe Process ID - 12180 [12-07-2023 04:14:36] New process found: Process Name - perl.exe Process ID - 9156 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:14:36] New process found: Process Name - conhost.exe Process ID - 16252 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:14:36] Process Exited: Process Name - conhost.exe Process ID - 6504 [12-07-2023 04:14:36] Process Exited: Process Name - perl.exe Process ID - 13464 [12-07-2023 04:14:37] New process found: Process Name - perl.exe Process ID - 2260 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:14:37] New process found: Process Name - conhost.exe Process ID - 9652 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:14:37] Process Exited: Process Name - perl.exe Process ID - 9156 [12-07-2023 04:14:37] Process Exited: Process Name - conhost.exe Process ID - 16252 [12-07-2023 04:14:38] New process found: Process Name - perl.exe Process ID - 11624 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:14:38] New process found: Process Name - conhost.exe Process ID - 4156 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:14:38] Process Exited: Process Name - perl.exe Process ID - 2260 [12-07-2023 04:14:38] Process Exited: Process Name - conhost.exe Process ID - 9652 [12-07-2023 04:14:39] New process found: Process Name - perl.exe Process ID - 736 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:14:39] New process found: Process Name - conhost.exe Process ID - 3048 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:14:39] Process Exited: Process Name - conhost.exe Process ID - 4156 [12-07-2023 04:14:39] Process Exited: Process Name - perl.exe Process ID - 11624 [12-07-2023 04:14:40] New process found: Process Name - perl.exe Process ID - 2480 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:14:40] New process found: Process Name - conhost.exe Process ID - 11984 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:14:40] Process Exited: Process Name - perl.exe Process ID - 736 [12-07-2023 04:14:40] Process Exited: Process Name - conhost.exe Process ID - 3048 [12-07-2023 04:14:40] Process Exited: Process Name - sppsvc.exe Process ID - 13036 [12-07-2023 04:14:40] Service state changed: Service Name - sppsvc Process ID - 0 Current State - SERVICE_STOPPED [12-07-2023 04:14:41] New process found: Process Name - perl.exe Process ID - 10464 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:14:41] New process found: Process Name - conhost.exe Process ID - 8996 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:14:41] Process Exited: Process Name - perl.exe Process ID - 2480 [12-07-2023 04:14:41] Process Exited: Process Name - conhost.exe Process ID - 11984 [12-07-2023 04:14:42] New process found: Process Name - perl.exe Process ID - 11844 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:14:42] New process found: Process Name - conhost.exe Process ID - 8840 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:14:42] Process Exited: Process Name - conhost.exe Process ID - 8996 [12-07-2023 04:14:42] Process Exited: Process Name - perl.exe Process ID - 10464 [12-07-2023 04:14:43] New process found: Process Name - perl.exe Process ID - 10380 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:14:43] New process found: Process Name - conhost.exe Process ID - 2468 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:14:43] Process Exited: Process Name - conhost.exe Process ID - 8840 [12-07-2023 04:14:43] Process Exited: Process Name - perl.exe Process ID - 11844 [12-07-2023 04:14:44] New process found: Process Name - perl.exe Process ID - 2736 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:14:44] New process found: Process Name - conhost.exe Process ID - 544 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:14:44] Process Exited: Process Name - conhost.exe Process ID - 2468 [12-07-2023 04:14:44] Process Exited: Process Name - perl.exe Process ID - 10380 [12-07-2023 04:14:45] New process found: Process Name - perl.exe Process ID - 12400 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:14:45] New process found: Process Name - conhost.exe Process ID - 1948 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:14:45] Process Exited: Process Name - conhost.exe Process ID - 544 [12-07-2023 04:14:45] Process Exited: Process Name - perl.exe Process ID - 2736 [12-07-2023 04:14:46] New process found: Process Name - perl.exe Process ID - 15448 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:14:46] New process found: Process Name - conhost.exe Process ID - 11404 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:14:46] Process Exited: Process Name - conhost.exe Process ID - 1948 [12-07-2023 04:14:46] Process Exited: Process Name - perl.exe Process ID - 12400 [12-07-2023 04:14:47] New process found: Process Name - perl.exe Process ID - 11788 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:14:47] New process found: Process Name - conhost.exe Process ID - 8052 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:14:47] Process Exited: Process Name - conhost.exe Process ID - 11404 [12-07-2023 04:14:47] Process Exited: Process Name - perl.exe Process ID - 15448 [12-07-2023 04:14:48] New process found: Process Name - perl.exe Process ID - 9396 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:14:48] New process found: Process Name - conhost.exe Process ID - 9060 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:14:48] Process Exited: Process Name - conhost.exe Process ID - 8052 [12-07-2023 04:14:48] Process Exited: Process Name - perl.exe Process ID - 11788 [12-07-2023 04:14:49] New process found: Process Name - perl.exe Process ID - 12816 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:14:49] New process found: Process Name - conhost.exe Process ID - 12968 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:14:49] Process Exited: Process Name - conhost.exe Process ID - 9060 [12-07-2023 04:14:49] Process Exited: Process Name - perl.exe Process ID - 9396 [12-07-2023 04:14:50] New process found: Process Name - perl.exe Process ID - 5728 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:14:50] New process found: Process Name - conhost.exe Process ID - 14632 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:14:50] Process Exited: Process Name - perl.exe Process ID - 12816 [12-07-2023 04:14:50] Process Exited: Process Name - conhost.exe Process ID - 12968 [12-07-2023 04:14:51] New process found: Process Name - perl.exe Process ID - 6188 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:14:51] New process found: Process Name - conhost.exe Process ID - 10428 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:14:51] Process Exited: Process Name - perl.exe Process ID - 5728 [12-07-2023 04:14:51] Process Exited: Process Name - conhost.exe Process ID - 14632 [12-07-2023 04:14:52] New process found: Process Name - perl.exe Process ID - 9956 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:14:52] New process found: Process Name - conhost.exe Process ID - 1332 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:14:52] Process Exited: Process Name - perl.exe Process ID - 6188 [12-07-2023 04:14:52] Process Exited: Process Name - conhost.exe Process ID - 10428 [12-07-2023 04:14:53] New process found: Process Name - perl.exe Process ID - 6132 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:14:53] New process found: Process Name - conhost.exe Process ID - 876 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:14:53] Process Exited: Process Name - conhost.exe Process ID - 1332 [12-07-2023 04:14:53] Process Exited: Process Name - perl.exe Process ID - 9956 [12-07-2023 04:14:54] New process found: Process Name - perl.exe Process ID - 15320 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:14:54] New process found: Process Name - conhost.exe Process ID - 14372 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:14:54] Process Exited: Process Name - conhost.exe Process ID - 876 [12-07-2023 04:14:54] Process Exited: Process Name - perl.exe Process ID - 6132 [12-07-2023 04:14:55] New process found: Process Name - perl.exe Process ID - 11748 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:14:55] New process found: Process Name - conhost.exe Process ID - 7020 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:14:55] Process Exited: Process Name - conhost.exe Process ID - 14372 [12-07-2023 04:14:55] Process Exited: Process Name - perl.exe Process ID - 15320 [12-07-2023 04:14:56] New process found: Process Name - perl.exe Process ID - 9808 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:14:56] New process found: Process Name - conhost.exe Process ID - 10904 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:14:56] Process Exited: Process Name - conhost.exe Process ID - 7020 [12-07-2023 04:14:56] Process Exited: Process Name - perl.exe Process ID - 11748 [12-07-2023 04:14:57] New process found: Process Name - perl.exe Process ID - 12468 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:14:57] New process found: Process Name - conhost.exe Process ID - 2412 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:14:57] Process Exited: Process Name - perl.exe Process ID - 9808 [12-07-2023 04:14:57] Process Exited: Process Name - conhost.exe Process ID - 10904 [12-07-2023 04:14:58] New process found: Process Name - perl.exe Process ID - 12068 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:14:58] New process found: Process Name - conhost.exe Process ID - 12764 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:14:58] Process Exited: Process Name - conhost.exe Process ID - 2412 [12-07-2023 04:14:58] Process Exited: Process Name - perl.exe Process ID - 12468 [12-07-2023 04:14:59] New process found: Process Name - perl.exe Process ID - 668 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:14:59] New process found: Process Name - conhost.exe Process ID - 5088 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:14:59] Process Exited: Process Name - perl.exe Process ID - 12068 [12-07-2023 04:14:59] Process Exited: Process Name - conhost.exe Process ID - 12764 [12-07-2023 04:15:00] New process found: Process Name - perl.exe Process ID - 11964 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:15:00] New process found: Process Name - conhost.exe Process ID - 14972 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:15:00] Process Exited: Process Name - perl.exe Process ID - 668 [12-07-2023 04:15:00] Process Exited: Process Name - conhost.exe Process ID - 5088 [12-07-2023 04:15:02] New process found: Process Name - perl.exe Process ID - 968 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:15:02] New process found: Process Name - conhost.exe Process ID - 6460 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:15:02] Process Exited: Process Name - perl.exe Process ID - 11964 [12-07-2023 04:15:02] Process Exited: Process Name - conhost.exe Process ID - 14972 [12-07-2023 04:15:03] New process found: Process Name - perl.exe Process ID - 9708 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:15:03] New process found: Process Name - conhost.exe Process ID - 9552 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:15:03] Process Exited: Process Name - perl.exe Process ID - 968 [12-07-2023 04:15:03] Process Exited: Process Name - conhost.exe Process ID - 6460 [12-07-2023 04:15:04] New process found: Process Name - perl.exe Process ID - 15668 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:15:04] New process found: Process Name - conhost.exe Process ID - 3380 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:15:04] Process Exited: Process Name - conhost.exe Process ID - 9552 [12-07-2023 04:15:04] Process Exited: Process Name - perl.exe Process ID - 9708 [12-07-2023 04:15:05] New process found: Process Name - perl.exe Process ID - 15724 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:15:05] New process found: Process Name - conhost.exe Process ID - 14028 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:15:05] Process Exited: Process Name - conhost.exe Process ID - 3380 [12-07-2023 04:15:05] Process Exited: Process Name - perl.exe Process ID - 15668 [12-07-2023 04:15:06] New process found: Process Name - perl.exe Process ID - 11712 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:15:06] Process Exited: Process Name - conhost.exe Process ID - 14028 [12-07-2023 04:15:06] Process Exited: Process Name - perl.exe Process ID - 15724 [12-07-2023 04:15:07] New process found: Process Name - perl.exe Process ID - 14948 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:15:07] New process found: Process Name - conhost.exe Process ID - 2488 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:15:07] Process Exited: Process Name - perl.exe Process ID - 11712 [12-07-2023 04:15:08] New process found: Process Name - w3wp.exe Process ID - 4776 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 04:15:08] New process found: Process Name - perl.exe Process ID - 2268 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:15:08] New process found: Process Name - conhost.exe Process ID - 3992 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:15:08] Process Exited: Process Name - conhost.exe Process ID - 2488 [12-07-2023 04:15:08] Process Exited: Process Name - perl.exe Process ID - 14948 [12-07-2023 04:15:08] Process Exited: Process Name - w3wp.exe Process ID - 16212 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 04:15:09] New process found: Process Name - perl.exe Process ID - 12216 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:15:09] New process found: Process Name - conhost.exe Process ID - 13600 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:15:09] Process Exited: Process Name - perl.exe Process ID - 2268 [12-07-2023 04:15:09] Process Exited: Process Name - conhost.exe Process ID - 3992 [12-07-2023 04:15:10] New process found: Process Name - perl.exe Process ID - 7292 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:15:10] New process found: Process Name - conhost.exe Process ID - 9280 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:15:10] Process Exited: Process Name - perl.exe Process ID - 12216 [12-07-2023 04:15:10] Process Exited: Process Name - conhost.exe Process ID - 13600 [12-07-2023 04:15:11] New process found: Process Name - perl.exe Process ID - 9136 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:15:11] New process found: Process Name - conhost.exe Process ID - 7444 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:15:11] Process Exited: Process Name - perl.exe Process ID - 7292 [12-07-2023 04:15:11] Process Exited: Process Name - conhost.exe Process ID - 9280 [12-07-2023 04:15:12] New process found: Process Name - perl.exe Process ID - 16244 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:15:12] New process found: Process Name - conhost.exe Process ID - 10996 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:15:12] Process Exited: Process Name - conhost.exe Process ID - 7444 [12-07-2023 04:15:12] Process Exited: Process Name - perl.exe Process ID - 9136 [12-07-2023 04:15:13] New process found: Process Name - perl.exe Process ID - 11388 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:15:13] New process found: Process Name - conhost.exe Process ID - 13168 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:15:13] Process Exited: Process Name - conhost.exe Process ID - 10996 [12-07-2023 04:15:13] Process Exited: Process Name - perl.exe Process ID - 16244 [12-07-2023 04:15:14] Process Exited: Process Name - perl.exe Process ID - 11388 [12-07-2023 04:15:14] Process Exited: Process Name - conhost.exe Process ID - 13168 [12-07-2023 04:15:15] New process found: Process Name - perl.exe Process ID - 13960 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:15:15] New process found: Process Name - conhost.exe Process ID - 11164 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:15:16] New process found: Process Name - perl.exe Process ID - 12672 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:15:16] New process found: Process Name - conhost.exe Process ID - 13284 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:15:16] Process Exited: Process Name - conhost.exe Process ID - 11164 [12-07-2023 04:15:16] Process Exited: Process Name - perl.exe Process ID - 13960 [12-07-2023 04:15:17] New process found: Process Name - perl.exe Process ID - 10932 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:15:17] New process found: Process Name - conhost.exe Process ID - 13796 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:15:17] Process Exited: Process Name - perl.exe Process ID - 12672 [12-07-2023 04:15:17] Process Exited: Process Name - conhost.exe Process ID - 13284 [12-07-2023 04:15:18] Process Exited: Process Name - perl.exe Process ID - 10932 [12-07-2023 04:15:18] Process Exited: Process Name - conhost.exe Process ID - 13796 [12-07-2023 04:15:19] New process found: Process Name - perl.exe Process ID - 16372 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:15:19] New process found: Process Name - conhost.exe Process ID - 10156 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:15:20] New process found: Process Name - perl.exe Process ID - 7980 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:15:20] New process found: Process Name - conhost.exe Process ID - 5416 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:15:20] Process Exited: Process Name - conhost.exe Process ID - 10156 [12-07-2023 04:15:20] Process Exited: Process Name - perl.exe Process ID - 16372 [12-07-2023 04:15:21] New process found: Process Name - perl.exe Process ID - 14932 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:15:21] New process found: Process Name - conhost.exe Process ID - 15488 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:15:21] Process Exited: Process Name - conhost.exe Process ID - 5416 [12-07-2023 04:15:21] Process Exited: Process Name - perl.exe Process ID - 7980 [12-07-2023 04:15:22] New process found: Process Name - perl.exe Process ID - 15752 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:15:22] New process found: Process Name - conhost.exe Process ID - 14604 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:15:22] Process Exited: Process Name - perl.exe Process ID - 14932 [12-07-2023 04:15:22] Process Exited: Process Name - conhost.exe Process ID - 15488 [12-07-2023 04:15:23] New process found: Process Name - perl.exe Process ID - 8888 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:15:23] New process found: Process Name - conhost.exe Process ID - 16164 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:15:23] Process Exited: Process Name - conhost.exe Process ID - 14604 [12-07-2023 04:15:23] Process Exited: Process Name - perl.exe Process ID - 15752 [12-07-2023 04:15:24] New process found: Process Name - perl.exe Process ID - 9204 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:15:24] New process found: Process Name - conhost.exe Process ID - 15076 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:15:24] Process Exited: Process Name - perl.exe Process ID - 8888 [12-07-2023 04:15:24] Process Exited: Process Name - conhost.exe Process ID - 16164 [12-07-2023 04:15:25] New process found: Process Name - perl.exe Process ID - 3136 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:15:25] New process found: Process Name - conhost.exe Process ID - 11256 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:15:25] Process Exited: Process Name - perl.exe Process ID - 9204 [12-07-2023 04:15:25] Process Exited: Process Name - conhost.exe Process ID - 15076 [12-07-2023 04:15:26] New process found: Process Name - perl.exe Process ID - 12268 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:15:26] New process found: Process Name - conhost.exe Process ID - 10388 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:15:26] Process Exited: Process Name - perl.exe Process ID - 3136 [12-07-2023 04:15:26] Process Exited: Process Name - conhost.exe Process ID - 11256 [12-07-2023 04:15:27] New process found: Process Name - perl.exe Process ID - 1336 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:15:27] New process found: Process Name - conhost.exe Process ID - 10188 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:15:27] Process Exited: Process Name - conhost.exe Process ID - 10388 [12-07-2023 04:15:27] Process Exited: Process Name - perl.exe Process ID - 12268 [12-07-2023 04:15:28] New process found: Process Name - perl.exe Process ID - 13236 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:15:28] New process found: Process Name - conhost.exe Process ID - 9232 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:15:28] Process Exited: Process Name - perl.exe Process ID - 1336 [12-07-2023 04:15:28] Process Exited: Process Name - conhost.exe Process ID - 10188 [12-07-2023 04:15:29] New process found: Process Name - perl.exe Process ID - 13520 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:15:29] New process found: Process Name - conhost.exe Process ID - 5588 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:15:29] Process Exited: Process Name - conhost.exe Process ID - 9232 [12-07-2023 04:15:29] Process Exited: Process Name - perl.exe Process ID - 13236 [12-07-2023 04:15:30] Process Exited: Process Name - conhost.exe Process ID - 5588 [12-07-2023 04:15:30] Process Exited: Process Name - perl.exe Process ID - 13520 [12-07-2023 04:15:31] New process found: Process Name - perl.exe Process ID - 1616 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:15:31] New process found: Process Name - conhost.exe Process ID - 16292 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:15:32] New process found: Process Name - perl.exe Process ID - 9568 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:15:32] New process found: Process Name - conhost.exe Process ID - 6420 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:15:32] Process Exited: Process Name - perl.exe Process ID - 1616 [12-07-2023 04:15:32] Process Exited: Process Name - conhost.exe Process ID - 16292 [12-07-2023 04:15:33] Process Exited: Process Name - conhost.exe Process ID - 6420 [12-07-2023 04:15:33] Process Exited: Process Name - perl.exe Process ID - 9568 [12-07-2023 04:15:34] New process found: Process Name - perl.exe Process ID - 980 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:15:34] New process found: Process Name - conhost.exe Process ID - 10880 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:15:35] New process found: Process Name - perl.exe Process ID - 1360 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:15:35] New process found: Process Name - conhost.exe Process ID - 10252 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:15:35] Process Exited: Process Name - perl.exe Process ID - 980 [12-07-2023 04:15:35] Process Exited: Process Name - conhost.exe Process ID - 10880 [12-07-2023 04:15:36] New process found: Process Name - perl.exe Process ID - 12592 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:15:36] New process found: Process Name - conhost.exe Process ID - 4924 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:15:36] Process Exited: Process Name - perl.exe Process ID - 1360 [12-07-2023 04:15:36] Process Exited: Process Name - conhost.exe Process ID - 10252 [12-07-2023 04:15:37] New process found: Process Name - perl.exe Process ID - 4212 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:15:37] New process found: Process Name - conhost.exe Process ID - 12260 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:15:37] Process Exited: Process Name - conhost.exe Process ID - 4924 [12-07-2023 04:15:37] Process Exited: Process Name - perl.exe Process ID - 12592 [12-07-2023 04:15:38] New process found: Process Name - perl.exe Process ID - 13132 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:15:38] New process found: Process Name - conhost.exe Process ID - 2256 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:15:38] Process Exited: Process Name - perl.exe Process ID - 4212 [12-07-2023 04:15:38] Process Exited: Process Name - conhost.exe Process ID - 12260 [12-07-2023 04:15:39] New process found: Process Name - perl.exe Process ID - 7736 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:15:39] New process found: Process Name - conhost.exe Process ID - 11532 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:15:39] Process Exited: Process Name - conhost.exe Process ID - 2256 [12-07-2023 04:15:39] Process Exited: Process Name - perl.exe Process ID - 13132 [12-07-2023 04:15:40] New process found: Process Name - perl.exe Process ID - 15112 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:15:40] New process found: Process Name - conhost.exe Process ID - 14460 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:15:40] Process Exited: Process Name - WmiPrvSE.exe Process ID - 676 [12-07-2023 04:15:40] Process Exited: Process Name - perl.exe Process ID - 7736 [12-07-2023 04:15:40] Process Exited: Process Name - conhost.exe Process ID - 11532 [12-07-2023 04:15:41] New process found: Process Name - perl.exe Process ID - 6808 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:15:41] Process Exited: Process Name - w3wp.exe Process ID - 12804 Web application pool name - galaxytools.in [12-07-2023 04:15:41] Process Exited: Process Name - conhost.exe Process ID - 14460 [12-07-2023 04:15:41] Process Exited: Process Name - perl.exe Process ID - 15112 [12-07-2023 04:15:42] New process found: Process Name - perl.exe Process ID - 13036 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:15:42] New process found: Process Name - conhost.exe Process ID - 16080 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:15:42] Process Exited: Process Name - perl.exe Process ID - 6808 [12-07-2023 04:15:43] New process found: Process Name - cmd.exe Process ID - 2480 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:15:43] New process found: Process Name - conhost.exe Process ID - 11984 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:15:43] Process Exited: Process Name - perl.exe Process ID - 13036 [12-07-2023 04:15:43] Process Exited: Process Name - w3wp.exe Process ID - 14712 Web application pool name - adminmain.acwits.in(domain)(4.0)(pool) [12-07-2023 04:15:43] Process Exited: Process Name - conhost.exe Process ID - 16080 [12-07-2023 04:15:44] New process found: Process Name - perl.exe Process ID - 10464 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:15:44] New process found: Process Name - conhost.exe Process ID - 8996 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:15:44] Process Exited: Process Name - cmd.exe Process ID - 2480 [12-07-2023 04:15:44] Process Exited: Process Name - conhost.exe Process ID - 11984 [12-07-2023 04:15:45] New process found: Process Name - perl.exe Process ID - 10256 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:15:45] New process found: Process Name - conhost.exe Process ID - 9312 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:15:45] Process Exited: Process Name - conhost.exe Process ID - 8996 [12-07-2023 04:15:45] Process Exited: Process Name - perl.exe Process ID - 10464 [12-07-2023 04:15:46] New process found: Process Name - perl.exe Process ID - 13008 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:15:46] New process found: Process Name - conhost.exe Process ID - 11720 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:15:46] Process Exited: Process Name - conhost.exe Process ID - 9312 [12-07-2023 04:15:46] Process Exited: Process Name - perl.exe Process ID - 10256 [12-07-2023 04:15:47] New process found: Process Name - perl.exe Process ID - 2704 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:15:47] New process found: Process Name - conhost.exe Process ID - 15072 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:15:47] Process Exited: Process Name - conhost.exe Process ID - 11720 [12-07-2023 04:15:47] Process Exited: Process Name - perl.exe Process ID - 13008 [12-07-2023 04:15:48] New process found: Process Name - perl.exe Process ID - 1928 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:15:48] New process found: Process Name - conhost.exe Process ID - 12400 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:15:48] Process Exited: Process Name - perl.exe Process ID - 2704 [12-07-2023 04:15:48] Process Exited: Process Name - conhost.exe Process ID - 15072 [12-07-2023 04:15:49] New process found: Process Name - perl.exe Process ID - 15420 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:15:49] New process found: Process Name - conhost.exe Process ID - 10324 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:15:49] Process Exited: Process Name - perl.exe Process ID - 1928 [12-07-2023 04:15:49] Process Exited: Process Name - conhost.exe Process ID - 12400 [12-07-2023 04:15:50] New process found: Process Name - perl.exe Process ID - 5648 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:15:50] New process found: Process Name - conhost.exe Process ID - 1740 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:15:50] Process Exited: Process Name - conhost.exe Process ID - 10324 [12-07-2023 04:15:50] Process Exited: Process Name - perl.exe Process ID - 15420 [12-07-2023 04:15:51] New process found: Process Name - perl.exe Process ID - 14828 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:15:51] New process found: Process Name - conhost.exe Process ID - 7792 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:15:51] Process Exited: Process Name - conhost.exe Process ID - 1740 [12-07-2023 04:15:51] Process Exited: Process Name - perl.exe Process ID - 5648 [12-07-2023 04:15:52] New process found: Process Name - perl.exe Process ID - 15328 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:15:52] New process found: Process Name - conhost.exe Process ID - 14856 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:15:52] Process Exited: Process Name - conhost.exe Process ID - 7792 [12-07-2023 04:15:52] Process Exited: Process Name - perl.exe Process ID - 14828 [12-07-2023 04:15:53] New process found: Process Name - perl.exe Process ID - 5728 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:15:53] New process found: Process Name - conhost.exe Process ID - 14632 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:15:53] Process Exited: Process Name - conhost.exe Process ID - 14856 [12-07-2023 04:15:53] Process Exited: Process Name - perl.exe Process ID - 15328 [12-07-2023 04:15:54] New process found: Process Name - perl.exe Process ID - 10448 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:15:54] New process found: Process Name - conhost.exe Process ID - 15604 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:15:54] Process Exited: Process Name - perl.exe Process ID - 5728 [12-07-2023 04:15:54] Process Exited: Process Name - conhost.exe Process ID - 14632 [12-07-2023 04:15:55] New process found: Process Name - perl.exe Process ID - 13412 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:15:55] New process found: Process Name - conhost.exe Process ID - 14268 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:15:55] Process Exited: Process Name - perl.exe Process ID - 10448 [12-07-2023 04:15:55] Process Exited: Process Name - conhost.exe Process ID - 15604 [12-07-2023 04:15:56] New process found: Process Name - perl.exe Process ID - 11344 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:15:56] New process found: Process Name - conhost.exe Process ID - 8504 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:15:56] Process Exited: Process Name - perl.exe Process ID - 13412 [12-07-2023 04:15:56] Process Exited: Process Name - conhost.exe Process ID - 14268 [12-07-2023 04:15:57] New process found: Process Name - perl.exe Process ID - 6468 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:15:57] New process found: Process Name - conhost.exe Process ID - 10328 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:15:57] Process Exited: Process Name - conhost.exe Process ID - 8504 [12-07-2023 04:15:57] Process Exited: Process Name - perl.exe Process ID - 11344 [12-07-2023 04:15:58] New process found: Process Name - perl.exe Process ID - 12676 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:15:58] New process found: Process Name - conhost.exe Process ID - 14996 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:15:58] Process Exited: Process Name - perl.exe Process ID - 6468 [12-07-2023 04:15:58] Process Exited: Process Name - conhost.exe Process ID - 10328 [12-07-2023 04:15:59] New process found: Process Name - perl.exe Process ID - 5072 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:15:59] New process found: Process Name - conhost.exe Process ID - 10152 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:15:59] Process Exited: Process Name - perl.exe Process ID - 12676 [12-07-2023 04:15:59] Process Exited: Process Name - conhost.exe Process ID - 14996 [12-07-2023 04:16:00] New process found: Process Name - perl.exe Process ID - 7032 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:16:00] New process found: Process Name - conhost.exe Process ID - 16120 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:16:00] Process Exited: Process Name - perl.exe Process ID - 5072 [12-07-2023 04:16:00] Process Exited: Process Name - conhost.exe Process ID - 10152 [12-07-2023 04:16:01] New process found: Process Name - perl.exe Process ID - 2956 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:16:01] New process found: Process Name - conhost.exe Process ID - 15664 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:16:01] Process Exited: Process Name - perl.exe Process ID - 7032 [12-07-2023 04:16:01] Process Exited: Process Name - conhost.exe Process ID - 16120 [12-07-2023 04:16:02] New process found: Process Name - perl.exe Process ID - 15408 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:16:02] New process found: Process Name - conhost.exe Process ID - 14896 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:16:02] Process Exited: Process Name - perl.exe Process ID - 2956 [12-07-2023 04:16:02] Process Exited: Process Name - conhost.exe Process ID - 15664 [12-07-2023 04:16:03] New process found: Process Name - SearchFilterHost.exe Process ID - 14076 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:16:03] New process found: Process Name - perl.exe Process ID - 13328 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:16:03] New process found: Process Name - conhost.exe Process ID - 14820 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:16:03] Process Exited: Process Name - conhost.exe Process ID - 14896 [12-07-2023 04:16:03] Process Exited: Process Name - perl.exe Process ID - 15408 [12-07-2023 04:16:03] Process Exited: Process Name - SearchFilterHost.exe Process ID - 15908 [12-07-2023 04:16:04] New process found: Process Name - perl.exe Process ID - 4148 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:16:04] New process found: Process Name - conhost.exe Process ID - 5068 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:16:04] Process Exited: Process Name - perl.exe Process ID - 13328 [12-07-2023 04:16:04] Process Exited: Process Name - conhost.exe Process ID - 14820 [12-07-2023 04:16:05] New process found: Process Name - perl.exe Process ID - 15816 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:16:05] New process found: Process Name - conhost.exe Process ID - 12780 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:16:05] Process Exited: Process Name - perl.exe Process ID - 4148 [12-07-2023 04:16:05] Process Exited: Process Name - conhost.exe Process ID - 5068 [12-07-2023 04:16:06] New process found: Process Name - perl.exe Process ID - 15676 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:16:06] New process found: Process Name - conhost.exe Process ID - 12252 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:16:06] Process Exited: Process Name - conhost.exe Process ID - 12780 [12-07-2023 04:16:06] Process Exited: Process Name - perl.exe Process ID - 15816 [12-07-2023 04:16:07] New process found: Process Name - perl.exe Process ID - 12704 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:16:07] New process found: Process Name - conhost.exe Process ID - 11000 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:16:07] Process Exited: Process Name - conhost.exe Process ID - 12252 [12-07-2023 04:16:07] Process Exited: Process Name - perl.exe Process ID - 15676 [12-07-2023 04:16:08] New process found: Process Name - perl.exe Process ID - 10384 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:16:08] New process found: Process Name - conhost.exe Process ID - 16020 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:16:08] Process Exited: Process Name - conhost.exe Process ID - 11000 [12-07-2023 04:16:08] Process Exited: Process Name - perl.exe Process ID - 12704 [12-07-2023 04:16:09] New process found: Process Name - perl.exe Process ID - 7356 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:16:09] New process found: Process Name - conhost.exe Process ID - 7600 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:16:09] Process Exited: Process Name - perl.exe Process ID - 10384 [12-07-2023 04:16:09] Process Exited: Process Name - conhost.exe Process ID - 16020 [12-07-2023 04:16:10] New process found: Process Name - perl.exe Process ID - 12072 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:16:10] New process found: Process Name - conhost.exe Process ID - 13912 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:16:10] Process Exited: Process Name - perl.exe Process ID - 7356 [12-07-2023 04:16:10] Process Exited: Process Name - conhost.exe Process ID - 7600 [12-07-2023 04:16:11] New process found: Process Name - perl.exe Process ID - 12636 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:16:11] New process found: Process Name - conhost.exe Process ID - 14116 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:16:11] Process Exited: Process Name - perl.exe Process ID - 12072 [12-07-2023 04:16:11] Process Exited: Process Name - conhost.exe Process ID - 13912 [12-07-2023 04:16:12] New process found: Process Name - perl.exe Process ID - 11724 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:16:12] Process Exited: Process Name - perl.exe Process ID - 12636 [12-07-2023 04:16:12] Process Exited: Process Name - conhost.exe Process ID - 14116 [12-07-2023 04:16:13] New process found: Process Name - perl.exe Process ID - 12740 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:16:13] New process found: Process Name - conhost.exe Process ID - 15252 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:16:13] Process Exited: Process Name - perl.exe Process ID - 11724 [12-07-2023 04:16:14] New process found: Process Name - perl.exe Process ID - 4252 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:16:14] New process found: Process Name - conhost.exe Process ID - 912 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:16:14] Process Exited: Process Name - perl.exe Process ID - 12740 [12-07-2023 04:16:14] Process Exited: Process Name - conhost.exe Process ID - 15252 [12-07-2023 04:16:15] New process found: Process Name - perl.exe Process ID - 14440 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:16:15] New process found: Process Name - conhost.exe Process ID - 9816 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:16:15] Process Exited: Process Name - conhost.exe Process ID - 912 [12-07-2023 04:16:15] Process Exited: Process Name - perl.exe Process ID - 4252 [12-07-2023 04:16:16] New process found: Process Name - perl.exe Process ID - 14976 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:16:16] New process found: Process Name - conhost.exe Process ID - 5064 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:16:16] Process Exited: Process Name - conhost.exe Process ID - 9816 [12-07-2023 04:16:16] Process Exited: Process Name - perl.exe Process ID - 14440 [12-07-2023 04:16:17] New process found: Process Name - perl.exe Process ID - 15416 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:16:17] New process found: Process Name - conhost.exe Process ID - 8876 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:16:17] New process found: Process Name - w3wp.exe Process ID - 5664 Process Identity - KSHITIJSINGHAL-\IWPD_7(cies) Web application pool name - adminportal.cies.org.in(domain)(4.0)(pool) [12-07-2023 04:16:17] Process Exited: Process Name - conhost.exe Process ID - 5064 [12-07-2023 04:16:17] Process Exited: Process Name - perl.exe Process ID - 14976 [12-07-2023 04:16:18] New process found: Process Name - perl.exe Process ID - 13480 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:16:18] New process found: Process Name - conhost.exe Process ID - 13228 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:16:18] Process Exited: Process Name - conhost.exe Process ID - 8876 [12-07-2023 04:16:18] Process Exited: Process Name - perl.exe Process ID - 15416 [12-07-2023 04:16:19] New process found: Process Name - perl.exe Process ID - 14136 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:16:19] New process found: Process Name - conhost.exe Process ID - 11568 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:16:19] Process Exited: Process Name - conhost.exe Process ID - 13228 [12-07-2023 04:16:19] Process Exited: Process Name - perl.exe Process ID - 13480 [12-07-2023 04:16:20] New process found: Process Name - perl.exe Process ID - 10820 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:16:20] New process found: Process Name - conhost.exe Process ID - 3876 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:16:20] Process Exited: Process Name - conhost.exe Process ID - 11568 [12-07-2023 04:16:20] Process Exited: Process Name - perl.exe Process ID - 14136 [12-07-2023 04:16:21] New process found: Process Name - perl.exe Process ID - 15804 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:16:21] New process found: Process Name - conhost.exe Process ID - 16332 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:16:21] Process Exited: Process Name - conhost.exe Process ID - 3876 [12-07-2023 04:16:21] Process Exited: Process Name - perl.exe Process ID - 10820 [12-07-2023 04:16:22] New process found: Process Name - perl.exe Process ID - 6228 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:16:22] New process found: Process Name - conhost.exe Process ID - 680 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:16:22] Process Exited: Process Name - perl.exe Process ID - 15804 [12-07-2023 04:16:22] Process Exited: Process Name - conhost.exe Process ID - 16332 [12-07-2023 04:16:23] Process Exited: Process Name - conhost.exe Process ID - 680 [12-07-2023 04:16:23] Process Exited: Process Name - perl.exe Process ID - 6228 [12-07-2023 04:16:24] New process found: Process Name - perl.exe Process ID - 15820 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:16:24] New process found: Process Name - conhost.exe Process ID - 6760 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:16:25] New process found: Process Name - perl.exe Process ID - 9680 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:16:25] New process found: Process Name - conhost.exe Process ID - 12620 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:16:25] Process Exited: Process Name - conhost.exe Process ID - 6760 [12-07-2023 04:16:25] Process Exited: Process Name - perl.exe Process ID - 15820 [12-07-2023 04:16:26] New process found: Process Name - perl.exe Process ID - 1560 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:16:26] New process found: Process Name - conhost.exe Process ID - 992 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:16:26] Process Exited: Process Name - perl.exe Process ID - 9680 [12-07-2023 04:16:26] Process Exited: Process Name - conhost.exe Process ID - 12620 [12-07-2023 04:16:27] New process found: Process Name - perl.exe Process ID - 6604 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:16:27] New process found: Process Name - conhost.exe Process ID - 7828 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:16:27] Process Exited: Process Name - conhost.exe Process ID - 992 [12-07-2023 04:16:27] Process Exited: Process Name - perl.exe Process ID - 1560 [12-07-2023 04:16:28] New process found: Process Name - perl.exe Process ID - 11348 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:16:28] New process found: Process Name - conhost.exe Process ID - 5936 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:16:28] Process Exited: Process Name - perl.exe Process ID - 6604 [12-07-2023 04:16:28] Process Exited: Process Name - conhost.exe Process ID - 7828 [12-07-2023 04:16:29] New process found: Process Name - perl.exe Process ID - 1756 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:16:29] New process found: Process Name - conhost.exe Process ID - 8908 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:16:29] Process Exited: Process Name - conhost.exe Process ID - 5936 [12-07-2023 04:16:29] Process Exited: Process Name - perl.exe Process ID - 11348 [12-07-2023 04:16:30] New process found: Process Name - perl.exe Process ID - 1860 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:16:30] New process found: Process Name - conhost.exe Process ID - 7308 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:16:30] Process Exited: Process Name - perl.exe Process ID - 1756 [12-07-2023 04:16:30] Process Exited: Process Name - conhost.exe Process ID - 8908 [12-07-2023 04:16:31] New process found: Process Name - perl.exe Process ID - 10924 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:16:31] New process found: Process Name - conhost.exe Process ID - 15708 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:16:31] Process Exited: Process Name - perl.exe Process ID - 1860 [12-07-2023 04:16:31] Process Exited: Process Name - conhost.exe Process ID - 7308 [12-07-2023 04:16:32] New process found: Process Name - perl.exe Process ID - 10848 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:16:32] New process found: Process Name - conhost.exe Process ID - 14448 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:16:32] Process Exited: Process Name - perl.exe Process ID - 10924 [12-07-2023 04:16:32] Process Exited: Process Name - conhost.exe Process ID - 15708 [12-07-2023 04:16:33] New process found: Process Name - perl.exe Process ID - 10940 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:16:33] New process found: Process Name - conhost.exe Process ID - 11260 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:16:33] Process Exited: Process Name - perl.exe Process ID - 10848 [12-07-2023 04:16:33] Process Exited: Process Name - conhost.exe Process ID - 14448 [12-07-2023 04:16:34] New process found: Process Name - perl.exe Process ID - 14980 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:16:34] New process found: Process Name - conhost.exe Process ID - 14532 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:16:34] Process Exited: Process Name - perl.exe Process ID - 10940 [12-07-2023 04:16:34] Process Exited: Process Name - conhost.exe Process ID - 11260 [12-07-2023 04:16:35] New process found: Process Name - perl.exe Process ID - 15180 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:16:35] New process found: Process Name - conhost.exe Process ID - 188 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:16:35] Process Exited: Process Name - conhost.exe Process ID - 14532 [12-07-2023 04:16:35] Process Exited: Process Name - perl.exe Process ID - 14980 [12-07-2023 04:16:36] New process found: Process Name - perl.exe Process ID - 980 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:16:36] New process found: Process Name - conhost.exe Process ID - 10880 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:16:36] Process Exited: Process Name - conhost.exe Process ID - 188 [12-07-2023 04:16:36] Process Exited: Process Name - perl.exe Process ID - 15180 [12-07-2023 04:16:37] New process found: Process Name - perl.exe Process ID - 16156 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:16:37] New process found: Process Name - conhost.exe Process ID - 10652 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:16:37] Process Exited: Process Name - perl.exe Process ID - 980 [12-07-2023 04:16:37] Process Exited: Process Name - conhost.exe Process ID - 10880 [12-07-2023 04:16:38] New process found: Process Name - perl.exe Process ID - 14564 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:16:38] New process found: Process Name - conhost.exe Process ID - 12592 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:16:38] Process Exited: Process Name - conhost.exe Process ID - 10652 [12-07-2023 04:16:38] Process Exited: Process Name - perl.exe Process ID - 16156 [12-07-2023 04:16:39] New process found: Process Name - perl.exe Process ID - 10760 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:16:39] New process found: Process Name - conhost.exe Process ID - 4212 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:16:39] Process Exited: Process Name - conhost.exe Process ID - 12592 [12-07-2023 04:16:39] Process Exited: Process Name - perl.exe Process ID - 14564 [12-07-2023 04:16:40] New process found: Process Name - perl.exe Process ID - 15048 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:16:40] New process found: Process Name - conhost.exe Process ID - 14152 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:16:40] Process Exited: Process Name - conhost.exe Process ID - 4212 [12-07-2023 04:16:40] Process Exited: Process Name - perl.exe Process ID - 10760 [12-07-2023 04:16:41] New process found: Process Name - perl.exe Process ID - 12096 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:16:41] New process found: Process Name - conhost.exe Process ID - 10376 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:16:41] Process Exited: Process Name - conhost.exe Process ID - 14152 [12-07-2023 04:16:41] Process Exited: Process Name - perl.exe Process ID - 15048 [12-07-2023 04:16:42] New process found: Process Name - perl.exe Process ID - 10892 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:16:42] New process found: Process Name - conhost.exe Process ID - 10944 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:16:42] Process Exited: Process Name - conhost.exe Process ID - 10376 [12-07-2023 04:16:42] Process Exited: Process Name - perl.exe Process ID - 12096 [12-07-2023 04:16:43] New process found: Process Name - perl.exe Process ID - 13776 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:16:43] New process found: Process Name - conhost.exe Process ID - 8256 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:16:43] Process Exited: Process Name - perl.exe Process ID - 10892 [12-07-2023 04:16:43] Process Exited: Process Name - conhost.exe Process ID - 10944 [12-07-2023 04:16:44] New process found: Process Name - perl.exe Process ID - 108 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:16:44] New process found: Process Name - conhost.exe Process ID - 13628 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:16:44] Process Exited: Process Name - conhost.exe Process ID - 8256 [12-07-2023 04:16:44] Process Exited: Process Name - perl.exe Process ID - 13776 [12-07-2023 04:16:45] New process found: Process Name - perl.exe Process ID - 2516 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:16:45] New process found: Process Name - conhost.exe Process ID - 11412 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:16:45] Process Exited: Process Name - perl.exe Process ID - 108 [12-07-2023 04:16:45] Process Exited: Process Name - conhost.exe Process ID - 13628 [12-07-2023 04:16:46] New process found: Process Name - perl.exe Process ID - 10528 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:16:46] New process found: Process Name - conhost.exe Process ID - 10500 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:16:46] Process Exited: Process Name - perl.exe Process ID - 2516 [12-07-2023 04:16:46] Process Exited: Process Name - conhost.exe Process ID - 11412 [12-07-2023 04:16:47] New process found: Process Name - perl.exe Process ID - 11540 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:16:47] New process found: Process Name - conhost.exe Process ID - 3048 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:16:47] Process Exited: Process Name - conhost.exe Process ID - 10500 [12-07-2023 04:16:47] Process Exited: Process Name - perl.exe Process ID - 10528 [12-07-2023 04:16:48] New process found: Process Name - perl.exe Process ID - 16080 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:16:48] New process found: Process Name - conhost.exe Process ID - 16072 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:16:48] Process Exited: Process Name - conhost.exe Process ID - 3048 [12-07-2023 04:16:48] Process Exited: Process Name - perl.exe Process ID - 11540 [12-07-2023 04:16:49] New process found: Process Name - perl.exe Process ID - 6272 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:16:49] New process found: Process Name - conhost.exe Process ID - 15628 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:16:49] Process Exited: Process Name - conhost.exe Process ID - 16072 [12-07-2023 04:16:49] Process Exited: Process Name - perl.exe Process ID - 16080 [12-07-2023 04:16:50] New process found: Process Name - perl.exe Process ID - 14388 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:16:50] New process found: Process Name - conhost.exe Process ID - 8700 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:16:50] Process Exited: Process Name - perl.exe Process ID - 6272 [12-07-2023 04:16:50] Process Exited: Process Name - conhost.exe Process ID - 15628 [12-07-2023 04:16:52] New process found: Process Name - perl.exe Process ID - 4176 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:16:52] New process found: Process Name - conhost.exe Process ID - 10380 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:16:52] Process Exited: Process Name - conhost.exe Process ID - 8700 [12-07-2023 04:16:52] Process Exited: Process Name - perl.exe Process ID - 14388 [12-07-2023 04:16:53] New process found: Process Name - perl.exe Process ID - 8672 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:16:53] New process found: Process Name - conhost.exe Process ID - 14748 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:16:53] Process Exited: Process Name - perl.exe Process ID - 4176 [12-07-2023 04:16:53] Process Exited: Process Name - conhost.exe Process ID - 10380 [12-07-2023 04:16:54] New process found: Process Name - perl.exe Process ID - 15924 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:16:54] New process found: Process Name - conhost.exe Process ID - 13752 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:16:54] Process Exited: Process Name - perl.exe Process ID - 8672 [12-07-2023 04:16:54] Process Exited: Process Name - conhost.exe Process ID - 14748 [12-07-2023 04:16:55] New process found: Process Name - perl.exe Process ID - 12276 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:16:55] New process found: Process Name - conhost.exe Process ID - 15288 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:16:55] Process Exited: Process Name - conhost.exe Process ID - 13752 [12-07-2023 04:16:55] Process Exited: Process Name - perl.exe Process ID - 15924 [12-07-2023 04:16:56] New process found: Process Name - perl.exe Process ID - 5348 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:16:56] New process found: Process Name - conhost.exe Process ID - 14756 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:16:56] Process Exited: Process Name - perl.exe Process ID - 12276 [12-07-2023 04:16:56] Process Exited: Process Name - conhost.exe Process ID - 15288 [12-07-2023 04:16:57] New process found: Process Name - perl.exe Process ID - 14192 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:16:57] New process found: Process Name - conhost.exe Process ID - 11188 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:16:57] Process Exited: Process Name - perl.exe Process ID - 5348 [12-07-2023 04:16:57] Process Exited: Process Name - conhost.exe Process ID - 14756 [12-07-2023 04:16:58] New process found: Process Name - perl.exe Process ID - 14052 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:16:58] New process found: Process Name - conhost.exe Process ID - 13240 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:16:58] Process Exited: Process Name - conhost.exe Process ID - 11188 [12-07-2023 04:16:58] Process Exited: Process Name - perl.exe Process ID - 14192 [12-07-2023 04:16:59] New process found: Process Name - perl.exe Process ID - 12868 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:16:59] New process found: Process Name - conhost.exe Process ID - 12120 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:16:59] Process Exited: Process Name - conhost.exe Process ID - 13240 [12-07-2023 04:16:59] Process Exited: Process Name - perl.exe Process ID - 14052 [12-07-2023 04:17:00] New process found: Process Name - perl.exe Process ID - 5728 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:17:00] New process found: Process Name - conhost.exe Process ID - 14632 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:17:00] Process Exited: Process Name - conhost.exe Process ID - 12120 [12-07-2023 04:17:00] Process Exited: Process Name - perl.exe Process ID - 12868 [12-07-2023 04:17:01] New process found: Process Name - perl.exe Process ID - 136 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:17:01] New process found: Process Name - conhost.exe Process ID - 6792 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:17:01] Process Exited: Process Name - perl.exe Process ID - 5728 [12-07-2023 04:17:01] Process Exited: Process Name - conhost.exe Process ID - 14632 [12-07-2023 04:17:02] New process found: Process Name - perl.exe Process ID - 10980 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:17:02] New process found: Process Name - conhost.exe Process ID - 1332 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:17:02] Process Exited: Process Name - perl.exe Process ID - 136 [12-07-2023 04:17:02] Process Exited: Process Name - conhost.exe Process ID - 6792 [12-07-2023 04:17:03] New process found: Process Name - perl.exe Process ID - 8504 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:17:03] New process found: Process Name - conhost.exe Process ID - 7672 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:17:03] Process Exited: Process Name - conhost.exe Process ID - 1332 [12-07-2023 04:17:03] Process Exited: Process Name - perl.exe Process ID - 10980 [12-07-2023 04:17:04] New process found: Process Name - perl.exe Process ID - 10328 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:17:04] New process found: Process Name - conhost.exe Process ID - 11868 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:17:04] Process Exited: Process Name - conhost.exe Process ID - 7672 [12-07-2023 04:17:04] Process Exited: Process Name - perl.exe Process ID - 8504 [12-07-2023 04:17:05] Process Exited: Process Name - perl.exe Process ID - 10328 [12-07-2023 04:17:05] Process Exited: Process Name - conhost.exe Process ID - 11868 [12-07-2023 04:17:06] New process found: Process Name - perl.exe Process ID - 13908 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:17:06] New process found: Process Name - conhost.exe Process ID - 12168 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:17:07] New process found: Process Name - perl.exe Process ID - 16296 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:17:07] New process found: Process Name - conhost.exe Process ID - 8824 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:17:07] Process Exited: Process Name - conhost.exe Process ID - 12168 [12-07-2023 04:17:07] Process Exited: Process Name - perl.exe Process ID - 13908 [12-07-2023 04:17:08] New process found: Process Name - perl.exe Process ID - 13384 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:17:08] New process found: Process Name - conhost.exe Process ID - 15324 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:17:08] Process Exited: Process Name - conhost.exe Process ID - 8824 [12-07-2023 04:17:08] Process Exited: Process Name - perl.exe Process ID - 16296 [12-07-2023 04:17:09] New process found: Process Name - perl.exe Process ID - 15332 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:17:09] New process found: Process Name - conhost.exe Process ID - 15552 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:17:09] Process Exited: Process Name - perl.exe Process ID - 13384 [12-07-2023 04:17:09] Process Exited: Process Name - conhost.exe Process ID - 15324 [12-07-2023 04:17:10] New process found: Process Name - perl.exe Process ID - 9916 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:17:10] New process found: Process Name - conhost.exe Process ID - 11224 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:17:10] Process Exited: Process Name - perl.exe Process ID - 15332 [12-07-2023 04:17:10] Process Exited: Process Name - conhost.exe Process ID - 15552 [12-07-2023 04:17:11] New process found: Process Name - perl.exe Process ID - 12960 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:17:11] New process found: Process Name - conhost.exe Process ID - 11884 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:17:11] Process Exited: Process Name - perl.exe Process ID - 9916 [12-07-2023 04:17:11] Process Exited: Process Name - conhost.exe Process ID - 11224 [12-07-2023 04:17:12] New process found: Process Name - perl.exe Process ID - 14168 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:17:12] New process found: Process Name - conhost.exe Process ID - 14048 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:17:12] Process Exited: Process Name - conhost.exe Process ID - 11884 [12-07-2023 04:17:12] Process Exited: Process Name - perl.exe Process ID - 12960 [12-07-2023 04:17:13] New process found: Process Name - perl.exe Process ID - 13084 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:17:13] New process found: Process Name - conhost.exe Process ID - 15528 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:17:13] Process Exited: Process Name - conhost.exe Process ID - 14048 [12-07-2023 04:17:13] Process Exited: Process Name - perl.exe Process ID - 14168 [12-07-2023 04:17:14] New process found: Process Name - perl.exe Process ID - 7800 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:17:14] New process found: Process Name - conhost.exe Process ID - 6816 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:17:14] Process Exited: Process Name - perl.exe Process ID - 13084 [12-07-2023 04:17:14] Process Exited: Process Name - conhost.exe Process ID - 15528 [12-07-2023 04:17:15] Process Exited: Process Name - conhost.exe Process ID - 6816 [12-07-2023 04:17:15] Process Exited: Process Name - perl.exe Process ID - 7800 [12-07-2023 04:17:16] New process found: Process Name - perl.exe Process ID - 15824 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:17:16] New process found: Process Name - conhost.exe Process ID - 15176 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:17:17] New process found: Process Name - perl.exe Process ID - 3992 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:17:17] New process found: Process Name - conhost.exe Process ID - 10788 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:17:17] Process Exited: Process Name - conhost.exe Process ID - 15176 [12-07-2023 04:17:17] Process Exited: Process Name - perl.exe Process ID - 15824 [12-07-2023 04:17:18] New process found: Process Name - perl.exe Process ID - 2384 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:17:18] New process found: Process Name - conhost.exe Process ID - 16008 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:17:18] Process Exited: Process Name - perl.exe Process ID - 3992 [12-07-2023 04:17:18] Process Exited: Process Name - conhost.exe Process ID - 10788 [12-07-2023 04:17:19] New process found: Process Name - perl.exe Process ID - 7468 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:17:19] New process found: Process Name - conhost.exe Process ID - 5932 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:17:19] Process Exited: Process Name - perl.exe Process ID - 2384 [12-07-2023 04:17:19] Process Exited: Process Name - conhost.exe Process ID - 16008 [12-07-2023 04:17:20] New process found: Process Name - perl.exe Process ID - 16076 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:17:20] New process found: Process Name - conhost.exe Process ID - 15104 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:17:20] Process Exited: Process Name - conhost.exe Process ID - 5932 [12-07-2023 04:17:20] Process Exited: Process Name - perl.exe Process ID - 7468 [12-07-2023 04:17:21] New process found: Process Name - perl.exe Process ID - 12296 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:17:21] New process found: Process Name - conhost.exe Process ID - 6456 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:17:21] Process Exited: Process Name - conhost.exe Process ID - 15104 [12-07-2023 04:17:21] Process Exited: Process Name - perl.exe Process ID - 16076 [12-07-2023 04:17:22] New process found: Process Name - perl.exe Process ID - 10068 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:17:22] New process found: Process Name - conhost.exe Process ID - 5576 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:17:22] Process Exited: Process Name - conhost.exe Process ID - 6456 [12-07-2023 04:17:22] Process Exited: Process Name - perl.exe Process ID - 12296 [12-07-2023 04:17:23] New process found: Process Name - perl.exe Process ID - 3420 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:17:23] New process found: Process Name - conhost.exe Process ID - 12856 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:17:23] Process Exited: Process Name - conhost.exe Process ID - 5576 [12-07-2023 04:17:23] Process Exited: Process Name - perl.exe Process ID - 10068 [12-07-2023 04:17:24] New process found: Process Name - perl.exe Process ID - 12672 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:17:24] New process found: Process Name - conhost.exe Process ID - 15936 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:17:24] Process Exited: Process Name - perl.exe Process ID - 3420 [12-07-2023 04:17:24] Process Exited: Process Name - conhost.exe Process ID - 12856 [12-07-2023 04:17:25] New process found: Process Name - perl.exe Process ID - 15372 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:17:25] New process found: Process Name - conhost.exe Process ID - 9092 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:17:25] Process Exited: Process Name - perl.exe Process ID - 12672 [12-07-2023 04:17:25] Process Exited: Process Name - conhost.exe Process ID - 15936 [12-07-2023 04:17:26] New process found: Process Name - perl.exe Process ID - 9456 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:17:26] New process found: Process Name - conhost.exe Process ID - 10460 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:17:26] Process Exited: Process Name - conhost.exe Process ID - 9092 [12-07-2023 04:17:26] Process Exited: Process Name - perl.exe Process ID - 15372 [12-07-2023 04:17:27] New process found: Process Name - perl.exe Process ID - 16372 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:17:27] New process found: Process Name - conhost.exe Process ID - 11960 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:17:27] Process Exited: Process Name - perl.exe Process ID - 9456 [12-07-2023 04:17:27] Process Exited: Process Name - conhost.exe Process ID - 10460 [12-07-2023 04:17:28] New process found: Process Name - perl.exe Process ID - 4180 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:17:28] New process found: Process Name - conhost.exe Process ID - 14412 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:17:28] Process Exited: Process Name - conhost.exe Process ID - 11960 [12-07-2023 04:17:28] Process Exited: Process Name - perl.exe Process ID - 16372 [12-07-2023 04:17:29] New process found: Process Name - perl.exe Process ID - 12796 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:17:29] New process found: Process Name - conhost.exe Process ID - 7756 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:17:29] Process Exited: Process Name - perl.exe Process ID - 4180 [12-07-2023 04:17:29] Process Exited: Process Name - conhost.exe Process ID - 14412 [12-07-2023 04:17:30] New process found: Process Name - perl.exe Process ID - 16116 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:17:30] New process found: Process Name - conhost.exe Process ID - 10504 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:17:30] Process Exited: Process Name - conhost.exe Process ID - 7756 [12-07-2023 04:17:30] Process Exited: Process Name - perl.exe Process ID - 12796 [12-07-2023 04:17:31] New process found: Process Name - perl.exe Process ID - 13184 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:17:31] New process found: Process Name - conhost.exe Process ID - 14768 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:17:31] Process Exited: Process Name - conhost.exe Process ID - 10504 [12-07-2023 04:17:31] Process Exited: Process Name - perl.exe Process ID - 16116 [12-07-2023 04:17:32] New process found: Process Name - perl.exe Process ID - 6624 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:17:32] New process found: Process Name - conhost.exe Process ID - 7676 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:17:32] Process Exited: Process Name - perl.exe Process ID - 13184 [12-07-2023 04:17:32] Process Exited: Process Name - conhost.exe Process ID - 14768 [12-07-2023 04:17:33] New process found: Process Name - perl.exe Process ID - 7776 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:17:33] New process found: Process Name - conhost.exe Process ID - 9720 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:17:33] Process Exited: Process Name - perl.exe Process ID - 6624 [12-07-2023 04:17:33] Process Exited: Process Name - conhost.exe Process ID - 7676 [12-07-2023 04:17:34] New process found: Process Name - perl.exe Process ID - 7476 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:17:34] New process found: Process Name - conhost.exe Process ID - 10572 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:17:34] Process Exited: Process Name - perl.exe Process ID - 7776 [12-07-2023 04:17:34] Process Exited: Process Name - conhost.exe Process ID - 9720 [12-07-2023 04:17:35] Process Exited: Process Name - perl.exe Process ID - 7476 [12-07-2023 04:17:35] Process Exited: Process Name - conhost.exe Process ID - 10572 [12-07-2023 04:17:36] New process found: Process Name - perl.exe Process ID - 10744 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:17:36] New process found: Process Name - conhost.exe Process ID - 1860 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:17:37] New process found: Process Name - perl.exe Process ID - 15044 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:17:37] New process found: Process Name - conhost.exe Process ID - 8296 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:17:37] Process Exited: Process Name - conhost.exe Process ID - 1860 [12-07-2023 04:17:37] Process Exited: Process Name - perl.exe Process ID - 10744 [12-07-2023 04:17:38] New process found: Process Name - perl.exe Process ID - 16148 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:17:38] New process found: Process Name - conhost.exe Process ID - 10920 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:17:38] Process Exited: Process Name - conhost.exe Process ID - 8296 [12-07-2023 04:17:38] Process Exited: Process Name - perl.exe Process ID - 15044 [12-07-2023 04:17:39] New process found: Process Name - perl.exe Process ID - 10480 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:17:39] New process found: Process Name - conhost.exe Process ID - 10832 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:17:39] Process Exited: Process Name - conhost.exe Process ID - 10920 [12-07-2023 04:17:39] Process Exited: Process Name - perl.exe Process ID - 16148 [12-07-2023 04:17:40] New process found: Process Name - w3wp.exe Process ID - 10828 Process Identity - KSHITIJSINGHAL-\IWPD_33(acwits) Web application pool name - procurementwebnew.acwits.in(domain)(4.0)(pool) [12-07-2023 04:17:40] New process found: Process Name - conhost.exe Process ID - 6220 Process Identity - KSHITIJSINGHAL-\IWPD_33(acwits) [12-07-2023 04:17:40] New process found: Process Name - perl.exe Process ID - 980 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:17:40] New process found: Process Name - conhost.exe Process ID - 10880 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:17:40] Process Exited: Process Name - perl.exe Process ID - 10480 [12-07-2023 04:17:40] Process Exited: Process Name - conhost.exe Process ID - 10832 [12-07-2023 04:17:41] New process found: Process Name - perl.exe Process ID - 11148 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:17:41] New process found: Process Name - conhost.exe Process ID - 14752 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:17:41] Process Exited: Process Name - perl.exe Process ID - 980 [12-07-2023 04:17:41] Process Exited: Process Name - conhost.exe Process ID - 10880 [12-07-2023 04:17:42] New process found: Process Name - perl.exe Process ID - 4212 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:17:42] New process found: Process Name - conhost.exe Process ID - 14408 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:17:42] Process Exited: Process Name - perl.exe Process ID - 11148 [12-07-2023 04:17:42] Process Exited: Process Name - conhost.exe Process ID - 14752 [12-07-2023 04:17:43] New process found: Process Name - perl.exe Process ID - 7576 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:17:43] New process found: Process Name - conhost.exe Process ID - 14540 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:17:43] Process Exited: Process Name - perl.exe Process ID - 4212 [12-07-2023 04:17:43] Process Exited: Process Name - conhost.exe Process ID - 14408 [12-07-2023 04:17:44] New process found: Process Name - perl.exe Process ID - 16188 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:17:44] New process found: Process Name - conhost.exe Process ID - 7780 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:17:44] Process Exited: Process Name - perl.exe Process ID - 7576 [12-07-2023 04:17:44] Process Exited: Process Name - conhost.exe Process ID - 14540 [12-07-2023 04:17:45] New process found: Process Name - perl.exe Process ID - 8744 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:17:45] New process found: Process Name - conhost.exe Process ID - 11392 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:17:45] Process Exited: Process Name - conhost.exe Process ID - 7780 [12-07-2023 04:17:45] Process Exited: Process Name - perl.exe Process ID - 16188 [12-07-2023 04:17:46] New process found: Process Name - perl.exe Process ID - 32 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:17:46] New process found: Process Name - conhost.exe Process ID - 8904 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:17:46] Process Exited: Process Name - perl.exe Process ID - 8744 [12-07-2023 04:17:46] Process Exited: Process Name - conhost.exe Process ID - 11392 [12-07-2023 04:17:47] New process found: Process Name - perl.exe Process ID - 15312 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:17:47] New process found: Process Name - conhost.exe Process ID - 10800 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:17:47] Process Exited: Process Name - perl.exe Process ID - 32 [12-07-2023 04:17:47] Process Exited: Process Name - conhost.exe Process ID - 8904 [12-07-2023 04:17:48] New process found: Process Name - perl.exe Process ID - 12308 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:17:48] New process found: Process Name - conhost.exe Process ID - 5912 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:17:48] Process Exited: Process Name - conhost.exe Process ID - 10800 [12-07-2023 04:17:48] Process Exited: Process Name - perl.exe Process ID - 15312 [12-07-2023 04:17:49] New process found: Process Name - perl.exe Process ID - 8788 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:17:49] New process found: Process Name - conhost.exe Process ID - 14232 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:17:49] Process Exited: Process Name - conhost.exe Process ID - 5912 [12-07-2023 04:17:49] Process Exited: Process Name - perl.exe Process ID - 12308 [12-07-2023 04:17:50] New process found: Process Name - perl.exe Process ID - 13892 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:17:50] New process found: Process Name - conhost.exe Process ID - 4416 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:17:50] Process Exited: Process Name - perl.exe Process ID - 8788 [12-07-2023 04:17:50] Process Exited: Process Name - conhost.exe Process ID - 14232 [12-07-2023 04:17:51] New process found: Process Name - perl.exe Process ID - 12628 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:17:51] New process found: Process Name - conhost.exe Process ID - 14144 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:17:51] Process Exited: Process Name - conhost.exe Process ID - 4416 [12-07-2023 04:17:51] Process Exited: Process Name - perl.exe Process ID - 13892 [12-07-2023 04:17:52] New process found: Process Name - perl.exe Process ID - 14324 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:17:52] New process found: Process Name - conhost.exe Process ID - 14388 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:17:52] Process Exited: Process Name - perl.exe Process ID - 12628 [12-07-2023 04:17:52] Process Exited: Process Name - conhost.exe Process ID - 14144 [12-07-2023 04:17:53] New process found: Process Name - perl.exe Process ID - 9896 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:17:53] New process found: Process Name - conhost.exe Process ID - 15632 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:17:53] Process Exited: Process Name - perl.exe Process ID - 14324 [12-07-2023 04:17:53] Process Exited: Process Name - conhost.exe Process ID - 14388 [12-07-2023 04:17:54] New process found: Process Name - perl.exe Process ID - 6744 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:17:54] New process found: Process Name - conhost.exe Process ID - 11744 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:17:54] Process Exited: Process Name - perl.exe Process ID - 9896 [12-07-2023 04:17:54] Process Exited: Process Name - conhost.exe Process ID - 15632 [12-07-2023 04:17:55] New process found: Process Name - perl.exe Process ID - 15920 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:17:55] New process found: Process Name - conhost.exe Process ID - 8944 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:17:55] Process Exited: Process Name - perl.exe Process ID - 6744 [12-07-2023 04:17:55] Process Exited: Process Name - conhost.exe Process ID - 11744 [12-07-2023 04:17:56] New process found: Process Name - perl.exe Process ID - 15980 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:17:56] New process found: Process Name - conhost.exe Process ID - 9824 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:17:56] Process Exited: Process Name - conhost.exe Process ID - 8944 [12-07-2023 04:17:56] Process Exited: Process Name - perl.exe Process ID - 15920 [12-07-2023 04:17:57] New process found: Process Name - perl.exe Process ID - 14492 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:17:57] New process found: Process Name - conhost.exe Process ID - 6396 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:17:57] Process Exited: Process Name - conhost.exe Process ID - 9824 [12-07-2023 04:17:57] Process Exited: Process Name - perl.exe Process ID - 15980 [12-07-2023 04:17:58] New process found: Process Name - perl.exe Process ID - 7388 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:17:58] New process found: Process Name - conhost.exe Process ID - 6784 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:17:58] Process Exited: Process Name - conhost.exe Process ID - 6396 [12-07-2023 04:17:58] Process Exited: Process Name - perl.exe Process ID - 14492 [12-07-2023 04:17:59] New process found: Process Name - perl.exe Process ID - 8416 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:17:59] New process found: Process Name - conhost.exe Process ID - 14052 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:17:59] Process Exited: Process Name - conhost.exe Process ID - 6784 [12-07-2023 04:17:59] Process Exited: Process Name - perl.exe Process ID - 7388 [12-07-2023 04:18:00] New process found: Process Name - perl.exe Process ID - 2796 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:18:00] Process Exited: Process Name - perl.exe Process ID - 8416 [12-07-2023 04:18:00] Process Exited: Process Name - conhost.exe Process ID - 14052 [12-07-2023 04:18:01] New process found: Process Name - perl.exe Process ID - 10496 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:18:01] New process found: Process Name - conhost.exe Process ID - 15604 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:18:01] Process Exited: Process Name - perl.exe Process ID - 2796 [12-07-2023 04:18:02] New process found: Process Name - perl.exe Process ID - 136 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:18:02] New process found: Process Name - conhost.exe Process ID - 7152 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:18:02] Process Exited: Process Name - perl.exe Process ID - 10496 [12-07-2023 04:18:02] Process Exited: Process Name - conhost.exe Process ID - 15604 [12-07-2023 04:18:03] New process found: Process Name - perl.exe Process ID - 14268 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:18:03] New process found: Process Name - SearchFilterHost.exe Process ID - 9600 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:18:03] New process found: Process Name - conhost.exe Process ID - 12364 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:18:03] Process Exited: Process Name - perl.exe Process ID - 136 [12-07-2023 04:18:03] Process Exited: Process Name - conhost.exe Process ID - 7152 [12-07-2023 04:18:03] Process Exited: Process Name - SearchFilterHost.exe Process ID - 14076 [12-07-2023 04:18:04] New process found: Process Name - perl.exe Process ID - 8516 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:18:04] New process found: Process Name - conhost.exe Process ID - 12928 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:18:04] Process Exited: Process Name - conhost.exe Process ID - 12364 [12-07-2023 04:18:04] Process Exited: Process Name - perl.exe Process ID - 14268 [12-07-2023 04:18:05] New process found: Process Name - perl.exe Process ID - 11416 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:18:05] New process found: Process Name - conhost.exe Process ID - 11888 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:18:05] Process Exited: Process Name - perl.exe Process ID - 8516 [12-07-2023 04:18:05] Process Exited: Process Name - conhost.exe Process ID - 12928 [12-07-2023 04:18:06] New process found: Process Name - perl.exe Process ID - 11980 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:18:06] New process found: Process Name - conhost.exe Process ID - 15612 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:18:06] Process Exited: Process Name - perl.exe Process ID - 11416 [12-07-2023 04:18:06] Process Exited: Process Name - conhost.exe Process ID - 11888 [12-07-2023 04:18:08] New process found: Process Name - perl.exe Process ID - 13360 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:18:08] New process found: Process Name - conhost.exe Process ID - 10812 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:18:08] Process Exited: Process Name - perl.exe Process ID - 11980 [12-07-2023 04:18:08] Process Exited: Process Name - conhost.exe Process ID - 15612 [12-07-2023 04:18:09] New process found: Process Name - perl.exe Process ID - 11832 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:18:09] New process found: Process Name - conhost.exe Process ID - 6988 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:18:09] Process Exited: Process Name - conhost.exe Process ID - 10812 [12-07-2023 04:18:09] Process Exited: Process Name - perl.exe Process ID - 13360 [12-07-2023 04:18:10] New process found: Process Name - perl.exe Process ID - 16032 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:18:10] New process found: Process Name - conhost.exe Process ID - 2556 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:18:10] Process Exited: Process Name - conhost.exe Process ID - 6988 [12-07-2023 04:18:10] Process Exited: Process Name - perl.exe Process ID - 11832 [12-07-2023 04:18:14] New process found: Process Name - perl.exe Process ID - 5088 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:18:14] New process found: Process Name - conhost.exe Process ID - 7372 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:18:14] Process Exited: Process Name - conhost.exe Process ID - 2556 [12-07-2023 04:18:14] Process Exited: Process Name - perl.exe Process ID - 16032 [12-07-2023 04:18:15] New process found: Process Name - perl.exe Process ID - 14820 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:18:15] New process found: Process Name - conhost.exe Process ID - 9276 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:18:15] Process Exited: Process Name - perl.exe Process ID - 5088 [12-07-2023 04:18:15] Process Exited: Process Name - conhost.exe Process ID - 7372 [12-07-2023 04:18:16] New process found: Process Name - perl.exe Process ID - 10728 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:18:16] New process found: Process Name - conhost.exe Process ID - 10676 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:18:16] Process Exited: Process Name - conhost.exe Process ID - 9276 [12-07-2023 04:18:16] Process Exited: Process Name - perl.exe Process ID - 14820 [12-07-2023 04:18:17] New process found: Process Name - perl.exe Process ID - 9352 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:18:17] New process found: Process Name - conhost.exe Process ID - 15204 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:18:17] Process Exited: Process Name - conhost.exe Process ID - 10676 [12-07-2023 04:18:17] Process Exited: Process Name - perl.exe Process ID - 10728 [12-07-2023 04:18:18] New process found: Process Name - perl.exe Process ID - 11004 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:18:18] New process found: Process Name - conhost.exe Process ID - 15724 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:18:18] Process Exited: Process Name - perl.exe Process ID - 9352 [12-07-2023 04:18:18] Process Exited: Process Name - conhost.exe Process ID - 15204 [12-07-2023 04:18:20] New process found: Process Name - perl.exe Process ID - 1636 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:18:20] New process found: Process Name - conhost.exe Process ID - 16368 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:18:20] Process Exited: Process Name - perl.exe Process ID - 11004 [12-07-2023 04:18:20] Process Exited: Process Name - conhost.exe Process ID - 15724 [12-07-2023 04:18:21] New process found: Process Name - perl.exe Process ID - 15420 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:18:21] New process found: Process Name - conhost.exe Process ID - 14812 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:18:21] Process Exited: Process Name - perl.exe Process ID - 1636 [12-07-2023 04:18:21] Process Exited: Process Name - conhost.exe Process ID - 16368 [12-07-2023 04:18:22] New process found: Process Name - perl.exe Process ID - 12172 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:18:22] New process found: Process Name - conhost.exe Process ID - 15084 Process Identity - KSHITIJSINGHAL-\Plesk Administrator [12-07-2023 04:18:22] Process Exited: Process Name - conhost.exe Process ID - 14812 [12-07-2023 04:18:22] Process Exited: Process Name - perl.exe Process ID - 15420 [12-07-2023 04:18:23] Process Exited: Process Name - perl.exe Process ID - 12172 [12-07-2023 04:18:23] Process Exited: Process Name - conhost.exe Process ID - 15084 [12-07-2023 04:18:24] Process Exited: Process Name - conhost.exe Process ID - 1728 [12-07-2023 04:18:24] Process Exited: Process Name - web_statistics_executor.exe Process ID - 2508 [12-07-2023 04:18:24] Process Exited: Process Name - runtask.exe Process ID - 4324 [12-07-2023 04:18:24] Process Exited: Process Name - conhost.exe Process ID - 13316 [12-07-2023 04:18:24] Process Exited: Process Name - cmd.exe Process ID - 14384 [12-07-2023 04:18:54] New process found: Process Name - WmiPrvSE.exe Process ID - 2664 Process Identity - NT AUTHORITY\LOCAL SERVICE [12-07-2023 04:19:01] New process found: Process Name - WmiPrvSE.exe Process ID - 12720 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:19:20] New process found: Process Name - w3wp.exe Process ID - 8852 Process Identity - IIS APPPOOL\galaxytools.in Web application pool name - galaxytools.in [12-07-2023 04:19:32] Process Exited: Process Name - w3wp.exe Process ID - 13972 Web application pool name - cies.org.in(domain)(4.0)(pool) [12-07-2023 04:20:08] New process found: Process Name - w3wp.exe Process ID - 15056 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 04:20:08] Process Exited: Process Name - w3wp.exe Process ID - 4776 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 04:20:24] Process Exited: Process Name - WmiPrvSE.exe Process ID - 2664 [12-07-2023 04:20:24] Process Exited: Process Name - WmiPrvSE.exe Process ID - 12720 [12-07-2023 04:20:47] Process Exited: Process Name - SearchFilterHost.exe Process ID - 9600 [12-07-2023 04:20:47] Process Exited: Process Name - SearchProtocolHost.exe Process ID - 15484 [12-07-2023 04:20:55] Process Exited: Process Name - conhost.exe Process ID - 8656 [12-07-2023 04:20:55] Process Exited: Process Name - w3wp.exe Process ID - 14072 Web application pool name - kdbps.edu.in [12-07-2023 04:21:03] New process found: Process Name - w3wp.exe Process ID - 14112 Process Identity - IIS APPPOOL\kdbps.edu.in Web application pool name - kdbps.edu.in [12-07-2023 04:21:12] New process found: Process Name - conhost.exe Process ID - 15208 Process Identity - IIS APPPOOL\kdbps.edu.in [12-07-2023 04:22:03] Process Exited: Process Name - w3wp.exe Process ID - 13432 Web application pool name - DefaultAppPool [12-07-2023 04:22:11] New process found: Process Name - w3wp.exe Process ID - 14784 Process Identity - KSHITIJSINGHAL-\IWPD_74(suryafla_aw) Web application pool name - suryaflame.com(domain)(4.0)(pool) [12-07-2023 04:22:11] New process found: Process Name - conhost.exe Process ID - 4212 Process Identity - KSHITIJSINGHAL-\IWPD_74(suryafla_aw) [12-07-2023 04:22:15] New process found: Process Name - w3wp.exe Process ID - 8600 Process Identity - KSHITIJSINGHAL-\IWPD_6(cies) Web application pool name - cies.org.in(domain)(4.0)(pool) [12-07-2023 04:22:20] Process Exited: Process Name - w3wp.exe Process ID - 5664 Web application pool name - adminportal.cies.org.in(domain)(4.0)(pool) [12-07-2023 04:23:42] Process Exited: Process Name - conhost.exe Process ID - 6220 [12-07-2023 04:23:42] Process Exited: Process Name - w3wp.exe Process ID - 10828 Web application pool name - procurementwebnew.acwits.in(domain)(4.0)(pool) [12-07-2023 04:25:00] New process found: Process Name - cmd.exe Process ID - 15680 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:25:00] New process found: Process Name - conhost.exe Process ID - 10380 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:25:00] New process found: Process Name - runtask.exe Process ID - 8780 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:25:00] New process found: Process Name - php.exe Process ID - 11180 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 04:25:00] New process found: Process Name - conhost.exe Process ID - 6248 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 04:25:08] Process Exited: Process Name - conhost.exe Process ID - 6248 [12-07-2023 04:25:08] Process Exited: Process Name - runtask.exe Process ID - 8780 [12-07-2023 04:25:08] Process Exited: Process Name - conhost.exe Process ID - 10380 [12-07-2023 04:25:08] Process Exited: Process Name - php.exe Process ID - 11180 [12-07-2023 04:25:08] Process Exited: Process Name - cmd.exe Process ID - 15680 [12-07-2023 04:25:10] New process found: Process Name - w3wp.exe Process ID - 12788 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 04:25:10] Process Exited: Process Name - w3wp.exe Process ID - 15056 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 04:25:28] New process found: Process Name - w3wp.exe Process ID - 11404 Process Identity - KSHITIJSINGHAL-\IWPD_13(perfectbrea) Web application pool name - perfectbread.com(domain)(4.0)(pool) [12-07-2023 04:25:38] New process found: Process Name - conhost.exe Process ID - 14828 Process Identity - KSHITIJSINGHAL-\IWPD_13(perfectbrea) [12-07-2023 04:26:39] New process found: Process Name - w3wp.exe Process ID - 136 Process Identity - KSHITIJSINGHAL-\IWPD_33(acwits) Web application pool name - procurementwebnew.acwits.in(domain)(4.0)(pool) [12-07-2023 04:26:39] New process found: Process Name - where.exe Process ID - 9920 Process Identity - KSHITIJSINGHAL-\IWPD_33(acwits) [12-07-2023 04:26:39] New process found: Process Name - conhost.exe Process ID - 14676 Process Identity - KSHITIJSINGHAL-\IWPD_33(acwits) [12-07-2023 04:26:40] New process found: Process Name - conhost.exe Process ID - 13380 Process Identity - KSHITIJSINGHAL-\IWPD_33(acwits) [12-07-2023 04:26:40] Process Exited: Process Name - where.exe Process ID - 9920 [12-07-2023 04:26:40] Process Exited: Process Name - conhost.exe Process ID - 14676 [12-07-2023 04:27:47] New process found: Process Name - w3wp.exe Process ID - 13020 Process Identity - KSHITIJSINGHAL-\IWPD_65(acwits) Web application pool name - 20fpsadmin.acwits.in(domain)(4.0)(pool) [12-07-2023 04:27:47] New process found: Process Name - w3wp.exe Process ID - 13512 Process Identity - KSHITIJSINGHAL-\IWPD_66(acwits) Web application pool name - 20fpsweb.acwits.in(domain)(4.0)(pool) [12-07-2023 04:28:16] Process Exited: Process Name - w3wp.exe Process ID - 8600 Web application pool name - cies.org.in(domain)(4.0)(pool) [12-07-2023 04:28:22] New process found: Process Name - w3wp.exe Process ID - 6276 Process Identity - KSHITIJSINGHAL-\IWPD_6(cies) Web application pool name - cies.org.in(domain)(4.0)(pool) [12-07-2023 04:28:54] New process found: Process Name - WmiPrvSE.exe Process ID - 13620 Process Identity - NT AUTHORITY\LOCAL SERVICE [12-07-2023 04:29:01] New process found: Process Name - WmiPrvSE.exe Process ID - 13980 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:29:13] Process Exited: Process Name - conhost.exe Process ID - 4212 [12-07-2023 04:29:13] Process Exited: Process Name - w3wp.exe Process ID - 14784 Web application pool name - suryaflame.com(domain)(4.0)(pool) [12-07-2023 04:29:22] Process Exited: Process Name - w3wp.exe Process ID - 8852 Web application pool name - galaxytools.in [12-07-2023 04:30:12] New process found: Process Name - w3wp.exe Process ID - 11116 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 04:30:12] Process Exited: Process Name - w3wp.exe Process ID - 12788 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 04:30:25] Process Exited: Process Name - WmiPrvSE.exe Process ID - 13620 [12-07-2023 04:30:25] Process Exited: Process Name - WmiPrvSE.exe Process ID - 13980 [12-07-2023 04:30:59] New process found: Process Name - w3wp.exe Process ID - 15752 Process Identity - KSHITIJSINGHAL-\IWPD_38(capitalbook) Web application pool name - capitalbooks-publishing.com(domain)(4.0)(pool) [12-07-2023 04:31:31] Process Exited: Process Name - w3wp.exe Process ID - 11404 Web application pool name - perfectbread.com(domain)(4.0)(pool) [12-07-2023 04:31:31] Process Exited: Process Name - conhost.exe Process ID - 14828 [12-07-2023 04:32:34] New process found: Process Name - SearchProtocolHost.exe Process ID - 11080 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:32:34] New process found: Process Name - SearchFilterHost.exe Process ID - 1104 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:32:42] Process Exited: Process Name - w3wp.exe Process ID - 136 Web application pool name - procurementwebnew.acwits.in(domain)(4.0)(pool) [12-07-2023 04:32:42] Process Exited: Process Name - conhost.exe Process ID - 13380 [12-07-2023 04:34:47] Process Exited: Process Name - SearchFilterHost.exe Process ID - 1104 [12-07-2023 04:34:47] Process Exited: Process Name - SearchProtocolHost.exe Process ID - 11080 [12-07-2023 04:34:49] Process Exited: Process Name - w3wp.exe Process ID - 13020 Web application pool name - 20fpsadmin.acwits.in(domain)(4.0)(pool) [12-07-2023 04:34:49] Process Exited: Process Name - w3wp.exe Process ID - 13512 Web application pool name - 20fpsweb.acwits.in(domain)(4.0)(pool) [12-07-2023 04:35:12] New process found: Process Name - w3wp.exe Process ID - 7532 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 04:35:12] Process Exited: Process Name - w3wp.exe Process ID - 11116 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 04:35:35] New process found: Process Name - w3wp.exe Process ID - 11072 Process Identity - IIS APPPOOL\galaxytools.in Web application pool name - galaxytools.in [12-07-2023 04:36:00] New process found: Process Name - cmd.exe Process ID - 14712 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:36:00] New process found: Process Name - conhost.exe Process ID - 14000 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:36:00] New process found: Process Name - runtask.exe Process ID - 15580 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:36:00] New process found: Process Name - php.exe Process ID - 9436 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 04:36:00] New process found: Process Name - conhost.exe Process ID - 14656 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 04:36:01] New process found: Process Name - cmd.exe Process ID - 15012 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 04:36:01] New process found: Process Name - php.exe Process ID - 14628 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 04:36:01] New process found: Process Name - ai.exe Process ID - 4068 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:36:01] New process found: Process Name - conhost.exe Process ID - 5484 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:36:13] New process found: Process Name - ai.exe Process ID - 7164 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:36:13] New process found: Process Name - conhost.exe Process ID - 8896 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:36:13] Process Exited: Process Name - ai.exe Process ID - 4068 [12-07-2023 04:36:13] Process Exited: Process Name - conhost.exe Process ID - 5484 [12-07-2023 04:36:24] New process found: Process Name - cmd.exe Process ID - 9388 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 04:36:24] New process found: Process Name - php.exe Process ID - 640 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 04:36:24] Process Exited: Process Name - ai.exe Process ID - 7164 [12-07-2023 04:36:24] Process Exited: Process Name - conhost.exe Process ID - 8896 [12-07-2023 04:36:24] Process Exited: Process Name - php.exe Process ID - 14628 [12-07-2023 04:36:24] Process Exited: Process Name - cmd.exe Process ID - 15012 [12-07-2023 04:36:25] New process found: Process Name - cmd.exe Process ID - 8900 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 04:36:25] New process found: Process Name - php.exe Process ID - 11292 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 04:36:25] Process Exited: Process Name - php.exe Process ID - 640 [12-07-2023 04:36:25] Process Exited: Process Name - cmd.exe Process ID - 9388 [12-07-2023 04:36:28] New process found: Process Name - cmd.exe Process ID - 2292 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 04:36:28] New process found: Process Name - php.exe Process ID - 12852 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 04:36:28] New process found: Process Name - cmd.exe Process ID - 12668 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 04:36:28] New process found: Process Name - php.exe Process ID - 11824 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 04:36:28] Process Exited: Process Name - cmd.exe Process ID - 8900 [12-07-2023 04:36:28] Process Exited: Process Name - php.exe Process ID - 11292 [12-07-2023 04:36:31] New process found: Process Name - websrvmng.exe Process ID - 15516 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:36:31] New process found: Process Name - conhost.exe Process ID - 11412 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:36:33] Process Exited: Process Name - conhost.exe Process ID - 11412 [12-07-2023 04:36:33] Process Exited: Process Name - websrvmng.exe Process ID - 15516 [12-07-2023 04:36:34] New process found: Process Name - filemng.exe Process ID - 15744 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:36:34] New process found: Process Name - conhost.exe Process ID - 15688 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:36:39] New process found: Process Name - filemng.exe Process ID - 11700 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:36:39] New process found: Process Name - conhost.exe Process ID - 14200 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:36:39] Process Exited: Process Name - conhost.exe Process ID - 15688 [12-07-2023 04:36:39] Process Exited: Process Name - filemng.exe Process ID - 15744 [12-07-2023 04:36:40] New process found: Process Name - filemng.exe Process ID - 5800 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:36:40] New process found: Process Name - conhost.exe Process ID - 12436 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:36:40] Process Exited: Process Name - filemng.exe Process ID - 11700 [12-07-2023 04:36:40] Process Exited: Process Name - conhost.exe Process ID - 14200 [12-07-2023 04:36:41] New process found: Process Name - filemng.exe Process ID - 10620 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:36:41] New process found: Process Name - conhost.exe Process ID - 9360 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:36:41] Process Exited: Process Name - filemng.exe Process ID - 5800 [12-07-2023 04:36:41] Process Exited: Process Name - conhost.exe Process ID - 12436 [12-07-2023 04:36:42] New process found: Process Name - filemng.exe Process ID - 5352 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:36:42] New process found: Process Name - conhost.exe Process ID - 5112 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:36:42] Process Exited: Process Name - conhost.exe Process ID - 9360 [12-07-2023 04:36:42] Process Exited: Process Name - filemng.exe Process ID - 10620 [12-07-2023 04:36:43] Process Exited: Process Name - conhost.exe Process ID - 5112 [12-07-2023 04:36:43] Process Exited: Process Name - filemng.exe Process ID - 5352 [12-07-2023 04:36:44] New process found: Process Name - cmd.exe Process ID - 15260 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 04:36:44] New process found: Process Name - php.exe Process ID - 9156 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 04:36:44] Process Exited: Process Name - php.exe Process ID - 11824 [12-07-2023 04:36:44] Process Exited: Process Name - cmd.exe Process ID - 12668 [12-07-2023 04:36:45] New process found: Process Name - cmd.exe Process ID - 13892 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 04:36:45] New process found: Process Name - php.exe Process ID - 13464 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 04:36:45] Process Exited: Process Name - php.exe Process ID - 9156 [12-07-2023 04:36:45] Process Exited: Process Name - cmd.exe Process ID - 15260 [12-07-2023 04:36:46] New process found: Process Name - cmd.exe Process ID - 12296 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 04:36:46] New process found: Process Name - python.exe Process ID - 7292 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 04:36:57] New process found: Process Name - cmd.exe Process ID - 11016 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 04:36:57] New process found: Process Name - php.exe Process ID - 11568 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 04:36:57] New process found: Process Name - cmd.exe Process ID - 14264 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 04:36:57] New process found: Process Name - extension.exe Process ID - 13348 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 04:36:57] Process Exited: Process Name - python.exe Process ID - 7292 [12-07-2023 04:36:57] Process Exited: Process Name - cmd.exe Process ID - 12296 [12-07-2023 04:36:57] Process Exited: Process Name - php.exe Process ID - 13464 [12-07-2023 04:36:57] Process Exited: Process Name - cmd.exe Process ID - 13892 [12-07-2023 04:36:58] New process found: Process Name - cmd.exe Process ID - 10156 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 04:36:58] New process found: Process Name - php.exe Process ID - 9164 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 04:36:58] Process Exited: Process Name - cmd.exe Process ID - 11016 [12-07-2023 04:36:58] Process Exited: Process Name - php.exe Process ID - 11568 [12-07-2023 04:36:58] Process Exited: Process Name - extension.exe Process ID - 13348 [12-07-2023 04:36:58] Process Exited: Process Name - cmd.exe Process ID - 14264 [12-07-2023 04:36:59] New process found: Process Name - cmd.exe Process ID - 12324 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 04:36:59] New process found: Process Name - php.exe Process ID - 12008 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 04:36:59] Process Exited: Process Name - php.exe Process ID - 9164 [12-07-2023 04:36:59] Process Exited: Process Name - cmd.exe Process ID - 10156 [12-07-2023 04:37:00] New process found: Process Name - cmd.exe Process ID - 14116 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 04:37:00] New process found: Process Name - php.exe Process ID - 12216 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 04:37:00] Process Exited: Process Name - php.exe Process ID - 12008 [12-07-2023 04:37:00] Process Exited: Process Name - cmd.exe Process ID - 12324 [12-07-2023 04:37:01] New process found: Process Name - filemng.exe Process ID - 14664 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:37:01] New process found: Process Name - conhost.exe Process ID - 4972 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:37:07] New process found: Process Name - filemng.exe Process ID - 7624 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:37:07] New process found: Process Name - conhost.exe Process ID - 14360 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:37:07] Process Exited: Process Name - conhost.exe Process ID - 4972 [12-07-2023 04:37:07] Process Exited: Process Name - filemng.exe Process ID - 14664 [12-07-2023 04:37:08] New process found: Process Name - filemng.exe Process ID - 14832 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:37:08] New process found: Process Name - conhost.exe Process ID - 10712 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:37:08] Process Exited: Process Name - filemng.exe Process ID - 7624 [12-07-2023 04:37:08] Process Exited: Process Name - conhost.exe Process ID - 14360 [12-07-2023 04:37:09] New process found: Process Name - filemng.exe Process ID - 13640 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:37:09] New process found: Process Name - conhost.exe Process ID - 12788 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:37:09] Process Exited: Process Name - conhost.exe Process ID - 10712 [12-07-2023 04:37:09] Process Exited: Process Name - filemng.exe Process ID - 14832 [12-07-2023 04:37:10] Process Exited: Process Name - conhost.exe Process ID - 12788 [12-07-2023 04:37:10] Process Exited: Process Name - filemng.exe Process ID - 13640 [12-07-2023 04:37:11] New process found: Process Name - cmd.exe Process ID - 4728 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 04:37:11] New process found: Process Name - php.exe Process ID - 412 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 04:37:11] Process Exited: Process Name - php.exe Process ID - 12216 [12-07-2023 04:37:11] Process Exited: Process Name - cmd.exe Process ID - 14116 [12-07-2023 04:37:12] New process found: Process Name - cmd.exe Process ID - 11928 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 04:37:12] New process found: Process Name - php.exe Process ID - 16200 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 04:37:12] Process Exited: Process Name - php.exe Process ID - 412 [12-07-2023 04:37:12] Process Exited: Process Name - cmd.exe Process ID - 2292 [12-07-2023 04:37:12] Process Exited: Process Name - cmd.exe Process ID - 4728 [12-07-2023 04:37:12] Process Exited: Process Name - php.exe Process ID - 12852 [12-07-2023 04:37:13] New process found: Process Name - cmd.exe Process ID - 13808 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 04:37:13] New process found: Process Name - php.exe Process ID - 8528 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 04:37:13] New process found: Process Name - mailmng.exe Process ID - 14960 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:37:13] New process found: Process Name - conhost.exe Process ID - 11152 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:37:13] Process Exited: Process Name - cmd.exe Process ID - 11928 [12-07-2023 04:37:13] Process Exited: Process Name - php.exe Process ID - 16200 [12-07-2023 04:37:14] New process found: Process Name - cmd.exe Process ID - 9932 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 04:37:14] New process found: Process Name - php.exe Process ID - 5348 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 04:37:14] Process Exited: Process Name - php.exe Process ID - 8528 [12-07-2023 04:37:14] Process Exited: Process Name - conhost.exe Process ID - 11152 [12-07-2023 04:37:14] Process Exited: Process Name - cmd.exe Process ID - 13808 [12-07-2023 04:37:14] Process Exited: Process Name - mailmng.exe Process ID - 14960 [12-07-2023 04:37:15] New process found: Process Name - statistics.exe Process ID - 2700 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:37:15] New process found: Process Name - conhost.exe Process ID - 15792 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:37:15] New process found: Process Name - php.exe Process ID - 14492 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:37:16] New process found: Process Name - statistics_collector.exe Process ID - 8500 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:37:16] New process found: Process Name - conhost.exe Process ID - 10320 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:37:16] New process found: Process Name - websrvmng.exe Process ID - 7948 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:37:16] New process found: Process Name - conhost.exe Process ID - 15848 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:37:17] Process Exited: Process Name - websrvmng.exe Process ID - 7948 [12-07-2023 04:37:17] Process Exited: Process Name - conhost.exe Process ID - 15848 [12-07-2023 04:37:50] New process found: Process Name - w3wp.exe Process ID - 4724 Process Identity - KSHITIJSINGHAL-\IWPD_74(suryafla_aw) Web application pool name - suryaflame.com(domain)(4.0)(pool) [12-07-2023 04:37:50] New process found: Process Name - conhost.exe Process ID - 16248 Process Identity - KSHITIJSINGHAL-\IWPD_74(suryafla_aw) [12-07-2023 04:37:59] Process Exited: Process Name - statistics_collector.exe Process ID - 8500 [12-07-2023 04:37:59] Process Exited: Process Name - conhost.exe Process ID - 10320 [12-07-2023 04:38:00] New process found: Process Name - cmd.exe Process ID - 14372 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 04:38:00] New process found: Process Name - php.exe Process ID - 11888 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 04:38:00] Process Exited: Process Name - statistics.exe Process ID - 2700 [12-07-2023 04:38:00] Process Exited: Process Name - php.exe Process ID - 5348 [12-07-2023 04:38:00] Process Exited: Process Name - cmd.exe Process ID - 9932 [12-07-2023 04:38:00] Process Exited: Process Name - php.exe Process ID - 14492 [12-07-2023 04:38:00] Process Exited: Process Name - conhost.exe Process ID - 15792 [12-07-2023 04:38:02] New process found: Process Name - task-manager-agent.exe Process ID - 6092 Process Identity - NT SERVICE\PleskTaskManager [12-07-2023 04:38:02] New process found: Process Name - php.exe Process ID - 14560 Process Identity - NT SERVICE\PleskTaskManager [12-07-2023 04:38:02] New process found: Process Name - conhost.exe Process ID - 6668 Process Identity - NT SERVICE\PleskTaskManager [12-07-2023 04:38:02] New process found: Process Name - cmd.exe Process ID - 1676 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 04:38:02] New process found: Process Name - php.exe Process ID - 136 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 04:38:02] New process found: Process Name - filemng.exe Process ID - 12316 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:38:02] New process found: Process Name - conhost.exe Process ID - 14884 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:38:02] Process Exited: Process Name - php.exe Process ID - 11888 [12-07-2023 04:38:02] Process Exited: Process Name - cmd.exe Process ID - 14372 [12-07-2023 04:38:03] New process found: Process Name - cmd.exe Process ID - 16244 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 04:38:03] New process found: Process Name - php.exe Process ID - 14908 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 04:38:03] New process found: Process Name - cmd.exe Process ID - 7716 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 04:38:03] New process found: Process Name - php.exe Process ID - 6268 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 04:38:03] Process Exited: Process Name - php.exe Process ID - 136 [12-07-2023 04:38:03] Process Exited: Process Name - cmd.exe Process ID - 1676 [12-07-2023 04:38:03] Process Exited: Process Name - task-manager-agent.exe Process ID - 6092 [12-07-2023 04:38:03] Process Exited: Process Name - conhost.exe Process ID - 6668 [12-07-2023 04:38:03] Process Exited: Process Name - filemng.exe Process ID - 12316 [12-07-2023 04:38:03] Process Exited: Process Name - php.exe Process ID - 14560 [12-07-2023 04:38:03] Process Exited: Process Name - conhost.exe Process ID - 14884 [12-07-2023 04:38:04] New process found: Process Name - cmd.exe Process ID - 2808 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 04:38:04] New process found: Process Name - php.exe Process ID - 13716 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 04:38:04] New process found: Process Name - cmd.exe Process ID - 12128 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 04:38:04] New process found: Process Name - php.exe Process ID - 10880 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 04:38:04] Process Exited: Process Name - php.exe Process ID - 6268 [12-07-2023 04:38:04] Process Exited: Process Name - cmd.exe Process ID - 7716 [12-07-2023 04:38:04] Process Exited: Process Name - php.exe Process ID - 14908 [12-07-2023 04:38:04] Process Exited: Process Name - cmd.exe Process ID - 16244 [12-07-2023 04:38:05] New process found: Process Name - task-manager-agent.exe Process ID - 13420 Process Identity - NT SERVICE\PleskTaskManager [12-07-2023 04:38:05] New process found: Process Name - interface_async_executor.exe Process ID - 10004 Process Identity - NT SERVICE\PleskTaskManager [12-07-2023 04:38:05] New process found: Process Name - conhost.exe Process ID - 15820 Process Identity - NT SERVICE\PleskTaskManager [12-07-2023 04:38:05] New process found: Process Name - php.exe Process ID - 3988 Process Identity - NT SERVICE\PleskTaskManager [12-07-2023 04:38:06] Process Exited: Process Name - php.exe Process ID - 3988 [12-07-2023 04:38:06] Process Exited: Process Name - interface_async_executor.exe Process ID - 10004 [12-07-2023 04:38:06] Process Exited: Process Name - php.exe Process ID - 10880 [12-07-2023 04:38:06] Process Exited: Process Name - cmd.exe Process ID - 12128 [12-07-2023 04:38:06] Process Exited: Process Name - task-manager-agent.exe Process ID - 13420 [12-07-2023 04:38:06] Process Exited: Process Name - conhost.exe Process ID - 15820 [12-07-2023 04:38:07] New process found: Process Name - cmd.exe Process ID - 15828 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 04:38:07] New process found: Process Name - php.exe Process ID - 6968 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 04:38:07] Process Exited: Process Name - cmd.exe Process ID - 2808 [12-07-2023 04:38:07] Process Exited: Process Name - php.exe Process ID - 13716 [12-07-2023 04:38:10] New process found: Process Name - task-manager-agent.exe Process ID - 6800 Process Identity - NT SERVICE\PleskTaskManager [12-07-2023 04:38:10] New process found: Process Name - php.exe Process ID - 15720 Process Identity - NT SERVICE\PleskTaskManager [12-07-2023 04:38:10] New process found: Process Name - conhost.exe Process ID - 15212 Process Identity - NT SERVICE\PleskTaskManager [12-07-2023 04:38:10] New process found: Process Name - cmd.exe Process ID - 10588 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 04:38:10] New process found: Process Name - php.exe Process ID - 5640 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 04:38:10] New process found: Process Name - cmd.exe Process ID - 15312 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 04:38:10] New process found: Process Name - php.exe Process ID - 9952 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 04:38:10] Process Exited: Process Name - php.exe Process ID - 6968 [12-07-2023 04:38:10] Process Exited: Process Name - cmd.exe Process ID - 15828 [12-07-2023 04:38:11] New process found: Process Name - cmd.exe Process ID - 2384 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 04:38:11] New process found: Process Name - php.exe Process ID - 15336 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 04:38:11] Process Exited: Process Name - php.exe Process ID - 5640 [12-07-2023 04:38:11] Process Exited: Process Name - task-manager-agent.exe Process ID - 6800 [12-07-2023 04:38:11] Process Exited: Process Name - php.exe Process ID - 9952 [12-07-2023 04:38:11] Process Exited: Process Name - cmd.exe Process ID - 10588 [12-07-2023 04:38:11] Process Exited: Process Name - conhost.exe Process ID - 15212 [12-07-2023 04:38:11] Process Exited: Process Name - cmd.exe Process ID - 15312 [12-07-2023 04:38:11] Process Exited: Process Name - php.exe Process ID - 15720 [12-07-2023 04:38:12] New process found: Process Name - cmd.exe Process ID - 4048 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 04:38:12] Process Exited: Process Name - cmd.exe Process ID - 2384 [12-07-2023 04:38:12] Process Exited: Process Name - php.exe Process ID - 15336 [12-07-2023 04:38:13] New process found: Process Name - cmd.exe Process ID - 7216 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 04:38:13] New process found: Process Name - php.exe Process ID - 10096 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 04:38:13] Process Exited: Process Name - cmd.exe Process ID - 4048 [12-07-2023 04:38:24] Process Exited: Process Name - w3wp.exe Process ID - 6276 Web application pool name - cies.org.in(domain)(4.0)(pool) [12-07-2023 04:38:36] New process found: Process Name - w3wp.exe Process ID - 6972 Process Identity - KSHITIJSINGHAL-\IWPD_13(perfectbrea) Web application pool name - perfectbread.com(domain)(4.0)(pool) [12-07-2023 04:38:36] New process found: Process Name - conhost.exe Process ID - 16088 Process Identity - KSHITIJSINGHAL-\IWPD_13(perfectbrea) [12-07-2023 04:38:45] New process found: Process Name - w3wp.exe Process ID - 13024 Process Identity - IIS APPPOOL\DefaultAppPool Web application pool name - DefaultAppPool [12-07-2023 04:38:48] Process Exited: Process Name - php-cgi.exe Process ID - 14952 [12-07-2023 04:38:49] Process Exited: Process Name - w3wp.exe Process ID - 12640 Web application pool name - PleskControlPanel [12-07-2023 04:38:55] New process found: Process Name - WmiPrvSE.exe Process ID - 11604 Process Identity - NT AUTHORITY\LOCAL SERVICE [12-07-2023 04:39:01] New process found: Process Name - cmd.exe Process ID - 10576 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:39:01] New process found: Process Name - conhost.exe Process ID - 15652 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:39:01] New process found: Process Name - runtask.exe Process ID - 7816 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:39:01] New process found: Process Name - php.exe Process ID - 13596 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 04:39:01] New process found: Process Name - conhost.exe Process ID - 10720 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 04:39:01] New process found: Process Name - cmd.exe Process ID - 11812 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 04:39:01] New process found: Process Name - php.exe Process ID - 2088 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 04:39:02] New process found: Process Name - WmiPrvSE.exe Process ID - 12284 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:39:02] New process found: Process Name - cmd.exe Process ID - 7736 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 04:39:02] New process found: Process Name - php.exe Process ID - 13372 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 04:39:02] Process Exited: Process Name - php.exe Process ID - 2088 [12-07-2023 04:39:02] Process Exited: Process Name - cmd.exe Process ID - 11812 [12-07-2023 04:39:03] New process found: Process Name - ai.exe Process ID - 12172 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:39:03] New process found: Process Name - conhost.exe Process ID - 16060 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:39:03] Process Exited: Process Name - cmd.exe Process ID - 7736 [12-07-2023 04:39:03] Process Exited: Process Name - runtask.exe Process ID - 7816 [12-07-2023 04:39:03] Process Exited: Process Name - cmd.exe Process ID - 10576 [12-07-2023 04:39:03] Process Exited: Process Name - conhost.exe Process ID - 10720 [12-07-2023 04:39:03] Process Exited: Process Name - php.exe Process ID - 13372 [12-07-2023 04:39:03] Process Exited: Process Name - php.exe Process ID - 13596 [12-07-2023 04:39:03] Process Exited: Process Name - conhost.exe Process ID - 15652 [12-07-2023 04:39:11] New process found: Process Name - cmd.exe Process ID - 11500 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 04:39:11] New process found: Process Name - php.exe Process ID - 11740 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 04:39:11] Process Exited: Process Name - cmd.exe Process ID - 7216 [12-07-2023 04:39:11] Process Exited: Process Name - php.exe Process ID - 10096 [12-07-2023 04:39:12] New process found: Process Name - cmd.exe Process ID - 13976 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 04:39:12] New process found: Process Name - php.exe Process ID - 4212 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 04:39:12] Process Exited: Process Name - cmd.exe Process ID - 11500 [12-07-2023 04:39:12] Process Exited: Process Name - php.exe Process ID - 11740 [12-07-2023 04:39:13] New process found: Process Name - cmd.exe Process ID - 4180 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 04:39:13] New process found: Process Name - php.exe Process ID - 2652 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 04:39:13] Process Exited: Process Name - php.exe Process ID - 4212 [12-07-2023 04:39:13] Process Exited: Process Name - cmd.exe Process ID - 13976 [12-07-2023 04:39:14] New process found: Process Name - plesk_installer_Microsoft_10.0_x86_64_3.53.1.exe Process ID - 14152 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:39:20] New process found: Process Name - cmd.exe Process ID - 10712 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 04:39:20] New process found: Process Name - php.exe Process ID - 7952 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 04:39:20] Process Exited: Process Name - php.exe Process ID - 2652 [12-07-2023 04:39:20] Process Exited: Process Name - cmd.exe Process ID - 4180 [12-07-2023 04:39:21] Process Exited: Process Name - php.exe Process ID - 7952 [12-07-2023 04:39:21] Process Exited: Process Name - php.exe Process ID - 9436 [12-07-2023 04:39:21] Process Exited: Process Name - cmd.exe Process ID - 10712 [12-07-2023 04:39:21] Process Exited: Process Name - conhost.exe Process ID - 14000 [12-07-2023 04:39:21] Process Exited: Process Name - conhost.exe Process ID - 14656 [12-07-2023 04:39:21] Process Exited: Process Name - cmd.exe Process ID - 14712 [12-07-2023 04:39:21] Process Exited: Process Name - runtask.exe Process ID - 15580 [12-07-2023 04:39:25] New process found: Process Name - cmd.exe Process ID - 12024 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:39:26] Process Exited: Process Name - cmd.exe Process ID - 12024 [12-07-2023 04:39:29] New process found: Process Name - cmd.exe Process ID - 5644 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:39:29] New process found: Process Name - examine_launcher.exe Process ID - 7000 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:39:29] New process found: Process Name - php.exe Process ID - 11488 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:39:29] New process found: Process Name - cmd.exe Process ID - 14668 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:39:30] New process found: Process Name - cmd.exe Process ID - 15780 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:39:30] Process Exited: Process Name - cmd.exe Process ID - 14668 [12-07-2023 04:39:31] New process found: Process Name - cmd.exe Process ID - 10312 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:39:31] Process Exited: Process Name - cmd.exe Process ID - 15780 [12-07-2023 04:39:32] Process Exited: Process Name - cmd.exe Process ID - 5644 [12-07-2023 04:39:32] Process Exited: Process Name - examine_launcher.exe Process ID - 7000 [12-07-2023 04:39:32] Process Exited: Process Name - cmd.exe Process ID - 10312 [12-07-2023 04:39:32] Process Exited: Process Name - php.exe Process ID - 11488 [12-07-2023 04:39:36] New process found: Process Name - w3wp.exe Process ID - 7696 Process Identity - KSHITIJSINGHAL-\IWPD_80(acwits) Web application pool name - pharmacy.acwits.in(domain)(4.0)(pool) [12-07-2023 04:39:36] New process found: Process Name - conhost.exe Process ID - 12888 Process Identity - KSHITIJSINGHAL-\IWPD_80(acwits) [12-07-2023 04:40:14] New process found: Process Name - w3wp.exe Process ID - 3136 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 04:40:14] Process Exited: Process Name - w3wp.exe Process ID - 7532 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 04:40:25] Process Exited: Process Name - WmiPrvSE.exe Process ID - 11604 [12-07-2023 04:40:25] Process Exited: Process Name - WmiPrvSE.exe Process ID - 12284 [12-07-2023 04:41:01] Process Exited: Process Name - w3wp.exe Process ID - 15752 Web application pool name - capitalbooks-publishing.com(domain)(4.0)(pool) [12-07-2023 04:41:38] Process Exited: Process Name - w3wp.exe Process ID - 11072 Web application pool name - galaxytools.in [12-07-2023 04:41:53] New process found: Process Name - w3wp.exe Process ID - 13244 Process Identity - KSHITIJSINGHAL-\IWPD_76(organicdisr) Web application pool name - organicdisruption.org(domain)(4.0)(pool) [12-07-2023 04:42:26] New process found: Process Name - msiexec.exe Process ID - 11968 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:42:26] Service state changed: Service Name - msiserver Process ID - 11968 Current State - SERVICE_RUNNING [12-07-2023 04:42:27] New process found: Process Name - cmd.exe Process ID - 12328 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:42:27] New process found: Process Name - pleskstartuphandler.exe Process ID - 12196 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:42:27] Service state changed: Service Name - WdiSystemHost Process ID - 284 Current State - SERVICE_RUNNING [12-07-2023 04:42:29] New process found: Process Name - SearchProtocolHost.exe Process ID - 11720 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:42:29] New process found: Process Name - SearchFilterHost.exe Process ID - 9080 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:42:29] Process Exited: Process Name - nssm.exe Process ID - 6872 [12-07-2023 04:42:29] Process Exited: Process Name - conhost.exe Process ID - 9140 [12-07-2023 04:42:29] Process Exited: Process Name - task-manager.exe Process ID - 9404 [12-07-2023 04:42:29] Process Exited: Process Name - pleskstartuphandler.exe Process ID - 12196 [12-07-2023 04:42:29] Process Exited: Process Name - cmd.exe Process ID - 12328 [12-07-2023 04:42:29] Service state changed: Service Name - PleskTaskManager Process ID - 0 Current State - SERVICE_STOPPED [12-07-2023 04:42:30] Process Exited: Process Name - conhost.exe Process ID - 516 [12-07-2023 04:42:30] Process Exited: Process Name - nssm.exe Process ID - 9520 [12-07-2023 04:42:30] Process Exited: Process Name - php.exe Process ID - 9812 [12-07-2023 04:42:30] Service state changed: Service Name - PleskWebSocket Process ID - 0 Current State - SERVICE_STOPPED [12-07-2023 04:42:34] New process found: Process Name - msiexec.exe Process ID - 444 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:42:36] Process Exited: Process Name - PopPassD.exe Process ID - 2528 [12-07-2023 04:42:36] Service state changed: Service Name - plesksrv Process ID - 0 Current State - SERVICE_STOPPED [12-07-2023 04:42:36] Service state changed: Service Name - PopPassD Process ID - 0 Current State - SERVICE_STOPPED [12-07-2023 04:42:44] New process found: Process Name - msiexec.exe Process ID - 16084 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:42:45] New process found: Process Name - plesksrv.exe Process ID - 2724 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:42:45] Process Exited: Process Name - msiexec.exe Process ID - 16084 [12-07-2023 04:42:45] Service state changed: Service Name - plesksrv Process ID - 2724 Current State - SERVICE_RUNNING [12-07-2023 04:42:46] New process found: Process Name - PopPassD.exe Process ID - 14996 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:42:46] Service state changed: Service Name - PopPassD Process ID - 0 Current State - SERVICE_START_PENDING [12-07-2023 04:42:49] New process found: Process Name - cmd.exe Process ID - 13368 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:42:49] New process found: Process Name - ApplySecurity.exe Process ID - 5796 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:42:49] Process Exited: Process Name - msiexec.exe Process ID - 444 [12-07-2023 04:42:49] Service state changed: Service Name - PopPassD Process ID - 14996 Current State - SERVICE_RUNNING [12-07-2023 04:42:50] New process found: Process Name - cmd.exe Process ID - 10688 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:42:50] New process found: Process Name - ApplySecurity.exe Process ID - 2556 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:42:50] Process Exited: Process Name - ApplySecurity.exe Process ID - 5796 [12-07-2023 04:42:50] Process Exited: Process Name - cmd.exe Process ID - 13368 [12-07-2023 04:42:51] New process found: Process Name - cmd.exe Process ID - 692 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:42:51] New process found: Process Name - ApplySecurity.exe Process ID - 10720 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:42:51] Process Exited: Process Name - ApplySecurity.exe Process ID - 2556 [12-07-2023 04:42:51] Process Exited: Process Name - cmd.exe Process ID - 10688 [12-07-2023 04:42:52] New process found: Process Name - cmd.exe Process ID - 8836 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:42:52] Process Exited: Process Name - cmd.exe Process ID - 692 [12-07-2023 04:42:52] Process Exited: Process Name - ApplySecurity.exe Process ID - 10720 [12-07-2023 04:42:53] New process found: Process Name - dllhost.exe Process ID - 14948 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:42:53] New process found: Process Name - nssm.exe Process ID - 16100 Process Identity - NT SERVICE\PleskWebSocket [12-07-2023 04:42:53] New process found: Process Name - php.exe Process ID - 14776 Process Identity - NT SERVICE\PleskWebSocket [12-07-2023 04:42:53] New process found: Process Name - conhost.exe Process ID - 4252 Process Identity - NT SERVICE\PleskWebSocket [12-07-2023 04:42:53] Process Exited: Process Name - cmd.exe Process ID - 8836 [12-07-2023 04:42:53] Service state changed: Service Name - PleskWebSocket Process ID - 16100 Current State - SERVICE_START_PENDING [12-07-2023 04:42:55] New process found: Process Name - nssm.exe Process ID - 11944 Process Identity - NT SERVICE\PleskTaskManager [12-07-2023 04:42:55] New process found: Process Name - task-manager.exe Process ID - 11364 Process Identity - NT SERVICE\PleskTaskManager [12-07-2023 04:42:55] New process found: Process Name - conhost.exe Process ID - 14244 Process Identity - NT SERVICE\PleskTaskManager [12-07-2023 04:42:55] Service state changed: Service Name - PleskTaskManager Process ID - 11944 Current State - SERVICE_START_PENDING [12-07-2023 04:42:55] Service state changed: Service Name - PleskWebSocket Process ID - 16100 Current State - SERVICE_RUNNING [12-07-2023 04:42:57] Process Exited: Process Name - task-manager.exe Process ID - 11364 [12-07-2023 04:42:57] Process Exited: Process Name - nssm.exe Process ID - 11944 [12-07-2023 04:42:57] Process Exited: Process Name - conhost.exe Process ID - 14244 [12-07-2023 04:42:57] Service state changed: Service Name - PleskTaskManager Process ID - 0 Current State - SERVICE_STOPPED [12-07-2023 04:42:59] New process found: Process Name - cmd.exe Process ID - 12696 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:43:00] New process found: Process Name - defpackagemng.exe Process ID - 15048 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:43:00] Process Exited: Process Name - dllhost.exe Process ID - 14948 [12-07-2023 04:43:01] New process found: Process Name - ApplySecurity.exe Process ID - 7064 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:43:01] New process found: Process Name - conhost.exe Process ID - 14664 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:43:02] Process Exited: Process Name - ApplySecurity.exe Process ID - 7064 [12-07-2023 04:43:02] Process Exited: Process Name - conhost.exe Process ID - 14664 [12-07-2023 04:43:02] Service state changed: Service Name - PleskTaskManager Process ID - 0 Current State - SERVICE_START_PENDING [12-07-2023 04:43:03] New process found: Process Name - dllhost.exe Process ID - 14980 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:43:03] New process found: Process Name - nssm.exe Process ID - 14892 Process Identity - NT SERVICE\PleskTaskManager [12-07-2023 04:43:03] New process found: Process Name - task-manager.exe Process ID - 9076 Process Identity - NT SERVICE\PleskTaskManager [12-07-2023 04:43:03] New process found: Process Name - conhost.exe Process ID - 11036 Process Identity - NT SERVICE\PleskTaskManager [12-07-2023 04:43:05] New process found: Process Name - cmd.exe Process ID - 7784 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:43:05] New process found: Process Name - sshost.exe Process ID - 11900 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:43:05] New process found: Process Name - mysqldump.exe Process ID - 10520 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:43:05] New process found: Process Name - conhost.exe Process ID - 13980 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:43:05] Process Exited: Process Name - plesksrv.exe Process ID - 2520 [12-07-2023 04:43:05] Process Exited: Process Name - cmd.exe Process ID - 12696 [12-07-2023 04:43:05] Process Exited: Process Name - defpackagemng.exe Process ID - 15048 [12-07-2023 04:43:05] Service state changed: Service Name - PleskTaskManager Process ID - 14892 Current State - SERVICE_RUNNING [12-07-2023 04:43:08] Process Exited: Process Name - cmd.exe Process ID - 7784 [12-07-2023 04:43:08] Process Exited: Process Name - mysqldump.exe Process ID - 10520 [12-07-2023 04:43:08] Process Exited: Process Name - sshost.exe Process ID - 11900 [12-07-2023 04:43:08] Process Exited: Process Name - conhost.exe Process ID - 13980 [12-07-2023 04:43:08] Process Exited: Process Name - dllhost.exe Process ID - 14980 [12-07-2023 04:43:09] New process found: Process Name - msiexec.exe Process ID - 2356 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:43:10] Process Exited: Process Name - mysqld.exe Process ID - 4280 [12-07-2023 04:43:10] Service state changed: Service Name - PleskSQLServer Process ID - 0 Current State - SERVICE_STOPPED [12-07-2023 04:43:13] New process found: Process Name - ApplySecurity.exe Process ID - 9092 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:43:13] New process found: Process Name - conhost.exe Process ID - 14288 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:43:14] New process found: Process Name - ApplySecurity.exe Process ID - 12756 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:43:14] New process found: Process Name - conhost.exe Process ID - 9372 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:43:14] Process Exited: Process Name - ApplySecurity.exe Process ID - 9092 [12-07-2023 04:43:14] Process Exited: Process Name - conhost.exe Process ID - 14288 [12-07-2023 04:43:15] Process Exited: Process Name - conhost.exe Process ID - 9372 [12-07-2023 04:43:15] Process Exited: Process Name - ApplySecurity.exe Process ID - 12756 [12-07-2023 04:43:16] New process found: Process Name - mysqlmng_adm.exe Process ID - 10628 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:43:16] New process found: Process Name - conhost.exe Process ID - 1332 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:43:16] New process found: Process Name - dllhost.exe Process ID - 16364 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:43:16] New process found: Process Name - mysqld.exe Process ID - 6380 Process Identity - NT SERVICE\PleskSQLServer [12-07-2023 04:43:16] Service state changed: Service Name - PleskSQLServer Process ID - 0 Current State - SERVICE_START_PENDING [12-07-2023 04:43:20] New process found: Process Name - mysql_upgrade.exe Process ID - 2916 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:43:20] New process found: Process Name - conhost.exe Process ID - 12292 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:43:20] New process found: Process Name - cmd.exe Process ID - 11548 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:43:20] New process found: Process Name - mariadb-check.exe Process ID - 10604 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:43:20] Service state changed: Service Name - PleskSQLServer Process ID - 6380 Current State - SERVICE_RUNNING [12-07-2023 04:43:21] New process found: Process Name - cmd.exe Process ID - 10312 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:43:21] New process found: Process Name - mariadb.exe Process ID - 13668 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:43:21] Process Exited: Process Name - mariadb-check.exe Process ID - 10604 [12-07-2023 04:43:21] Process Exited: Process Name - cmd.exe Process ID - 11548 [12-07-2023 04:43:21] Process Exited: Process Name - dllhost.exe Process ID - 16364 [12-07-2023 04:43:22] New process found: Process Name - cmd.exe Process ID - 8500 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:43:22] New process found: Process Name - mariadb.exe Process ID - 10320 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:43:22] Process Exited: Process Name - cmd.exe Process ID - 10312 [12-07-2023 04:43:22] Process Exited: Process Name - mariadb.exe Process ID - 13668 [12-07-2023 04:43:26] Process Exited: Process Name - mysql_upgrade.exe Process ID - 2916 [12-07-2023 04:43:26] Process Exited: Process Name - mysqld.exe Process ID - 6380 [12-07-2023 04:43:26] Process Exited: Process Name - cmd.exe Process ID - 8500 [12-07-2023 04:43:26] Process Exited: Process Name - mariadb.exe Process ID - 10320 [12-07-2023 04:43:26] Process Exited: Process Name - conhost.exe Process ID - 12292 [12-07-2023 04:43:26] Service state changed: Service Name - PleskSQLServer Process ID - 0 Current State - SERVICE_STOPPED [12-07-2023 04:43:27] New process found: Process Name - dllhost.exe Process ID - 6160 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:43:27] New process found: Process Name - mysqld.exe Process ID - 5348 Process Identity - NT SERVICE\PleskSQLServer [12-07-2023 04:43:27] Service state changed: Service Name - PleskSQLServer Process ID - 5348 Current State - SERVICE_RUNNING [12-07-2023 04:43:28] New process found: Process Name - mysql_upgrade.exe Process ID - 7596 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:43:28] New process found: Process Name - conhost.exe Process ID - 10244 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:43:28] New process found: Process Name - cmd.exe Process ID - 11260 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:43:29] New process found: Process Name - cmd.exe Process ID - 15316 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:43:29] New process found: Process Name - mariadb.exe Process ID - 9360 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:43:29] Process Exited: Process Name - cmd.exe Process ID - 11260 [12-07-2023 04:43:30] New process found: Process Name - cmd.exe Process ID - 8368 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:43:30] New process found: Process Name - mariadb.exe Process ID - 5084 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:43:30] Process Exited: Process Name - mariadb.exe Process ID - 9360 [12-07-2023 04:43:30] Process Exited: Process Name - cmd.exe Process ID - 15316 [12-07-2023 04:43:32] Process Exited: Process Name - dllhost.exe Process ID - 6160 [12-07-2023 04:43:34] New process found: Process Name - cmd.exe Process ID - 10252 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:43:34] New process found: Process Name - mariadb-check.exe Process ID - 15396 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:43:34] Process Exited: Process Name - mariadb.exe Process ID - 5084 [12-07-2023 04:43:34] Process Exited: Process Name - cmd.exe Process ID - 8368 [12-07-2023 04:43:35] Process Exited: Process Name - mysqld.exe Process ID - 5348 [12-07-2023 04:43:35] Process Exited: Process Name - mysql_upgrade.exe Process ID - 7596 [12-07-2023 04:43:35] Process Exited: Process Name - conhost.exe Process ID - 10244 [12-07-2023 04:43:35] Process Exited: Process Name - cmd.exe Process ID - 10252 [12-07-2023 04:43:35] Process Exited: Process Name - mariadb-check.exe Process ID - 15396 [12-07-2023 04:43:35] Service state changed: Service Name - PleskSQLServer Process ID - 0 Current State - SERVICE_STOPPED [12-07-2023 04:43:36] New process found: Process Name - dllhost.exe Process ID - 14424 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:43:36] New process found: Process Name - mysqld.exe Process ID - 5996 Process Identity - NT SERVICE\PleskSQLServer [12-07-2023 04:43:36] Service state changed: Service Name - PleskSQLServer Process ID - 5996 Current State - SERVICE_START_PENDING [12-07-2023 04:43:37] Process Exited: Process Name - conhost.exe Process ID - 1332 [12-07-2023 04:43:37] Process Exited: Process Name - mysqlmng_adm.exe Process ID - 10628 [12-07-2023 04:43:37] Service state changed: Service Name - PleskSQLServer Process ID - 5996 Current State - SERVICE_RUNNING [12-07-2023 04:43:38] New process found: Process Name - msiexec.exe Process ID - 12148 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:43:38] Process Exited: Process Name - msiexec.exe Process ID - 2356 [12-07-2023 04:43:41] New process found: Process Name - cmd.exe Process ID - 1368 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:43:41] New process found: Process Name - websrvmng.exe Process ID - 10004 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:43:41] Process Exited: Process Name - msiexec.exe Process ID - 12148 [12-07-2023 04:43:41] Process Exited: Process Name - dllhost.exe Process ID - 14424 [12-07-2023 04:43:42] Process Exited: Process Name - cmd.exe Process ID - 1368 [12-07-2023 04:43:42] Process Exited: Process Name - conhost.exe Process ID - 4252 [12-07-2023 04:43:42] Process Exited: Process Name - websrvmng.exe Process ID - 10004 [12-07-2023 04:43:42] Process Exited: Process Name - php.exe Process ID - 14776 [12-07-2023 04:43:42] Process Exited: Process Name - nssm.exe Process ID - 16100 [12-07-2023 04:43:42] Service state changed: Service Name - PleskWebSocket Process ID - 0 Current State - SERVICE_STOPPED [12-07-2023 04:43:43] New process found: Process Name - dllhost.exe Process ID - 14060 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:43:43] New process found: Process Name - nssm.exe Process ID - 12128 Process Identity - NT SERVICE\PleskWebSocket [12-07-2023 04:43:43] New process found: Process Name - php.exe Process ID - 7108 Process Identity - NT SERVICE\PleskWebSocket [12-07-2023 04:43:43] New process found: Process Name - conhost.exe Process ID - 12112 Process Identity - NT SERVICE\PleskWebSocket [12-07-2023 04:43:43] New process found: Process Name - w3wp.exe Process ID - 15592 Process Identity - KSHITIJSINGHAL-\IWPD_33(acwits) Web application pool name - procurementwebnew.acwits.in(domain)(4.0)(pool) [12-07-2023 04:43:43] New process found: Process Name - conhost.exe Process ID - 4776 Process Identity - KSHITIJSINGHAL-\IWPD_33(acwits) [12-07-2023 04:43:43] Service state changed: Service Name - PleskWebSocket Process ID - 12128 Current State - SERVICE_START_PENDING [12-07-2023 04:43:45] Process Exited: Process Name - php.exe Process ID - 7108 [12-07-2023 04:43:45] Process Exited: Process Name - conhost.exe Process ID - 12112 [12-07-2023 04:43:45] Process Exited: Process Name - nssm.exe Process ID - 12128 [12-07-2023 04:43:45] Service state changed: Service Name - PleskWebSocket Process ID - 0 Current State - SERVICE_STOPPED [12-07-2023 04:43:48] Process Exited: Process Name - dllhost.exe Process ID - 14060 [12-07-2023 04:43:50] New process found: Process Name - dllhost.exe Process ID - 10736 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:43:50] New process found: Process Name - nssm.exe Process ID - 1464 Process Identity - NT SERVICE\PleskWebSocket [12-07-2023 04:43:50] New process found: Process Name - php.exe Process ID - 15720 Process Identity - NT SERVICE\PleskWebSocket [12-07-2023 04:43:50] New process found: Process Name - conhost.exe Process ID - 5436 Process Identity - NT SERVICE\PleskWebSocket [12-07-2023 04:43:50] Service state changed: Service Name - PleskWebSocket Process ID - 1464 Current State - SERVICE_START_PENDING [12-07-2023 04:43:51] New process found: Process Name - w3wp.exe Process ID - 532 Process Identity - KSHITIJSINGHAL-\IWPD_6(cies) Web application pool name - cies.org.in(domain)(4.0)(pool) [12-07-2023 04:43:51] Service state changed: Service Name - PleskWebSocket Process ID - 1464 Current State - SERVICE_RUNNING [12-07-2023 04:43:52] Process Exited: Process Name - nssm.exe Process ID - 1464 [12-07-2023 04:43:52] Process Exited: Process Name - conhost.exe Process ID - 5436 [12-07-2023 04:43:52] Process Exited: Process Name - php.exe Process ID - 15720 [12-07-2023 04:43:52] Service state changed: Service Name - PleskWebSocket Process ID - 0 Current State - SERVICE_STOPPED [12-07-2023 04:43:55] Process Exited: Process Name - dllhost.exe Process ID - 10736 [12-07-2023 04:44:00] New process found: Process Name - cmd.exe Process ID - 8796 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:44:00] New process found: Process Name - conhost.exe Process ID - 2080 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:44:00] New process found: Process Name - runtask.exe Process ID - 10536 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:44:00] New process found: Process Name - dllhost.exe Process ID - 13308 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:44:00] New process found: Process Name - php.exe Process ID - 8996 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 04:44:00] New process found: Process Name - conhost.exe Process ID - 4100 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 04:44:01] Process Exited: Process Name - conhost.exe Process ID - 2080 [12-07-2023 04:44:01] Process Exited: Process Name - conhost.exe Process ID - 4100 [12-07-2023 04:44:01] Process Exited: Process Name - cmd.exe Process ID - 8796 [12-07-2023 04:44:01] Process Exited: Process Name - php.exe Process ID - 8996 [12-07-2023 04:44:01] Process Exited: Process Name - runtask.exe Process ID - 10536 [12-07-2023 04:44:05] Process Exited: Process Name - dllhost.exe Process ID - 13308 [12-07-2023 04:44:06] New process found: Process Name - w3wp.exe Process ID - 12196 Process Identity - IIS APPPOOL\kdbps.edu.in Web application pool name - kdbps.edu.in [12-07-2023 04:44:06] New process found: Process Name - conhost.exe Process ID - 2952 Process Identity - IIS APPPOOL\kdbps.edu.in [12-07-2023 04:44:06] Process Exited: Process Name - w3wp.exe Process ID - 14112 Web application pool name - kdbps.edu.in [12-07-2023 04:44:06] Process Exited: Process Name - conhost.exe Process ID - 15208 [12-07-2023 04:44:38] Process Exited: Process Name - w3wp.exe Process ID - 6972 Web application pool name - perfectbread.com(domain)(4.0)(pool) [12-07-2023 04:44:38] Process Exited: Process Name - conhost.exe Process ID - 16088 [12-07-2023 04:44:46] Process Exited: Process Name - w3wp.exe Process ID - 13024 Web application pool name - DefaultAppPool [12-07-2023 04:45:15] New process found: Process Name - w3wp.exe Process ID - 9352 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 04:45:15] Process Exited: Process Name - w3wp.exe Process ID - 3136 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 04:45:37] Process Exited: Process Name - w3wp.exe Process ID - 7696 Web application pool name - pharmacy.acwits.in(domain)(4.0)(pool) [12-07-2023 04:45:37] Process Exited: Process Name - conhost.exe Process ID - 12888 [12-07-2023 04:46:48] Process Exited: Process Name - SearchFilterHost.exe Process ID - 9080 [12-07-2023 04:46:48] Process Exited: Process Name - SearchProtocolHost.exe Process ID - 11720 [12-07-2023 04:46:59] New process found: Process Name - dllhost.exe Process ID - 16376 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:46:59] New process found: Process Name - nssm.exe Process ID - 14700 Process Identity - NT SERVICE\PleskWebSocket [12-07-2023 04:46:59] New process found: Process Name - php.exe Process ID - 15576 Process Identity - NT SERVICE\PleskWebSocket [12-07-2023 04:46:59] New process found: Process Name - conhost.exe Process ID - 13632 Process Identity - NT SERVICE\PleskWebSocket [12-07-2023 04:46:59] Service state changed: Service Name - PleskWebSocket Process ID - 14700 Current State - SERVICE_START_PENDING [12-07-2023 04:47:04] Process Exited: Process Name - dllhost.exe Process ID - 16376 [12-07-2023 04:47:04] Service state changed: Service Name - PleskWebSocket Process ID - 14700 Current State - SERVICE_RUNNING [12-07-2023 04:47:22] New process found: Process Name - SearchProtocolHost.exe Process ID - 13996 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:47:22] New process found: Process Name - SearchFilterHost.exe Process ID - 13636 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:47:31] New process found: Process Name - w3wp.exe Process ID - 10148 Process Identity - IIS APPPOOL\galaxytools.in Web application pool name - galaxytools.in [12-07-2023 04:47:56] Process Exited: Process Name - w3wp.exe Process ID - 13244 Web application pool name - organicdisruption.org(domain)(4.0)(pool) [12-07-2023 04:48:42] Process Exited: Process Name - msiexec.exe Process ID - 11968 [12-07-2023 04:48:42] Service state changed: Service Name - msiserver Process ID - 0 Current State - SERVICE_STOPPED [12-07-2023 04:48:47] Process Exited: Process Name - SearchFilterHost.exe Process ID - 13636 [12-07-2023 04:48:47] Process Exited: Process Name - SearchProtocolHost.exe Process ID - 13996 [12-07-2023 04:48:50] New process found: Process Name - msiexec.exe Process ID - 2760 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:48:50] New process found: Process Name - taskkill.exe Process ID - 10468 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:48:50] New process found: Process Name - conhost.exe Process ID - 6232 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:48:50] Service state changed: Service Name - msiserver Process ID - 2760 Current State - SERVICE_RUNNING [12-07-2023 04:48:51] New process found: Process Name - SearchProtocolHost.exe Process ID - 16220 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:48:51] New process found: Process Name - SearchFilterHost.exe Process ID - 11256 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:48:51] Process Exited: Process Name - conhost.exe Process ID - 6232 [12-07-2023 04:48:51] Process Exited: Process Name - taskkill.exe Process ID - 10468 [12-07-2023 04:48:51] Process Exited: Process Name - traymonitor.exe Process ID - 13340 [12-07-2023 04:48:52] New process found: Process Name - dllhost.exe Process ID - 10900 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 04:48:54] New process found: Process Name - cmd.exe Process ID - 16232 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:48:54] New process found: Process Name - sshost.exe Process ID - 7340 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:48:54] New process found: Process Name - mysqldump.exe Process ID - 3468 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:48:54] New process found: Process Name - conhost.exe Process ID - 7404 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:48:55] New process found: Process Name - WmiPrvSE.exe Process ID - 9016 Process Identity - NT AUTHORITY\LOCAL SERVICE [12-07-2023 04:48:58] New process found: Process Name - cmd.exe Process ID - 11260 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:48:58] Process Exited: Process Name - mysqldump.exe Process ID - 3468 [12-07-2023 04:48:58] Process Exited: Process Name - sshost.exe Process ID - 7340 [12-07-2023 04:48:58] Process Exited: Process Name - conhost.exe Process ID - 7404 [12-07-2023 04:48:58] Process Exited: Process Name - cmd.exe Process ID - 16232 [12-07-2023 04:48:59] Process Exited: Process Name - cmd.exe Process ID - 11260 [12-07-2023 04:49:02] New process found: Process Name - WmiPrvSE.exe Process ID - 13708 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:49:18] New process found: Process Name - msiexec.exe Process ID - 9932 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:49:21] New process found: Process Name - msiexec.exe Process ID - 8372 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:49:36] New process found: Process Name - msiexec.exe Process ID - 11484 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:49:36] Process Exited: Process Name - msiexec.exe Process ID - 8372 [12-07-2023 04:49:36] Process Exited: Process Name - msiexec.exe Process ID - 9932 [12-07-2023 04:49:37] New process found: Process Name - defpackagemng.exe Process ID - 7940 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:49:37] New process found: Process Name - conhost.exe Process ID - 15604 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:49:38] New process found: Process Name - mysqlmng.exe Process ID - 11088 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:49:38] New process found: Process Name - conhost.exe Process ID - 4156 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:49:38] Service state changed: Service Name - MariaDB103 Process ID - 4316 Current State - SERVICE_STOP_PENDING [12-07-2023 04:49:39] Process Exited: Process Name - mysqld.exe Process ID - 4316 [12-07-2023 04:49:39] Service state changed: Service Name - MariaDB103 Process ID - 0 Current State - SERVICE_STOPPED [12-07-2023 04:49:46] Process Exited: Process Name - conhost.exe Process ID - 4776 [12-07-2023 04:49:46] Process Exited: Process Name - w3wp.exe Process ID - 15592 Web application pool name - procurementwebnew.acwits.in(domain)(4.0)(pool) [12-07-2023 04:49:48] New process found: Process Name - ApplySecurity.exe Process ID - 15168 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:49:48] New process found: Process Name - conhost.exe Process ID - 15064 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:49:49] New process found: Process Name - ApplySecurity.exe Process ID - 6084 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:49:49] New process found: Process Name - conhost.exe Process ID - 10616 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:49:49] Process Exited: Process Name - conhost.exe Process ID - 15064 [12-07-2023 04:49:49] Process Exited: Process Name - ApplySecurity.exe Process ID - 15168 [12-07-2023 04:49:50] New process found: Process Name - dllhost.exe Process ID - 12804 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:49:50] New process found: Process Name - mysqld.exe Process ID - 9316 Process Identity - NT SERVICE\MariaDB103 [12-07-2023 04:49:50] Process Exited: Process Name - ApplySecurity.exe Process ID - 6084 [12-07-2023 04:49:50] Process Exited: Process Name - conhost.exe Process ID - 10616 [12-07-2023 04:49:50] Service state changed: Service Name - MariaDB103 Process ID - 9316 Current State - SERVICE_RUNNING [12-07-2023 04:49:51] New process found: Process Name - mysql_upgrade.exe Process ID - 6808 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:49:51] New process found: Process Name - conhost.exe Process ID - 9872 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:49:51] New process found: Process Name - cmd.exe Process ID - 11304 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:49:51] New process found: Process Name - mysql.exe Process ID - 8448 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:49:52] Process Exited: Process Name - mysql_upgrade.exe Process ID - 6808 [12-07-2023 04:49:52] Process Exited: Process Name - mysql.exe Process ID - 8448 [12-07-2023 04:49:52] Process Exited: Process Name - conhost.exe Process ID - 9872 [12-07-2023 04:49:52] Process Exited: Process Name - cmd.exe Process ID - 11304 [12-07-2023 04:49:52] Service state changed: Service Name - MariaDB103 Process ID - 9316 Current State - SERVICE_STOP_PENDING [12-07-2023 04:49:54] Process Exited: Process Name - w3wp.exe Process ID - 532 Web application pool name - cies.org.in(domain)(4.0)(pool) [12-07-2023 04:49:54] Process Exited: Process Name - mysqld.exe Process ID - 9316 [12-07-2023 04:49:54] Service state changed: Service Name - MariaDB103 Process ID - 0 Current State - SERVICE_STOPPED [12-07-2023 04:49:55] Process Exited: Process Name - dllhost.exe Process ID - 12804 [12-07-2023 04:50:02] New process found: Process Name - dllhost.exe Process ID - 10164 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:50:02] New process found: Process Name - mysqld.exe Process ID - 6564 Process Identity - NT SERVICE\MariaDB103 [12-07-2023 04:50:02] Service state changed: Service Name - MariaDB103 Process ID - 6564 Current State - SERVICE_START_PENDING [12-07-2023 04:50:03] New process found: Process Name - mysqlmng.exe Process ID - 6504 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:50:03] New process found: Process Name - conhost.exe Process ID - 10776 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:50:03] New process found: Process Name - mysql_upgrade.exe Process ID - 7860 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:50:03] New process found: Process Name - conhost.exe Process ID - 15968 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:50:03] New process found: Process Name - cmd.exe Process ID - 11560 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:50:03] New process found: Process Name - mysql.exe Process ID - 13900 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:50:03] Process Exited: Process Name - conhost.exe Process ID - 4156 [12-07-2023 04:50:03] Process Exited: Process Name - mysqlmng.exe Process ID - 11088 [12-07-2023 04:50:03] Service state changed: Service Name - MariaDB103 Process ID - 6564 Current State - SERVICE_RUNNING [12-07-2023 04:50:04] New process found: Process Name - cmd.exe Process ID - 8676 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:50:04] New process found: Process Name - mysql.exe Process ID - 3764 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:50:04] Process Exited: Process Name - cmd.exe Process ID - 11560 [12-07-2023 04:50:04] Process Exited: Process Name - mysql.exe Process ID - 13900 [12-07-2023 04:50:07] Process Exited: Process Name - mysql.exe Process ID - 3764 [12-07-2023 04:50:07] Process Exited: Process Name - mysqld.exe Process ID - 6564 [12-07-2023 04:50:07] Process Exited: Process Name - mysql_upgrade.exe Process ID - 7860 [12-07-2023 04:50:07] Process Exited: Process Name - cmd.exe Process ID - 8676 [12-07-2023 04:50:07] Process Exited: Process Name - dllhost.exe Process ID - 10164 [12-07-2023 04:50:07] Process Exited: Process Name - conhost.exe Process ID - 15968 [12-07-2023 04:50:07] Service state changed: Service Name - MariaDB103 Process ID - 0 Current State - SERVICE_STOPPED [12-07-2023 04:50:08] Process Exited: Process Name - conhost.exe Process ID - 2952 [12-07-2023 04:50:08] Process Exited: Process Name - w3wp.exe Process ID - 12196 Web application pool name - kdbps.edu.in [12-07-2023 04:50:16] New process found: Process Name - w3wp.exe Process ID - 11684 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 04:50:16] Process Exited: Process Name - w3wp.exe Process ID - 9352 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 04:50:17] New process found: Process Name - dllhost.exe Process ID - 2964 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:50:17] New process found: Process Name - mysqld.exe Process ID - 14952 Process Identity - NT SERVICE\MariaDB103 [12-07-2023 04:50:17] Service state changed: Service Name - MariaDB103 Process ID - 14952 Current State - SERVICE_RUNNING [12-07-2023 04:50:19] New process found: Process Name - cmd.exe Process ID - 7972 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:50:19] New process found: Process Name - defpackagemng.exe Process ID - 9732 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:50:19] New process found: Process Name - powershell.exe Process ID - 16012 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:50:19] New process found: Process Name - conhost.exe Process ID - 6896 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:50:19] Process Exited: Process Name - mysqlmng.exe Process ID - 6504 [12-07-2023 04:50:19] Process Exited: Process Name - defpackagemng.exe Process ID - 7940 [12-07-2023 04:50:19] Process Exited: Process Name - conhost.exe Process ID - 10776 [12-07-2023 04:50:19] Process Exited: Process Name - msiexec.exe Process ID - 11484 [12-07-2023 04:50:19] Process Exited: Process Name - conhost.exe Process ID - 15604 [12-07-2023 04:50:22] Process Exited: Process Name - dllhost.exe Process ID - 2964 [12-07-2023 04:50:24] Process Exited: Process Name - WmiPrvSE.exe Process ID - 9016 [12-07-2023 04:50:24] Process Exited: Process Name - WmiPrvSE.exe Process ID - 13708 [12-07-2023 04:50:25] New process found: Process Name - cmd.exe Process ID - 2056 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:50:25] New process found: Process Name - defpackagemng.exe Process ID - 14972 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:50:25] Process Exited: Process Name - conhost.exe Process ID - 6896 [12-07-2023 04:50:25] Process Exited: Process Name - cmd.exe Process ID - 7972 [12-07-2023 04:50:25] Process Exited: Process Name - defpackagemng.exe Process ID - 9732 [12-07-2023 04:50:25] Process Exited: Process Name - powershell.exe Process ID - 16012 [12-07-2023 04:50:26] New process found: Process Name - cmd.exe Process ID - 15304 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:50:26] Process Exited: Process Name - cmd.exe Process ID - 2056 [12-07-2023 04:50:26] Process Exited: Process Name - defpackagemng.exe Process ID - 14972 [12-07-2023 04:50:27] New process found: Process Name - cmd.exe Process ID - 15364 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:50:27] New process found: Process Name - upgrade.exe Process ID - 7728 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:50:27] New process found: Process Name - php.exe Process ID - 13404 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:50:27] Process Exited: Process Name - cmd.exe Process ID - 15304 [12-07-2023 04:50:31] New process found: Process Name - task-manager-agent.exe Process ID - 13052 Process Identity - NT SERVICE\PleskTaskManager [12-07-2023 04:50:31] New process found: Process Name - php.exe Process ID - 1816 Process Identity - NT SERVICE\PleskTaskManager [12-07-2023 04:50:31] New process found: Process Name - conhost.exe Process ID - 8856 Process Identity - NT SERVICE\PleskTaskManager [12-07-2023 04:50:32] New process found: Process Name - phpcfg.exe Process ID - 16252 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:50:32] New process found: Process Name - conhost.exe Process ID - 7936 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:50:32] New process found: Process Name - php.exe Process ID - 11572 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:50:32] New process found: Process Name - conhost.exe Process ID - 7376 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:50:32] New process found: Process Name - cmd.exe Process ID - 9252 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:50:32] New process found: Process Name - php.exe Process ID - 7072 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:50:33] New process found: Process Name - cmd.exe Process ID - 13796 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:50:33] New process found: Process Name - php.exe Process ID - 13760 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:50:33] New process found: Process Name - phpcfg.exe Process ID - 9416 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:50:33] New process found: Process Name - conhost.exe Process ID - 13892 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:50:33] New process found: Process Name - php.exe Process ID - 14612 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:50:33] New process found: Process Name - conhost.exe Process ID - 10836 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:50:33] Process Exited: Process Name - php.exe Process ID - 7072 [12-07-2023 04:50:33] Process Exited: Process Name - conhost.exe Process ID - 7376 [12-07-2023 04:50:33] Process Exited: Process Name - conhost.exe Process ID - 7936 [12-07-2023 04:50:33] Process Exited: Process Name - cmd.exe Process ID - 9252 [12-07-2023 04:50:33] Process Exited: Process Name - php.exe Process ID - 11572 [12-07-2023 04:50:33] Process Exited: Process Name - phpcfg.exe Process ID - 16252 [12-07-2023 04:50:35] New process found: Process Name - phpcfg.exe Process ID - 7732 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:50:35] New process found: Process Name - conhost.exe Process ID - 15948 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:50:35] New process found: Process Name - php.exe Process ID - 5972 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:50:35] New process found: Process Name - conhost.exe Process ID - 14692 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:50:35] Process Exited: Process Name - phpcfg.exe Process ID - 9416 [12-07-2023 04:50:35] Process Exited: Process Name - conhost.exe Process ID - 10836 [12-07-2023 04:50:35] Process Exited: Process Name - conhost.exe Process ID - 13892 [12-07-2023 04:50:35] Process Exited: Process Name - php.exe Process ID - 14612 [12-07-2023 04:50:36] New process found: Process Name - phpcfg.exe Process ID - 11268 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:50:36] New process found: Process Name - conhost.exe Process ID - 16000 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:50:36] New process found: Process Name - php.exe Process ID - 12340 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:50:36] New process found: Process Name - conhost.exe Process ID - 2696 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:50:36] Process Exited: Process Name - php.exe Process ID - 5972 [12-07-2023 04:50:36] Process Exited: Process Name - phpcfg.exe Process ID - 7732 [12-07-2023 04:50:36] Process Exited: Process Name - conhost.exe Process ID - 14692 [12-07-2023 04:50:36] Process Exited: Process Name - conhost.exe Process ID - 15948 [12-07-2023 04:50:37] New process found: Process Name - winfwmng.exe Process ID - 8804 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:50:37] New process found: Process Name - conhost.exe Process ID - 2316 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:50:38] New process found: Process Name - phpcfg.exe Process ID - 13968 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:50:38] New process found: Process Name - conhost.exe Process ID - 11120 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:50:38] New process found: Process Name - php.exe Process ID - 16192 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:50:38] New process found: Process Name - conhost.exe Process ID - 15368 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:50:38] Process Exited: Process Name - conhost.exe Process ID - 2316 [12-07-2023 04:50:38] Process Exited: Process Name - conhost.exe Process ID - 2696 [12-07-2023 04:50:38] Process Exited: Process Name - winfwmng.exe Process ID - 8804 [12-07-2023 04:50:38] Process Exited: Process Name - phpcfg.exe Process ID - 11268 [12-07-2023 04:50:38] Process Exited: Process Name - php.exe Process ID - 12340 [12-07-2023 04:50:38] Process Exited: Process Name - conhost.exe Process ID - 16000 [12-07-2023 04:50:39] New process found: Process Name - phpcfg.exe Process ID - 9348 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:50:39] Process Exited: Process Name - conhost.exe Process ID - 11120 [12-07-2023 04:50:39] Process Exited: Process Name - phpcfg.exe Process ID - 13968 [12-07-2023 04:50:39] Process Exited: Process Name - conhost.exe Process ID - 15368 [12-07-2023 04:50:39] Process Exited: Process Name - php.exe Process ID - 16192 [12-07-2023 04:50:40] New process found: Process Name - phpcfg.exe Process ID - 6844 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:50:40] New process found: Process Name - conhost.exe Process ID - 4344 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:50:40] New process found: Process Name - php.exe Process ID - 7672 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:50:40] New process found: Process Name - conhost.exe Process ID - 6408 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:50:40] Process Exited: Process Name - phpcfg.exe Process ID - 9348 [12-07-2023 04:50:41] New process found: Process Name - cmd.exe Process ID - 11980 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:50:41] New process found: Process Name - php.exe Process ID - 12292 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:50:41] New process found: Process Name - phpcfg.exe Process ID - 11920 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:50:41] New process found: Process Name - conhost.exe Process ID - 14696 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:50:41] New process found: Process Name - php.exe Process ID - 15388 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:50:41] New process found: Process Name - conhost.exe Process ID - 6252 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:50:41] Process Exited: Process Name - conhost.exe Process ID - 4344 [12-07-2023 04:50:41] Process Exited: Process Name - conhost.exe Process ID - 6408 [12-07-2023 04:50:41] Process Exited: Process Name - phpcfg.exe Process ID - 6844 [12-07-2023 04:50:41] Process Exited: Process Name - php.exe Process ID - 7672 [12-07-2023 04:50:41] Process Exited: Process Name - php.exe Process ID - 13760 [12-07-2023 04:50:41] Process Exited: Process Name - cmd.exe Process ID - 13796 [12-07-2023 04:50:42] New process found: Process Name - cmd.exe Process ID - 11004 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:50:42] New process found: Process Name - php.exe Process ID - 7888 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:50:42] New process found: Process Name - websrvmng.exe Process ID - 5160 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:50:42] New process found: Process Name - conhost.exe Process ID - 5044 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:50:42] New process found: Process Name - phpcfg.exe Process ID - 15068 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:50:42] New process found: Process Name - conhost.exe Process ID - 676 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:50:42] New process found: Process Name - php.exe Process ID - 4876 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:50:42] New process found: Process Name - conhost.exe Process ID - 5144 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:50:42] Process Exited: Process Name - conhost.exe Process ID - 6252 [12-07-2023 04:50:42] Process Exited: Process Name - phpcfg.exe Process ID - 11920 [12-07-2023 04:50:42] Process Exited: Process Name - cmd.exe Process ID - 11980 [12-07-2023 04:50:42] Process Exited: Process Name - php.exe Process ID - 12292 [12-07-2023 04:50:42] Process Exited: Process Name - conhost.exe Process ID - 14696 [12-07-2023 04:50:42] Process Exited: Process Name - php.exe Process ID - 15388 [12-07-2023 04:50:43] New process found: Process Name - defpackagemng.exe Process ID - 1728 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:50:43] New process found: Process Name - conhost.exe Process ID - 6648 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:50:43] Process Exited: Process Name - conhost.exe Process ID - 676 [12-07-2023 04:50:43] Process Exited: Process Name - php.exe Process ID - 1816 [12-07-2023 04:50:43] Process Exited: Process Name - php.exe Process ID - 4876 [12-07-2023 04:50:43] Process Exited: Process Name - conhost.exe Process ID - 5044 [12-07-2023 04:50:43] Process Exited: Process Name - conhost.exe Process ID - 5144 [12-07-2023 04:50:43] Process Exited: Process Name - websrvmng.exe Process ID - 5160 [12-07-2023 04:50:43] Process Exited: Process Name - conhost.exe Process ID - 8856 [12-07-2023 04:50:43] Process Exited: Process Name - task-manager-agent.exe Process ID - 13052 [12-07-2023 04:50:43] Process Exited: Process Name - phpcfg.exe Process ID - 15068 [12-07-2023 04:50:50] New process found: Process Name - websrvmng.exe Process ID - 3496 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:50:50] New process found: Process Name - conhost.exe Process ID - 15212 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:50:51] New process found: Process Name - cmd.exe Process ID - 4156 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:50:51] New process found: Process Name - upgrade.exe Process ID - 14796 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:50:51] New process found: Process Name - php.exe Process ID - 12304 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:50:51] Process Exited: Process Name - defpackagemng.exe Process ID - 1728 [12-07-2023 04:50:51] Process Exited: Process Name - websrvmng.exe Process ID - 3496 [12-07-2023 04:50:51] Process Exited: Process Name - conhost.exe Process ID - 6648 [12-07-2023 04:50:51] Process Exited: Process Name - upgrade.exe Process ID - 7728 [12-07-2023 04:50:51] Process Exited: Process Name - php.exe Process ID - 7888 [12-07-2023 04:50:51] Process Exited: Process Name - cmd.exe Process ID - 11004 [12-07-2023 04:50:51] Process Exited: Process Name - php.exe Process ID - 13404 [12-07-2023 04:50:51] Process Exited: Process Name - conhost.exe Process ID - 15212 [12-07-2023 04:50:51] Process Exited: Process Name - cmd.exe Process ID - 15364 [12-07-2023 04:50:52] New process found: Process Name - cmd.exe Process ID - 16212 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:50:52] New process found: Process Name - sshost.exe Process ID - 12956 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:50:52] Process Exited: Process Name - cmd.exe Process ID - 4156 [12-07-2023 04:50:52] Process Exited: Process Name - php.exe Process ID - 12304 [12-07-2023 04:50:52] Process Exited: Process Name - upgrade.exe Process ID - 14796 [12-07-2023 04:51:08] New process found: Process Name - cmd.exe Process ID - 12924 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:51:08] New process found: Process Name - php.exe Process ID - 9684 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:51:08] New process found: Process Name - php.exe Process ID - 11420 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:51:08] Process Exited: Process Name - sshost.exe Process ID - 12956 [12-07-2023 04:51:08] Process Exited: Process Name - cmd.exe Process ID - 16212 [12-07-2023 04:51:09] Process Exited: Process Name - php.exe Process ID - 9684 [12-07-2023 04:51:09] Process Exited: Process Name - php.exe Process ID - 11420 [12-07-2023 04:51:09] Process Exited: Process Name - cmd.exe Process ID - 12924 [12-07-2023 04:51:11] New process found: Process Name - cmd.exe Process ID - 6824 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:51:11] New process found: Process Name - reportupdate.exe Process ID - 11540 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:51:12] Process Exited: Process Name - cmd.exe Process ID - 6824 [12-07-2023 04:51:12] Process Exited: Process Name - reportupdate.exe Process ID - 11540 [12-07-2023 04:51:15] Process Exited: Process Name - ai.exe Process ID - 12172 [12-07-2023 04:51:15] Process Exited: Process Name - plesk_installer_Microsoft_10.0_x86_64_3.53.1.exe Process ID - 14152 [12-07-2023 04:51:15] Process Exited: Process Name - conhost.exe Process ID - 16060 [12-07-2023 04:51:19] New process found: Process Name - w3wp.exe Process ID - 6552 Process Identity - IIS APPPOOL\kdbps.edu.in Web application pool name - kdbps.edu.in [12-07-2023 04:51:19] New process found: Process Name - conhost.exe Process ID - 15708 Process Identity - IIS APPPOOL\kdbps.edu.in [12-07-2023 04:51:52] Process Exited: Process Name - w3wp.exe Process ID - 4724 Web application pool name - suryaflame.com(domain)(4.0)(pool) [12-07-2023 04:51:52] Process Exited: Process Name - conhost.exe Process ID - 16248 [12-07-2023 04:52:00] New process found: Process Name - cmd.exe Process ID - 2556 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:52:00] New process found: Process Name - conhost.exe Process ID - 14404 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:52:00] New process found: Process Name - runtask.exe Process ID - 7164 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:52:00] New process found: Process Name - php.exe Process ID - 8616 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 04:52:00] New process found: Process Name - conhost.exe Process ID - 13684 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 04:52:01] Process Exited: Process Name - cmd.exe Process ID - 2556 [12-07-2023 04:52:01] Process Exited: Process Name - runtask.exe Process ID - 7164 [12-07-2023 04:52:01] Process Exited: Process Name - php.exe Process ID - 8616 [12-07-2023 04:52:01] Process Exited: Process Name - conhost.exe Process ID - 13684 [12-07-2023 04:52:01] Process Exited: Process Name - conhost.exe Process ID - 14404 [12-07-2023 04:52:41] New process found: Process Name - w3wp.exe Process ID - 15664 Process Identity - KSHITIJSINGHAL-\IWPD_74(suryafla_aw) Web application pool name - suryaflame.com(domain)(4.0)(pool) [12-07-2023 04:52:42] New process found: Process Name - conhost.exe Process ID - 3800 Process Identity - KSHITIJSINGHAL-\IWPD_74(suryafla_aw) [12-07-2023 04:52:47] Process Exited: Process Name - SearchFilterHost.exe Process ID - 11256 [12-07-2023 04:52:47] Process Exited: Process Name - SearchProtocolHost.exe Process ID - 16220 [12-07-2023 04:53:15] New process found: Process Name - w3wp.exe Process ID - 15800 Process Identity - IIS APPPOOL\DefaultAppPool Web application pool name - DefaultAppPool [12-07-2023 04:54:16] New process found: Process Name - w3wp.exe Process ID - 7936 Process Identity - KSHITIJSINGHAL-\IWPD_76(organicdisr) Web application pool name - organicdisruption.org(domain)(4.0)(pool) [12-07-2023 04:55:00] New process found: Process Name - ApplySecurity.exe Process ID - 12056 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:55:01] New process found: Process Name - conhost.exe Process ID - 16340 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 04:55:18] New process found: Process Name - w3wp.exe Process ID - 14788 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 04:55:18] Process Exited: Process Name - w3wp.exe Process ID - 11684 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 04:55:52] Process Exited: Process Name - msiexec.exe Process ID - 2760 [12-07-2023 04:55:52] Service state changed: Service Name - msiserver Process ID - 0 Current State - SERVICE_STOPPED [12-07-2023 04:56:12] New process found: Process Name - w3wp.exe Process ID - 932 Process Identity - KSHITIJSINGHAL-\IWPD_38(capitalbook) Web application pool name - capitalbooks-publishing.com(domain)(4.0)(pool) [12-07-2023 04:57:50] New process found: Process Name - w3wp.exe Process ID - 6632 Process Identity - KSHITIJSINGHAL-\IWPD_81(acwits) Web application pool name - singlas.acwits.in(domain)(4.0)(pool) [12-07-2023 04:57:50] New process found: Process Name - conhost.exe Process ID - 5516 Process Identity - KSHITIJSINGHAL-\IWPD_81(acwits) [12-07-2023 04:58:54] New process found: Process Name - WmiPrvSE.exe Process ID - 14468 Process Identity - NT AUTHORITY\LOCAL SERVICE [12-07-2023 04:59:01] New process found: Process Name - WmiPrvSE.exe Process ID - 5024 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 05:00:19] New process found: Process Name - w3wp.exe Process ID - 8600 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 05:00:19] Process Exited: Process Name - w3wp.exe Process ID - 7936 Web application pool name - organicdisruption.org(domain)(4.0)(pool) [12-07-2023 05:00:19] Process Exited: Process Name - w3wp.exe Process ID - 14788 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 05:00:24] Process Exited: Process Name - WmiPrvSE.exe Process ID - 5024 [12-07-2023 05:00:24] Process Exited: Process Name - WmiPrvSE.exe Process ID - 14468 [12-07-2023 05:00:33] Process Exited: Process Name - w3wp.exe Process ID - 10148 Web application pool name - galaxytools.in [12-07-2023 05:01:17] Process Exited: Process Name - w3wp.exe Process ID - 15800 Web application pool name - DefaultAppPool [12-07-2023 05:01:52] New process found: Process Name - SearchProtocolHost.exe Process ID - 12632 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 05:01:52] New process found: Process Name - SearchFilterHost.exe Process ID - 14224 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 05:02:30] Process Exited: Process Name - ApplySecurity.exe Process ID - 12056 [12-07-2023 05:02:30] Process Exited: Process Name - conhost.exe Process ID - 16340 [12-07-2023 05:03:43] Process Exited: Process Name - conhost.exe Process ID - 3800 [12-07-2023 05:03:43] Process Exited: Process Name - w3wp.exe Process ID - 15664 Web application pool name - suryaflame.com(domain)(4.0)(pool) [12-07-2023 05:04:48] Process Exited: Process Name - SearchProtocolHost.exe Process ID - 12632 [12-07-2023 05:04:48] Process Exited: Process Name - SearchFilterHost.exe Process ID - 14224 [12-07-2023 05:05:01] New process found: Process Name - cmd.exe Process ID - 7860 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 05:05:01] New process found: Process Name - conhost.exe Process ID - 7124 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 05:05:01] New process found: Process Name - runtask.exe Process ID - 15768 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 05:05:01] New process found: Process Name - php.exe Process ID - 212 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 05:05:01] New process found: Process Name - conhost.exe Process ID - 11132 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 05:05:03] New process found: Process Name - crontabmng.exe Process ID - 10564 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 05:05:03] New process found: Process Name - conhost.exe Process ID - 13380 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 05:05:04] Process Exited: Process Name - crontabmng.exe Process ID - 10564 [12-07-2023 05:05:04] Process Exited: Process Name - conhost.exe Process ID - 13380 [12-07-2023 05:05:05] Process Exited: Process Name - php.exe Process ID - 212 [12-07-2023 05:05:05] Process Exited: Process Name - conhost.exe Process ID - 7124 [12-07-2023 05:05:05] Process Exited: Process Name - cmd.exe Process ID - 7860 [12-07-2023 05:05:05] Process Exited: Process Name - conhost.exe Process ID - 11132 [12-07-2023 05:05:05] Process Exited: Process Name - runtask.exe Process ID - 15768 [12-07-2023 05:05:09] New process found: Process Name - w3wp.exe Process ID - 15444 Process Identity - IIS APPPOOL\DefaultAppPool Web application pool name - DefaultAppPool [12-07-2023 05:05:20] New process found: Process Name - w3wp.exe Process ID - 5116 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 05:05:20] Process Exited: Process Name - w3wp.exe Process ID - 8600 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 05:06:46] New process found: Process Name - w3wp.exe Process ID - 6272 Process Identity - IIS APPPOOL\PleskControlPanel Web application pool name - PleskControlPanel [12-07-2023 05:06:46] New process found: Process Name - php-cgi.exe Process ID - 6604 Process Identity - IIS APPPOOL\PleskControlPanel [12-07-2023 05:06:48] New process found: Process Name - w3wp.exe Process ID - 11604 Process Identity - KSHITIJSINGHAL-\IWPD_76(organicdisr) Web application pool name - organicdisruption.org(domain)(4.0)(pool) [12-07-2023 05:06:48] New process found: Process Name - conhost.exe Process ID - 7584 Process Identity - KSHITIJSINGHAL-\IWPD_76(organicdisr) [12-07-2023 05:06:50] New process found: Process Name - w3wp.exe Process ID - 14396 Process Identity - KSHITIJSINGHAL-\IWPD_74(suryafla_aw) Web application pool name - suryaflame.com(domain)(4.0)(pool) [12-07-2023 05:06:51] New process found: Process Name - where.exe Process ID - 13384 Process Identity - KSHITIJSINGHAL-\IWPD_74(suryafla_aw) [12-07-2023 05:06:51] New process found: Process Name - conhost.exe Process ID - 6576 Process Identity - KSHITIJSINGHAL-\IWPD_74(suryafla_aw) [12-07-2023 05:06:52] New process found: Process Name - conhost.exe Process ID - 14868 Process Identity - KSHITIJSINGHAL-\IWPD_74(suryafla_aw) [12-07-2023 05:06:52] Process Exited: Process Name - conhost.exe Process ID - 6576 [12-07-2023 05:06:52] Process Exited: Process Name - where.exe Process ID - 13384 [12-07-2023 05:08:54] New process found: Process Name - WmiPrvSE.exe Process ID - 13868 Process Identity - NT AUTHORITY\LOCAL SERVICE [12-07-2023 05:09:01] New process found: Process Name - WmiPrvSE.exe Process ID - 5176 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 05:10:14] Process Exited: Process Name - w3wp.exe Process ID - 932 Web application pool name - capitalbooks-publishing.com(domain)(4.0)(pool) [12-07-2023 05:10:21] New process found: Process Name - w3wp.exe Process ID - 8832 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 05:10:21] Process Exited: Process Name - w3wp.exe Process ID - 5116 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 05:10:24] Process Exited: Process Name - WmiPrvSE.exe Process ID - 5176 [12-07-2023 05:10:24] Process Exited: Process Name - WmiPrvSE.exe Process ID - 13868 [12-07-2023 05:12:10] Process Exited: Process Name - w3wp.exe Process ID - 15444 Web application pool name - DefaultAppPool [12-07-2023 05:12:51] Process Exited: Process Name - conhost.exe Process ID - 7584 [12-07-2023 05:12:51] Process Exited: Process Name - w3wp.exe Process ID - 11604 Web application pool name - organicdisruption.org(domain)(4.0)(pool) [12-07-2023 05:14:21] New process found: Process Name - w3wp.exe Process ID - 11888 Process Identity - KSHITIJSINGHAL-\IWPD_13(perfectbrea) Web application pool name - perfectbread.com(domain)(4.0)(pool) [12-07-2023 05:14:21] New process found: Process Name - where.exe Process ID - 10680 Process Identity - KSHITIJSINGHAL-\IWPD_13(perfectbrea) [12-07-2023 05:14:21] New process found: Process Name - conhost.exe Process ID - 13360 Process Identity - KSHITIJSINGHAL-\IWPD_13(perfectbrea) [12-07-2023 05:14:22] New process found: Process Name - conhost.exe Process ID - 10452 Process Identity - KSHITIJSINGHAL-\IWPD_13(perfectbrea) [12-07-2023 05:14:22] Process Exited: Process Name - where.exe Process ID - 10680 [12-07-2023 05:14:22] Process Exited: Process Name - conhost.exe Process ID - 13360 [12-07-2023 05:14:44] Service state changed: Service Name - WdiSystemHost Process ID - 0 Current State - SERVICE_STOPPED [12-07-2023 05:15:23] New process found: Process Name - w3wp.exe Process ID - 12732 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 05:15:23] Process Exited: Process Name - w3wp.exe Process ID - 8832 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 05:15:34] New process found: Process Name - w3wp.exe Process ID - 12516 Process Identity - KSHITIJSINGHAL-\IWPD_6(cies) Web application pool name - cies.org.in(domain)(4.0)(pool) [12-07-2023 05:16:21] Process Exited: Process Name - w3wp.exe Process ID - 6552 Web application pool name - kdbps.edu.in [12-07-2023 05:16:21] Process Exited: Process Name - conhost.exe Process ID - 15708 [12-07-2023 05:16:52] Process Exited: Process Name - w3wp.exe Process ID - 14396 Web application pool name - suryaflame.com(domain)(4.0)(pool) [12-07-2023 05:16:52] Process Exited: Process Name - conhost.exe Process ID - 14868 [12-07-2023 05:17:07] New process found: Process Name - w3wp.exe Process ID - 5460 Process Identity - IIS APPPOOL\kdbps.edu.in Web application pool name - kdbps.edu.in [12-07-2023 05:17:08] New process found: Process Name - w3wp.exe Process ID - 12736 Process Identity - IIS APPPOOL\acme-challenge Web application pool name - acme-challenge [12-07-2023 05:17:33] New process found: Process Name - SearchProtocolHost.exe Process ID - 2324 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 05:17:33] New process found: Process Name - SearchFilterHost.exe Process ID - 13424 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 05:17:57] New process found: Process Name - w3wp.exe Process ID - 16348 Process Identity - KSHITIJSINGHAL-\IWPD_74(suryafla_aw) Web application pool name - suryaflame.com(domain)(4.0)(pool) [12-07-2023 05:18:23] New process found: Process Name - conhost.exe Process ID - 7032 Process Identity - IIS APPPOOL\kdbps.edu.in [12-07-2023 05:18:47] New process found: Process Name - w3wp.exe Process ID - 14528 Process Identity - KSHITIJSINGHAL-\IWPD_33(acwits) Web application pool name - procurementwebnew.acwits.in(domain)(4.0)(pool) [12-07-2023 05:18:47] New process found: Process Name - conhost.exe Process ID - 14512 Process Identity - KSHITIJSINGHAL-\IWPD_33(acwits) [12-07-2023 05:18:47] Process Exited: Process Name - SearchProtocolHost.exe Process ID - 2324 [12-07-2023 05:18:47] Process Exited: Process Name - SearchFilterHost.exe Process ID - 13424 [12-07-2023 05:18:54] New process found: Process Name - WmiPrvSE.exe Process ID - 2824 Process Identity - NT AUTHORITY\LOCAL SERVICE [12-07-2023 05:19:01] New process found: Process Name - WmiPrvSE.exe Process ID - 7244 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 05:20:23] New process found: Process Name - w3wp.exe Process ID - 13436 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 05:20:23] Process Exited: Process Name - w3wp.exe Process ID - 12732 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 05:20:24] Process Exited: Process Name - WmiPrvSE.exe Process ID - 2824 [12-07-2023 05:20:24] Process Exited: Process Name - WmiPrvSE.exe Process ID - 7244 [12-07-2023 05:21:37] Process Exited: Process Name - w3wp.exe Process ID - 12516 Web application pool name - cies.org.in(domain)(4.0)(pool) [12-07-2023 05:22:12] New process found: Process Name - w3wp.exe Process ID - 11528 Process Identity - KSHITIJSINGHAL-\IWPD_65(acwits) Web application pool name - 20fpsadmin.acwits.in(domain)(4.0)(pool) [12-07-2023 05:22:12] New process found: Process Name - w3wp.exe Process ID - 11388 Process Identity - KSHITIJSINGHAL-\IWPD_66(acwits) Web application pool name - 20fpsweb.acwits.in(domain)(4.0)(pool) [12-07-2023 05:22:32] New process found: Process Name - w3wp.exe Process ID - 12484 Process Identity - KSHITIJSINGHAL-\IWPD_38(capitalbook) Web application pool name - capitalbooks-publishing.com(domain)(4.0)(pool) [12-07-2023 05:22:57] New process found: Process Name - conhost.exe Process ID - 13840 Process Identity - KSHITIJSINGHAL-\IWPD_66(acwits) [12-07-2023 05:22:57] New process found: Process Name - conhost.exe Process ID - 5176 Process Identity - KSHITIJSINGHAL-\IWPD_65(acwits) [12-07-2023 05:23:10] Process Exited: Process Name - w3wp.exe Process ID - 12736 Web application pool name - acme-challenge [12-07-2023 05:23:16] New process found: Process Name - w3wp.exe Process ID - 8744 Process Identity - IIS APPPOOL\galaxytools.in Web application pool name - galaxytools.in [12-07-2023 05:24:00] Process Exited: Process Name - w3wp.exe Process ID - 16348 Web application pool name - suryaflame.com(domain)(4.0)(pool) [12-07-2023 05:24:49] Process Exited: Process Name - conhost.exe Process ID - 14512 [12-07-2023 05:24:49] Process Exited: Process Name - w3wp.exe Process ID - 14528 Web application pool name - procurementwebnew.acwits.in(domain)(4.0)(pool) [12-07-2023 05:25:01] New process found: Process Name - cmd.exe Process ID - 14984 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 05:25:01] New process found: Process Name - conhost.exe Process ID - 7808 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 05:25:01] New process found: Process Name - runtask.exe Process ID - 11040 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 05:25:01] New process found: Process Name - php.exe Process ID - 10760 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 05:25:01] New process found: Process Name - conhost.exe Process ID - 7936 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 05:25:05] Process Exited: Process Name - conhost.exe Process ID - 7808 [12-07-2023 05:25:05] Process Exited: Process Name - conhost.exe Process ID - 7936 [12-07-2023 05:25:05] Process Exited: Process Name - php.exe Process ID - 10760 [12-07-2023 05:25:05] Process Exited: Process Name - runtask.exe Process ID - 11040 [12-07-2023 05:25:05] Process Exited: Process Name - cmd.exe Process ID - 14984 [12-07-2023 05:25:25] New process found: Process Name - w3wp.exe Process ID - 4856 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 05:25:25] Process Exited: Process Name - w3wp.exe Process ID - 13436 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 05:25:39] New process found: Process Name - w3wp.exe Process ID - 12228 Process Identity - KSHITIJSINGHAL-\IWPD_6(cies) Web application pool name - cies.org.in(domain)(4.0)(pool) [12-07-2023 05:25:45] New process found: Process Name - w3wp.exe Process ID - 1688 Process Identity - KSHITIJSINGHAL-\IWPD_74(suryafla_aw) Web application pool name - suryaflame.com(domain)(4.0)(pool) [12-07-2023 05:25:45] New process found: Process Name - conhost.exe Process ID - 9996 Process Identity - KSHITIJSINGHAL-\IWPD_74(suryafla_aw) [12-07-2023 05:26:09] New process found: Process Name - w3wp.exe Process ID - 792 Process Identity - KSHITIJSINGHAL-\IWPD_33(acwits) Web application pool name - procurementwebnew.acwits.in(domain)(4.0)(pool) [12-07-2023 05:26:09] New process found: Process Name - conhost.exe Process ID - 12428 Process Identity - KSHITIJSINGHAL-\IWPD_33(acwits) [12-07-2023 05:26:10] Process Exited: Process Name - w3wp.exe Process ID - 5460 Web application pool name - kdbps.edu.in [12-07-2023 05:26:10] Process Exited: Process Name - conhost.exe Process ID - 7032 [12-07-2023 05:28:22] New process found: Process Name - w3wp.exe Process ID - 10448 Process Identity - IIS APPPOOL\kdbps.edu.in Web application pool name - kdbps.edu.in [12-07-2023 05:28:24] New process found: Process Name - conhost.exe Process ID - 9252 Process Identity - IIS APPPOOL\kdbps.edu.in [12-07-2023 05:28:34] Process Exited: Process Name - w3wp.exe Process ID - 12484 Web application pool name - capitalbooks-publishing.com(domain)(4.0)(pool) [12-07-2023 05:28:54] New process found: Process Name - WmiPrvSE.exe Process ID - 1460 Process Identity - NT AUTHORITY\LOCAL SERVICE [12-07-2023 05:29:01] New process found: Process Name - WmiPrvSE.exe Process ID - 8944 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 05:29:23] Process Exited: Process Name - conhost.exe Process ID - 10452 [12-07-2023 05:29:23] Process Exited: Process Name - w3wp.exe Process ID - 11888 Web application pool name - perfectbread.com(domain)(4.0)(pool) [12-07-2023 05:29:49] New process found: Process Name - w3wp.exe Process ID - 6204 Process Identity - KSHITIJSINGHAL-\IWPD_13(perfectbrea) Web application pool name - perfectbread.com(domain)(4.0)(pool) [12-07-2023 05:29:49] New process found: Process Name - conhost.exe Process ID - 4060 Process Identity - KSHITIJSINGHAL-\IWPD_13(perfectbrea) [12-07-2023 05:30:25] Process Exited: Process Name - WmiPrvSE.exe Process ID - 1460 [12-07-2023 05:30:25] Process Exited: Process Name - WmiPrvSE.exe Process ID - 8944 [12-07-2023 05:30:27] New process found: Process Name - w3wp.exe Process ID - 16364 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 05:30:27] Process Exited: Process Name - w3wp.exe Process ID - 4856 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 05:30:57] New process found: Process Name - w3wp.exe Process ID - 14732 Process Identity - KSHITIJSINGHAL-\IWPD_38(capitalbook) Web application pool name - capitalbooks-publishing.com(domain)(4.0)(pool) [12-07-2023 05:32:14] Process Exited: Process Name - conhost.exe Process ID - 5176 [12-07-2023 05:32:14] Process Exited: Process Name - w3wp.exe Process ID - 11388 Web application pool name - 20fpsweb.acwits.in(domain)(4.0)(pool) [12-07-2023 05:32:14] Process Exited: Process Name - w3wp.exe Process ID - 11528 Web application pool name - 20fpsadmin.acwits.in(domain)(4.0)(pool) [12-07-2023 05:32:14] Process Exited: Process Name - conhost.exe Process ID - 13840 [12-07-2023 05:32:28] New process found: Process Name - w3wp.exe Process ID - 7952 Process Identity - KSHITIJSINGHAL-\IWPD_56(acwits) Web application pool name - cameraonrent.acwits.in(domain)(4.0)(pool) [12-07-2023 05:32:29] New process found: Process Name - csc.exe Process ID - 3312 Process Identity - KSHITIJSINGHAL-\IWPD_56(acwits) [12-07-2023 05:32:29] New process found: Process Name - conhost.exe Process ID - 7904 Process Identity - KSHITIJSINGHAL-\IWPD_56(acwits) [12-07-2023 05:32:30] New process found: Process Name - VBCSCompiler.exe Process ID - 11688 Process Identity - KSHITIJSINGHAL-\IWPD_56(acwits) [12-07-2023 05:32:30] New process found: Process Name - conhost.exe Process ID - 3368 Process Identity - KSHITIJSINGHAL-\IWPD_56(acwits) [12-07-2023 05:32:36] Process Exited: Process Name - csc.exe Process ID - 3312 [12-07-2023 05:32:36] Process Exited: Process Name - conhost.exe Process ID - 7904 [12-07-2023 05:32:38] New process found: Process Name - csc.exe Process ID - 9232 Process Identity - KSHITIJSINGHAL-\IWPD_56(acwits) [12-07-2023 05:32:38] New process found: Process Name - conhost.exe Process ID - 14276 Process Identity - KSHITIJSINGHAL-\IWPD_56(acwits) [12-07-2023 05:32:40] New process found: Process Name - csc.exe Process ID - 14896 Process Identity - KSHITIJSINGHAL-\IWPD_56(acwits) [12-07-2023 05:32:40] New process found: Process Name - conhost.exe Process ID - 5008 Process Identity - KSHITIJSINGHAL-\IWPD_56(acwits) [12-07-2023 05:32:40] Process Exited: Process Name - csc.exe Process ID - 9232 [12-07-2023 05:32:40] Process Exited: Process Name - conhost.exe Process ID - 14276 [12-07-2023 05:32:41] Process Exited: Process Name - conhost.exe Process ID - 5008 [12-07-2023 05:32:41] Process Exited: Process Name - csc.exe Process ID - 14896 [12-07-2023 05:32:42] New process found: Process Name - csc.exe Process ID - 14584 Process Identity - KSHITIJSINGHAL-\IWPD_56(acwits) [12-07-2023 05:32:42] New process found: Process Name - conhost.exe Process ID - 11004 Process Identity - KSHITIJSINGHAL-\IWPD_56(acwits) [12-07-2023 05:32:43] Process Exited: Process Name - conhost.exe Process ID - 11004 [12-07-2023 05:32:43] Process Exited: Process Name - csc.exe Process ID - 14584 [12-07-2023 05:32:53] Process Exited: Process Name - conhost.exe Process ID - 3368 [12-07-2023 05:32:53] Process Exited: Process Name - VBCSCompiler.exe Process ID - 11688 [12-07-2023 05:33:47] Process Exited: Process Name - w3wp.exe Process ID - 1688 Web application pool name - suryaflame.com(domain)(4.0)(pool) [12-07-2023 05:33:47] Process Exited: Process Name - conhost.exe Process ID - 9996 [12-07-2023 05:34:18] Process Exited: Process Name - w3wp.exe Process ID - 8744 Web application pool name - galaxytools.in [12-07-2023 05:35:27] New process found: Process Name - w3wp.exe Process ID - 11788 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 05:35:27] Process Exited: Process Name - w3wp.exe Process ID - 16364 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 05:35:29] New process found: Process Name - w3wp.exe Process ID - 12932 Process Identity - KSHITIJSINGHAL-\IWPD_74(suryafla_aw) Web application pool name - suryaflame.com(domain)(4.0)(pool) [12-07-2023 05:35:29] New process found: Process Name - conhost.exe Process ID - 2316 Process Identity - KSHITIJSINGHAL-\IWPD_74(suryafla_aw) [12-07-2023 05:36:42] Process Exited: Process Name - w3wp.exe Process ID - 12228 Web application pool name - cies.org.in(domain)(4.0)(pool) [12-07-2023 05:36:59] Process Exited: Process Name - w3wp.exe Process ID - 14732 Web application pool name - capitalbooks-publishing.com(domain)(4.0)(pool) [12-07-2023 05:37:47] Process Exited: Process Name - php-cgi.exe Process ID - 6604 [12-07-2023 05:37:48] Process Exited: Process Name - w3wp.exe Process ID - 6272 Web application pool name - PleskControlPanel [12-07-2023 05:37:51] Process Exited: Process Name - conhost.exe Process ID - 4060 [12-07-2023 05:37:51] Process Exited: Process Name - w3wp.exe Process ID - 6204 Web application pool name - perfectbread.com(domain)(4.0)(pool) [12-07-2023 05:38:03] New process found: Process Name - w3wp.exe Process ID - 7532 Process Identity - IIS APPPOOL\galaxytools.in Web application pool name - galaxytools.in [12-07-2023 05:38:14] New process found: Process Name - w3wp.exe Process ID - 16376 Process Identity - KSHITIJSINGHAL-\IWPD_76(organicdisr) Web application pool name - organicdisruption.org(domain)(4.0)(pool) [12-07-2023 05:38:15] New process found: Process Name - conhost.exe Process ID - 7768 Process Identity - KSHITIJSINGHAL-\IWPD_76(organicdisr) [12-07-2023 05:38:30] Process Exited: Process Name - w3wp.exe Process ID - 7952 Web application pool name - cameraonrent.acwits.in(domain)(4.0)(pool) [12-07-2023 05:38:50] New process found: Process Name - w3wp.exe Process ID - 9348 Process Identity - KSHITIJSINGHAL-\IWPD_6(cies) Web application pool name - cies.org.in(domain)(4.0)(pool) [12-07-2023 05:38:54] New process found: Process Name - WmiPrvSE.exe Process ID - 11528 Process Identity - NT AUTHORITY\LOCAL SERVICE [12-07-2023 05:39:01] New process found: Process Name - cmd.exe Process ID - 14964 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 05:39:01] New process found: Process Name - conhost.exe Process ID - 15140 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 05:39:01] New process found: Process Name - runtask.exe Process ID - 15756 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 05:39:01] New process found: Process Name - php.exe Process ID - 7236 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 05:39:01] New process found: Process Name - conhost.exe Process ID - 11704 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 05:39:01] New process found: Process Name - cmd.exe Process ID - 13176 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 05:39:01] New process found: Process Name - php.exe Process ID - 12080 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 05:39:02] New process found: Process Name - WmiPrvSE.exe Process ID - 11916 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 05:39:02] New process found: Process Name - cmd.exe Process ID - 4180 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 05:39:02] New process found: Process Name - php.exe Process ID - 14824 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 05:39:02] Process Exited: Process Name - php.exe Process ID - 12080 [12-07-2023 05:39:02] Process Exited: Process Name - cmd.exe Process ID - 13176 [12-07-2023 05:39:03] Process Exited: Process Name - cmd.exe Process ID - 4180 [12-07-2023 05:39:03] Process Exited: Process Name - php.exe Process ID - 7236 [12-07-2023 05:39:03] Process Exited: Process Name - conhost.exe Process ID - 11704 [12-07-2023 05:39:03] Process Exited: Process Name - php.exe Process ID - 14824 [12-07-2023 05:39:03] Process Exited: Process Name - cmd.exe Process ID - 14964 [12-07-2023 05:39:03] Process Exited: Process Name - conhost.exe Process ID - 15140 [12-07-2023 05:39:03] Process Exited: Process Name - runtask.exe Process ID - 15756 [12-07-2023 05:40:24] Process Exited: Process Name - WmiPrvSE.exe Process ID - 11528 [12-07-2023 05:40:24] Process Exited: Process Name - WmiPrvSE.exe Process ID - 11916 [12-07-2023 05:40:27] New process found: Process Name - w3wp.exe Process ID - 11688 Process Identity - KSHITIJSINGHAL-\IWPD_50(acwits) Web application pool name - adminmain.acwits.in(domain)(4.0)(pool) [12-07-2023 05:40:27] New process found: Process Name - conhost.exe Process ID - 420 Process Identity - KSHITIJSINGHAL-\IWPD_50(acwits) [12-07-2023 05:40:29] New process found: Process Name - w3wp.exe Process ID - 10908 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 05:40:29] Process Exited: Process Name - w3wp.exe Process ID - 11788 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 05:41:31] Process Exited: Process Name - conhost.exe Process ID - 2316 [12-07-2023 05:41:31] Process Exited: Process Name - w3wp.exe Process ID - 12932 Web application pool name - suryaflame.com(domain)(4.0)(pool) [12-07-2023 05:42:05] New process found: Process Name - w3wp.exe Process ID - 7676 Process Identity - KSHITIJSINGHAL-\IWPD_69(acwits) Web application pool name - imarc.acwits.in(domain)(4.0)(pool) [12-07-2023 05:42:05] New process found: Process Name - conhost.exe Process ID - 11172 Process Identity - KSHITIJSINGHAL-\IWPD_69(acwits) [12-07-2023 05:43:20] New process found: Process Name - w3wp.exe Process ID - 6748 Process Identity - KSHITIJSINGHAL-\IWPD_74(suryafla_aw) Web application pool name - suryaflame.com(domain)(4.0)(pool) [12-07-2023 05:43:20] New process found: Process Name - where.exe Process ID - 10948 Process Identity - KSHITIJSINGHAL-\IWPD_74(suryafla_aw) [12-07-2023 05:43:20] New process found: Process Name - conhost.exe Process ID - 5144 Process Identity - KSHITIJSINGHAL-\IWPD_74(suryafla_aw) [12-07-2023 05:43:21] New process found: Process Name - conhost.exe Process ID - 6228 Process Identity - KSHITIJSINGHAL-\IWPD_74(suryafla_aw) [12-07-2023 05:43:21] Process Exited: Process Name - conhost.exe Process ID - 5144 [12-07-2023 05:43:21] Process Exited: Process Name - where.exe Process ID - 10948 [12-07-2023 05:44:01] New process found: Process Name - cmd.exe Process ID - 3416 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 05:44:01] New process found: Process Name - conhost.exe Process ID - 12416 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 05:44:01] New process found: Process Name - runtask.exe Process ID - 8832 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 05:44:01] New process found: Process Name - php.exe Process ID - 7452 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 05:44:01] New process found: Process Name - conhost.exe Process ID - 11000 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 05:44:02] Process Exited: Process Name - cmd.exe Process ID - 3416 [12-07-2023 05:44:02] Process Exited: Process Name - php.exe Process ID - 7452 [12-07-2023 05:44:02] Process Exited: Process Name - runtask.exe Process ID - 8832 [12-07-2023 05:44:02] Process Exited: Process Name - conhost.exe Process ID - 11000 [12-07-2023 05:44:02] Process Exited: Process Name - conhost.exe Process ID - 12416 [12-07-2023 05:44:06] Process Exited: Process Name - w3wp.exe Process ID - 7532 Web application pool name - galaxytools.in [12-07-2023 05:44:11] Process Exited: Process Name - w3wp.exe Process ID - 792 Web application pool name - procurementwebnew.acwits.in(domain)(4.0)(pool) [12-07-2023 05:44:11] Process Exited: Process Name - conhost.exe Process ID - 12428 [12-07-2023 05:44:16] Process Exited: Process Name - conhost.exe Process ID - 7768 [12-07-2023 05:44:16] Process Exited: Process Name - w3wp.exe Process ID - 16376 Web application pool name - organicdisruption.org(domain)(4.0)(pool) [12-07-2023 05:44:53] Process Exited: Process Name - w3wp.exe Process ID - 9348 Web application pool name - cies.org.in(domain)(4.0)(pool) [12-07-2023 05:45:30] New process found: Process Name - w3wp.exe Process ID - 15644 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 05:45:30] Process Exited: Process Name - w3wp.exe Process ID - 10908 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 05:46:01] New process found: Process Name - cmd.exe Process ID - 10600 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 05:46:01] New process found: Process Name - conhost.exe Process ID - 11868 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 05:46:01] New process found: Process Name - runtask.exe Process ID - 15484 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 05:46:01] New process found: Process Name - php.exe Process ID - 8300 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 05:46:01] New process found: Process Name - conhost.exe Process ID - 13268 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 05:46:02] Process Exited: Process Name - php.exe Process ID - 8300 [12-07-2023 05:46:02] Process Exited: Process Name - cmd.exe Process ID - 10600 [12-07-2023 05:46:02] Process Exited: Process Name - conhost.exe Process ID - 11868 [12-07-2023 05:46:02] Process Exited: Process Name - conhost.exe Process ID - 13268 [12-07-2023 05:46:02] Process Exited: Process Name - runtask.exe Process ID - 15484 [12-07-2023 05:46:29] Process Exited: Process Name - conhost.exe Process ID - 420 [12-07-2023 05:46:29] Process Exited: Process Name - w3wp.exe Process ID - 11688 Web application pool name - adminmain.acwits.in(domain)(4.0)(pool) [12-07-2023 05:48:07] Process Exited: Process Name - conhost.exe Process ID - 11172 [12-07-2023 05:48:08] Process Exited: Process Name - w3wp.exe Process ID - 7676 Web application pool name - imarc.acwits.in(domain)(4.0)(pool) [12-07-2023 05:48:24] Process Exited: Process Name - conhost.exe Process ID - 9252 [12-07-2023 05:48:25] Process Exited: Process Name - w3wp.exe Process ID - 10448 Web application pool name - kdbps.edu.in [12-07-2023 05:48:54] New process found: Process Name - w3wp.exe Process ID - 14628 Process Identity - KSHITIJSINGHAL-\IWPD_6(cies) Web application pool name - cies.org.in(domain)(4.0)(pool) [12-07-2023 05:48:54] New process found: Process Name - WmiPrvSE.exe Process ID - 11680 Process Identity - NT AUTHORITY\LOCAL SERVICE [12-07-2023 05:49:01] New process found: Process Name - WmiPrvSE.exe Process ID - 9336 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 05:49:36] New process found: Process Name - w3wp.exe Process ID - 9084 Process Identity - KSHITIJSINGHAL-\IWPD_33(acwits) Web application pool name - procurementwebnew.acwits.in(domain)(4.0)(pool) [12-07-2023 05:49:36] New process found: Process Name - conhost.exe Process ID - 11072 Process Identity - KSHITIJSINGHAL-\IWPD_33(acwits) [12-07-2023 05:49:43] New process found: Process Name - w3wp.exe Process ID - 1556 Process Identity - KSHITIJSINGHAL-\IWPD_12(acwits) Web application pool name - procurementnew.acwits.in(domain)(4.0)(pool) [12-07-2023 05:49:43] New process found: Process Name - conhost.exe Process ID - 15828 Process Identity - KSHITIJSINGHAL-\IWPD_12(acwits) [12-07-2023 05:50:24] Process Exited: Process Name - WmiPrvSE.exe Process ID - 9336 [12-07-2023 05:50:24] Process Exited: Process Name - WmiPrvSE.exe Process ID - 11680 [12-07-2023 05:50:25] New process found: Process Name - w3wp.exe Process ID - 2480 Process Identity - IIS APPPOOL\kdbps.edu.in Web application pool name - kdbps.edu.in [12-07-2023 05:50:25] New process found: Process Name - where.exe Process ID - 4176 Process Identity - IIS APPPOOL\kdbps.edu.in [12-07-2023 05:50:25] New process found: Process Name - conhost.exe Process ID - 7292 Process Identity - IIS APPPOOL\kdbps.edu.in [12-07-2023 05:50:26] New process found: Process Name - conhost.exe Process ID - 9116 Process Identity - IIS APPPOOL\kdbps.edu.in [12-07-2023 05:50:26] Process Exited: Process Name - where.exe Process ID - 4176 [12-07-2023 05:50:26] Process Exited: Process Name - conhost.exe Process ID - 7292 [12-07-2023 05:50:31] New process found: Process Name - w3wp.exe Process ID - 8888 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 05:50:31] Process Exited: Process Name - w3wp.exe Process ID - 15644 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 05:51:23] Process Exited: Process Name - conhost.exe Process ID - 6228 [12-07-2023 05:51:23] Process Exited: Process Name - w3wp.exe Process ID - 6748 Web application pool name - suryaflame.com(domain)(4.0)(pool) [12-07-2023 05:52:01] New process found: Process Name - cmd.exe Process ID - 6664 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 05:52:01] New process found: Process Name - conhost.exe Process ID - 12696 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 05:52:01] New process found: Process Name - runtask.exe Process ID - 11892 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 05:52:01] New process found: Process Name - php.exe Process ID - 12484 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 05:52:01] New process found: Process Name - conhost.exe Process ID - 15324 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 05:52:02] Process Exited: Process Name - cmd.exe Process ID - 6664 [12-07-2023 05:52:02] Process Exited: Process Name - runtask.exe Process ID - 11892 [12-07-2023 05:52:02] Process Exited: Process Name - php.exe Process ID - 12484 [12-07-2023 05:52:02] Process Exited: Process Name - conhost.exe Process ID - 12696 [12-07-2023 05:52:02] Process Exited: Process Name - conhost.exe Process ID - 15324 [12-07-2023 05:53:38] New process found: Process Name - w3wp.exe Process ID - 12352 Process Identity - IIS APPPOOL\DefaultAppPool Web application pool name - DefaultAppPool [12-07-2023 05:53:46] New process found: Process Name - w3wp.exe Process ID - 7752 Process Identity - KSHITIJSINGHAL-\IWPD_74(suryafla_aw) Web application pool name - suryaflame.com(domain)(4.0)(pool) [12-07-2023 05:54:56] Process Exited: Process Name - w3wp.exe Process ID - 14628 Web application pool name - cies.org.in(domain)(4.0)(pool) [12-07-2023 05:55:33] New process found: Process Name - w3wp.exe Process ID - 11380 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 05:55:33] Process Exited: Process Name - w3wp.exe Process ID - 8888 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 05:55:39] Process Exited: Process Name - w3wp.exe Process ID - 9084 Web application pool name - procurementwebnew.acwits.in(domain)(4.0)(pool) [12-07-2023 05:55:39] Process Exited: Process Name - conhost.exe Process ID - 11072 [12-07-2023 05:56:34] New process found: Process Name - w3wp.exe Process ID - 9372 Process Identity - KSHITIJSINGHAL-\IWPD_33(acwits) Web application pool name - procurementwebnew.acwits.in(domain)(4.0)(pool) [12-07-2023 05:56:34] New process found: Process Name - conhost.exe Process ID - 6272 Process Identity - KSHITIJSINGHAL-\IWPD_33(acwits) [12-07-2023 05:56:42] New process found: Process Name - w3wp.exe Process ID - 4864 Process Identity - IIS APPPOOL\galaxytools.in Web application pool name - galaxytools.in [12-07-2023 05:56:44] Process Exited: Process Name - w3wp.exe Process ID - 1556 Web application pool name - procurementnew.acwits.in(domain)(4.0)(pool) [12-07-2023 05:56:44] Process Exited: Process Name - conhost.exe Process ID - 15828 [12-07-2023 05:57:24] New process found: Process Name - w3wp.exe Process ID - 1212 Process Identity - KSHITIJSINGHAL-\IWPD_6(cies) Web application pool name - cies.org.in(domain)(4.0)(pool) [12-07-2023 05:58:18] New process found: Process Name - w3wp.exe Process ID - 4852 Process Identity - KSHITIJSINGHAL-\IME_ADMIN Web application pool name - MailEnableAppPool [12-07-2023 05:58:54] New process found: Process Name - WmiPrvSE.exe Process ID - 15628 Process Identity - NT AUTHORITY\LOCAL SERVICE [12-07-2023 05:59:01] New process found: Process Name - WmiPrvSE.exe Process ID - 9024 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 05:59:48] Process Exited: Process Name - w3wp.exe Process ID - 7752 Web application pool name - suryaflame.com(domain)(4.0)(pool) [12-07-2023 06:00:25] Process Exited: Process Name - WmiPrvSE.exe Process ID - 9024 [12-07-2023 06:00:25] Process Exited: Process Name - WmiPrvSE.exe Process ID - 15628 [12-07-2023 06:00:34] New process found: Process Name - w3wp.exe Process ID - 13684 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 06:00:34] Process Exited: Process Name - w3wp.exe Process ID - 11380 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 06:00:57] New process found: Process Name - w3wp.exe Process ID - 10992 Process Identity - KSHITIJSINGHAL-\IWPD_38(capitalbook) Web application pool name - capitalbooks-publishing.com(domain)(4.0)(pool) [12-07-2023 06:01:38] New process found: Process Name - wermgr.exe Process ID - 4756 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 06:01:39] Process Exited: Process Name - wermgr.exe Process ID - 4756 [12-07-2023 06:02:36] Process Exited: Process Name - conhost.exe Process ID - 6272 [12-07-2023 06:02:36] Process Exited: Process Name - w3wp.exe Process ID - 9372 Web application pool name - procurementwebnew.acwits.in(domain)(4.0)(pool) [12-07-2023 06:03:26] Process Exited: Process Name - w3wp.exe Process ID - 1212 Web application pool name - cies.org.in(domain)(4.0)(pool) [12-07-2023 06:03:40] New process found: Process Name - w3wp.exe Process ID - 11684 Process Identity - IIS APPPOOL\PleskControlPanel Web application pool name - PleskControlPanel [12-07-2023 06:03:40] New process found: Process Name - php-cgi.exe Process ID - 14820 Process Identity - IIS APPPOOL\PleskControlPanel [12-07-2023 06:03:41] New process found: Process Name - w3wp.exe Process ID - 16108 Process Identity - IIS APPPOOL\adminportal.galaxytools.in Web application pool name - adminportal.galaxytools.in [12-07-2023 06:04:21] Process Exited: Process Name - w3wp.exe Process ID - 4852 Web application pool name - MailEnableAppPool [12-07-2023 06:04:45] Process Exited: Process Name - w3wp.exe Process ID - 4864 Web application pool name - galaxytools.in [12-07-2023 06:05:01] New process found: Process Name - cmd.exe Process ID - 13412 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 06:05:01] New process found: Process Name - conhost.exe Process ID - 8472 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 06:05:01] New process found: Process Name - runtask.exe Process ID - 14228 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 06:05:01] New process found: Process Name - php.exe Process ID - 8748 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 06:05:01] New process found: Process Name - conhost.exe Process ID - 7944 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 06:05:03] Process Exited: Process Name - conhost.exe Process ID - 7944 [12-07-2023 06:05:03] Process Exited: Process Name - conhost.exe Process ID - 8472 [12-07-2023 06:05:03] Process Exited: Process Name - php.exe Process ID - 8748 [12-07-2023 06:05:03] Process Exited: Process Name - cmd.exe Process ID - 13412 [12-07-2023 06:05:03] Process Exited: Process Name - runtask.exe Process ID - 14228 [12-07-2023 06:05:35] New process found: Process Name - w3wp.exe Process ID - 10308 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 06:05:35] Process Exited: Process Name - w3wp.exe Process ID - 13684 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 06:06:03] New process found: Process Name - GoogleUpdate.exe Process ID - 7836 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 06:06:04] Process Exited: Process Name - GoogleUpdate.exe Process ID - 7836 [12-07-2023 06:06:32] New process found: Process Name - w3wp.exe Process ID - 16312 Process Identity - IIS APPPOOL\galaxytools.in Web application pool name - galaxytools.in [12-07-2023 06:06:59] Process Exited: Process Name - w3wp.exe Process ID - 10992 Web application pool name - capitalbooks-publishing.com(domain)(4.0)(pool) [12-07-2023 06:07:25] New process found: Process Name - w3wp.exe Process ID - 13672 Process Identity - KSHITIJSINGHAL-\IWPD_76(organicdisr) Web application pool name - organicdisruption.org(domain)(4.0)(pool) [12-07-2023 06:07:25] New process found: Process Name - conhost.exe Process ID - 2764 Process Identity - KSHITIJSINGHAL-\IWPD_76(organicdisr) [12-07-2023 06:07:49] New process found: Process Name - w3wp.exe Process ID - 6624 Process Identity - KSHITIJSINGHAL-\IWPD_6(cies) Web application pool name - cies.org.in(domain)(4.0)(pool) [12-07-2023 06:08:29] New process found: Process Name - w3wp.exe Process ID - 5644 Process Identity - KSHITIJSINGHAL-\IWPD_73(acwits) Web application pool name - syndicated.acwits.in(domain)(4.0)(pool) [12-07-2023 06:08:29] New process found: Process Name - conhost.exe Process ID - 13944 Process Identity - KSHITIJSINGHAL-\IWPD_73(acwits) [12-07-2023 06:08:55] New process found: Process Name - WmiPrvSE.exe Process ID - 11808 Process Identity - NT AUTHORITY\LOCAL SERVICE [12-07-2023 06:09:02] New process found: Process Name - WmiPrvSE.exe Process ID - 14400 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 06:09:42] New process found: Process Name - w3wp.exe Process ID - 13984 Process Identity - KSHITIJSINGHAL-\IWPD_56(acwits) Web application pool name - cameraonrent.acwits.in(domain)(4.0)(pool) [12-07-2023 06:09:43] Process Exited: Process Name - w3wp.exe Process ID - 16108 Web application pool name - adminportal.galaxytools.in [12-07-2023 06:10:25] Process Exited: Process Name - WmiPrvSE.exe Process ID - 11808 [12-07-2023 06:10:25] Process Exited: Process Name - WmiPrvSE.exe Process ID - 14400 [12-07-2023 06:10:37] New process found: Process Name - w3wp.exe Process ID - 656 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 06:10:37] Process Exited: Process Name - w3wp.exe Process ID - 10308 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 06:12:11] New process found: Process Name - w3wp.exe Process ID - 14380 Process Identity - KSHITIJSINGHAL-\IWPD_13(perfectbrea) Web application pool name - perfectbread.com(domain)(4.0)(pool) [12-07-2023 06:12:11] New process found: Process Name - conhost.exe Process ID - 5576 Process Identity - KSHITIJSINGHAL-\IWPD_13(perfectbrea) [12-07-2023 06:12:35] Process Exited: Process Name - w3wp.exe Process ID - 16312 Web application pool name - galaxytools.in [12-07-2023 06:13:27] Process Exited: Process Name - conhost.exe Process ID - 2764 [12-07-2023 06:13:27] Process Exited: Process Name - w3wp.exe Process ID - 13672 Web application pool name - organicdisruption.org(domain)(4.0)(pool) [12-07-2023 06:14:15] New process found: Process Name - w3wp.exe Process ID - 8256 Process Identity - IIS APPPOOL\galaxytools.in Web application pool name - galaxytools.in [12-07-2023 06:14:30] Process Exited: Process Name - w3wp.exe Process ID - 5644 Web application pool name - syndicated.acwits.in(domain)(4.0)(pool) [12-07-2023 06:14:30] Process Exited: Process Name - conhost.exe Process ID - 13944 [12-07-2023 06:14:40] Process Exited: Process Name - w3wp.exe Process ID - 12352 Web application pool name - DefaultAppPool [12-07-2023 06:15:37] New process found: Process Name - w3wp.exe Process ID - 16296 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 06:15:37] Process Exited: Process Name - w3wp.exe Process ID - 656 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 06:15:43] Process Exited: Process Name - w3wp.exe Process ID - 13984 Web application pool name - cameraonrent.acwits.in(domain)(4.0)(pool) [12-07-2023 06:16:36] New process found: Process Name - w3wp.exe Process ID - 5080 Process Identity - KSHITIJSINGHAL-\IWPD_38(capitalbook) Web application pool name - capitalbooks-publishing.com(domain)(4.0)(pool) [12-07-2023 06:18:13] Process Exited: Process Name - conhost.exe Process ID - 5576 [12-07-2023 06:18:13] Process Exited: Process Name - w3wp.exe Process ID - 14380 Web application pool name - perfectbread.com(domain)(4.0)(pool) [12-07-2023 06:18:52] Process Exited: Process Name - w3wp.exe Process ID - 6624 Web application pool name - cies.org.in(domain)(4.0)(pool) [12-07-2023 06:18:53] New process found: Process Name - w3wp.exe Process ID - 3496 Process Identity - KSHITIJSINGHAL-\IWPD_79(medblink) Web application pool name - adminportal.medblinkit.com(domain)(4.0)(pool) [12-07-2023 06:18:53] New process found: Process Name - where.exe Process ID - 9568 Process Identity - KSHITIJSINGHAL-\IWPD_79(medblink) [12-07-2023 06:18:53] New process found: Process Name - conhost.exe Process ID - 11100 Process Identity - KSHITIJSINGHAL-\IWPD_79(medblink) [12-07-2023 06:18:54] New process found: Process Name - conhost.exe Process ID - 7144 Process Identity - KSHITIJSINGHAL-\IWPD_79(medblink) [12-07-2023 06:18:54] Process Exited: Process Name - where.exe Process ID - 9568 [12-07-2023 06:18:54] Process Exited: Process Name - conhost.exe Process ID - 11100 [12-07-2023 06:18:55] New process found: Process Name - WmiPrvSE.exe Process ID - 15256 Process Identity - NT AUTHORITY\LOCAL SERVICE [12-07-2023 06:19:01] New process found: Process Name - WmiPrvSE.exe Process ID - 15936 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 06:19:29] New process found: Process Name - w3wp.exe Process ID - 8980 Process Identity - KSHITIJSINGHAL-\IWPD_75(acwits) Web application pool name - organicdisruption.acwits.in(domain)(4.0)(pool) [12-07-2023 06:19:29] New process found: Process Name - where.exe Process ID - 6932 Process Identity - KSHITIJSINGHAL-\IWPD_75(acwits) [12-07-2023 06:19:29] New process found: Process Name - conhost.exe Process ID - 16172 Process Identity - KSHITIJSINGHAL-\IWPD_75(acwits) [12-07-2023 06:19:30] New process found: Process Name - conhost.exe Process ID - 11316 Process Identity - KSHITIJSINGHAL-\IWPD_75(acwits) [12-07-2023 06:19:30] Process Exited: Process Name - where.exe Process ID - 6932 [12-07-2023 06:19:30] Process Exited: Process Name - conhost.exe Process ID - 16172 [12-07-2023 06:20:17] Process Exited: Process Name - w3wp.exe Process ID - 8256 Web application pool name - galaxytools.in [12-07-2023 06:20:24] Process Exited: Process Name - WmiPrvSE.exe Process ID - 15256 [12-07-2023 06:20:24] Process Exited: Process Name - WmiPrvSE.exe Process ID - 15936 [12-07-2023 06:20:39] New process found: Process Name - w3wp.exe Process ID - 15136 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 06:20:39] Process Exited: Process Name - w3wp.exe Process ID - 16296 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 06:21:31] New process found: Process Name - w3wp.exe Process ID - 4416 Process Identity - KSHITIJSINGHAL-\IWPD_13(perfectbrea) Web application pool name - perfectbread.com(domain)(4.0)(pool) [12-07-2023 06:21:33] New process found: Process Name - conhost.exe Process ID - 11044 Process Identity - KSHITIJSINGHAL-\IWPD_13(perfectbrea) [12-07-2023 06:21:58] New process found: Process Name - w3wp.exe Process ID - 5740 Process Identity - IIS APPPOOL\galaxytools.in Web application pool name - galaxytools.in [12-07-2023 06:22:37] Process Exited: Process Name - w3wp.exe Process ID - 5080 Web application pool name - capitalbooks-publishing.com(domain)(4.0)(pool) [12-07-2023 06:24:10] New process found: Process Name - w3wp.exe Process ID - 2276 Process Identity - KSHITIJSINGHAL-\IWPD_33(acwits) Web application pool name - procurementwebnew.acwits.in(domain)(4.0)(pool) [12-07-2023 06:24:10] New process found: Process Name - conhost.exe Process ID - 11476 Process Identity - KSHITIJSINGHAL-\IWPD_33(acwits) [12-07-2023 06:24:34] New process found: Process Name - w3wp.exe Process ID - 15996 Process Identity - KSHITIJSINGHAL-\IWPD_74(suryafla_aw) Web application pool name - suryaflame.com(domain)(4.0)(pool) [12-07-2023 06:24:56] Process Exited: Process Name - w3wp.exe Process ID - 3496 Web application pool name - adminportal.medblinkit.com(domain)(4.0)(pool) [12-07-2023 06:24:56] Process Exited: Process Name - conhost.exe Process ID - 7144 [12-07-2023 06:25:01] New process found: Process Name - cmd.exe Process ID - 1480 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 06:25:01] New process found: Process Name - conhost.exe Process ID - 988 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 06:25:01] New process found: Process Name - runtask.exe Process ID - 3996 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 06:25:01] New process found: Process Name - php.exe Process ID - 4084 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 06:25:01] New process found: Process Name - conhost.exe Process ID - 6224 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 06:25:05] Process Exited: Process Name - conhost.exe Process ID - 988 [12-07-2023 06:25:05] Process Exited: Process Name - cmd.exe Process ID - 1480 [12-07-2023 06:25:05] Process Exited: Process Name - runtask.exe Process ID - 3996 [12-07-2023 06:25:05] Process Exited: Process Name - php.exe Process ID - 4084 [12-07-2023 06:25:05] Process Exited: Process Name - conhost.exe Process ID - 6224 [12-07-2023 06:25:25] New process found: Process Name - w3wp.exe Process ID - 5800 Process Identity - KSHITIJSINGHAL-\IWPD_7(cies) Web application pool name - adminportal.cies.org.in(domain)(4.0)(pool) [12-07-2023 06:25:31] New process found: Process Name - w3wp.exe Process ID - 6220 Process Identity - KSHITIJSINGHAL-\IWPD_69(acwits) Web application pool name - imarc.acwits.in(domain)(4.0)(pool) [12-07-2023 06:25:31] Process Exited: Process Name - w3wp.exe Process ID - 8980 Web application pool name - organicdisruption.acwits.in(domain)(4.0)(pool) [12-07-2023 06:25:31] Process Exited: Process Name - conhost.exe Process ID - 11316 [12-07-2023 06:25:38] New process found: Process Name - w3wp.exe Process ID - 7736 Process Identity - KSHITIJSINGHAL-\IWPD_6(cies) Web application pool name - cies.org.in(domain)(4.0)(pool) [12-07-2023 06:25:40] New process found: Process Name - w3wp.exe Process ID - 15472 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 06:25:40] Process Exited: Process Name - w3wp.exe Process ID - 15136 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 06:27:34] Process Exited: Process Name - w3wp.exe Process ID - 4416 Web application pool name - perfectbread.com(domain)(4.0)(pool) [12-07-2023 06:27:34] Process Exited: Process Name - conhost.exe Process ID - 11044 [12-07-2023 06:28:54] New process found: Process Name - WmiPrvSE.exe Process ID - 3828 Process Identity - NT AUTHORITY\LOCAL SERVICE [12-07-2023 06:29:01] New process found: Process Name - w3wp.exe Process ID - 92 Process Identity - KSHITIJSINGHAL-\IWPD_13(perfectbrea) Web application pool name - perfectbread.com(domain)(4.0)(pool) [12-07-2023 06:29:01] New process found: Process Name - WmiPrvSE.exe Process ID - 3136 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 06:29:01] Process Exited: Process Name - w3wp.exe Process ID - 5740 Web application pool name - galaxytools.in [12-07-2023 06:29:02] New process found: Process Name - conhost.exe Process ID - 9576 Process Identity - KSHITIJSINGHAL-\IWPD_13(perfectbrea) [12-07-2023 06:29:03] New process found: Process Name - conhost.exe Process ID - 1484 Process Identity - KSHITIJSINGHAL-\IWPD_74(suryafla_aw) [12-07-2023 06:30:24] Process Exited: Process Name - WmiPrvSE.exe Process ID - 3136 [12-07-2023 06:30:24] Process Exited: Process Name - WmiPrvSE.exe Process ID - 3828 [12-07-2023 06:30:41] New process found: Process Name - w3wp.exe Process ID - 4944 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 06:30:41] Process Exited: Process Name - w3wp.exe Process ID - 15472 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 06:30:58] New process found: Process Name - w3wp.exe Process ID - 732 Process Identity - KSHITIJSINGHAL-\IWPD_38(capitalbook) Web application pool name - capitalbooks-publishing.com(domain)(4.0)(pool) [12-07-2023 06:31:26] Process Exited: Process Name - w3wp.exe Process ID - 5800 Web application pool name - adminportal.cies.org.in(domain)(4.0)(pool) [12-07-2023 06:31:33] Process Exited: Process Name - w3wp.exe Process ID - 6220 Web application pool name - imarc.acwits.in(domain)(4.0)(pool) [12-07-2023 06:31:39] Process Exited: Process Name - w3wp.exe Process ID - 7736 Web application pool name - cies.org.in(domain)(4.0)(pool) [12-07-2023 06:31:52] New process found: Process Name - w3wp.exe Process ID - 7756 Process Identity - KSHITIJSINGHAL-\IWPD_6(cies) Web application pool name - cies.org.in(domain)(4.0)(pool) [12-07-2023 06:32:37] New process found: Process Name - InstallAgent.exe Process ID - 680 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 06:32:42] Process Exited: Process Name - InstallAgent.exe Process ID - 680 [12-07-2023 06:33:13] Process Exited: Process Name - w3wp.exe Process ID - 2276 Web application pool name - procurementwebnew.acwits.in(domain)(4.0)(pool) [12-07-2023 06:33:13] Process Exited: Process Name - conhost.exe Process ID - 11476 [12-07-2023 06:33:35] New process found: Process Name - w3wp.exe Process ID - 16276 Process Identity - IIS APPPOOL\galaxytools.in Web application pool name - galaxytools.in [12-07-2023 06:34:31] New process found: Process Name - w3wp.exe Process ID - 14984 Process Identity - KSHITIJSINGHAL-\IWPD_33(acwits) Web application pool name - procurementwebnew.acwits.in(domain)(4.0)(pool) [12-07-2023 06:34:32] New process found: Process Name - conhost.exe Process ID - 10760 Process Identity - KSHITIJSINGHAL-\IWPD_33(acwits) [12-07-2023 06:34:57] New process found: Process Name - WmiPrvSE.exe Process ID - 9768 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 06:35:42] New process found: Process Name - w3wp.exe Process ID - 4924 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 06:35:42] Process Exited: Process Name - w3wp.exe Process ID - 4944 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 06:36:26] Process Exited: Process Name - WmiPrvSE.exe Process ID - 9768 [12-07-2023 06:37:00] Process Exited: Process Name - w3wp.exe Process ID - 732 Web application pool name - capitalbooks-publishing.com(domain)(4.0)(pool) [12-07-2023 06:37:37] New process found: Process Name - w3wp.exe Process ID - 11480 Process Identity - KSHITIJSINGHAL-\IWPD_38(capitalbook) Web application pool name - capitalbooks-publishing.com(domain)(4.0)(pool) [12-07-2023 06:38:54] New process found: Process Name - WmiPrvSE.exe Process ID - 9252 Process Identity - NT AUTHORITY\LOCAL SERVICE [12-07-2023 06:39:00] New process found: Process Name - cmd.exe Process ID - 10912 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 06:39:00] New process found: Process Name - conhost.exe Process ID - 1084 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 06:39:00] New process found: Process Name - runtask.exe Process ID - 16208 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 06:39:00] New process found: Process Name - php.exe Process ID - 16084 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 06:39:00] New process found: Process Name - conhost.exe Process ID - 9432 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 06:39:01] New process found: Process Name - WmiPrvSE.exe Process ID - 15092 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 06:39:01] New process found: Process Name - cmd.exe Process ID - 9808 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 06:39:01] New process found: Process Name - php.exe Process ID - 10044 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 06:39:02] New process found: Process Name - cmd.exe Process ID - 14712 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 06:39:02] New process found: Process Name - php.exe Process ID - 14120 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 06:39:02] Process Exited: Process Name - cmd.exe Process ID - 9808 [12-07-2023 06:39:02] Process Exited: Process Name - php.exe Process ID - 10044 [12-07-2023 06:39:03] Process Exited: Process Name - conhost.exe Process ID - 1084 [12-07-2023 06:39:03] Process Exited: Process Name - conhost.exe Process ID - 9432 [12-07-2023 06:39:03] Process Exited: Process Name - cmd.exe Process ID - 10912 [12-07-2023 06:39:03] Process Exited: Process Name - php.exe Process ID - 14120 [12-07-2023 06:39:03] Process Exited: Process Name - cmd.exe Process ID - 14712 [12-07-2023 06:39:03] Process Exited: Process Name - php.exe Process ID - 16084 [12-07-2023 06:39:03] Process Exited: Process Name - runtask.exe Process ID - 16208 [12-07-2023 06:39:38] Process Exited: Process Name - w3wp.exe Process ID - 16276 Web application pool name - galaxytools.in [12-07-2023 06:40:05] New process found: Process Name - w3wp.exe Process ID - 5572 Process Identity - IIS APPPOOL\galaxytools.in Web application pool name - galaxytools.in [12-07-2023 06:40:25] Process Exited: Process Name - WmiPrvSE.exe Process ID - 9252 [12-07-2023 06:40:25] Process Exited: Process Name - WmiPrvSE.exe Process ID - 15092 [12-07-2023 06:40:44] New process found: Process Name - w3wp.exe Process ID - 14724 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 06:40:44] Process Exited: Process Name - w3wp.exe Process ID - 4924 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 06:41:28] New process found: Process Name - w3wp.exe Process ID - 9860 Process Identity - IIS APPPOOL\DefaultAppPool Web application pool name - DefaultAppPool [12-07-2023 06:43:33] Process Exited: Process Name - conhost.exe Process ID - 10760 [12-07-2023 06:43:33] Process Exited: Process Name - w3wp.exe Process ID - 14984 Web application pool name - procurementwebnew.acwits.in(domain)(4.0)(pool) [12-07-2023 06:43:39] Process Exited: Process Name - w3wp.exe Process ID - 11480 Web application pool name - capitalbooks-publishing.com(domain)(4.0)(pool) [12-07-2023 06:43:41] Process Exited: Process Name - php-cgi.exe Process ID - 14820 [12-07-2023 06:43:42] Process Exited: Process Name - w3wp.exe Process ID - 11684 Web application pool name - PleskControlPanel [12-07-2023 06:45:45] New process found: Process Name - w3wp.exe Process ID - 13756 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 06:45:45] Process Exited: Process Name - w3wp.exe Process ID - 14724 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 06:46:00] New process found: Process Name - cmd.exe Process ID - 12476 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 06:46:00] New process found: Process Name - conhost.exe Process ID - 11148 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 06:46:00] New process found: Process Name - runtask.exe Process ID - 10628 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 06:46:00] New process found: Process Name - php.exe Process ID - 13572 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 06:46:00] New process found: Process Name - conhost.exe Process ID - 12332 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 06:46:01] Process Exited: Process Name - runtask.exe Process ID - 10628 [12-07-2023 06:46:01] Process Exited: Process Name - conhost.exe Process ID - 11148 [12-07-2023 06:46:01] Process Exited: Process Name - conhost.exe Process ID - 12332 [12-07-2023 06:46:01] Process Exited: Process Name - cmd.exe Process ID - 12476 [12-07-2023 06:46:01] Process Exited: Process Name - php.exe Process ID - 13572 [12-07-2023 06:46:06] Process Exited: Process Name - w3wp.exe Process ID - 5572 Web application pool name - galaxytools.in [12-07-2023 06:47:28] Process Exited: Process Name - w3wp.exe Process ID - 2480 Web application pool name - kdbps.edu.in [12-07-2023 06:47:28] Process Exited: Process Name - conhost.exe Process ID - 9116 [12-07-2023 06:47:30] Process Exited: Process Name - w3wp.exe Process ID - 9860 Web application pool name - DefaultAppPool [12-07-2023 06:48:05] New process found: Process Name - w3wp.exe Process ID - 10548 Process Identity - IIS APPPOOL\PleskControlPanel Web application pool name - PleskControlPanel [12-07-2023 06:48:05] New process found: Process Name - php-cgi.exe Process ID - 13908 Process Identity - IIS APPPOOL\PleskControlPanel [12-07-2023 06:48:36] Process Exited: Process Name - conhost.exe Process ID - 1484 [12-07-2023 06:48:36] Process Exited: Process Name - w3wp.exe Process ID - 15996 Web application pool name - suryaflame.com(domain)(4.0)(pool) [12-07-2023 06:48:55] New process found: Process Name - WmiPrvSE.exe Process ID - 6992 Process Identity - NT AUTHORITY\LOCAL SERVICE [12-07-2023 06:49:02] New process found: Process Name - WmiPrvSE.exe Process ID - 12388 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 06:50:24] Process Exited: Process Name - WmiPrvSE.exe Process ID - 6992 [12-07-2023 06:50:24] Process Exited: Process Name - WmiPrvSE.exe Process ID - 12388 [12-07-2023 06:50:46] New process found: Process Name - w3wp.exe Process ID - 16052 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 06:50:46] Process Exited: Process Name - w3wp.exe Process ID - 13756 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 06:50:59] New process found: Process Name - w3wp.exe Process ID - 13752 Process Identity - IIS APPPOOL\kdbps.edu.in Web application pool name - kdbps.edu.in [12-07-2023 06:51:08] New process found: Process Name - conhost.exe Process ID - 10744 Process Identity - IIS APPPOOL\kdbps.edu.in [12-07-2023 06:51:54] Process Exited: Process Name - w3wp.exe Process ID - 7756 Web application pool name - cies.org.in(domain)(4.0)(pool) [12-07-2023 06:54:53] New process found: Process Name - w3wp.exe Process ID - 10712 Process Identity - KSHITIJSINGHAL-\IWPD_33(acwits) Web application pool name - procurementwebnew.acwits.in(domain)(4.0)(pool) [12-07-2023 06:54:53] New process found: Process Name - conhost.exe Process ID - 11120 Process Identity - KSHITIJSINGHAL-\IWPD_33(acwits) [12-07-2023 06:55:48] New process found: Process Name - w3wp.exe Process ID - 14824 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 06:55:48] Process Exited: Process Name - w3wp.exe Process ID - 16052 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 06:56:00] New process found: Process Name - w3wp.exe Process ID - 14920 Process Identity - KSHITIJSINGHAL-\IWPD_74(suryafla_aw) Web application pool name - suryaflame.com(domain)(4.0)(pool) [12-07-2023 06:56:23] New process found: Process Name - conhost.exe Process ID - 16376 Process Identity - KSHITIJSINGHAL-\IWPD_74(suryafla_aw) [12-07-2023 06:57:03] Process Exited: Process Name - w3wp.exe Process ID - 92 Web application pool name - perfectbread.com(domain)(4.0)(pool) [12-07-2023 06:57:03] Process Exited: Process Name - conhost.exe Process ID - 9576 [12-07-2023 06:58:19] New process found: Process Name - w3wp.exe Process ID - 14676 Process Identity - KSHITIJSINGHAL-\IWPD_6(cies) Web application pool name - cies.org.in(domain)(4.0)(pool) [12-07-2023 06:58:26] New process found: Process Name - w3wp.exe Process ID - 4800 Process Identity - IIS APPPOOL\galaxytools.in Web application pool name - galaxytools.in [12-07-2023 06:58:51] New process found: Process Name - w3wp.exe Process ID - 6228 Process Identity - IIS APPPOOL\DefaultAppPool Web application pool name - DefaultAppPool [12-07-2023 06:58:54] New process found: Process Name - WmiPrvSE.exe Process ID - 13972 Process Identity - NT AUTHORITY\LOCAL SERVICE [12-07-2023 06:59:01] New process found: Process Name - WmiPrvSE.exe Process ID - 4852 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 07:00:24] Process Exited: Process Name - WmiPrvSE.exe Process ID - 4852 [12-07-2023 07:00:24] Process Exited: Process Name - WmiPrvSE.exe Process ID - 13972 [12-07-2023 07:00:53] Process Exited: Process Name - w3wp.exe Process ID - 10712 Web application pool name - procurementwebnew.acwits.in(domain)(4.0)(pool) [12-07-2023 07:00:53] Process Exited: Process Name - conhost.exe Process ID - 11120 [12-07-2023 07:00:56] New process found: Process Name - w3wp.exe Process ID - 10096 Process Identity - KSHITIJSINGHAL-\IWPD_38(capitalbook) Web application pool name - capitalbooks-publishing.com(domain)(4.0)(pool) [12-07-2023 07:02:34] New process found: Process Name - SearchProtocolHost.exe Process ID - 10000 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 07:02:34] New process found: Process Name - SearchFilterHost.exe Process ID - 1460 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 07:03:52] New process found: Process Name - w3wp.exe Process ID - 14004 Process Identity - KSHITIJSINGHAL-\IWPD_80(acwits) Web application pool name - pharmacy.acwits.in(domain)(4.0)(pool) [12-07-2023 07:03:52] New process found: Process Name - conhost.exe Process ID - 5680 Process Identity - KSHITIJSINGHAL-\IWPD_80(acwits) [12-07-2023 07:04:01] Process Exited: Process Name - conhost.exe Process ID - 10744 [12-07-2023 07:04:01] Process Exited: Process Name - w3wp.exe Process ID - 13752 Web application pool name - kdbps.edu.in [12-07-2023 07:04:04] New process found: Process Name - w3wp.exe Process ID - 2636 Process Identity - IIS APPPOOL\kdbps.edu.in Web application pool name - kdbps.edu.in [12-07-2023 07:04:22] Process Exited: Process Name - w3wp.exe Process ID - 14676 Web application pool name - cies.org.in(domain)(4.0)(pool) [12-07-2023 07:04:47] Process Exited: Process Name - SearchFilterHost.exe Process ID - 1460 [12-07-2023 07:04:47] Process Exited: Process Name - SearchProtocolHost.exe Process ID - 10000 [12-07-2023 07:04:50] New process found: Process Name - w3wp.exe Process ID - 14772 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 07:04:50] Process Exited: Process Name - w3wp.exe Process ID - 14824 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 07:04:53] Process Exited: Process Name - w3wp.exe Process ID - 6228 Web application pool name - DefaultAppPool [12-07-2023 07:05:01] New process found: Process Name - cmd.exe Process ID - 4768 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 07:05:01] New process found: Process Name - conhost.exe Process ID - 15408 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 07:05:01] New process found: Process Name - runtask.exe Process ID - 2704 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 07:05:01] New process found: Process Name - php.exe Process ID - 16348 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 07:05:01] New process found: Process Name - conhost.exe Process ID - 9960 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 07:05:07] Process Exited: Process Name - runtask.exe Process ID - 2704 [12-07-2023 07:05:07] Process Exited: Process Name - cmd.exe Process ID - 4768 [12-07-2023 07:05:07] Process Exited: Process Name - conhost.exe Process ID - 9960 [12-07-2023 07:05:07] Process Exited: Process Name - conhost.exe Process ID - 15408 [12-07-2023 07:05:07] Process Exited: Process Name - php.exe Process ID - 16348 [12-07-2023 07:05:21] New process found: Process Name - w3wp.exe Process ID - 11768 Process Identity - KSHITIJSINGHAL-\IWPD_13(perfectbrea) Web application pool name - perfectbread.com(domain)(4.0)(pool) [12-07-2023 07:05:23] New process found: Process Name - conhost.exe Process ID - 10188 Process Identity - KSHITIJSINGHAL-\IWPD_13(perfectbrea) [12-07-2023 07:05:44] New process found: Process Name - conhost.exe Process ID - 2388 Process Identity - IIS APPPOOL\kdbps.edu.in [12-07-2023 07:06:58] Process Exited: Process Name - w3wp.exe Process ID - 10096 Web application pool name - capitalbooks-publishing.com(domain)(4.0)(pool) [12-07-2023 07:07:49] New process found: Process Name - w3wp.exe Process ID - 10220 Process Identity - KSHITIJSINGHAL-\IWPD_79(medblink) Web application pool name - adminportal.medblinkit.com(domain)(4.0)(pool) [12-07-2023 07:07:50] New process found: Process Name - conhost.exe Process ID - 12492 Process Identity - KSHITIJSINGHAL-\IWPD_79(medblink) [12-07-2023 07:08:54] New process found: Process Name - WmiPrvSE.exe Process ID - 6376 Process Identity - NT AUTHORITY\LOCAL SERVICE [12-07-2023 07:09:01] New process found: Process Name - WmiPrvSE.exe Process ID - 6088 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 07:09:51] New process found: Process Name - w3wp.exe Process ID - 13360 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 07:09:51] Process Exited: Process Name - w3wp.exe Process ID - 14772 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 07:10:24] Process Exited: Process Name - WmiPrvSE.exe Process ID - 6088 [12-07-2023 07:10:24] Process Exited: Process Name - WmiPrvSE.exe Process ID - 6376 [12-07-2023 07:10:53] Process Exited: Process Name - conhost.exe Process ID - 5680 [12-07-2023 07:10:53] Process Exited: Process Name - w3wp.exe Process ID - 14004 Web application pool name - pharmacy.acwits.in(domain)(4.0)(pool) [12-07-2023 07:12:06] Process Exited: Process Name - conhost.exe Process ID - 2388 [12-07-2023 07:12:06] Process Exited: Process Name - w3wp.exe Process ID - 2636 Web application pool name - kdbps.edu.in [12-07-2023 07:12:28] Process Exited: Process Name - w3wp.exe Process ID - 4800 Web application pool name - galaxytools.in [12-07-2023 07:13:52] Process Exited: Process Name - w3wp.exe Process ID - 10220 Web application pool name - adminportal.medblinkit.com(domain)(4.0)(pool) [12-07-2023 07:13:52] Process Exited: Process Name - conhost.exe Process ID - 12492 [12-07-2023 07:13:58] New process found: Process Name - w3wp.exe Process ID - 32 Process Identity - IIS APPPOOL\kdbps.edu.in Web application pool name - kdbps.edu.in [12-07-2023 07:13:58] New process found: Process Name - w3wp.exe Process ID - 108 Process Identity - IIS APPPOOL\acme-challenge Web application pool name - acme-challenge [12-07-2023 07:14:52] New process found: Process Name - w3wp.exe Process ID - 16120 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 07:14:52] Process Exited: Process Name - w3wp.exe Process ID - 13360 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 07:15:00] New process found: Process Name - w3wp.exe Process ID - 9308 Process Identity - IIS APPPOOL\DefaultAppPool Web application pool name - DefaultAppPool [12-07-2023 07:15:02] Process Exited: Process Name - w3wp.exe Process ID - 14920 Web application pool name - suryaflame.com(domain)(4.0)(pool) [12-07-2023 07:15:02] Process Exited: Process Name - conhost.exe Process ID - 16376 [12-07-2023 07:16:12] New process found: Process Name - w3wp.exe Process ID - 14052 Process Identity - KSHITIJSINGHAL-\IWPD_6(cies) Web application pool name - cies.org.in(domain)(4.0)(pool) [12-07-2023 07:16:21] New process found: Process Name - w3wp.exe Process ID - 7416 Process Identity - KSHITIJSINGHAL-\IWPD_38(capitalbook) Web application pool name - capitalbooks-publishing.com(domain)(4.0)(pool) [12-07-2023 07:16:23] Process Exited: Process Name - conhost.exe Process ID - 10188 [12-07-2023 07:16:23] Process Exited: Process Name - w3wp.exe Process ID - 11768 Web application pool name - perfectbread.com(domain)(4.0)(pool) [12-07-2023 07:18:23] New process found: Process Name - w3wp.exe Process ID - 3760 Process Identity - KSHITIJSINGHAL-\IWPD_74(suryafla_aw) Web application pool name - suryaflame.com(domain)(4.0)(pool) [12-07-2023 07:18:24] New process found: Process Name - conhost.exe Process ID - 11100 Process Identity - KSHITIJSINGHAL-\IWPD_74(suryafla_aw) [12-07-2023 07:18:54] New process found: Process Name - WmiPrvSE.exe Process ID - 3460 Process Identity - NT AUTHORITY\LOCAL SERVICE [12-07-2023 07:19:01] New process found: Process Name - WmiPrvSE.exe Process ID - 15312 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 07:19:54] New process found: Process Name - w3wp.exe Process ID - 6932 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 07:19:54] Process Exited: Process Name - w3wp.exe Process ID - 16120 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 07:20:00] Process Exited: Process Name - w3wp.exe Process ID - 32 Web application pool name - kdbps.edu.in [12-07-2023 07:20:01] Process Exited: Process Name - w3wp.exe Process ID - 108 Web application pool name - acme-challenge [12-07-2023 07:20:25] Process Exited: Process Name - WmiPrvSE.exe Process ID - 3460 [12-07-2023 07:20:25] Process Exited: Process Name - WmiPrvSE.exe Process ID - 15312 [12-07-2023 07:22:49] New process found: Process Name - w3wp.exe Process ID - 13732 Process Identity - IIS APPPOOL\kdbps.edu.in Web application pool name - kdbps.edu.in [12-07-2023 07:22:57] New process found: Process Name - conhost.exe Process ID - 5176 Process Identity - IIS APPPOOL\kdbps.edu.in [12-07-2023 07:24:55] New process found: Process Name - w3wp.exe Process ID - 6504 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 07:24:55] Process Exited: Process Name - w3wp.exe Process ID - 6932 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 07:25:01] New process found: Process Name - cmd.exe Process ID - 13152 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 07:25:01] New process found: Process Name - conhost.exe Process ID - 2932 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 07:25:01] New process found: Process Name - runtask.exe Process ID - 13896 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 07:25:01] New process found: Process Name - php.exe Process ID - 15752 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 07:25:01] New process found: Process Name - conhost.exe Process ID - 10620 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 07:25:05] Process Exited: Process Name - conhost.exe Process ID - 2932 [12-07-2023 07:25:05] Process Exited: Process Name - conhost.exe Process ID - 10620 [12-07-2023 07:25:05] Process Exited: Process Name - cmd.exe Process ID - 13152 [12-07-2023 07:25:05] Process Exited: Process Name - runtask.exe Process ID - 13896 [12-07-2023 07:25:05] Process Exited: Process Name - php.exe Process ID - 15752 [12-07-2023 07:25:14] Process Exited: Process Name - w3wp.exe Process ID - 14052 Web application pool name - cies.org.in(domain)(4.0)(pool) [12-07-2023 07:25:24] Process Exited: Process Name - w3wp.exe Process ID - 7416 Web application pool name - capitalbooks-publishing.com(domain)(4.0)(pool) [12-07-2023 07:27:02] Process Exited: Process Name - w3wp.exe Process ID - 9308 Web application pool name - DefaultAppPool [12-07-2023 07:28:42] New process found: Process Name - w3wp.exe Process ID - 10996 Process Identity - KSHITIJSINGHAL-\IWPD_6(cies) Web application pool name - cies.org.in(domain)(4.0)(pool) [12-07-2023 07:28:55] New process found: Process Name - WmiPrvSE.exe Process ID - 7716 Process Identity - NT AUTHORITY\LOCAL SERVICE [12-07-2023 07:29:02] New process found: Process Name - WmiPrvSE.exe Process ID - 876 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 07:29:49] New process found: Process Name - w3wp.exe Process ID - 14432 Process Identity - KSHITIJSINGHAL-\IWPD_38(capitalbook) Web application pool name - capitalbooks-publishing.com(domain)(4.0)(pool) [12-07-2023 07:29:56] New process found: Process Name - w3wp.exe Process ID - 13172 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 07:29:56] Process Exited: Process Name - w3wp.exe Process ID - 6504 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 07:30:25] Process Exited: Process Name - WmiPrvSE.exe Process ID - 876 [12-07-2023 07:30:25] Process Exited: Process Name - WmiPrvSE.exe Process ID - 7716 [12-07-2023 07:34:43] Process Exited: Process Name - w3wp.exe Process ID - 10996 Web application pool name - cies.org.in(domain)(4.0)(pool) [12-07-2023 07:34:57] New process found: Process Name - w3wp.exe Process ID - 7888 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 07:34:57] Process Exited: Process Name - w3wp.exe Process ID - 13172 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 07:35:51] Process Exited: Process Name - conhost.exe Process ID - 5176 [12-07-2023 07:35:51] Process Exited: Process Name - w3wp.exe Process ID - 13732 Web application pool name - kdbps.edu.in [12-07-2023 07:35:58] New process found: Process Name - w3wp.exe Process ID - 9808 Process Identity - KSHITIJSINGHAL-\IWPD_67(justprew_2v) Web application pool name - justprewedding.com(domain)(4.0)(pool) [12-07-2023 07:36:36] New process found: Process Name - w3wp.exe Process ID - 6060 Process Identity - KSHITIJSINGHAL-\IWPD_13(perfectbrea) Web application pool name - perfectbread.com(domain)(4.0)(pool) [12-07-2023 07:36:37] New process found: Process Name - conhost.exe Process ID - 14364 Process Identity - KSHITIJSINGHAL-\IWPD_13(perfectbrea) [12-07-2023 07:36:52] Process Exited: Process Name - w3wp.exe Process ID - 14432 Web application pool name - capitalbooks-publishing.com(domain)(4.0)(pool) [12-07-2023 07:37:26] Process Exited: Process Name - w3wp.exe Process ID - 3760 Web application pool name - suryaflame.com(domain)(4.0)(pool) [12-07-2023 07:37:26] Process Exited: Process Name - conhost.exe Process ID - 11100 [12-07-2023 07:37:50] New process found: Process Name - w3wp.exe Process ID - 7376 Process Identity - IIS APPPOOL\galaxytools.in Web application pool name - galaxytools.in [12-07-2023 07:38:26] New process found: Process Name - w3wp.exe Process ID - 13436 Process Identity - KSHITIJSINGHAL-\IWPD_74(suryafla_aw) Web application pool name - suryaflame.com(domain)(4.0)(pool) [12-07-2023 07:38:28] New process found: Process Name - conhost.exe Process ID - 8720 Process Identity - KSHITIJSINGHAL-\IWPD_74(suryafla_aw) [12-07-2023 07:38:55] New process found: Process Name - WmiPrvSE.exe Process ID - 13628 Process Identity - NT AUTHORITY\LOCAL SERVICE [12-07-2023 07:39:01] New process found: Process Name - cmd.exe Process ID - 11672 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 07:39:01] New process found: Process Name - conhost.exe Process ID - 16312 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 07:39:01] New process found: Process Name - runtask.exe Process ID - 2428 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 07:39:01] New process found: Process Name - php.exe Process ID - 8904 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 07:39:01] New process found: Process Name - conhost.exe Process ID - 15988 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 07:39:01] New process found: Process Name - cmd.exe Process ID - 14924 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 07:39:01] New process found: Process Name - php.exe Process ID - 5012 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 07:39:02] New process found: Process Name - WmiPrvSE.exe Process ID - 7768 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 07:39:02] New process found: Process Name - cmd.exe Process ID - 8520 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 07:39:02] New process found: Process Name - php.exe Process ID - 10464 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 07:39:02] Process Exited: Process Name - php.exe Process ID - 5012 [12-07-2023 07:39:02] Process Exited: Process Name - cmd.exe Process ID - 14924 [12-07-2023 07:39:03] Process Exited: Process Name - runtask.exe Process ID - 2428 [12-07-2023 07:39:03] Process Exited: Process Name - cmd.exe Process ID - 8520 [12-07-2023 07:39:03] Process Exited: Process Name - php.exe Process ID - 8904 [12-07-2023 07:39:03] Process Exited: Process Name - php.exe Process ID - 10464 [12-07-2023 07:39:03] Process Exited: Process Name - cmd.exe Process ID - 11672 [12-07-2023 07:39:03] Process Exited: Process Name - conhost.exe Process ID - 15988 [12-07-2023 07:39:03] Process Exited: Process Name - conhost.exe Process ID - 16312 [12-07-2023 07:39:59] New process found: Process Name - w3wp.exe Process ID - 2904 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 07:39:59] Process Exited: Process Name - w3wp.exe Process ID - 7888 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 07:40:13] New process found: Process Name - w3wp.exe Process ID - 2476 Process Identity - IIS APPPOOL\kdbps.edu.in Web application pool name - kdbps.edu.in [12-07-2023 07:40:13] New process found: Process Name - conhost.exe Process ID - 15632 Process Identity - IIS APPPOOL\kdbps.edu.in [12-07-2023 07:40:24] Process Exited: Process Name - WmiPrvSE.exe Process ID - 7768 [12-07-2023 07:40:24] Process Exited: Process Name - WmiPrvSE.exe Process ID - 13628 [12-07-2023 07:41:05] New process found: Process Name - w3wp.exe Process ID - 7552 Process Identity - IIS APPPOOL\DefaultAppPool Web application pool name - DefaultAppPool [12-07-2023 07:41:54] New process found: Process Name - ig-0.exe Process ID - 9004 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 07:41:55] New process found: Process Name - ig-3.exe Process ID - 9748 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 07:41:55] Process Exited: Process Name - ig-0.exe Process ID - 9004 [12-07-2023 07:41:56] New process found: Process Name - ig-6.exe Process ID - 11812 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 07:41:56] Process Exited: Process Name - ig-3.exe Process ID - 9748 [12-07-2023 07:41:57] New process found: Process Name - ig-8.exe Process ID - 11888 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 07:41:57] Process Exited: Process Name - ig-6.exe Process ID - 11812 [12-07-2023 07:41:58] New process found: Process Name - ig-12.exe Process ID - 9408 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 07:41:58] Process Exited: Process Name - ig-8.exe Process ID - 11888 [12-07-2023 07:41:59] New process found: Process Name - ig-15.exe Process ID - 7696 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 07:41:59] Process Exited: Process Name - ig-12.exe Process ID - 9408 [12-07-2023 07:42:00] New process found: Process Name - ig-17.exe Process ID - 8872 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 07:42:00] Process Exited: Process Name - ig-15.exe Process ID - 7696 [12-07-2023 07:42:00] Process Exited: Process Name - w3wp.exe Process ID - 9808 Web application pool name - justprewedding.com(domain)(4.0)(pool) [12-07-2023 07:42:01] New process found: Process Name - ig-20.exe Process ID - 10492 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 07:42:01] Process Exited: Process Name - ig-17.exe Process ID - 8872 [12-07-2023 07:42:02] New process found: Process Name - ig-22.exe Process ID - 8052 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 07:42:02] Process Exited: Process Name - ig-20.exe Process ID - 10492 [12-07-2023 07:42:03] New process found: Process Name - ig-25.exe Process ID - 6480 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 07:42:03] Process Exited: Process Name - ig-22.exe Process ID - 8052 [12-07-2023 07:42:04] New process found: Process Name - ig-27.exe Process ID - 8756 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 07:42:04] Process Exited: Process Name - ig-25.exe Process ID - 6480 [12-07-2023 07:42:05] New process found: Process Name - ig-30.exe Process ID - 16348 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 07:42:05] Process Exited: Process Name - ig-27.exe Process ID - 8756 [12-07-2023 07:42:06] Process Exited: Process Name - ig-30.exe Process ID - 16348 [12-07-2023 07:42:07] New process found: Process Name - ig-35.exe Process ID - 7676 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 07:42:08] New process found: Process Name - ig-38.exe Process ID - 10212 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 07:42:08] Process Exited: Process Name - ig-35.exe Process ID - 7676 [12-07-2023 07:42:09] New process found: Process Name - ig-41.exe Process ID - 8944 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 07:42:09] Process Exited: Process Name - ig-38.exe Process ID - 10212 [12-07-2023 07:42:10] New process found: Process Name - ig-44.exe Process ID - 12388 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 07:42:10] Process Exited: Process Name - ig-41.exe Process ID - 8944 [12-07-2023 07:42:11] New process found: Process Name - ig-47.exe Process ID - 13620 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 07:42:11] Process Exited: Process Name - ig-44.exe Process ID - 12388 [12-07-2023 07:42:12] Process Exited: Process Name - ig-47.exe Process ID - 13620 [12-07-2023 07:43:07] New process found: Process Name - w3wp.exe Process ID - 11816 Process Identity - KSHITIJSINGHAL-\IWPD_6(cies) Web application pool name - cies.org.in(domain)(4.0)(pool) [12-07-2023 07:43:07] New process found: Process Name - w3wp.exe Process ID - 5460 Process Identity - KSHITIJSINGHAL-\IWPD_76(organicdisr) Web application pool name - organicdisruption.org(domain)(4.0)(pool) [12-07-2023 07:43:08] New process found: Process Name - w3wp.exe Process ID - 16248 Process Identity - KSHITIJSINGHAL-\IWPD_38(capitalbook) Web application pool name - capitalbooks-publishing.com(domain)(4.0)(pool) [12-07-2023 07:43:08] New process found: Process Name - w3wp.exe Process ID - 5536 Process Identity - KSHITIJSINGHAL-\IWPD_67(justprew_2v) Web application pool name - justprewedding.com(domain)(4.0)(pool) [12-07-2023 07:44:00] New process found: Process Name - cmd.exe Process ID - 9944 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 07:44:00] New process found: Process Name - conhost.exe Process ID - 10740 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 07:44:00] New process found: Process Name - runtask.exe Process ID - 13156 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 07:44:00] New process found: Process Name - php.exe Process ID - 10456 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 07:44:00] New process found: Process Name - conhost.exe Process ID - 10468 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 07:44:02] Process Exited: Process Name - cmd.exe Process ID - 9944 [12-07-2023 07:44:02] Process Exited: Process Name - php.exe Process ID - 10456 [12-07-2023 07:44:02] Process Exited: Process Name - conhost.exe Process ID - 10468 [12-07-2023 07:44:02] Process Exited: Process Name - conhost.exe Process ID - 10740 [12-07-2023 07:44:02] Process Exited: Process Name - runtask.exe Process ID - 13156 [12-07-2023 07:45:00] New process found: Process Name - w3wp.exe Process ID - 15012 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 07:45:00] Process Exited: Process Name - w3wp.exe Process ID - 2904 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 07:46:01] New process found: Process Name - cmd.exe Process ID - 15720 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 07:46:01] New process found: Process Name - conhost.exe Process ID - 6916 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 07:46:01] New process found: Process Name - runtask.exe Process ID - 12060 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 07:46:01] New process found: Process Name - php.exe Process ID - 11984 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 07:46:01] New process found: Process Name - conhost.exe Process ID - 14956 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 07:46:02] Process Exited: Process Name - conhost.exe Process ID - 6916 [12-07-2023 07:46:02] Process Exited: Process Name - php.exe Process ID - 11984 [12-07-2023 07:46:02] Process Exited: Process Name - runtask.exe Process ID - 12060 [12-07-2023 07:46:02] Process Exited: Process Name - conhost.exe Process ID - 14956 [12-07-2023 07:46:02] Process Exited: Process Name - cmd.exe Process ID - 15720 [12-07-2023 07:46:52] Process Exited: Process Name - w3wp.exe Process ID - 7376 Web application pool name - galaxytools.in [12-07-2023 07:48:54] New process found: Process Name - WmiPrvSE.exe Process ID - 2932 Process Identity - NT AUTHORITY\LOCAL SERVICE [12-07-2023 07:49:01] New process found: Process Name - WmiPrvSE.exe Process ID - 996 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 07:49:10] Process Exited: Process Name - w3wp.exe Process ID - 5460 Web application pool name - organicdisruption.org(domain)(4.0)(pool) [12-07-2023 07:49:10] Process Exited: Process Name - w3wp.exe Process ID - 5536 Web application pool name - justprewedding.com(domain)(4.0)(pool) [12-07-2023 07:49:10] Process Exited: Process Name - w3wp.exe Process ID - 16248 Web application pool name - capitalbooks-publishing.com(domain)(4.0)(pool) [12-07-2023 07:49:18] New process found: Process Name - w3wp.exe Process ID - 11396 Process Identity - IIS APPPOOL\galaxytools.in Web application pool name - galaxytools.in [12-07-2023 07:50:01] New process found: Process Name - w3wp.exe Process ID - 6700 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 07:50:01] Process Exited: Process Name - w3wp.exe Process ID - 15012 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 07:50:24] Process Exited: Process Name - WmiPrvSE.exe Process ID - 996 [12-07-2023 07:50:24] Process Exited: Process Name - WmiPrvSE.exe Process ID - 2932 [12-07-2023 07:51:20] New process found: Process Name - w3wp.exe Process ID - 12208 Process Identity - KSHITIJSINGHAL-\IWPD_33(acwits) Web application pool name - procurementwebnew.acwits.in(domain)(4.0)(pool) [12-07-2023 07:51:21] New process found: Process Name - conhost.exe Process ID - 10100 Process Identity - KSHITIJSINGHAL-\IWPD_33(acwits) [12-07-2023 07:52:01] New process found: Process Name - cmd.exe Process ID - 11364 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 07:52:01] New process found: Process Name - conhost.exe Process ID - 12800 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 07:52:01] New process found: Process Name - runtask.exe Process ID - 10924 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 07:52:01] New process found: Process Name - php.exe Process ID - 9576 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 07:52:01] New process found: Process Name - conhost.exe Process ID - 16108 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 07:52:02] Process Exited: Process Name - php.exe Process ID - 9576 [12-07-2023 07:52:02] Process Exited: Process Name - runtask.exe Process ID - 10924 [12-07-2023 07:52:02] Process Exited: Process Name - cmd.exe Process ID - 11364 [12-07-2023 07:52:02] Process Exited: Process Name - conhost.exe Process ID - 12800 [12-07-2023 07:52:02] Process Exited: Process Name - conhost.exe Process ID - 16108 [12-07-2023 07:53:30] New process found: Process Name - w3wp.exe Process ID - 14132 Process Identity - KSHITIJSINGHAL-\IWPD_38(capitalbook) Web application pool name - capitalbooks-publishing.com(domain)(4.0)(pool) [12-07-2023 07:53:38] Process Exited: Process Name - w3wp.exe Process ID - 6060 Web application pool name - perfectbread.com(domain)(4.0)(pool) [12-07-2023 07:53:38] Process Exited: Process Name - conhost.exe Process ID - 14364 [12-07-2023 07:55:02] New process found: Process Name - w3wp.exe Process ID - 13508 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 07:55:02] Process Exited: Process Name - w3wp.exe Process ID - 6700 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 07:55:10] Process Exited: Process Name - w3wp.exe Process ID - 11816 Web application pool name - cies.org.in(domain)(4.0)(pool) [12-07-2023 07:55:21] Process Exited: Process Name - w3wp.exe Process ID - 11396 Web application pool name - galaxytools.in [12-07-2023 07:56:56] New process found: Process Name - w3wp.exe Process ID - 11808 Process Identity - KSHITIJSINGHAL-\IWPD_77(acwits) Web application pool name - kdb.acwits.in(domain)(4.0)(pool) [12-07-2023 07:56:56] New process found: Process Name - conhost.exe Process ID - 7632 Process Identity - KSHITIJSINGHAL-\IWPD_77(acwits) [12-07-2023 07:57:07] Process Exited: Process Name - w3wp.exe Process ID - 7552 Web application pool name - DefaultAppPool [12-07-2023 07:57:23] Process Exited: Process Name - conhost.exe Process ID - 10100 [12-07-2023 07:57:23] Process Exited: Process Name - w3wp.exe Process ID - 12208 Web application pool name - procurementwebnew.acwits.in(domain)(4.0)(pool) [12-07-2023 07:57:55] New process found: Process Name - w3wp.exe Process ID - 7808 Process Identity - IIS APPPOOL\galaxytools.in Web application pool name - galaxytools.in [12-07-2023 07:58:55] New process found: Process Name - WmiPrvSE.exe Process ID - 10680 Process Identity - NT AUTHORITY\LOCAL SERVICE [12-07-2023 07:59:02] New process found: Process Name - WmiPrvSE.exe Process ID - 10684 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 07:59:18] New process found: Process Name - w3wp.exe Process ID - 10164 Process Identity - KSHITIJSINGHAL-\IWPD_13(perfectbrea) Web application pool name - perfectbread.com(domain)(4.0)(pool) [12-07-2023 07:59:19] New process found: Process Name - conhost.exe Process ID - 8580 Process Identity - KSHITIJSINGHAL-\IWPD_13(perfectbrea) [12-07-2023 07:59:32] Process Exited: Process Name - w3wp.exe Process ID - 14132 Web application pool name - capitalbooks-publishing.com(domain)(4.0)(pool) [12-07-2023 08:00:04] New process found: Process Name - w3wp.exe Process ID - 12388 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 08:00:04] Process Exited: Process Name - w3wp.exe Process ID - 13508 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 08:00:25] Process Exited: Process Name - WmiPrvSE.exe Process ID - 10680 [12-07-2023 08:00:25] Process Exited: Process Name - WmiPrvSE.exe Process ID - 10684 [12-07-2023 08:00:58] New process found: Process Name - w3wp.exe Process ID - 1368 Process Identity - KSHITIJSINGHAL-\IWPD_38(capitalbook) Web application pool name - capitalbooks-publishing.com(domain)(4.0)(pool) [12-07-2023 08:02:58] Process Exited: Process Name - conhost.exe Process ID - 7632 [12-07-2023 08:02:58] Process Exited: Process Name - w3wp.exe Process ID - 11808 Web application pool name - kdb.acwits.in(domain)(4.0)(pool) [12-07-2023 08:03:57] Process Exited: Process Name - w3wp.exe Process ID - 7808 Web application pool name - galaxytools.in [12-07-2023 08:05:00] New process found: Process Name - cmd.exe Process ID - 9124 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 08:05:00] New process found: Process Name - conhost.exe Process ID - 12368 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 08:05:00] New process found: Process Name - runtask.exe Process ID - 5072 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 08:05:00] New process found: Process Name - php.exe Process ID - 13868 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 08:05:00] New process found: Process Name - conhost.exe Process ID - 12304 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 08:05:03] Process Exited: Process Name - runtask.exe Process ID - 5072 [12-07-2023 08:05:03] Process Exited: Process Name - cmd.exe Process ID - 9124 [12-07-2023 08:05:03] Process Exited: Process Name - conhost.exe Process ID - 12304 [12-07-2023 08:05:03] Process Exited: Process Name - conhost.exe Process ID - 12368 [12-07-2023 08:05:03] Process Exited: Process Name - php.exe Process ID - 13868 [12-07-2023 08:05:04] New process found: Process Name - w3wp.exe Process ID - 9920 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 08:05:04] Process Exited: Process Name - w3wp.exe Process ID - 12388 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 08:05:20] Process Exited: Process Name - conhost.exe Process ID - 8580 [12-07-2023 08:05:20] Process Exited: Process Name - w3wp.exe Process ID - 10164 Web application pool name - perfectbread.com(domain)(4.0)(pool) [12-07-2023 08:06:29] Process Exited: Process Name - conhost.exe Process ID - 8720 [12-07-2023 08:06:29] Process Exited: Process Name - w3wp.exe Process ID - 13436 Web application pool name - suryaflame.com(domain)(4.0)(pool) [12-07-2023 08:07:01] New process found: Process Name - w3wp.exe Process ID - 6912 Process Identity - IIS APPPOOL\adminportal.galaxytools.in Web application pool name - adminportal.galaxytools.in [12-07-2023 08:07:01] Process Exited: Process Name - w3wp.exe Process ID - 1368 Web application pool name - capitalbooks-publishing.com(domain)(4.0)(pool) [12-07-2023 08:07:19] New process found: Process Name - w3wp.exe Process ID - 8948 Process Identity - KSHITIJSINGHAL-\IWPD_13(perfectbrea) Web application pool name - perfectbread.com(domain)(4.0)(pool) [12-07-2023 08:07:21] New process found: Process Name - conhost.exe Process ID - 14140 Process Identity - KSHITIJSINGHAL-\IWPD_13(perfectbrea) [12-07-2023 08:07:35] New process found: Process Name - w3wp.exe Process ID - 14608 Process Identity - KSHITIJSINGHAL-\IWPD_6(cies) Web application pool name - cies.org.in(domain)(4.0)(pool) [12-07-2023 08:08:02] New process found: Process Name - w3wp.exe Process ID - 7912 Process Identity - KSHITIJSINGHAL-\IWPD_73(acwits) Web application pool name - syndicated.acwits.in(domain)(4.0)(pool) [12-07-2023 08:08:02] New process found: Process Name - w3wp.exe Process ID - 14216 Process Identity - KSHITIJSINGHAL-\IWPD_74(suryafla_aw) Web application pool name - suryaflame.com(domain)(4.0)(pool) [12-07-2023 08:08:02] New process found: Process Name - conhost.exe Process ID - 10180 Process Identity - KSHITIJSINGHAL-\IWPD_74(suryafla_aw) [12-07-2023 08:08:54] New process found: Process Name - WmiPrvSE.exe Process ID - 8896 Process Identity - NT AUTHORITY\LOCAL SERVICE [12-07-2023 08:09:01] New process found: Process Name - WmiPrvSE.exe Process ID - 12076 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 08:09:23] New process found: Process Name - w3wp.exe Process ID - 5952 Process Identity - IIS APPPOOL\DefaultAppPool Web application pool name - DefaultAppPool [12-07-2023 08:10:06] New process found: Process Name - w3wp.exe Process ID - 10680 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 08:10:06] Process Exited: Process Name - w3wp.exe Process ID - 9920 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 08:10:24] Process Exited: Process Name - WmiPrvSE.exe Process ID - 8896 [12-07-2023 08:10:24] Process Exited: Process Name - WmiPrvSE.exe Process ID - 12076 [12-07-2023 08:13:02] Process Exited: Process Name - w3wp.exe Process ID - 6912 Web application pool name - adminportal.galaxytools.in [12-07-2023 08:13:28] New process found: Process Name - w3wp.exe Process ID - 9312 Process Identity - IIS APPPOOL\galaxytools.in Web application pool name - galaxytools.in [12-07-2023 08:14:04] Process Exited: Process Name - w3wp.exe Process ID - 7912 Web application pool name - syndicated.acwits.in(domain)(4.0)(pool) [12-07-2023 08:14:38] New process found: Process Name - w3wp.exe Process ID - 5936 Process Identity - KSHITIJSINGHAL-\IWPD_12(acwits) Web application pool name - procurementnew.acwits.in(domain)(4.0)(pool) [12-07-2023 08:14:40] New process found: Process Name - where.exe Process ID - 16064 Process Identity - KSHITIJSINGHAL-\IWPD_12(acwits) [12-07-2023 08:14:40] New process found: Process Name - conhost.exe Process ID - 10864 Process Identity - KSHITIJSINGHAL-\IWPD_12(acwits) [12-07-2023 08:14:41] New process found: Process Name - conhost.exe Process ID - 6556 Process Identity - KSHITIJSINGHAL-\IWPD_12(acwits) [12-07-2023 08:14:41] Process Exited: Process Name - conhost.exe Process ID - 10864 [12-07-2023 08:14:41] Process Exited: Process Name - where.exe Process ID - 16064 [12-07-2023 08:15:07] New process found: Process Name - w3wp.exe Process ID - 1104 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 08:15:07] Process Exited: Process Name - w3wp.exe Process ID - 10680 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 08:18:31] New process found: Process Name - w3wp.exe Process ID - 6732 Process Identity - KSHITIJSINGHAL-\IWPD_7(cies) Web application pool name - adminportal.cies.org.in(domain)(4.0)(pool) [12-07-2023 08:18:54] New process found: Process Name - WmiPrvSE.exe Process ID - 12076 Process Identity - NT AUTHORITY\LOCAL SERVICE [12-07-2023 08:19:01] New process found: Process Name - WmiPrvSE.exe Process ID - 7744 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 08:19:30] Process Exited: Process Name - w3wp.exe Process ID - 9312 Web application pool name - galaxytools.in [12-07-2023 08:19:45] New process found: Process Name - w3wp.exe Process ID - 15848 Process Identity - KSHITIJSINGHAL-\IWPD_33(acwits) Web application pool name - procurementwebnew.acwits.in(domain)(4.0)(pool) [12-07-2023 08:19:46] New process found: Process Name - conhost.exe Process ID - 11908 Process Identity - KSHITIJSINGHAL-\IWPD_33(acwits) [12-07-2023 08:20:09] New process found: Process Name - w3wp.exe Process ID - 11428 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 08:20:09] Process Exited: Process Name - w3wp.exe Process ID - 1104 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 08:20:25] Process Exited: Process Name - WmiPrvSE.exe Process ID - 7744 [12-07-2023 08:20:25] Process Exited: Process Name - WmiPrvSE.exe Process ID - 12076 [12-07-2023 08:20:40] Process Exited: Process Name - w3wp.exe Process ID - 5936 Web application pool name - procurementnew.acwits.in(domain)(4.0)(pool) [12-07-2023 08:20:40] Process Exited: Process Name - conhost.exe Process ID - 6556 [12-07-2023 08:23:04] New process found: Process Name - w3wp.exe Process ID - 14520 Process Identity - IIS APPPOOL\galaxytools.in Web application pool name - galaxytools.in [12-07-2023 08:24:24] Process Exited: Process Name - w3wp.exe Process ID - 5952 Web application pool name - DefaultAppPool [12-07-2023 08:24:34] Process Exited: Process Name - w3wp.exe Process ID - 6732 Web application pool name - adminportal.cies.org.in(domain)(4.0)(pool) [12-07-2023 08:25:01] New process found: Process Name - cmd.exe Process ID - 13840 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 08:25:01] New process found: Process Name - conhost.exe Process ID - 14376 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 08:25:01] New process found: Process Name - runtask.exe Process ID - 14344 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 08:25:01] New process found: Process Name - php.exe Process ID - 9416 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 08:25:01] New process found: Process Name - conhost.exe Process ID - 6932 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 08:25:05] Process Exited: Process Name - conhost.exe Process ID - 6932 [12-07-2023 08:25:05] Process Exited: Process Name - php.exe Process ID - 9416 [12-07-2023 08:25:05] Process Exited: Process Name - cmd.exe Process ID - 13840 [12-07-2023 08:25:05] Process Exited: Process Name - runtask.exe Process ID - 14344 [12-07-2023 08:25:05] Process Exited: Process Name - conhost.exe Process ID - 14376 [12-07-2023 08:25:09] New process found: Process Name - w3wp.exe Process ID - 15900 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 08:25:09] Process Exited: Process Name - w3wp.exe Process ID - 11428 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 08:25:33] New process found: Process Name - w3wp.exe Process ID - 10492 Process Identity - KSHITIJSINGHAL-\IWPD_38(capitalbook) Web application pool name - capitalbooks-publishing.com(domain)(4.0)(pool) [12-07-2023 08:25:48] Process Exited: Process Name - conhost.exe Process ID - 11908 [12-07-2023 08:25:48] Process Exited: Process Name - w3wp.exe Process ID - 15848 Web application pool name - procurementwebnew.acwits.in(domain)(4.0)(pool) [12-07-2023 08:27:37] Process Exited: Process Name - w3wp.exe Process ID - 14608 Web application pool name - cies.org.in(domain)(4.0)(pool) [12-07-2023 08:28:22] Process Exited: Process Name - w3wp.exe Process ID - 8948 Web application pool name - perfectbread.com(domain)(4.0)(pool) [12-07-2023 08:28:22] Process Exited: Process Name - conhost.exe Process ID - 14140 [12-07-2023 08:28:55] New process found: Process Name - WmiPrvSE.exe Process ID - 10904 Process Identity - NT AUTHORITY\LOCAL SERVICE [12-07-2023 08:29:02] New process found: Process Name - WmiPrvSE.exe Process ID - 11704 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 08:29:06] New process found: Process Name - w3wp.exe Process ID - 15908 Process Identity - KSHITIJSINGHAL-\IWPD_6(cies) Web application pool name - cies.org.in(domain)(4.0)(pool) [12-07-2023 08:29:07] Process Exited: Process Name - w3wp.exe Process ID - 14520 Web application pool name - galaxytools.in [12-07-2023 08:29:13] New process found: Process Name - w3wp.exe Process ID - 12148 Process Identity - IIS APPPOOL\DefaultAppPool Web application pool name - DefaultAppPool [12-07-2023 08:30:11] New process found: Process Name - w3wp.exe Process ID - 13252 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 08:30:11] Process Exited: Process Name - w3wp.exe Process ID - 15900 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 08:30:15] Process Exited: Process Name - w3wp.exe Process ID - 2476 Web application pool name - kdbps.edu.in [12-07-2023 08:30:15] Process Exited: Process Name - conhost.exe Process ID - 15632 [12-07-2023 08:30:24] Process Exited: Process Name - WmiPrvSE.exe Process ID - 10904 [12-07-2023 08:30:24] Process Exited: Process Name - WmiPrvSE.exe Process ID - 11704 [12-07-2023 08:33:21] New process found: Process Name - w3wp.exe Process ID - 14356 Process Identity - IIS APPPOOL\galaxytools.in Web application pool name - galaxytools.in [12-07-2023 08:35:06] Process Exited: Process Name - php-cgi.exe Process ID - 13908 [12-07-2023 08:35:07] Process Exited: Process Name - w3wp.exe Process ID - 10548 Web application pool name - PleskControlPanel [12-07-2023 08:35:13] New process found: Process Name - w3wp.exe Process ID - 15924 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 08:35:13] Process Exited: Process Name - w3wp.exe Process ID - 13252 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 08:35:16] Process Exited: Process Name - w3wp.exe Process ID - 12148 Web application pool name - DefaultAppPool [12-07-2023 08:35:25] New process found: Process Name - w3wp.exe Process ID - 11436 Process Identity - IIS APPPOOL\kdbps.edu.in Web application pool name - kdbps.edu.in [12-07-2023 08:35:25] New process found: Process Name - conhost.exe Process ID - 8592 Process Identity - IIS APPPOOL\kdbps.edu.in [12-07-2023 08:36:36] Process Exited: Process Name - w3wp.exe Process ID - 10492 Web application pool name - capitalbooks-publishing.com(domain)(4.0)(pool) [12-07-2023 08:38:51] New process found: Process Name - w3wp.exe Process ID - 13008 Process Identity - KSHITIJSINGHAL-\IWPD_38(capitalbook) Web application pool name - capitalbooks-publishing.com(domain)(4.0)(pool) [12-07-2023 08:38:54] New process found: Process Name - WmiPrvSE.exe Process ID - 15256 Process Identity - NT AUTHORITY\LOCAL SERVICE [12-07-2023 08:39:01] New process found: Process Name - cmd.exe Process ID - 1856 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 08:39:01] New process found: Process Name - conhost.exe Process ID - 5112 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 08:39:01] New process found: Process Name - runtask.exe Process ID - 16044 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 08:39:01] New process found: Process Name - php.exe Process ID - 2660 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 08:39:01] New process found: Process Name - conhost.exe Process ID - 2264 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 08:39:01] New process found: Process Name - WmiPrvSE.exe Process ID - 8472 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 08:39:01] New process found: Process Name - cmd.exe Process ID - 2412 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 08:39:01] New process found: Process Name - php.exe Process ID - 9568 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 08:39:02] New process found: Process Name - cmd.exe Process ID - 15276 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 08:39:02] New process found: Process Name - php.exe Process ID - 8864 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 08:39:02] Process Exited: Process Name - cmd.exe Process ID - 2412 [12-07-2023 08:39:02] Process Exited: Process Name - php.exe Process ID - 9568 [12-07-2023 08:39:03] Process Exited: Process Name - cmd.exe Process ID - 1856 [12-07-2023 08:39:03] Process Exited: Process Name - conhost.exe Process ID - 2264 [12-07-2023 08:39:03] Process Exited: Process Name - php.exe Process ID - 2660 [12-07-2023 08:39:03] Process Exited: Process Name - conhost.exe Process ID - 5112 [12-07-2023 08:39:03] Process Exited: Process Name - php.exe Process ID - 8864 [12-07-2023 08:39:03] Process Exited: Process Name - cmd.exe Process ID - 15276 [12-07-2023 08:39:03] Process Exited: Process Name - runtask.exe Process ID - 16044 [12-07-2023 08:39:08] Process Exited: Process Name - w3wp.exe Process ID - 15908 Web application pool name - cies.org.in(domain)(4.0)(pool) [12-07-2023 08:40:04] New process found: Process Name - w3wp.exe Process ID - 11100 Process Identity - KSHITIJSINGHAL-\IWPD_6(cies) Web application pool name - cies.org.in(domain)(4.0)(pool) [12-07-2023 08:40:13] New process found: Process Name - w3wp.exe Process ID - 220 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 08:40:13] Process Exited: Process Name - w3wp.exe Process ID - 15924 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 08:40:24] Process Exited: Process Name - WmiPrvSE.exe Process ID - 8472 [12-07-2023 08:40:24] Process Exited: Process Name - WmiPrvSE.exe Process ID - 15256 [12-07-2023 08:41:48] New process found: Process Name - mbupdatrV5.exe Process ID - 4800 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 08:41:49] Process Exited: Process Name - mbupdatrV5.exe Process ID - 4800 [12-07-2023 08:41:54] New process found: Process Name - ig.exe Process ID - 9156 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 08:41:55] New process found: Process Name - ig-2.exe Process ID - 14380 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 08:41:55] Process Exited: Process Name - ig.exe Process ID - 9156 [12-07-2023 08:41:56] New process found: Process Name - ig-5.exe Process ID - 13248 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 08:41:56] Process Exited: Process Name - ig-2.exe Process ID - 14380 [12-07-2023 08:41:57] New process found: Process Name - ig-8.exe Process ID - 2476 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 08:41:57] Process Exited: Process Name - ig-5.exe Process ID - 13248 [12-07-2023 08:41:58] New process found: Process Name - ig-11.exe Process ID - 6168 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 08:41:58] Process Exited: Process Name - ig-8.exe Process ID - 2476 [12-07-2023 08:41:59] New process found: Process Name - ig-14.exe Process ID - 14280 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 08:41:59] Process Exited: Process Name - ig-11.exe Process ID - 6168 [12-07-2023 08:42:00] New process found: Process Name - ig-17.exe Process ID - 3996 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 08:42:00] Process Exited: Process Name - ig-14.exe Process ID - 14280 [12-07-2023 08:42:01] New process found: Process Name - ig-20.exe Process ID - 13596 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 08:42:01] Process Exited: Process Name - ig-17.exe Process ID - 3996 [12-07-2023 08:42:02] New process found: Process Name - ig-23.exe Process ID - 15280 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 08:42:02] Process Exited: Process Name - ig-20.exe Process ID - 13596 [12-07-2023 08:42:03] New process found: Process Name - ig-26.exe Process ID - 13816 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 08:42:03] Process Exited: Process Name - ig-23.exe Process ID - 15280 [12-07-2023 08:42:04] New process found: Process Name - ig-29.exe Process ID - 11832 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 08:42:04] Process Exited: Process Name - ig-26.exe Process ID - 13816 [12-07-2023 08:42:05] New process found: Process Name - ig-33.exe Process ID - 14416 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 08:42:05] Process Exited: Process Name - ig-29.exe Process ID - 11832 [12-07-2023 08:42:06] New process found: Process Name - ig-36.exe Process ID - 1212 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 08:42:06] Process Exited: Process Name - ig-33.exe Process ID - 14416 [12-07-2023 08:42:07] New process found: Process Name - ig-39.exe Process ID - 16032 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 08:42:07] Process Exited: Process Name - ig-36.exe Process ID - 1212 [12-07-2023 08:42:08] New process found: Process Name - ig-42.exe Process ID - 7368 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 08:42:08] Process Exited: Process Name - ig-39.exe Process ID - 16032 [12-07-2023 08:42:09] New process found: Process Name - ig-45.exe Process ID - 2788 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 08:42:09] Process Exited: Process Name - ig-42.exe Process ID - 7368 [12-07-2023 08:42:10] New process found: Process Name - ig-49.exe Process ID - 13376 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 08:42:10] Process Exited: Process Name - ig-45.exe Process ID - 2788 [12-07-2023 08:42:11] Process Exited: Process Name - ig-49.exe Process ID - 13376 [12-07-2023 08:42:27] Process Exited: Process Name - conhost.exe Process ID - 8592 [12-07-2023 08:42:27] Process Exited: Process Name - w3wp.exe Process ID - 11436 Web application pool name - kdbps.edu.in [12-07-2023 08:42:48] New process found: Process Name - w3wp.exe Process ID - 15168 Process Identity - IIS APPPOOL\kdbps.edu.in Web application pool name - kdbps.edu.in [12-07-2023 08:42:48] New process found: Process Name - conhost.exe Process ID - 8996 Process Identity - IIS APPPOOL\kdbps.edu.in [12-07-2023 08:43:16] New process found: Process Name - w3wp.exe Process ID - 13680 Process Identity - KSHITIJSINGHAL-\IWPD_67(justprew_2v) Web application pool name - justprewedding.com(domain)(4.0)(pool) [12-07-2023 08:43:16] New process found: Process Name - where.exe Process ID - 14744 Process Identity - KSHITIJSINGHAL-\IWPD_67(justprew_2v) [12-07-2023 08:43:16] New process found: Process Name - conhost.exe Process ID - 16096 Process Identity - KSHITIJSINGHAL-\IWPD_67(justprew_2v) [12-07-2023 08:43:17] New process found: Process Name - conhost.exe Process ID - 4728 Process Identity - KSHITIJSINGHAL-\IWPD_67(justprew_2v) [12-07-2023 08:43:17] Process Exited: Process Name - where.exe Process ID - 14744 [12-07-2023 08:43:17] Process Exited: Process Name - conhost.exe Process ID - 16096 [12-07-2023 08:44:01] New process found: Process Name - cmd.exe Process ID - 12372 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 08:44:01] New process found: Process Name - conhost.exe Process ID - 14108 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 08:44:01] New process found: Process Name - runtask.exe Process ID - 7356 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 08:44:01] New process found: Process Name - php.exe Process ID - 2640 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 08:44:01] New process found: Process Name - conhost.exe Process ID - 6196 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 08:44:02] Process Exited: Process Name - php.exe Process ID - 2640 [12-07-2023 08:44:02] Process Exited: Process Name - conhost.exe Process ID - 6196 [12-07-2023 08:44:02] Process Exited: Process Name - runtask.exe Process ID - 7356 [12-07-2023 08:44:02] Process Exited: Process Name - cmd.exe Process ID - 12372 [12-07-2023 08:44:02] Process Exited: Process Name - conhost.exe Process ID - 14108 [12-07-2023 08:44:32] New process found: Process Name - w3wp.exe Process ID - 9552 Process Identity - KSHITIJSINGHAL-\IWPD_7(cies) Web application pool name - adminportal.cies.org.in(domain)(4.0)(pool) [12-07-2023 08:44:48] New process found: Process Name - w3wp.exe Process ID - 10456 Process Identity - KSHITIJSINGHAL-\IWPD_13(perfectbrea) Web application pool name - perfectbread.com(domain)(4.0)(pool) [12-07-2023 08:44:49] New process found: Process Name - conhost.exe Process ID - 5132 Process Identity - KSHITIJSINGHAL-\IWPD_13(perfectbrea) [12-07-2023 08:44:54] Process Exited: Process Name - w3wp.exe Process ID - 13008 Web application pool name - capitalbooks-publishing.com(domain)(4.0)(pool) [12-07-2023 08:45:15] New process found: Process Name - w3wp.exe Process ID - 13016 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 08:45:15] Process Exited: Process Name - w3wp.exe Process ID - 220 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 08:45:35] New process found: Process Name - w3wp.exe Process ID - 15872 Process Identity - IIS APPPOOL\DefaultAppPool Web application pool name - DefaultAppPool [12-07-2023 08:45:35] New process found: Process Name - w3wp.exe Process ID - 9920 Process Identity - IIS APPPOOL\PleskControlPanel Web application pool name - PleskControlPanel [12-07-2023 08:45:35] New process found: Process Name - php-cgi.exe Process ID - 12628 Process Identity - IIS APPPOOL\PleskControlPanel [12-07-2023 08:45:37] New process found: Process Name - w3wp.exe Process ID - 5416 Process Identity - KSHITIJSINGHAL-\IWPD_56(acwits) Web application pool name - cameraonrent.acwits.in(domain)(4.0)(pool) [12-07-2023 08:48:49] New process found: Process Name - w3wp.exe Process ID - 5140 Process Identity - KSHITIJSINGHAL-\IWPD_66(acwits) Web application pool name - 20fpsweb.acwits.in(domain)(4.0)(pool) [12-07-2023 08:48:50] New process found: Process Name - conhost.exe Process ID - 2272 Process Identity - KSHITIJSINGHAL-\IWPD_66(acwits) [12-07-2023 08:48:54] New process found: Process Name - WmiPrvSE.exe Process ID - 15480 Process Identity - NT AUTHORITY\LOCAL SERVICE [12-07-2023 08:49:01] New process found: Process Name - WmiPrvSE.exe Process ID - 15180 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 08:49:18] Process Exited: Process Name - conhost.exe Process ID - 4728 [12-07-2023 08:49:18] Process Exited: Process Name - w3wp.exe Process ID - 13680 Web application pool name - justprewedding.com(domain)(4.0)(pool) [12-07-2023 08:50:16] New process found: Process Name - w3wp.exe Process ID - 1028 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 08:50:16] Process Exited: Process Name - w3wp.exe Process ID - 13016 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 08:50:24] Process Exited: Process Name - w3wp.exe Process ID - 14356 Web application pool name - galaxytools.in [12-07-2023 08:50:25] Process Exited: Process Name - WmiPrvSE.exe Process ID - 15180 [12-07-2023 08:50:25] Process Exited: Process Name - WmiPrvSE.exe Process ID - 15480 [12-07-2023 08:50:35] Process Exited: Process Name - w3wp.exe Process ID - 9552 Web application pool name - adminportal.cies.org.in(domain)(4.0)(pool) [12-07-2023 08:50:50] Process Exited: Process Name - conhost.exe Process ID - 5132 [12-07-2023 08:50:50] Process Exited: Process Name - conhost.exe Process ID - 8996 [12-07-2023 08:50:50] Process Exited: Process Name - w3wp.exe Process ID - 10456 Web application pool name - perfectbread.com(domain)(4.0)(pool) [12-07-2023 08:50:50] Process Exited: Process Name - w3wp.exe Process ID - 15168 Web application pool name - kdbps.edu.in [12-07-2023 08:51:07] Process Exited: Process Name - w3wp.exe Process ID - 11100 Web application pool name - cies.org.in(domain)(4.0)(pool) [12-07-2023 08:51:38] Process Exited: Process Name - w3wp.exe Process ID - 15872 Web application pool name - DefaultAppPool [12-07-2023 08:51:39] New process found: Process Name - SearchProtocolHost.exe Process ID - 3828 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 08:51:39] Process Exited: Process Name - w3wp.exe Process ID - 5416 Web application pool name - cameraonrent.acwits.in(domain)(4.0)(pool) [12-07-2023 08:51:40] New process found: Process Name - SearchFilterHost.exe Process ID - 15796 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 08:51:47] New process found: Process Name - w3wp.exe Process ID - 11084 Process Identity - IIS APPPOOL\shop.galaxytools.in Web application pool name - shop.galaxytools.in [12-07-2023 08:52:19] New process found: Process Name - w3wp.exe Process ID - 14480 Process Identity - IIS APPPOOL\kdbps.edu.in Web application pool name - kdbps.edu.in [12-07-2023 08:52:19] New process found: Process Name - conhost.exe Process ID - 8564 Process Identity - IIS APPPOOL\kdbps.edu.in [12-07-2023 08:52:46] New process found: Process Name - w3wp.exe Process ID - 13684 Process Identity - IIS APPPOOL\galaxytools.in Web application pool name - galaxytools.in [12-07-2023 08:52:47] Process Exited: Process Name - SearchProtocolHost.exe Process ID - 3828 [12-07-2023 08:52:47] Process Exited: Process Name - SearchFilterHost.exe Process ID - 15796 [12-07-2023 08:54:04] Process Exited: Process Name - conhost.exe Process ID - 10180 [12-07-2023 08:54:04] Process Exited: Process Name - w3wp.exe Process ID - 14216 Web application pool name - suryaflame.com(domain)(4.0)(pool) [12-07-2023 08:54:31] New process found: Process Name - w3wp.exe Process ID - 14228 Process Identity - KSHITIJSINGHAL-\IWPD_74(suryafla_aw) Web application pool name - suryaflame.com(domain)(4.0)(pool) [12-07-2023 08:54:42] New process found: Process Name - conhost.exe Process ID - 15928 Process Identity - KSHITIJSINGHAL-\IWPD_74(suryafla_aw) [12-07-2023 08:54:52] New process found: Process Name - w3wp.exe Process ID - 14288 Process Identity - KSHITIJSINGHAL-\IWPD_38(capitalbook) Web application pool name - capitalbooks-publishing.com(domain)(4.0)(pool) [12-07-2023 08:54:52] Process Exited: Process Name - conhost.exe Process ID - 2272 [12-07-2023 08:54:52] Process Exited: Process Name - w3wp.exe Process ID - 5140 Web application pool name - 20fpsweb.acwits.in(domain)(4.0)(pool) [12-07-2023 08:55:02] New process found: Process Name - w3wp.exe Process ID - 1624 Process Identity - KSHITIJSINGHAL-\IWPD_6(cies) Web application pool name - cies.org.in(domain)(4.0)(pool) [12-07-2023 08:55:17] New process found: Process Name - w3wp.exe Process ID - 15052 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 08:55:17] Process Exited: Process Name - w3wp.exe Process ID - 1028 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 08:57:50] Process Exited: Process Name - w3wp.exe Process ID - 11084 Web application pool name - shop.galaxytools.in [12-07-2023 08:58:55] New process found: Process Name - WmiPrvSE.exe Process ID - 4892 Process Identity - NT AUTHORITY\LOCAL SERVICE [12-07-2023 08:59:02] New process found: Process Name - WmiPrvSE.exe Process ID - 6168 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 08:59:55] New process found: Process Name - w3wp.exe Process ID - 9584 Process Identity - IIS APPPOOL\DefaultAppPool Web application pool name - DefaultAppPool [12-07-2023 09:00:19] New process found: Process Name - w3wp.exe Process ID - 10880 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 09:00:19] Process Exited: Process Name - w3wp.exe Process ID - 15052 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 09:00:25] Process Exited: Process Name - WmiPrvSE.exe Process ID - 4892 [12-07-2023 09:00:25] Process Exited: Process Name - WmiPrvSE.exe Process ID - 6168 [12-07-2023 09:00:54] Process Exited: Process Name - w3wp.exe Process ID - 14288 Web application pool name - capitalbooks-publishing.com(domain)(4.0)(pool) [12-07-2023 09:00:56] New process found: Process Name - w3wp.exe Process ID - 14512 Process Identity - KSHITIJSINGHAL-\IWPD_38(capitalbook) Web application pool name - capitalbooks-publishing.com(domain)(4.0)(pool) [12-07-2023 09:01:05] Process Exited: Process Name - w3wp.exe Process ID - 1624 Web application pool name - cies.org.in(domain)(4.0)(pool) [12-07-2023 09:02:34] Process Exited: Process Name - w3wp.exe Process ID - 14228 Web application pool name - suryaflame.com(domain)(4.0)(pool) [12-07-2023 09:02:34] Process Exited: Process Name - conhost.exe Process ID - 15928 [12-07-2023 09:03:53] New process found: Process Name - w3wp.exe Process ID - 5640 Process Identity - KSHITIJSINGHAL-\IWPD_74(suryafla_aw) Web application pool name - suryaflame.com(domain)(4.0)(pool) [12-07-2023 09:03:53] New process found: Process Name - where.exe Process ID - 8588 Process Identity - KSHITIJSINGHAL-\IWPD_74(suryafla_aw) [12-07-2023 09:03:53] New process found: Process Name - conhost.exe Process ID - 6232 Process Identity - KSHITIJSINGHAL-\IWPD_74(suryafla_aw) [12-07-2023 09:03:54] New process found: Process Name - conhost.exe Process ID - 6760 Process Identity - KSHITIJSINGHAL-\IWPD_74(suryafla_aw) [12-07-2023 09:03:54] Process Exited: Process Name - conhost.exe Process ID - 6232 [12-07-2023 09:03:54] Process Exited: Process Name - where.exe Process ID - 8588 [12-07-2023 09:04:20] Process Exited: Process Name - conhost.exe Process ID - 8564 [12-07-2023 09:04:20] Process Exited: Process Name - w3wp.exe Process ID - 14480 Web application pool name - kdbps.edu.in [12-07-2023 09:04:24] New process found: Process Name - w3wp.exe Process ID - 11660 Process Identity - KSHITIJSINGHAL-\IWPD_33(acwits) Web application pool name - procurementwebnew.acwits.in(domain)(4.0)(pool) [12-07-2023 09:04:24] New process found: Process Name - conhost.exe Process ID - 9400 Process Identity - KSHITIJSINGHAL-\IWPD_33(acwits) [12-07-2023 09:05:00] New process found: Process Name - cmd.exe Process ID - 3376 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 09:05:00] New process found: Process Name - conhost.exe Process ID - 3800 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 09:05:00] New process found: Process Name - runtask.exe Process ID - 16180 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 09:05:00] New process found: Process Name - php.exe Process ID - 8784 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 09:05:00] New process found: Process Name - conhost.exe Process ID - 10788 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 09:05:01] New process found: Process Name - crontabmng.exe Process ID - 14252 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 09:05:01] New process found: Process Name - conhost.exe Process ID - 9696 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 09:05:02] Process Exited: Process Name - conhost.exe Process ID - 9696 [12-07-2023 09:05:02] Process Exited: Process Name - crontabmng.exe Process ID - 14252 [12-07-2023 09:05:04] Process Exited: Process Name - cmd.exe Process ID - 3376 [12-07-2023 09:05:04] Process Exited: Process Name - conhost.exe Process ID - 3800 [12-07-2023 09:05:04] Process Exited: Process Name - php.exe Process ID - 8784 [12-07-2023 09:05:04] Process Exited: Process Name - conhost.exe Process ID - 10788 [12-07-2023 09:05:04] Process Exited: Process Name - runtask.exe Process ID - 16180 [12-07-2023 09:05:19] New process found: Process Name - w3wp.exe Process ID - 5164 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 09:05:19] Process Exited: Process Name - w3wp.exe Process ID - 10880 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 09:05:41] New process found: Process Name - w3wp.exe Process ID - 1500 Process Identity - IIS APPPOOL\kdbps.edu.in Web application pool name - kdbps.edu.in [12-07-2023 09:05:41] New process found: Process Name - conhost.exe Process ID - 12312 Process Identity - IIS APPPOOL\kdbps.edu.in [12-07-2023 09:06:04] New process found: Process Name - GoogleUpdate.exe Process ID - 11252 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 09:06:24] New process found: Process Name - GoogleUpdate.exe Process ID - 7140 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 09:06:24] Service state changed: Service Name - gupdate Process ID - 7140 Current State - SERVICE_RUNNING [12-07-2023 09:06:25] Process Exited: Process Name - GoogleUpdate.exe Process ID - 7140 [12-07-2023 09:06:25] Process Exited: Process Name - GoogleUpdate.exe Process ID - 11252 [12-07-2023 09:06:25] Service state changed: Service Name - gupdate Process ID - 0 Current State - SERVICE_STOPPED [12-07-2023 09:06:59] Process Exited: Process Name - w3wp.exe Process ID - 14512 Web application pool name - capitalbooks-publishing.com(domain)(4.0)(pool) [12-07-2023 09:08:54] New process found: Process Name - WmiPrvSE.exe Process ID - 10700 Process Identity - NT AUTHORITY\LOCAL SERVICE [12-07-2023 09:09:01] New process found: Process Name - WmiPrvSE.exe Process ID - 12888 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 09:09:51] New process found: Process Name - wacs.exe Process ID - 11044 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 09:09:52] New process found: Process Name - conhost.exe Process ID - 12616 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 09:09:57] Process Exited: Process Name - w3wp.exe Process ID - 9584 Web application pool name - DefaultAppPool [12-07-2023 09:10:06] Process Exited: Process Name - wacs.exe Process ID - 11044 [12-07-2023 09:10:06] Process Exited: Process Name - conhost.exe Process ID - 12616 [12-07-2023 09:10:21] New process found: Process Name - w3wp.exe Process ID - 2904 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 09:10:21] Process Exited: Process Name - w3wp.exe Process ID - 5164 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 09:10:24] New process found: Process Name - w3wp.exe Process ID - 11908 Process Identity - KSHITIJSINGHAL-\IWPD_13(perfectbrea) Web application pool name - perfectbread.com(domain)(4.0)(pool) [12-07-2023 09:10:26] Process Exited: Process Name - conhost.exe Process ID - 9400 [12-07-2023 09:10:27] Process Exited: Process Name - w3wp.exe Process ID - 11660 Web application pool name - procurementwebnew.acwits.in(domain)(4.0)(pool) [12-07-2023 09:10:28] Process Exited: Process Name - WmiPrvSE.exe Process ID - 10700 [12-07-2023 09:10:28] Process Exited: Process Name - WmiPrvSE.exe Process ID - 12888 [12-07-2023 09:10:34] New process found: Process Name - w3wp.exe Process ID - 8716 Process Identity - IIS APPPOOL\DefaultAppPool Web application pool name - DefaultAppPool [12-07-2023 09:11:42] Process Exited: Process Name - w3wp.exe Process ID - 1500 Web application pool name - kdbps.edu.in [12-07-2023 09:11:42] Process Exited: Process Name - conhost.exe Process ID - 12312 [12-07-2023 09:12:12] New process found: Process Name - w3wp.exe Process ID - 11328 Process Identity - IIS APPPOOL\kdbps.edu.in Web application pool name - kdbps.edu.in [12-07-2023 09:12:12] New process found: Process Name - conhost.exe Process ID - 608 Process Identity - IIS APPPOOL\kdbps.edu.in [12-07-2023 09:14:15] New process found: Process Name - w3wp.exe Process ID - 16260 Process Identity - KSHITIJSINGHAL-\IWPD_6(cies) Web application pool name - cies.org.in(domain)(4.0)(pool) [12-07-2023 09:14:21] New process found: Process Name - conhost.exe Process ID - 7468 Process Identity - KSHITIJSINGHAL-\IWPD_13(perfectbrea) [12-07-2023 09:15:22] New process found: Process Name - w3wp.exe Process ID - 15608 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 09:15:22] Process Exited: Process Name - w3wp.exe Process ID - 2904 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 09:16:36] Process Exited: Process Name - php-cgi.exe Process ID - 12628 [12-07-2023 09:16:37] Process Exited: Process Name - w3wp.exe Process ID - 8716 Web application pool name - DefaultAppPool [12-07-2023 09:16:38] Process Exited: Process Name - w3wp.exe Process ID - 9920 Web application pool name - PleskControlPanel [12-07-2023 09:16:56] Process Exited: Process Name - w3wp.exe Process ID - 5640 Web application pool name - suryaflame.com(domain)(4.0)(pool) [12-07-2023 09:16:56] Process Exited: Process Name - conhost.exe Process ID - 6760 [12-07-2023 09:17:01] New process found: Process Name - w3wp.exe Process ID - 11364 Process Identity - KSHITIJSINGHAL-\IWPD_74(suryafla_aw) Web application pool name - suryaflame.com(domain)(4.0)(pool) [12-07-2023 09:17:02] New process found: Process Name - conhost.exe Process ID - 15340 Process Identity - KSHITIJSINGHAL-\IWPD_74(suryafla_aw) [12-07-2023 09:18:54] New process found: Process Name - WmiPrvSE.exe Process ID - 15424 Process Identity - NT AUTHORITY\LOCAL SERVICE [12-07-2023 09:19:01] New process found: Process Name - WmiPrvSE.exe Process ID - 12616 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 09:19:49] Process Exited: Process Name - w3wp.exe Process ID - 13684 Web application pool name - galaxytools.in [12-07-2023 09:20:24] New process found: Process Name - w3wp.exe Process ID - 13680 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 09:20:24] Process Exited: Process Name - w3wp.exe Process ID - 15608 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 09:20:25] Process Exited: Process Name - WmiPrvSE.exe Process ID - 12616 [12-07-2023 09:20:25] Process Exited: Process Name - WmiPrvSE.exe Process ID - 15424 [12-07-2023 09:25:00] New process found: Process Name - cmd.exe Process ID - 16288 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 09:25:00] New process found: Process Name - conhost.exe Process ID - 15676 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 09:25:01] New process found: Process Name - runtask.exe Process ID - 16340 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 09:25:01] New process found: Process Name - php.exe Process ID - 7788 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 09:25:01] New process found: Process Name - conhost.exe Process ID - 2648 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 09:25:04] Process Exited: Process Name - conhost.exe Process ID - 2648 [12-07-2023 09:25:04] Process Exited: Process Name - php.exe Process ID - 7788 [12-07-2023 09:25:04] Process Exited: Process Name - conhost.exe Process ID - 15676 [12-07-2023 09:25:04] Process Exited: Process Name - cmd.exe Process ID - 16288 [12-07-2023 09:25:04] Process Exited: Process Name - runtask.exe Process ID - 16340 [12-07-2023 09:25:24] New process found: Process Name - w3wp.exe Process ID - 13272 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 09:25:24] Process Exited: Process Name - w3wp.exe Process ID - 13680 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 09:26:12] New process found: Process Name - w3wp.exe Process ID - 6612 Process Identity - IIS APPPOOL\galaxytools.in Web application pool name - galaxytools.in [12-07-2023 09:27:27] Process Exited: Process Name - conhost.exe Process ID - 7468 [12-07-2023 09:27:27] Process Exited: Process Name - w3wp.exe Process ID - 11908 Web application pool name - perfectbread.com(domain)(4.0)(pool) [12-07-2023 09:27:34] New process found: Process Name - w3wp.exe Process ID - 8456 Process Identity - KSHITIJSINGHAL-\IWPD_13(perfectbrea) Web application pool name - perfectbread.com(domain)(4.0)(pool) [12-07-2023 09:27:47] New process found: Process Name - w3wp.exe Process ID - 16316 Process Identity - KSHITIJSINGHAL-\IWPD_38(capitalbook) Web application pool name - capitalbooks-publishing.com(domain)(4.0)(pool) [12-07-2023 09:28:53] New process found: Process Name - w3wp.exe Process ID - 14932 Process Identity - IIS APPPOOL\shop.galaxytools.in Web application pool name - shop.galaxytools.in [12-07-2023 09:28:54] New process found: Process Name - WmiPrvSE.exe Process ID - 2720 Process Identity - NT AUTHORITY\LOCAL SERVICE [12-07-2023 09:29:01] New process found: Process Name - WmiPrvSE.exe Process ID - 1792 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 09:30:24] Process Exited: Process Name - WmiPrvSE.exe Process ID - 1792 [12-07-2023 09:30:24] Process Exited: Process Name - WmiPrvSE.exe Process ID - 2720 [12-07-2023 09:30:26] New process found: Process Name - w3wp.exe Process ID - 9584 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 09:30:26] Process Exited: Process Name - w3wp.exe Process ID - 13272 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 09:35:27] New process found: Process Name - w3wp.exe Process ID - 7392 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 09:35:27] Process Exited: Process Name - w3wp.exe Process ID - 9584 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 09:35:55] Process Exited: Process Name - w3wp.exe Process ID - 14932 Web application pool name - shop.galaxytools.in [12-07-2023 09:36:49] Process Exited: Process Name - w3wp.exe Process ID - 16316 Web application pool name - capitalbooks-publishing.com(domain)(4.0)(pool) [12-07-2023 09:37:31] New process found: Process Name - w3wp.exe Process ID - 12012 Process Identity - KSHITIJSINGHAL-\IWPD_33(acwits) Web application pool name - procurementwebnew.acwits.in(domain)(4.0)(pool) [12-07-2023 09:37:31] New process found: Process Name - conhost.exe Process ID - 12860 Process Identity - KSHITIJSINGHAL-\IWPD_33(acwits) [12-07-2023 09:38:36] Process Exited: Process Name - w3wp.exe Process ID - 8456 Web application pool name - perfectbread.com(domain)(4.0)(pool) [12-07-2023 09:38:54] New process found: Process Name - WmiPrvSE.exe Process ID - 5544 Process Identity - NT AUTHORITY\LOCAL SERVICE [12-07-2023 09:39:00] New process found: Process Name - cmd.exe Process ID - 14484 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 09:39:00] New process found: Process Name - conhost.exe Process ID - 12920 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 09:39:01] New process found: Process Name - runtask.exe Process ID - 3152 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 09:39:01] New process found: Process Name - php.exe Process ID - 11308 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 09:39:01] New process found: Process Name - conhost.exe Process ID - 9928 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 09:39:01] New process found: Process Name - WmiPrvSE.exe Process ID - 13880 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 09:39:01] New process found: Process Name - cmd.exe Process ID - 1928 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 09:39:01] New process found: Process Name - php.exe Process ID - 8872 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 09:39:02] Process Exited: Process Name - cmd.exe Process ID - 1928 [12-07-2023 09:39:02] Process Exited: Process Name - runtask.exe Process ID - 3152 [12-07-2023 09:39:02] Process Exited: Process Name - php.exe Process ID - 8872 [12-07-2023 09:39:02] Process Exited: Process Name - conhost.exe Process ID - 9928 [12-07-2023 09:39:02] Process Exited: Process Name - php.exe Process ID - 11308 [12-07-2023 09:39:02] Process Exited: Process Name - conhost.exe Process ID - 12920 [12-07-2023 09:39:02] Process Exited: Process Name - cmd.exe Process ID - 14484 [12-07-2023 09:40:24] Process Exited: Process Name - WmiPrvSE.exe Process ID - 5544 [12-07-2023 09:40:24] Process Exited: Process Name - WmiPrvSE.exe Process ID - 13880 [12-07-2023 09:40:28] New process found: Process Name - w3wp.exe Process ID - 8632 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 09:40:28] Process Exited: Process Name - w3wp.exe Process ID - 7392 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 09:41:14] Process Exited: Process Name - w3wp.exe Process ID - 6612 Web application pool name - galaxytools.in [12-07-2023 09:41:49] New process found: Process Name - w3wp.exe Process ID - 13108 Process Identity - IIS APPPOOL\adminportal.galaxytools.in Web application pool name - adminportal.galaxytools.in [12-07-2023 09:41:50] New process found: Process Name - csc.exe Process ID - 11936 Process Identity - IIS APPPOOL\adminportal.galaxytools.in [12-07-2023 09:41:55] New process found: Process Name - conhost.exe Process ID - 7548 Process Identity - IIS APPPOOL\adminportal.galaxytools.in [12-07-2023 09:41:55] New process found: Process Name - ig-0.exe Process ID - 2212 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 09:41:56] New process found: Process Name - ig-3.exe Process ID - 16136 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 09:41:56] Process Exited: Process Name - ig-0.exe Process ID - 2212 [12-07-2023 09:41:57] New process found: Process Name - ig-6.exe Process ID - 15276 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 09:41:57] Process Exited: Process Name - ig-3.exe Process ID - 16136 [12-07-2023 09:41:58] New process found: Process Name - ig-9.exe Process ID - 11808 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 09:41:58] Process Exited: Process Name - ig-6.exe Process ID - 15276 [12-07-2023 09:41:59] New process found: Process Name - ig-12.exe Process ID - 9936 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 09:41:59] New process found: Process Name - csc.exe Process ID - 8676 Process Identity - IIS APPPOOL\adminportal.galaxytools.in [12-07-2023 09:41:59] New process found: Process Name - conhost.exe Process ID - 10968 Process Identity - IIS APPPOOL\adminportal.galaxytools.in [12-07-2023 09:41:59] Process Exited: Process Name - conhost.exe Process ID - 7548 [12-07-2023 09:41:59] Process Exited: Process Name - ig-9.exe Process ID - 11808 [12-07-2023 09:41:59] Process Exited: Process Name - csc.exe Process ID - 11936 [12-07-2023 09:42:00] New process found: Process Name - ig-15.exe Process ID - 2376 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 09:42:00] Process Exited: Process Name - csc.exe Process ID - 8676 [12-07-2023 09:42:00] Process Exited: Process Name - ig-12.exe Process ID - 9936 [12-07-2023 09:42:00] Process Exited: Process Name - conhost.exe Process ID - 10968 [12-07-2023 09:42:01] New process found: Process Name - ig-18.exe Process ID - 10152 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 09:42:01] Process Exited: Process Name - ig-15.exe Process ID - 2376 [12-07-2023 09:42:02] New process found: Process Name - ig-20.exe Process ID - 6624 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 09:42:02] Process Exited: Process Name - ig-18.exe Process ID - 10152 [12-07-2023 09:42:03] New process found: Process Name - ig-23.exe Process ID - 13316 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 09:42:03] Process Exited: Process Name - ig-20.exe Process ID - 6624 [12-07-2023 09:42:04] New process found: Process Name - ig-26.exe Process ID - 6700 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 09:42:04] Process Exited: Process Name - ig-23.exe Process ID - 13316 [12-07-2023 09:42:05] New process found: Process Name - ig-29.exe Process ID - 6456 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 09:42:05] Process Exited: Process Name - ig-26.exe Process ID - 6700 [12-07-2023 09:42:06] New process found: Process Name - ig-32.exe Process ID - 2372 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 09:42:06] Process Exited: Process Name - ig-29.exe Process ID - 6456 [12-07-2023 09:42:07] New process found: Process Name - ig-35.exe Process ID - 13800 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 09:42:07] Process Exited: Process Name - ig-32.exe Process ID - 2372 [12-07-2023 09:42:08] New process found: Process Name - ig-38.exe Process ID - 7576 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 09:42:08] Process Exited: Process Name - ig-35.exe Process ID - 13800 [12-07-2023 09:42:09] New process found: Process Name - ig-40.exe Process ID - 7420 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 09:42:09] Process Exited: Process Name - ig-38.exe Process ID - 7576 [12-07-2023 09:42:10] New process found: Process Name - ig-42.exe Process ID - 8016 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 09:42:10] Process Exited: Process Name - ig-40.exe Process ID - 7420 [12-07-2023 09:42:11] New process found: Process Name - ig-45.exe Process ID - 10320 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 09:42:11] New process found: Process Name - csc.exe Process ID - 14712 Process Identity - IIS APPPOOL\adminportal.galaxytools.in [12-07-2023 09:42:11] Process Exited: Process Name - ig-42.exe Process ID - 8016 [12-07-2023 09:42:12] New process found: Process Name - ig-48.exe Process ID - 16340 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 09:42:12] Process Exited: Process Name - ig-45.exe Process ID - 10320 [12-07-2023 09:42:12] Process Exited: Process Name - csc.exe Process ID - 14712 [12-07-2023 09:42:13] Process Exited: Process Name - ig-48.exe Process ID - 16340 [12-07-2023 09:42:15] Process Exited: Process Name - conhost.exe Process ID - 608 [12-07-2023 09:42:15] Process Exited: Process Name - w3wp.exe Process ID - 11328 Web application pool name - kdbps.edu.in [12-07-2023 09:42:18] Process Exited: Process Name - w3wp.exe Process ID - 16260 Web application pool name - cies.org.in(domain)(4.0)(pool) [12-07-2023 09:42:37] New process found: Process Name - w3wp.exe Process ID - 13680 Process Identity - IIS APPPOOL\galaxytools.in Web application pool name - galaxytools.in [12-07-2023 09:43:33] Process Exited: Process Name - w3wp.exe Process ID - 12012 Web application pool name - procurementwebnew.acwits.in(domain)(4.0)(pool) [12-07-2023 09:43:33] Process Exited: Process Name - conhost.exe Process ID - 12860 [12-07-2023 09:45:29] New process found: Process Name - w3wp.exe Process ID - 16248 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 09:45:29] Process Exited: Process Name - w3wp.exe Process ID - 8632 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 09:46:23] New process found: Process Name - w3wp.exe Process ID - 16088 Process Identity - KSHITIJSINGHAL-\IWPD_38(capitalbook) Web application pool name - capitalbooks-publishing.com(domain)(4.0)(pool) [12-07-2023 09:46:47] New process found: Process Name - w3wp.exe Process ID - 12840 Process Identity - IIS APPPOOL\kdbps.edu.in Web application pool name - kdbps.edu.in [12-07-2023 09:46:47] New process found: Process Name - conhost.exe Process ID - 8504 Process Identity - IIS APPPOOL\kdbps.edu.in [12-07-2023 09:47:51] Process Exited: Process Name - w3wp.exe Process ID - 13108 Web application pool name - adminportal.galaxytools.in [12-07-2023 09:48:38] Process Exited: Process Name - w3wp.exe Process ID - 13680 Web application pool name - galaxytools.in [12-07-2023 09:48:55] New process found: Process Name - WmiPrvSE.exe Process ID - 6156 Process Identity - NT AUTHORITY\LOCAL SERVICE [12-07-2023 09:49:02] New process found: Process Name - WmiPrvSE.exe Process ID - 11168 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 09:50:25] Process Exited: Process Name - WmiPrvSE.exe Process ID - 6156 [12-07-2023 09:50:25] Process Exited: Process Name - WmiPrvSE.exe Process ID - 11168 [12-07-2023 09:50:31] New process found: Process Name - w3wp.exe Process ID - 10376 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 09:50:31] Process Exited: Process Name - w3wp.exe Process ID - 16248 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 09:51:31] New process found: Process Name - w3wp.exe Process ID - 12460 Process Identity - KSHITIJSINGHAL-\IWPD_6(cies) Web application pool name - cies.org.in(domain)(4.0)(pool) [12-07-2023 09:52:18] New process found: Process Name - wermgr.exe Process ID - 13436 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 09:52:19] Process Exited: Process Name - wermgr.exe Process ID - 13436 [12-07-2023 09:52:26] Process Exited: Process Name - w3wp.exe Process ID - 16088 Web application pool name - capitalbooks-publishing.com(domain)(4.0)(pool) [12-07-2023 09:52:44] New process found: Process Name - w3wp.exe Process ID - 5736 Process Identity - KSHITIJSINGHAL-\IWPD_13(perfectbrea) Web application pool name - perfectbread.com(domain)(4.0)(pool) [12-07-2023 09:54:37] New process found: Process Name - w3wp.exe Process ID - 2680 Process Identity - IIS APPPOOL\DefaultAppPool Web application pool name - DefaultAppPool [12-07-2023 09:54:49] New process found: Process Name - csc.exe Process ID - 14436 Process Identity - KSHITIJSINGHAL-\IWPD_6(cies) [12-07-2023 09:54:49] New process found: Process Name - conhost.exe Process ID - 15604 Process Identity - KSHITIJSINGHAL-\IWPD_6(cies) [12-07-2023 09:54:50] Process Exited: Process Name - csc.exe Process ID - 14436 [12-07-2023 09:54:50] Process Exited: Process Name - conhost.exe Process ID - 15604 [12-07-2023 09:55:32] New process found: Process Name - w3wp.exe Process ID - 14744 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 09:55:32] Process Exited: Process Name - w3wp.exe Process ID - 10376 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 09:57:34] New process found: Process Name - w3wp.exe Process ID - 10412 Process Identity - KSHITIJSINGHAL-\IWPD_38(capitalbook) Web application pool name - capitalbooks-publishing.com(domain)(4.0)(pool) [12-07-2023 09:58:55] New process found: Process Name - WmiPrvSE.exe Process ID - 10936 Process Identity - NT AUTHORITY\LOCAL SERVICE [12-07-2023 09:59:02] New process found: Process Name - WmiPrvSE.exe Process ID - 7872 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 10:00:25] Process Exited: Process Name - WmiPrvSE.exe Process ID - 7872 [12-07-2023 10:00:25] Process Exited: Process Name - WmiPrvSE.exe Process ID - 10936 [12-07-2023 10:00:33] New process found: Process Name - w3wp.exe Process ID - 13188 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 10:00:33] Process Exited: Process Name - w3wp.exe Process ID - 14744 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 10:00:39] Process Exited: Process Name - w3wp.exe Process ID - 2680 Web application pool name - DefaultAppPool [12-07-2023 10:01:47] Process Exited: Process Name - w3wp.exe Process ID - 5736 Web application pool name - perfectbread.com(domain)(4.0)(pool) [12-07-2023 10:02:33] Process Exited: Process Name - w3wp.exe Process ID - 12460 Web application pool name - cies.org.in(domain)(4.0)(pool) [12-07-2023 10:04:15] New process found: Process Name - w3wp.exe Process ID - 15004 Process Identity - KSHITIJSINGHAL-\IWPD_13(perfectbrea) Web application pool name - perfectbread.com(domain)(4.0)(pool) [12-07-2023 10:04:17] New process found: Process Name - conhost.exe Process ID - 12824 Process Identity - KSHITIJSINGHAL-\IWPD_13(perfectbrea) [12-07-2023 10:04:49] Process Exited: Process Name - conhost.exe Process ID - 8504 [12-07-2023 10:04:49] Process Exited: Process Name - w3wp.exe Process ID - 12840 Web application pool name - kdbps.edu.in [12-07-2023 10:05:00] New process found: Process Name - cmd.exe Process ID - 7732 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 10:05:00] New process found: Process Name - conhost.exe Process ID - 10464 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 10:05:00] New process found: Process Name - runtask.exe Process ID - 15996 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 10:05:00] New process found: Process Name - php.exe Process ID - 7576 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 10:05:00] New process found: Process Name - conhost.exe Process ID - 8628 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 10:05:02] Process Exited: Process Name - php.exe Process ID - 7576 [12-07-2023 10:05:02] Process Exited: Process Name - cmd.exe Process ID - 7732 [12-07-2023 10:05:02] Process Exited: Process Name - conhost.exe Process ID - 8628 [12-07-2023 10:05:02] Process Exited: Process Name - conhost.exe Process ID - 10464 [12-07-2023 10:05:02] Process Exited: Process Name - runtask.exe Process ID - 15996 [12-07-2023 10:05:31] New process found: Process Name - w3wp.exe Process ID - 2636 Process Identity - KSHITIJSINGHAL-\IWPD_33(acwits) Web application pool name - procurementwebnew.acwits.in(domain)(4.0)(pool) [12-07-2023 10:05:31] New process found: Process Name - conhost.exe Process ID - 13416 Process Identity - KSHITIJSINGHAL-\IWPD_33(acwits) [12-07-2023 10:05:34] New process found: Process Name - w3wp.exe Process ID - 8384 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 10:05:34] Process Exited: Process Name - w3wp.exe Process ID - 13188 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 10:05:51] New process found: Process Name - w3wp.exe Process ID - 14812 Process Identity - KSHITIJSINGHAL-\IWPD_6(cies) Web application pool name - cies.org.in(domain)(4.0)(pool) [12-07-2023 10:06:03] Process Exited: Process Name - w3wp.exe Process ID - 11364 Web application pool name - suryaflame.com(domain)(4.0)(pool) [12-07-2023 10:06:03] Process Exited: Process Name - conhost.exe Process ID - 15340 [12-07-2023 10:06:25] New process found: Process Name - w3wp.exe Process ID - 10484 Process Identity - KSHITIJSINGHAL-\IWPD_74(suryafla_aw) Web application pool name - suryaflame.com(domain)(4.0)(pool) [12-07-2023 10:06:26] New process found: Process Name - where.exe Process ID - 15792 Process Identity - KSHITIJSINGHAL-\IWPD_74(suryafla_aw) [12-07-2023 10:06:26] New process found: Process Name - conhost.exe Process ID - 11296 Process Identity - KSHITIJSINGHAL-\IWPD_74(suryafla_aw) [12-07-2023 10:06:27] New process found: Process Name - conhost.exe Process ID - 16324 Process Identity - KSHITIJSINGHAL-\IWPD_74(suryafla_aw) [12-07-2023 10:06:27] Process Exited: Process Name - conhost.exe Process ID - 11296 [12-07-2023 10:06:27] Process Exited: Process Name - where.exe Process ID - 15792 [12-07-2023 10:06:37] Process Exited: Process Name - w3wp.exe Process ID - 10412 Web application pool name - capitalbooks-publishing.com(domain)(4.0)(pool) [12-07-2023 10:07:45] New process found: Process Name - w3wp.exe Process ID - 2328 Process Identity - KSHITIJSINGHAL-\IWPD_38(capitalbook) Web application pool name - capitalbooks-publishing.com(domain)(4.0)(pool) [12-07-2023 10:07:47] New process found: Process Name - w3wp.exe Process ID - 1616 Process Identity - IIS APPPOOL\galaxytools.in Web application pool name - galaxytools.in [12-07-2023 10:08:55] New process found: Process Name - WmiPrvSE.exe Process ID - 10712 Process Identity - NT AUTHORITY\LOCAL SERVICE [12-07-2023 10:09:01] New process found: Process Name - WmiPrvSE.exe Process ID - 9008 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 10:09:02] New process found: Process Name - w3wp.exe Process ID - 6484 Process Identity - IIS APPPOOL\kdbps.edu.in Web application pool name - kdbps.edu.in [12-07-2023 10:09:02] New process found: Process Name - where.exe Process ID - 10352 Process Identity - IIS APPPOOL\kdbps.edu.in [12-07-2023 10:09:02] New process found: Process Name - conhost.exe Process ID - 15228 Process Identity - IIS APPPOOL\kdbps.edu.in [12-07-2023 10:09:03] New process found: Process Name - conhost.exe Process ID - 7892 Process Identity - IIS APPPOOL\kdbps.edu.in [12-07-2023 10:09:03] Process Exited: Process Name - where.exe Process ID - 10352 [12-07-2023 10:09:03] Process Exited: Process Name - conhost.exe Process ID - 15228 [12-07-2023 10:10:18] Process Exited: Process Name - conhost.exe Process ID - 12824 [12-07-2023 10:10:18] Process Exited: Process Name - w3wp.exe Process ID - 15004 Web application pool name - perfectbread.com(domain)(4.0)(pool) [12-07-2023 10:10:24] Process Exited: Process Name - WmiPrvSE.exe Process ID - 9008 [12-07-2023 10:10:24] Process Exited: Process Name - WmiPrvSE.exe Process ID - 10712 [12-07-2023 10:10:36] New process found: Process Name - w3wp.exe Process ID - 10012 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 10:10:36] Process Exited: Process Name - w3wp.exe Process ID - 8384 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 10:11:05] New process found: Process Name - w3wp.exe Process ID - 16244 Process Identity - IIS APPPOOL\PleskControlPanel Web application pool name - PleskControlPanel [12-07-2023 10:11:06] New process found: Process Name - php-cgi.exe Process ID - 13252 Process Identity - IIS APPPOOL\PleskControlPanel [12-07-2023 10:11:33] Process Exited: Process Name - w3wp.exe Process ID - 2636 Web application pool name - procurementwebnew.acwits.in(domain)(4.0)(pool) [12-07-2023 10:11:33] Process Exited: Process Name - conhost.exe Process ID - 13416 [12-07-2023 10:11:53] Process Exited: Process Name - w3wp.exe Process ID - 14812 Web application pool name - cies.org.in(domain)(4.0)(pool) [12-07-2023 10:13:11] New process found: Process Name - w3wp.exe Process ID - 13600 Process Identity - KSHITIJSINGHAL-\IWPD_13(perfectbrea) Web application pool name - perfectbread.com(domain)(4.0)(pool) [12-07-2023 10:13:12] New process found: Process Name - where.exe Process ID - 3332 Process Identity - KSHITIJSINGHAL-\IWPD_13(perfectbrea) [12-07-2023 10:13:12] New process found: Process Name - conhost.exe Process ID - 7356 Process Identity - KSHITIJSINGHAL-\IWPD_13(perfectbrea) [12-07-2023 10:13:13] New process found: Process Name - conhost.exe Process ID - 6800 Process Identity - KSHITIJSINGHAL-\IWPD_13(perfectbrea) [12-07-2023 10:13:13] Process Exited: Process Name - where.exe Process ID - 3332 [12-07-2023 10:13:13] Process Exited: Process Name - conhost.exe Process ID - 7356 [12-07-2023 10:13:17] New process found: Process Name - w3wp.exe Process ID - 14936 Process Identity - KSHITIJSINGHAL-\IWPD_14(perfectbrea) Web application pool name - adminportal.perfectbread.com(domain)(4.0)(pool) [12-07-2023 10:13:17] New process found: Process Name - conhost.exe Process ID - 12004 Process Identity - KSHITIJSINGHAL-\IWPD_14(perfectbrea) [12-07-2023 10:13:48] Process Exited: Process Name - w3wp.exe Process ID - 1616 Web application pool name - galaxytools.in [12-07-2023 10:14:25] New process found: Process Name - w3wp.exe Process ID - 2316 Process Identity - KSHITIJSINGHAL-\IWPD_6(cies) Web application pool name - cies.org.in(domain)(4.0)(pool) [12-07-2023 10:15:04] Process Exited: Process Name - w3wp.exe Process ID - 6484 Web application pool name - kdbps.edu.in [12-07-2023 10:15:04] Process Exited: Process Name - conhost.exe Process ID - 7892 [12-07-2023 10:15:37] New process found: Process Name - w3wp.exe Process ID - 15092 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 10:15:37] Process Exited: Process Name - w3wp.exe Process ID - 10012 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 10:16:25] New process found: Process Name - w3wp.exe Process ID - 10768 Process Identity - IIS APPPOOL\galaxytools.in Web application pool name - galaxytools.in [12-07-2023 10:16:47] New process found: Process Name - w3wp.exe Process ID - 15064 Process Identity - IIS APPPOOL\kdbps.edu.in Web application pool name - kdbps.edu.in [12-07-2023 10:16:47] New process found: Process Name - conhost.exe Process ID - 12508 Process Identity - IIS APPPOOL\kdbps.edu.in [12-07-2023 10:18:54] New process found: Process Name - WmiPrvSE.exe Process ID - 11172 Process Identity - NT AUTHORITY\LOCAL SERVICE [12-07-2023 10:19:01] New process found: Process Name - WmiPrvSE.exe Process ID - 13056 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 10:19:14] Process Exited: Process Name - conhost.exe Process ID - 6800 [12-07-2023 10:19:14] Process Exited: Process Name - w3wp.exe Process ID - 13600 Web application pool name - perfectbread.com(domain)(4.0)(pool) [12-07-2023 10:19:19] Process Exited: Process Name - conhost.exe Process ID - 12004 [12-07-2023 10:19:19] Process Exited: Process Name - w3wp.exe Process ID - 14936 Web application pool name - adminportal.perfectbread.com(domain)(4.0)(pool) [12-07-2023 10:19:59] New process found: Process Name - w3wp.exe Process ID - 11980 Process Identity - IIS APPPOOL\DefaultAppPool Web application pool name - DefaultAppPool [12-07-2023 10:20:24] New process found: Process Name - w3wp.exe Process ID - 12660 Process Identity - IIS APPPOOL\shop.galaxytools.in Web application pool name - shop.galaxytools.in [12-07-2023 10:20:24] Process Exited: Process Name - WmiPrvSE.exe Process ID - 11172 [12-07-2023 10:20:24] Process Exited: Process Name - WmiPrvSE.exe Process ID - 13056 [12-07-2023 10:20:38] New process found: Process Name - w3wp.exe Process ID - 10868 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 10:20:38] Process Exited: Process Name - w3wp.exe Process ID - 15092 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 10:21:47] Process Exited: Process Name - w3wp.exe Process ID - 2328 Web application pool name - capitalbooks-publishing.com(domain)(4.0)(pool) [12-07-2023 10:24:07] New process found: Process Name - w3wp.exe Process ID - 6916 Process Identity - KSHITIJSINGHAL-\IWPD_69(acwits) Web application pool name - imarc.acwits.in(domain)(4.0)(pool) [12-07-2023 10:24:07] New process found: Process Name - conhost.exe Process ID - 15716 Process Identity - KSHITIJSINGHAL-\IWPD_69(acwits) [12-07-2023 10:25:01] New process found: Process Name - cmd.exe Process ID - 4208 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 10:25:01] New process found: Process Name - conhost.exe Process ID - 15824 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 10:25:01] New process found: Process Name - runtask.exe Process ID - 13348 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 10:25:01] New process found: Process Name - php.exe Process ID - 11480 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 10:25:01] New process found: Process Name - conhost.exe Process ID - 15540 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 10:25:04] Process Exited: Process Name - cmd.exe Process ID - 4208 [12-07-2023 10:25:04] Process Exited: Process Name - php.exe Process ID - 11480 [12-07-2023 10:25:04] Process Exited: Process Name - runtask.exe Process ID - 13348 [12-07-2023 10:25:04] Process Exited: Process Name - conhost.exe Process ID - 15540 [12-07-2023 10:25:04] Process Exited: Process Name - conhost.exe Process ID - 15824 [12-07-2023 10:25:23] New process found: Process Name - w3wp.exe Process ID - 11304 Process Identity - KSHITIJSINGHAL-\IWPD_38(capitalbook) Web application pool name - capitalbooks-publishing.com(domain)(4.0)(pool) [12-07-2023 10:25:27] Process Exited: Process Name - w3wp.exe Process ID - 10768 Web application pool name - galaxytools.in [12-07-2023 10:25:39] New process found: Process Name - w3wp.exe Process ID - 15556 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 10:25:39] Process Exited: Process Name - w3wp.exe Process ID - 10868 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 10:26:01] Process Exited: Process Name - w3wp.exe Process ID - 11980 Web application pool name - DefaultAppPool [12-07-2023 10:26:27] Process Exited: Process Name - w3wp.exe Process ID - 12660 Web application pool name - shop.galaxytools.in [12-07-2023 10:28:25] New process found: Process Name - w3wp.exe Process ID - 6252 Process Identity - KSHITIJSINGHAL-\IWPD_56(acwits) Web application pool name - cameraonrent.acwits.in(domain)(4.0)(pool) [12-07-2023 10:28:54] New process found: Process Name - WmiPrvSE.exe Process ID - 9532 Process Identity - NT AUTHORITY\LOCAL SERVICE [12-07-2023 10:29:00] New process found: Process Name - w3wp.exe Process ID - 16252 Process Identity - KSHITIJSINGHAL-\IWPD_13(perfectbrea) Web application pool name - perfectbread.com(domain)(4.0)(pool) [12-07-2023 10:29:01] New process found: Process Name - WmiPrvSE.exe Process ID - 9720 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 10:29:01] New process found: Process Name - conhost.exe Process ID - 12088 Process Identity - KSHITIJSINGHAL-\IWPD_13(perfectbrea) [12-07-2023 10:29:27] Process Exited: Process Name - w3wp.exe Process ID - 2316 Web application pool name - cies.org.in(domain)(4.0)(pool) [12-07-2023 10:30:09] Process Exited: Process Name - w3wp.exe Process ID - 6916 Web application pool name - imarc.acwits.in(domain)(4.0)(pool) [12-07-2023 10:30:09] Process Exited: Process Name - conhost.exe Process ID - 15716 [12-07-2023 10:30:25] Process Exited: Process Name - WmiPrvSE.exe Process ID - 9532 [12-07-2023 10:30:25] Process Exited: Process Name - WmiPrvSE.exe Process ID - 9720 [12-07-2023 10:30:41] New process found: Process Name - w3wp.exe Process ID - 16352 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 10:30:41] Process Exited: Process Name - w3wp.exe Process ID - 15556 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 10:34:27] Process Exited: Process Name - w3wp.exe Process ID - 6252 Web application pool name - cameraonrent.acwits.in(domain)(4.0)(pool) [12-07-2023 10:35:03] Process Exited: Process Name - conhost.exe Process ID - 12088 [12-07-2023 10:35:03] Process Exited: Process Name - w3wp.exe Process ID - 16252 Web application pool name - perfectbread.com(domain)(4.0)(pool) [12-07-2023 10:37:08] New process found: Process Name - w3wp.exe Process ID - 7396 Process Identity - IIS APPPOOL\galaxytools.in Web application pool name - galaxytools.in [12-07-2023 10:38:44] New process found: Process Name - w3wp.exe Process ID - 6132 Process Identity - KSHITIJSINGHAL-\IWPD_33(acwits) Web application pool name - procurementwebnew.acwits.in(domain)(4.0)(pool) [12-07-2023 10:38:44] New process found: Process Name - conhost.exe Process ID - 10728 Process Identity - KSHITIJSINGHAL-\IWPD_33(acwits) [12-07-2023 10:38:55] New process found: Process Name - WmiPrvSE.exe Process ID - 13216 Process Identity - NT AUTHORITY\LOCAL SERVICE [12-07-2023 10:39:01] New process found: Process Name - cmd.exe Process ID - 2604 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 10:39:01] New process found: Process Name - conhost.exe Process ID - 12684 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 10:39:01] New process found: Process Name - runtask.exe Process ID - 7392 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 10:39:01] New process found: Process Name - php.exe Process ID - 10340 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 10:39:01] New process found: Process Name - conhost.exe Process ID - 7448 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 10:39:01] New process found: Process Name - cmd.exe Process ID - 13096 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 10:39:01] New process found: Process Name - php.exe Process ID - 11544 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 10:39:02] New process found: Process Name - WmiPrvSE.exe Process ID - 5176 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 10:39:02] New process found: Process Name - cmd.exe Process ID - 8380 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 10:39:02] New process found: Process Name - php.exe Process ID - 10648 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 10:39:02] Process Exited: Process Name - php.exe Process ID - 11544 [12-07-2023 10:39:02] Process Exited: Process Name - cmd.exe Process ID - 13096 [12-07-2023 10:39:03] Process Exited: Process Name - cmd.exe Process ID - 2604 [12-07-2023 10:39:03] Process Exited: Process Name - runtask.exe Process ID - 7392 [12-07-2023 10:39:03] Process Exited: Process Name - conhost.exe Process ID - 7448 [12-07-2023 10:39:03] Process Exited: Process Name - cmd.exe Process ID - 8380 [12-07-2023 10:39:03] Process Exited: Process Name - php.exe Process ID - 10340 [12-07-2023 10:39:03] Process Exited: Process Name - php.exe Process ID - 10648 [12-07-2023 10:39:03] Process Exited: Process Name - conhost.exe Process ID - 12684 [12-07-2023 10:39:36] New process found: Process Name - w3wp.exe Process ID - 5924 Process Identity - IIS APPPOOL\adminportal.galaxytools.in Web application pool name - adminportal.galaxytools.in [12-07-2023 10:39:49] Process Exited: Process Name - conhost.exe Process ID - 12508 [12-07-2023 10:39:49] Process Exited: Process Name - w3wp.exe Process ID - 15064 Web application pool name - kdbps.edu.in [12-07-2023 10:40:24] Process Exited: Process Name - WmiPrvSE.exe Process ID - 5176 [12-07-2023 10:40:24] Process Exited: Process Name - WmiPrvSE.exe Process ID - 13216 [12-07-2023 10:40:25] Process Exited: Process Name - w3wp.exe Process ID - 11304 Web application pool name - capitalbooks-publishing.com(domain)(4.0)(pool) [12-07-2023 10:40:43] New process found: Process Name - w3wp.exe Process ID - 13280 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 10:40:43] Process Exited: Process Name - w3wp.exe Process ID - 16352 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 10:41:54] New process found: Process Name - ig-0.exe Process ID - 2284 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 10:41:55] New process found: Process Name - ig-3.exe Process ID - 12268 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 10:41:55] Process Exited: Process Name - ig-0.exe Process ID - 2284 [12-07-2023 10:41:56] New process found: Process Name - ig-6.exe Process ID - 11572 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 10:41:56] Process Exited: Process Name - ig-3.exe Process ID - 12268 [12-07-2023 10:41:57] New process found: Process Name - ig-9.exe Process ID - 2660 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 10:41:57] Process Exited: Process Name - ig-6.exe Process ID - 11572 [12-07-2023 10:41:58] New process found: Process Name - ig-12.exe Process ID - 11388 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 10:41:58] Process Exited: Process Name - ig-9.exe Process ID - 2660 [12-07-2023 10:41:59] New process found: Process Name - ig-15.exe Process ID - 16216 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 10:41:59] Process Exited: Process Name - ig-12.exe Process ID - 11388 [12-07-2023 10:42:00] New process found: Process Name - ig-18.exe Process ID - 2516 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 10:42:00] Process Exited: Process Name - ig-15.exe Process ID - 16216 [12-07-2023 10:42:01] New process found: Process Name - ig-21.exe Process ID - 7268 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 10:42:01] Process Exited: Process Name - ig-18.exe Process ID - 2516 [12-07-2023 10:42:02] New process found: Process Name - ig-23.exe Process ID - 12568 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 10:42:02] Process Exited: Process Name - ig-21.exe Process ID - 7268 [12-07-2023 10:42:03] New process found: Process Name - ig-26.exe Process ID - 6564 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 10:42:03] Process Exited: Process Name - ig-23.exe Process ID - 12568 [12-07-2023 10:42:04] New process found: Process Name - ig-29.exe Process ID - 15544 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 10:42:04] Process Exited: Process Name - ig-26.exe Process ID - 6564 [12-07-2023 10:42:05] New process found: Process Name - ig-33.exe Process ID - 2692 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 10:42:05] Process Exited: Process Name - ig-29.exe Process ID - 15544 [12-07-2023 10:42:06] New process found: Process Name - ig-36.exe Process ID - 6900 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 10:42:06] Process Exited: Process Name - ig-33.exe Process ID - 2692 [12-07-2023 10:42:06] Process Exited: Process Name - php-cgi.exe Process ID - 13252 [12-07-2023 10:42:07] New process found: Process Name - ig-38.exe Process ID - 12016 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 10:42:07] Process Exited: Process Name - ig-36.exe Process ID - 6900 [12-07-2023 10:42:08] New process found: Process Name - ig-41.exe Process ID - 8628 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 10:42:08] Process Exited: Process Name - ig-38.exe Process ID - 12016 [12-07-2023 10:42:08] Process Exited: Process Name - w3wp.exe Process ID - 16244 Web application pool name - PleskControlPanel [12-07-2023 10:42:09] New process found: Process Name - ig-44.exe Process ID - 9972 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 10:42:09] Process Exited: Process Name - ig-41.exe Process ID - 8628 [12-07-2023 10:42:10] New process found: Process Name - ig-47.exe Process ID - 9400 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 10:42:10] Process Exited: Process Name - ig-44.exe Process ID - 9972 [12-07-2023 10:42:11] Process Exited: Process Name - ig-47.exe Process ID - 9400 [12-07-2023 10:42:57] New process found: Process Name - w3wp.exe Process ID - 15200 Process Identity - KSHITIJSINGHAL-\IWPD_6(cies) Web application pool name - cies.org.in(domain)(4.0)(pool) [12-07-2023 10:43:10] Process Exited: Process Name - w3wp.exe Process ID - 7396 Web application pool name - galaxytools.in [12-07-2023 10:43:19] New process found: Process Name - w3wp.exe Process ID - 11512 Process Identity - IIS APPPOOL\kdbps.edu.in Web application pool name - kdbps.edu.in [12-07-2023 10:43:19] New process found: Process Name - conhost.exe Process ID - 12704 Process Identity - IIS APPPOOL\kdbps.edu.in [12-07-2023 10:44:01] New process found: Process Name - cmd.exe Process ID - 14164 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 10:44:01] New process found: Process Name - conhost.exe Process ID - 6624 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 10:44:01] New process found: Process Name - runtask.exe Process ID - 12136 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 10:44:01] New process found: Process Name - php.exe Process ID - 528 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 10:44:01] New process found: Process Name - conhost.exe Process ID - 16020 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 10:44:02] Process Exited: Process Name - php.exe Process ID - 528 [12-07-2023 10:44:02] Process Exited: Process Name - conhost.exe Process ID - 6624 [12-07-2023 10:44:02] Process Exited: Process Name - runtask.exe Process ID - 12136 [12-07-2023 10:44:02] Process Exited: Process Name - cmd.exe Process ID - 14164 [12-07-2023 10:44:02] Process Exited: Process Name - conhost.exe Process ID - 16020 [12-07-2023 10:44:46] Process Exited: Process Name - w3wp.exe Process ID - 6132 Web application pool name - procurementwebnew.acwits.in(domain)(4.0)(pool) [12-07-2023 10:44:46] Process Exited: Process Name - conhost.exe Process ID - 10728 [12-07-2023 10:45:35] New process found: Process Name - w3wp.exe Process ID - 13096 Process Identity - KSHITIJSINGHAL-\IWPD_38(capitalbook) Web application pool name - capitalbooks-publishing.com(domain)(4.0)(pool) [12-07-2023 10:45:35] New process found: Process Name - w3wp.exe Process ID - 14812 Process Identity - IIS APPPOOL\DefaultAppPool Web application pool name - DefaultAppPool [12-07-2023 10:45:36] New process found: Process Name - w3wp.exe Process ID - 136 Process Identity - KSHITIJSINGHAL-\IWPD_56(acwits) Web application pool name - cameraonrent.acwits.in(domain)(4.0)(pool) [12-07-2023 10:45:45] New process found: Process Name - w3wp.exe Process ID - 9684 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 10:45:45] Process Exited: Process Name - w3wp.exe Process ID - 13280 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 10:46:01] New process found: Process Name - cmd.exe Process ID - 9992 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 10:46:01] New process found: Process Name - conhost.exe Process ID - 16228 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 10:46:01] New process found: Process Name - runtask.exe Process ID - 12012 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 10:46:01] New process found: Process Name - php.exe Process ID - 10456 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 10:46:01] New process found: Process Name - conhost.exe Process ID - 9976 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 10:46:02] Process Exited: Process Name - conhost.exe Process ID - 9976 [12-07-2023 10:46:02] Process Exited: Process Name - cmd.exe Process ID - 9992 [12-07-2023 10:46:02] Process Exited: Process Name - php.exe Process ID - 10456 [12-07-2023 10:46:02] Process Exited: Process Name - runtask.exe Process ID - 12012 [12-07-2023 10:46:02] Process Exited: Process Name - conhost.exe Process ID - 16228 [12-07-2023 10:48:35] New process found: Process Name - w3wp.exe Process ID - 14216 Process Identity - KSHITIJSINGHAL-\IWPD_33(acwits) Web application pool name - procurementwebnew.acwits.in(domain)(4.0)(pool) [12-07-2023 10:48:35] New process found: Process Name - conhost.exe Process ID - 12660 Process Identity - KSHITIJSINGHAL-\IWPD_33(acwits) [12-07-2023 10:48:54] New process found: Process Name - WmiPrvSE.exe Process ID - 8896 Process Identity - NT AUTHORITY\LOCAL SERVICE [12-07-2023 10:49:00] Process Exited: Process Name - w3wp.exe Process ID - 15200 Web application pool name - cies.org.in(domain)(4.0)(pool) [12-07-2023 10:49:01] New process found: Process Name - WmiPrvSE.exe Process ID - 11580 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 10:49:21] Process Exited: Process Name - w3wp.exe Process ID - 11512 Web application pool name - kdbps.edu.in [12-07-2023 10:49:21] Process Exited: Process Name - conhost.exe Process ID - 12704 [12-07-2023 10:50:08] New process found: Process Name - w3wp.exe Process ID - 14224 Process Identity - IIS APPPOOL\kdbps.edu.in Web application pool name - kdbps.edu.in [12-07-2023 10:50:09] New process found: Process Name - conhost.exe Process ID - 13624 Process Identity - IIS APPPOOL\kdbps.edu.in [12-07-2023 10:50:24] Process Exited: Process Name - WmiPrvSE.exe Process ID - 8896 [12-07-2023 10:50:24] Process Exited: Process Name - WmiPrvSE.exe Process ID - 11580 [12-07-2023 10:50:45] New process found: Process Name - w3wp.exe Process ID - 14404 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 10:50:45] Process Exited: Process Name - w3wp.exe Process ID - 9684 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 10:51:37] Process Exited: Process Name - w3wp.exe Process ID - 13096 Web application pool name - capitalbooks-publishing.com(domain)(4.0)(pool) [12-07-2023 10:51:37] Process Exited: Process Name - w3wp.exe Process ID - 14812 Web application pool name - DefaultAppPool [12-07-2023 10:51:38] Process Exited: Process Name - w3wp.exe Process ID - 136 Web application pool name - cameraonrent.acwits.in(domain)(4.0)(pool) [12-07-2023 10:52:01] New process found: Process Name - cmd.exe Process ID - 1324 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 10:52:01] New process found: Process Name - conhost.exe Process ID - 15212 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 10:52:01] New process found: Process Name - runtask.exe Process ID - 5904 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 10:52:01] New process found: Process Name - php.exe Process ID - 32 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 10:52:01] New process found: Process Name - conhost.exe Process ID - 7600 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 10:52:02] Process Exited: Process Name - php.exe Process ID - 32 [12-07-2023 10:52:02] Process Exited: Process Name - cmd.exe Process ID - 1324 [12-07-2023 10:52:02] Process Exited: Process Name - runtask.exe Process ID - 5904 [12-07-2023 10:52:02] Process Exited: Process Name - conhost.exe Process ID - 7600 [12-07-2023 10:52:02] Process Exited: Process Name - conhost.exe Process ID - 15212 [12-07-2023 10:52:47] New process found: Process Name - w3wp.exe Process ID - 10260 Process Identity - KSHITIJSINGHAL-\IWPD_77(acwits) Web application pool name - kdb.acwits.in(domain)(4.0)(pool) [12-07-2023 10:52:47] New process found: Process Name - conhost.exe Process ID - 12484 Process Identity - KSHITIJSINGHAL-\IWPD_77(acwits) [12-07-2023 10:53:38] New process found: Process Name - w3wp.exe Process ID - 11484 Process Identity - KSHITIJSINGHAL-\IWPD_38(capitalbook) Web application pool name - capitalbooks-publishing.com(domain)(4.0)(pool) [12-07-2023 10:54:44] New process found: Process Name - w3wp.exe Process ID - 3860 Process Identity - KSHITIJSINGHAL-\IWPD_6(cies) Web application pool name - cies.org.in(domain)(4.0)(pool) [12-07-2023 10:54:50] New process found: Process Name - w3wp.exe Process ID - 12260 Process Identity - KSHITIJSINGHAL-\IWPD_13(perfectbrea) Web application pool name - perfectbread.com(domain)(4.0)(pool) [12-07-2023 10:55:47] New process found: Process Name - w3wp.exe Process ID - 14764 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 10:55:47] Process Exited: Process Name - w3wp.exe Process ID - 14404 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 10:56:35] New process found: Process Name - conhost.exe Process ID - 11884 Process Identity - KSHITIJSINGHAL-\IWPD_13(perfectbrea) [12-07-2023 10:58:50] Process Exited: Process Name - w3wp.exe Process ID - 10260 Web application pool name - kdb.acwits.in(domain)(4.0)(pool) [12-07-2023 10:58:50] Process Exited: Process Name - conhost.exe Process ID - 12484 [12-07-2023 10:58:54] New process found: Process Name - w3wp.exe Process ID - 4884 Process Identity - IIS APPPOOL\galaxytools.in Web application pool name - galaxytools.in [12-07-2023 10:58:55] New process found: Process Name - WmiPrvSE.exe Process ID - 15688 Process Identity - NT AUTHORITY\LOCAL SERVICE [12-07-2023 10:59:02] New process found: Process Name - WmiPrvSE.exe Process ID - 10492 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 10:59:37] Process Exited: Process Name - conhost.exe Process ID - 12660 [12-07-2023 10:59:37] Process Exited: Process Name - w3wp.exe Process ID - 14216 Web application pool name - procurementwebnew.acwits.in(domain)(4.0)(pool) [12-07-2023 11:00:25] Process Exited: Process Name - WmiPrvSE.exe Process ID - 10492 [12-07-2023 11:00:25] Process Exited: Process Name - WmiPrvSE.exe Process ID - 15688 [12-07-2023 11:00:48] New process found: Process Name - w3wp.exe Process ID - 8816 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 11:00:48] Process Exited: Process Name - w3wp.exe Process ID - 14764 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 11:00:56] New process found: Process Name - w3wp.exe Process ID - 12616 Process Identity - IIS APPPOOL\shop.galaxytools.in Web application pool name - shop.galaxytools.in [12-07-2023 11:02:38] Process Exited: Process Name - w3wp.exe Process ID - 5924 Web application pool name - adminportal.galaxytools.in [12-07-2023 11:03:39] New process found: Process Name - w3wp.exe Process ID - 368 Process Identity - IIS APPPOOL\adminportal.galaxytools.in Web application pool name - adminportal.galaxytools.in [12-07-2023 11:03:52] Process Exited: Process Name - conhost.exe Process ID - 11884 [12-07-2023 11:03:52] Process Exited: Process Name - w3wp.exe Process ID - 12260 Web application pool name - perfectbread.com(domain)(4.0)(pool) [12-07-2023 11:05:00] New process found: Process Name - cmd.exe Process ID - 11800 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 11:05:00] New process found: Process Name - conhost.exe Process ID - 4048 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 11:05:00] New process found: Process Name - runtask.exe Process ID - 15324 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 11:05:00] New process found: Process Name - php.exe Process ID - 8576 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 11:05:00] New process found: Process Name - conhost.exe Process ID - 1684 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 11:05:02] Process Exited: Process Name - conhost.exe Process ID - 1684 [12-07-2023 11:05:02] Process Exited: Process Name - conhost.exe Process ID - 4048 [12-07-2023 11:05:02] Process Exited: Process Name - php.exe Process ID - 8576 [12-07-2023 11:05:02] Process Exited: Process Name - cmd.exe Process ID - 11800 [12-07-2023 11:05:02] Process Exited: Process Name - runtask.exe Process ID - 15324 [12-07-2023 11:05:50] New process found: Process Name - w3wp.exe Process ID - 7400 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 11:05:50] Process Exited: Process Name - w3wp.exe Process ID - 8816 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 11:06:41] Process Exited: Process Name - w3wp.exe Process ID - 11484 Web application pool name - capitalbooks-publishing.com(domain)(4.0)(pool) [12-07-2023 11:08:46] Process Exited: Process Name - w3wp.exe Process ID - 3860 Web application pool name - cies.org.in(domain)(4.0)(pool) [12-07-2023 11:08:54] New process found: Process Name - WmiPrvSE.exe Process ID - 9568 Process Identity - NT AUTHORITY\LOCAL SERVICE [12-07-2023 11:09:01] New process found: Process Name - WmiPrvSE.exe Process ID - 10492 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 11:10:20] New process found: Process Name - w3wp.exe Process ID - 436 Process Identity - KSHITIJSINGHAL-\IWPD_38(capitalbook) Web application pool name - capitalbooks-publishing.com(domain)(4.0)(pool) [12-07-2023 11:10:24] Process Exited: Process Name - WmiPrvSE.exe Process ID - 9568 [12-07-2023 11:10:24] Process Exited: Process Name - WmiPrvSE.exe Process ID - 10492 [12-07-2023 11:10:50] New process found: Process Name - w3wp.exe Process ID - 14120 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 11:10:50] Process Exited: Process Name - w3wp.exe Process ID - 7400 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 11:13:12] New process found: Process Name - w3wp.exe Process ID - 792 Process Identity - KSHITIJSINGHAL-\IWPD_13(perfectbrea) Web application pool name - perfectbread.com(domain)(4.0)(pool) [12-07-2023 11:14:03] New process found: Process Name - taskhostw.exe Process ID - 10604 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 11:14:03] New process found: Process Name - InstallAgent.exe Process ID - 1432 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 11:14:04] Process Exited: Process Name - taskhostw.exe Process ID - 10604 [12-07-2023 11:14:04] Service state changed: Service Name - wuauserv Process ID - 1120 Current State - SERVICE_RUNNING [12-07-2023 11:14:09] Process Exited: Process Name - InstallAgent.exe Process ID - 1432 [12-07-2023 11:14:20] New process found: Process Name - w3wp.exe Process ID - 16052 Process Identity - KSHITIJSINGHAL-\IWPD_6(cies) Web application pool name - cies.org.in(domain)(4.0)(pool) [12-07-2023 11:14:41] Process Exited: Process Name - w3wp.exe Process ID - 368 Web application pool name - adminportal.galaxytools.in [12-07-2023 11:14:56] Process Exited: Process Name - w3wp.exe Process ID - 4884 Web application pool name - galaxytools.in [12-07-2023 11:15:01] New process found: Process Name - w3wp.exe Process ID - 2372 Process Identity - IIS APPPOOL\DefaultAppPool Web application pool name - DefaultAppPool [12-07-2023 11:15:52] New process found: Process Name - w3wp.exe Process ID - 8312 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 11:15:52] Process Exited: Process Name - w3wp.exe Process ID - 14120 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 11:16:23] Process Exited: Process Name - w3wp.exe Process ID - 436 Web application pool name - capitalbooks-publishing.com(domain)(4.0)(pool) [12-07-2023 11:18:54] New process found: Process Name - WmiPrvSE.exe Process ID - 14384 Process Identity - NT AUTHORITY\LOCAL SERVICE [12-07-2023 11:19:01] New process found: Process Name - WmiPrvSE.exe Process ID - 11680 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 11:19:17] New process found: Process Name - w3wp.exe Process ID - 14732 Process Identity - KSHITIJSINGHAL-\IWPD_33(acwits) Web application pool name - procurementwebnew.acwits.in(domain)(4.0)(pool) [12-07-2023 11:19:17] New process found: Process Name - conhost.exe Process ID - 12112 Process Identity - KSHITIJSINGHAL-\IWPD_33(acwits) [12-07-2023 11:20:25] Process Exited: Process Name - WmiPrvSE.exe Process ID - 11680 [12-07-2023 11:20:25] Process Exited: Process Name - WmiPrvSE.exe Process ID - 14384 [12-07-2023 11:20:53] New process found: Process Name - w3wp.exe Process ID - 13988 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 11:20:53] Process Exited: Process Name - w3wp.exe Process ID - 8312 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 11:22:14] Process Exited: Process Name - w3wp.exe Process ID - 792 Web application pool name - perfectbread.com(domain)(4.0)(pool) [12-07-2023 11:22:58] Process Exited: Process Name - w3wp.exe Process ID - 12616 Web application pool name - shop.galaxytools.in [12-07-2023 11:23:22] Process Exited: Process Name - w3wp.exe Process ID - 16052 Web application pool name - cies.org.in(domain)(4.0)(pool) [12-07-2023 11:23:52] New process found: Process Name - w3wp.exe Process ID - 4768 Process Identity - IIS APPPOOL\galaxytools.in Web application pool name - galaxytools.in [12-07-2023 11:24:14] Service state changed: Service Name - wuauserv Process ID - 0 Current State - SERVICE_STOPPED [12-07-2023 11:24:58] New process found: Process Name - w3wp.exe Process ID - 212 Process Identity - IIS APPPOOL\shop.galaxytools.in Web application pool name - shop.galaxytools.in [12-07-2023 11:25:01] New process found: Process Name - cmd.exe Process ID - 13568 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 11:25:01] New process found: Process Name - conhost.exe Process ID - 6760 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 11:25:01] New process found: Process Name - runtask.exe Process ID - 5408 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 11:25:01] New process found: Process Name - php.exe Process ID - 7316 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 11:25:01] New process found: Process Name - conhost.exe Process ID - 13192 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 11:25:04] Process Exited: Process Name - runtask.exe Process ID - 5408 [12-07-2023 11:25:04] Process Exited: Process Name - conhost.exe Process ID - 6760 [12-07-2023 11:25:04] Process Exited: Process Name - php.exe Process ID - 7316 [12-07-2023 11:25:04] Process Exited: Process Name - conhost.exe Process ID - 13192 [12-07-2023 11:25:04] Process Exited: Process Name - cmd.exe Process ID - 13568 [12-07-2023 11:25:09] New process found: Process Name - w3wp.exe Process ID - 13356 Process Identity - KSHITIJSINGHAL-\IWPD_76(organicdisr) Web application pool name - organicdisruption.org(domain)(4.0)(pool) [12-07-2023 11:25:10] New process found: Process Name - conhost.exe Process ID - 15796 Process Identity - KSHITIJSINGHAL-\IWPD_76(organicdisr) [12-07-2023 11:25:26] Process Exited: Process Name - w3wp.exe Process ID - 10484 Web application pool name - suryaflame.com(domain)(4.0)(pool) [12-07-2023 11:25:26] Process Exited: Process Name - conhost.exe Process ID - 16324 [12-07-2023 11:25:54] New process found: Process Name - w3wp.exe Process ID - 10708 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 11:25:54] Process Exited: Process Name - w3wp.exe Process ID - 13988 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 11:26:19] New process found: Process Name - w3wp.exe Process ID - 15052 Process Identity - KSHITIJSINGHAL-\IWPD_50(acwits) Web application pool name - adminmain.acwits.in(domain)(4.0)(pool) [12-07-2023 11:26:19] Process Exited: Process Name - conhost.exe Process ID - 12112 [12-07-2023 11:26:19] Process Exited: Process Name - w3wp.exe Process ID - 14732 Web application pool name - procurementwebnew.acwits.in(domain)(4.0)(pool) [12-07-2023 11:28:11] New process found: Process Name - w3wp.exe Process ID - 12024 Process Identity - IIS APPPOOL\kdbps.edu.in Web application pool name - kdbps.edu.in [12-07-2023 11:28:12] New process found: Process Name - conhost.exe Process ID - 5744 Process Identity - IIS APPPOOL\kdbps.edu.in [12-07-2023 11:28:12] Process Exited: Process Name - conhost.exe Process ID - 13624 [12-07-2023 11:28:12] Process Exited: Process Name - w3wp.exe Process ID - 14224 Web application pool name - kdbps.edu.in [12-07-2023 11:28:55] New process found: Process Name - WmiPrvSE.exe Process ID - 444 Process Identity - NT AUTHORITY\LOCAL SERVICE [12-07-2023 11:29:02] New process found: Process Name - WmiPrvSE.exe Process ID - 14632 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 11:29:54] Process Exited: Process Name - w3wp.exe Process ID - 4768 Web application pool name - galaxytools.in [12-07-2023 11:30:04] Process Exited: Process Name - w3wp.exe Process ID - 2372 Web application pool name - DefaultAppPool [12-07-2023 11:30:25] Process Exited: Process Name - WmiPrvSE.exe Process ID - 444 [12-07-2023 11:30:25] Process Exited: Process Name - WmiPrvSE.exe Process ID - 14632 [12-07-2023 11:30:32] New process found: Process Name - w3wp.exe Process ID - 15116 Process Identity - IIS APPPOOL\galaxytools.in Web application pool name - galaxytools.in [12-07-2023 11:30:56] New process found: Process Name - w3wp.exe Process ID - 13776 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 11:30:56] New process found: Process Name - w3wp.exe Process ID - 4724 Process Identity - KSHITIJSINGHAL-\IWPD_38(capitalbook) Web application pool name - capitalbooks-publishing.com(domain)(4.0)(pool) [12-07-2023 11:30:56] Process Exited: Process Name - w3wp.exe Process ID - 10708 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 11:31:00] Process Exited: Process Name - w3wp.exe Process ID - 212 Web application pool name - shop.galaxytools.in [12-07-2023 11:31:11] Process Exited: Process Name - w3wp.exe Process ID - 13356 Web application pool name - organicdisruption.org(domain)(4.0)(pool) [12-07-2023 11:31:11] Process Exited: Process Name - conhost.exe Process ID - 15796 [12-07-2023 11:32:06] New process found: Process Name - w3wp.exe Process ID - 13868 Process Identity - IIS APPPOOL\DefaultAppPool Web application pool name - DefaultAppPool [12-07-2023 11:32:21] Process Exited: Process Name - w3wp.exe Process ID - 15052 Web application pool name - adminmain.acwits.in(domain)(4.0)(pool) [12-07-2023 11:32:33] New process found: Process Name - SearchProtocolHost.exe Process ID - 15624 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 11:32:33] New process found: Process Name - SearchFilterHost.exe Process ID - 7412 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 11:34:03] New process found: Process Name - w3wp.exe Process ID - 13708 Process Identity - KSHITIJSINGHAL-\IWPD_6(cies) Web application pool name - cies.org.in(domain)(4.0)(pool) [12-07-2023 11:34:47] Process Exited: Process Name - SearchFilterHost.exe Process ID - 7412 [12-07-2023 11:34:47] Process Exited: Process Name - SearchProtocolHost.exe Process ID - 15624 [12-07-2023 11:35:13] Process Exited: Process Name - conhost.exe Process ID - 5744 [12-07-2023 11:35:13] Process Exited: Process Name - w3wp.exe Process ID - 12024 Web application pool name - kdbps.edu.in [12-07-2023 11:35:32] New process found: Process Name - w3wp.exe Process ID - 14936 Process Identity - IIS APPPOOL\kdbps.edu.in Web application pool name - kdbps.edu.in [12-07-2023 11:35:32] New process found: Process Name - conhost.exe Process ID - 11576 Process Identity - IIS APPPOOL\kdbps.edu.in [12-07-2023 11:35:57] New process found: Process Name - w3wp.exe Process ID - 4060 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 11:35:57] Process Exited: Process Name - w3wp.exe Process ID - 13776 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 11:36:59] Process Exited: Process Name - w3wp.exe Process ID - 4724 Web application pool name - capitalbooks-publishing.com(domain)(4.0)(pool) [12-07-2023 11:38:04] New process found: Process Name - w3wp.exe Process ID - 15848 Process Identity - KSHITIJSINGHAL-\IWPD_7(cies) Web application pool name - adminportal.cies.org.in(domain)(4.0)(pool) [12-07-2023 11:38:16] New process found: Process Name - w3wp.exe Process ID - 8700 Process Identity - IIS APPPOOL\adminportal.galaxytools.in Web application pool name - adminportal.galaxytools.in [12-07-2023 11:38:55] New process found: Process Name - WmiPrvSE.exe Process ID - 4780 Process Identity - NT AUTHORITY\LOCAL SERVICE [12-07-2023 11:39:01] New process found: Process Name - cmd.exe Process ID - 11856 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 11:39:01] New process found: Process Name - conhost.exe Process ID - 10872 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 11:39:01] New process found: Process Name - runtask.exe Process ID - 13624 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 11:39:01] New process found: Process Name - php.exe Process ID - 12776 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 11:39:01] New process found: Process Name - conhost.exe Process ID - 7884 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 11:39:01] New process found: Process Name - cmd.exe Process ID - 11348 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 11:39:01] New process found: Process Name - php.exe Process ID - 14728 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 11:39:02] New process found: Process Name - WmiPrvSE.exe Process ID - 7468 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 11:39:02] New process found: Process Name - cmd.exe Process ID - 5592 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 11:39:02] New process found: Process Name - php.exe Process ID - 13348 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 11:39:02] Process Exited: Process Name - cmd.exe Process ID - 11348 [12-07-2023 11:39:02] Process Exited: Process Name - php.exe Process ID - 14728 [12-07-2023 11:39:03] Process Exited: Process Name - cmd.exe Process ID - 5592 [12-07-2023 11:39:03] Process Exited: Process Name - conhost.exe Process ID - 7884 [12-07-2023 11:39:03] Process Exited: Process Name - conhost.exe Process ID - 10872 [12-07-2023 11:39:03] Process Exited: Process Name - cmd.exe Process ID - 11856 [12-07-2023 11:39:03] Process Exited: Process Name - php.exe Process ID - 12776 [12-07-2023 11:39:03] Process Exited: Process Name - php.exe Process ID - 13348 [12-07-2023 11:39:03] Process Exited: Process Name - runtask.exe Process ID - 13624 [12-07-2023 11:39:32] New process found: Process Name - w3wp.exe Process ID - 8376 Process Identity - KSHITIJSINGHAL-\IWPD_74(suryafla_aw) Web application pool name - suryaflame.com(domain)(4.0)(pool) [12-07-2023 11:39:32] New process found: Process Name - conhost.exe Process ID - 14280 Process Identity - KSHITIJSINGHAL-\IWPD_74(suryafla_aw) [12-07-2023 11:40:08] Process Exited: Process Name - w3wp.exe Process ID - 13868 Web application pool name - DefaultAppPool [12-07-2023 11:40:24] Process Exited: Process Name - WmiPrvSE.exe Process ID - 4780 [12-07-2023 11:40:24] Process Exited: Process Name - WmiPrvSE.exe Process ID - 7468 [12-07-2023 11:40:58] New process found: Process Name - w3wp.exe Process ID - 7496 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 11:40:58] Process Exited: Process Name - w3wp.exe Process ID - 4060 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 11:41:49] New process found: Process Name - mbupdatrV5.exe Process ID - 16304 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 11:41:50] Process Exited: Process Name - mbupdatrV5.exe Process ID - 16304 [12-07-2023 11:41:55] New process found: Process Name - ig.exe Process ID - 13264 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 11:41:56] New process found: Process Name - ig-2.exe Process ID - 5420 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 11:41:56] Process Exited: Process Name - ig.exe Process ID - 13264 [12-07-2023 11:41:57] New process found: Process Name - w3wp.exe Process ID - 15828 Process Identity - KSHITIJSINGHAL-\IWPD_77(acwits) Web application pool name - kdb.acwits.in(domain)(4.0)(pool) [12-07-2023 11:41:57] New process found: Process Name - ig-5.exe Process ID - 16076 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 11:41:57] Process Exited: Process Name - ig-2.exe Process ID - 5420 [12-07-2023 11:41:58] New process found: Process Name - conhost.exe Process ID - 15052 Process Identity - KSHITIJSINGHAL-\IWPD_77(acwits) [12-07-2023 11:41:58] New process found: Process Name - ig-8.exe Process ID - 11712 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 11:41:58] Process Exited: Process Name - ig-5.exe Process ID - 16076 [12-07-2023 11:41:59] New process found: Process Name - ig-11.exe Process ID - 2316 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 11:41:59] Process Exited: Process Name - ig-8.exe Process ID - 11712 [12-07-2023 11:42:00] New process found: Process Name - ig-14.exe Process ID - 14948 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 11:42:00] Process Exited: Process Name - ig-11.exe Process ID - 2316 [12-07-2023 11:42:01] New process found: Process Name - ig-17.exe Process ID - 6444 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 11:42:01] Process Exited: Process Name - ig-14.exe Process ID - 14948 [12-07-2023 11:42:02] New process found: Process Name - ig-19.exe Process ID - 14552 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 11:42:02] Process Exited: Process Name - ig-17.exe Process ID - 6444 [12-07-2023 11:42:03] New process found: Process Name - ig-22.exe Process ID - 10588 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 11:42:03] Process Exited: Process Name - ig-19.exe Process ID - 14552 [12-07-2023 11:42:04] New process found: Process Name - ig-25.exe Process ID - 4884 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 11:42:04] Process Exited: Process Name - ig-22.exe Process ID - 10588 [12-07-2023 11:42:05] New process found: Process Name - ig-28.exe Process ID - 5796 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 11:42:05] Process Exited: Process Name - ig-25.exe Process ID - 4884 [12-07-2023 11:42:06] New process found: Process Name - ig-31.exe Process ID - 15512 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 11:42:06] Process Exited: Process Name - ig-28.exe Process ID - 5796 [12-07-2023 11:42:07] New process found: Process Name - ig-33.exe Process ID - 10508 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 11:42:07] Process Exited: Process Name - ig-31.exe Process ID - 15512 [12-07-2023 11:42:08] New process found: Process Name - ig-36.exe Process ID - 12280 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 11:42:08] Process Exited: Process Name - ig-33.exe Process ID - 10508 [12-07-2023 11:42:09] New process found: Process Name - ig-39.exe Process ID - 10824 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 11:42:09] Process Exited: Process Name - ig-36.exe Process ID - 12280 [12-07-2023 11:42:10] New process found: Process Name - ig-42.exe Process ID - 1440 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 11:42:10] Process Exited: Process Name - ig-39.exe Process ID - 10824 [12-07-2023 11:42:11] New process found: Process Name - ig-45.exe Process ID - 15348 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 11:42:11] Process Exited: Process Name - ig-42.exe Process ID - 1440 [12-07-2023 11:42:12] New process found: Process Name - ig-47.exe Process ID - 13200 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 11:42:12] Process Exited: Process Name - ig-45.exe Process ID - 15348 [12-07-2023 11:42:13] Process Exited: Process Name - ig-47.exe Process ID - 13200 [12-07-2023 11:44:01] New process found: Process Name - cmd.exe Process ID - 15860 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 11:44:01] New process found: Process Name - conhost.exe Process ID - 8312 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 11:44:01] New process found: Process Name - runtask.exe Process ID - 14848 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 11:44:01] New process found: Process Name - php.exe Process ID - 9188 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 11:44:01] New process found: Process Name - conhost.exe Process ID - 420 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 11:44:03] Process Exited: Process Name - conhost.exe Process ID - 420 [12-07-2023 11:44:03] Process Exited: Process Name - conhost.exe Process ID - 8312 [12-07-2023 11:44:03] Process Exited: Process Name - php.exe Process ID - 9188 [12-07-2023 11:44:03] Process Exited: Process Name - runtask.exe Process ID - 14848 [12-07-2023 11:44:03] Process Exited: Process Name - cmd.exe Process ID - 15860 [12-07-2023 11:44:06] Process Exited: Process Name - w3wp.exe Process ID - 15848 Web application pool name - adminportal.cies.org.in(domain)(4.0)(pool) [12-07-2023 11:44:18] Process Exited: Process Name - w3wp.exe Process ID - 8700 Web application pool name - adminportal.galaxytools.in [12-07-2023 11:45:17] New process found: Process Name - w3wp.exe Process ID - 10948 Process Identity - KSHITIJSINGHAL-\IWPD_14(perfectbrea) Web application pool name - adminportal.perfectbread.com(domain)(4.0)(pool) [12-07-2023 11:45:17] New process found: Process Name - where.exe Process ID - 14560 Process Identity - KSHITIJSINGHAL-\IWPD_14(perfectbrea) [12-07-2023 11:45:17] New process found: Process Name - conhost.exe Process ID - 9252 Process Identity - KSHITIJSINGHAL-\IWPD_14(perfectbrea) [12-07-2023 11:45:18] New process found: Process Name - conhost.exe Process ID - 9832 Process Identity - KSHITIJSINGHAL-\IWPD_14(perfectbrea) [12-07-2023 11:45:18] Process Exited: Process Name - conhost.exe Process ID - 9252 [12-07-2023 11:45:18] Process Exited: Process Name - where.exe Process ID - 14560 [12-07-2023 11:45:59] New process found: Process Name - w3wp.exe Process ID - 5592 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 11:45:59] Process Exited: Process Name - w3wp.exe Process ID - 7496 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 11:46:34] Process Exited: Process Name - w3wp.exe Process ID - 8376 Web application pool name - suryaflame.com(domain)(4.0)(pool) [12-07-2023 11:46:34] Process Exited: Process Name - conhost.exe Process ID - 14280 [12-07-2023 11:46:48] New process found: Process Name - w3wp.exe Process ID - 1316 Process Identity - KSHITIJSINGHAL-\IWPD_74(suryafla_aw) Web application pool name - suryaflame.com(domain)(4.0)(pool) [12-07-2023 11:46:48] New process found: Process Name - conhost.exe Process ID - 7856 Process Identity - KSHITIJSINGHAL-\IWPD_74(suryafla_aw) [12-07-2023 11:47:25] New process found: Process Name - w3wp.exe Process ID - 12436 Process Identity - IIS APPPOOL\DefaultAppPool Web application pool name - DefaultAppPool [12-07-2023 11:47:27] New process found: Process Name - w3wp.exe Process ID - 7468 Process Identity - IIS APPPOOL\PleskControlPanel Web application pool name - PleskControlPanel [12-07-2023 11:47:27] New process found: Process Name - php-cgi.exe Process ID - 10740 Process Identity - IIS APPPOOL\PleskControlPanel [12-07-2023 11:47:48] New process found: Process Name - w3wp.exe Process ID - 4344 Process Identity - KSHITIJSINGHAL-\IWPD_38(capitalbook) Web application pool name - capitalbooks-publishing.com(domain)(4.0)(pool) [12-07-2023 11:48:00] Process Exited: Process Name - conhost.exe Process ID - 15052 [12-07-2023 11:48:00] Process Exited: Process Name - w3wp.exe Process ID - 15828 Web application pool name - kdb.acwits.in(domain)(4.0)(pool) [12-07-2023 11:48:34] Process Exited: Process Name - conhost.exe Process ID - 11576 [12-07-2023 11:48:34] Process Exited: Process Name - w3wp.exe Process ID - 14936 Web application pool name - kdbps.edu.in [12-07-2023 11:48:54] New process found: Process Name - WmiPrvSE.exe Process ID - 11916 Process Identity - NT AUTHORITY\LOCAL SERVICE [12-07-2023 11:48:58] New process found: Process Name - w3wp.exe Process ID - 15644 Process Identity - IIS APPPOOL\kdbps.edu.in Web application pool name - kdbps.edu.in [12-07-2023 11:48:58] New process found: Process Name - conhost.exe Process ID - 3464 Process Identity - IIS APPPOOL\kdbps.edu.in [12-07-2023 11:49:01] New process found: Process Name - WmiPrvSE.exe Process ID - 13308 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 11:50:24] Process Exited: Process Name - WmiPrvSE.exe Process ID - 11916 [12-07-2023 11:50:24] Process Exited: Process Name - WmiPrvSE.exe Process ID - 13308 [12-07-2023 11:51:01] New process found: Process Name - w3wp.exe Process ID - 15388 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 11:51:01] Process Exited: Process Name - w3wp.exe Process ID - 5592 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 11:51:20] Process Exited: Process Name - conhost.exe Process ID - 9832 [12-07-2023 11:51:20] Process Exited: Process Name - w3wp.exe Process ID - 10948 Web application pool name - adminportal.perfectbread.com(domain)(4.0)(pool) [12-07-2023 11:51:35] Process Exited: Process Name - w3wp.exe Process ID - 15116 Web application pool name - galaxytools.in [12-07-2023 11:52:01] New process found: Process Name - cmd.exe Process ID - 13568 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 11:52:01] New process found: Process Name - conhost.exe Process ID - 4252 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 11:52:01] New process found: Process Name - runtask.exe Process ID - 15168 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 11:52:01] New process found: Process Name - php.exe Process ID - 11192 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 11:52:01] New process found: Process Name - conhost.exe Process ID - 15848 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 11:52:02] Process Exited: Process Name - conhost.exe Process ID - 4252 [12-07-2023 11:52:02] Process Exited: Process Name - php.exe Process ID - 11192 [12-07-2023 11:52:02] Process Exited: Process Name - cmd.exe Process ID - 13568 [12-07-2023 11:52:02] Process Exited: Process Name - runtask.exe Process ID - 15168 [12-07-2023 11:52:02] Process Exited: Process Name - conhost.exe Process ID - 15848 [12-07-2023 11:53:51] Process Exited: Process Name - w3wp.exe Process ID - 4344 Web application pool name - capitalbooks-publishing.com(domain)(4.0)(pool) [12-07-2023 11:53:53] New process found: Process Name - w3wp.exe Process ID - 8504 Process Identity - KSHITIJSINGHAL-\IWPD_47(acwits) Web application pool name - legal.acwits.in(domain)(4.0)(pool) [12-07-2023 11:53:53] New process found: Process Name - conhost.exe Process ID - 11620 Process Identity - KSHITIJSINGHAL-\IWPD_47(acwits) [12-07-2023 11:53:57] New process found: Process Name - w3wp.exe Process ID - 13896 Process Identity - KSHITIJSINGHAL-\IWPD_50(acwits) Web application pool name - adminmain.acwits.in(domain)(4.0)(pool) [12-07-2023 11:53:57] New process found: Process Name - conhost.exe Process ID - 4128 Process Identity - KSHITIJSINGHAL-\IWPD_50(acwits) [12-07-2023 11:55:04] New process found: Process Name - w3wp.exe Process ID - 15212 Process Identity - IIS APPPOOL\galaxytools.in Web application pool name - galaxytools.in [12-07-2023 11:55:28] Process Exited: Process Name - w3wp.exe Process ID - 12436 Web application pool name - DefaultAppPool [12-07-2023 11:56:02] New process found: Process Name - w3wp.exe Process ID - 12340 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 11:56:02] Process Exited: Process Name - w3wp.exe Process ID - 15388 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 11:57:05] Process Exited: Process Name - w3wp.exe Process ID - 13708 Web application pool name - cies.org.in(domain)(4.0)(pool) [12-07-2023 11:58:55] New process found: Process Name - WmiPrvSE.exe Process ID - 14024 Process Identity - NT AUTHORITY\LOCAL SERVICE [12-07-2023 11:59:02] New process found: Process Name - WmiPrvSE.exe Process ID - 10824 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 11:59:55] Process Exited: Process Name - w3wp.exe Process ID - 8504 Web application pool name - legal.acwits.in(domain)(4.0)(pool) [12-07-2023 11:59:55] Process Exited: Process Name - conhost.exe Process ID - 11620 [12-07-2023 12:00:00] Process Exited: Process Name - conhost.exe Process ID - 4128 [12-07-2023 12:00:00] Process Exited: Process Name - w3wp.exe Process ID - 13896 Web application pool name - adminmain.acwits.in(domain)(4.0)(pool) [12-07-2023 12:00:25] Process Exited: Process Name - WmiPrvSE.exe Process ID - 10824 [12-07-2023 12:00:25] Process Exited: Process Name - WmiPrvSE.exe Process ID - 14024 [12-07-2023 12:01:00] New process found: Process Name - w3wp.exe Process ID - 6456 Process Identity - KSHITIJSINGHAL-\IWPD_38(capitalbook) Web application pool name - capitalbooks-publishing.com(domain)(4.0)(pool) [12-07-2023 12:01:03] New process found: Process Name - w3wp.exe Process ID - 1420 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 12:01:03] Process Exited: Process Name - w3wp.exe Process ID - 12340 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 12:03:29] New process found: Process Name - w3wp.exe Process ID - 9360 Process Identity - KSHITIJSINGHAL-\IWPD_6(cies) Web application pool name - cies.org.in(domain)(4.0)(pool) [12-07-2023 12:05:00] New process found: Process Name - cmd.exe Process ID - 11448 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 12:05:00] New process found: Process Name - conhost.exe Process ID - 12960 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 12:05:00] New process found: Process Name - runtask.exe Process ID - 11044 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 12:05:00] New process found: Process Name - php.exe Process ID - 9904 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 12:05:00] New process found: Process Name - conhost.exe Process ID - 7456 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 12:05:00] Process Exited: Process Name - conhost.exe Process ID - 3464 [12-07-2023 12:05:00] Process Exited: Process Name - w3wp.exe Process ID - 15644 Web application pool name - kdbps.edu.in [12-07-2023 12:05:02] Process Exited: Process Name - conhost.exe Process ID - 7456 [12-07-2023 12:05:02] Process Exited: Process Name - php.exe Process ID - 9904 [12-07-2023 12:05:02] Process Exited: Process Name - runtask.exe Process ID - 11044 [12-07-2023 12:05:02] Process Exited: Process Name - cmd.exe Process ID - 11448 [12-07-2023 12:05:02] Process Exited: Process Name - conhost.exe Process ID - 12960 [12-07-2023 12:05:40] New process found: Process Name - w3wp.exe Process ID - 1528 Process Identity - KSHITIJSINGHAL-\IWPD_13(perfectbrea) Web application pool name - perfectbread.com(domain)(4.0)(pool) [12-07-2023 12:05:58] New process found: Process Name - w3wp.exe Process ID - 3840 Process Identity - KSHITIJSINGHAL-\IWPD_33(acwits) Web application pool name - procurementwebnew.acwits.in(domain)(4.0)(pool) [12-07-2023 12:05:58] New process found: Process Name - conhost.exe Process ID - 14832 Process Identity - KSHITIJSINGHAL-\IWPD_33(acwits) [12-07-2023 12:06:05] New process found: Process Name - w3wp.exe Process ID - 7292 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 12:06:05] Process Exited: Process Name - w3wp.exe Process ID - 1420 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 12:07:07] Process Exited: Process Name - w3wp.exe Process ID - 15212 Web application pool name - galaxytools.in [12-07-2023 12:07:21] New process found: Process Name - conhost.exe Process ID - 15348 Process Identity - KSHITIJSINGHAL-\IWPD_13(perfectbrea) [12-07-2023 12:07:23] New process found: Process Name - w3wp.exe Process ID - 10252 Process Identity - IIS APPPOOL\DefaultAppPool Web application pool name - DefaultAppPool [12-07-2023 12:07:24] New process found: Process Name - w3wp.exe Process ID - 12004 Process Identity - KSHITIJSINGHAL-\IWPD_75(acwits) Web application pool name - organicdisruption.acwits.in(domain)(4.0)(pool) [12-07-2023 12:07:24] New process found: Process Name - where.exe Process ID - 15208 Process Identity - KSHITIJSINGHAL-\IWPD_75(acwits) [12-07-2023 12:07:24] New process found: Process Name - conhost.exe Process ID - 5112 Process Identity - KSHITIJSINGHAL-\IWPD_75(acwits) [12-07-2023 12:07:25] New process found: Process Name - conhost.exe Process ID - 6836 Process Identity - KSHITIJSINGHAL-\IWPD_75(acwits) [12-07-2023 12:07:25] Process Exited: Process Name - conhost.exe Process ID - 5112 [12-07-2023 12:07:25] Process Exited: Process Name - where.exe Process ID - 15208 [12-07-2023 12:08:00] New process found: Process Name - w3wp.exe Process ID - 8952 Process Identity - IIS APPPOOL\kdbps.edu.in Web application pool name - kdbps.edu.in [12-07-2023 12:08:01] New process found: Process Name - where.exe Process ID - 10936 Process Identity - IIS APPPOOL\kdbps.edu.in [12-07-2023 12:08:01] New process found: Process Name - conhost.exe Process ID - 14908 Process Identity - IIS APPPOOL\kdbps.edu.in [12-07-2023 12:08:02] New process found: Process Name - conhost.exe Process ID - 12624 Process Identity - IIS APPPOOL\kdbps.edu.in [12-07-2023 12:08:02] Process Exited: Process Name - where.exe Process ID - 10936 [12-07-2023 12:08:02] Process Exited: Process Name - conhost.exe Process ID - 14908 [12-07-2023 12:08:54] New process found: Process Name - WmiPrvSE.exe Process ID - 13152 Process Identity - NT AUTHORITY\LOCAL SERVICE [12-07-2023 12:09:01] New process found: Process Name - WmiPrvSE.exe Process ID - 10316 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 12:09:57] New process found: Process Name - w3wp.exe Process ID - 8568 Process Identity - KSHITIJSINGHAL-\IWPD_67(justprew_2v) Web application pool name - justprewedding.com(domain)(4.0)(pool) [12-07-2023 12:10:24] Process Exited: Process Name - WmiPrvSE.exe Process ID - 10316 [12-07-2023 12:10:24] Process Exited: Process Name - WmiPrvSE.exe Process ID - 13152 [12-07-2023 12:11:05] New process found: Process Name - w3wp.exe Process ID - 13008 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 12:11:05] Process Exited: Process Name - w3wp.exe Process ID - 7292 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 12:11:59] Process Exited: Process Name - w3wp.exe Process ID - 3840 Web application pool name - procurementwebnew.acwits.in(domain)(4.0)(pool) [12-07-2023 12:11:59] Process Exited: Process Name - conhost.exe Process ID - 14832 [12-07-2023 12:12:07] New process found: Process Name - w3wp.exe Process ID - 13908 Process Identity - IIS APPPOOL\galaxytools.in Web application pool name - galaxytools.in [12-07-2023 12:12:32] Process Exited: Process Name - w3wp.exe Process ID - 9360 Web application pool name - cies.org.in(domain)(4.0)(pool) [12-07-2023 12:13:25] Process Exited: Process Name - w3wp.exe Process ID - 10252 Web application pool name - DefaultAppPool [12-07-2023 12:13:27] Process Exited: Process Name - conhost.exe Process ID - 6836 [12-07-2023 12:13:27] Process Exited: Process Name - w3wp.exe Process ID - 12004 Web application pool name - organicdisruption.acwits.in(domain)(4.0)(pool) [12-07-2023 12:15:03] New process found: Process Name - w3wp.exe Process ID - 15196 Process Identity - IIS APPPOOL\DefaultAppPool Web application pool name - DefaultAppPool [12-07-2023 12:16:00] Process Exited: Process Name - w3wp.exe Process ID - 8568 Web application pool name - justprewedding.com(domain)(4.0)(pool) [12-07-2023 12:16:07] New process found: Process Name - w3wp.exe Process ID - 8456 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 12:16:07] Process Exited: Process Name - w3wp.exe Process ID - 13008 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 12:17:06] New process found: Process Name - w3wp.exe Process ID - 9304 Process Identity - KSHITIJSINGHAL-\IWPD_6(cies) Web application pool name - cies.org.in(domain)(4.0)(pool) [12-07-2023 12:17:41] Process Exited: Process Name - w3wp.exe Process ID - 1528 Web application pool name - perfectbread.com(domain)(4.0)(pool) [12-07-2023 12:17:41] Process Exited: Process Name - conhost.exe Process ID - 15348 [12-07-2023 12:18:54] New process found: Process Name - WmiPrvSE.exe Process ID - 6604 Process Identity - NT AUTHORITY\LOCAL SERVICE [12-07-2023 12:19:01] New process found: Process Name - WmiPrvSE.exe Process ID - 14948 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 12:20:03] Process Exited: Process Name - w3wp.exe Process ID - 6456 Web application pool name - capitalbooks-publishing.com(domain)(4.0)(pool) [12-07-2023 12:20:25] Process Exited: Process Name - WmiPrvSE.exe Process ID - 6604 [12-07-2023 12:20:25] Process Exited: Process Name - WmiPrvSE.exe Process ID - 14948 [12-07-2023 12:21:06] Process Exited: Process Name - w3wp.exe Process ID - 15196 Web application pool name - DefaultAppPool [12-07-2023 12:21:08] New process found: Process Name - w3wp.exe Process ID - 15268 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 12:21:08] Process Exited: Process Name - w3wp.exe Process ID - 8456 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 12:24:47] New process found: Process Name - w3wp.exe Process ID - 11912 Process Identity - KSHITIJSINGHAL-\IWPD_33(acwits) Web application pool name - procurementwebnew.acwits.in(domain)(4.0)(pool) [12-07-2023 12:24:48] New process found: Process Name - conhost.exe Process ID - 8604 Process Identity - KSHITIJSINGHAL-\IWPD_33(acwits) [12-07-2023 12:25:01] New process found: Process Name - cmd.exe Process ID - 15420 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 12:25:01] New process found: Process Name - conhost.exe Process ID - 16232 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 12:25:01] New process found: Process Name - runtask.exe Process ID - 14612 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 12:25:01] New process found: Process Name - php.exe Process ID - 9864 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 12:25:01] New process found: Process Name - conhost.exe Process ID - 9728 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 12:25:04] Process Exited: Process Name - conhost.exe Process ID - 9728 [12-07-2023 12:25:04] Process Exited: Process Name - php.exe Process ID - 9864 [12-07-2023 12:25:04] Process Exited: Process Name - runtask.exe Process ID - 14612 [12-07-2023 12:25:04] Process Exited: Process Name - cmd.exe Process ID - 15420 [12-07-2023 12:25:04] Process Exited: Process Name - conhost.exe Process ID - 16232 [12-07-2023 12:25:14] New process found: Process Name - w3wp.exe Process ID - 14744 Process Identity - IIS APPPOOL\adminportal.galaxytools.in Web application pool name - adminportal.galaxytools.in [12-07-2023 12:26:09] New process found: Process Name - w3wp.exe Process ID - 13592 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 12:26:09] Process Exited: Process Name - w3wp.exe Process ID - 15268 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 12:28:55] New process found: Process Name - WmiPrvSE.exe Process ID - 11080 Process Identity - NT AUTHORITY\LOCAL SERVICE [12-07-2023 12:29:02] New process found: Process Name - WmiPrvSE.exe Process ID - 12236 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 12:30:24] Process Exited: Process Name - WmiPrvSE.exe Process ID - 11080 [12-07-2023 12:30:24] Process Exited: Process Name - WmiPrvSE.exe Process ID - 12236 [12-07-2023 12:30:50] Process Exited: Process Name - conhost.exe Process ID - 8604 [12-07-2023 12:30:50] Process Exited: Process Name - w3wp.exe Process ID - 11912 Web application pool name - procurementwebnew.acwits.in(domain)(4.0)(pool) [12-07-2023 12:31:01] New process found: Process Name - w3wp.exe Process ID - 5124 Process Identity - KSHITIJSINGHAL-\IWPD_38(capitalbook) Web application pool name - capitalbooks-publishing.com(domain)(4.0)(pool) [12-07-2023 12:31:11] New process found: Process Name - w3wp.exe Process ID - 13868 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 12:31:11] Process Exited: Process Name - w3wp.exe Process ID - 13592 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 12:31:35] New process found: Process Name - w3wp.exe Process ID - 2324 Process Identity - KSHITIJSINGHAL-\IWPD_69(acwits) Web application pool name - imarc.acwits.in(domain)(4.0)(pool) [12-07-2023 12:31:35] New process found: Process Name - conhost.exe Process ID - 11420 Process Identity - KSHITIJSINGHAL-\IWPD_69(acwits) [12-07-2023 12:33:02] Process Exited: Process Name - w3wp.exe Process ID - 8952 Web application pool name - kdbps.edu.in [12-07-2023 12:33:02] Process Exited: Process Name - conhost.exe Process ID - 12624 [12-07-2023 12:33:16] New process found: Process Name - w3wp.exe Process ID - 1368 Process Identity - KSHITIJSINGHAL-\IWPD_13(perfectbrea) Web application pool name - perfectbread.com(domain)(4.0)(pool) [12-07-2023 12:33:17] New process found: Process Name - conhost.exe Process ID - 14432 Process Identity - KSHITIJSINGHAL-\IWPD_13(perfectbrea) [12-07-2023 12:35:12] New process found: Process Name - w3wp.exe Process ID - 5420 Process Identity - IIS APPPOOL\kdbps.edu.in Web application pool name - kdbps.edu.in [12-07-2023 12:35:12] New process found: Process Name - conhost.exe Process ID - 8748 Process Identity - IIS APPPOOL\kdbps.edu.in [12-07-2023 12:36:12] New process found: Process Name - w3wp.exe Process ID - 5508 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 12:36:12] Process Exited: Process Name - w3wp.exe Process ID - 13868 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 12:37:03] Process Exited: Process Name - w3wp.exe Process ID - 5124 Web application pool name - capitalbooks-publishing.com(domain)(4.0)(pool) [12-07-2023 12:37:36] Process Exited: Process Name - w3wp.exe Process ID - 2324 Web application pool name - imarc.acwits.in(domain)(4.0)(pool) [12-07-2023 12:37:36] Process Exited: Process Name - conhost.exe Process ID - 11420 [12-07-2023 12:37:50] Process Exited: Process Name - w3wp.exe Process ID - 1316 Web application pool name - suryaflame.com(domain)(4.0)(pool) [12-07-2023 12:37:50] Process Exited: Process Name - conhost.exe Process ID - 7856 [12-07-2023 12:38:54] New process found: Process Name - WmiPrvSE.exe Process ID - 16228 Process Identity - NT AUTHORITY\LOCAL SERVICE [12-07-2023 12:39:01] New process found: Process Name - cmd.exe Process ID - 8372 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 12:39:01] New process found: Process Name - conhost.exe Process ID - 7492 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 12:39:01] New process found: Process Name - runtask.exe Process ID - 13172 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 12:39:01] New process found: Process Name - php.exe Process ID - 6204 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 12:39:01] New process found: Process Name - conhost.exe Process ID - 5944 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 12:39:01] New process found: Process Name - WmiPrvSE.exe Process ID - 6456 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 12:39:01] New process found: Process Name - cmd.exe Process ID - 2660 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 12:39:01] New process found: Process Name - php.exe Process ID - 11280 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 12:39:02] New process found: Process Name - cmd.exe Process ID - 14640 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 12:39:02] New process found: Process Name - php.exe Process ID - 14848 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 12:39:02] Process Exited: Process Name - cmd.exe Process ID - 2660 [12-07-2023 12:39:02] Process Exited: Process Name - php.exe Process ID - 11280 [12-07-2023 12:39:03] Process Exited: Process Name - conhost.exe Process ID - 5944 [12-07-2023 12:39:03] Process Exited: Process Name - php.exe Process ID - 6204 [12-07-2023 12:39:03] Process Exited: Process Name - conhost.exe Process ID - 7492 [12-07-2023 12:39:03] Process Exited: Process Name - cmd.exe Process ID - 8372 [12-07-2023 12:39:03] Process Exited: Process Name - runtask.exe Process ID - 13172 [12-07-2023 12:39:03] Process Exited: Process Name - cmd.exe Process ID - 14640 [12-07-2023 12:39:03] Process Exited: Process Name - php.exe Process ID - 14848 [12-07-2023 12:39:06] New process found: Process Name - w3wp.exe Process ID - 14120 Process Identity - KSHITIJSINGHAL-\IWPD_74(suryafla_aw) Web application pool name - suryaflame.com(domain)(4.0)(pool) [12-07-2023 12:39:07] New process found: Process Name - conhost.exe Process ID - 13372 Process Identity - KSHITIJSINGHAL-\IWPD_74(suryafla_aw) [12-07-2023 12:40:09] Process Exited: Process Name - w3wp.exe Process ID - 13908 Web application pool name - galaxytools.in [12-07-2023 12:40:24] Process Exited: Process Name - WmiPrvSE.exe Process ID - 6456 [12-07-2023 12:40:24] Process Exited: Process Name - WmiPrvSE.exe Process ID - 16228 [12-07-2023 12:41:14] New process found: Process Name - w3wp.exe Process ID - 13284 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 12:41:14] Process Exited: Process Name - w3wp.exe Process ID - 5508 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 12:41:29] Process Exited: Process Name - php-cgi.exe Process ID - 10740 [12-07-2023 12:41:30] Process Exited: Process Name - w3wp.exe Process ID - 7468 Web application pool name - PleskControlPanel [12-07-2023 12:41:49] New process found: Process Name - mbupdatrV5.exe Process ID - 10956 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 12:41:50] Process Exited: Process Name - mbupdatrV5.exe Process ID - 10956 [12-07-2023 12:41:55] New process found: Process Name - ig-0.exe Process ID - 13224 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 12:41:56] New process found: Process Name - ig-3.exe Process ID - 4212 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 12:41:56] Process Exited: Process Name - ig-0.exe Process ID - 13224 [12-07-2023 12:41:57] New process found: Process Name - ig-5.exe Process ID - 13680 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 12:41:57] Process Exited: Process Name - ig-3.exe Process ID - 4212 [12-07-2023 12:41:58] New process found: Process Name - ig-8.exe Process ID - 10872 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 12:41:58] Process Exited: Process Name - ig-5.exe Process ID - 13680 [12-07-2023 12:41:59] New process found: Process Name - ig-11.exe Process ID - 15432 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 12:41:59] Process Exited: Process Name - ig-8.exe Process ID - 10872 [12-07-2023 12:42:00] New process found: Process Name - ig-13.exe Process ID - 10540 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 12:42:00] Process Exited: Process Name - ig-11.exe Process ID - 15432 [12-07-2023 12:42:01] New process found: Process Name - ig-16.exe Process ID - 14140 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 12:42:01] Process Exited: Process Name - ig-13.exe Process ID - 10540 [12-07-2023 12:42:02] New process found: Process Name - ig-18.exe Process ID - 14504 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 12:42:02] Process Exited: Process Name - ig-16.exe Process ID - 14140 [12-07-2023 12:42:03] New process found: Process Name - ig-20.exe Process ID - 592 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 12:42:03] Process Exited: Process Name - ig-18.exe Process ID - 14504 [12-07-2023 12:42:04] New process found: Process Name - ig-23.exe Process ID - 14916 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 12:42:04] Process Exited: Process Name - ig-20.exe Process ID - 592 [12-07-2023 12:42:05] New process found: Process Name - ig-25.exe Process ID - 12480 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 12:42:05] Process Exited: Process Name - ig-23.exe Process ID - 14916 [12-07-2023 12:42:06] New process found: Process Name - ig-28.exe Process ID - 10600 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 12:42:06] Process Exited: Process Name - ig-25.exe Process ID - 12480 [12-07-2023 12:42:07] New process found: Process Name - ig-31.exe Process ID - 9728 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 12:42:07] Process Exited: Process Name - ig-28.exe Process ID - 10600 [12-07-2023 12:42:08] New process found: Process Name - ig-33.exe Process ID - 11660 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 12:42:08] Process Exited: Process Name - ig-31.exe Process ID - 9728 [12-07-2023 12:42:09] New process found: Process Name - ig-36.exe Process ID - 1432 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 12:42:09] Process Exited: Process Name - ig-33.exe Process ID - 11660 [12-07-2023 12:42:10] New process found: Process Name - ig-38.exe Process ID - 11620 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 12:42:10] Process Exited: Process Name - ig-36.exe Process ID - 1432 [12-07-2023 12:42:11] New process found: Process Name - ig-41.exe Process ID - 12416 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 12:42:11] Process Exited: Process Name - ig-38.exe Process ID - 11620 [12-07-2023 12:42:12] New process found: Process Name - ig-43.exe Process ID - 8576 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 12:42:12] Process Exited: Process Name - ig-41.exe Process ID - 12416 [12-07-2023 12:42:13] New process found: Process Name - ig-45.exe Process ID - 11188 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 12:42:13] Process Exited: Process Name - ig-43.exe Process ID - 8576 [12-07-2023 12:42:14] New process found: Process Name - ig-47.exe Process ID - 7868 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 12:42:14] Process Exited: Process Name - ig-45.exe Process ID - 11188 [12-07-2023 12:42:15] New process found: Process Name - ig-49.exe Process ID - 12988 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 12:42:15] Process Exited: Process Name - ig-47.exe Process ID - 7868 [12-07-2023 12:42:16] Process Exited: Process Name - ig-49.exe Process ID - 12988 [12-07-2023 12:45:14] Process Exited: Process Name - w3wp.exe Process ID - 5420 Web application pool name - kdbps.edu.in [12-07-2023 12:45:14] Process Exited: Process Name - conhost.exe Process ID - 8748 [12-07-2023 12:45:37] New process found: Process Name - w3wp.exe Process ID - 7144 Process Identity - IIS APPPOOL\kdbps.edu.in Web application pool name - kdbps.edu.in [12-07-2023 12:45:37] New process found: Process Name - conhost.exe Process ID - 5484 Process Identity - IIS APPPOOL\kdbps.edu.in [12-07-2023 12:46:09] Process Exited: Process Name - w3wp.exe Process ID - 9304 Web application pool name - cies.org.in(domain)(4.0)(pool) [12-07-2023 12:46:14] New process found: Process Name - w3wp.exe Process ID - 12708 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 12:46:14] Process Exited: Process Name - w3wp.exe Process ID - 13284 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 12:47:16] Process Exited: Process Name - w3wp.exe Process ID - 14744 Web application pool name - adminportal.galaxytools.in [12-07-2023 12:47:18] Process Exited: Process Name - w3wp.exe Process ID - 1368 Web application pool name - perfectbread.com(domain)(4.0)(pool) [12-07-2023 12:47:18] Process Exited: Process Name - conhost.exe Process ID - 14432 [12-07-2023 12:48:55] New process found: Process Name - WmiPrvSE.exe Process ID - 8928 Process Identity - NT AUTHORITY\LOCAL SERVICE [12-07-2023 12:49:02] New process found: Process Name - WmiPrvSE.exe Process ID - 1484 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 12:49:17] New process found: Process Name - w3wp.exe Process ID - 6488 Process Identity - IIS APPPOOL\adminportal.galaxytools.in Web application pool name - adminportal.galaxytools.in [12-07-2023 12:49:41] New process found: Process Name - w3wp.exe Process ID - 11040 Process Identity - KSHITIJSINGHAL-\IWPD_6(cies) Web application pool name - cies.org.in(domain)(4.0)(pool) [12-07-2023 12:50:25] Process Exited: Process Name - WmiPrvSE.exe Process ID - 1484 [12-07-2023 12:50:25] Process Exited: Process Name - WmiPrvSE.exe Process ID - 8928 [12-07-2023 12:51:16] New process found: Process Name - w3wp.exe Process ID - 11880 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 12:51:16] Process Exited: Process Name - w3wp.exe Process ID - 12708 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 12:55:19] Process Exited: Process Name - w3wp.exe Process ID - 6488 Web application pool name - adminportal.galaxytools.in [12-07-2023 12:55:42] Process Exited: Process Name - w3wp.exe Process ID - 11040 Web application pool name - cies.org.in(domain)(4.0)(pool) [12-07-2023 12:56:17] New process found: Process Name - w3wp.exe Process ID - 14380 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 12:56:17] Process Exited: Process Name - w3wp.exe Process ID - 11880 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 12:56:59] New process found: Process Name - w3wp.exe Process ID - 1724 Process Identity - IIS APPPOOL\DefaultAppPool Web application pool name - DefaultAppPool [12-07-2023 12:58:55] New process found: Process Name - WmiPrvSE.exe Process ID - 9992 Process Identity - NT AUTHORITY\LOCAL SERVICE [12-07-2023 12:59:02] New process found: Process Name - WmiPrvSE.exe Process ID - 6956 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 13:00:24] Process Exited: Process Name - WmiPrvSE.exe Process ID - 6956 [12-07-2023 13:00:24] Process Exited: Process Name - WmiPrvSE.exe Process ID - 9992 [12-07-2023 13:00:57] New process found: Process Name - w3wp.exe Process ID - 7596 Process Identity - KSHITIJSINGHAL-\IWPD_38(capitalbook) Web application pool name - capitalbooks-publishing.com(domain)(4.0)(pool) [12-07-2023 13:01:18] New process found: Process Name - w3wp.exe Process ID - 16356 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 13:01:18] Process Exited: Process Name - w3wp.exe Process ID - 14380 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 13:02:33] New process found: Process Name - w3wp.exe Process ID - 6816 Process Identity - KSHITIJSINGHAL-\IWPD_6(cies) Web application pool name - cies.org.in(domain)(4.0)(pool) [12-07-2023 13:02:51] New process found: Process Name - w3wp.exe Process ID - 5488 Process Identity - IIS APPPOOL\galaxytools.in Web application pool name - galaxytools.in [12-07-2023 13:02:56] New process found: Process Name - w3wp.exe Process ID - 11492 Process Identity - KSHITIJSINGHAL-\IWPD_13(perfectbrea) Web application pool name - perfectbread.com(domain)(4.0)(pool) [12-07-2023 13:03:01] Process Exited: Process Name - w3wp.exe Process ID - 1724 Web application pool name - DefaultAppPool [12-07-2023 13:03:35] New process found: Process Name - w3wp.exe Process ID - 8372 Process Identity - IIS APPPOOL\DefaultAppPool Web application pool name - DefaultAppPool [12-07-2023 13:04:41] New process found: Process Name - w3wp.exe Process ID - 3840 Process Identity - KSHITIJSINGHAL-\IWPD_47(acwits) Web application pool name - legal.acwits.in(domain)(4.0)(pool) [12-07-2023 13:04:42] New process found: Process Name - conhost.exe Process ID - 7872 Process Identity - KSHITIJSINGHAL-\IWPD_47(acwits) [12-07-2023 13:04:49] New process found: Process Name - conhost.exe Process ID - 7532 Process Identity - KSHITIJSINGHAL-\IWPD_13(perfectbrea) [12-07-2023 13:05:01] New process found: Process Name - cmd.exe Process ID - 8592 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 13:05:01] New process found: Process Name - conhost.exe Process ID - 14532 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 13:05:01] New process found: Process Name - runtask.exe Process ID - 4284 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 13:05:01] New process found: Process Name - php.exe Process ID - 8952 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 13:05:01] New process found: Process Name - conhost.exe Process ID - 12424 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 13:05:04] New process found: Process Name - crontabmng.exe Process ID - 4956 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 13:05:04] New process found: Process Name - conhost.exe Process ID - 10600 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 13:05:05] Process Exited: Process Name - crontabmng.exe Process ID - 4956 [12-07-2023 13:05:05] Process Exited: Process Name - conhost.exe Process ID - 10600 [12-07-2023 13:05:09] Process Exited: Process Name - runtask.exe Process ID - 4284 [12-07-2023 13:05:09] Process Exited: Process Name - cmd.exe Process ID - 8592 [12-07-2023 13:05:09] Process Exited: Process Name - php.exe Process ID - 8952 [12-07-2023 13:05:09] Process Exited: Process Name - conhost.exe Process ID - 12424 [12-07-2023 13:05:09] Process Exited: Process Name - conhost.exe Process ID - 14532 [12-07-2023 13:06:19] New process found: Process Name - w3wp.exe Process ID - 12568 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 13:06:19] Process Exited: Process Name - w3wp.exe Process ID - 16356 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 13:07:00] Process Exited: Process Name - w3wp.exe Process ID - 7596 Web application pool name - capitalbooks-publishing.com(domain)(4.0)(pool) [12-07-2023 13:08:54] New process found: Process Name - WmiPrvSE.exe Process ID - 7044 Process Identity - NT AUTHORITY\LOCAL SERVICE [12-07-2023 13:09:01] New process found: Process Name - WmiPrvSE.exe Process ID - 10724 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 13:09:27] New process found: Process Name - w3wp.exe Process ID - 13064 Process Identity - KSHITIJSINGHAL-\IWPD_33(acwits) Web application pool name - procurementwebnew.acwits.in(domain)(4.0)(pool) [12-07-2023 13:09:27] New process found: Process Name - where.exe Process ID - 11316 Process Identity - KSHITIJSINGHAL-\IWPD_33(acwits) [12-07-2023 13:09:27] New process found: Process Name - conhost.exe Process ID - 1792 Process Identity - KSHITIJSINGHAL-\IWPD_33(acwits) [12-07-2023 13:09:28] New process found: Process Name - conhost.exe Process ID - 1460 Process Identity - KSHITIJSINGHAL-\IWPD_33(acwits) [12-07-2023 13:09:28] Process Exited: Process Name - conhost.exe Process ID - 1792 [12-07-2023 13:09:28] Process Exited: Process Name - where.exe Process ID - 11316 [12-07-2023 13:09:39] Process Exited: Process Name - conhost.exe Process ID - 5484 [12-07-2023 13:09:39] Process Exited: Process Name - w3wp.exe Process ID - 7144 Web application pool name - kdbps.edu.in [12-07-2023 13:10:16] New process found: Process Name - w3wp.exe Process ID - 14948 Process Identity - IIS APPPOOL\kdbps.edu.in Web application pool name - kdbps.edu.in [12-07-2023 13:10:16] New process found: Process Name - conhost.exe Process ID - 1688 Process Identity - IIS APPPOOL\kdbps.edu.in [12-07-2023 13:10:25] Process Exited: Process Name - WmiPrvSE.exe Process ID - 7044 [12-07-2023 13:10:25] Process Exited: Process Name - WmiPrvSE.exe Process ID - 10724 [12-07-2023 13:10:36] Process Exited: Process Name - w3wp.exe Process ID - 6816 Web application pool name - cies.org.in(domain)(4.0)(pool) [12-07-2023 13:10:43] Process Exited: Process Name - w3wp.exe Process ID - 3840 Web application pool name - legal.acwits.in(domain)(4.0)(pool) [12-07-2023 13:10:43] Process Exited: Process Name - conhost.exe Process ID - 7872 [12-07-2023 13:10:54] New process found: Process Name - w3wp.exe Process ID - 9916 Process Identity - KSHITIJSINGHAL-\IWPD_6(cies) Web application pool name - cies.org.in(domain)(4.0)(pool) [12-07-2023 13:11:21] New process found: Process Name - w3wp.exe Process ID - 10528 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 13:11:21] Process Exited: Process Name - w3wp.exe Process ID - 12568 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 13:11:59] Process Exited: Process Name - conhost.exe Process ID - 7532 [12-07-2023 13:11:59] Process Exited: Process Name - w3wp.exe Process ID - 11492 Web application pool name - perfectbread.com(domain)(4.0)(pool) [12-07-2023 13:12:09] Process Exited: Process Name - conhost.exe Process ID - 13372 [12-07-2023 13:12:09] Process Exited: Process Name - w3wp.exe Process ID - 14120 Web application pool name - suryaflame.com(domain)(4.0)(pool) [12-07-2023 13:13:10] New process found: Process Name - w3wp.exe Process ID - 16192 Process Identity - KSHITIJSINGHAL-\IWPD_74(suryafla_aw) Web application pool name - suryaflame.com(domain)(4.0)(pool) [12-07-2023 13:13:10] New process found: Process Name - conhost.exe Process ID - 15480 Process Identity - KSHITIJSINGHAL-\IWPD_74(suryafla_aw) [12-07-2023 13:14:21] New process found: Process Name - w3wp.exe Process ID - 32 Process Identity - KSHITIJSINGHAL-\IWPD_13(perfectbrea) Web application pool name - perfectbread.com(domain)(4.0)(pool) [12-07-2023 13:14:21] New process found: Process Name - conhost.exe Process ID - 7952 Process Identity - KSHITIJSINGHAL-\IWPD_13(perfectbrea) [12-07-2023 13:15:30] Process Exited: Process Name - conhost.exe Process ID - 1460 [12-07-2023 13:15:30] Process Exited: Process Name - w3wp.exe Process ID - 13064 Web application pool name - procurementwebnew.acwits.in(domain)(4.0)(pool) [12-07-2023 13:16:17] Process Exited: Process Name - conhost.exe Process ID - 1688 [12-07-2023 13:16:17] Process Exited: Process Name - w3wp.exe Process ID - 14948 Web application pool name - kdbps.edu.in [12-07-2023 13:18:19] New process found: Process Name - w3wp.exe Process ID - 15356 Process Identity - KSHITIJSINGHAL-\IWPD_33(acwits) Web application pool name - procurementwebnew.acwits.in(domain)(4.0)(pool) [12-07-2023 13:18:19] New process found: Process Name - conhost.exe Process ID - 14484 Process Identity - KSHITIJSINGHAL-\IWPD_33(acwits) [12-07-2023 13:18:55] New process found: Process Name - WmiPrvSE.exe Process ID - 16360 Process Identity - NT AUTHORITY\LOCAL SERVICE [12-07-2023 13:19:02] New process found: Process Name - WmiPrvSE.exe Process ID - 14200 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 13:20:23] Process Exited: Process Name - w3wp.exe Process ID - 32 Web application pool name - perfectbread.com(domain)(4.0)(pool) [12-07-2023 13:20:23] Process Exited: Process Name - conhost.exe Process ID - 7952 [12-07-2023 13:20:24] Process Exited: Process Name - WmiPrvSE.exe Process ID - 14200 [12-07-2023 13:20:24] Process Exited: Process Name - WmiPrvSE.exe Process ID - 16360 [12-07-2023 13:21:37] Process Exited: Process Name - w3wp.exe Process ID - 8372 Web application pool name - DefaultAppPool [12-07-2023 13:21:56] Process Exited: Process Name - w3wp.exe Process ID - 9916 Web application pool name - cies.org.in(domain)(4.0)(pool) [12-07-2023 13:22:53] Process Exited: Process Name - w3wp.exe Process ID - 5488 Web application pool name - galaxytools.in [12-07-2023 13:23:03] New process found: Process Name - w3wp.exe Process ID - 6232 Process Identity - IIS APPPOOL\kdbps.edu.in Web application pool name - kdbps.edu.in [12-07-2023 13:23:05] New process found: Process Name - conhost.exe Process ID - 2084 Process Identity - IIS APPPOOL\kdbps.edu.in [12-07-2023 13:24:08] New process found: Process Name - w3wp.exe Process ID - 11372 Process Identity - IIS APPPOOL\galaxytools.in Web application pool name - galaxytools.in [12-07-2023 13:24:20] Process Exited: Process Name - conhost.exe Process ID - 14484 [12-07-2023 13:24:20] Process Exited: Process Name - w3wp.exe Process ID - 15356 Web application pool name - procurementwebnew.acwits.in(domain)(4.0)(pool) [12-07-2023 13:24:23] New process found: Process Name - w3wp.exe Process ID - 12804 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 13:24:23] Process Exited: Process Name - w3wp.exe Process ID - 10528 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 13:25:01] New process found: Process Name - cmd.exe Process ID - 7300 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 13:25:01] New process found: Process Name - conhost.exe Process ID - 13132 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 13:25:01] New process found: Process Name - runtask.exe Process ID - 2268 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 13:25:01] New process found: Process Name - php.exe Process ID - 7980 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 13:25:01] New process found: Process Name - conhost.exe Process ID - 15780 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 13:25:05] Process Exited: Process Name - runtask.exe Process ID - 2268 [12-07-2023 13:25:05] Process Exited: Process Name - cmd.exe Process ID - 7300 [12-07-2023 13:25:05] Process Exited: Process Name - php.exe Process ID - 7980 [12-07-2023 13:25:05] Process Exited: Process Name - conhost.exe Process ID - 13132 [12-07-2023 13:25:05] Process Exited: Process Name - conhost.exe Process ID - 15780 [12-07-2023 13:26:09] New process found: Process Name - w3wp.exe Process ID - 11072 Process Identity - IIS APPPOOL\adminportal.galaxytools.in Web application pool name - adminportal.galaxytools.in [12-07-2023 13:28:54] New process found: Process Name - WmiPrvSE.exe Process ID - 12400 Process Identity - NT AUTHORITY\LOCAL SERVICE [12-07-2023 13:29:01] New process found: Process Name - WmiPrvSE.exe Process ID - 14924 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 13:29:24] New process found: Process Name - w3wp.exe Process ID - 9048 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 13:29:24] Process Exited: Process Name - w3wp.exe Process ID - 12804 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 13:30:10] Process Exited: Process Name - w3wp.exe Process ID - 11372 Web application pool name - galaxytools.in [12-07-2023 13:30:24] Process Exited: Process Name - WmiPrvSE.exe Process ID - 12400 [12-07-2023 13:30:24] Process Exited: Process Name - WmiPrvSE.exe Process ID - 14924 [12-07-2023 13:31:04] New process found: Process Name - w3wp.exe Process ID - 11508 Process Identity - KSHITIJSINGHAL-\IWPD_38(capitalbook) Web application pool name - capitalbooks-publishing.com(domain)(4.0)(pool) [12-07-2023 13:31:06] Process Exited: Process Name - conhost.exe Process ID - 2084 [12-07-2023 13:31:06] Process Exited: Process Name - w3wp.exe Process ID - 6232 Web application pool name - kdbps.edu.in [12-07-2023 13:32:40] New process found: Process Name - w3wp.exe Process ID - 13648 Process Identity - KSHITIJSINGHAL-\IWPD_6(cies) Web application pool name - cies.org.in(domain)(4.0)(pool) [12-07-2023 13:32:46] New process found: Process Name - w3wp.exe Process ID - 14232 Process Identity - IIS APPPOOL\kdbps.edu.in Web application pool name - kdbps.edu.in [12-07-2023 13:32:46] New process found: Process Name - conhost.exe Process ID - 15796 Process Identity - IIS APPPOOL\kdbps.edu.in [12-07-2023 13:33:41] New process found: Process Name - w3wp.exe Process ID - 16052 Process Identity - KSHITIJSINGHAL-\IWPD_33(acwits) Web application pool name - procurementwebnew.acwits.in(domain)(4.0)(pool) [12-07-2023 13:33:41] New process found: Process Name - conhost.exe Process ID - 6620 Process Identity - KSHITIJSINGHAL-\IWPD_33(acwits) [12-07-2023 13:34:25] New process found: Process Name - w3wp.exe Process ID - 10684 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 13:34:25] Process Exited: Process Name - w3wp.exe Process ID - 9048 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 13:36:15] New process found: Process Name - w3wp.exe Process ID - 15028 Process Identity - IIS APPPOOL\galaxytools.in Web application pool name - galaxytools.in [12-07-2023 13:38:48] Process Exited: Process Name - w3wp.exe Process ID - 14232 Web application pool name - kdbps.edu.in [12-07-2023 13:38:48] Process Exited: Process Name - conhost.exe Process ID - 15796 [12-07-2023 13:38:55] New process found: Process Name - WmiPrvSE.exe Process ID - 12516 Process Identity - NT AUTHORITY\LOCAL SERVICE [12-07-2023 13:39:01] New process found: Process Name - cmd.exe Process ID - 7316 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 13:39:01] New process found: Process Name - conhost.exe Process ID - 7216 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 13:39:01] New process found: Process Name - runtask.exe Process ID - 16376 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 13:39:01] New process found: Process Name - php.exe Process ID - 13020 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 13:39:01] New process found: Process Name - conhost.exe Process ID - 8376 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 13:39:01] New process found: Process Name - cmd.exe Process ID - 9460 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 13:39:01] New process found: Process Name - php.exe Process ID - 13224 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 13:39:02] New process found: Process Name - WmiPrvSE.exe Process ID - 16304 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 13:39:02] New process found: Process Name - cmd.exe Process ID - 5012 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 13:39:02] New process found: Process Name - php.exe Process ID - 8784 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 13:39:02] Process Exited: Process Name - cmd.exe Process ID - 9460 [12-07-2023 13:39:02] Process Exited: Process Name - php.exe Process ID - 13224 [12-07-2023 13:39:03] Process Exited: Process Name - cmd.exe Process ID - 5012 [12-07-2023 13:39:03] Process Exited: Process Name - conhost.exe Process ID - 7216 [12-07-2023 13:39:03] Process Exited: Process Name - cmd.exe Process ID - 7316 [12-07-2023 13:39:03] Process Exited: Process Name - conhost.exe Process ID - 8376 [12-07-2023 13:39:03] Process Exited: Process Name - php.exe Process ID - 8784 [12-07-2023 13:39:03] Process Exited: Process Name - php.exe Process ID - 13020 [12-07-2023 13:39:03] Process Exited: Process Name - runtask.exe Process ID - 16376 [12-07-2023 13:39:06] Process Exited: Process Name - w3wp.exe Process ID - 11508 Web application pool name - capitalbooks-publishing.com(domain)(4.0)(pool) [12-07-2023 13:39:27] New process found: Process Name - w3wp.exe Process ID - 996 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 13:39:27] Process Exited: Process Name - w3wp.exe Process ID - 10684 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 13:39:42] Process Exited: Process Name - conhost.exe Process ID - 6620 [12-07-2023 13:39:42] Process Exited: Process Name - w3wp.exe Process ID - 16052 Web application pool name - procurementwebnew.acwits.in(domain)(4.0)(pool) [12-07-2023 13:40:24] Process Exited: Process Name - WmiPrvSE.exe Process ID - 12516 [12-07-2023 13:40:24] Process Exited: Process Name - WmiPrvSE.exe Process ID - 16304 [12-07-2023 13:41:41] Process Exited: Process Name - w3wp.exe Process ID - 13648 Web application pool name - cies.org.in(domain)(4.0)(pool) [12-07-2023 13:42:09] New process found: Process Name - w3wp.exe Process ID - 7356 Process Identity - KSHITIJSINGHAL-\IWPD_6(cies) Web application pool name - cies.org.in(domain)(4.0)(pool) [12-07-2023 13:42:36] New process found: Process Name - w3wp.exe Process ID - 11296 Process Identity - IIS APPPOOL\kdbps.edu.in Web application pool name - kdbps.edu.in [12-07-2023 13:43:46] New process found: Process Name - w3wp.exe Process ID - 7596 Process Identity - IIS APPPOOL\DefaultAppPool Web application pool name - DefaultAppPool [12-07-2023 13:43:54] New process found: Process Name - w3wp.exe Process ID - 15900 Process Identity - IIS APPPOOL\PleskControlPanel Web application pool name - PleskControlPanel [12-07-2023 13:43:54] New process found: Process Name - php-cgi.exe Process ID - 9464 Process Identity - IIS APPPOOL\PleskControlPanel [12-07-2023 13:44:01] New process found: Process Name - cmd.exe Process ID - 4848 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 13:44:01] New process found: Process Name - conhost.exe Process ID - 10236 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 13:44:01] New process found: Process Name - runtask.exe Process ID - 13680 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 13:44:01] New process found: Process Name - php.exe Process ID - 9812 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 13:44:01] New process found: Process Name - conhost.exe Process ID - 3332 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 13:44:02] New process found: Process Name - w3wp.exe Process ID - 7000 Process Identity - KSHITIJSINGHAL-\IWPD_13(perfectbrea) Web application pool name - perfectbread.com(domain)(4.0)(pool) [12-07-2023 13:44:02] Process Exited: Process Name - conhost.exe Process ID - 3332 [12-07-2023 13:44:02] Process Exited: Process Name - cmd.exe Process ID - 4848 [12-07-2023 13:44:02] Process Exited: Process Name - php.exe Process ID - 9812 [12-07-2023 13:44:02] Process Exited: Process Name - conhost.exe Process ID - 10236 [12-07-2023 13:44:02] Process Exited: Process Name - runtask.exe Process ID - 13680 [12-07-2023 13:44:04] New process found: Process Name - conhost.exe Process ID - 9872 Process Identity - KSHITIJSINGHAL-\IWPD_13(perfectbrea) [12-07-2023 13:44:05] New process found: Process Name - php-cgi.exe Process ID - 12656 Process Identity - IIS APPPOOL\PleskControlPanel [12-07-2023 13:44:28] New process found: Process Name - w3wp.exe Process ID - 2232 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 13:44:28] Process Exited: Process Name - w3wp.exe Process ID - 996 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 13:45:07] New process found: Process Name - conhost.exe Process ID - 11004 Process Identity - IIS APPPOOL\kdbps.edu.in [12-07-2023 13:45:42] New process found: Process Name - w3wp.exe Process ID - 8564 Process Identity - KSHITIJSINGHAL-\IWPD_50(acwits) Web application pool name - adminmain.acwits.in(domain)(4.0)(pool) [12-07-2023 13:45:44] New process found: Process Name - conhost.exe Process ID - 6624 Process Identity - KSHITIJSINGHAL-\IWPD_50(acwits) [12-07-2023 13:46:01] New process found: Process Name - cmd.exe Process ID - 6604 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 13:46:01] New process found: Process Name - conhost.exe Process ID - 2376 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 13:46:01] New process found: Process Name - runtask.exe Process ID - 14204 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 13:46:01] New process found: Process Name - php.exe Process ID - 9276 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 13:46:01] New process found: Process Name - conhost.exe Process ID - 14156 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 13:46:02] Process Exited: Process Name - conhost.exe Process ID - 2376 [12-07-2023 13:46:02] Process Exited: Process Name - cmd.exe Process ID - 6604 [12-07-2023 13:46:02] Process Exited: Process Name - php.exe Process ID - 9276 [12-07-2023 13:46:02] Process Exited: Process Name - conhost.exe Process ID - 14156 [12-07-2023 13:46:02] Process Exited: Process Name - runtask.exe Process ID - 14204 [12-07-2023 13:47:18] Process Exited: Process Name - w3wp.exe Process ID - 15028 Web application pool name - galaxytools.in [12-07-2023 13:48:11] Process Exited: Process Name - w3wp.exe Process ID - 11072 Web application pool name - adminportal.galaxytools.in [12-07-2023 13:48:54] New process found: Process Name - WmiPrvSE.exe Process ID - 14708 Process Identity - NT AUTHORITY\LOCAL SERVICE [12-07-2023 13:49:01] New process found: Process Name - WmiPrvSE.exe Process ID - 11412 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 13:49:29] New process found: Process Name - w3wp.exe Process ID - 16380 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 13:49:29] Process Exited: Process Name - w3wp.exe Process ID - 2232 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 13:50:04] Process Exited: Process Name - w3wp.exe Process ID - 7000 Web application pool name - perfectbread.com(domain)(4.0)(pool) [12-07-2023 13:50:04] Process Exited: Process Name - conhost.exe Process ID - 9872 [12-07-2023 13:50:11] New process found: Process Name - w3wp.exe Process ID - 1688 Process Identity - IIS APPPOOL\adminportal.galaxytools.in Web application pool name - adminportal.galaxytools.in [12-07-2023 13:50:24] Process Exited: Process Name - WmiPrvSE.exe Process ID - 11412 [12-07-2023 13:50:24] Process Exited: Process Name - WmiPrvSE.exe Process ID - 14708 [12-07-2023 13:50:48] Process Exited: Process Name - w3wp.exe Process ID - 7596 Web application pool name - DefaultAppPool [12-07-2023 13:51:44] Process Exited: Process Name - conhost.exe Process ID - 6624 [12-07-2023 13:51:44] Process Exited: Process Name - w3wp.exe Process ID - 8564 Web application pool name - adminmain.acwits.in(domain)(4.0)(pool) [12-07-2023 13:52:01] New process found: Process Name - cmd.exe Process ID - 13684 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 13:52:01] New process found: Process Name - conhost.exe Process ID - 7532 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 13:52:01] New process found: Process Name - runtask.exe Process ID - 14108 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 13:52:01] New process found: Process Name - php.exe Process ID - 13400 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 13:52:01] New process found: Process Name - conhost.exe Process ID - 15424 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 13:52:02] Process Exited: Process Name - conhost.exe Process ID - 7532 [12-07-2023 13:52:02] Process Exited: Process Name - php.exe Process ID - 13400 [12-07-2023 13:52:02] Process Exited: Process Name - cmd.exe Process ID - 13684 [12-07-2023 13:52:02] Process Exited: Process Name - runtask.exe Process ID - 14108 [12-07-2023 13:52:02] Process Exited: Process Name - conhost.exe Process ID - 15424 [12-07-2023 13:52:16] New process found: Process Name - w3wp.exe Process ID - 2556 Process Identity - KSHITIJSINGHAL-\IWPD_7(cies) Web application pool name - adminportal.cies.org.in(domain)(4.0)(pool) [12-07-2023 13:53:00] New process found: Process Name - w3wp.exe Process ID - 16368 Process Identity - IIS APPPOOL\DefaultAppPool Web application pool name - DefaultAppPool [12-07-2023 13:54:31] New process found: Process Name - w3wp.exe Process ID - 1704 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 13:54:31] Process Exited: Process Name - w3wp.exe Process ID - 16380 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 13:56:14] Process Exited: Process Name - w3wp.exe Process ID - 1688 Web application pool name - adminportal.galaxytools.in [12-07-2023 13:58:12] Process Exited: Process Name - w3wp.exe Process ID - 7356 Web application pool name - cies.org.in(domain)(4.0)(pool) [12-07-2023 13:58:55] New process found: Process Name - WmiPrvSE.exe Process ID - 7268 Process Identity - NT AUTHORITY\LOCAL SERVICE [12-07-2023 13:59:02] New process found: Process Name - WmiPrvSE.exe Process ID - 10592 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 13:59:03] Process Exited: Process Name - w3wp.exe Process ID - 16368 Web application pool name - DefaultAppPool [12-07-2023 13:59:32] New process found: Process Name - w3wp.exe Process ID - 6228 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 13:59:32] Process Exited: Process Name - w3wp.exe Process ID - 1704 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 14:00:10] New process found: Process Name - w3wp.exe Process ID - 11372 Process Identity - KSHITIJSINGHAL-\IWPD_38(capitalbook) Web application pool name - capitalbooks-publishing.com(domain)(4.0)(pool) [12-07-2023 14:00:25] Process Exited: Process Name - WmiPrvSE.exe Process ID - 7268 [12-07-2023 14:00:25] Process Exited: Process Name - WmiPrvSE.exe Process ID - 10592 [12-07-2023 14:00:30] New process found: Process Name - w3wp.exe Process ID - 14568 Process Identity - IIS APPPOOL\DefaultAppPool Web application pool name - DefaultAppPool [12-07-2023 14:02:32] New process found: Process Name - w3wp.exe Process ID - 10016 Process Identity - IIS APPPOOL\acme-challenge Web application pool name - acme-challenge [12-07-2023 14:02:35] New process found: Process Name - w3wp.exe Process ID - 9612 Process Identity - IIS APPPOOL\https-redirect Web application pool name - https-redirect [12-07-2023 14:02:56] New process found: Process Name - w3wp.exe Process ID - 8532 Process Identity - KSHITIJSINGHAL-\IWPD_6(cies) Web application pool name - cies.org.in(domain)(4.0)(pool) [12-07-2023 14:04:23] New process found: Process Name - w3wp.exe Process ID - 13808 Process Identity - KSHITIJSINGHAL-\IWPD_13(perfectbrea) Web application pool name - perfectbread.com(domain)(4.0)(pool) [12-07-2023 14:04:23] New process found: Process Name - conhost.exe Process ID - 10412 Process Identity - KSHITIJSINGHAL-\IWPD_13(perfectbrea) [12-07-2023 14:04:33] New process found: Process Name - w3wp.exe Process ID - 8256 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 14:04:33] Process Exited: Process Name - w3wp.exe Process ID - 6228 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 14:05:00] New process found: Process Name - cmd.exe Process ID - 2440 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 14:05:00] New process found: Process Name - conhost.exe Process ID - 12884 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 14:05:00] New process found: Process Name - runtask.exe Process ID - 8416 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 14:05:00] New process found: Process Name - php.exe Process ID - 14052 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 14:05:00] New process found: Process Name - conhost.exe Process ID - 14268 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 14:05:10] Process Exited: Process Name - cmd.exe Process ID - 2440 [12-07-2023 14:05:10] Process Exited: Process Name - runtask.exe Process ID - 8416 [12-07-2023 14:05:10] Process Exited: Process Name - conhost.exe Process ID - 12884 [12-07-2023 14:05:10] Process Exited: Process Name - php.exe Process ID - 14052 [12-07-2023 14:05:10] Process Exited: Process Name - conhost.exe Process ID - 14268 [12-07-2023 14:05:57] New process found: Process Name - w3wp.exe Process ID - 13284 Process Identity - KSHITIJSINGHAL-\IWPD_82(medblink) Web application pool name - blogs.medblinkit.com(domain)(4.0)(pool) [12-07-2023 14:05:58] New process found: Process Name - conhost.exe Process ID - 11992 Process Identity - KSHITIJSINGHAL-\IWPD_82(medblink) [12-07-2023 14:05:59] New process found: Process Name - w3wp.exe Process ID - 8248 Process Identity - IIS APPPOOL\galaxytools.in Web application pool name - galaxytools.in [12-07-2023 14:06:04] New process found: Process Name - GoogleUpdate.exe Process ID - 14468 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 14:06:12] Process Exited: Process Name - w3wp.exe Process ID - 11372 Web application pool name - capitalbooks-publishing.com(domain)(4.0)(pool) [12-07-2023 14:06:37] Process Exited: Process Name - GoogleUpdate.exe Process ID - 14468 [12-07-2023 14:08:35] Process Exited: Process Name - w3wp.exe Process ID - 10016 Web application pool name - acme-challenge [12-07-2023 14:08:37] Process Exited: Process Name - w3wp.exe Process ID - 9612 Web application pool name - https-redirect [12-07-2023 14:08:54] New process found: Process Name - WmiPrvSE.exe Process ID - 2704 Process Identity - NT AUTHORITY\LOCAL SERVICE [12-07-2023 14:09:01] New process found: Process Name - WmiPrvSE.exe Process ID - 15608 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 14:09:34] New process found: Process Name - w3wp.exe Process ID - 7744 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 14:09:34] Process Exited: Process Name - w3wp.exe Process ID - 8256 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 14:10:18] Process Exited: Process Name - w3wp.exe Process ID - 2556 Web application pool name - adminportal.cies.org.in(domain)(4.0)(pool) [12-07-2023 14:10:24] Process Exited: Process Name - WmiPrvSE.exe Process ID - 2704 [12-07-2023 14:10:24] Process Exited: Process Name - WmiPrvSE.exe Process ID - 15608 [12-07-2023 14:10:32] Process Exited: Process Name - w3wp.exe Process ID - 14568 Web application pool name - DefaultAppPool [12-07-2023 14:11:59] Process Exited: Process Name - conhost.exe Process ID - 11992 [12-07-2023 14:11:59] Process Exited: Process Name - w3wp.exe Process ID - 13284 Web application pool name - blogs.medblinkit.com(domain)(4.0)(pool) [12-07-2023 14:12:26] Process Exited: Process Name - conhost.exe Process ID - 10412 [12-07-2023 14:12:26] Process Exited: Process Name - w3wp.exe Process ID - 13808 Web application pool name - perfectbread.com(domain)(4.0)(pool) [12-07-2023 14:14:36] New process found: Process Name - w3wp.exe Process ID - 6488 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 14:14:36] Process Exited: Process Name - w3wp.exe Process ID - 7744 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 14:16:01] Process Exited: Process Name - w3wp.exe Process ID - 8248 Web application pool name - galaxytools.in [12-07-2023 14:16:37] New process found: Process Name - w3wp.exe Process ID - 2600 Process Identity - KSHITIJSINGHAL-\IWPD_38(capitalbook) Web application pool name - capitalbooks-publishing.com(domain)(4.0)(pool) [12-07-2023 14:16:58] Process Exited: Process Name - w3wp.exe Process ID - 8532 Web application pool name - cies.org.in(domain)(4.0)(pool) [12-07-2023 14:17:05] New process found: Process Name - w3wp.exe Process ID - 532 Process Identity - IIS APPPOOL\DefaultAppPool Web application pool name - DefaultAppPool [12-07-2023 14:17:06] New process found: Process Name - w3wp.exe Process ID - 15380 Process Identity - KSHITIJSINGHAL-\IWPD_50(acwits) Web application pool name - adminmain.acwits.in(domain)(4.0)(pool) [12-07-2023 14:17:07] New process found: Process Name - conhost.exe Process ID - 15532 Process Identity - KSHITIJSINGHAL-\IWPD_50(acwits) [12-07-2023 14:18:55] New process found: Process Name - WmiPrvSE.exe Process ID - 6188 Process Identity - NT AUTHORITY\LOCAL SERVICE [12-07-2023 14:18:59] New process found: Process Name - w3wp.exe Process ID - 11596 Process Identity - KSHITIJSINGHAL-\IWPD_13(perfectbrea) Web application pool name - perfectbread.com(domain)(4.0)(pool) [12-07-2023 14:19:00] New process found: Process Name - conhost.exe Process ID - 11832 Process Identity - KSHITIJSINGHAL-\IWPD_13(perfectbrea) [12-07-2023 14:19:02] New process found: Process Name - WmiPrvSE.exe Process ID - 10468 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 14:19:08] New process found: Process Name - w3wp.exe Process ID - 15744 Process Identity - KSHITIJSINGHAL-\IWPD_14(perfectbrea) Web application pool name - adminportal.perfectbread.com(domain)(4.0)(pool) [12-07-2023 14:19:08] New process found: Process Name - conhost.exe Process ID - 176 Process Identity - KSHITIJSINGHAL-\IWPD_14(perfectbrea) [12-07-2023 14:19:15] New process found: Process Name - w3wp.exe Process ID - 11992 Process Identity - IIS APPPOOL\galaxytools.in Web application pool name - galaxytools.in [12-07-2023 14:19:37] New process found: Process Name - w3wp.exe Process ID - 10124 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 14:19:37] Process Exited: Process Name - w3wp.exe Process ID - 6488 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 14:20:25] Process Exited: Process Name - WmiPrvSE.exe Process ID - 6188 [12-07-2023 14:20:25] Process Exited: Process Name - WmiPrvSE.exe Process ID - 10468 [12-07-2023 14:21:14] New process found: Process Name - w3wp.exe Process ID - 1368 Process Identity - KSHITIJSINGHAL-\IWPD_6(cies) Web application pool name - cies.org.in(domain)(4.0)(pool) [12-07-2023 14:22:39] Process Exited: Process Name - w3wp.exe Process ID - 2600 Web application pool name - capitalbooks-publishing.com(domain)(4.0)(pool) [12-07-2023 14:23:08] Process Exited: Process Name - w3wp.exe Process ID - 15380 Web application pool name - adminmain.acwits.in(domain)(4.0)(pool) [12-07-2023 14:23:08] Process Exited: Process Name - conhost.exe Process ID - 15532 [12-07-2023 14:24:38] New process found: Process Name - w3wp.exe Process ID - 4336 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 14:24:38] Process Exited: Process Name - w3wp.exe Process ID - 10124 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 14:24:38] Process Exited: Process Name - conhost.exe Process ID - 11004 [12-07-2023 14:24:38] Process Exited: Process Name - w3wp.exe Process ID - 11296 Web application pool name - kdbps.edu.in [12-07-2023 14:25:00] New process found: Process Name - cmd.exe Process ID - 14224 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 14:25:00] New process found: Process Name - conhost.exe Process ID - 7572 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 14:25:00] New process found: Process Name - runtask.exe Process ID - 2944 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 14:25:00] New process found: Process Name - php.exe Process ID - 10364 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 14:25:00] New process found: Process Name - conhost.exe Process ID - 15192 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 14:25:05] Process Exited: Process Name - runtask.exe Process ID - 2944 [12-07-2023 14:25:05] Process Exited: Process Name - conhost.exe Process ID - 7572 [12-07-2023 14:25:05] Process Exited: Process Name - php.exe Process ID - 10364 [12-07-2023 14:25:05] Process Exited: Process Name - cmd.exe Process ID - 14224 [12-07-2023 14:25:05] Process Exited: Process Name - conhost.exe Process ID - 15192 [12-07-2023 14:25:07] Process Exited: Process Name - w3wp.exe Process ID - 532 Web application pool name - DefaultAppPool [12-07-2023 14:25:09] Process Exited: Process Name - conhost.exe Process ID - 176 [12-07-2023 14:25:09] Process Exited: Process Name - w3wp.exe Process ID - 15744 Web application pool name - adminportal.perfectbread.com(domain)(4.0)(pool) [12-07-2023 14:25:16] Process Exited: Process Name - w3wp.exe Process ID - 11992 Web application pool name - galaxytools.in [12-07-2023 14:26:02] Process Exited: Process Name - w3wp.exe Process ID - 11596 Web application pool name - perfectbread.com(domain)(4.0)(pool) [12-07-2023 14:26:02] Process Exited: Process Name - conhost.exe Process ID - 11832 [12-07-2023 14:26:05] New process found: Process Name - w3wp.exe Process ID - 9732 Process Identity - KSHITIJSINGHAL-\IWPD_33(acwits) Web application pool name - procurementwebnew.acwits.in(domain)(4.0)(pool) [12-07-2023 14:26:06] New process found: Process Name - conhost.exe Process ID - 16224 Process Identity - KSHITIJSINGHAL-\IWPD_33(acwits) [12-07-2023 14:28:16] New process found: Process Name - w3wp.exe Process ID - 11588 Process Identity - IIS APPPOOL\kdbps.edu.in Web application pool name - kdbps.edu.in [12-07-2023 14:28:17] New process found: Process Name - conhost.exe Process ID - 6188 Process Identity - IIS APPPOOL\kdbps.edu.in [12-07-2023 14:28:54] New process found: Process Name - WmiPrvSE.exe Process ID - 15564 Process Identity - NT AUTHORITY\LOCAL SERVICE [12-07-2023 14:29:01] New process found: Process Name - w3wp.exe Process ID - 16076 Process Identity - KSHITIJSINGHAL-\IWPD_13(perfectbrea) Web application pool name - perfectbread.com(domain)(4.0)(pool) [12-07-2023 14:29:01] New process found: Process Name - WmiPrvSE.exe Process ID - 6456 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 14:29:02] New process found: Process Name - conhost.exe Process ID - 10620 Process Identity - KSHITIJSINGHAL-\IWPD_13(perfectbrea) [12-07-2023 14:29:39] New process found: Process Name - w3wp.exe Process ID - 9160 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 14:29:39] Process Exited: Process Name - w3wp.exe Process ID - 4336 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 14:30:24] Process Exited: Process Name - WmiPrvSE.exe Process ID - 6456 [12-07-2023 14:30:24] Process Exited: Process Name - WmiPrvSE.exe Process ID - 15564 [12-07-2023 14:30:48] New process found: Process Name - w3wp.exe Process ID - 9020 Process Identity - IIS APPPOOL\DefaultAppPool Web application pool name - DefaultAppPool [12-07-2023 14:30:56] New process found: Process Name - w3wp.exe Process ID - 4956 Process Identity - KSHITIJSINGHAL-\IWPD_38(capitalbook) Web application pool name - capitalbooks-publishing.com(domain)(4.0)(pool) [12-07-2023 14:32:16] Process Exited: Process Name - w3wp.exe Process ID - 1368 Web application pool name - cies.org.in(domain)(4.0)(pool) [12-07-2023 14:33:49] New process found: Process Name - w3wp.exe Process ID - 732 Process Identity - IIS APPPOOL\galaxytools.in Web application pool name - galaxytools.in [12-07-2023 14:34:03] New process found: Process Name - w3wp.exe Process ID - 11540 Process Identity - IIS APPPOOL\shop.galaxytools.in Web application pool name - shop.galaxytools.in [12-07-2023 14:34:11] New process found: Process Name - w3wp.exe Process ID - 7100 Process Identity - KSHITIJSINGHAL-\IWPD_6(cies) Web application pool name - cies.org.in(domain)(4.0)(pool) [12-07-2023 14:34:41] New process found: Process Name - w3wp.exe Process ID - 12672 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 14:34:41] Process Exited: Process Name - w3wp.exe Process ID - 9160 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 14:35:03] Process Exited: Process Name - conhost.exe Process ID - 10620 [12-07-2023 14:35:03] Process Exited: Process Name - w3wp.exe Process ID - 16076 Web application pool name - perfectbread.com(domain)(4.0)(pool) [12-07-2023 14:35:07] Process Exited: Process Name - w3wp.exe Process ID - 9732 Web application pool name - procurementwebnew.acwits.in(domain)(4.0)(pool) [12-07-2023 14:35:07] Process Exited: Process Name - conhost.exe Process ID - 16224 [12-07-2023 14:35:40] New process found: Process Name - InstallAgent.exe Process ID - 16072 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 14:35:45] Process Exited: Process Name - InstallAgent.exe Process ID - 16072 [12-07-2023 14:35:47] New process found: Process Name - w3wp.exe Process ID - 11012 Process Identity - KSHITIJSINGHAL-\IWPD_13(perfectbrea) Web application pool name - perfectbread.com(domain)(4.0)(pool) [12-07-2023 14:36:59] Process Exited: Process Name - w3wp.exe Process ID - 4956 Web application pool name - capitalbooks-publishing.com(domain)(4.0)(pool) [12-07-2023 14:37:50] Process Exited: Process Name - w3wp.exe Process ID - 9020 Web application pool name - DefaultAppPool [12-07-2023 14:38:55] New process found: Process Name - WmiPrvSE.exe Process ID - 7084 Process Identity - NT AUTHORITY\LOCAL SERVICE [12-07-2023 14:39:01] New process found: Process Name - cmd.exe Process ID - 15564 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 14:39:01] New process found: Process Name - conhost.exe Process ID - 7736 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 14:39:01] New process found: Process Name - runtask.exe Process ID - 9248 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 14:39:01] New process found: Process Name - php.exe Process ID - 3836 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 14:39:01] New process found: Process Name - conhost.exe Process ID - 5160 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 14:39:02] New process found: Process Name - WmiPrvSE.exe Process ID - 7512 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 14:39:02] New process found: Process Name - cmd.exe Process ID - 15852 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 14:39:02] New process found: Process Name - php.exe Process ID - 3840 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 14:39:03] New process found: Process Name - cmd.exe Process ID - 15016 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 14:39:03] New process found: Process Name - php.exe Process ID - 6876 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 14:39:03] Process Exited: Process Name - php.exe Process ID - 3840 [12-07-2023 14:39:03] Process Exited: Process Name - cmd.exe Process ID - 15852 [12-07-2023 14:39:04] Process Exited: Process Name - php.exe Process ID - 3836 [12-07-2023 14:39:04] Process Exited: Process Name - conhost.exe Process ID - 5160 [12-07-2023 14:39:04] Process Exited: Process Name - php.exe Process ID - 6876 [12-07-2023 14:39:04] Process Exited: Process Name - conhost.exe Process ID - 7736 [12-07-2023 14:39:04] Process Exited: Process Name - runtask.exe Process ID - 9248 [12-07-2023 14:39:04] Process Exited: Process Name - cmd.exe Process ID - 15016 [12-07-2023 14:39:04] Process Exited: Process Name - cmd.exe Process ID - 15564 [12-07-2023 14:39:26] New process found: Process Name - w3wp.exe Process ID - 3328 Process Identity - KSHITIJSINGHAL-\IWPD_14(perfectbrea) Web application pool name - adminportal.perfectbread.com(domain)(4.0)(pool) [12-07-2023 14:39:26] New process found: Process Name - conhost.exe Process ID - 11372 Process Identity - KSHITIJSINGHAL-\IWPD_14(perfectbrea) [12-07-2023 14:39:42] New process found: Process Name - w3wp.exe Process ID - 7912 Process Identity - KSHITIJSINGHAL-\IWPD_33(acwits) Web application pool name - procurementwebnew.acwits.in(domain)(4.0)(pool) [12-07-2023 14:39:42] New process found: Process Name - conhost.exe Process ID - 88 Process Identity - KSHITIJSINGHAL-\IWPD_33(acwits) [12-07-2023 14:39:42] New process found: Process Name - w3wp.exe Process ID - 11968 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 14:39:42] Process Exited: Process Name - w3wp.exe Process ID - 12672 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 14:40:05] Process Exited: Process Name - w3wp.exe Process ID - 11540 Web application pool name - shop.galaxytools.in [12-07-2023 14:40:08] New process found: Process Name - ComboCleaner.Guard.exe Process ID - 4764 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 14:40:08] New process found: Process Name - svchost.exe Process ID - 7944 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 14:40:08] New process found: Process Name - WerFault.exe Process ID - 6064 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 14:40:08] Service state changed: Service Name - WerSvc Process ID - 7944 Current State - SERVICE_RUNNING [12-07-2023 14:40:09] New process found: Process Name - wermgr.exe Process ID - 10864 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 14:40:20] Service state changed: Service Name - WdiSystemHost Process ID - 284 Current State - SERVICE_START_PENDING [12-07-2023 14:40:25] Process Exited: Process Name - WmiPrvSE.exe Process ID - 7084 [12-07-2023 14:40:25] Process Exited: Process Name - WmiPrvSE.exe Process ID - 7512 [12-07-2023 14:41:09] Service state changed: Service Name - WdiSystemHost Process ID - 284 Current State - SERVICE_RUNNING [12-07-2023 14:41:09] Service state changed: Service Name - wisvc Process ID - 1120 Current State - SERVICE_RUNNING [12-07-2023 14:41:10] New process found: Process Name - ComboCleaner.Guard.exe Process ID - 13744 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 14:41:10] Process Exited: Process Name - ComboCleaner.Guard.exe Process ID - 1488 [12-07-2023 14:41:10] Process Exited: Process Name - ComboCleaner.Guard.exe Process ID - 4764 [12-07-2023 14:41:10] Process Exited: Process Name - WerFault.exe Process ID - 6064 [12-07-2023 14:41:10] Service state changed: Service Name - ComboCleaner.Guard Process ID - 0 Current State - SERVICE_START_PENDING [12-07-2023 14:41:11] Process Exited: Process Name - wermgr.exe Process ID - 10864 [12-07-2023 14:41:22] Service state changed: Service Name - ComboCleaner.Guard Process ID - 13744 Current State - SERVICE_RUNNING [12-07-2023 14:41:50] Process Exited: Process Name - w3wp.exe Process ID - 11012 Web application pool name - perfectbread.com(domain)(4.0)(pool) [12-07-2023 14:41:56] New process found: Process Name - ig-0.exe Process ID - 6776 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 14:41:57] New process found: Process Name - ig-3.exe Process ID - 11084 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 14:41:57] Process Exited: Process Name - ig-0.exe Process ID - 6776 [12-07-2023 14:41:58] New process found: Process Name - ig-6.exe Process ID - 13564 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 14:41:58] Process Exited: Process Name - ig-3.exe Process ID - 11084 [12-07-2023 14:41:59] New process found: Process Name - ig-9.exe Process ID - 15100 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 14:41:59] Process Exited: Process Name - ig-6.exe Process ID - 13564 [12-07-2023 14:42:00] New process found: Process Name - ig-12.exe Process ID - 4956 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 14:42:00] Process Exited: Process Name - ig-9.exe Process ID - 15100 [12-07-2023 14:42:01] New process found: Process Name - ig-14.exe Process ID - 3972 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 14:42:01] Process Exited: Process Name - ig-12.exe Process ID - 4956 [12-07-2023 14:42:02] New process found: Process Name - ig-17.exe Process ID - 12524 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 14:42:02] Process Exited: Process Name - ig-14.exe Process ID - 3972 [12-07-2023 14:42:03] New process found: Process Name - ig-20.exe Process ID - 5068 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 14:42:03] Process Exited: Process Name - ig-17.exe Process ID - 12524 [12-07-2023 14:42:04] New process found: Process Name - ig-23.exe Process ID - 1624 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 14:42:04] Process Exited: Process Name - ig-20.exe Process ID - 5068 [12-07-2023 14:42:05] New process found: Process Name - ig-26.exe Process ID - 14780 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 14:42:05] Process Exited: Process Name - ig-23.exe Process ID - 1624 [12-07-2023 14:42:06] New process found: Process Name - ig-29.exe Process ID - 15796 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 14:42:06] Process Exited: Process Name - ig-26.exe Process ID - 14780 [12-07-2023 14:42:07] New process found: Process Name - ig-32.exe Process ID - 10704 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 14:42:07] Process Exited: Process Name - ig-29.exe Process ID - 15796 [12-07-2023 14:42:08] New process found: Process Name - ig-36.exe Process ID - 6184 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 14:42:08] Process Exited: Process Name - svchost.exe Process ID - 7944 [12-07-2023 14:42:08] Process Exited: Process Name - ig-32.exe Process ID - 10704 [12-07-2023 14:42:08] Service state changed: Service Name - WerSvc Process ID - 0 Current State - SERVICE_STOPPED [12-07-2023 14:42:09] New process found: Process Name - w3wp.exe Process ID - 2824 Process Identity - IIS APPPOOL\DefaultAppPool Web application pool name - DefaultAppPool [12-07-2023 14:42:09] New process found: Process Name - ig-38.exe Process ID - 10368 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 14:42:09] Process Exited: Process Name - ig-36.exe Process ID - 6184 [12-07-2023 14:42:09] Service state changed: Service Name - wisvc Process ID - 0 Current State - SERVICE_STOPPED [12-07-2023 14:42:10] Process Exited: Process Name - ig-38.exe Process ID - 10368 [12-07-2023 14:42:11] New process found: Process Name - ig-45.exe Process ID - 9536 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 14:42:12] New process found: Process Name - ig-48.exe Process ID - 9552 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 14:42:12] Process Exited: Process Name - ig-45.exe Process ID - 9536 [12-07-2023 14:42:13] Process Exited: Process Name - ig-48.exe Process ID - 9552 [12-07-2023 14:42:51] New process found: Process Name - w3wp.exe Process ID - 12264 Process Identity - IIS APPPOOL\galaxytools.in Web application pool name - galaxytools.in [12-07-2023 14:42:51] Process Exited: Process Name - w3wp.exe Process ID - 732 Web application pool name - galaxytools.in [12-07-2023 14:43:08] New process found: Process Name - csrss.exe Process ID - 10756 Process Identity - SYSTEM [12-07-2023 14:43:08] New process found: Process Name - winlogon.exe Process ID - 15544 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 14:43:09] New process found: Process Name - LogonUI.exe Process ID - 11680 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 14:43:09] New process found: Process Name - dwm.exe Process ID - 7924 Process Identity - Window Manager\DWM-4 [12-07-2023 14:43:09] New process found: Process Name - TSTheme.exe Process ID - 15332 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 14:43:10] New process found: Process Name - taskhostw.exe Process ID - 15608 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 14:43:10] New process found: Process Name - dllhost.exe Process ID - 7948 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 14:43:10] Process Exited: Process Name - dwm.exe Process ID - 7924 [12-07-2023 14:43:10] Process Exited: Process Name - csrss.exe Process ID - 10756 [12-07-2023 14:43:10] Process Exited: Process Name - LogonUI.exe Process ID - 11680 [12-07-2023 14:43:10] Process Exited: Process Name - winlogon.exe Process ID - 15544 [12-07-2023 14:43:10] Service state changed: Service Name - ScDeviceEnum Process ID - 284 Current State - SERVICE_RUNNING [12-07-2023 14:43:15] Process Exited: Process Name - TSTheme.exe Process ID - 15332 [12-07-2023 14:43:15] Service state changed: Service Name - DsmSvc Process ID - 1120 Current State - SERVICE_RUNNING [12-07-2023 14:43:20] Process Exited: Process Name - Setup.exe Process ID - 7008 [12-07-2023 14:43:20] Process Exited: Process Name - ndp48-x86-x64-allos-enu.exe Process ID - 8040 [12-07-2023 14:43:22] New process found: Process Name - CompatTelRunner.exe Process ID - 10196 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 14:43:22] New process found: Process Name - conhost.exe Process ID - 9128 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 14:43:40] New process found: Process Name - svchost.exe Process ID - 6280 Process Identity - SYSTEM [12-07-2023 14:43:40] Process Exited: Process Name - wlrmdr.exe Process ID - 13556 [12-07-2023 14:43:40] Process Exited: Process Name - taskhostw.exe Process ID - 15608 [12-07-2023 14:43:40] Service state changed: Service Name - AppXSvc Process ID - 6280 Current State - SERVICE_RUNNING [12-07-2023 14:43:41] New process found: Process Name - wlrmdr.exe Process ID - 7424 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 14:43:45] Process Exited: Process Name - dllhost.exe Process ID - 7948 [12-07-2023 14:43:58] Process Exited: Process Name - conhost.exe Process ID - 9128 [12-07-2023 14:43:58] Process Exited: Process Name - CompatTelRunner.exe Process ID - 10196 [12-07-2023 14:44:00] New process found: Process Name - cmd.exe Process ID - 10152 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 14:44:00] New process found: Process Name - conhost.exe Process ID - 8480 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 14:44:00] New process found: Process Name - runtask.exe Process ID - 16252 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 14:44:01] New process found: Process Name - php.exe Process ID - 5904 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 14:44:01] New process found: Process Name - conhost.exe Process ID - 15168 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 14:44:01] Service state changed: Service Name - DsmSvc Process ID - 0 Current State - SERVICE_STOPPED [12-07-2023 14:44:02] Process Exited: Process Name - php.exe Process ID - 5904 [12-07-2023 14:44:02] Process Exited: Process Name - conhost.exe Process ID - 8480 [12-07-2023 14:44:02] Process Exited: Process Name - cmd.exe Process ID - 10152 [12-07-2023 14:44:02] Process Exited: Process Name - conhost.exe Process ID - 15168 [12-07-2023 14:44:02] Process Exited: Process Name - runtask.exe Process ID - 16252 [12-07-2023 14:44:30] New process found: Process Name - where.exe Process ID - 8900 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) [12-07-2023 14:44:30] New process found: Process Name - conhost.exe Process ID - 16316 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) [12-07-2023 14:44:31] New process found: Process Name - conhost.exe Process ID - 9628 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) [12-07-2023 14:44:31] Process Exited: Process Name - where.exe Process ID - 8900 [12-07-2023 14:44:31] Process Exited: Process Name - conhost.exe Process ID - 16316 [12-07-2023 14:45:14] Process Exited: Process Name - w3wp.exe Process ID - 7100 Web application pool name - cies.org.in(domain)(4.0)(pool) [12-07-2023 14:45:28] Process Exited: Process Name - w3wp.exe Process ID - 3328 Web application pool name - adminportal.perfectbread.com(domain)(4.0)(pool) [12-07-2023 14:45:28] Process Exited: Process Name - conhost.exe Process ID - 11372 [12-07-2023 14:46:01] New process found: Process Name - cmd.exe Process ID - 6612 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 14:46:01] New process found: Process Name - conhost.exe Process ID - 12908 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 14:46:01] New process found: Process Name - runtask.exe Process ID - 4984 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 14:46:01] New process found: Process Name - php.exe Process ID - 14408 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 14:46:01] New process found: Process Name - conhost.exe Process ID - 9976 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 14:46:02] Process Exited: Process Name - runtask.exe Process ID - 4984 [12-07-2023 14:46:02] Process Exited: Process Name - cmd.exe Process ID - 6612 [12-07-2023 14:46:02] Process Exited: Process Name - conhost.exe Process ID - 9976 [12-07-2023 14:46:02] Process Exited: Process Name - conhost.exe Process ID - 12908 [12-07-2023 14:46:02] Process Exited: Process Name - php.exe Process ID - 14408 [12-07-2023 14:46:10] New process found: Process Name - w3wp.exe Process ID - 12204 Process Identity - KSHITIJSINGHAL-\IWPD_6(cies) Web application pool name - cies.org.in(domain)(4.0)(pool) [12-07-2023 14:46:13] New process found: Process Name - w3wp.exe Process ID - 10472 Process Identity - KSHITIJSINGHAL-\IWPD_38(capitalbook) Web application pool name - capitalbooks-publishing.com(domain)(4.0)(pool) [12-07-2023 14:46:22] New process found: Process Name - w3wp.exe Process ID - 220 Process Identity - KSHITIJSINGHAL-\IWPD_13(perfectbrea) Web application pool name - perfectbread.com(domain)(4.0)(pool) [12-07-2023 14:46:22] New process found: Process Name - conhost.exe Process ID - 4432 Process Identity - KSHITIJSINGHAL-\IWPD_13(perfectbrea) [12-07-2023 14:46:28] New process found: Process Name - TSTheme.exe Process ID - 7420 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 14:46:34] Process Exited: Process Name - TSTheme.exe Process ID - 7420 [12-07-2023 14:46:49] New process found: Process Name - w3wp.exe Process ID - 8612 Process Identity - KSHITIJSINGHAL-\IWPD_14(perfectbrea) Web application pool name - adminportal.perfectbread.com(domain)(4.0)(pool) [12-07-2023 14:46:49] New process found: Process Name - conhost.exe Process ID - 15408 Process Identity - KSHITIJSINGHAL-\IWPD_14(perfectbrea) [12-07-2023 14:47:07] New process found: Process Name - w3wp.exe Process ID - 13920 Process Identity - KSHITIJSINGHAL-\IWPD_57(chotareli_v) Web application pool name - chotareliance.in(domain)(4.0)(pool) [12-07-2023 14:47:11] New process found: Process Name - where.exe Process ID - 9576 Process Identity - KSHITIJSINGHAL-\IWPD_57(chotareli_v) [12-07-2023 14:47:11] New process found: Process Name - conhost.exe Process ID - 14216 Process Identity - KSHITIJSINGHAL-\IWPD_57(chotareli_v) [12-07-2023 14:47:12] New process found: Process Name - csrss.exe Process ID - 11876 Process Identity - SYSTEM [12-07-2023 14:47:12] New process found: Process Name - winlogon.exe Process ID - 2796 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 14:47:12] New process found: Process Name - conhost.exe Process ID - 10912 Process Identity - KSHITIJSINGHAL-\IWPD_57(chotareli_v) [12-07-2023 14:47:12] New process found: Process Name - LogonUI.exe Process ID - 2324 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 14:47:12] New process found: Process Name - dwm.exe Process ID - 13868 Process Identity - Window Manager\DWM-4 [12-07-2023 14:47:12] New process found: Process Name - TSTheme.exe Process ID - 10032 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 14:47:12] Process Exited: Process Name - where.exe Process ID - 9576 [12-07-2023 14:47:12] Process Exited: Process Name - conhost.exe Process ID - 14216 [12-07-2023 14:47:13] New process found: Process Name - taskhostw.exe Process ID - 2228 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 14:47:13] New process found: Process Name - dllhost.exe Process ID - 10356 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 14:47:13] Process Exited: Process Name - LogonUI.exe Process ID - 2324 [12-07-2023 14:47:13] Process Exited: Process Name - winlogon.exe Process ID - 2796 [12-07-2023 14:47:13] Process Exited: Process Name - csrss.exe Process ID - 11876 [12-07-2023 14:47:13] Process Exited: Process Name - dwm.exe Process ID - 13868 [12-07-2023 14:47:18] Process Exited: Process Name - TSTheme.exe Process ID - 10032 [12-07-2023 14:47:18] Service state changed: Service Name - DsmSvc Process ID - 1120 Current State - SERVICE_RUNNING [12-07-2023 14:47:43] Process Exited: Process Name - taskhostw.exe Process ID - 2228 [12-07-2023 14:47:48] Process Exited: Process Name - dllhost.exe Process ID - 10356 [12-07-2023 14:48:10] Service state changed: Service Name - DsmSvc Process ID - 0 Current State - SERVICE_STOPPED [12-07-2023 14:48:11] New process found: Process Name - SearchProtocolHost.exe Process ID - 7116 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 14:48:11] New process found: Process Name - SearchFilterHost.exe Process ID - 11852 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 14:48:14] New process found: Process Name - dllhost.exe Process ID - 136 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 14:48:16] New process found: Process Name - dllhost.exe Process ID - 15220 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 14:48:16] New process found: Process Name - dllhost.exe Process ID - 12200 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 14:48:19] Process Exited: Process Name - dllhost.exe Process ID - 136 [12-07-2023 14:48:28] New process found: Process Name - w3wp.exe Process ID - 10996 Process Identity - KSHITIJSINGHAL-\IWPD_76(organicdisr) Web application pool name - organicdisruption.org(domain)(4.0)(pool) [12-07-2023 14:48:29] New process found: Process Name - cmd.exe Process ID - 15828 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 14:48:29] New process found: Process Name - conhost.exe Process ID - 15848 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 14:48:29] Process Exited: Process Name - dllhost.exe Process ID - 15220 [12-07-2023 14:48:30] New process found: Process Name - conhost.exe Process ID - 7820 Process Identity - KSHITIJSINGHAL-\IWPD_76(organicdisr) [12-07-2023 14:48:35] New process found: Process Name - iisreset.exe Process ID - 1636 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 14:48:35] New process found: Process Name - iisrstas.exe Process ID - 14472 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 14:48:35] Process Exited: Process Name - SMSvcHost.exe Process ID - 3888 [12-07-2023 14:48:35] Process Exited: Process Name - SMSvcHost.exe Process ID - 4232 [12-07-2023 14:48:35] Process Exited: Process Name - w3wp.exe Process ID - 8612 Web application pool name - adminportal.perfectbread.com(domain)(4.0)(pool) [12-07-2023 14:48:35] Process Exited: Process Name - php-cgi.exe Process ID - 9464 [12-07-2023 14:48:35] Process Exited: Process Name - php-cgi.exe Process ID - 12656 [12-07-2023 14:48:35] Process Exited: Process Name - conhost.exe Process ID - 15408 [12-07-2023 14:48:35] Service state changed: Service Name - NetMsmqActivator Process ID - 0 Current State - SERVICE_STOPPED [12-07-2023 14:48:35] Service state changed: Service Name - NetPipeActivator Process ID - 0 Current State - SERVICE_STOPPED [12-07-2023 14:48:35] Service state changed: Service Name - NetTcpActivator Process ID - 0 Current State - SERVICE_STOPPED [12-07-2023 14:48:35] Service state changed: Service Name - W3SVC Process ID - 2348 Current State - SERVICE_STOP_PENDING [12-07-2023 14:48:36] Process Exited: Process Name - conhost.exe Process ID - 88 [12-07-2023 14:48:36] Process Exited: Process Name - conhost.exe Process ID - 2668 [12-07-2023 14:48:36] Process Exited: Process Name - conhost.exe Process ID - 5516 [12-07-2023 14:48:36] Process Exited: Process Name - conhost.exe Process ID - 6188 [12-07-2023 14:48:36] Process Exited: Process Name - w3wp.exe Process ID - 6632 Web application pool name - singlas.acwits.in(domain)(4.0)(pool) [12-07-2023 14:48:36] Process Exited: Process Name - conhost.exe Process ID - 7820 [12-07-2023 14:48:36] Process Exited: Process Name - w3wp.exe Process ID - 7912 Web application pool name - procurementwebnew.acwits.in(domain)(4.0)(pool) [12-07-2023 14:48:36] Process Exited: Process Name - w3wp.exe Process ID - 10996 Web application pool name - organicdisruption.org(domain)(4.0)(pool) [12-07-2023 14:48:36] Process Exited: Process Name - w3wp.exe Process ID - 11588 Web application pool name - kdbps.edu.in [12-07-2023 14:48:36] Process Exited: Process Name - w3wp.exe Process ID - 12456 Web application pool name - medblinkit.com(domain)(4.0)(pool) [12-07-2023 14:48:37] New process found: Process Name - w3wp.exe Process ID - 6452 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 14:48:37] Process Exited: Process Name - w3wp.exe Process ID - 220 Web application pool name - perfectbread.com(domain)(4.0)(pool) [12-07-2023 14:48:37] Process Exited: Process Name - w3wp.exe Process ID - 2824 Web application pool name - DefaultAppPool [12-07-2023 14:48:37] Process Exited: Process Name - conhost.exe Process ID - 4432 [12-07-2023 14:48:37] Process Exited: Process Name - conhost.exe Process ID - 9628 [12-07-2023 14:48:37] Process Exited: Process Name - w3wp.exe Process ID - 10472 Web application pool name - capitalbooks-publishing.com(domain)(4.0)(pool) [12-07-2023 14:48:37] Process Exited: Process Name - conhost.exe Process ID - 10912 [12-07-2023 14:48:37] Process Exited: Process Name - w3wp.exe Process ID - 11968 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 14:48:37] Process Exited: Process Name - w3wp.exe Process ID - 12204 Web application pool name - cies.org.in(domain)(4.0)(pool) [12-07-2023 14:48:37] Process Exited: Process Name - w3wp.exe Process ID - 12264 Web application pool name - galaxytools.in [12-07-2023 14:48:37] Process Exited: Process Name - w3wp.exe Process ID - 13920 Web application pool name - chotareliance.in(domain)(4.0)(pool) [12-07-2023 14:48:37] Process Exited: Process Name - conhost.exe Process ID - 15480 [12-07-2023 14:48:37] Process Exited: Process Name - w3wp.exe Process ID - 15900 Web application pool name - PleskControlPanel [12-07-2023 14:48:37] Process Exited: Process Name - w3wp.exe Process ID - 16192 Web application pool name - suryaflame.com(domain)(4.0)(pool) [12-07-2023 14:48:37] Service state changed: Service Name - W3SVC Process ID - 0 Current State - SERVICE_STOPPED [12-07-2023 14:48:38] Process Exited: Process Name - w3wp.exe Process ID - 6452 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 14:48:38] Service state changed: Service Name - WAS Process ID - 2348 Current State - SERVICE_STOP_PENDING [12-07-2023 14:48:39] Process Exited: Process Name - svchost.exe Process ID - 2348 [12-07-2023 14:48:39] Service state changed: Service Name - WAS Process ID - 0 Current State - SERVICE_STOPPED [12-07-2023 14:48:40] Process Exited: Process Name - svchost.exe Process ID - 6280 [12-07-2023 14:48:40] Service state changed: Service Name - AppXSvc Process ID - 0 Current State - SERVICE_STOPPED [12-07-2023 14:48:41] New process found: Process Name - svchost.exe Process ID - 12300 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 14:48:41] New process found: Process Name - w3wp.exe Process ID - 15732 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 14:48:41] Service state changed: Service Name - W3SVC Process ID - 12300 Current State - SERVICE_RUNNING [12-07-2023 14:48:41] Service state changed: Service Name - WAS Process ID - 12300 Current State - SERVICE_RUNNING [12-07-2023 14:48:43] New process found: Process Name - SMSvcHost.exe Process ID - 7976 Process Identity - NT AUTHORITY\LOCAL SERVICE [12-07-2023 14:48:43] Service state changed: Service Name - NetPipeActivator Process ID - 7976 Current State - SERVICE_START_PENDING [12-07-2023 14:48:43] Service state changed: Service Name - NetTcpActivator Process ID - 2444 Current State - SERVICE_RUNNING [12-07-2023 14:48:44] New process found: Process Name - w3wp.exe Process ID - 15512 Process Identity - KSHITIJSINGHAL-\IWPD_76(organicdisr) Web application pool name - organicdisruption.org(domain)(4.0)(pool) [12-07-2023 14:48:44] New process found: Process Name - conhost.exe Process ID - 15372 Process Identity - KSHITIJSINGHAL-\IWPD_76(organicdisr) [12-07-2023 14:48:44] New process found: Process Name - SMSvcHost.exe Process ID - 9808 Process Identity - NT AUTHORITY\NETWORK SERVICE [12-07-2023 14:48:44] Service state changed: Service Name - NetMsmqActivator Process ID - 0 Current State - SERVICE_START_PENDING [12-07-2023 14:48:44] Service state changed: Service Name - NetPipeActivator Process ID - 7976 Current State - SERVICE_RUNNING [12-07-2023 14:48:45] New process found: Process Name - w3wp.exe Process ID - 5048 Process Identity - KSHITIJSINGHAL-\IWPD_57(chotareli_v) Web application pool name - chotareliance.in(domain)(4.0)(pool) [12-07-2023 14:48:45] Service state changed: Service Name - NetMsmqActivator Process ID - 9808 Current State - SERVICE_RUNNING [12-07-2023 14:48:46] Process Exited: Process Name - iisreset.exe Process ID - 1636 [12-07-2023 14:48:51] New process found: Process Name - conhost.exe Process ID - 6812 Process Identity - KSHITIJSINGHAL-\IWPD_57(chotareli_v) [12-07-2023 14:48:52] Process Exited: Process Name - iisrstas.exe Process ID - 14472 [12-07-2023 14:48:54] New process found: Process Name - WmiPrvSE.exe Process ID - 14380 Process Identity - NT AUTHORITY\LOCAL SERVICE [12-07-2023 14:49:01] New process found: Process Name - WmiPrvSE.exe Process ID - 5964 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 14:49:12] New process found: Process Name - w3wp.exe Process ID - 13488 Process Identity - IIS APPPOOL\galaxytools.in Web application pool name - galaxytools.in [12-07-2023 14:49:26] New process found: Process Name - conhost.exe Process ID - 9528 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) [12-07-2023 14:49:56] New process found: Process Name - w3wp.exe Process ID - 8552 Process Identity - KSHITIJSINGHAL-\IWPD_78(medblink) Web application pool name - medblinkit.com(domain)(4.0)(pool) [12-07-2023 14:49:56] New process found: Process Name - where.exe Process ID - 6100 Process Identity - KSHITIJSINGHAL-\IWPD_78(medblink) [12-07-2023 14:49:56] New process found: Process Name - conhost.exe Process ID - 8792 Process Identity - KSHITIJSINGHAL-\IWPD_78(medblink) [12-07-2023 14:49:57] New process found: Process Name - conhost.exe Process ID - 16112 Process Identity - KSHITIJSINGHAL-\IWPD_78(medblink) [12-07-2023 14:49:57] Process Exited: Process Name - where.exe Process ID - 6100 [12-07-2023 14:49:57] Process Exited: Process Name - conhost.exe Process ID - 8792 [12-07-2023 14:50:11] New process found: Process Name - w3wp.exe Process ID - 11568 Process Identity - IIS APPPOOL\kdbps.edu.in Web application pool name - kdbps.edu.in [12-07-2023 14:50:11] New process found: Process Name - where.exe Process ID - 7336 Process Identity - IIS APPPOOL\kdbps.edu.in [12-07-2023 14:50:11] New process found: Process Name - conhost.exe Process ID - 16324 Process Identity - IIS APPPOOL\kdbps.edu.in [12-07-2023 14:50:12] New process found: Process Name - conhost.exe Process ID - 8836 Process Identity - IIS APPPOOL\kdbps.edu.in [12-07-2023 14:50:12] New process found: Process Name - w3wp.exe Process ID - 13872 Process Identity - KSHITIJSINGHAL-\IWPD_69(acwits) Web application pool name - imarc.acwits.in(domain)(4.0)(pool) [12-07-2023 14:50:12] New process found: Process Name - conhost.exe Process ID - 9480 Process Identity - KSHITIJSINGHAL-\IWPD_69(acwits) [12-07-2023 14:50:12] Process Exited: Process Name - where.exe Process ID - 7336 [12-07-2023 14:50:12] Process Exited: Process Name - conhost.exe Process ID - 16324 [12-07-2023 14:50:24] Process Exited: Process Name - WmiPrvSE.exe Process ID - 5964 [12-07-2023 14:50:24] Process Exited: Process Name - WmiPrvSE.exe Process ID - 14380 [12-07-2023 14:50:48] Process Exited: Process Name - SearchProtocolHost.exe Process ID - 7116 [12-07-2023 14:50:48] Process Exited: Process Name - SearchFilterHost.exe Process ID - 11852 [12-07-2023 14:51:19] New process found: Process Name - w3wp.exe Process ID - 10648 Process Identity - KSHITIJSINGHAL-\IWPD_38(capitalbook) Web application pool name - capitalbooks-publishing.com(domain)(4.0)(pool) [12-07-2023 14:51:21] New process found: Process Name - w3wp.exe Process ID - 12000 Process Identity - IIS APPPOOL\DefaultAppPool Web application pool name - DefaultAppPool [12-07-2023 14:52:01] New process found: Process Name - cmd.exe Process ID - 14344 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 14:52:01] New process found: Process Name - conhost.exe Process ID - 9280 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 14:52:01] New process found: Process Name - runtask.exe Process ID - 13344 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 14:52:01] New process found: Process Name - php.exe Process ID - 10540 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 14:52:01] New process found: Process Name - conhost.exe Process ID - 13252 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 14:52:02] Process Exited: Process Name - conhost.exe Process ID - 9280 [12-07-2023 14:52:02] Process Exited: Process Name - php.exe Process ID - 10540 [12-07-2023 14:52:02] Process Exited: Process Name - conhost.exe Process ID - 13252 [12-07-2023 14:52:02] Process Exited: Process Name - runtask.exe Process ID - 13344 [12-07-2023 14:52:02] Process Exited: Process Name - cmd.exe Process ID - 14344 [12-07-2023 14:52:17] New process found: Process Name - w3wp.exe Process ID - 9944 Process Identity - KSHITIJSINGHAL-\IWPD_74(suryafla_aw) Web application pool name - suryaflame.com(domain)(4.0)(pool) [12-07-2023 14:52:17] New process found: Process Name - conhost.exe Process ID - 4848 Process Identity - KSHITIJSINGHAL-\IWPD_74(suryafla_aw) [12-07-2023 14:52:30] New process found: Process Name - w3wp.exe Process ID - 2740 Process Identity - KSHITIJSINGHAL-\IWPD_6(cies) Web application pool name - cies.org.in(domain)(4.0)(pool) [12-07-2023 14:54:45] Process Exited: Process Name - w3wp.exe Process ID - 5048 Web application pool name - chotareliance.in(domain)(4.0)(pool) [12-07-2023 14:54:45] Process Exited: Process Name - conhost.exe Process ID - 6812 [12-07-2023 14:54:45] Process Exited: Process Name - conhost.exe Process ID - 15372 [12-07-2023 14:54:45] Process Exited: Process Name - w3wp.exe Process ID - 15512 Web application pool name - organicdisruption.org(domain)(4.0)(pool) [12-07-2023 14:55:07] New process found: Process Name - w3wp.exe Process ID - 13064 Process Identity - KSHITIJSINGHAL-\IWPD_57(chotareli_v) Web application pool name - chotareliance.in(domain)(4.0)(pool) [12-07-2023 14:55:11] New process found: Process Name - w3wp.exe Process ID - 11216 Process Identity - KSHITIJSINGHAL-\IWPD_13(perfectbrea) Web application pool name - perfectbread.com(domain)(4.0)(pool) [12-07-2023 14:55:12] New process found: Process Name - conhost.exe Process ID - 5080 Process Identity - KSHITIJSINGHAL-\IWPD_13(perfectbrea) [12-07-2023 14:55:14] Process Exited: Process Name - w3wp.exe Process ID - 13488 Web application pool name - galaxytools.in [12-07-2023 14:56:14] Process Exited: Process Name - conhost.exe Process ID - 9480 [12-07-2023 14:56:14] Process Exited: Process Name - w3wp.exe Process ID - 13872 Web application pool name - imarc.acwits.in(domain)(4.0)(pool) [12-07-2023 14:56:22] Process Exited: Process Name - dllhost.exe Process ID - 12200 [12-07-2023 14:57:04] New process found: Process Name - w3wp.exe Process ID - 2952 Process Identity - IIS APPPOOL\galaxytools.in Web application pool name - galaxytools.in [12-07-2023 14:57:20] Process Exited: Process Name - w3wp.exe Process ID - 10648 Web application pool name - capitalbooks-publishing.com(domain)(4.0)(pool) [12-07-2023 14:57:22] Process Exited: Process Name - w3wp.exe Process ID - 12000 Web application pool name - DefaultAppPool [12-07-2023 14:58:32] Process Exited: Process Name - w3wp.exe Process ID - 2740 Web application pool name - cies.org.in(domain)(4.0)(pool) [12-07-2023 14:58:54] New process found: Process Name - WmiPrvSE.exe Process ID - 1636 Process Identity - NT AUTHORITY\LOCAL SERVICE [12-07-2023 14:59:01] New process found: Process Name - WmiPrvSE.exe Process ID - 15560 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 14:59:46] Service state changed: Service Name - WdiSystemHost Process ID - 0 Current State - SERVICE_STOPPED [12-07-2023 15:00:25] Process Exited: Process Name - WmiPrvSE.exe Process ID - 1636 [12-07-2023 15:00:25] Process Exited: Process Name - WmiPrvSE.exe Process ID - 15560 [12-07-2023 15:00:58] New process found: Process Name - w3wp.exe Process ID - 15708 Process Identity - KSHITIJSINGHAL-\IWPD_38(capitalbook) Web application pool name - capitalbooks-publishing.com(domain)(4.0)(pool) [12-07-2023 15:01:10] Process Exited: Process Name - w3wp.exe Process ID - 13064 Web application pool name - chotareliance.in(domain)(4.0)(pool) [12-07-2023 15:01:13] New process found: Process Name - w3wp.exe Process ID - 13204 Process Identity - KSHITIJSINGHAL-\IWPD_6(cies) Web application pool name - cies.org.in(domain)(4.0)(pool) [12-07-2023 15:01:59] New process found: Process Name - w3wp.exe Process ID - 13608 Process Identity - KSHITIJSINGHAL-\IWPD_7(cies) Web application pool name - adminportal.cies.org.in(domain)(4.0)(pool) [12-07-2023 15:02:13] Process Exited: Process Name - conhost.exe Process ID - 5080 [12-07-2023 15:02:13] Process Exited: Process Name - w3wp.exe Process ID - 11216 Web application pool name - perfectbread.com(domain)(4.0)(pool) [12-07-2023 15:02:34] New process found: Process Name - SearchProtocolHost.exe Process ID - 228 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 15:02:34] New process found: Process Name - SearchFilterHost.exe Process ID - 11116 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 15:03:06] Process Exited: Process Name - w3wp.exe Process ID - 2952 Web application pool name - galaxytools.in [12-07-2023 15:04:06] New process found: Process Name - w3wp.exe Process ID - 3440 Process Identity - IIS APPPOOL\DefaultAppPool Web application pool name - DefaultAppPool [12-07-2023 15:04:44] New process found: Process Name - w3wp.exe Process ID - 5140 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 15:04:44] Process Exited: Process Name - conhost.exe Process ID - 9528 [12-07-2023 15:04:44] Process Exited: Process Name - w3wp.exe Process ID - 15732 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 15:04:47] Process Exited: Process Name - SearchProtocolHost.exe Process ID - 228 [12-07-2023 15:04:47] Process Exited: Process Name - SearchFilterHost.exe Process ID - 11116 [12-07-2023 15:04:58] New process found: Process Name - w3wp.exe Process ID - 10908 Process Identity - IIS APPPOOL\PleskControlPanel Web application pool name - PleskControlPanel [12-07-2023 15:04:58] New process found: Process Name - php-cgi.exe Process ID - 968 Process Identity - IIS APPPOOL\PleskControlPanel [12-07-2023 15:05:01] New process found: Process Name - cmd.exe Process ID - 2084 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 15:05:01] New process found: Process Name - conhost.exe Process ID - 12528 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 15:05:01] New process found: Process Name - runtask.exe Process ID - 11900 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 15:05:01] New process found: Process Name - php.exe Process ID - 11780 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 15:05:01] New process found: Process Name - conhost.exe Process ID - 15120 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 15:05:01] New process found: Process Name - crontabmng.exe Process ID - 4980 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 15:05:01] New process found: Process Name - conhost.exe Process ID - 7000 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 15:05:02] Process Exited: Process Name - crontabmng.exe Process ID - 4980 [12-07-2023 15:05:02] Process Exited: Process Name - conhost.exe Process ID - 7000 [12-07-2023 15:05:06] Process Exited: Process Name - cmd.exe Process ID - 2084 [12-07-2023 15:05:06] Process Exited: Process Name - php.exe Process ID - 11780 [12-07-2023 15:05:06] Process Exited: Process Name - runtask.exe Process ID - 11900 [12-07-2023 15:05:06] Process Exited: Process Name - conhost.exe Process ID - 12528 [12-07-2023 15:05:06] Process Exited: Process Name - conhost.exe Process ID - 15120 [12-07-2023 15:06:03] New process found: Process Name - GoogleUpdate.exe Process ID - 14600 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 15:06:04] Process Exited: Process Name - GoogleUpdate.exe Process ID - 14600 [12-07-2023 15:06:36] New process found: Process Name - w3wp.exe Process ID - 10648 Process Identity - IIS APPPOOL\galaxytools.in Web application pool name - galaxytools.in [12-07-2023 15:07:00] Process Exited: Process Name - w3wp.exe Process ID - 15708 Web application pool name - capitalbooks-publishing.com(domain)(4.0)(pool) [12-07-2023 15:07:15] Process Exited: Process Name - w3wp.exe Process ID - 13204 Web application pool name - cies.org.in(domain)(4.0)(pool) [12-07-2023 15:08:02] Process Exited: Process Name - w3wp.exe Process ID - 13608 Web application pool name - adminportal.cies.org.in(domain)(4.0)(pool) [12-07-2023 15:08:55] New process found: Process Name - WmiPrvSE.exe Process ID - 8772 Process Identity - NT AUTHORITY\LOCAL SERVICE [12-07-2023 15:09:02] New process found: Process Name - WmiPrvSE.exe Process ID - 12880 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 15:09:45] New process found: Process Name - w3wp.exe Process ID - 9860 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 15:09:45] Process Exited: Process Name - w3wp.exe Process ID - 5140 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 15:10:25] Process Exited: Process Name - WmiPrvSE.exe Process ID - 8772 [12-07-2023 15:10:25] Process Exited: Process Name - WmiPrvSE.exe Process ID - 12880 [12-07-2023 15:13:08] Process Exited: Process Name - w3wp.exe Process ID - 3440 Web application pool name - DefaultAppPool [12-07-2023 15:13:14] Process Exited: Process Name - conhost.exe Process ID - 8836 [12-07-2023 15:13:14] Process Exited: Process Name - w3wp.exe Process ID - 11568 Web application pool name - kdbps.edu.in [12-07-2023 15:14:46] New process found: Process Name - w3wp.exe Process ID - 7120 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 15:14:46] Process Exited: Process Name - w3wp.exe Process ID - 9860 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 15:15:06] New process found: Process Name - w3wp.exe Process ID - 7852 Process Identity - IIS APPPOOL\DefaultAppPool Web application pool name - DefaultAppPool [12-07-2023 15:15:10] New process found: Process Name - w3wp.exe Process ID - 14724 Process Identity - IIS APPPOOL\kdbps.edu.in Web application pool name - kdbps.edu.in [12-07-2023 15:15:10] New process found: Process Name - conhost.exe Process ID - 9152 Process Identity - IIS APPPOOL\kdbps.edu.in [12-07-2023 15:16:09] New process found: Process Name - w3wp.exe Process ID - 10872 Process Identity - KSHITIJSINGHAL-\IWPD_13(perfectbrea) Web application pool name - perfectbread.com(domain)(4.0)(pool) [12-07-2023 15:16:11] New process found: Process Name - conhost.exe Process ID - 16156 Process Identity - KSHITIJSINGHAL-\IWPD_13(perfectbrea) [12-07-2023 15:16:25] New process found: Process Name - conhost.exe Process ID - 15052 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) [12-07-2023 15:16:59] New process found: Process Name - w3wp.exe Process ID - 3820 Process Identity - KSHITIJSINGHAL-\IWPD_6(cies) Web application pool name - cies.org.in(domain)(4.0)(pool) [12-07-2023 15:17:34] New process found: Process Name - SearchProtocolHost.exe Process ID - 4408 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 15:17:34] New process found: Process Name - SearchFilterHost.exe Process ID - 8472 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 15:17:34] New process found: Process Name - w3wp.exe Process ID - 4000 Process Identity - IIS APPPOOL\shop.galaxytools.in Web application pool name - shop.galaxytools.in [12-07-2023 15:17:56] New process found: Process Name - w3wp.exe Process ID - 7104 Process Identity - IIS APPPOOL\adminportal.galaxytools.in Web application pool name - adminportal.galaxytools.in [12-07-2023 15:18:47] Process Exited: Process Name - SearchProtocolHost.exe Process ID - 4408 [12-07-2023 15:18:47] Process Exited: Process Name - SearchFilterHost.exe Process ID - 8472 [12-07-2023 15:18:54] New process found: Process Name - WmiPrvSE.exe Process ID - 13972 Process Identity - NT AUTHORITY\LOCAL SERVICE [12-07-2023 15:19:02] New process found: Process Name - WmiPrvSE.exe Process ID - 4932 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 15:20:24] Process Exited: Process Name - WmiPrvSE.exe Process ID - 4932 [12-07-2023 15:20:24] Process Exited: Process Name - WmiPrvSE.exe Process ID - 13972 [12-07-2023 15:20:25] New process found: Process Name - w3wp.exe Process ID - 13228 Process Identity - KSHITIJSINGHAL-\IWPD_33(acwits) Web application pool name - procurementwebnew.acwits.in(domain)(4.0)(pool) [12-07-2023 15:20:26] New process found: Process Name - conhost.exe Process ID - 1528 Process Identity - KSHITIJSINGHAL-\IWPD_33(acwits) [12-07-2023 15:21:09] Process Exited: Process Name - w3wp.exe Process ID - 7852 Web application pool name - DefaultAppPool [12-07-2023 15:22:10] Process Exited: Process Name - w3wp.exe Process ID - 10872 Web application pool name - perfectbread.com(domain)(4.0)(pool) [12-07-2023 15:22:10] Process Exited: Process Name - conhost.exe Process ID - 16156 [12-07-2023 15:22:39] Process Exited: Process Name - w3wp.exe Process ID - 10648 Web application pool name - galaxytools.in [12-07-2023 15:22:49] New process found: Process Name - w3wp.exe Process ID - 1684 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 15:22:49] Process Exited: Process Name - w3wp.exe Process ID - 7120 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 15:22:49] Process Exited: Process Name - conhost.exe Process ID - 15052 [12-07-2023 15:23:01] New process found: Process Name - w3wp.exe Process ID - 12956 Process Identity - KSHITIJSINGHAL-\IWPD_6(cies) Web application pool name - cies.org.in(domain)(4.0)(pool) [12-07-2023 15:23:02] Process Exited: Process Name - w3wp.exe Process ID - 3820 Web application pool name - cies.org.in(domain)(4.0)(pool) [12-07-2023 15:23:15] New process found: Process Name - w3wp.exe Process ID - 7536 Process Identity - IIS APPPOOL\galaxytools.in Web application pool name - galaxytools.in [12-07-2023 15:23:59] Process Exited: Process Name - w3wp.exe Process ID - 7104 Web application pool name - adminportal.galaxytools.in [12-07-2023 15:24:36] New process found: Process Name - w3wp.exe Process ID - 3984 Process Identity - KSHITIJSINGHAL-\IWPD_13(perfectbrea) Web application pool name - perfectbread.com(domain)(4.0)(pool) [12-07-2023 15:24:37] New process found: Process Name - conhost.exe Process ID - 4980 Process Identity - KSHITIJSINGHAL-\IWPD_13(perfectbrea) [12-07-2023 15:25:01] New process found: Process Name - cmd.exe Process ID - 8852 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 15:25:01] New process found: Process Name - conhost.exe Process ID - 14760 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 15:25:01] New process found: Process Name - runtask.exe Process ID - 14912 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 15:25:01] New process found: Process Name - php.exe Process ID - 12948 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 15:25:01] New process found: Process Name - conhost.exe Process ID - 11824 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 15:25:05] Process Exited: Process Name - cmd.exe Process ID - 8852 [12-07-2023 15:25:05] Process Exited: Process Name - conhost.exe Process ID - 11824 [12-07-2023 15:25:05] Process Exited: Process Name - php.exe Process ID - 12948 [12-07-2023 15:25:05] Process Exited: Process Name - conhost.exe Process ID - 14760 [12-07-2023 15:25:05] Process Exited: Process Name - runtask.exe Process ID - 14912 [12-07-2023 15:26:28] Process Exited: Process Name - conhost.exe Process ID - 1528 [12-07-2023 15:26:28] Process Exited: Process Name - w3wp.exe Process ID - 13228 Web application pool name - procurementwebnew.acwits.in(domain)(4.0)(pool) [12-07-2023 15:26:36] Process Exited: Process Name - w3wp.exe Process ID - 4000 Web application pool name - shop.galaxytools.in [12-07-2023 15:26:37] New process found: Process Name - w3wp.exe Process ID - 92 Process Identity - IIS APPPOOL\DefaultAppPool Web application pool name - DefaultAppPool [12-07-2023 15:27:10] New process found: Process Name - w3wp.exe Process ID - 12428 Process Identity - KSHITIJSINGHAL-\IWPD_14(perfectbrea) Web application pool name - adminportal.perfectbread.com(domain)(4.0)(pool) [12-07-2023 15:27:10] New process found: Process Name - conhost.exe Process ID - 13964 Process Identity - KSHITIJSINGHAL-\IWPD_14(perfectbrea) [12-07-2023 15:27:31] New process found: Process Name - w3wp.exe Process ID - 8092 Process Identity - IIS APPPOOL\adminportal.galaxytools.in Web application pool name - adminportal.galaxytools.in [12-07-2023 15:27:50] New process found: Process Name - w3wp.exe Process ID - 5884 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 15:27:50] Process Exited: Process Name - w3wp.exe Process ID - 1684 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 15:28:54] New process found: Process Name - WmiPrvSE.exe Process ID - 10668 Process Identity - NT AUTHORITY\LOCAL SERVICE [12-07-2023 15:29:01] New process found: Process Name - WmiPrvSE.exe Process ID - 11272 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 15:29:03] Process Exited: Process Name - w3wp.exe Process ID - 12956 Web application pool name - cies.org.in(domain)(4.0)(pool) [12-07-2023 15:29:12] New process found: Process Name - where.exe Process ID - 7144 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) [12-07-2023 15:29:12] New process found: Process Name - conhost.exe Process ID - 9756 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) [12-07-2023 15:29:13] New process found: Process Name - conhost.exe Process ID - 10224 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) [12-07-2023 15:29:13] Process Exited: Process Name - where.exe Process ID - 7144 [12-07-2023 15:29:13] Process Exited: Process Name - conhost.exe Process ID - 9756 [12-07-2023 15:30:17] Process Exited: Process Name - w3wp.exe Process ID - 7536 Web application pool name - galaxytools.in [12-07-2023 15:30:25] Process Exited: Process Name - WmiPrvSE.exe Process ID - 10668 [12-07-2023 15:30:25] Process Exited: Process Name - WmiPrvSE.exe Process ID - 11272 [12-07-2023 15:30:57] New process found: Process Name - w3wp.exe Process ID - 6284 Process Identity - KSHITIJSINGHAL-\IWPD_38(capitalbook) Web application pool name - capitalbooks-publishing.com(domain)(4.0)(pool) [12-07-2023 15:31:47] New process found: Process Name - w3wp.exe Process ID - 8252 Process Identity - KSHITIJSINGHAL-\IWPD_12(acwits) Web application pool name - procurementnew.acwits.in(domain)(4.0)(pool) [12-07-2023 15:31:47] New process found: Process Name - where.exe Process ID - 11704 Process Identity - KSHITIJSINGHAL-\IWPD_12(acwits) [12-07-2023 15:31:47] New process found: Process Name - conhost.exe Process ID - 6744 Process Identity - KSHITIJSINGHAL-\IWPD_12(acwits) [12-07-2023 15:31:48] New process found: Process Name - conhost.exe Process ID - 4424 Process Identity - KSHITIJSINGHAL-\IWPD_12(acwits) [12-07-2023 15:31:48] Process Exited: Process Name - conhost.exe Process ID - 6744 [12-07-2023 15:31:48] Process Exited: Process Name - where.exe Process ID - 11704 [12-07-2023 15:32:38] Process Exited: Process Name - w3wp.exe Process ID - 3984 Web application pool name - perfectbread.com(domain)(4.0)(pool) [12-07-2023 15:32:38] Process Exited: Process Name - conhost.exe Process ID - 4980 [12-07-2023 15:33:12] Process Exited: Process Name - w3wp.exe Process ID - 12428 Web application pool name - adminportal.perfectbread.com(domain)(4.0)(pool) [12-07-2023 15:33:12] Process Exited: Process Name - conhost.exe Process ID - 13964 [12-07-2023 15:34:47] New process found: Process Name - w3wp.exe Process ID - 5192 Process Identity - KSHITIJSINGHAL-\IWPD_6(cies) Web application pool name - cies.org.in(domain)(4.0)(pool) [12-07-2023 15:35:39] Process Exited: Process Name - w3wp.exe Process ID - 92 Web application pool name - DefaultAppPool [12-07-2023 15:36:12] Process Exited: Process Name - conhost.exe Process ID - 9152 [12-07-2023 15:36:12] Process Exited: Process Name - w3wp.exe Process ID - 14724 Web application pool name - kdbps.edu.in [12-07-2023 15:36:30] New process found: Process Name - w3wp.exe Process ID - 12424 Process Identity - IIS APPPOOL\galaxytools.in Web application pool name - galaxytools.in [12-07-2023 15:37:00] Process Exited: Process Name - w3wp.exe Process ID - 6284 Web application pool name - capitalbooks-publishing.com(domain)(4.0)(pool) [12-07-2023 15:37:49] Process Exited: Process Name - conhost.exe Process ID - 4424 [12-07-2023 15:37:49] Process Exited: Process Name - w3wp.exe Process ID - 8252 Web application pool name - procurementnew.acwits.in(domain)(4.0)(pool) [12-07-2023 15:37:52] New process found: Process Name - w3wp.exe Process ID - 10936 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 15:37:52] Process Exited: Process Name - w3wp.exe Process ID - 5884 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 15:37:52] Process Exited: Process Name - conhost.exe Process ID - 10224 [12-07-2023 15:38:31] New process found: Process Name - w3wp.exe Process ID - 13628 Process Identity - KSHITIJSINGHAL-\IWPD_13(perfectbrea) Web application pool name - perfectbread.com(domain)(4.0)(pool) [12-07-2023 15:38:32] New process found: Process Name - conhost.exe Process ID - 11912 Process Identity - KSHITIJSINGHAL-\IWPD_13(perfectbrea) [12-07-2023 15:38:55] New process found: Process Name - WmiPrvSE.exe Process ID - 12304 Process Identity - NT AUTHORITY\LOCAL SERVICE [12-07-2023 15:39:01] New process found: Process Name - cmd.exe Process ID - 13344 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 15:39:01] New process found: Process Name - conhost.exe Process ID - 7896 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 15:39:01] New process found: Process Name - runtask.exe Process ID - 11708 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 15:39:01] New process found: Process Name - php.exe Process ID - 14732 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 15:39:01] New process found: Process Name - conhost.exe Process ID - 15412 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 15:39:01] New process found: Process Name - cmd.exe Process ID - 15812 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 15:39:01] New process found: Process Name - php.exe Process ID - 9120 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 15:39:02] New process found: Process Name - WmiPrvSE.exe Process ID - 1536 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 15:39:02] New process found: Process Name - cmd.exe Process ID - 8404 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 15:39:02] New process found: Process Name - php.exe Process ID - 9728 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 15:39:02] Process Exited: Process Name - php.exe Process ID - 9120 [12-07-2023 15:39:02] Process Exited: Process Name - cmd.exe Process ID - 15812 [12-07-2023 15:39:03] Process Exited: Process Name - conhost.exe Process ID - 7896 [12-07-2023 15:39:03] Process Exited: Process Name - cmd.exe Process ID - 8404 [12-07-2023 15:39:03] Process Exited: Process Name - php.exe Process ID - 9728 [12-07-2023 15:39:03] Process Exited: Process Name - runtask.exe Process ID - 11708 [12-07-2023 15:39:03] Process Exited: Process Name - cmd.exe Process ID - 13344 [12-07-2023 15:39:03] Process Exited: Process Name - php.exe Process ID - 14732 [12-07-2023 15:39:03] Process Exited: Process Name - conhost.exe Process ID - 15412 [12-07-2023 15:40:20] New process found: Process Name - w3wp.exe Process ID - 9732 Process Identity - IIS APPPOOL\kdbps.edu.in Web application pool name - kdbps.edu.in [12-07-2023 15:40:21] New process found: Process Name - conhost.exe Process ID - 6744 Process Identity - IIS APPPOOL\kdbps.edu.in [12-07-2023 15:40:24] Process Exited: Process Name - WmiPrvSE.exe Process ID - 1536 [12-07-2023 15:40:24] Process Exited: Process Name - WmiPrvSE.exe Process ID - 12304 [12-07-2023 15:40:49] Process Exited: Process Name - w3wp.exe Process ID - 5192 Web application pool name - cies.org.in(domain)(4.0)(pool) [12-07-2023 15:41:11] New process found: Process Name - w3wp.exe Process ID - 7448 Process Identity - IIS APPPOOL\DefaultAppPool Web application pool name - DefaultAppPool [12-07-2023 15:41:56] New process found: Process Name - ig-1.exe Process ID - 14364 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 15:41:57] New process found: Process Name - ig-4.exe Process ID - 10688 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 15:41:57] Process Exited: Process Name - ig-1.exe Process ID - 14364 [12-07-2023 15:41:58] New process found: Process Name - ig-7.exe Process ID - 4068 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 15:41:58] Process Exited: Process Name - ig-4.exe Process ID - 10688 [12-07-2023 15:41:59] New process found: Process Name - ig-10.exe Process ID - 12476 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 15:41:59] Process Exited: Process Name - ig-7.exe Process ID - 4068 [12-07-2023 15:42:00] New process found: Process Name - ig-12.exe Process ID - 10116 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 15:42:00] Process Exited: Process Name - ig-10.exe Process ID - 12476 [12-07-2023 15:42:01] New process found: Process Name - ig-15.exe Process ID - 12420 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 15:42:01] Process Exited: Process Name - ig-12.exe Process ID - 10116 [12-07-2023 15:42:02] New process found: Process Name - ig-16.exe Process ID - 12796 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 15:42:02] Process Exited: Process Name - ig-15.exe Process ID - 12420 [12-07-2023 15:42:03] New process found: Process Name - ig-19.exe Process ID - 14816 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 15:42:03] Process Exited: Process Name - ig-16.exe Process ID - 12796 [12-07-2023 15:42:04] New process found: Process Name - ig-22.exe Process ID - 14144 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 15:42:04] Process Exited: Process Name - ig-19.exe Process ID - 14816 [12-07-2023 15:42:05] New process found: Process Name - ig-25.exe Process ID - 10784 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 15:42:05] Process Exited: Process Name - ig-22.exe Process ID - 14144 [12-07-2023 15:42:06] New process found: Process Name - ig-28.exe Process ID - 16036 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 15:42:06] Process Exited: Process Name - ig-25.exe Process ID - 10784 [12-07-2023 15:42:07] New process found: Process Name - ig-31.exe Process ID - 10176 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 15:42:07] Process Exited: Process Name - ig-28.exe Process ID - 16036 [12-07-2023 15:42:08] New process found: Process Name - ig-34.exe Process ID - 9612 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 15:42:08] Process Exited: Process Name - ig-31.exe Process ID - 10176 [12-07-2023 15:42:09] New process found: Process Name - ig-36.exe Process ID - 11776 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 15:42:09] Process Exited: Process Name - ig-34.exe Process ID - 9612 [12-07-2023 15:42:10] New process found: Process Name - ig-39.exe Process ID - 12000 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 15:42:10] Process Exited: Process Name - ig-36.exe Process ID - 11776 [12-07-2023 15:42:11] New process found: Process Name - ig-42.exe Process ID - 7396 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 15:42:11] Process Exited: Process Name - ig-39.exe Process ID - 12000 [12-07-2023 15:42:12] New process found: Process Name - ig-45.exe Process ID - 14760 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 15:42:12] Process Exited: Process Name - ig-42.exe Process ID - 7396 [12-07-2023 15:42:13] New process found: Process Name - ig-48.exe Process ID - 15692 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 15:42:13] Process Exited: Process Name - ig-45.exe Process ID - 14760 [12-07-2023 15:42:14] Process Exited: Process Name - ig-48.exe Process ID - 15692 [12-07-2023 15:42:32] Process Exited: Process Name - w3wp.exe Process ID - 12424 Web application pool name - galaxytools.in [12-07-2023 15:42:53] New process found: Process Name - w3wp.exe Process ID - 15280 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 15:42:53] Process Exited: Process Name - w3wp.exe Process ID - 10936 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 15:43:05] New process found: Process Name - w3wp.exe Process ID - 2980 Process Identity - KSHITIJSINGHAL-\IWPD_6(cies) Web application pool name - cies.org.in(domain)(4.0)(pool) [12-07-2023 15:44:00] New process found: Process Name - cmd.exe Process ID - 14920 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 15:44:00] New process found: Process Name - conhost.exe Process ID - 2652 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 15:44:00] New process found: Process Name - runtask.exe Process ID - 14448 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 15:44:00] New process found: Process Name - php.exe Process ID - 14228 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 15:44:00] New process found: Process Name - conhost.exe Process ID - 9960 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 15:44:01] Process Exited: Process Name - conhost.exe Process ID - 2652 [12-07-2023 15:44:01] Process Exited: Process Name - conhost.exe Process ID - 9960 [12-07-2023 15:44:01] Process Exited: Process Name - php.exe Process ID - 14228 [12-07-2023 15:44:01] Process Exited: Process Name - runtask.exe Process ID - 14448 [12-07-2023 15:44:01] Process Exited: Process Name - cmd.exe Process ID - 14920 [12-07-2023 15:46:01] New process found: Process Name - cmd.exe Process ID - 2304 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 15:46:01] New process found: Process Name - conhost.exe Process ID - 15324 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 15:46:01] New process found: Process Name - runtask.exe Process ID - 10636 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 15:46:01] New process found: Process Name - php.exe Process ID - 5320 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 15:46:01] New process found: Process Name - conhost.exe Process ID - 9896 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 15:46:02] Process Exited: Process Name - cmd.exe Process ID - 2304 [12-07-2023 15:46:02] Process Exited: Process Name - php.exe Process ID - 5320 [12-07-2023 15:46:02] Process Exited: Process Name - conhost.exe Process ID - 9896 [12-07-2023 15:46:02] Process Exited: Process Name - runtask.exe Process ID - 10636 [12-07-2023 15:46:02] Process Exited: Process Name - conhost.exe Process ID - 15324 [12-07-2023 15:46:23] Process Exited: Process Name - conhost.exe Process ID - 6744 [12-07-2023 15:46:23] Process Exited: Process Name - w3wp.exe Process ID - 9732 Web application pool name - kdbps.edu.in [12-07-2023 15:47:14] Process Exited: Process Name - w3wp.exe Process ID - 7448 Web application pool name - DefaultAppPool [12-07-2023 15:47:37] New process found: Process Name - w3wp.exe Process ID - 8396 Process Identity - KSHITIJSINGHAL-\IWPD_38(capitalbook) Web application pool name - capitalbooks-publishing.com(domain)(4.0)(pool) [12-07-2023 15:47:55] New process found: Process Name - w3wp.exe Process ID - 16156 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 15:47:55] Process Exited: Process Name - w3wp.exe Process ID - 15280 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 15:48:54] New process found: Process Name - WmiPrvSE.exe Process ID - 9756 Process Identity - NT AUTHORITY\LOCAL SERVICE [12-07-2023 15:48:59] New process found: Process Name - w3wp.exe Process ID - 2688 Process Identity - IIS APPPOOL\kdbps.edu.in Web application pool name - kdbps.edu.in [12-07-2023 15:48:59] New process found: Process Name - conhost.exe Process ID - 2316 Process Identity - IIS APPPOOL\kdbps.edu.in [12-07-2023 15:49:01] New process found: Process Name - WmiPrvSE.exe Process ID - 14884 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 15:49:34] Process Exited: Process Name - w3wp.exe Process ID - 8092 Web application pool name - adminportal.galaxytools.in [12-07-2023 15:49:57] New process found: Process Name - w3wp.exe Process ID - 12104 Process Identity - IIS APPPOOL\galaxytools.in Web application pool name - galaxytools.in [12-07-2023 15:50:24] Process Exited: Process Name - WmiPrvSE.exe Process ID - 9756 [12-07-2023 15:50:24] Process Exited: Process Name - WmiPrvSE.exe Process ID - 14884 [12-07-2023 15:50:59] Process Exited: Process Name - php-cgi.exe Process ID - 968 [12-07-2023 15:51:00] Process Exited: Process Name - w3wp.exe Process ID - 10908 Web application pool name - PleskControlPanel [12-07-2023 15:51:06] New process found: Process Name - w3wp.exe Process ID - 5092 Process Identity - IIS APPPOOL\DefaultAppPool Web application pool name - DefaultAppPool [12-07-2023 15:51:35] New process found: Process Name - w3wp.exe Process ID - 3832 Process Identity - IIS APPPOOL\adminportal.galaxytools.in Web application pool name - adminportal.galaxytools.in [12-07-2023 15:52:01] New process found: Process Name - cmd.exe Process ID - 12852 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 15:52:01] New process found: Process Name - conhost.exe Process ID - 11680 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 15:52:01] New process found: Process Name - runtask.exe Process ID - 5440 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 15:52:01] New process found: Process Name - php.exe Process ID - 4844 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 15:52:01] New process found: Process Name - conhost.exe Process ID - 7828 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 15:52:02] Process Exited: Process Name - php.exe Process ID - 4844 [12-07-2023 15:52:02] Process Exited: Process Name - runtask.exe Process ID - 5440 [12-07-2023 15:52:02] Process Exited: Process Name - conhost.exe Process ID - 7828 [12-07-2023 15:52:02] Process Exited: Process Name - conhost.exe Process ID - 11680 [12-07-2023 15:52:02] Process Exited: Process Name - cmd.exe Process ID - 12852 [12-07-2023 15:52:56] New process found: Process Name - w3wp.exe Process ID - 14028 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 15:52:56] Process Exited: Process Name - w3wp.exe Process ID - 16156 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 15:53:40] Process Exited: Process Name - w3wp.exe Process ID - 8396 Web application pool name - capitalbooks-publishing.com(domain)(4.0)(pool) [12-07-2023 15:54:08] Process Exited: Process Name - w3wp.exe Process ID - 2980 Web application pool name - cies.org.in(domain)(4.0)(pool) [12-07-2023 15:54:52] New process found: Process Name - w3wp.exe Process ID - 12876 Process Identity - IIS APPPOOL\PleskControlPanel Web application pool name - PleskControlPanel [12-07-2023 15:54:52] New process found: Process Name - php-cgi.exe Process ID - 8960 Process Identity - IIS APPPOOL\PleskControlPanel [12-07-2023 15:55:33] Process Exited: Process Name - conhost.exe Process ID - 11912 [12-07-2023 15:55:33] Process Exited: Process Name - w3wp.exe Process ID - 13628 Web application pool name - perfectbread.com(domain)(4.0)(pool) [12-07-2023 15:57:08] Process Exited: Process Name - w3wp.exe Process ID - 5092 Web application pool name - DefaultAppPool [12-07-2023 15:57:37] Process Exited: Process Name - w3wp.exe Process ID - 3832 Web application pool name - adminportal.galaxytools.in [12-07-2023 15:57:57] New process found: Process Name - w3wp.exe Process ID - 13356 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 15:57:57] Process Exited: Process Name - w3wp.exe Process ID - 14028 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 15:58:43] New process found: Process Name - w3wp.exe Process ID - 13608 Process Identity - IIS APPPOOL\DefaultAppPool Web application pool name - DefaultAppPool [12-07-2023 15:58:54] New process found: Process Name - w3wp.exe Process ID - 11168 Process Identity - KSHITIJSINGHAL-\IWPD_65(acwits) Web application pool name - 20fpsadmin.acwits.in(domain)(4.0)(pool) [12-07-2023 15:58:55] New process found: Process Name - WmiPrvSE.exe Process ID - 4136 Process Identity - NT AUTHORITY\LOCAL SERVICE [12-07-2023 15:59:02] New process found: Process Name - WmiPrvSE.exe Process ID - 11532 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 15:59:18] New process found: Process Name - w3wp.exe Process ID - 11712 Process Identity - KSHITIJSINGHAL-\IWPD_38(capitalbook) Web application pool name - capitalbooks-publishing.com(domain)(4.0)(pool) [12-07-2023 16:00:25] Process Exited: Process Name - WmiPrvSE.exe Process ID - 4136 [12-07-2023 16:00:25] Process Exited: Process Name - WmiPrvSE.exe Process ID - 11532 [12-07-2023 16:00:42] New process found: Process Name - w3wp.exe Process ID - 15364 Process Identity - IIS APPPOOL\shop.galaxytools.in Web application pool name - shop.galaxytools.in [12-07-2023 16:00:55] New process found: Process Name - task-manager-agent.exe Process ID - 8660 Process Identity - NT SERVICE\PleskTaskManager [12-07-2023 16:00:55] New process found: Process Name - interface_async_executor.exe Process ID - 5740 Process Identity - NT SERVICE\PleskTaskManager [12-07-2023 16:00:55] New process found: Process Name - conhost.exe Process ID - 10032 Process Identity - NT SERVICE\PleskTaskManager [12-07-2023 16:00:55] New process found: Process Name - php.exe Process ID - 11952 Process Identity - NT SERVICE\PleskTaskManager [12-07-2023 16:00:56] Process Exited: Process Name - interface_async_executor.exe Process ID - 5740 [12-07-2023 16:00:56] Process Exited: Process Name - task-manager-agent.exe Process ID - 8660 [12-07-2023 16:00:56] Process Exited: Process Name - conhost.exe Process ID - 10032 [12-07-2023 16:00:56] Process Exited: Process Name - php.exe Process ID - 11952 [12-07-2023 16:01:00] New process found: Process Name - php-cgi.exe Process ID - 6028 Process Identity - IIS APPPOOL\PleskControlPanel [12-07-2023 16:01:20] New process found: Process Name - csrss.exe Process ID - 8392 Process Identity - SYSTEM [12-07-2023 16:01:20] New process found: Process Name - winlogon.exe Process ID - 9348 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 16:01:20] New process found: Process Name - dwm.exe Process ID - 14812 Process Identity - Window Manager\DWM-4 [12-07-2023 16:01:20] New process found: Process Name - dllhost.exe Process ID - 12840 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 16:01:20] New process found: Process Name - TSTheme.exe Process ID - 10308 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 16:01:20] New process found: Process Name - mbamtray.exe Process ID - 7868 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 16:01:20] New process found: Process Name - rdpclip.exe Process ID - 7812 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 16:01:20] New process found: Process Name - RuntimeBroker.exe Process ID - 15540 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 16:01:20] New process found: Process Name - sihost.exe Process ID - 2232 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 16:01:20] New process found: Process Name - svchost.exe Process ID - 2600 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 16:01:20] New process found: Process Name - taskhostw.exe Process ID - 12552 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 16:01:20] New process found: Process Name - GoogleUpdate.exe Process ID - 14176 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 16:01:20] New process found: Process Name - ServerManagerLauncher.exe Process ID - 10688 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 16:01:20] New process found: Process Name - taskhostw.exe Process ID - 10812 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 16:01:20] New process found: Process Name - userinit.exe Process ID - 1896 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 16:01:20] New service found: Service Name - CDPUserSvc_5c24499 Process ID - 2600 Current State - SERVICE_RUNNING [12-07-2023 16:01:20] New service found: Service Name - OneSyncSvc_5c24499 Process ID - 0 Current State - SERVICE_STOPPED [12-07-2023 16:01:20] New service found: Service Name - PimIndexMaintenanceSvc_5c24499 Process ID - 0 Current State - SERVICE_STOPPED [12-07-2023 16:01:20] New service found: Service Name - UnistoreSvc_5c24499 Process ID - 0 Current State - SERVICE_STOPPED [12-07-2023 16:01:20] New service found: Service Name - UserDataSvc_5c24499 Process ID - 0 Current State - SERVICE_STOPPED [12-07-2023 16:01:20] New service found: Service Name - WpnUserService_5c24499 Process ID - 0 Current State - SERVICE_STOPPED [12-07-2023 16:01:21] New process found: Process Name - explorer.exe Process ID - 13368 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 16:01:21] New process found: Process Name - svchost.exe Process ID - 9708 Process Identity - NT AUTHORITY\LOCAL SERVICE [12-07-2023 16:01:21] New process found: Process Name - sppsvc.exe Process ID - 9692 Process Identity - SYSTEM [12-07-2023 16:01:21] Process Exited: Process Name - GoogleUpdate.exe Process ID - 14176 [12-07-2023 16:01:21] Service state changed: Service Name - BITS Process ID - 1120 Current State - SERVICE_RUNNING [12-07-2023 16:01:21] Service state changed: Service Name - sppsvc Process ID - 9692 Current State - SERVICE_RUNNING [12-07-2023 16:01:21] Service state changed: Service Name - SSDPSRV Process ID - 9708 Current State - SERVICE_RUNNING [12-07-2023 16:01:22] New process found: Process Name - ShellExperienceHost.exe Process ID - 13444 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 16:01:22] New process found: Process Name - ServerManager.exe Process ID - 10480 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 16:01:22] New process found: Process Name - SppExtComObj.Exe Process ID - 2764 Process Identity - NT AUTHORITY\NETWORK SERVICE [12-07-2023 16:01:22] New process found: Process Name - slui.exe Process ID - 8720 Process Identity - NT AUTHORITY\NETWORK SERVICE [12-07-2023 16:01:22] New process found: Process Name - SearchUI.exe Process ID - 136 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 16:01:22] New process found: Process Name - slui.exe Process ID - 15060 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 16:01:22] Process Exited: Process Name - ServerManagerLauncher.exe Process ID - 10688 [12-07-2023 16:01:22] Process Exited: Process Name - taskhostw.exe Process ID - 10812 [12-07-2023 16:01:22] Service state changed: Service Name - NetSetupSvc Process ID - 1120 Current State - SERVICE_RUNNING [12-07-2023 16:01:25] Process Exited: Process Name - dllhost.exe Process ID - 12840 [12-07-2023 16:01:26] New process found: Process Name - mobsync.exe Process ID - 15740 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 16:01:26] Process Exited: Process Name - TSTheme.exe Process ID - 10308 [12-07-2023 16:01:27] Process Exited: Process Name - slui.exe Process ID - 8720 [12-07-2023 16:01:27] Process Exited: Process Name - slui.exe Process ID - 15060 [12-07-2023 16:01:33] New process found: Process Name - ComboCleaner.exe Process ID - 6972 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 16:01:34] New process found: Process Name - w3wp.exe Process ID - 10496 Process Identity - KSHITIJSINGHAL-\IWPD_6(cies) Web application pool name - cies.org.in(domain)(4.0)(pool) [12-07-2023 16:01:35] New process found: Process Name - WmiApSrv.exe Process ID - 2952 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 16:01:35] New process found: Process Name - WmiPrvSE.exe Process ID - 14920 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 16:01:35] New process found: Process Name - runonce.exe Process ID - 15984 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 16:01:35] Service state changed: Service Name - WdiSystemHost Process ID - 284 Current State - SERVICE_RUNNING [12-07-2023 16:01:35] Service state changed: Service Name - wmiApSrv Process ID - 2952 Current State - SERVICE_RUNNING [12-07-2023 16:01:36] New process found: Process Name - traymonitor.exe Process ID - 15876 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 16:01:36] New process found: Process Name - METray.exe Process ID - 13724 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 16:01:36] Process Exited: Process Name - WmiApSrv.exe Process ID - 2952 [12-07-2023 16:01:36] Process Exited: Process Name - mobsync.exe Process ID - 15740 [12-07-2023 16:01:36] Process Exited: Process Name - runonce.exe Process ID - 15984 [12-07-2023 16:01:36] Service state changed: Service Name - wmiApSrv Process ID - 0 Current State - SERVICE_STOPPED [12-07-2023 16:01:42] Process Exited: Process Name - userinit.exe Process ID - 1896 [12-07-2023 16:01:46] New process found: Process Name - wacs.exe Process ID - 7696 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 16:01:46] New process found: Process Name - conhost.exe Process ID - 8592 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 16:01:50] New process found: Process Name - wlrmdr.exe Process ID - 13204 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 16:01:57] Process Exited: Process Name - SppExtComObj.Exe Process ID - 2764 [12-07-2023 16:01:57] Process Exited: Process Name - sppsvc.exe Process ID - 9692 [12-07-2023 16:01:57] Process Exited: Process Name - wlrmdr.exe Process ID - 13204 [12-07-2023 16:01:57] Service state changed: Service Name - sppsvc Process ID - 0 Current State - SERVICE_STOPPED [12-07-2023 16:02:03] New process found: Process Name - WmiPrvSE.exe Process ID - 11988 Process Identity - NT AUTHORITY\LOCAL SERVICE [12-07-2023 16:02:11] New process found: Process Name - WmiPrvSE.exe Process ID - 11008 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 16:02:21] New process found: Process Name - dllhost.exe Process ID - 12728 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 16:02:26] Process Exited: Process Name - dllhost.exe Process ID - 12728 [12-07-2023 16:02:35] New process found: Process Name - dllhost.exe Process ID - 10336 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 16:02:35] New process found: Process Name - dllhost.exe Process ID - 2880 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 16:02:45] New process found: Process Name - InetMgr.exe Process ID - 14604 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 16:02:47] Process Exited: Process Name - dllhost.exe Process ID - 10336 [12-07-2023 16:02:58] New process found: Process Name - w3wp.exe Process ID - 15804 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 16:02:58] Process Exited: Process Name - w3wp.exe Process ID - 13356 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 16:02:58] Service state changed: Service Name - NetSetupSvc Process ID - 0 Current State - SERVICE_STOPPED [12-07-2023 16:03:20] Service state changed: Service Name - OneSyncSvc_5c24499 Process ID - 2600 Current State - SERVICE_RUNNING [12-07-2023 16:03:31] Service state changed: Service Name - BITS Process ID - 0 Current State - SERVICE_STOPPED [12-07-2023 16:03:33] Process Exited: Process Name - WmiPrvSE.exe Process ID - 11008 [12-07-2023 16:03:33] Process Exited: Process Name - WmiPrvSE.exe Process ID - 11988 [12-07-2023 16:03:36] New process found: Process Name - dllhost.exe Process ID - 13404 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 16:03:59] New process found: Process Name - fontdrvhost.exe Process ID - 11248 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 16:04:13] New process found: Process Name - w3wp.exe Process ID - 7124 Process Identity - KSHITIJSINGHAL-\IWPD_69(acwits) Web application pool name - imarc.acwits.in(domain)(4.0)(pool) [12-07-2023 16:04:14] New process found: Process Name - conhost.exe Process ID - 14024 Process Identity - KSHITIJSINGHAL-\IWPD_69(acwits) [12-07-2023 16:04:28] Process Exited: Process Name - dllhost.exe Process ID - 13404 [12-07-2023 16:04:31] New process found: Process Name - csc.exe Process ID - 10292 Process Identity - IIS APPPOOL\shop.galaxytools.in [12-07-2023 16:04:31] New process found: Process Name - conhost.exe Process ID - 15760 Process Identity - IIS APPPOOL\shop.galaxytools.in [12-07-2023 16:04:35] New process found: Process Name - csc.exe Process ID - 11664 Process Identity - IIS APPPOOL\shop.galaxytools.in [12-07-2023 16:04:35] New process found: Process Name - conhost.exe Process ID - 3440 Process Identity - IIS APPPOOL\shop.galaxytools.in [12-07-2023 16:04:35] Process Exited: Process Name - csc.exe Process ID - 10292 [12-07-2023 16:04:35] Process Exited: Process Name - conhost.exe Process ID - 15760 [12-07-2023 16:04:36] Process Exited: Process Name - conhost.exe Process ID - 3440 [12-07-2023 16:04:36] Process Exited: Process Name - csc.exe Process ID - 11664 [12-07-2023 16:04:37] New process found: Process Name - w3wp.exe Process ID - 8372 Process Identity - IIS APPPOOL\adminportal.galaxytools.in Web application pool name - adminportal.galaxytools.in [12-07-2023 16:04:45] Process Exited: Process Name - w3wp.exe Process ID - 13608 Web application pool name - DefaultAppPool [12-07-2023 16:04:56] Process Exited: Process Name - w3wp.exe Process ID - 11168 Web application pool name - 20fpsadmin.acwits.in(domain)(4.0)(pool) [12-07-2023 16:04:59] Process Exited: Process Name - w3wp.exe Process ID - 12104 Web application pool name - galaxytools.in [12-07-2023 16:05:00] New process found: Process Name - cmd.exe Process ID - 15936 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 16:05:00] New process found: Process Name - conhost.exe Process ID - 2076 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 16:05:00] New process found: Process Name - runtask.exe Process ID - 2972 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 16:05:00] New process found: Process Name - php.exe Process ID - 9644 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 16:05:00] New process found: Process Name - conhost.exe Process ID - 13728 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 16:05:03] New process found: Process Name - crontabmng.exe Process ID - 14736 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 16:05:03] New process found: Process Name - conhost.exe Process ID - 11404 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 16:05:04] Process Exited: Process Name - conhost.exe Process ID - 11404 [12-07-2023 16:05:04] Process Exited: Process Name - crontabmng.exe Process ID - 14736 [12-07-2023 16:05:08] Process Exited: Process Name - conhost.exe Process ID - 2076 [12-07-2023 16:05:08] Process Exited: Process Name - runtask.exe Process ID - 2972 [12-07-2023 16:05:08] Process Exited: Process Name - php.exe Process ID - 9644 [12-07-2023 16:05:08] Process Exited: Process Name - conhost.exe Process ID - 13728 [12-07-2023 16:05:08] Process Exited: Process Name - cmd.exe Process ID - 15936 [12-07-2023 16:06:21] Process Exited: Process Name - w3wp.exe Process ID - 11712 Web application pool name - capitalbooks-publishing.com(domain)(4.0)(pool) [12-07-2023 16:07:37] Process Exited: Process Name - w3wp.exe Process ID - 10496 Web application pool name - cies.org.in(domain)(4.0)(pool) [12-07-2023 16:08:00] New process found: Process Name - w3wp.exe Process ID - 9872 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 16:08:00] Process Exited: Process Name - w3wp.exe Process ID - 15804 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 16:08:54] New process found: Process Name - WmiPrvSE.exe Process ID - 10648 Process Identity - NT AUTHORITY\LOCAL SERVICE [12-07-2023 16:09:01] New process found: Process Name - WmiPrvSE.exe Process ID - 14104 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 16:09:24] Process Exited: Process Name - WmiPrvSE.exe Process ID - 14920 [12-07-2023 16:10:24] Process Exited: Process Name - WmiPrvSE.exe Process ID - 10648 [12-07-2023 16:10:24] Process Exited: Process Name - WmiPrvSE.exe Process ID - 14104 [12-07-2023 16:10:41] Process Exited: Process Name - dllhost.exe Process ID - 2880 [12-07-2023 16:12:02] New process found: Process Name - WmiPrvSE.exe Process ID - 10840 Process Identity - NT AUTHORITY\LOCAL SERVICE [12-07-2023 16:12:09] New process found: Process Name - WmiPrvSE.exe Process ID - 14176 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 16:12:40] Process Exited: Process Name - w3wp.exe Process ID - 8372 Web application pool name - adminportal.galaxytools.in [12-07-2023 16:12:44] Process Exited: Process Name - w3wp.exe Process ID - 15364 Web application pool name - shop.galaxytools.in [12-07-2023 16:13:01] New process found: Process Name - w3wp.exe Process ID - 1740 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 16:13:01] Process Exited: Process Name - w3wp.exe Process ID - 9872 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 16:13:33] Process Exited: Process Name - WmiPrvSE.exe Process ID - 10840 [12-07-2023 16:13:33] Process Exited: Process Name - WmiPrvSE.exe Process ID - 14176 [12-07-2023 16:14:15] Process Exited: Process Name - w3wp.exe Process ID - 7124 Web application pool name - imarc.acwits.in(domain)(4.0)(pool) [12-07-2023 16:14:15] Process Exited: Process Name - conhost.exe Process ID - 14024 [12-07-2023 16:14:41] New process found: Process Name - w3wp.exe Process ID - 14324 Process Identity - IIS APPPOOL\galaxytools.in Web application pool name - galaxytools.in [12-07-2023 16:15:18] New process found: Process Name - w3wp.exe Process ID - 12216 Process Identity - IIS APPPOOL\DefaultAppPool Web application pool name - DefaultAppPool [12-07-2023 16:16:26] New process found: Process Name - w3wp.exe Process ID - 14980 Process Identity - IIS APPPOOL\shop.galaxytools.in Web application pool name - shop.galaxytools.in [12-07-2023 16:16:32] New process found: Process Name - w3wp.exe Process ID - 12720 Process Identity - IIS APPPOOL\adminportal.galaxytools.in Web application pool name - adminportal.galaxytools.in [12-07-2023 16:16:43] New process found: Process Name - w3wp.exe Process ID - 13484 Process Identity - KSHITIJSINGHAL-\IWPD_12(acwits) Web application pool name - procurementnew.acwits.in(domain)(4.0)(pool) [12-07-2023 16:16:44] New process found: Process Name - conhost.exe Process ID - 11332 Process Identity - KSHITIJSINGHAL-\IWPD_12(acwits) [12-07-2023 16:17:25] Process Exited: Process Name - InetMgr.exe Process ID - 14604 [12-07-2023 16:17:28] Process Exited: Process Name - wacs.exe Process ID - 7696 [12-07-2023 16:17:28] Process Exited: Process Name - conhost.exe Process ID - 8592 [12-07-2023 16:17:29] New process found: Process Name - TSTheme.exe Process ID - 8508 Process Identity - KSHITIJSINGHAL-\Administrator [12-07-2023 16:17:33] New process found: Process Name - SearchProtocolHost.exe Process ID - 13712 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 16:17:33] New process found: Process Name - SearchFilterHost.exe Process ID - 15932 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 16:17:35] Process Exited: Process Name - TSTheme.exe Process ID - 8508 [12-07-2023 16:18:02] New process found: Process Name - w3wp.exe Process ID - 14332 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 16:18:02] Process Exited: Process Name - w3wp.exe Process ID - 1740 Web application pool name - justprewed.acwits.in(domain)(4.0)(pool) [12-07-2023 16:18:48] Process Exited: Process Name - SearchProtocolHost.exe Process ID - 13712 [12-07-2023 16:18:48] Process Exited: Process Name - SearchFilterHost.exe Process ID - 15932 [12-07-2023 16:18:55] New process found: Process Name - WmiPrvSE.exe Process ID - 13076 Process Identity - NT AUTHORITY\LOCAL SERVICE [12-07-2023 16:19:02] New process found: Process Name - WmiPrvSE.exe Process ID - 11696 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 16:20:25] Process Exited: Process Name - WmiPrvSE.exe Process ID - 11696 [12-07-2023 16:20:25] Process Exited: Process Name - WmiPrvSE.exe Process ID - 13076 [12-07-2023 16:20:41] New process found: Process Name - w3wp.exe Process ID - 15548 Process Identity - KSHITIJSINGHAL-\IWPD_6(cies) Web application pool name - cies.org.in(domain)(4.0)(pool) [12-07-2023 16:21:00] New process found: Process Name - csc.exe Process ID - 5116 Process Identity - IIS APPPOOL\shop.galaxytools.in [12-07-2023 16:21:00] New process found: Process Name - conhost.exe Process ID - 8916 Process Identity - IIS APPPOOL\shop.galaxytools.in [12-07-2023 16:21:01] New process found: Process Name - csc.exe Process ID - 8332 Process Identity - IIS APPPOOL\shop.galaxytools.in [12-07-2023 16:21:01] New process found: Process Name - conhost.exe Process ID - 2764 Process Identity - IIS APPPOOL\shop.galaxytools.in [12-07-2023 16:21:01] Process Exited: Process Name - csc.exe Process ID - 5116 [12-07-2023 16:21:01] Process Exited: Process Name - conhost.exe Process ID - 8916 [12-07-2023 16:21:02] Process Exited: Process Name - conhost.exe Process ID - 2764 [12-07-2023 16:21:02] Process Exited: Process Name - csc.exe Process ID - 8332 [12-07-2023 16:21:17] New process found: Process Name - w3wp.exe Process ID - 2652 Process Identity - KSHITIJSINGHAL-\IWPD_7(cies) Web application pool name - adminportal.cies.org.in(domain)(4.0)(pool) [12-07-2023 16:21:20] Process Exited: Process Name - w3wp.exe Process ID - 12216 Web application pool name - DefaultAppPool [12-07-2023 16:22:03] New process found: Process Name - WmiPrvSE.exe Process ID - 14716 Process Identity - NT AUTHORITY\LOCAL SERVICE [12-07-2023 16:22:10] New process found: Process Name - WmiPrvSE.exe Process ID - 16200 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 16:22:23] New process found: Process Name - where.exe Process ID - 9448 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) [12-07-2023 16:22:23] New process found: Process Name - conhost.exe Process ID - 7368 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) [12-07-2023 16:22:24] New process found: Process Name - conhost.exe Process ID - 14180 Process Identity - KSHITIJSINGHAL-\IWPD_72(acwits) [12-07-2023 16:22:24] Process Exited: Process Name - conhost.exe Process ID - 7368 [12-07-2023 16:22:24] Process Exited: Process Name - where.exe Process ID - 9448 [12-07-2023 16:22:34] Process Exited: Process Name - w3wp.exe Process ID - 12720 Web application pool name - adminportal.galaxytools.in [12-07-2023 16:22:44] Process Exited: Process Name - conhost.exe Process ID - 11332 [12-07-2023 16:22:44] Process Exited: Process Name - w3wp.exe Process ID - 13484 Web application pool name - procurementnew.acwits.in(domain)(4.0)(pool) [12-07-2023 16:23:14] New process found: Process Name - w3wp.exe Process ID - 6696 Process Identity - KSHITIJSINGHAL-\IWPD_69(acwits) Web application pool name - imarc.acwits.in(domain)(4.0)(pool) [12-07-2023 16:23:14] New process found: Process Name - conhost.exe Process ID - 5420 Process Identity - KSHITIJSINGHAL-\IWPD_69(acwits) [12-07-2023 16:23:32] Process Exited: Process Name - WmiPrvSE.exe Process ID - 14716 [12-07-2023 16:23:32] Process Exited: Process Name - WmiPrvSE.exe Process ID - 16200 [12-07-2023 16:24:41] New process found: Process Name - w3wp.exe Process ID - 10236 Process Identity - IIS APPPOOL\adminportal.galaxytools.in Web application pool name - adminportal.galaxytools.in [12-07-2023 16:25:01] New process found: Process Name - cmd.exe Process ID - 11944 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 16:25:01] New process found: Process Name - conhost.exe Process ID - 13072 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 16:25:01] New process found: Process Name - runtask.exe Process ID - 15220 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 16:25:01] New process found: Process Name - php.exe Process ID - 13548 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 16:25:01] New process found: Process Name - conhost.exe Process ID - 4728 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 16:25:26] Process Exited: Process Name - conhost.exe Process ID - 4728 [12-07-2023 16:25:26] Process Exited: Process Name - cmd.exe Process ID - 11944 [12-07-2023 16:25:26] Process Exited: Process Name - conhost.exe Process ID - 13072 [12-07-2023 16:25:26] Process Exited: Process Name - php.exe Process ID - 13548 [12-07-2023 16:25:26] Process Exited: Process Name - runtask.exe Process ID - 15220 [12-07-2023 16:27:44] Process Exited: Process Name - w3wp.exe Process ID - 14324 Web application pool name - galaxytools.in [12-07-2023 16:28:42] Process Exited: Process Name - w3wp.exe Process ID - 15548 Web application pool name - cies.org.in(domain)(4.0)(pool) [12-07-2023 16:28:54] New process found: Process Name - WmiPrvSE.exe Process ID - 13756 Process Identity - NT AUTHORITY\LOCAL SERVICE [12-07-2023 16:29:01] New process found: Process Name - WmiPrvSE.exe Process ID - 12176 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 16:29:18] Process Exited: Process Name - w3wp.exe Process ID - 2652 Web application pool name - adminportal.cies.org.in(domain)(4.0)(pool) [12-07-2023 16:29:21] New process found: Process Name - w3wp.exe Process ID - 8868 Process Identity - KSHITIJSINGHAL-\IWPD_6(cies) Web application pool name - cies.org.in(domain)(4.0)(pool) [12-07-2023 16:29:43] Service state changed: Service Name - WdiSystemHost Process ID - 0 Current State - SERVICE_STOPPED [12-07-2023 16:29:47] New process found: Process Name - w3wp.exe Process ID - 16140 Process Identity - IIS APPPOOL\DefaultAppPool Web application pool name - DefaultAppPool [12-07-2023 16:30:01] Process Exited: Process Name - conhost.exe Process ID - 2316 [12-07-2023 16:30:01] Process Exited: Process Name - w3wp.exe Process ID - 2688 Web application pool name - kdbps.edu.in [12-07-2023 16:30:15] Process Exited: Process Name - conhost.exe Process ID - 5420 [12-07-2023 16:30:15] Process Exited: Process Name - w3wp.exe Process ID - 6696 Web application pool name - imarc.acwits.in(domain)(4.0)(pool) [12-07-2023 16:30:24] Process Exited: Process Name - WmiPrvSE.exe Process ID - 12176 [12-07-2023 16:30:24] Process Exited: Process Name - WmiPrvSE.exe Process ID - 13756 [12-07-2023 16:30:56] New process found: Process Name - w3wp.exe Process ID - 7116 Process Identity - KSHITIJSINGHAL-\IWPD_38(capitalbook) Web application pool name - capitalbooks-publishing.com(domain)(4.0)(pool) [12-07-2023 16:31:00] New process found: Process Name - cmd.exe Process ID - 10300 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 16:31:00] New process found: Process Name - conhost.exe Process ID - 2356 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 16:31:00] New process found: Process Name - runtask.exe Process ID - 8904 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 16:31:00] New process found: Process Name - php.exe Process ID - 5084 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 16:31:00] New process found: Process Name - conhost.exe Process ID - 15508 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 16:31:21] New process found: Process Name - dllhost.exe Process ID - 7044 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 16:31:26] Process Exited: Process Name - dllhost.exe Process ID - 7044 [12-07-2023 16:31:45] New process found: Process Name - w3wp.exe Process ID - 11448 Process Identity - KSHITIJSINGHAL-\IWPD_13(perfectbrea) Web application pool name - perfectbread.com(domain)(4.0)(pool) [12-07-2023 16:32:03] New process found: Process Name - WmiPrvSE.exe Process ID - 15900 Process Identity - NT AUTHORITY\LOCAL SERVICE [12-07-2023 16:32:10] New process found: Process Name - WmiPrvSE.exe Process ID - 2720 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 16:32:16] New process found: Process Name - w3wp.exe Process ID - 7464 Process Identity - IIS APPPOOL\kdbps.edu.in Web application pool name - kdbps.edu.in [12-07-2023 16:32:17] New process found: Process Name - conhost.exe Process ID - 5612 Process Identity - IIS APPPOOL\kdbps.edu.in [12-07-2023 16:32:55] Process Exited: Process Name - conhost.exe Process ID - 2356 [12-07-2023 16:32:55] Process Exited: Process Name - php.exe Process ID - 5084 [12-07-2023 16:32:55] Process Exited: Process Name - runtask.exe Process ID - 8904 [12-07-2023 16:32:55] Process Exited: Process Name - cmd.exe Process ID - 10300 [12-07-2023 16:32:55] Process Exited: Process Name - conhost.exe Process ID - 15508 [12-07-2023 16:33:33] Process Exited: Process Name - WmiPrvSE.exe Process ID - 2720 [12-07-2023 16:33:33] Process Exited: Process Name - WmiPrvSE.exe Process ID - 15900 [12-07-2023 16:34:29] Process Exited: Process Name - w3wp.exe Process ID - 14980 Web application pool name - shop.galaxytools.in [12-07-2023 16:34:33] New process found: Process Name - w3wp.exe Process ID - 7888 Process Identity - IIS APPPOOL\galaxytools.in Web application pool name - galaxytools.in [12-07-2023 16:35:49] Process Exited: Process Name - w3wp.exe Process ID - 16140 Web application pool name - DefaultAppPool [12-07-2023 16:36:14] New process found: Process Name - w3wp.exe Process ID - 12120 Process Identity - IIS APPPOOL\DefaultAppPool Web application pool name - DefaultAppPool [12-07-2023 16:36:59] Process Exited: Process Name - w3wp.exe Process ID - 7116 Web application pool name - capitalbooks-publishing.com(domain)(4.0)(pool) [12-07-2023 16:37:29] New process found: Process Name - w3wp.exe Process ID - 8372 Process Identity - KSHITIJSINGHAL-\IWPD_33(acwits) Web application pool name - procurementwebnew.acwits.in(domain)(4.0)(pool) [12-07-2023 16:37:29] New process found: Process Name - conhost.exe Process ID - 12304 Process Identity - KSHITIJSINGHAL-\IWPD_33(acwits) [12-07-2023 16:37:46] Process Exited: Process Name - w3wp.exe Process ID - 11448 Web application pool name - perfectbread.com(domain)(4.0)(pool) [12-07-2023 16:38:24] Process Exited: Process Name - w3wp.exe Process ID - 8868 Web application pool name - cies.org.in(domain)(4.0)(pool) [12-07-2023 16:38:55] New process found: Process Name - WmiPrvSE.exe Process ID - 10184 Process Identity - NT AUTHORITY\LOCAL SERVICE [12-07-2023 16:39:01] New process found: Process Name - cmd.exe Process ID - 9256 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 16:39:01] New process found: Process Name - conhost.exe Process ID - 14212 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 16:39:01] New process found: Process Name - runtask.exe Process ID - 12920 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 16:39:01] New process found: Process Name - php.exe Process ID - 3832 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 16:39:01] New process found: Process Name - conhost.exe Process ID - 10072 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 16:39:02] New process found: Process Name - WmiPrvSE.exe Process ID - 13944 Process Identity - NT AUTHORITY\SYSTEM [12-07-2023 16:39:02] New process found: Process Name - cmd.exe Process ID - 10680 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 16:39:02] New process found: Process Name - php.exe Process ID - 15292 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 16:39:03] New process found: Process Name - cmd.exe Process ID - 16052 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 16:39:03] New process found: Process Name - php.exe Process ID - 9320 Process Identity - KSHITIJSINGHAL-\psaadm [12-07-2023 16:39:03] Process Exited: Process Name - cmd.exe Process ID - 10680 [12-07-2023 16:39:03] Process Exited: Process Name - php.exe Process ID - 15292 [12-07-2023 16:39:04] Process Exited: Process Name - php.exe Process ID - 3832 [12-07-2023 16:39:04] Process Exited: Process Name - cmd.exe Process ID - 9256 [12-07-2023 16:39:04] Process Exited: Process Name - php.exe Process ID - 9320 [12-07-2023 16:39:04] Process Exited: Process Name - conhost.exe Process ID - 10072 [12-07-2023 16:39:04] Process Exited: Process Name - runtask.exe Process ID - 12920 [12-07-2023 16:39:04] Process Exited: Process Name - conhost.exe Process ID - 14212 [12-07-2023 16:39:04] Process Exited: Process Name - cmd.exe Process ID - 16052 [12-07-2023 16:40:15] New process found: Process Name - w3wp.exe Process ID - 15548 Process Identity - KSHITIJSINGHAL-\IWPD_77(acwits) Web application pool name - kdb.acwits.in(domain)(4.0)(pool) [12-07-2023 16:40:15] New process found: Process Name - w3wp.exe Process ID - 8896 Process Identity - KSHITIJSINGHAL-\IWPD_69(acwits) Web application pool name - imarc.acwits.in(domain)(4.0)(pool) [12-07-2023 16:40:15] New process found: Process Name - w3wp.exe Process ID - 6272 Process Identity - KSHITIJSINGHAL-\IWPD_14(perfectbrea) Web application pool name - adminportal.perfectbread.com(domain)(4.0)(pool) [12-07-2023 16:40:15] New process found: Process Name - w3wp.exe Process ID - 2584 Process Identity - KSHITIJSINGHAL-\IWPD_7(cies) Web application pool name - adminportal.cies.org.in(domain)(4.0)(pool) [12-07-2023 16:40:15] New process found: Process Name - w3wp.exe Process ID - 10228 Process Identity - KSHITIJSINGHAL-\IWPD_67(justprew_2v) Web application pool name - justprewedding.com(domain)(4.0)(pool) [12-07-2023 16:40:16] New process found: Process Name - w3wp.exe Process ID - 15812 Process Identity - KSHITIJSINGHAL-\IWPD_12(acwits) Web application pool name - procurementnew.acwits.in(domain)(4.0)(pool) [12-07-2023 16:40:16] New process found: Process Name - w3wp.exe Process ID - 5436 Process Identity - KSHITIJSINGHAL-\IWPD_38(capitalbook) Web application pool name - capitalbooks-publishing.com(domain)(4.0)(pool) [12-07-2023 16:40:16] New process found: Process Name - w3wp.exe Process ID - 15472 Process Identity - KSHITIJSINGHAL-\IWPD_6(cies) Web application pool name - cies.org.in(domain)(4.0)(pool) [12-07-2023 16:40:16] New process found: Process Name - w3wp.exe Process ID - 6156 Process Identity - KSHITIJSINGHAL-\IWPD_66(acwits) Web application pool name - 20fpsweb.acwits.in(domain)(4.0)(pool) [12-07-2023 16:40:16] New process found: Process Name - w3wp.exe Process ID - 14112 Process Identity - KSHITIJSINGHAL-\IWPD_57(chotareli_v) Web application pool name - chotareliance.in(domain)(4.0)(pool) [12-07-2023 16:40:16] New process found: Process Name - conhost.exe Process ID - 15516 Process Identity - KSHITIJSINGHAL-\IWPD_77(acwits) [12-07-2023 16:40:16] New process found: Process Name - where.exe Process ID - 11520 Process Identity - KSHITIJSINGHAL-\IWPD_14(perfectbrea) [12-07-2023 16:40:16] New process found: Process Name - conhost.exe Process ID - 15228 Process Identity - KSHITIJSINGHAL-\IWPD_69(acwits) [12-07-2023 16:40:16] New process found: Process Name - conhost.exe Process ID - 12312 Process Identity - KSHITIJSINGHAL-\IWPD_14(perfectbrea) [12-07-2023 16:40:16] New process found: Process Name - w3wp.exe Process ID - 12856 Process Identity - KSHITIJSINGHAL-\IWPD_82(medblink) Web application pool name - blogs.medblinkit.com(domain)(4.0)(pool) [12-07-2023 16:40:16] New process found: Process Name - where.exe Process ID - 12176 Process Identity - KSHITIJSINGHAL-\IWPD_67(justprew_2v) [12-07-2023 16:40:17] New process found: Process Name - conhost.exe Process ID - 15004 Process Identity - KSHITIJSINGHAL-\IWPD_14(perfectbrea) [12-07-2023 16:40:17] New process found: Process Name - w3wp.exe Process ID - 9816 Process Identity - KSHITIJSINGHAL-\IWPD_50(acwits) Web application pool name - adminmain.acwits.in(domain)(4.0)(pool) [12-07-2023 16:40:17] New process found: Process Name - conhost.exe Process ID - 10784 Process Identity - KSHITIJSINGHAL-\IWPD_67(justprew_2v) [12-07-2023 16:40:17] New process found: Process Name - w3wp.exe Process ID - 14652 Process Identity - KSHITIJSINGHAL-\IWPD_76(organicdisr) Web application pool name - organicdisruption.org(domain)(4.0)(pool) [12-07-2023 16:40:17] New process found: Process Name - conhost.exe Process ID - 11808 Process Identity - KSHITIJSINGHAL-\IWPD_12(acwits) [12-07-2023 16:40:17] New process found: Process Name - where.exe Process ID - 10404 Process Identity - KSHITIJSINGHAL-\IWPD_57(chotareli_v) [12-07-2023 16:40:17] New process found: Process Name - conhost.exe Process ID - 10180 Process Identity - KSHITIJSINGHAL-\IWPD_57(chotareli_v) [12-07-2023 16:40:17] New process found: Process Name - conhost.exe Process ID - 11240 Process Identity - KSHITIJSINGHAL-\IWPD_66(acwits) [12-07-2023 16:40:17] New process found: Process Name - w3wp.exe Process ID - 2696 Process Identity - KSHITIJSINGHAL-\IWPD_81(acwits) Web application pool name - singlas.acwits.in(domain)(4.0)(pool) [12-07-2023 16:40:17] New process found: Process Name - w3wp.exe Process ID - 15316 Process Identity - KSHITIJSINGHAL-\IWPD_13(perfectbrea) Web application pool name - perfectbread.com(domain)(4.0)(pool) [12-07-2023 16:40:17] Process Exited: Process Name - where.exe Process ID - 11520 [12-07-2023 16:40:17] Process Exited: Process Name - where.exe Process ID - 12176 [12-07-2023 16:40:17] Process Exited: Process Name - conhost.exe Process ID - 12312 [12-07-2023 16:40:18] New process found: Process Name - conhost.exe Process ID - 15532 Process Identity - KSHITIJSINGHAL-\IWPD_57(chotareli_v) [12-07-2023 16:40:18] New process found: Process Name - w3wp.exe Process ID - 4716 Process Identity - KSHITIJSINGHAL-\IWPD_79(medblink) Web application pool name - adminportal.medblinkit.com(domain)(4.0)(pool) [12-07-2023 16:40:18] New process found: Process Name - w3wp.exe Process ID - 12356 Process Identity - KSHITIJSINGHAL-\IWPD_73(acwits) Web application pool name - syndicated.acwits.in(domain)(4.0)(pool) [12-07-2023 16:40:18] New process found: Process Name - w3wp.exe Process ID - 12208 Process Identity - KSHITIJSINGHAL-\IWPD_75(acwits) Web application pool name - organicdisruption.acwits.in(domain)(4.0)(pool) [12-07-2023 16:40:18] New process found: Process Name - w3wp.exe Process ID - 5148 Process Identity - IIS APPPOOL\shop.galaxytools.in Web application pool name - shop.galaxytools.in [12-07-2023 16:40:18] New process found: Process Name - where.exe Process ID - 6624 Process Identity - KSHITIJSINGHAL-\IWPD_82(medblink) [12-07-2023 16:40:18] Process Exited: Process Name - conhost.exe Process ID - 10180 [12-07-2023 16:40:18] Process Exited: Process Name - where.exe Process ID - 10404 [12-07-2023 16:40:19] New process found: Process Name - w3wp.exe Process ID - 6720 Process Identity - KSHITIJSINGHAL-\IWPD_47(acwits) Web application pool name - legal.acwits.in(domain)(4.0)(pool) [12-07-2023 16:40:19] New process found: Process Name - conhost.exe Process ID - 12508 Process Identity - KSHITIJSINGHAL-\IWPD_82(medblink) [12-07-2023 16:40:19] New process found: Process Name - w3wp.exe Process ID - 8828 Process Identity - KSHITIJSINGHAL-\IWPD_56(acwits) Web application pool name - cameraonrent.acwits.in(domain)(4.0)(pool) [12-07-2023 16:40:19] New process found: Process Name - where.exe Process ID - 10468 Process Identity - KSHITIJSINGHAL-\IWPD_76(organicdisr) [12-07-2023 16:40:19] New process found: Process Name - conhost.exe Process ID - 16216 Process Identity - KSHITIJSINGHAL-\IWPD_76(organicdisr) [12-07-2023 16:40:19] New process found: Process Name - w3wp.exe Process ID - 8556 Process Identity - KSHITIJSINGHAL-\IWPD_80(acwits) Web application pool name - pharmacy.acwits.in(domain)(4.0)(pool) [12-07-2023 16:40:19] New process found: Process Name - where.exe Process ID - 2904 Process Identity - KSHITIJSINGHAL-\IWPD_13(perfectbrea) [12-07-2023 16:40:19] New process found: Process Name - conhost.exe Process ID - 14076 Process Identity - KSHITIJSINGHAL-\IWPD_81(acwits) [12-07-2023 16:40:19] New process found: Process Name - conhost.exe Process ID - 3012 Process Identity - KSHITIJSINGHAL-\IWPD_13(perfectbrea) [12-07-2023 16:40:19] Process Exited: Process Name - where.exe Process ID - 6624 [12-07-2023 16:40:20] New process found: Process Name - conhost.exe Process ID - 8324 Process Identity - KSHITIJSINGHAL-\IWPD_50(acwits) [12-07-2023 16:40:20] New process found: Process Name - conhost.exe Process ID - 7072 Process Identity - KSHITIJSINGHAL-\IWPD_76(organicdisr) [12-07-2023 16:40:20] New process found: Process Name - where.exe Process ID - 5500 Process Identity - KSHITIJSINGHAL-\IWPD_79(medblink) [12-07-2023 16:40:20] New process found: Process Name - where.exe Process ID - 10796 Process Identity - KSHITIJSINGHAL-\IWPD_73(acwits) [12-07-2023 16:40:20] New process found: Process Name - conhost.exe Process ID - 5116 Process Identity - KSHITIJSINGHAL-\IWPD_13(perfectbrea) [12-07-2023 16:40:20] New process found: Process Name - conhost.exe Process ID - 2764 Process Identity - KSHITIJSINGHAL-\IWPD_79(medblink) [12-07-2023 16:40:20] New process found: Process Name - conhost.exe Process ID - 12764 Process Identity - KSHITIJSINGHAL-\IWPD_73(acwits) [12-07-2023 16:40:20] Process Exited: Process Name - where.exe Process ID - 2904 [12-07-2023 16:40:20] Process Exited: Process Name - conhost.exe Process ID - 3012 [12-07-2023 16:40:20] Process Exited: Process Name - where.exe Process ID - 10468 [12-07-2023 16:40:20] Process Exited: Process Name - conhost.exe Process ID - 16216 [12-07-2023 16:40:21] New process found: Process Name - conhost.exe Process ID - 12572 Process Identity - KSHITIJSINGHAL-\IWPD_73(acwits) [12-07-2023 16:40:21] New process found: Process Name - conhost.exe Process ID - 15356 Process Identity - KSHITIJSINGHAL-\IWPD_79(medblink) [12-07-2023 16:40:21] Process Exited: Process Name - conhost.exe Process ID - 2764 [12-07-2023 16:40:21] Process Exited: Process Name - where.exe Process ID - 5500 [12-07-2023 16:40:21] Process Exited: Process Name - where.exe Process ID - 10796 [12-07-2023 16:40:21] Process Exited: Process Name - conhost.exe Process ID - 12764 [12-07-2023 16:40:22] New process found: Process Name - conhost.exe Process ID - 7240 Process Identity - KSHITIJSINGHAL-\IWPD_75(acwits) [12-07-2023 16:40:22] New process found: Process Name - conhost.exe Process ID - 12024 Process Identity - KSHITIJSINGHAL-\IWPD_47(acwits) [12-07-2023 16:40:23] New process found: Process Name - conhost.exe Process ID - 16200 Process Identity - KSHITIJSINGHAL-\IWPD_80(acwits) [12-07-2023 16:40:25] Process Exited: Process Name - WmiPrvSE.exe Process ID - 10184 [12-07-2023 16:40:25] Process Exited: Process Name - WmiPrvSE.exe Process ID - 13944