Coming soon - Get a detailed view of why an account is flagged as spam!
view details

This post has been de-listed

It is no longer included in search results and normal feeds (front page, hot posts, subreddit posts, etc). It remains visible only via the author's post history.

2
Suspicious event Quick Assist log entries while I was away - Win10
Post Flair (click to view more posts with a particular flair)
Analysis
Post Body

There are some event log entries that look to be quick assist running while I was away from my computer. Is this evidence someone was accessing my computer or something else? I see similar events like these going back to for 2 weeks but earlier. Sometimes I use quick assist to people but not t this time. Some details have been changed for anonymity. ``` Log Name: Application Source: Quick Assist Date: 10/7/2023 1:21:56 AM Event ID: 0 Task Category: None Level: Information Keywords: Classic User: N/A Computer: DESKTOP-MDFHAIM Description: The operation completed successfully. Event Xml:

<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event"> <System> <Provider Name="Quick Assist" /> <EventID Qualifiers="0">0</EventID> <Version>0</Version> <Level>4</Level> <Task>0</Task> <Opcode>0</Opcode> <Keywords>0x80000000000000</Keywords> <TimeCreated SystemTime="2023-10-07T08:21:56.2389018Z" /> <EventRecordID>289887</EventRecordID> <Correlation /> <Execution ProcessID="0" ThreadID="0" /> <Channel>Application</Channel> <Computer>DESKTOP-MDFHAIM</Computer> <Security /> </System> <EventData> <Data>Error: D:\a_work\1\s\src\win32app\ApplicationSetup.cpp(1149)\QuickAssist.exe!00007FF79620694A: (caller: 00007FF79621A6D5) ReturnHr(10) tid(688c) 80070490 Element not found. </Data> </EventData> </Event>

Log Name: Application Source: Quick Assist Date: 10/7/2023 1:21:56 AM Event ID: 0 Task Category: None Level: Information Keywords: Classic User: N/A Computer: DESKTOP-MDFHAIM Description: The operation completed successfully. Event Xml:

<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event"> <System> <Provider Name="Quick Assist" /> <EventID Qualifiers="0">0</EventID> <Version>0</Version> <Level>4</Level> <Task>0</Task> <Opcode>0</Opcode> <Keywords>0x80000000000000</Keywords> <TimeCreated SystemTime="2023-10-07T08:21:56.2389018Z" /> <EventRecordID>289886</EventRecordID> <Correlation /> <Execution ProcessID="0" ThreadID="0" /> <Channel>Application</Channel> <Computer>DESKTOP-MDFHAIM</Computer> <Security /> </System> <EventData> <Data>Error: D:\a_work\1\s\src\win32app\ApplicationSetup.cpp(1129)\QuickAssist.exe!00007FF796208531: (caller: 00007FF796206925) ReturnHr(9) tid(688c) 80070490 Element not found. </Data> </EventData> </Event>

Log Name: Application Source: Quick Assist Date: 10/7/2023 1:21:56 AM Event ID: 0 Task Category: None Level: Information Keywords: Classic User: N/A Computer: DESKTOP-MDFHAIM Description: The operation completed successfully. Event Xml:

<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event"> <System> <Provider Name="Quick Assist" /> <EventID Qualifiers="0">0</EventID> <Version>0</Version> <Level>4</Level> <Task>0</Task> <Opcode>0</Opcode> <Keywords>0x80000000000000</Keywords> <TimeCreated SystemTime="2023-10-07T08:21:56.2389018Z" /> <EventRecordID>289885</EventRecordID> <Correlation /> <Execution ProcessID="0" ThreadID="0" /> <Channel>Application</Channel> <Computer>DESKTOP-MDFHAIM</Computer> <Security /> </System> <EventData> <Data>Error: D:\a_work\1\s\src\win32app\RdpClientActiveX.cpp(385)\QuickAssist.exe!00007FF7962215E3: (caller: 00007FF79620850F) ReturnHr(8) tid(688c) 80070490 Element not found. </Data> </EventData> </Event>

Log Name: Application Source: Quick Assist Date: 10/7/2023 1:21:55 AM Event ID: 0 Task Category: None Level: Information Keywords: Classic User: N/A Computer: DESKTOP-MDFHAIM Description: The operation completed successfully. Event Xml:

<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event"> <System> <Provider Name="Quick Assist" /> <EventID Qualifiers="0">0</EventID> <Version>0</Version> <Level>4</Level> <Task>0</Task> <Opcode>0</Opcode> <Keywords>0x80000000000000</Keywords> <TimeCreated SystemTime="2023-10-07T08:21:55.4807326Z" /> <EventRecordID>289884</EventRecordID> <Correlation /> <Execution ProcessID="0" ThreadID="0" /> <Channel>Application</Channel> <Computer>DESKTOP-MDFHAIM</Computer> <Security /> </System> <EventData> <Data>Error: D:\a_work\1\s\src\win32app\AppWindow.cpp(298)\QuickAssist.exe!00007FF79621A6FB: (caller: 00007FFA3190E858) LogHr(2) tid(688c) 80070490 Element not found. </Data> </EventData> </Event>

Log Name: Application Source: Quick Assist Date: 10/7/2023 1:21:55 AM Event ID: 0 Task Category: None Level: Information Keywords: Classic User: N/A Computer: DESKTOP-MDFHAIM Description: The operation completed successfully. Event Xml:

<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event"> <System> <Provider Name="Quick Assist" /> <EventID Qualifiers="0">0</EventID> <Version>0</Version> <Level>4</Level> <Task>0</Task> <Opcode>0</Opcode> <Keywords>0x80000000000000</Keywords> <TimeCreated SystemTime="2023-10-07T08:21:55.4807326Z" /> <EventRecordID>289883</EventRecordID> <Correlation /> <Execution ProcessID="0" ThreadID="0" /> <Channel>Application</Channel> <Computer>DESKTOP-MDFHAIM</Computer> <Security /> </System> <EventData> <Data>Error: D:\a_work\1\s\src\win32app\ApplicationSetup.cpp(1149)\QuickAssist.exe!00007FF79620694A: (caller: 00007FF79621A6D5) ReturnHr(7) tid(688c) 80070490 Element not found. </Data> </EventData> </Event>

Log Name: Application Source: Quick Assist Date: 10/7/2023 1:21:55 AM Event ID: 0 Task Category: None Level: Information Keywords: Classic User: N/A Computer: DESKTOP-MDFHAIM Description: The operation completed successfully. Event Xml:

<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event"> <System> <Provider Name="Quick Assist" /> <EventID Qualifiers="0">0</EventID> <Version>0</Version> <Level>4</Level> <Task>0</Task> <Opcode>0</Opcode> <Keywords>0x80000000000000</Keywords> <TimeCreated SystemTime="2023-10-07T08:21:55.4807326Z" /> <EventRecordID>289882</EventRecordID> <Correlation /> <Execution ProcessID="0" ThreadID="0" /> <Channel>Application</Channel> <Computer>DESKTOP-MDFHAIM</Computer> <Security /> </System> <EventData> <Data>Error: D:\a_work\1\s\src\win32app\ApplicationSetup.cpp(1129)\QuickAssist.exe!00007FF796208531: (caller: 00007FF796206925) ReturnHr(6) tid(688c) 80070490 Element not found. </Data> </EventData> </Event>

Log Name: Application Source: Quick Assist Date: 10/7/2023 1:21:55 AM Event ID: 0 Task Category: None Level: Information Keywords: Classic User: N/A Computer: DESKTOP-MDFHAIM Description: The operation completed successfully. Event Xml:

<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event"> <System> <Provider Name="Quick Assist" /> <EventID Qualifiers="0">0</EventID> <Version>0</Version> <Level>4</Level> <Task>0</Task> <Opcode>0</Opcode> <Keywords>0x80000000000000</Keywords> <TimeCreated SystemTime="2023-10-07T08:21:55.4797324Z" /> <EventRecordID>289881</EventRecordID> <Correlation /> <Execution ProcessID="0" ThreadID="0" /> <Channel>Application</Channel> <Computer>DESKTOP-MDFHAIM</Computer> <Security /> </System> <EventData> <Data>Error: D:\a_work\1\s\src\win32app\RdpClientActiveX.cpp(385)\QuickAssist.exe!00007FF7962215E3: (caller: 00007FF79620850F) ReturnHr(5) tid(688c) 80070490 Element not found. </Data> </EventData> </Event>

Log Name: Application Source: Quick Assist Date: 10/7/2023 1:21:55 AM Event ID: 0 Task Category: None Level: Information Keywords: Classic User: N/A Computer: DESKTOP-MDFHAIM Description: The operation completed successfully. Event Xml:

<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event"> <System> <Provider Name="Quick Assist" /> <EventID Qualifiers="0">0</EventID> <Version>0</Version> <Level>4</Level> <Task>0</Task> <Opcode>0</Opcode> <Keywords>0x80000000000000</Keywords> <TimeCreated SystemTime="2023-10-07T08:21:55.4697309Z" /> <EventRecordID>289880</EventRecordID> <Correlation /> <Execution ProcessID="0" ThreadID="0" /> <Channel>Application</Channel> <Computer>DESKTOP-MDFHAIM</Computer> <Security /> </System> <EventData> <Data>Info: {"command":"forwardtoagent", "context":{"command":"userrequest","context":{"width":2560,"height":1440,"aspectratio":1.7777777910232544,"monitorcount":1,"monitors":[{"width":2560,"height":1440,"aspectratio":1.7777777910232544}],"requestname":"monitortopologychanged"}}}</Data> </EventData> </Event>

Log Name: Application Source: Quick Assist Date: 10/7/2023 1:21:51 AM Event ID: 0 Task Category: None Level: Information Keywords: Classic User: N/A Computer: DESKTOP-MDFHAIM Description: The operation completed successfully. Event Xml:

<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event"> <System> <Provider Name="Quick Assist" /> <EventID Qualifiers="0">0</EventID> <Version>0</Version> <Level>4</Level> <Task>0</Task> <Opcode>0</Opcode> <Keywords>0x80000000000000</Keywords> <TimeCreated SystemTime="2023-10-07T08:21:51.9209329Z" /> <EventRecordID>289879</EventRecordID> <Correlation /> <Execution ProcessID="0" ThreadID="0" /> <Channel>Application</Channel> <Computer>DESKTOP-MDFHAIM</Computer> <Security /> </System> <EventData> <Data>Command: windowupdate Result: </Data> </EventData> </Event>

Log Name: Application Source: Quick Assist Date: 10/7/2023 1:21:51 AM Event ID: 0 Task Category: None Level: Information Keywords: Classic User: N/A Computer: DESKTOP-MDFHAIM Description: The operation completed successfully. Event Xml:

<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event"> <System> <Provider Name="Quick Assist" /> <EventID Qualifiers="0">0</EventID> <Version>0</Version> <Level>4</Level> <Task>0</Task> <Opcode>0</Opcode> <Keywords>0x80000000000000</Keywords> <TimeCreated SystemTime="2023-10-07T08:21:51.9169320Z" /> <EventRecordID>289878</EventRecordID> <Correlation /> <Execution ProcessID="0" ThreadID="0" /> <Channel>Application</Channel> <Computer>DESKTOP-MDFHAIM</Computer> <Security /> </System> <EventData> <Data>Error: D:\a_work\1\s\src\win32app\AppWindow.cpp(298)\QuickAssist.exe!00007FF79621A6FB: (caller: 00007FFA3190E858) LogHr(1) tid(688c) 80070490 Element not found. </Data> </EventData> </Event>

Log Name: Application Source: Quick Assist Date: 10/7/2023 1:21:51 AM Event ID: 0 Task Category: None Level: Information Keywords: Classic User: N/A Computer: DESKTOP-MDFHAIM Description: The operation completed successfully. Event Xml:

<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event"> <System> <Provider Name="Quick Assist" /> <EventID Qualifiers="0">0</EventID> <Version>0</Version> <Level>4</Level> <Task>0</Task> <Opcode>0</Opcode> <Keywords>0x80000000000000</Keywords> <TimeCreated SystemTime="2023-10-07T08:21:51.9169320Z" /> <EventRecordID>289877</EventRecordID> <Correlation /> <Execution ProcessID="0" ThreadID="0" /> <Channel>Application</Channel> <Computer>DESKTOP-MDFHAIM</Computer> <Security /> </System> <EventData> <Data>Error: D:\a_work\1\s\src\win32app\ApplicationSetup.cpp(1149)\QuickAssist.exe!00007FF79620694A: (caller: 00007FF79621A6D5) ReturnHr(4) tid(688c) 80070490 Element not found. </Data> </EventData> </Event>

Log Name: Application Source: Quick Assist Date: 10/7/2023 1:21:51 AM Event ID: 0 Task Category: None Level: Information Keywords: Classic User: N/A Computer: DESKTOP-MDFHAIM Description: The operation completed successfully. Event Xml:

<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event"> <System> <Provider Name="Quick Assist" /> <EventID Qualifiers="0">0</EventID> <Version>0</Version> <Level>4</Level> <Task>0</Task> <Opcode>0</Opcode> <Keywords>0x80000000000000</Keywords> <TimeCreated SystemTime="2023-10-07T08:21:51.9169320Z" /> <EventRecordID>289876</EventRecordID> <Correlation /> <Execution ProcessID="0" ThreadID="0" /> <Channel>Application</Channel> <Computer>DESKTOP-MDFHAIM</Computer> <Security /> </System> <EventData> <Data>Error: D:\a_work\1\s\src\win32app\ApplicationSetup.cpp(1129)\QuickAssist.exe!00007FF796208531: (caller: 00007FF796206925) ReturnHr(3) tid(688c) 80070490 Element not found. </Data> </EventData> </Event>

Log Name: Application Source: Quick Assist Date: 10/7/2023 1:21:51 AM Event ID: 0 Task Category: None Level: Information Keywords: Classic User: N/A Computer: DESKTOP-MDFHAIM Description: The operation completed successfully. Event Xml:

<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event"> <System> <Provider Name="Quick Assist" /> <EventID Qualifiers="0">0</EventID> <Version>0</Version> <Level>4</Level> <Task>0</Task> <Opcode>0</Opcode> <Keywords>0x80000000000000</Keywords> <TimeCreated SystemTime="2023-10-07T08:21:51.9169320Z" /> <EventRecordID>289875</EventRecordID> <Correlation /> <Execution ProcessID="0" ThreadID="0" /> <Channel>Application</Channel> <Computer>DESKTOP-MDFHAIM</Computer> <Security /> </System> <EventData> <Data>Error: D:\a_work\1\s\src\win32app\RdpClientActiveX.cpp(385)\QuickAssist.exe!00007FF7962215E3: (caller: 00007FF79620850F) ReturnHr(2) tid(688c) 80070490 Element not found. </Data> </EventData> </Event>

Log Name: Application Source: Quick Assist Date: 10/7/2023 1:21:51 AM Event ID: 0 Task Category: None Level: Information Keywords: Classic User: N/A Computer: DESKTOP-MDFHAIM Description: The operation completed successfully. Event Xml:

<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event"> <System> <Provider Name="Quick Assist" /> <EventID Qualifiers="0">0</EventID> <Version>0</Version> <Level>4</Level> <Task>0</Task> <Opcode>0</Opcode> <Keywords>0x80000000000000</Keywords> <TimeCreated SystemTime="2023-10-07T08:21:51.9159318Z" /> <EventRecordID>289874</EventRecordID> <Correlation /> <Execution ProcessID="0" ThreadID="0" /> <Channel>Application</Channel> <Computer>DESKTOP-MDFHAIM</Computer> <Security /> </System> <EventData> <Data>Incoming cmd Message: {"command":"windowupdate","context":{"id":14,"showtitlebar":true,"showmaximize":false,"resizable":false,"newsizedip":{"width":478,"height":700,"minwid</Data> </EventData> </Event>

Log Name: Application Source: Quick Assist Date: 10/7/2023 1:21:51 AM Event ID: 0 Task Category: None Level: Information Keywords: Classic User: N/A Computer: DESKTOP-MDFHAIM Description: The operation completed successfully. Event Xml:

<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event"> <System> <Provider Name="Quick Assist" /> <EventID Qualifiers="0">0</EventID> <Version>0</Version> <Level>4</Level> <Task>0</Task> <Opcode>0</Opcode> <Keywords>0x80000000000000</Keywords> <TimeCreated SystemTime="2023-10-07T08:21:51.9149315Z" /> <EventRecordID>289873</EventRecordID> <Correlation /> <Execution ProcessID="0" ThreadID="0" /> <Channel>Application</Channel> <Computer>DESKTOP-MDFHAIM</Computer> <Security /> </System> <EventData> <Data>JS messaging state: Handling</Data> </EventData> </Event>

Log Name: Application Source: Quick Assist Date: 10/7/2023 1:21:51 AM Event ID: 0 Task Category: None Level: Information Keywords: Classic User: N/A Computer: DESKTOP-MDFHAIM Description: The operation completed successfully. Event Xml:

<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event"> <System> <Provider Name="Quick Assist" /> <EventID Qualifiers="0">0</EventID> <Version>0</Version> <Level>4</Level> <Task>0</Task> <Opcode>0</Opcode> <Keywords>0x80000000000000</Keywords> <TimeCreated SystemTime="2023-10-07T08:21:51.6888814Z" /> <EventRecordID>289872</EventRecordID> <Correlation /> <Execution ProcessID="0" ThreadID="0" /> <Channel>Application</Channel> <Computer>DESKTOP-MDFHAIM</Computer> <Security /> </System> <EventData> <Data>Command: Result: </Data> </EventData> </Event>

Log Name: Application Source: Quick Assist Date: 10/7/2023 1:21:51 AM Event ID: 0 Task Category: None Level: Information Keywords: Classic User: N/A Computer: DESKTOP-MDFHAIM Description: The operation completed successfully. Event Xml:

<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event"> <System> <Provider Name="Quick Assist" /> <EventID Qualifiers="0">0</EventID> <Version>0</Version> <Level>4</Level> <Task>0</Task> <Opcode>0</Opcode> <Keywords>0x80000000000000</Keywords> <TimeCreated SystemTime="2023-10-07T08:21:51.6888814Z" /> <EventRecordID>289871</EventRecordID> <Correlation /> <Execution ProcessID="0" ThreadID="0" /> <Channel>Application</Channel> <Computer>DESKTOP-MDFHAIM</Computer> <Security /> </System> <EventData> <Data>Incoming cmd Message: {"command":"sendcvtonativeapp","context":{"cv":"D4OGg9KfDkusK3JI.0","message":"cV on start of app"}}</Data> </EventData> </Event>

Log Name: Application Source: Quick Assist Date: 10/7/2023 1:21:51 AM Event ID: 0 Task Category: None Level: Information Keywords: Classic User: N/A Computer: DESKTOP-MDFHAIM Description: The operation completed successfully. Event Xml:

<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event"> <System> <Provider Name="Quick Assist" /> <EventID Qualifiers="0">0</EventID> <Version>0</Version> <Level>4</Level> <Task>0</Task> <Opcode>0</Opcode> <Keywords>0x80000000000000</Keywords> <TimeCreated SystemTime="2023-10-07T08:21:51.6878809Z" /> <EventRecordID>289870</EventRecordID> <Correlation /> <Execution ProcessID="0" ThreadID="0" /> <Channel>Application</Channel> <Computer>DESKTOP-MDFHAIM</Computer> <Security /> </System> <EventData> <Data>JS messaging state: Handling</Data> </EventData> </Event>

Log Name: Application Source: Quick Assist Date: 10/7/2023 1:21:51 AM Event ID: 0 Task Category: None Level: Information Keywords: Classic User: N/A Computer: DESKTOP-MDFHAIM Description: The operation completed successfully. Event Xml:

<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event"> <System> <Provider Name="Quick Assist" /> <EventID Qualifiers="0">0</EventID> <Version>0</Version> <Level>4</Level> <Task>0</Task> <Opcode>0</Opcode> <Keywords>0x80000000000000</Keywords> <TimeCreated SystemTime="2023-10-07T08:21:51.5888590Z" /> <EventRecordID>289869</EventRecordID> <Correlation /> <Execution ProcessID="0" ThreadID="0" /> <Channel>Application</Channel> <Computer>DESKTOP-MDFHAIM</Computer> <Security /> </System> <EventData> <Data>Command: setsplashscreen Result: </Data> </EventData> </Event>

Log Name: Application Source: Quick Assist Date: 10/7/2023 1:21:51 AM Event ID: 0 Task Category: None Level: Information Keywords: Classic User: N/A Computer: DESKTOP-MDFHAIM Description: The operation completed successfully. Event Xml:

<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event"> <System> <Provider Name="Quick Assist" /> <EventID Qualifiers="0">0</EventID> <Version>0</Version> <Level>4</Level> <Task>0</Task> <Opcode>0</Opcode> <Keywords>0x80000000000000</Keywords> <TimeCreated SystemTime="2023-10-07T08:21:51.5878578Z" /> <EventRecordID>289868</EventRecordID> <Correlation /> <Execution ProcessID="0" ThreadID="0" /> <Channel>Application</Channel> <Computer>DESKTOP-MDFHAIM</Computer> <Security /> </System> <EventData> <Data>Incoming cmd Message: {"command":"setsplashscreen","context":{"isvisible":false}}</Data> </EventData> </Event>

Log Name: Application Source: Quick Assist Date: 10/7/2023 1:21:51 AM Event ID: 0 Task Category: None Level: Information Keywords: Classic User: N/A Computer: DESKTOP-MDFHAIM Description: The operation completed successfully. Event Xml:

<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event"> <System> <Provider Name="Quick Assist" /> <EventID Qualifiers="0">0</EventID> <Version>0</Version> <Level>4</Level> <Task>0</Task> <Opcode>0</Opcode> <Keywords>0x80000000000000</Keywords> <TimeCreated SystemTime="2023-10-07T08:21:51.5878578Z" /> <EventRecordID>289867</EventRecordID> <Correlation /> <Execution ProcessID="0" ThreadID="0" /> <Channel>Application</Channel> <Computer>DESKTOP-MDFHAIM</Computer> <Security /> </System> <EventData> <Data>JS messaging state: Handling</Data> </EventData> </Event>

Log Name: Application Source: Quick Assist Date: 10/7/2023 1:21:51 AM Event ID: 0 Task Category: None Level: Information Keywords: Classic User: N/A Computer: DESKTOP-MDFHAIM Description: The operation completed successfully. Event Xml:

<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event"> <System> <Provider Name="Quick Assist" /> <EventID Qualifiers="0">0</EventID> <Version>0</Version> <Level>4</Level> <Task>0</Task> <Opcode>0</Opcode> <Keywords>0x80000000000000</Keywords> <TimeCreated SystemTime="2023-10-07T08:21:51.5828578Z" /> <EventRecordID>289866</EventRecordID> <Correlation /> <Execution ProcessID="0" ThreadID="0" /> <Channel>Application</Channel> <Computer>DESKTOP-MDFHAIM</Computer> <Security /> </System> <EventData> <Data>Command: getsysteminfo Result: {"responsename":"getsysteminfo","success":true,"productname":"Windows 10 Pro","devicefamily":"Windows.Desktop","systemsku":"Default string","capabilit</Data> </EventData> </Event>

Log Name: Application Source: Quick Assist Date: 10/7/2023 1:21:51 AM Event ID: 0 Task Category: None Level: Information Keywords: Classic User: N/A Computer: DESKTOP-MDFHAIM Description: The operation completed successfully. Event Xml:

<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event"> <System> <Provider Name="Quick Assist" /> <EventID Qualifiers="0">0</EventID> <Version>0</Version> <Level>4</Level> <Task>0</Task> <Opcode>0</Opcode> <Keywords>0x80000000000000</Keywords> <TimeCreated SystemTime="2023-10-07T08:21:51.5828578Z" /> <EventRecordID>289865</EventRecordID> <Correlation /> <Execution ProcessID="0" ThreadID="0" /> <Channel>Application</Channel> <Computer>DESKTOP-MDFHAIM</Computer> <Security /> </System> <EventData> <Data>Info: {"command":"forwardtoagent", "context":{"command":"requestresponse","context":{"responsename":"getsysteminfo","success":true,"productname":"Windows 10 Pro","devicefamily":"Windows.Desktop","systemsku":"Default string","capabilities":["annotation","relay","sharing","viewing","monitorinfo","networkquery","safebootrestart","keyboardhook","laserannotation","elevationinsessionswitch"],"productbuildnumber":"19045","productedition":"Professional","systemfamily":"X570 MB","systemmanufacturer":"MSI Technology Co., Ltd.","userlevel":"user","storeappversion":"2.0.21.0","systemversion":"-CF","devicefamilyversion":"2814751015243128","agentdisablesharing":false,"productmajorversion":10,"agentviewonly":false,"deviceform":"Unknown","systemproductname":"MEG X570 UNIFY WIFI"}}}</Data> </EventData> </Event>

Log Name: Application Source: Quick Assist Date: 10/7/2023 1:21:51 AM Event ID: 0 Task Category: None Level: Information Keywords: Classic User: N/A Computer: DESKTOP-MDFHAIM Description: The operation completed successfully. Event Xml:

<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event"> <System> <Provider Name="Quick Assist" /> <EventID Qualifiers="0">0</EventID> <Version>0</Version> <Level>4</Level> <Task>0</Task> <Opcode>0</Opcode> <Keywords>0x80000000000000</Keywords> <TimeCreated SystemTime="2023-10-07T08:21:51.5828578Z" /> <EventRecordID>289864</EventRecordID> <Correlation /> <Execution ProcessID="0" ThreadID="0" /> <Channel>Application</Channel> <Computer>DESKTOP-MDFHAIM</Computer> <Security /> </System> <EventData> <Data>Incoming cmd Message: {"command":"getsysteminfo","context":{"responsename":"getsysteminfo"}}</Data> </EventData> </Event>

Log Name: Application Source: Quick Assist Date: 10/7/2023 1:21:51 AM Event ID: 0 Task Category: None Level: Information Keywords: Classic User: N/A Computer: DESKTOP-MDFHAIM Description: The operation completed successfully. Event Xml:

<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event"> <System> <Provider Name="Quick Assist" /> <EventID Qualifiers="0">0</EventID> <Version>0</Version> <Level>4</Level> <Task>0</Task> <Opcode>0</Opcode> <Keywords>0x80000000000000</Keywords> <TimeCreated SystemTime="2023-10-07T08:21:51.5828578Z" /> <EventRecordID>289863</EventRecordID> <Correlation /> <Execution ProcessID="0" ThreadID="0" /> <Channel>Application</Channel> <Computer>DESKTOP-MDFHAIM</Computer> <Security /> </System> <EventData> <Data>JS messaging state: Handling</Data> </EventData> </Event>

Log Name: Application Source: Quick Assist Date: 10/7/2023 1:21:51 AM Event ID: 0 Task Category: None Level: Information Keywords: Classic User: N/A Computer: DESKTOP-MDFHAIM Description: The operation completed successfully. Event Xml:

<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event"> <System> <Provider Name="Quick Assist" /> <EventID Qualifiers="0">0</EventID> <Version>0</Version> <Level>4</Level> <Task>0</Task> <Opcode>0</Opcode> <Keywords>0x80000000000000</Keywords> <TimeCreated SystemTime="2023-10-07T08:21:51.5828578Z" /> <EventRecordID>289862</EventRecordID> <Correlation /> <Execution ProcessID="0" ThreadID="0" /> <Channel>Application</Channel> <Computer>DESKTOP-MDFHAIM</Computer> <Security /> </System> <EventData> <Data>Command: getsysteminfo Result: {"responsename":"getsysteminfo","success":true,"productname":"Windows 10 Pro","devicefamily":"Windows.Desktop","systemsku":"Default string","capabilit</Data> </EventData> </Event>

Log Name: Application Source: Quick Assist Date: 10/7/2023 1:21:51 AM Event ID: 0 Task Category: None Level: Information Keywords: Classic User: N/A Computer: DESKTOP-MDFHAIM Description: The operation completed successfully. Event Xml:

<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event"> <System> <Provider Name="Quick Assist" /> <EventID Qualifiers="0">0</EventID> <Version>0</Version> <Level>4</Level> <Task>0</Task> <Opcode>0</Opcode> <Keywords>0x80000000000000</Keywords> <TimeCreated SystemTime="2023-10-07T08:21:51.5828578Z" /> <EventRecordID>289861</EventRecordID> <Correlation /> <Execution ProcessID="0" ThreadID="0" /> <Channel>Application</Channel> <Computer>DESKTOP-MDFHAIM</Computer> <Security /> </System> <EventData> <Data>Info: {"command":"forwardtoagent", "context":{"command":"requestresponse","context":{"responsename":"getsysteminfo","success":true,"productname":"Windows 10 Pro","devicefamily":"Windows.Desktop","systemsku":"Default string","capabilities":["annotation","relay","sharing","viewing","monitorinfo","networkquery","safebootrestart","keyboardhook","laserannotation","elevationinsessionswitch"],"productbuildnumber":"19045","productedition":"Professional","systemfamily":"X570 MB","systemmanufacturer":"MSI Technology Co., Ltd.","userlevel":"user","storeappversion":"2.0.21.0","systemversion":"-CF","devicefamilyversion":"2814751015243128","agentdisablesharing":false,"productmajorversion":10,"agentviewonly":false,"deviceform":"Unknown","systemproductname":"MEG X570 UNIFY WIFI"}}}</Data> </EventData> </Event>

Log Name: Application Source: Quick Assist Date: 10/7/2023 1:21:51 AM Event ID: 0 Task Category: None Level: Information Keywords: Classic User: N/A Computer: DESKTOP-MDFHAIM Description: The operation completed successfully. Event Xml:

<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event"> <System> <Provider Name="Quick Assist" /> <EventID Qualifiers="0">0</EventID> <Version>0</Version> <Level>4</Level> <Task>0</Task> <Opcode>0</Opcode> <Keywords>0x80000000000000</Keywords> <TimeCreated SystemTime="2023-10-07T08:21:51.5808573Z" /> <EventRecordID>289860</EventRecordID> <Correlation /> <Execution ProcessID="0" ThreadID="0" /> <Channel>Application</Channel> <Computer>DESKTOP-MDFHAIM</Computer> <Security /> </System> <EventData> <Data>Incoming cmd Message: {"command":"getsysteminfo","context":{"responsename":"getsysteminfo"}}</Data> </EventData> </Event>

Log Name: Application Source: Quick Assist Date: 10/7/2023 1:21:51 AM Event ID: 0 Task Category: None Level: Information Keywords: Classic User: N/A Computer: DESKTOP-MDFHAIM Description: The operation completed successfully. Event Xml:

<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event"> <System> <Provider Name="Quick Assist" /> <EventID Qualifiers="0">0</EventID> <Version>0</Version> <Level>4</Level> <Task>0</Task> <Opcode>0</Opcode> <Keywords>0x80000000000000</Keywords> <TimeCreated SystemTime="2023-10-07T08:21:51.5808573Z" /> <EventRecordID>289859</EventRecordID> <Correlation /> <Execution ProcessID="0" ThreadID="0" /> <Channel>Application</Channel> <Computer>DESKTOP-MDFHAIM</Computer> <Security /> </System> <EventData> <Data>JS messaging state: Handling</Data> </EventData> </Event>

Log Name: Application Source: Quick Assist Date: 10/7/2023 1:21:50 AM Event ID: 0 Task Category: None Level: Information Keywords: Classic User: N/A Computer: DESKTOP-MDFHAIM Description: The operation completed successfully. Event Xml:

<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event"> <System> <Provider Name="Quick Assist" /> <EventID Qualifiers="0">0</EventID> <Version>0</Version> <Level>4</Level> <Task>0</Task> <Opcode>0</Opcode> <Keywords>0x80000000000000</Keywords> <TimeCreated SystemTime="2023-10-07T08:21:50.6987568Z" /> <EventRecordID>289858</EventRecordID> <Correlation /> <Execution ProcessID="0" ThreadID="0" /> <Channel>Application</Channel> <Computer>DESKTOP-MDFHAIM</Computer> <Security /> </System> <EventData> <Data>Navigating to URL: https://remoteassistance.support.services.microsoft.com/</Data> </EventData> </Event>

Log Name: Application Source: Quick Assist Date: 10/7/2023 1:21:50 AM Event ID: 0 Task Category: None Level: Information Keywords: Classic User: N/A Computer: DESKTOP-MDFHAIM Description: The operation completed successfully. Event Xml:

<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event"> <System> <Provider Name="Quick Assist" /> <EventID Qualifiers="0">0</EventID> <Version>0</Version> <Level>4</Level> <Task>0</Task> <Opcode>0</Opcode> <Keywords>0x80000000000000</Keywords> <TimeCreated SystemTime="2023-10-07T08:21:50.1876427Z" /> <EventRecordID>289857</EventRecordID> <Correlation /> <Execution ProcessID="0" ThreadID="0" /> <Channel>Application</Channel> <Computer>DESKTOP-MDFHAIM</Computer> <Security /> </System> <EventData> <Data>Info: WebView2 Found, Version: 117.0.2045.47</Data> </EventData> </Event>

Log Name: Application Source: Quick Assist Date: 10/7/2023 1:21:50 AM Event ID: 0 Task Category: None Level: Information Keywords: Classic User: N/A Computer: DESKTOP-MDFHAIM Description: The operation completed successfully. Event Xml:

<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event"> <System> <Provider Name="Quick Assist" /> <EventID Qualifiers="0">0</EventID> <Version>0</Version> <Level>4</Level> <Task>0</Task> <Opcode>0</Opcode> <Keywords>0x80000000000000</Keywords> <TimeCreated SystemTime="2023-10-07T08:21:50.0786176Z" /> <EventRecordID>289856</EventRecordID> <Correlation /> <Execution ProcessID="0" ThreadID="0" /> <Channel>Application</Channel> <Computer>DESKTOP-MDFHAIM</Computer> <Security /> </System> <EventData> <Data>Error: D:\a_work\1\s\src\win32app\AppWindow.cpp(239)\QuickAssist.exe!00007FF79621A451: (caller: 00007FFA3190E858) ReturnHr(1) tid(688c) 87BD0005 </Data> </EventData> </Event>

Log Name: Application Source: Quick Assist Date: 10/7/2023 1:21:50 AM Event ID: 0 Task Category: None Level: Information Keywords: Classic User: N/A Computer: DESKTOP-MDFHAIM Description: The operation completed successfully. Event Xml:

<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event"> <System> <Provider Name="Quick Assist" /> <EventID Qualifiers="0">0</EventID> <Version>0</Version> <Level>4</Level> <Task>0</Task> <Opcode>0</Opcode> <Keywords>0x80000000000000</Keywords> <TimeCreated SystemTime="2023-10-07T08:21:50.0436106Z" /> <EventRecordID>289855</EventRecordID> <Correlation /> <Execution ProcessID="0" ThreadID="0" /> <Channel>Application</Channel> <Computer>DESKTOP-MDFHAIM</Computer> <Security /> </System> <EventData> <Data>QuickAssist.exe launched</Data> </EventData> </Event> ```

Author
Account Strength
90%
Account Age
11 years
Verified Email
Yes
Verified Flair
No
Total Karma
677
Link Karma
6
Comment Karma
671
Profile updated: 2 days ago
lovesoosh

Subreddit

r/AskNetsec

Post Details

We try to extract some basic information from the post title. This is not always successful or accurate, please use your best judgement and compare these values to the post title and body for confirmation.
Posted
1 year ago
Reddit URL
View post on reddit.com
External URL
reddit.com/r/AskNetsec/c...