Found a Security Identifier (SID) listed under Security Permissions on this PC. It begins S-1-15-3. You read that right, S-1-15-3. Could anyone explain what this SID prefix means? Microsoft don't list this prefix on their SID prefix page. How can I trace what was the IP of the computer that created this SID? If it wasn't a remote connection how can I trace what application or account created and/or used this SID? This has been a project of mine for quite some time.
Are you on Windows 10? Here is one similar question: https://social.technet.microsoft.co...using-the-flood-of-dcom?forum=win10itprosetup ... and one of the answers: