@george1421 I ended up finding what I was looking for here
TrustedInstaller.exe is suspect. But, it could be any of these processes. Some I recognize, some I don’t. For example, it’s not winlogin.exe or lsass.exe or svchost.exe or cmd.exe
Fixed in RC-9. Thanks for reporting.