Thanks to visit codestin.com
Credit goes to www.scribd.com

Scribd
Upload
50 views15 pages

Process List

The document lists process information from a Windows system. It includes the process ID, name, and command line for each running process such as explorer.exe, Discord, Steam, and others.

Uploaded by

blackcaliber44
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
50 views15 pages

Process List

The document lists process information from a Windows system. It includes the process ID, name, and command line for each running process such as explorer.exe, Discord, Steam, and others.

Uploaded by

blackcaliber44
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
You are on page 1/ 15

***********************************************

* _ _ _ _ *
* / \ / \ / \ / \ *
* ( M | E | T | A ) *
* \_/ \_/ \_/ \_/ *
* *
* Telegram: https://t.me/metastealer_bot *
***********************************************

ID: 740, Name: csrss.exe, CommandLine:


===============
ID: 832, Name: winlogon.exe, CommandLine: winlogon.exe
===============
ID: 996, Name: fontdrvhost.exe, CommandLine: "fontdrvhost.exe"
===============
ID: 1180, Name: dwm.exe, CommandLine: "dwm.exe"
===============
ID: 3280, Name: gameinputsvc.exe, CommandLine: "C:\Program Files (x86)\Microsoft
GameInput\x64\gameinputsvc.exe" Global\GameInputSession_1
===============
ID: 792, Name: RpcDND_Console.exe, CommandLine: "C:\Program Files (x86)\RemotePC\
RpcDND_Console.exe"
===============
ID: 1300, Name: sihost.exe, CommandLine: sihost.exe
===============
ID: 6992, Name: uihost.exe, CommandLine: "C:\Program Files\McAfee\WebAdvisor\
UIHost.exe"
===============
ID: 7000, Name: svchost.exe, CommandLine: C:\WINDOWS\system32\svchost.exe -k
UnistackSvcGroup -s CDPUserSvc
===============
ID: 6728, Name: svchost.exe, CommandLine: C:\WINDOWS\system32\svchost.exe -k
UnistackSvcGroup -s WpnUserService
===============
ID: 5532, Name: taskhostw.exe, CommandLine: taskhostw.exe {222A245B-E637-4AE9-A93F-
A59CA119A75E}
===============
ID: 5216, Name: WiseMemoryOptimzer.exe, CommandLine: "C:\Program Files\Wise\Wise
Memory Optimizer\WiseMemoryOptimzer.exe" -a
===============
ID: 3168, Name: ctfmon.exe, CommandLine: "ctfmon.exe"
===============
ID: 5964, Name: explorer.exe, CommandLine: C:\WINDOWS\Explorer.EXE
===============
ID: 6452, Name: igfxEM.exe, CommandLine: "C:\WINDOWS\System32\DriverStore\
FileRepository\cui_dch.inf_amd64_38cfab2b652e4701\igfxEM.exe"
===============
ID: 7264, Name: svchost.exe, CommandLine: C:\WINDOWS\system32\svchost.exe -k
ClipboardSvcGroup -p -s cbdhsvc
===============
ID: 6592, Name: DSATray.exe, CommandLine: "C:\Program Files (x86)\Intel\Driver and
Support Assistant\DSATray.exe"
===============
ID: 8048, Name: TextInputHost.exe, CommandLine: "C:\WINDOWS\SystemApps\
MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TextInputHost.exe" -
ServerName:InputApp.AppXjd5de1g66v206tj52m9d0dtpppx4cgpn.mca
===============
ID: 7928, Name: StartMenuExperienceHost.exe, CommandLine: "C:\Windows\SystemApps\
Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\
StartMenuExperienceHost.exe" -
ServerName:App.AppXywbrabmsek0gm3tkwpr5kwzbs55tkqay.mca
===============
ID: 4692, Name: RuntimeBroker.exe, CommandLine: C:\Windows\System32\
RuntimeBroker.exe -Embedding
===============
ID: 8020, Name: RuntimeBroker.exe, CommandLine: C:\Windows\System32\
RuntimeBroker.exe -Embedding
===============
ID: 8440, Name: dllhost.exe, CommandLine: C:\WINDOWS\system32\DllHost.exe
/Processid:{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
===============
ID: 8656, Name: svchost.exe, CommandLine: C:\WINDOWS\system32\svchost.exe -k
UnistackSvcGroup
===============
ID: 8600, Name: SecurityHealthSystray.exe, CommandLine: "C:\Windows\System32\
SecurityHealthSystray.exe"
===============
ID: 8552, Name: RtkAudUService64.exe, CommandLine: "C:\Windows\System32\
RtkAudUService64.exe" -background
===============
ID: 9256, Name: IGCCTray.exe, CommandLine: "C:\Program Files\WindowsApps\
AppUp.IntelGraphicsExperience_1.100.3408.0_x64__8j3eq9eme6ctt\
GCP.ML.BackgroundSysTray\IGCCTray.exe"
===============
ID: 9424, Name: Discord.exe, CommandLine: "C:\Users\usuario\AppData\Local\Discord\
app-1.0.9012\Discord.exe"
===============
ID: 8776, Name: Discord.exe, CommandLine: C:\Users\usuario\AppData\Local\Discord\
app-1.0.9012\Discord.exe --type=crashpad-handler --user-data-dir=C:\Users\usuario\
AppData\Roaming\discord /prefetch:7 --no-rate-limit --monitor-self-
annotation=ptype=crashpad-handler --database=C:\Users\usuario\AppData\Roaming\
discord\Crashpad --url=https://sentry.io/api/146342/minidump/?
sentry_key=384ce4413de74fe0be270abe03b2b35a "--annotation=_companyName=Discord
Inc." --annotation=_productName=Discord --annotation=_version=1.0.9012 --
annotation=plat=Win32 --annotation=prod=Electron --annotation=ver=22.3.2 --initial-
client-data=0x4b0,0x4b4,0x4b8,0x4ac,0x4bc,0x84aef78,0x84aef88,0x84aef94
===============
ID: 11204, Name: esrv.exe, CommandLine: "C:\Program Files\Intel\SUR\QUEENCREEK\x64\
esrv.exe" "--start" "--start_options_handle" "1060"
===============
ID: 10100, Name: Discord.exe, CommandLine: "C:\Users\usuario\AppData\Local\Discord\
app-1.0.9012\Discord.exe" --type=gpu-process --user-data-dir="C:\Users\usuario\
AppData\Roaming\discord" --gpu-
preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAA
AAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAA
AOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-
handle=1768 --field-trial-
handle=1740,i,1118569064329134349,5127168284832122066,131072 --disable-
features=HardwareMediaKeyHandling,MediaSessionService,SpareRendererForSitePerProces
s,WinRetrieveSuggestionsOnlyOnDemand /prefetch:2
===============
ID: 11324, Name: Discord.exe, CommandLine: "C:\Users\usuario\AppData\Local\Discord\
app-1.0.9012\Discord.exe" --type=utility --utility-sub-
type=network.mojom.NetworkService --lang=es-419 --service-sandbox-type=none --user-
data-dir="C:\Users\usuario\AppData\Roaming\discord" --mojo-platform-channel-
handle=2208 --field-trial-
handle=1740,i,1118569064329134349,5127168284832122066,131072 --disable-
features=HardwareMediaKeyHandling,MediaSessionService,SpareRendererForSitePerProces
s,WinRetrieveSuggestionsOnlyOnDemand /prefetch:8
===============
ID: 12112, Name: Discord.exe, CommandLine: "C:\Users\usuario\AppData\Local\Discord\
app-1.0.9012\Discord.exe" --type=renderer --user-data-dir="C:\Users\usuario\
AppData\Roaming\discord" --app-user-model-id=com.squirrel.Discord.Discord --app-
path="C:\Users\usuario\AppData\Local\Discord\app-1.0.9012\resources\app.asar" --no-
sandbox --no-zygote --autoplay-policy=no-user-gesture-required --lang=es-419 --
device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=5 --time-ticks-
at-unix-epoch=-1681672099186086 --launch-time-ticks=393149627 --mojo-platform-
channel-handle=3352 --field-trial-
handle=1740,i,1118569064329134349,5127168284832122066,131072 --disable-
features=HardwareMediaKeyHandling,MediaSessionService,SpareRendererForSitePerProces
s,WinRetrieveSuggestionsOnlyOnDemand --enable-node-leakage-in-renderers /prefetch:1
===============
ID: 6300, Name: Discord.exe, CommandLine: "C:\Users\usuario\AppData\Local\Discord\
app-1.0.9012\Discord.exe" --type=utility --utility-sub-
type=audio.mojom.AudioService --lang=es-419 --service-sandbox-type=audio --user-
data-dir="C:\Users\usuario\AppData\Roaming\discord" --mojo-platform-channel-
handle=3792 --field-trial-
handle=1740,i,1118569064329134349,5127168284832122066,131072 --disable-
features=HardwareMediaKeyHandling,MediaSessionService,SpareRendererForSitePerProces
s,WinRetrieveSuggestionsOnlyOnDemand /prefetch:8
===============
ID: 13216, Name: lghub.exe, CommandLine: C:\Program Files\LGHUB\lghub.exe
===============
ID: 8544, Name: lghub_system_tray.exe, CommandLine: "C:\Program Files\LGHUB\
system_tray\lghub_system_tray.exe" --background
===============
ID: 5536, Name: lghub.exe, CommandLine: "C:\Program Files\LGHUB\lghub.exe" --
type=gpu-process --user-data-dir="C:\Users\usuario\AppData\Roaming/lghub" --gpu-
preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAA
AOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-
handle=1816 --field-trial-
handle=2108,i,13892160948214354924,12434179736336477570,131072 --disable-
features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand
/prefetch:2
===============
ID: 6284, Name: lghub.exe, CommandLine: "C:\Program Files\LGHUB\lghub.exe" --
type=utility --utility-sub-type=network.mojom.NetworkService --lang=es-419 --
service-sandbox-type=none --user-data-dir="C:\Users\usuario\AppData\Roaming/lghub"
--mojo-platform-channel-handle=1984 --field-trial-
handle=2108,i,13892160948214354924,12434179736336477570,131072 --disable-
features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand
/prefetch:8
===============
ID: 9780, Name: unsecapp.exe, CommandLine: C:\WINDOWS\system32\wbem\unsecapp.exe -
Embedding
===============
ID: 11260, Name: lghub.exe, CommandLine: "C:\Program Files\LGHUB\lghub.exe" --
type=crashpad-handler --user-data-dir=C:\Users\usuario\AppData\Roaming/lghub
/prefetch:7 --no-rate-limit --monitor-self-annotation=ptype=crashpad-handler --
database=C:\Users\usuario\AppData\Roaming/lghub\Crashpad
--url=https://sentry.io/api/1781306/minidump/?
sentry_key=1acfc2df38074a0f9dcec78020cd4653 "--annotation=_productName=G HUB" --
annotation=_version=2023.3.396302 --annotation=plat=Win64 --
annotation=prod=Electron "--
annotation=sentry___initialScope={\"release\":\"2023.3\",\"environment\":\"Developm
ent\"}" --annotation=ver=20.0.0 --initial-client-
data=0xdac,0xdb0,0xdbc,0xdb8,0xdc0,0x7ff775e89828,0x7ff775e89838,0x7ff775e89848
===============
ID: 12176, Name: RuntimeBroker.exe, CommandLine: C:\Windows\System32\
RuntimeBroker.exe -Embedding
===============
ID: 12532, Name: steam.exe, CommandLine: "C:\Program Files (x86)\Steam\steam.exe"
-- "steam://rungameid/291550"
===============
ID: 12572, Name: steamwebhelper.exe, CommandLine: "C:\Program Files (x86)\Steam\
bin\cef\cef.win7x64\steamwebhelper.exe" "-lang=es_ES" "-cachedir=C:\Users\usuario\
AppData\Local\Steam\htmlcache" "-steampid=12532" "-buildid=1679680416" "-steamid=0"
"-logdir=C:\Program Files (x86)\Steam\logs" "-steamuniverse=Public" "-realm=Global"
"-clientui=C:\Program Files (x86)\Steam\clientui" --enable-media-stream --enable-
smooth-scrolling --enable-direct-write "--log-file=C:\Program Files (x86)\Steam\
logs\cef_log.txt" --disable-quick-menu --disable-features=SameSiteByDefaultCookies
--enable-blink-features=ResizeObserver,Worklet,AudioWorklet --disable-blink-
features=Badging
===============
ID: 8688, Name: steamwebhelper.exe, CommandLine: "C:\Program Files (x86)\Steam\bin\
cef\cef.win7x64\steamwebhelper.exe" --type=crashpad-handler /prefetch:7 --max-
uploads=5 --max-db-size=20 --max-db-age=5 --monitor-self-annotation=ptype=crashpad-
handler "--database=C:\Program Files (x86)\Steam\dumps" "--metrics-dir=C:\Users\
usuario\AppData\Local\CEF\User Data" --url=https://crash.steampowered.com/submit --
annotation=platform=win64 --annotation=product=cefwebhelper --
annotation=version=1679680416 --initial-client-
data=0x3ac,0x3b0,0x3b4,0x388,0x3b8,0x7ffc934ff070,0x7ffc934ff080,0x7ffc934ff090
===============
ID: 1464, Name: steamwebhelper.exe, CommandLine: "C:\Program Files (x86)\Steam\bin\
cef\cef.win7x64\steamwebhelper.exe" --type=gpu-process --field-trial-
handle=1716,16658556173608391926,11029575220954241214,131072 --enable-
features=CastMediaRouteProvider --disable-features=SameSiteByDefaultCookies --log-
file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --product-version="Valve Steam
Client" --lang=es-AR --buildid=1679680416 --steamid=0 --gpu-
preferences=MAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAQAAAAAAAAAAAAAAAAAAAAKAAAAAQ
AAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAA
AGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAA= --log-file="C:\Program Files
(x86)\Steam\logs\cef_log.txt" --mojo-platform-channel-handle=1724 /prefetch:2
===============
ID: 11336, Name: steamwebhelper.exe, CommandLine: "C:\Program Files (x86)\Steam\
bin\cef\cef.win7x64\steamwebhelper.exe" --type=utility --utility-sub-
type=network.mojom.NetworkService --field-trial-
handle=1716,16658556173608391926,11029575220954241214,131072 --enable-
features=CastMediaRouteProvider --disable-features=SameSiteByDefaultCookies --
lang=es-419 --service-sandbox-type=network --log-file="C:\Program Files (x86)\
Steam\logs\cef_log.txt" --product-version="Valve Steam Client" --lang=es-AR --
buildid=1679680416 --steamid=0 --log-file="C:\Program Files (x86)\Steam\logs\
cef_log.txt" --mojo-platform-channel-handle=1592 /prefetch:8
===============
ID: 12400, Name: steamwebhelper.exe, CommandLine: "C:\Program Files (x86)\Steam\
bin\cef\cef.win7x64\steamwebhelper.exe" --type=renderer --log-file="C:\Program
Files (x86)\Steam\logs\cef_log.txt" --field-trial-
handle=1716,16658556173608391926,11029575220954241214,131072 --enable-
features=CastMediaRouteProvider --disable-features=SameSiteByDefaultCookies --
enable-blink-features=ResizeObserver,Worklet,AudioWorklet --disable-blink-
features=Badging --lang=es-419 --log-file="C:\Program Files (x86)\Steam\logs\
cef_log.txt" --product-version="Valve Steam Client" --buildid=1679680416 --
steamid=0 --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=4 --
mojo-platform-channel-handle=2512 /prefetch:1
===============
ID: 9524, Name: steamwebhelper.exe, CommandLine: "C:\Program Files (x86)\Steam\bin\
cef\cef.win7x64\steamwebhelper.exe" --type=renderer --log-file="C:\Program Files
(x86)\Steam\logs\cef_log.txt" --field-trial-
handle=1716,16658556173608391926,11029575220954241214,131072 --enable-
features=CastMediaRouteProvider --disable-features=SameSiteByDefaultCookies --
enable-blink-features=ResizeObserver,Worklet,AudioWorklet --disable-blink-
features=Badging --lang=es-419 --log-file="C:\Program Files (x86)\Steam\logs\
cef_log.txt" --product-version="Valve Steam Client" --buildid=1679680416 --
steamid=0 --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=5 --
mojo-platform-channel-handle=2876 /prefetch:1
===============
ID: 11788, Name: steamwebhelper.exe, CommandLine: "C:\Program Files (x86)\Steam\
bin\cef\cef.win7x64\steamwebhelper.exe" --type=renderer --log-file="C:\Program
Files (x86)\Steam\logs\cef_log.txt" --field-trial-
handle=1716,16658556173608391926,11029575220954241214,131072 --enable-
features=CastMediaRouteProvider --disable-features=SameSiteByDefaultCookies --
enable-blink-features=ResizeObserver,Worklet,AudioWorklet --disable-blink-
features=Badging --lang=es-419 --log-file="C:\Program Files (x86)\Steam\logs\
cef_log.txt" --product-version="Valve Steam Client" --buildid=1679680416 --
steamid=0 --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=7 --
mojo-platform-channel-handle=3288 /prefetch:1
===============
ID: 15064, Name: ApplicationFrameHost.exe, CommandLine: C:\WINDOWS\system32\
ApplicationFrameHost.exe -Embedding
===============
ID: 14624, Name: RtkUWP.exe, CommandLine: "C:\Program Files\WindowsApps\
RealtekSemiconductorCorp.RealtekAudioControl_1.2.175.0_x64__dt26b99r8h8gj\
RtkUWP.exe" -ServerName:App.AppX2vzv616czv2j97f46vn25b5ksjvhr8z1.mca
===============
ID: 15168, Name: RuntimeBroker.exe, CommandLine: C:\Windows\System32\
RuntimeBroker.exe -Embedding
===============
ID: 9828, Name: dllhost.exe, CommandLine: C:\WINDOWS\system32\DllHost.exe
/Processid:{973D20D7-562D-44B9-B70B-5A0F49CCDF3F}
===============
ID: 9020, Name: SearchApp.exe, CommandLine: "C:\WINDOWS\SystemApps\
Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe" -
ServerName:ShellFeedsUI.AppX88fpyyrd21w8wqe62wzsjh5agex7tf1e.mca
===============
ID: 14956, Name: ShellExperienceHost.exe, CommandLine: "C:\WINDOWS\SystemApps\
ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -
ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
===============
ID: 7424, Name: RuntimeBroker.exe, CommandLine: C:\Windows\System32\
RuntimeBroker.exe -Embedding
===============
ID: 9528, Name: steamwebhelper.exe, CommandLine: "C:\Program Files (x86)\Steam\bin\
cef\cef.win7x64\steamwebhelper.exe" --type=utility --utility-sub-
type=audio.mojom.AudioService --field-trial-
handle=1716,16658556173608391926,11029575220954241214,131072 --enable-
features=CastMediaRouteProvider --disable-features=SameSiteByDefaultCookies --
lang=es-419 --service-sandbox-type=audio --log-file="C:\Program Files (x86)\Steam\
logs\cef_log.txt" --product-version="Valve Steam Client" --lang=es-AR --
buildid=1679680416 --steamid=0 --log-file="C:\Program Files (x86)\Steam\logs\
cef_log.txt" --mojo-platform-channel-handle=3708 /prefetch:8
===============
ID: 4064, Name: Microsoft.Photos.exe, CommandLine: "C:\Program Files\WindowsApps\
Microsoft.Windows.Photos_2022.30070.26007.0_x64__8wekyb3d8bbwe\
Microsoft.Photos.exe" -ServerName:App.AppXzst44mncqdg84v7sv6p7yznqwssy6f7f.mca
===============
ID: 3692, Name: RuntimeBroker.exe, CommandLine: C:\Windows\System32\
RuntimeBroker.exe -Embedding
===============
ID: 15820, Name: CompPkgSrv.exe, CommandLine: C:\Windows\System32\CompPkgSrv.exe -
Embedding
===============
ID: 18868, Name: rundll32.exe, CommandLine: "C:\WINDOWS\system32\rundll32.exe" -
localserver 22d8c27b-47a1-48d1-ad08-7da7abd79617
===============
ID: 14532, Name: SearchApp.exe, CommandLine: "C:\WINDOWS\SystemApps\
Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe" -
ServerName:CortanaUI.AppX8z9r6jm96hw4bsbneegw0kyxx296wr9t.mca
===============
ID: 13724, Name: steamwebhelper.exe, CommandLine: "C:\Program Files (x86)\Steam\
bin\cef\cef.win7x64\steamwebhelper.exe" --type=renderer --log-file="C:\Program
Files (x86)\Steam\logs\cef_log.txt" --field-trial-
handle=1716,16658556173608391926,11029575220954241214,131072 --enable-
features=CastMediaRouteProvider --disable-features=SameSiteByDefaultCookies --
enable-blink-features=ResizeObserver,Worklet,AudioWorklet --disable-blink-
features=Badging --lang=es-419 --log-file="C:\Program Files (x86)\Steam\logs\
cef_log.txt" --product-version="Valve Steam Client" --buildid=1679680416 --
steamid=0 --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=19 --
mojo-platform-channel-handle=3204 /prefetch:1
===============
ID: 5004, Name: lghub_agent.exe, CommandLine: "C:\Program Files\LGHUB\
lghub_agent.exe"
===============
ID: 1188, Name: logi_crashpad_handler.exe, CommandLine: "C:\Program Files\LGHUB\
logi_crashpad_handler.exe" --no-rate-limit --database=C:\Users\usuario\AppData\
Local\LGHUB\sentry_db_lghub_agent --metrics-dir=C:\Users\usuario\AppData\Local\
LGHUB\sentry_db_lghub_agent --url=https://sentry.io:443/api/1779200/minidump/?
sentry_client=sentry.native/0.4.14&sentry_key=91ca51384751442380bd8987a6be91ab --
attachment=C:\ProgramData\LGHUB\installation.json --attachment=C:\ProgramData\
LGHUB\next.json --attachment=C:\ProgramData\LGHUB\current.json --attachment=C:\
Users\usuario\AppData\Local\LGHUB\settings.db --attachment=C:\Users\usuario\
AppData\Local\LGHUB\sentry_db_lghub_agent\e42647a0-0987-456d-1d51-be60b6731bb4.run\
__sentry-event --attachment=C:\Users\usuario\AppData\Local\LGHUB\
sentry_db_lghub_agent\e42647a0-0987-456d-1d51-be60b6731bb4.run\__sentry-breadcrumb1
--attachment=C:\Users\usuario\AppData\Local\LGHUB\sentry_db_lghub_agent\e42647a0-
0987-456d-1d51-be60b6731bb4.run\__sentry-breadcrumb2 --initial-client-
data=0x908,0x910,0x914,0x8dc,0x900,0x7ff702c8b4d0,0x7ff702c8b4f0,0x7ff702c8b508
===============
ID: 6632, Name: EpicGamesLauncher.exe, CommandLine: "C:\Program Files (x86)\Epic
Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe"
===============
ID: 22852, Name: EpicWebHelper.exe, CommandLine: "C:/Program Files (x86)/Epic
Games/Launcher/Engine/Binaries/Win64/EpicWebHelper.exe" --type=gpu-process --field-
trial-handle=2028,3678894215680697791,11844017225311339794,131072 --disable-
features=CalculateNativeWinOcclusion --no-sandbox --locales-dir-path="C:/Program
Files (x86)/Epic
Games/Launcher/Engine/Binaries/ThirdParty/CEF3/Win64/Resources/locales" --log-
file=C:/Users/usuario/AppData/Local/EpicGamesLauncher/Saved/Logs/cef3.log --log-
severity=warning --resources-dir-path="C:/Program Files (x86)/Epic
Games/Launcher/Engine/Binaries/ThirdParty/CEF3/Win64/Resources" --user-agent-
product="EpicGamesLauncher/14.7.1-24660660+++Portal+Release-Live
UnrealEngine/4.27.0-24660660+++Portal+Release-Live Chrome/90.0.4430.212" --lang=es-
MX --gpu-
preferences=SAAAAAAAAADgACAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAA
AAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIA
AAAAAAAAAgAAAAAAAAA
--log-file=C:/Users/usuario/AppData/Local/EpicGamesLauncher/Saved/Logs/cef3.log --
mojo-platform-channel-handle=2084 /prefetch:2
===============
ID: 23864, Name: EpicWebHelper.exe, CommandLine: "C:/Program Files (x86)/Epic
Games/Launcher/Engine/Binaries/Win64/EpicWebHelper.exe" --type=utility --utility-
sub-type=network.mojom.NetworkService --field-trial-
handle=2028,3678894215680697791,11844017225311339794,131072 --disable-
features=CalculateNativeWinOcclusion --lang=es-419 --service-sandbox-type=none --
no-sandbox --locales-dir-path="C:/Program Files (x86)/Epic
Games/Launcher/Engine/Binaries/ThirdParty/CEF3/Win64/Resources/locales" --log-
file=C:/Users/usuario/AppData/Local/EpicGamesLauncher/Saved/Logs/cef3.log --log-
severity=warning --resources-dir-path="C:/Program Files (x86)/Epic
Games/Launcher/Engine/Binaries/ThirdParty/CEF3/Win64/Resources" --user-agent-
product="EpicGamesLauncher/14.7.1-24660660+++Portal+Release-Live
UnrealEngine/4.27.0-24660660+++Portal+Release-Live Chrome/90.0.4430.212" --lang=es-
MX --log-file=C:/Users/usuario/AppData/Local/EpicGamesLauncher/Saved/Logs/cef3.log
--mojo-platform-channel-handle=2592 /prefetch:8
===============
ID: 24212, Name: EpicWebHelper.exe, CommandLine: "C:/Program Files (x86)/Epic
Games/Launcher/Engine/Binaries/Win64/EpicWebHelper.exe" --type=renderer --no-
sandbox --log-file=C:/Users/usuario/AppData/Local/EpicGamesLauncher/Saved/Logs/
cef3.log --field-trial-handle=2028,3678894215680697791,11844017225311339794,131072
--disable-features=CalculateNativeWinOcclusion --lang=es-419 --locales-dir-
path="C:/Program Files (x86)/Epic
Games/Launcher/Engine/Binaries/ThirdParty/CEF3/Win64/Resources/locales" --log-
file=C:/Users/usuario/AppData/Local/EpicGamesLauncher/Saved/Logs/cef3.log --log-
severity=warning --resources-dir-path="C:/Program Files (x86)/Epic
Games/Launcher/Engine/Binaries/ThirdParty/CEF3/Win64/Resources" --user-agent-
product="EpicGamesLauncher/14.7.1-24660660+++Portal+Release-Live
UnrealEngine/4.27.0-24660660+++Portal+Release-Live Chrome/90.0.4430.212" --device-
scale-factor=1 --num-raster-threads=1 --renderer-client-id=5 --no-v8-untrusted-
code-mitigations --mojo-platform-channel-handle=2744 /prefetch:1
===============
ID: 24220, Name: EpicWebHelper.exe, CommandLine: "C:/Program Files (x86)/Epic
Games/Launcher/Engine/Binaries/Win64/EpicWebHelper.exe" --type=renderer --no-
sandbox --log-file=C:/Users/usuario/AppData/Local/EpicGamesLauncher/Saved/Logs/
cef3.log --field-trial-handle=2028,3678894215680697791,11844017225311339794,131072
--disable-features=CalculateNativeWinOcclusion --lang=es-419 --locales-dir-
path="C:/Program Files (x86)/Epic
Games/Launcher/Engine/Binaries/ThirdParty/CEF3/Win64/Resources/locales" --log-
file=C:/Users/usuario/AppData/Local/EpicGamesLauncher/Saved/Logs/cef3.log --log-
severity=warning --resources-dir-path="C:/Program Files (x86)/Epic
Games/Launcher/Engine/Binaries/ThirdParty/CEF3/Win64/Resources" --user-agent-
product="EpicGamesLauncher/14.7.1-24660660+++Portal+Release-Live
UnrealEngine/4.27.0-24660660+++Portal+Release-Live Chrome/90.0.4430.212" --device-
scale-factor=1 --num-raster-threads=1 --renderer-client-id=4 --no-v8-untrusted-
code-mitigations --mojo-platform-channel-handle=2752 /prefetch:1
===============
ID: 22632, Name: PhoneExperienceHost.exe, CommandLine: "C:\Program Files\
WindowsApps\Microsoft.YourPhone_1.22092.211.0_x64__8wekyb3d8bbwe\
PhoneExperienceHost.exe" -ComServer:Background -Embedding
===============
ID: 30600, Name: chrome.exe, CommandLine: "C:\Program Files (x86)\Google\Chrome\
Application\chrome.exe" --profile-directory="Profile 4"
===============
ID: 32296, Name: chrome.exe, CommandLine: "C:\Program Files (x86)\Google\Chrome\
Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\usuario\
AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-
annotation=ptype=crashpad-handler "--database=C:\Users\usuario\AppData\Local\
Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\usuario\AppData\Local\
Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --
annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --
annotation=ver=107.0.5304.108 --initial-client-
data=0x110,0x114,0x118,0xec,0xc,0x7ffc1b949e68,0x7ffc1b949e78,0x7ffc1b949e88
===============
ID: 31804, Name: chrome.exe, CommandLine: "C:\Program Files (x86)\Google\Chrome\
Application\chrome.exe" --type=gpu-process --gpu-
preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAA
AAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAA
AOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-
handle=1692 --field-trial-
handle=2064,i,7741522595699167436,8666959540695824112,131072 /prefetch:2
===============
ID: 31156, Name: chrome.exe, CommandLine: "C:\Program Files (x86)\Google\Chrome\
Application\chrome.exe" --type=utility --utility-sub-
type=network.mojom.NetworkService --lang=es-419 --service-sandbox-type=none --mojo-
platform-channel-handle=1936 --field-trial-
handle=2064,i,7741522595699167436,8666959540695824112,131072 /prefetch:8
===============
ID: 32112, Name: chrome.exe, CommandLine: "C:\Program Files (x86)\Google\Chrome\
Application\chrome.exe" --type=utility --utility-sub-
type=storage.mojom.StorageService --lang=es-419 --service-sandbox-type=utility --
mojo-platform-channel-handle=2284 --field-trial-
handle=2064,i,7741522595699167436,8666959540695824112,131072 /prefetch:8
===============
ID: 30968, Name: chrome.exe, CommandLine: "C:\Program Files (x86)\Google\Chrome\
Application\chrome.exe" --type=renderer --display-capture-permissions-policy-
allowed --first-renderer-process --lang=es-419 --device-scale-factor=1 --num-
raster-threads=1 --renderer-client-id=6 --time-ticks-at-unix-epoch=-
1681672103653583 --launch-time-ticks=256085560677 --mojo-platform-channel-
handle=3220 --field-trial-
handle=2064,i,7741522595699167436,8666959540695824112,131072 /prefetch:1
===============
ID: 32748, Name: chrome.exe, CommandLine: "C:\Program Files (x86)\Google\Chrome\
Application\chrome.exe" --type=renderer --extension-process --display-capture-
permissions-policy-allowed --lang=es-419 --device-scale-factor=1 --num-raster-
threads=1 --renderer-client-id=7 --time-ticks-at-unix-epoch=-1681672103653583 --
launch-time-ticks=256086652253 --mojo-platform-channel-handle=4528 --field-trial-
handle=2064,i,7741522595699167436,8666959540695824112,131072 /prefetch:1
===============
ID: 18472, Name: cmd.exe, CommandLine: C:\WINDOWS\system32\cmd.exe /d /c "C:\
Program Files\McAfee\WebAdvisor\BrowserHost.exe"
chrome-extension://fheoggkfdfchfphceeifdbepaooicaho/ --parent-window=0 < \\.\pipe\
chrome.nativeMessaging.in.f6a8ba1a88dfcd5a > \\.\pipe\
chrome.nativeMessaging.out.f6a8ba1a88dfcd5a
===============
ID: 31964, Name: conhost.exe, CommandLine: \??\C:\WINDOWS\system32\conhost.exe 0x4
===============
ID: 28668, Name: cmd.exe, CommandLine: C:\WINDOWS\system32\cmd.exe /d /c "C:\
Program Files\McAfee\WebAdvisor\BrowserHost.exe"
chrome-extension://fheoggkfdfchfphceeifdbepaooicaho/ --parent-window=0 < \\.\pipe\
chrome.nativeMessaging.in.c416c07d4f912804 > \\.\pipe\
chrome.nativeMessaging.out.c416c07d4f912804
===============
ID: 22096, Name: conhost.exe, CommandLine: \??\C:\WINDOWS\system32\conhost.exe 0x4
===============
ID: 30824, Name: browserhost.exe, CommandLine: "C:\Program Files\McAfee\WebAdvisor\
BrowserHost.exe" chrome-extension://fheoggkfdfchfphceeifdbepaooicaho/ --parent-
window=0
===============
ID: 29924, Name: browserhost.exe, CommandLine: "C:\Program Files\McAfee\WebAdvisor\
BrowserHost.exe" chrome-extension://fheoggkfdfchfphceeifdbepaooicaho/ --parent-
window=0
===============
ID: 22772, Name: chrome.exe, CommandLine: "C:\Program Files (x86)\Google\Chrome\
Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService
--lang=es-419 --service-sandbox-type=audio --mojo-platform-channel-handle=3492 --
field-trial-handle=2064,i,7741522595699167436,8666959540695824112,131072
/prefetch:8
===============
ID: 28016, Name: msedge.exe, CommandLine: "C:\Program Files (x86)\Microsoft\Edge\
Application\msedge.exe" --flag-switches-begin --flag-switches-end --no-startup-
window /prefetch:5
===============
ID: 27584, Name: msedge.exe, CommandLine: "C:\Program Files (x86)\Microsoft\Edge\
Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\usuario\
AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-
annotation=ptype=crashpad-handler "--database=C:\Users\usuario\AppData\Local\
Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\usuario\AppData\Local\
Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --
annotation=chromium-version=105.0.5195.127 "--annotation=exe=C:\Program Files
(x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--
annotation=prod=Microsoft Edge" --annotation=ver=105.0.1343.42 --initial-client-
data=0x10c,0x110,0x114,0xec,0x1ac,0x7ffc75445850,0x7ffc75445860,0x7ffc75445870
===============
ID: 23000, Name: msedge.exe, CommandLine: "C:\Program Files (x86)\Microsoft\Edge\
Application\msedge.exe" --type=gpu-process --gpu-
preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAA
AOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-
handle=2076 --field-trial-
handle=2228,i,4499709946258424554,4730033275178688628,131072 /prefetch:2
===============
ID: 30104, Name: msedge.exe, CommandLine: "C:\Program Files (x86)\Microsoft\Edge\
Application\msedge.exe" --type=utility --utility-sub-
type=network.mojom.NetworkService --lang=es-419 --service-sandbox-type=none --mojo-
platform-channel-handle=2272 --field-trial-
handle=2228,i,4499709946258424554,4730033275178688628,131072 /prefetch:3
===============
ID: 29728, Name: msedge.exe, CommandLine: "C:\Program Files (x86)\Microsoft\Edge\
Application\msedge.exe" --type=utility --utility-sub-
type=storage.mojom.StorageService --lang=es-419 --service-sandbox-type=utility --
mojo-platform-channel-handle=2640 --field-trial-
handle=2228,i,4499709946258424554,4730033275178688628,131072 /prefetch:8
===============
ID: 31012, Name: msedge.exe, CommandLine: "C:\Program Files (x86)\Microsoft\Edge\
Application\msedge.exe" --type=utility --utility-sub-
type=password_manager.breach_detection.mojom.EdgePasswordDataProcessor --lang=es-
419 --service-sandbox-type=utility --mojo-platform-channel-handle=1600 --field-
trial-handle=2228,i,4499709946258424554,4730033275178688628,131072 /prefetch:8
===============
ID: 26204, Name: chrome.exe, CommandLine: "C:\Program Files (x86)\Google\Chrome\
Application\chrome.exe" --type=renderer --display-capture-permissions-policy-
allowed --lang=es-419 --device-scale-factor=1 --num-raster-threads=1 --renderer-
client-id=58 --time-ticks-at-unix-epoch=-1681672103653583 --launch-time-
ticks=256496037006 --mojo-platform-channel-handle=5612 --field-trial-
handle=2064,i,7741522595699167436,8666959540695824112,131072 /prefetch:1
===============
ID: 32044, Name: chrome.exe, CommandLine: "C:\Program Files (x86)\Google\Chrome\
Application\chrome.exe" --type=renderer --display-capture-permissions-policy-
allowed --lang=es-419 --device-scale-factor=1 --num-raster-threads=1 --renderer-
client-id=64 --time-ticks-at-unix-epoch=-1681672103653583 --launch-time-
ticks=256647299634 --mojo-platform-channel-handle=4848 --field-trial-
handle=2064,i,7741522595699167436,8666959540695824112,131072 /prefetch:1
===============
ID: 32692, Name: chrome.exe, CommandLine: "C:\Program Files (x86)\Google\Chrome\
Application\chrome.exe" --type=renderer --display-capture-permissions-policy-
allowed --lang=es-419 --device-scale-factor=1 --num-raster-threads=1 --renderer-
client-id=66 --time-ticks-at-unix-epoch=-1681672103653583 --launch-time-
ticks=256654677188 --mojo-platform-channel-handle=5192 --field-trial-
handle=2064,i,7741522595699167436,8666959540695824112,131072 /prefetch:1
===============
ID: 31492, Name: chrome.exe, CommandLine: "C:\Program Files (x86)\Google\Chrome\
Application\chrome.exe" --type=renderer --display-capture-permissions-policy-
allowed --lang=es-419 --device-scale-factor=1 --num-raster-threads=1 --renderer-
client-id=71 --time-ticks-at-unix-epoch=-1681672103653583 --launch-time-
ticks=256671420296 --mojo-platform-channel-handle=5820 --field-trial-
handle=2064,i,7741522595699167436,8666959540695824112,131072 /prefetch:1
===============
ID: 31728, Name: chrome.exe, CommandLine: "C:\Program Files (x86)\Google\Chrome\
Application\chrome.exe" --type=renderer --display-capture-permissions-policy-
allowed --lang=es-419 --device-scale-factor=1 --num-raster-threads=1 --renderer-
client-id=72 --time-ticks-at-unix-epoch=-1681672103653583 --launch-time-
ticks=256671853225 --mojo-platform-channel-handle=1640 --field-trial-
handle=2064,i,7741522595699167436,8666959540695824112,131072 /prefetch:1
===============
ID: 30964, Name: smartscreen.exe, CommandLine: C:\Windows\System32\smartscreen.exe
-Embedding
===============
ID: 31960, Name: chrome.exe, CommandLine: "C:\Program Files (x86)\Google\Chrome\
Application\chrome.exe" --type=renderer --display-capture-permissions-policy-
allowed --lang=es-419 --device-scale-factor=1 --num-raster-threads=1 --renderer-
client-id=74 --time-ticks-at-unix-epoch=-1681672103653583 --launch-time-
ticks=256704518338 --mojo-platform-channel-handle=6684 --field-trial-
handle=2064,i,7741522595699167436,8666959540695824112,131072 /prefetch:1
===============
ID: 29480, Name: WinRAR.exe, CommandLine: "C:\Program Files\WinRAR\WinRAR.exe" "C:\
Users\usuario\Downloads\File.7z"
===============
ID: 30800, Name: PXm4WEFjtA_1sDb1cI22p0Qy.exe, CommandLine: "C:\Users\usuario\
Pictures\Minor Policy\PXm4WEFjtA_1sDb1cI22p0Qy.exe"
===============
ID: 30232, Name: aSv5jWu4Et1psm6MDp17yUgI.exe, CommandLine: "C:\Users\usuario\
Pictures\Minor Policy\aSv5jWu4Et1psm6MDp17yUgI.exe"
===============
ID: 24100, Name: 9oLffSy8FP46v9leLGnqUAdi.exe, CommandLine: "C:\Users\usuario\
Pictures\Minor Policy\9oLffSy8FP46v9leLGnqUAdi.exe"
===============
ID: 11196, Name: ki218682.exe, CommandLine: C:\Users\usuario\AppData\Local\Temp\
IXP000.TMP\ki218682.exe
===============
ID: 31380, Name: ki226728.exe, CommandLine: C:\Users\usuario\AppData\Local\Temp\
IXP001.TMP\ki226728.exe
===============
ID: 25692, Name: ki805887.exe, CommandLine: C:\Users\usuario\AppData\Local\Temp\
IXP002.TMP\ki805887.exe
===============
ID: 20016, Name: ki308070.exe, CommandLine: C:\Users\usuario\AppData\Local\Temp\
IXP003.TMP\ki308070.exe
===============
ID: 33372, Name: csgo.exe, CommandLine: "C:\Program Files (x86)\Steam\steamapps\
common\Counter-Strike Global Offensive\csgo.exe" -steam
===============
ID: 33640, Name: 25RDBqzXvxhBSbf7DXIQa7NM.exe, CommandLine: "C:\Users\usuario\
Pictures\Minor Policy\25RDBqzXvxhBSbf7DXIQa7NM.exe"
===============
ID: 33648, Name: bs6mZ0nMyiZQ26p7F2HzaU6U.exe, CommandLine: "C:\Users\usuario\
Pictures\Minor Policy\bs6mZ0nMyiZQ26p7F2HzaU6U.exe"
===============
ID: 33656, Name: 8ZCErKNOXLgSDsCfSlij4DqA.exe, CommandLine: "C:\Users\usuario\
Pictures\Minor Policy\8ZCErKNOXLgSDsCfSlij4DqA.exe"
===============
ID: 33664, Name: ugZ7xUURpx8kpWnOOdSsCYfT.exe, CommandLine: "C:\Users\usuario\
Pictures\Minor Policy\ugZ7xUURpx8kpWnOOdSsCYfT.exe"
===============
ID: 32020, Name: AppLaunch.exe, CommandLine: "C:\\Windows\\Microsoft.NET\\
Framework\\v4.0.30319\\AppLaunch.exe"
===============
ID: 33128, Name: msfeedssync.exe, CommandLine: C:\Windows\system32\msfeedssync.exe
sync
===============
ID: 29292, Name: ss31.exe, CommandLine: "C:\Users\usuario\AppData\Local\Temp\
ss31.exe"
===============
ID: 32420, Name: ZZpmfDkgpO8SkXgneLOcwcl6.exe, CommandLine: "C:\Users\usuario\
Pictures\Minor Policy\ZZpmfDkgpO8SkXgneLOcwcl6.exe"
===============
ID: 30840, Name: uyQCgtyEW1opCFJTj35sr22z.exe, CommandLine: "C:\Users\usuario\
Pictures\Minor Policy\uyQCgtyEW1opCFJTj35sr22z.exe"
===============
ID: 33760, Name: 4Hj9k71oR6U4pkzK_wvK7UkB.exe, CommandLine: "C:\Users\usuario\
Pictures\Minor Policy\4Hj9k71oR6U4pkzK_wvK7UkB.exe"
===============
ID: 33184, Name: AppLaunch.exe, CommandLine: "C:\\Windows\\Microsoft.NET\\
Framework\\v4.0.30319\\AppLaunch.exe"
===============
ID: 28344, Name: Install.exe, CommandLine: .\Install.exe
===============
ID: 22968, Name: Install.exe, CommandLine: .\Install.exe /S /site_id "525403"
===============
ID: 30956, Name: EJQC6ecu9h.exe, CommandLine: "C:\Users\usuario\AppData\Roaming\
KlTtYHyHOa6\EJQC6ecu9h.exe" --Admin IsNotAutoStart IsNotTask
===============
ID: 22600, Name: backgroundTaskHost.exe, CommandLine: "C:\WINDOWS\system32\
backgroundTaskHost.exe" -ServerName:App.AppXmtcan0h2tfbfy7k9kn8hbxb6dmzz1zh0.mca
===============
ID: 21916, Name: oneetx.exe, CommandLine: "C:\Users\usuario\AppData\Local\Temp\
10180c8ca3\oneetx.exe"
===============
ID: 34148, Name: node.exe, CommandLine: node.exe node.lib 3956101466505 1928975631
===============
ID: 34212, Name: 688A.exe, CommandLine: "C:\Users\usuario\AppData\Local\Temp\
688A.exe" --Admin IsNotAutoStart IsNotTask
===============
ID: 33632, Name: build2.exe, CommandLine: "C:\Users\usuario\AppData\Local\3cc18b03-
2ef6-40e5-9c25-191d7c1fba7a\build2.exe"
===============
ID: 27564, Name: build2.exe, CommandLine: "C:\Users\usuario\AppData\Local\6c712fc4-
3d05-40c0-820c-4bf6c7ac5fd7\build2.exe"
===============
ID: 33924, Name: gRBrlCK.exe, CommandLine: "C:\Users\usuario\AppData\Roaming\
A4tmSbJUZNs\gRBrlCK.exe"
===============
ID: 33868, Name: IGCC.exe, CommandLine: "C:\Program Files\WindowsApps\
AppUp.IntelGraphicsExperience_1.100.3408.0_x64__8j3eq9eme6ctt\IGCC.exe" -
ServerName:App.AppXxq4ar3drev924dxqnatpa4s48c4zrxd1.mca
===============
ID: 28116, Name: bu453998.exe, CommandLine: C:\Users\usuario\AppData\Local\Temp\
IXP004.TMP\bu453998.exe
===============
ID: 34000, Name: 9DD8.exe, CommandLine: "C:\Users\usuario\AppData\Local\Temp\
9DD8.exe" --Admin IsNotAutoStart IsNotTask
===============
ID: 33300, Name: 99D0.exe, CommandLine: "C:\Users\usuario\AppData\Local\Temp\
99D0.exe" --Admin IsNotAutoStart IsNotTask
===============
ID: 31568, Name: powershell.exe, CommandLine: C:\WINDOWS\System32\
WindowsPowerShell\v1.0\powershell.exe Add-MpPreference -ExclusionPath
@($env:UserProfile, $env:ProgramFiles) -Force
===============
ID: 27248, Name: conhost.exe, CommandLine: \??\C:\WINDOWS\system32\conhost.exe 0x4
===============
ID: 34624, Name: ZKLRkuoVGDbkA5t8TPfQz_PQ.exe, CommandLine: "C:\Users\usuario\
Pictures\Minor Policy\ZKLRkuoVGDbkA5t8TPfQz_PQ.exe"
===============
ID: 34648, Name: VzARbluXWuUf0OH30Qt76n75.exe, CommandLine: "C:\Users\usuario\
Pictures\Minor Policy\VzARbluXWuUf0OH30Qt76n75.exe"
===============
ID: 34684, Name: 5_jQHaxjVebVFwRL4PH5PIz2.exe, CommandLine: "C:\Users\usuario\
Pictures\Minor Policy\5_jQHaxjVebVFwRL4PH5PIz2.exe"
===============
ID: 33476, Name: _JaAk2ybrEXX0v8vLMLFpG3a.exe, CommandLine: "C:\Users\usuario\
Pictures\Minor Policy\_JaAk2ybrEXX0v8vLMLFpG3a.exe"
===============
ID: 34308, Name: _XCo87uS0qd9A1lyYHzVozu6.exe, CommandLine: "C:\Users\usuario\
Pictures\Minor Policy\_XCo87uS0qd9A1lyYHzVozu6.exe"
===============
ID: 33688, Name: EQI2Eb7SoqRS6VXt4enVT_xO.exe, CommandLine: "C:\Users\usuario\
Pictures\Minor Policy\EQI2Eb7SoqRS6VXt4enVT_xO.exe"
===============
ID: 32852, Name: ciBd4tiq_jleSzWzLjOFI7hZ.exe, CommandLine: "C:\Users\usuario\
Pictures\Minor Policy\ciBd4tiq_jleSzWzLjOFI7hZ.exe"
===============
ID: 32944, Name: AppLaunch.exe, CommandLine: "C:\\Windows\\Microsoft.NET\\
Framework\\v4.0.30319\\AppLaunch.exe"
===============
ID: 31768, Name: ki240035.exe, CommandLine: C:\Users\usuario\AppData\Local\Temp\
IXP005.TMP\ki240035.exe
===============
ID: 27712, Name: build2.exe, CommandLine: "C:\Users\usuario\AppData\Local\7026e6da-
c39f-41f4-9908-bf3b913a2000\build2.exe"
===============
ID: 28252, Name: build2.exe, CommandLine: "C:\Users\usuario\AppData\Local\c60b24e6-
16a3-4df9-8525-2973fd6aeb19\build2.exe"
===============
ID: 31528, Name: AppLaunch.exe, CommandLine: "C:\\Windows\\Microsoft.NET\\
Framework\\v4.0.30319\\AppLaunch.exe"
===============
ID: 34396, Name: ki509348.exe, CommandLine: C:\Users\usuario\AppData\Local\Temp\
IXP006.TMP\ki509348.exe
===============
ID: 34948, Name: ki834237.exe, CommandLine: C:\Users\usuario\AppData\Local\Temp\
IXP007.TMP\ki834237.exe
===============
ID: 35084, Name: ki026260.exe, CommandLine: C:\Users\usuario\AppData\Local\Temp\
IXP008.TMP\ki026260.exe
===============
ID: 35112, Name: Coek3uKK.exe, CommandLine: "C:\Users\usuario\AppData\Local\Temp\
RarSFX0\Coek3uKK.exe"
===============
ID: 91272, Name: powershell.exe, CommandLine: C:\WINDOWS\System32\
WindowsPowerShell\v1.0\powershell.exe <#wsyzqeupt#> IF((New-Object
Security.Principal.WindowsPrincipal([Security.Principal.WindowsIdentity]::GetCurren
t())).IsInRole([Security.Principal.WindowsBuiltInRole]::Administrator))
{ IF([System.Environment]::OSVersion.Version -lt [System.Version]"6.2")
{ schtasks /create /f /sc onlogon /rl highest /ru 'System' /tn
'NoteUpdateTaskMachineQC' /tr '''C:\Program Files\Notepad\Chrome\updater.exe''' }
Else { Register-ScheduledTask -Action (New-ScheduledTaskAction -Execute 'C:\Program
Files\Notepad\Chrome\updater.exe') -Trigger (New-ScheduledTaskTrigger -AtStartup)
-Settings (New-ScheduledTaskSettingsSet -AllowStartIfOnBatteries -
DisallowHardTerminate -DontStopIfGoingOnBatteries -DontStopOnIdleEnd -
ExecutionTimeLimit (New-TimeSpan -Days 1000)) -TaskName 'NoteUpdateTaskMachineQC'
-User 'System' -RunLevel 'Highest' -Force; } } Else { reg add "HKCU\SOFTWARE\
Microsoft\Windows\CurrentVersion\Run" /v "NoteUpdateTaskMachineQC" /t REG_SZ /f /d
'C:\Program Files\Notepad\Chrome\updater.exe' }
===============
ID: 91336, Name: conhost.exe, CommandLine: \??\C:\WINDOWS\system32\conhost.exe 0x4
===============
ID: 91860, Name: bu053088.exe, CommandLine: C:\Users\usuario\AppData\Local\Temp\
IXP009.TMP\bu053088.exe
===============
ID: 91192, Name: mstsca.exe, CommandLine: C:\Users\usuario\AppData\Roaming\
Microsoft\Network\mstsca.exe
===============
ID: 110356, Name: 6C96.exe, CommandLine: "C:\Users\usuario\AppData\Local\Temp\
6C96.exe"
===============
ID: 112680, Name: jsc.exe, CommandLine: "C:\Windows\Microsoft.NET\Framework64\
v4.0.30319\jsc.exe"
===============
ID: 119320, Name: powershell.exe, CommandLine: C:\WINDOWS\System32\
WindowsPowerShell\v1.0\powershell.exe <#iqegjinl#> IF((New-Object
Security.Principal.WindowsPrincipal([Security.Principal.WindowsIdentity]::GetCurren
t())).IsInRole([Security.Principal.WindowsBuiltInRole]::Administrator))
{ schtasks /run /tn "NoteUpdateTaskMachineQC" } Else { "C:\Program Files\Notepad\
Chrome\updater.exe" }
===============
ID: 119368, Name: systeminfo.exe, CommandLine: systeminfo.exe /fo csv
===============
ID: 132348, Name: AppLaunch.exe, CommandLine: "C:\Windows\Microsoft.NET\Framework\
v4.0.30319\AppLaunch.exe"
===============
ID: 132364, Name: conhost.exe, CommandLine: \??\C:\WINDOWS\system32\conhost.exe 0x4
===============
ID: 132372, Name: taskhostw.exe, CommandLine: taskhostw.exe
===============
ID: 132508, Name: schtasks.exe, CommandLine: /C /create /F /sc minute /mo 1 /tn
"Azure-Update-Task" /tr "C:\Users\usuario\AppData\Roaming\Microsoft\Network\
mstsca.exe"
===============
ID: 132640, Name: D4C3CF00DvXNXMEfWEATK6Ox.exe, CommandLine: "C:\Users\usuario\
Pictures\Minor Policy\D4C3CF00DvXNXMEfWEATK6Ox.exe"
===============
ID: 132648, Name: wGApxRSHmLGJO4JekhNRAuf5.exe, CommandLine: "C:\Users\usuario\
Pictures\Minor Policy\wGApxRSHmLGJO4JekhNRAuf5.exe"
===============
ID: 132656, Name: CmoqYNURke2pNIkfDCRhvV9L.exe, CommandLine: "C:\Users\usuario\
Pictures\Minor Policy\CmoqYNURke2pNIkfDCRhvV9L.exe"
===============
ID: 132664, Name: EhXpyDq538kCb2CpGjnkHfSw.exe, CommandLine: "C:\Users\usuario\
Pictures\Minor Policy\EhXpyDq538kCb2CpGjnkHfSw.exe"
===============
ID: 132676, Name: cJn0ixRGPfKuuO_zVciuuZmN.exe, CommandLine: "C:\Users\usuario\
Pictures\Minor Policy\cJn0ixRGPfKuuO_zVciuuZmN.exe"
===============
ID: 132792, Name: 11.exe, CommandLine: "C:\Windows\Temp\11.exe"
===============
ID: 132880, Name: dllhost.exe, CommandLine: "C:\WINDOWS\system32\dllhost.exe"
===============
ID: 132908, Name: J0I6yR8Y31_IOnv2n2E6maWf.exe, CommandLine: "C:\Users\usuario\
Pictures\Minor Policy\J0I6yR8Y31_IOnv2n2E6maWf.exe"
===============
ID: 132924, Name: 9GLNIVqrZk2y5RJvipO_OPOE.exe, CommandLine: "C:\Users\usuario\
Pictures\Minor Policy\9GLNIVqrZk2y5RJvipO_OPOE.exe"
===============
ID: 132948, Name: 22.exe, CommandLine: "C:\Windows\Temp\22.exe"
===============
ID: 133080, Name: is-5BF07.tmp, CommandLine: "C:\Users\usuario\AppData\Local\Temp\
is-0MD42.tmp\is-5BF07.tmp" /SL4 $4E0952 "C:\Users\usuario\Pictures\Minor Policy\
cJn0ixRGPfKuuO_zVciuuZmN.exe" 2562561 56320
===============
ID: 133112, Name: 123.exe, CommandLine: "C:\Windows\Temp\123.exe"
===============
ID: 27340, Name: wNpalt, CommandLine: C:\Users\usuario\AppData\Local\Temp\
sihEZnOegyfaETYZCu\wNpalt /mixtwo
===============
ID: 5632, Name: RegSvcs.exe, CommandLine: "C:\Windows\Microsoft.NET\Framework\
v4.0.30319\RegSvcs.exe"
===============
ID: 103012, Name: WerFault.exe, CommandLine: C:\WINDOWS\SysWOW64\WerFault.exe -u -p
132792 -s 280
===============
ID: 107576, Name: RegSvcs.exe, CommandLine: "C:\Windows\Microsoft.NET\Framework\
v4.0.30319\RegSvcs.exe"
===============
ID: 26084, Name: 321.exe, CommandLine: "C:\Windows\Temp\321.exe"
===============
ID: 33872, Name: cmd.exe, CommandLine: cmd.exe /d /c bwsjhihxsxf.bat 3956101466505
===============
ID: 34492, Name: WerFault.exe, CommandLine: C:\WINDOWS\SysWOW64\WerFault.exe -u -p
132948 -s 292
===============
ID: 35404, Name: conhost.exe, CommandLine: \??\C:\WINDOWS\system32\conhost.exe 0x4
===============
ID: 35428, Name: conhost.exe, CommandLine: \??\C:\WINDOWS\system32\conhost.exe 0x4
===============
ID: 35580, Name: RegSvcs.exe, CommandLine: "C:\Windows\Microsoft.NET\Framework\
v4.0.30319\RegSvcs.exe"
===============
ID: 35680, Name: WerFault.exe, CommandLine: C:\WINDOWS\SysWOW64\WerFault.exe -u -p
133112 -s 280
===============
ID: 35760, Name: AppLaunch.exe, CommandLine: "C:\\Windows\\Microsoft.NET\\
Framework\\v4.0.30319\\AppLaunch.exe"
===============
ID: 33944, Name: Install.exe, CommandLine: .\Install.exe
===============
ID: 34108, Name: Rec419.exe, CommandLine: "C:\Program Files (x86)\FKDsoftFR\Rec419\
Rec419.exe"
===============
ID: 35860, Name: oneetx.exe, CommandLine: C:\Users\usuario\AppData\Local\Temp\
10180c8ca3\oneetx.exe
===============
ID: 35956, Name: Install.exe, CommandLine: .\Install.exe /S /site_id "525403"
===============
ID: 35972, Name: ju6G8sJ0.exe, CommandLine: "C:\Users\usuario\AppData\Roaming\
ruIvbnl\ju6G8sJ0.exe"
===============
ID: 36336, Name: pKoLxd, CommandLine: C:\Users\usuario\AppData\Local\Temp\
nQfsPRITKCJxBJKOVa\pKoLxd
===============
ID: 36360, Name: forfiles.exe, CommandLine: "C:\Windows\System32\forfiles.exe" /p
c:\windows\system32 /m cmd.exe /c "cmd /C REG ADD \"HKLM\SOFTWARE\Policies\
Microsoft\Windows Defender\Exclusions\Extensions\" /f /v \"exe\" /t REG_SZ /d 0
/reg:32&REG ADD \"HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Exclusions\
Extensions\" /f /v \"exe\" /t REG_SZ /d 0 /reg:64&"
===============
ID: 36404, Name: cmd.exe, CommandLine: "cmd.exe" /C powershell -EncodedCommand
"PAAjAHAAZQBqAEgAVgBIACMAPgAgAEEAZABkAC0ATQBwAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA8ACMATg
BhADAAQQAxADAAcQBLAHgAIwA+ACAALQBFAHgAYwBsAHUAcwBpAG8AbgBQAGEAdABoACAAQAAoACQAZQBuA
HYAOgBVAHMAZQByAFAAcgBvAGYAaQBsAGUALAAkAGUAbgB2ADoAUwB5AHMAdABlAG0ARAByAGkAdgBlACkA
IAA8ACMAWgBBADcAVQBDAEgAVQAjAD4AIAAtAEYAbwByAGMAZQAgADwAIwBVAGwATgBwAFIAdQBjAHQAcQA
zACMAPgA=" & powercfg /x -hibernate-timeout-ac 0 & powercfg /x -hibernate-timeout-
dc 0 & powercfg /x -standby-timeout-ac 0 & powercfg /x -standby-timeout-dc 0 &
powercfg /hibernate off

You might also like