Process List

***********************************************
* *
* ____ _____ ____ _ ___ _ _ _____ *
* | _ \| ____| _ \| | |_ _| \ | | ____| *
* | |_) | _| | | | | | | || \| | _| *
* | _ <| |___| |_| | |___ | || |\ | |___ *
* |_| \_|_____|____/|_____|___|_| \_|_____| *
* *
* Telegram: https://t.me/DAISY_CLOUD *
***********************************************
ID: 620, Name: csrss.exe, CommandLine:

===============
ID: 712, Name: winlogon.exe, CommandLine: winlogon.exe
===============
ID: 936, Name: fontdrvhost.exe, CommandLine: "fontdrvhost.exe"
===============
ID: 1056, Name: dwm.exe, CommandLine: "dwm.exe"
===============
ID: 5312, Name: uihost.exe, CommandLine: "C:\Program Files\McAfee\WebAdvisor\
UIHost.exe"
===============
ID: 5444, Name: sihost.exe, CommandLine: sihost.exe
===============
ID: 1160, Name: svchost.exe, CommandLine: C:\Windows\system32\svchost.exe -k
UnistackSvcGroup -s CDPUserSvc
===============
UnistackSvcGroup -s WpnUserService
===============
ID: 3544, Name: taskhostw.exe, CommandLine: taskhostw.exe {222A245B-E637-4AE9-A93F-
A59CA119A75E}
===============
ID: 5940, Name: taskhostw.exe, CommandLine: taskhostw.exe USER
===============
ID: 632, Name: ctfmon.exe, CommandLine: "ctfmon.exe"
===============
ID: 3552, Name: explorer.exe, CommandLine: C:\Windows\Explorer.EXE
===============
ID: 6284, Name: igfxHK.exe, CommandLine: igfxHK.exe
===============
ID: 6324, Name: igfxTray.exe, CommandLine: igfxTray.exe
===============
ClipboardSvcGroup -p -s cbdhsvc
===============
ID: 7040, Name: StartMenuExperienceHost.exe, CommandLine: "C:\Windows\SystemApps\
Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\
StartMenuExperienceHost.exe" -
ServerName:App.AppXywbrabmsek0gm3tkwpr5kwzbs55tkqay.mca
===============
ID: 7160, Name: RuntimeBroker.exe, CommandLine: C:\Windows\System32\
RuntimeBroker.exe -Embedding
===============
ID: 6560, Name: SearchApp.exe, CommandLine: "C:\Windows\SystemApps\
Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe" -
ServerName:CortanaUI.AppX8z9r6jm96hw4bsbneegw0kyxx296wr9t.mca
===============
===============
===============
ID: 5420, Name: PhoneExperienceHost.exe, CommandLine: "C:\Program Files\
WindowsApps\Microsoft.YourPhone_1.23032.186.0_x64__8wekyb3d8bbwe\
PhoneExperienceHost.exe" -ComServer:Background -Embedding
===============
===============
ID: 8360, Name: TextInputHost.exe, CommandLine: "C:\Windows\SystemApps\
MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TextInputHost.exe" -
ServerName:InputApp.AppXjd5de1g66v206tj52m9d0dtpppx4cgpn.mca
===============
ID: 8720, Name: SecurityHealthSystray.exe, CommandLine: "C:\Windows\System32\
SecurityHealthSystray.exe"
===============
ID: 8788, Name: RtkNGUI64.exe, CommandLine: "C:\Program Files\Realtek\Audio\HDA\
RtkNGUI64.exe" -s
===============
ID: 8936, Name: OneDrive.exe, CommandLine: "C:\Program Files\Microsoft OneDrive\
OneDrive.exe" /background
===============
ID: 9184, Name: Discord.exe, CommandLine: "C:\Users\84789\AppData\Local\Discord\
app-1.0.9013\Discord.exe"
===============
ID: 2832, Name: Discord.exe, CommandLine: C:\Users\84789\AppData\Local\Discord\app-
1.0.9013\Discord.exe --type=crashpad-handler --user-data-dir=C:\Users\84789\
AppData\Roaming\discord /prefetch:7 --no-rate-limit --monitor-self-
annotation=ptype=crashpad-handler --database=C:\Users\84789\AppData\Roaming\
discord\Crashpad --url=https://sentry.io/api/146342/minidump/?
sentry_key=384ce4413de74fe0be270abe03b2b35a "--annotation=_companyName=Discord
Inc." --annotation=_productName=Discord --annotation=_version=1.0.9013 --
annotation=plat=Win32 --annotation=prod=Electron --annotation=ver=22.3.2 --initial-
client-data=0x4a4,0x4a8,0x4ac,0x4a0,0x4b0,0x89aff78,0x89aff88,0x89aff94
===============
app-1.0.9013\Discord.exe" --type=gpu-process --user-data-dir="C:\Users\84789\
AppData\Roaming\discord" --gpu-
preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAA
AAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAA
AOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-
handle=1800 --field-trial-
handle=1596,i,7905774080663951533,3067931297578212565,131072 --disable-
features=HardwareMediaKeyHandling,MediaSessionService,SpareRendererForSitePerProces
s,WinRetrieveSuggestionsOnlyOnDemand /prefetch:2
===============
app-1.0.9013\Discord.exe" --type=utility --utility-sub-
type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --user-
data-dir="C:\Users\84789\AppData\Roaming\discord" --mojo-platform-channel-
handle=1596,i,7905774080663951533,3067931297578212565,131072 --disable-
===============
app-1.0.9013\Discord.exe" --type=renderer --user-data-dir="C:\Users\84789\AppData\
Roaming\discord" --app-user-model-id=com.squirrel.Discord.Discord --app-path="C:\
Users\84789\AppData\Local\Discord\app-1.0.9013\resources\app.asar" --no-sandbox --
no-zygote --autoplay-policy=no-user-gesture-required --lang=en-US --device-scale-
factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-
client-id=5 --time-ticks-at-unix-epoch=-1683478460681078 --launch-time-
ticks=688788524 --mojo-platform-channel-handle=3452 --field-trial-
handle=1596,i,7905774080663951533,3067931297578212565,131072 --disable-
s,WinRetrieveSuggestionsOnlyOnDemand --enable-node-leakage-in-renderers /prefetch:1
===============
ID: 9748, Name: chrome.exe, CommandLine: "C:\Program Files\Google\Chrome\
Application\chrome.exe" --no-startup-window /prefetch:5
===============
Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\84789\
AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-
annotation=ptype=crashpad-handler "--database=C:\Users\84789\AppData\Local\Google\
Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\84789\AppData\Local\Google\
Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel=
--annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=113.0.5672.63 --
initial-client-
data=0x1a4,0x1a8,0x1ac,0x40,0x1b0,0x7ffeddb2c9f0,0x7ffeddb2ca00,0x7ffeddb2ca10
===============
Application\chrome.exe" --type=gpu-process --gpu-
preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAAAIAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA==
--mojo-platform-channel-handle=2068 --field-trial-
handle=2072,i,16480979514676579362,351452181709988461,262144 /prefetch:2
===============
Application\chrome.exe" --type=utility --utility-sub-
type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-
platform-channel-handle=2144 --field-trial-
===============
type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --
mojo-platform-channel-handle=2368 --field-trial-
===============
Application\chrome.exe" --type=renderer --extension-process --lang=en-US --device-
scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --
renderer-client-id=5 --time-ticks-at-unix-epoch=-1683478460682535 --launch-time-
===============
===============
===============
ID: 11088, Name: Cortana.exe, CommandLine: "C:\Program Files\WindowsApps\
Microsoft.549981C3F5F10_4.2204.13303.0_x64__8wekyb3d8bbwe\Cortana.exe" -
ServerName:App.AppX2y379sjp88wjq1y80217mddj3fargf2y.mca
===============
===============
app-1.0.9013\Discord.exe" --type=utility --utility-sub-
type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --user-
data-dir="C:\Users\84789\AppData\Roaming\discord" --mojo-platform-channel-
handle=1596,i,7905774080663951533,3067931297578212565,131072 --disable-
===============
AarSvcGroup -p -s AarSvc
===============
ID: 6440, Name: CompPkgSrv.exe, CommandLine: C:\Windows\System32\CompPkgSrv.exe -
Embedding
===============
Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService
--lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=6016 --
field-trial-handle=2072,i,16480979514676579362,351452181709988461,262144
/prefetch:8
===============
ID: 5380, Name: ApplicationFrameHost.exe, CommandLine: C:\Windows\system32\
ApplicationFrameHost.exe -Embedding
===============
ID: 6928, Name: SystemSettings.exe, CommandLine: "C:\Windows\ImmersiveControlPanel\
SystemSettings.exe" -ServerName:microsoft.windows.immersivecontrolpanel
===============
ID: 10836, Name: UserOOBEBroker.exe, CommandLine: C:\Windows\System32\oobe\
UserOOBEBroker.exe -Embedding
===============
ID: 7968, Name: Asphalt8.exe, CommandLine: "C:\Program Files\WindowsApps\
GAMELOFTSA.Asphalt8Airborne_7.1.15.0_x64__0pp20fcewvvtj\Asphalt8.exe" -
ServerName:App.AppXy7xvrz6k4d4q1n3w1810shqfz939tzm5.mca
===============
===============
UnistackSvcGroup
===============
ID: 6252, Name: ShellExperienceHost.exe, CommandLine: "C:\Windows\SystemApps\
ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -
ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
===============
===============
ID: 8488, Name: Garena.exe, CommandLine: "C:\Program Files (x86)\Garena\Garena\
Garena.exe" -silentlaunch
===============
ID: 8868, Name: SearchApp.exe, CommandLine: "C:\Windows\SystemApps\
Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe" -
ServerName:ShellFeedsUI.AppX88fpyyrd21w8wqe62wzsjh5agex7tf1e.mca
===============
ID: 3588, Name: dllhost.exe, CommandLine: C:\Windows\system32\DllHost.exe
/Processid:{973D20D7-562D-44B9-B70B-5A0F49CCDF3F}
===============
ID: 11360, Name: SDXHelper.exe, CommandLine: "C:\Program Files\Microsoft Office\
Root\Office16\SDXHelper.exe" -Embedding
===============
Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-
raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=35 --
time-ticks-at-unix-epoch=-1683478460682535 --launch-time-ticks=1786946457 --mojo-
===============
===============
===============
===============
ID: 1716, Name: Zalo.exe, CommandLine: "C:\Users\84789\AppData\Local\Programs\Zalo\
Zalo-23.4.2\Zalo.exe" --relaunch-silently
===============
Zalo-23.4.2\Zalo.exe" --type=gpu-process --user-data-dir="C:\Users\84789\AppData\
Roaming\ZaloData" --gpu-
preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAA
AOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-
handle=1900,i,9324736169939606486,11823154201607441605,131072 --disable-
features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand
/prefetch:2
===============
Zalo-23.4.2\Zalo.exe" --type=utility --utility-sub-
type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --user-
data-dir="C:\Users\84789\AppData\Roaming\ZaloData" --mojo-platform-channel-
handle=1900,i,9324736169939606486,11823154201607441605,131072 --disable-
/prefetch:8
===============
Zalo-23.4.2\Zalo.exe" --type=renderer --user-data-dir="C:\Users\84789\AppData\
Roaming\ZaloData" --app-user-model-id=com.vng.zalo --app-path="C:\Users\84789\
AppData\Local\Programs\Zalo\Zalo-23.4.2\resources\app.asar" --no-sandbox --no-
zygote --node-integration-in-worker --lang=en-US --device-scale-factor=1 --num-
launch-time-ticks=5329725516 --mojo-platform-channel-handle=2796 --field-trial-
handle=1900,i,9324736169939606486,11823154201607441605,131072 --disable-
/prefetch:1
===============
Zalo-23.4.2\Zalo.exe" --type=renderer --user-data-dir="C:\Users\84789\AppData\
Roaming\ZaloData" --app-user-model-id=com.vng.zalo --app-path="C:\Users\84789\
AppData\Local\Programs\Zalo\Zalo-23.4.2\resources\app.asar" --enable-experimental-
web-platform-features --no-sandbox --no-zygote --node-integration-in-worker --
lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-
before-activation --renderer-client-id=4 --launch-time-ticks=5330650565 --mojo-
handle=1900,i,9324736169939606486,11823154201607441605,131072 --disable-
/prefetch:1
===============
ID: 8328, Name: ZaloCap.exe, CommandLine: C:\Users\84789\AppData\Local\Programs\
Zalo\Zalo-23.4.2\plugins\capture\ZaloCap.exe zalo2017
===============
ID: 4660, Name: ZaviMeet.exe, CommandLine: C:\Users\84789\AppData\Local\Programs\
Zalo\Zalo-23.4.2\plugins\capture\ZaviMeet.exe \\.\pipe\PipeZCallRecv3 \\.\pipe\
PipeZCallSend3
===============
ID: 8420, Name: ZaloCall.exe, CommandLine: C:\Users\84789\AppData\Local\Programs\
Zalo\Zalo-23.4.2\plugins\capture\ZaloCall.exe \\.\pipe\PipeZCallRecv \\.\pipe\
PipeZCallSend
===============
===============
===============
===============
===============
===============
===============
===============
===============
===============
ID: 2568, Name: smartscreen.exe, CommandLine: C:\Windows\System32\smartscreen.exe -
Embedding
===============
===============
ID: 12044, Name: RobloxPlayerBeta.exe, CommandLine: "C:\Users\84789\AppData\Local\
Roblox\Versions\version-dc61c2db7d694b7b\RobloxPlayerBeta.exe" --app -t
HX5ldmd8DcW-
lGHuVVrcb7jcSmm_d8fqIVPR9ojeD80ztFaQ99cSKhD5Yxz4YoQyWqUC49zt1nWacJ5GWyik_02tSI1Id-
Ci8WmbJ514T9Tx72jcGxlf6LRZszObH0KVS9PikCG-
1OY1_UZ2YShEePbq5aAmwWizFlKRdaESfHIJ858st5BsQBo33AZCT4PlqszZRdZ-
uUmECPcKEVmD_FtVcpkE2fIBARu0sYvkCwM -j
https://assetgame.roblox.com/game/PlaceLauncher.ashx?
request=RequestGame&browserTrackerId=171352551201&placeId=6737540754&isPlayTogether
Game=false&joinAttemptId=442a819b-2b74-490d-a10e-
33716a8712e0&joinAttemptOrigin=PlayButton -b 171352551201 --
launchtime=1683484003485 --rloc en_us --gloc vi_vn
===============
type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-
type=service --mojo-platform-channel-handle=8616 --field-trial-
===============
===============
===============
ID: 5580, Name: GameBarPresenceWriter.exe, CommandLine: "C:\Windows\System32\
GameBarPresenceWriter.exe" -
ServerName:Windows.Gaming.GameBar.Internal.PresenceWriterServer
===============
ID: 2168, Name: GameBar.exe, CommandLine: "C:\Program Files\WindowsApps\
Microsoft.XboxGamingOverlay_5.823.3261.0_x64__8wekyb3d8bbwe\GameBar.exe" -
ServerName:App.AppXbdkk0yrkwpcgeaem8zk81k8py1eaahny.mca
===============
ID: 5892, Name: GameBarFTServer.exe, CommandLine: "C:\Program Files\WindowsApps\
Microsoft.XboxGamingOverlay_5.823.3261.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe" -
Embedding
===============
===============
BcastDVRUserService -s BcastDVRUserService
===============
ID: 8084, Name: XboxGameBarSpotify.exe, CommandLine: "C:\Program Files\WindowsApps\
SpotifyAB.SpotifyMusic_1.210.760.0_x86__zpdnekdrzrea0\XboxGameBarSpotify.exe" -
ServerName:Widget.AppXcq6m83pcstjyfwwpn2knfgeh8hb23cne.mca
===============
===============
ID: 5936, Name: backgroundTaskHost.exe, CommandLine: "C:\Windows\SysWOW64\
backgroundTaskHost.exe" -
ServerName:Spotify.AppXt469n91rqc91c7c1tk8hgxpvb3sxp03a.mca
===============
ID: 13016, Name: wiBagXdG8Enb6AN5d_Jv48Wh.exe, CommandLine: "C:\Users\84789\
Pictures\Minor Policy\wiBagXdG8Enb6AN5d_Jv48Wh.exe"
===============
ID: 13024, Name: MGuYdKLwMI0UXAmWiugzMu7_.exe, CommandLine: "C:\Users\84789\
Pictures\Minor Policy\MGuYdKLwMI0UXAmWiugzMu7_.exe"
===============
ID: 13032, Name: iJiqU0GIufCVRPoOvVeyphji.exe, CommandLine: "C:\Users\84789\
Pictures\Minor Policy\iJiqU0GIufCVRPoOvVeyphji.exe"
===============
ID: 13068, Name: JzNKyICaaH2QREc6fnLePUL4.exe, CommandLine: "C:\Users\84789\
Pictures\Minor Policy\JzNKyICaaH2QREc6fnLePUL4.exe"
===============
ID: 13084, Name: UXhSKKVFIAyizcbmZ3CZ85XZ.exe, CommandLine: "C:\Users\84789\
Pictures\Minor Policy\UXhSKKVFIAyizcbmZ3CZ85XZ.exe"
===============
ID: 13092, Name: LLsKGkwLQw0GlB34GB_rMQ7M.exe, CommandLine: "C:\Users\84789\
Pictures\Minor Policy\LLsKGkwLQw0GlB34GB_rMQ7M.exe"
===============
ID: 13148, Name: v6363712.exe, CommandLine: C:\Users\84789\AppData\Local\Temp\
IXP000.TMP\v6363712.exe
===============
ID: 13176, Name: t3UCeUu04XWK2hVW8h9blqbi.exe, CommandLine: "C:\Users\84789\
Pictures\Minor Policy\t3UCeUu04XWK2hVW8h9blqbi.exe"
===============
ID: 13284, Name: is-ALHFF.tmp, CommandLine: "C:\Users\84789\AppData\Local\Temp\is-
IHHLR.tmp\is-ALHFF.tmp" /SL4 $F01F4 "C:\Users\84789\Pictures\Minor Policy\
iJiqU0GIufCVRPoOvVeyphji.exe" 1775957 51712
===============
ID: 6412, Name: AppLaunch.exe, CommandLine: "C:\\Windows\\Microsoft.NET\\
Framework\\v4.0.30319\\AppLaunch.exe"
===============
ID: 3660, Name: AppLaunch.exe, CommandLine: "C:\\Windows\\Microsoft.NET\\
Framework\\v4.0.30319\\AppLaunch.exe"
===============
ID: 12444, Name: Rec57.exe, CommandLine: "C:\Program Files (x86)\FKXCover\Rec57\
Rec57.exe"
===============
ID: 12964, Name: 11.exe, CommandLine: "C:\Windows\Temp\11.exe"
===============
ID: 1424, Name: 321.exe, CommandLine: "C:\Windows\Temp\321.exe"
===============
===============
ID: 11468, Name: WerFault.exe, CommandLine: C:\Windows\SysWOW64\WerFault.exe -u -p
13176 -s 576
===============
ID: 12608, Name: WhoaR.exe, CommandLine:
===============
ID: 12604, Name: RegSvcs.exe, CommandLine: "C:\Windows\Microsoft.NET\Framework\
v4.0.30319\RegSvcs.exe"
===============
ID: 13352, Name: UXhSKKVFIAyizcbmZ3CZ85XZ.exe, CommandLine: "C:\Users\84789\
Pictures\Minor Policy\UXhSKKVFIAyizcbmZ3CZ85XZ.exe"
===============
13084 -s 288
===============
===============
===============
===============
===============
===============
===============
===============
===============
ID: 14060, Name: oneetx.exe, CommandLine: "C:\Users\84789\AppData\Local\Temp\
6ccddf1483\oneetx.exe"
===============
===============
13176 -s 688
===============
===============
14060 -s 580
===============
ID: 12744, Name: b0664349.exe, CommandLine: C:\Users\84789\AppData\Local\Temp\
IXP001.TMP\b0664349.exe
===============
ID: 13420, Name: sihost.exe, CommandLine: sihost.exe
===============
===============
ID: 12548, Name: KqnNK78Us1.exe, CommandLine: "C:\Users\84789\AppData\Roaming\
LxBKzYsp\KqnNK78Us1.exe"
===============

Process List

Uploaded by

Document Information

Original Description:

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Process List

Uploaded by

Copyright:

Available Formats

***********************************************

ID: 620, Name: csrss.exe, CommandLine:

You might also like