[*** System Idle Process ***]


[*** System ***]


[*** smss.exe ***]
CommandLine = \SystemRoot\System32\smss.exe


[*** csrss.exe ***]
CommandLine = %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,12288,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
ExecutablePath = C:\Windows\system32\csrss.exe
Version = 
Time = 14.07.2009 09:14:16


[*** wininit.exe ***]
CommandLine = wininit.exe
ExecutablePath = C:\Windows\system32\wininit.exe
Version = 
Time = 14.07.2009 09:14:45


[*** services.exe ***]
CommandLine = C:\Windows\system32\services.exe
ExecutablePath = C:\Windows\system32\services.exe
Version = 
Time = 14.07.2009 09:14:36


[*** lsass.exe ***]
CommandLine = C:\Windows\system32\lsass.exe
ExecutablePath = C:\Windows\system32\lsass.exe
Version = 
Time = 12.04.2014 10:11:22


[*** lsm.exe ***]
CommandLine = C:\Windows\system32\lsm.exe
ExecutablePath = C:\Windows\system32\lsm.exe
Version = 
Time = 21.11.2010 04:29:11


[*** svchost.exe ***]
CommandLine = C:\Windows\system32\svchost.exe -k DcomLaunch
ExecutablePath = C:\Windows\system32\svchost.exe
Version = 
Time = 14.07.2009 09:14:41


[*** svchost.exe ***]
CommandLine = C:\Windows\system32\svchost.exe -k RPCSS
ExecutablePath = C:\Windows\system32\svchost.exe
Version = 
Time = 14.07.2009 09:14:41


[*** svchost.exe ***]
CommandLine = C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
ExecutablePath = C:\Windows\System32\svchost.exe
Version = 
Time = 14.07.2009 09:14:41


[*** svchost.exe ***]
CommandLine = C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
ExecutablePath = C:\Windows\System32\svchost.exe
Version = 
Time = 14.07.2009 09:14:41


[*** svchost.exe ***]
CommandLine = C:\Windows\system32\svchost.exe -k LocalService
ExecutablePath = C:\Windows\system32\svchost.exe
Version = 
Time = 14.07.2009 09:14:41


[*** svchost.exe ***]
CommandLine = C:\Windows\system32\svchost.exe -k netsvcs
ExecutablePath = C:\Windows\system32\svchost.exe
Version = 
Time = 14.07.2009 09:14:41


[*** svchost.exe ***]
CommandLine = C:\Windows\system32\svchost.exe -k GPSvcGroup
ExecutablePath = C:\Windows\system32\svchost.exe
Version = 
Time = 14.07.2009 09:14:41


[*** igfxCUIService.exe ***]
CommandLine = C:\Windows\system32\igfxCUIService.exe
ExecutablePath = C:\Windows\system32\igfxCUIService.exe
Version = 
Time = 28.05.2014 09:43:48


[*** svchost.exe ***]
CommandLine = C:\Windows\system32\svchost.exe -k NetworkService
ExecutablePath = C:\Windows\system32\svchost.exe
Version = 
Time = 14.07.2009 09:14:41


[*** spoolsv.exe ***]
CommandLine = C:\Windows\System32\spoolsv.exe
ExecutablePath = C:\Windows\System32\spoolsv.exe
Version = 
Time = 11.02.2012 13:37:49


[*** svchost.exe ***]
CommandLine = C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
ExecutablePath = C:\Windows\system32\svchost.exe
Version = 
Time = 14.07.2009 09:14:41


[*** armsvc.exe ***]
CommandLine = "C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe"
ExecutablePath = C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
Version = 
Time = 19.12.2014 08:48:18


[*** svchost.exe ***]
CommandLine = C:\Windows\system32\svchost.exe -k apphost
ExecutablePath = C:\Windows\system32\svchost.exe
Version = 
Time = 14.07.2009 09:14:41


[*** atkexComSvc.exe ***]
CommandLine = "C:\Program Files\ASUS\AXSP\1.01.02\atkexComSvc.exe"
ExecutablePath = C:\Program Files\ASUS\AXSP\1.01.02\atkexComSvc.exe
Version = 
Time = 07.05.2013 15:45:40


[*** DTSU2PAuSrv32.exe ***]
CommandLine = "C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv32.exe"
ExecutablePath = C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv32.exe
Version = 1.0.0.1
Time = 02.10.2012 14:39:38


[*** HeciServer.exe ***]
CommandLine = "C:\Program Files\Intel\iCLS Client\HeciServer.exe"
ExecutablePath = C:\Program Files\Intel\iCLS Client\HeciServer.exe
Version = 1.28.487.1 sys_sysscbld
Time = 11.05.2013 17:39:02


[*** IPROSetMonitor.exe ***]
CommandLine = C:\Windows\system32\IProsetMonitor.exe
ExecutablePath = C:\Windows\system32\IProsetMonitor.exe
Version = 
Time = 08.07.2013 21:30:22


[*** vpnclient.exe ***]
CommandLine = "C:\Program Files\SoftEther VPN Client\vpnclient.exe" /service
ExecutablePath = C:\Program Files\SoftEther VPN Client\vpnclient.exe
Version = 
Time = 19.10.2014 12:08:47


[*** svchost.exe ***]
CommandLine = C:\Windows\system32\svchost.exe -k imgsvc
ExecutablePath = C:\Windows\system32\svchost.exe
Version = 
Time = 14.07.2009 09:14:41


[*** TeamViewer_Service.exe ***]
CommandLine = "C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe"
ExecutablePath = C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
Version = 
Time = 13.09.2014 02:14:55


[*** svchost.exe ***]
CommandLine = C:\Windows\system32\svchost.exe -k iissvcs
ExecutablePath = C:\Windows\system32\svchost.exe
Version = 
Time = 14.07.2009 09:14:41


[*** svchost.exe ***]
CommandLine = C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
ExecutablePath = C:\Windows\system32\svchost.exe
Version = 
Time = 14.07.2009 09:14:41


[*** WUDFHost.exe ***]
CommandLine = "C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-13b3911e-3c82-4817-bda3-ecf1ed7991cc -SystemEventPortName:HostProcess-87bd1634-2073-4338-88b8-1813f1701127 -IoCancelEventPortName:HostProcess-49e03381-f639-450f-80f8-cfbda4304f40 -NonStateChangingEventPortName:HostProcess-78ad8cba-8b50-4f9b-8759-29bd7c022e4b -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:fcabff9c-2dda-45e4-a234-684b01a407bc -DeviceGroupId:
ExecutablePath = C:\Windows\System32\WUDFHost.exe
Version = 
Time = 26.07.2012 11:21:03


[*** csrss.exe ***]
CommandLine = %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,12288,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
ExecutablePath = C:\Windows\system32\csrss.exe
Version = 
Time = 14.07.2009 09:14:16


[*** winlogon.exe ***]
CommandLine = winlogon.exe
ExecutablePath = C:\Windows\system32\winlogon.exe
Version = 
Time = 17.07.2014 09:39:27


[*** PresentationFontCache.exe ***]
CommandLine = C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
ExecutablePath = C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
Version = 
Time = 11.06.2009 05:14:51


[*** dwm.exe ***]
CommandLine = "C:\Windows\system32\Dwm.exe"
ExecutablePath = C:\Windows\system32\Dwm.exe
Version = 
Time = 14.07.2009 09:14:19


[*** taskhost.exe ***]
CommandLine = "taskhost.exe"
ExecutablePath = C:\Windows\system32\taskhost.exe
Version = 
Time = 20.06.2014 14:42:15


[*** explorer.exe ***]
CommandLine = C:\Windows\Explorer.EXE
ExecutablePath = C:\Windows\Explorer.EXE
Version = 
Time = 25.02.2011 12:30:54


[*** RtkNGUI.exe ***]
CommandLine = "C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe" -s
ExecutablePath = C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe
Version = 
Time = 19.08.2013 16:31:06


[*** RtHDVBg.exe ***]
CommandLine = "C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe" /DTSU2P
ExecutablePath = C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe
Version = 1, 0, 0, 162
Time = 07.08.2013 10:57:16


[*** iusb3mon.exe ***]
CommandLine = "C:\Program Files\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" 
ExecutablePath = C:\Program Files\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
Version = 
Time = 26.04.2013 10:25:54


[*** vpnclient.exe ***]
CommandLine = "C:\Program Files\SoftEther VPN Client\vpnclient.exe" /uihelp
ExecutablePath = C:\Program Files\SoftEther VPN Client\vpnclient.exe
Version = 
Time = 19.10.2014 12:08:47


[*** vpncmgr.exe ***]
CommandLine = "C:\Program Files\SoftEther VPN Client\vpncmgr.exe" /startup
ExecutablePath = C:\Program Files\SoftEther VPN Client\vpncmgr.exe
Version = 
Time = 19.10.2014 12:08:47


[*** svchost.exe ***]
CommandLine = C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
ExecutablePath = C:\Windows\system32\svchost.exe
Version = 
Time = 14.07.2009 09:14:41


[*** SearchIndexer.exe ***]
CommandLine = C:\Windows\system32\SearchIndexer.exe /Embedding
ExecutablePath = C:\Windows\system32\SearchIndexer.exe
Version = 
Time = 04.05.2011 12:28:31


[*** wmpnetwk.exe ***]
CommandLine = "C:\Program Files\Windows Media Player\wmpnetwk.exe"
ExecutablePath = C:\Program Files\Windows Media Player\wmpnetwk.exe
Version = 
Time = 21.11.2010 04:29:49


[*** IAStorDataMgrSvc.exe ***]
CommandLine = "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
ExecutablePath = C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
Version = 
Time = 04.08.2014 10:49:10


[*** jhi_service.exe ***]
CommandLine = "C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
ExecutablePath = C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
Version = 
Time = 03.09.2013 16:52:14


[*** LMS.exe ***]
CommandLine = "C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
ExecutablePath = C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
Version = 9.5.10.1628
Time = 03.09.2013 16:52:56


[*** svchost.exe ***]
CommandLine = C:\Windows\System32\svchost.exe -k secsvcs
ExecutablePath = C:\Windows\System32\svchost.exe
Version = 
Time = 14.07.2009 09:14:41


[*** IAStorIcon.exe ***]
CommandLine = "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
ExecutablePath = C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
Version = 
Time = 04.08.2014 10:49:10


[*** TeamViewer.exe ***]
CommandLine = "c:\program files\teamviewer\version9\TeamViewer.exe"
ExecutablePath = c:\program files\teamviewer\version9\TeamViewer.exe
Version = 
Time = 13.09.2014 02:14:55


[*** tv_w32.exe ***]
CommandLine = "C:\Program Files\TeamViewer\Version9\tv_w32.exe" --action hooks  --log C:\Program Files\TeamViewer\Version9\TeamViewer9_Logfile.log  
ExecutablePath = C:\Program Files\TeamViewer\Version9\tv_w32.exe
Version = 
Time = 13.09.2014 02:00:53


[*** oopnet.exe ***]
CommandLine = "C:\Program Files\DevLine\Linia SKW\oopnet.exe" /i /Service
ExecutablePath = C:\Program Files\DevLine\Linia SKW\oopnet.exe
Version = 6.9.6-4f36972177fd
Time = 25.11.2014 17:37:20


[*** dumper.exe ***]
CommandLine = -e 244
ExecutablePath = C:\Program Files\DevLine\Linia SKW\dumper.exe
Version = 
Time = 25.11.2014 17:26:18


[*** kernel.exe ***]
CommandLine = "C:\Program Files\DevLine\Linia SKW\kernel.exe" /i /Service
ExecutablePath = C:\Program Files\DevLine\Linia SKW\kernel.exe
Version = 6.9.6-4f36972177fd
Time = 25.11.2014 17:40:50


[*** csrss.exe ***]
CommandLine = %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,12288,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
ExecutablePath = C:\Windows\system32\csrss.exe
Version = 
Time = 14.07.2009 09:14:16


[*** winlogon.exe ***]
CommandLine = winlogon.exe
ExecutablePath = C:\Windows\system32\winlogon.exe
Version = 
Time = 17.07.2014 09:39:27


[*** rdpclip.exe ***]
CommandLine = rdpclip
ExecutablePath = C:\Windows\system32\rdpclip.exe
Version = 
Time = 21.11.2010 04:29:26


[*** LogonUI.exe ***]
CommandLine = "LogonUI.exe" /flags:0x0
ExecutablePath = C:\Windows\system32\LogonUI.exe
Version = 
Time = 21.11.2010 04:29:20


[*** wuauclt.exe ***]
CommandLine = "C:\Windows\system32\wuauclt.exe"
ExecutablePath = C:\Windows\system32\wuauclt.exe
Version = 
Time = 15.05.2014 00:23:40


[*** audiodg.exe ***]


[*** observer.exe ***]
CommandLine = "C:\Program Files\DevLine\Linia SKW\observer.exe" 
ExecutablePath = C:\Program Files\DevLine\Linia SKW\observer.exe
Version = 6.9.6-4f36972177fd
Time = 25.11.2014 17:42:18


[*** dumper.exe ***]
CommandLine = -e 628
ExecutablePath = C:\Program Files\DevLine\Linia SKW\dumper.exe
Version = 
Time = 25.11.2014 17:26:18


[*** iexplore.exe ***]
CommandLine = "C:\Program Files\Internet Explorer\iexplore.exe" 
ExecutablePath = C:\Program Files\Internet Explorer\iexplore.exe
Version = 
Time = 20.06.2014 14:42:34


[*** iexplore.exe ***]
CommandLine = "C:\Program Files\Internet Explorer\iexplore.exe" SCODEF:3892 CREDAT:267521 /prefetch:2
ExecutablePath = C:\Program Files\Internet Explorer\iexplore.exe
Version = 
Time = 20.06.2014 14:42:34


[*** cmd.exe ***]
CommandLine = "C:\Windows\system32\cmd.exe" 
ExecutablePath = C:\Windows\system32\cmd.exe
Version = 
Time = 21.11.2010 04:29:12


[*** conhost.exe ***]
CommandLine = \??\C:\Windows\system32\conhost.exe "-1670831166-1503480288-6763126771204277791-597795692-924512172286131912968791377
ExecutablePath = C:\Windows\system32\conhost.exe
Version = 
Time = 02.08.2013 08:52:57


[*** PING.EXE ***]
CommandLine = ping  -l 1200 -t 192.168.0.216
ExecutablePath = C:\Windows\system32\PING.EXE
Version = 
Time = 14.07.2009 09:14:28


[*** taskhost.exe ***]
CommandLine = "taskhost.exe"
ExecutablePath = C:\Windows\system32\taskhost.exe
Version = 
Time = 20.06.2014 14:42:15


[*** LiniaSysInfo.exe ***]
CommandLine = "C:\Program Files\DevLine\Linia SKW\LiniaSysInfo.exe" 
ExecutablePath = C:\Program Files\DevLine\Linia SKW\LiniaSysInfo.exe
Version = 
Time = 25.11.2014 17:27:22


[*** WmiPrvSE.exe ***]
CommandLine = C:\Windows\system32\wbem\wmiprvse.exe
ExecutablePath = C:\Windows\system32\wbem\wmiprvse.exe
Version = 
Time = 21.11.2010 04:29:20


[*** WmiPrvSE.exe ***]
CommandLine = C:\Windows\system32\wbem\wmiprvse.exe
ExecutablePath = C:\Windows\system32\wbem\wmiprvse.exe
Version = 
Time = 21.11.2010 04:29:20


