[*** System Idle Process ***]


[*** System ***]


[*** smss.exe ***]
CommandLine = \SystemRoot\System32\smss.exe


[*** csrss.exe ***]
CommandLine = %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
ExecutablePath = C:\Windows\system32\csrss.exe
Version = 
Time = 14.07.2009 05:39:02


[*** wininit.exe ***]
CommandLine = wininit.exe
ExecutablePath = C:\Windows\system32\wininit.exe
Version = 
Time = 14.07.2009 05:39:52


[*** csrss.exe ***]
CommandLine = %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
ExecutablePath = C:\Windows\system32\csrss.exe
Version = 
Time = 14.07.2009 05:39:02


[*** services.exe ***]
CommandLine = C:\Windows\system32\services.exe
ExecutablePath = C:\Windows\system32\services.exe
Version = 
Time = 14.07.2009 05:39:37


[*** lsass.exe ***]
CommandLine = C:\Windows\system32\lsass.exe
ExecutablePath = C:\Windows\system32\lsass.exe
Version = 
Time = 04.09.2013 20:51:00


[*** lsm.exe ***]
CommandLine = C:\Windows\system32\lsm.exe
ExecutablePath = C:\Windows\system32\lsm.exe
Version = 
Time = 21.11.2010 06:23:53


[*** winlogon.exe ***]
CommandLine = winlogon.exe
ExecutablePath = C:\Windows\system32\winlogon.exe
Version = 
Time = 21.11.2010 06:24:29


[*** svchost.exe ***]
CommandLine = C:\Windows\system32\svchost.exe -k DcomLaunch
ExecutablePath = C:\Windows\system32\svchost.exe
Version = 
Time = 14.07.2009 05:39:46


[*** nvvsvc.exe ***]
CommandLine = "C:\Windows\system32\nvvsvc.exe"
ExecutablePath = C:\Windows\system32\nvvsvc.exe
Version = 8.17.13.4052
Time = 02.07.2014 22:55:41


[*** nvSCPAPISvr.exe ***]
CommandLine = "C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
ExecutablePath = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
Version = 
Time = 02.07.2014 21:44:41


[*** svchost.exe ***]
CommandLine = C:\Windows\system32\svchost.exe -k RPCSS
ExecutablePath = C:\Windows\system32\svchost.exe
Version = 
Time = 14.07.2009 05:39:46


[*** svchost.exe ***]
CommandLine = C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
ExecutablePath = C:\Windows\System32\svchost.exe
Version = 
Time = 14.07.2009 05:39:46


[*** svchost.exe ***]
CommandLine = C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
ExecutablePath = C:\Windows\System32\svchost.exe
Version = 
Time = 14.07.2009 05:39:46


[*** svchost.exe ***]
CommandLine = C:\Windows\system32\svchost.exe -k LocalService
ExecutablePath = C:\Windows\system32\svchost.exe
Version = 
Time = 14.07.2009 05:39:46


[*** svchost.exe ***]
CommandLine = C:\Windows\system32\svchost.exe -k netsvcs
ExecutablePath = C:\Windows\system32\svchost.exe
Version = 
Time = 14.07.2009 05:39:46


[*** svchost.exe ***]
CommandLine = C:\Windows\system32\svchost.exe -k GPSvcGroup
ExecutablePath = C:\Windows\system32\svchost.exe
Version = 
Time = 14.07.2009 05:39:46


[*** nvxdsync.exe ***]
CommandLine = "C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
ExecutablePath = C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
Version = 8.17.13.4052
Time = 02.07.2014 22:55:44


[*** nvvsvc.exe ***]
CommandLine = C:\Windows\system32\nvvsvc.exe -session -first
ExecutablePath = C:\Windows\system32\nvvsvc.exe
Version = 8.17.13.4052
Time = 02.07.2014 22:55:41


[*** svchost.exe ***]
CommandLine = C:\Windows\system32\svchost.exe -k NetworkService
ExecutablePath = C:\Windows\system32\svchost.exe
Version = 
Time = 14.07.2009 05:39:46


[*** spoolsv.exe ***]
CommandLine = C:\Windows\System32\spoolsv.exe
ExecutablePath = C:\Windows\System32\spoolsv.exe
Version = 
Time = 04.09.2013 20:58:34


[*** svchost.exe ***]
CommandLine = C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
ExecutablePath = C:\Windows\system32\svchost.exe
Version = 
Time = 14.07.2009 05:39:46


[*** atkexComSvc.exe ***]
CommandLine = "C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe"
ExecutablePath = C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
Version = 
Time = 28.01.2014 07:16:06


[*** ASGT.exe ***]
CommandLine = C:\Windows\SysWOW64\ASGT.exe
ExecutablePath = C:\Windows\SysWOW64\ASGT.exe
Version = 
Time = 17.01.2012 11:24:10


[*** NvNetworkService.exe ***]
CommandLine = "C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
ExecutablePath = C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
Version = 
Time = 25.07.2014 18:02:40


[*** nvstreamsvc.exe ***]
CommandLine = "C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
ExecutablePath = C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
Version = 
Time = 25.07.2014 18:02:38


[*** rutserv.exe ***]
CommandLine = "C:\Program Files (x86)\Remote Manipulator System - Host\rutserv.exe"
ExecutablePath = C:\Program Files (x86)\Remote Manipulator System - Host\rutserv.exe
Version = 5.6.0.6
Time = 08.02.2014 17:45:40


[*** rfusclient.exe ***]
CommandLine = "C:\Program Files (x86)\Remote Manipulator System - Host\rfusclient.exe"
ExecutablePath = C:\Program Files (x86)\Remote Manipulator System - Host\rfusclient.exe
Version = 5.6.0.6
Time = 08.02.2014 17:45:40


[*** rserver3.exe ***]
CommandLine = "C:\Windows\SysWOW64\rserver30\RServer3.exe" /service
ExecutablePath = C:\Windows\SysWOW64\rserver30\RServer3.exe
Version = 
Time = 09.10.2009 14:00:44


[*** taskhost.exe ***]
CommandLine = "taskhost.exe"
ExecutablePath = C:\Windows\system32\taskhost.exe
Version = 
Time = 04.09.2013 21:23:16


[*** dwm.exe ***]
CommandLine = "C:\Windows\system32\Dwm.exe"
ExecutablePath = C:\Windows\system32\Dwm.exe
Version = 
Time = 14.07.2009 05:39:08


[*** explorer.exe ***]
CommandLine = C:\Windows\Explorer.EXE
ExecutablePath = C:\Windows\Explorer.EXE
Version = 
Time = 04.09.2013 20:44:53


[*** RtkNGUI64.exe ***]
CommandLine = "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
ExecutablePath = C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
Version = 
Time = 22.10.2013 16:32:30


[*** rfusclient.exe ***]
CommandLine = "C:\Program Files (x86)\Remote Manipulator System - Host\rfusclient.exe" /tray
ExecutablePath = C:\Program Files (x86)\Remote Manipulator System - Host\rfusclient.exe
Version = 5.6.0.6
Time = 08.02.2014 17:45:40


[*** nvstreamsvc.exe ***]
CommandLine = "C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" nss 86a74fb2-b7b5-4c12-889f-2a6cb60d841c 1
ExecutablePath = C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
Version = 
Time = 25.07.2014 18:02:38


[*** nvstreamsvc.exe ***]
CommandLine = "C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
ExecutablePath = C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
Version = 
Time = 25.07.2014 18:02:38


[*** conhost.exe ***]
CommandLine = \??\C:\Windows\system32\conhost.exe "-456790828139548014704315778-190118536129140776317797181241357318385-1288122158
ExecutablePath = C:\Windows\system32\conhost.exe
Version = 
Time = 04.09.2013 21:11:47


[*** conhost.exe ***]
CommandLine = \??\C:\Windows\system32\conhost.exe "-247264064-884995177-810464495129311084-560084512-1413878772-5697406791450946467
ExecutablePath = C:\Windows\system32\conhost.exe
Version = 
Time = 04.09.2013 21:11:47


[*** svchost.exe ***]
CommandLine = C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
ExecutablePath = C:\Windows\system32\svchost.exe
Version = 
Time = 14.07.2009 05:39:46


[*** WUDFHost.exe ***]
CommandLine = "C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-c4e6da5e-7431-4c17-9d0d-10e6d9ed43a0 -SystemEventPortName:HostProcess-9f8b7f46-b71f-44ac-90fb-dfc4d9adb801 -IoCancelEventPortName:HostProcess-d5eab8ba-c117-4aee-8c54-4e74171b2c48 -NonStateChangingEventPortName:HostProcess-12fb5886-4843-4b20-954b-f3184303f012 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:d2a55733-c036-4277-8ba6-26a62d6a5c99 -DeviceGroupId:
ExecutablePath = C:\Windows\System32\WUDFHost.exe
Version = 
Time = 04.09.2013 21:04:42


[*** nvtray.exe ***]
CommandLine = "C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
ExecutablePath = C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
Version = 7.17.13.4052
Time = 02.07.2014 22:55:44


[*** NvBackend.exe ***]
CommandLine = "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
ExecutablePath = C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
Version = 
Time = 25.07.2014 18:02:45


[*** SearchIndexer.exe ***]
CommandLine = C:\Windows\system32\SearchIndexer.exe /Embedding
ExecutablePath = C:\Windows\system32\SearchIndexer.exe
Version = 
Time = 04.09.2013 20:48:16


[*** svchost.exe ***]
CommandLine = C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
ExecutablePath = C:\Windows\system32\svchost.exe
Version = 
Time = 14.07.2009 05:39:46


[*** svchost.exe ***]
CommandLine = C:\Windows\System32\svchost.exe -k secsvcs
ExecutablePath = C:\Windows\System32\svchost.exe
Version = 
Time = 14.07.2009 05:39:46


[*** oopnet.exe ***]
CommandLine = "C:\Program Files (x86)\DevLine\Linia SKW\oopnet.exe" /i /Service
ExecutablePath = C:\Program Files (x86)\DevLine\Linia SKW\oopnet.exe
Version = 6.9.6-e14e960f7f5c
Time = 04.08.2015 13:25:40


[*** dumper.exe ***]
CommandLine = -e 256
ExecutablePath = C:\Program Files (x86)\DevLine\Linia SKW\dumper.exe
Version = 
Time = 04.08.2015 13:13:44


[*** observer.exe ***]
CommandLine = "C:\Program Files (x86)\DevLine\Linia SKW\observer.exe" 
ExecutablePath = C:\Program Files (x86)\DevLine\Linia SKW\observer.exe
Version = 6.9.6-e14e960f7f5c
Time = 04.08.2015 13:30:46


[*** dumper.exe ***]
CommandLine = -e 608
ExecutablePath = C:\Program Files (x86)\DevLine\Linia SKW\dumper.exe
Version = 
Time = 04.08.2015 13:13:44


[*** chrome.exe ***]
CommandLine = "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" 
ExecutablePath = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Version = 
Time = 09.10.2015 04:53:06


[*** chrome.exe ***]
CommandLine = "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="4856.0.1380593150\1841807889" --supports-dual-gpus=false --gpu-driver-bug-workarounds=2,12,20,45,55 --gpu-vendor-id=0x10de --gpu-device-id=0x1381 --gpu-driver-vendor=NVIDIA --gpu-driver-version=9.18.13.4052 --ignored=" --type=renderer " /prefetch:822062411
ExecutablePath = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Version = 
Time = 09.10.2015 04:53:06


[*** chrome.exe ***]
CommandLine = "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=ru --force-fieldtrials="AffiliationBasedMatching/Enabled/AppBannerTriggering/Conservative/AudioProcessing48kHzSupport/Default/*AutofillClassifier/Enabled/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Default/ChromotingQUIC/Disabled/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group2 pct:10b stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableGoogleCachedCopyTextExperiment/Button/EnableSessionCrashedBubbleUI/Enabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/StandardR5/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PluginPowerSaver/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/RefreshTokenDeviceId/Enabled/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Disabled/SafeBrowsingSocialEngineeringStrings/Disabled/*SdchPersistence/Enabled/SessionRestoreBackgroundLoading/Restore/*SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Control/VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="4856.2.1151163450\1732902759" --font-cache-shared-handle=3420 /prefetch:673131151
ExecutablePath = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Version = 
Time = 09.10.2015 04:53:06


[*** Radmin.exe ***]
CommandLine = "C:\Program Files (x86)\Radmin Viewer 3\Radmin.exe" 
ExecutablePath = C:\Program Files (x86)\Radmin Viewer 3\Radmin.exe
Version = 
Time = 09.10.2009 14:00:44


[*** taskeng.exe ***]
CommandLine = taskeng.exe {F9C23838-0E2A-4A97-97BA-2FE8E5C97F5B}
ExecutablePath = C:\Windows\system32\taskeng.exe
Version = 
Time = 21.11.2010 06:24:27


[*** audiodg.exe ***]


[*** WmiPrvSE.exe ***]
CommandLine = C:\Windows\system32\wbem\wmiprvse.exe
ExecutablePath = C:\Windows\system32\wbem\wmiprvse.exe
Version = 
Time = 21.11.2010 06:24:15


[*** LiniaSysInfo.exe ***]
CommandLine = "C:\Program Files (x86)\DevLine\Linia SKW\LiniaSysInfo.exe" 
ExecutablePath = C:\Program Files (x86)\DevLine\Linia SKW\LiniaSysInfo.exe
Version = 
Time = 04.08.2015 13:14:58


[*** FamItrfc.Exe ***]
CommandLine = "C:\Windows\SysWOW64\rserver30\FamItrfc.Exe"
ExecutablePath = C:\Windows\SysWOW64\rserver30\FamItrfc.Exe
Version = 
Time = 09.10.2009 20:54:34


[*** FamItrfc.Exe ***]
CommandLine = "C:\Windows\SysWOW64\rserver30\FamItrfc.Exe"
ExecutablePath = C:\Windows\SysWOW64\rserver30\FamItrfc.Exe
Version = 
Time = 09.10.2009 20:54:34


[*** WmiPrvSE.exe ***]
CommandLine = C:\Windows\system32\wbem\wmiprvse.exe
ExecutablePath = C:\Windows\system32\wbem\wmiprvse.exe
Version = 
Time = 21.11.2010 06:24:15


