[*** System Idle Process ***]


[*** System ***]


[*** Registry ***]


[*** smss.exe ***]


[*** csrss.exe ***]


[*** wininit.exe ***]


[*** services.exe ***]


[*** lsass.exe ***]
CommandLine = C:\Windows\system32\lsass.exe
ExecutablePath = C:\Windows\system32\lsass.exe
Version = 
Time = 06.10.2021 16:30:54


[*** svchost.exe ***]
CommandLine = C:\Windows\system32\svchost.exe -k DcomLaunch -p
ExecutablePath = C:\Windows\system32\svchost.exe
Version = 
Time = 16.02.2022 12:45:07


[*** fontdrvhost.exe ***]
CommandLine = "fontdrvhost.exe"
ExecutablePath = C:\Windows\system32\fontdrvhost.exe
Version = 
Time = 16.02.2022 12:45:10


[*** svchost.exe ***]
CommandLine = C:\Windows\system32\svchost.exe -k RPCSS -p
ExecutablePath = C:\Windows\system32\svchost.exe
Version = 
Time = 16.02.2022 12:45:07


[*** svchost.exe ***]
CommandLine = C:\Windows\system32\svchost.exe -k DcomLaunch -p -s LSM
ExecutablePath = C:\Windows\system32\svchost.exe
Version = 
Time = 16.02.2022 12:45:07


[*** svchost.exe ***]
CommandLine = C:\Windows\System32\svchost.exe -k NetworkService -s TermService
ExecutablePath = C:\Windows\System32\svchost.exe
Version = 
Time = 16.02.2022 12:45:07


[*** svchost.exe ***]
CommandLine = C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s NcbService
ExecutablePath = C:\Windows\System32\svchost.exe
Version = 
Time = 16.02.2022 12:45:07


[*** svchost.exe ***]
CommandLine = C:\Windows\system32\svchost.exe -k netsvcs -p -s Schedule
ExecutablePath = C:\Windows\system32\svchost.exe
Version = 
Time = 16.02.2022 12:45:07


[*** svchost.exe ***]
CommandLine = C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s TimeBrokerSvc
ExecutablePath = C:\Windows\system32\svchost.exe
Version = 
Time = 16.02.2022 12:45:07


[*** svchost.exe ***]
CommandLine = C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s EventLog
ExecutablePath = C:\Windows\System32\svchost.exe
Version = 
Time = 16.02.2022 12:45:07


[*** svchost.exe ***]
CommandLine = C:\Windows\system32\svchost.exe -k netsvcs -p -s ProfSvc
ExecutablePath = C:\Windows\system32\svchost.exe
Version = 
Time = 16.02.2022 12:45:07


[*** svchost.exe ***]
CommandLine = C:\Windows\system32\svchost.exe -k netsvcs -p -s UserManager
ExecutablePath = C:\Windows\system32\svchost.exe
Version = 
Time = 16.02.2022 12:45:07


[*** svchost.exe ***]
CommandLine = C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork -p
ExecutablePath = C:\Windows\system32\svchost.exe
Version = 
Time = 16.02.2022 12:45:07


[*** svchost.exe ***]
CommandLine = C:\Windows\system32\svchost.exe -k LocalService -p -s nsi
ExecutablePath = C:\Windows\system32\svchost.exe
Version = 
Time = 16.02.2022 12:45:07


[*** svchost.exe ***]
CommandLine = C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s Dhcp
ExecutablePath = C:\Windows\system32\svchost.exe
Version = 
Time = 16.02.2022 12:45:07


[*** svchost.exe ***]
CommandLine = C:\Windows\System32\svchost.exe -k netsvcs -p -s Themes
ExecutablePath = C:\Windows\System32\svchost.exe
Version = 
Time = 16.02.2022 12:45:07


[*** svchost.exe ***]
CommandLine = C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s SysMain
ExecutablePath = C:\Windows\system32\svchost.exe
Version = 
Time = 16.02.2022 12:45:07


[*** svchost.exe ***]
CommandLine = C:\Windows\system32\svchost.exe -k LocalService -p -s EventSystem
ExecutablePath = C:\Windows\system32\svchost.exe
Version = 
Time = 16.02.2022 12:45:07


[*** svchost.exe ***]
CommandLine = C:\Windows\System32\svchost.exe -k NetworkService -p -s NlaSvc
ExecutablePath = C:\Windows\System32\svchost.exe
Version = 
Time = 16.02.2022 12:45:07


[*** Memory Compression ***]


[*** svchost.exe ***]
CommandLine = C:\Windows\system32\svchost.exe -k LocalService -p
ExecutablePath = C:\Windows\system32\svchost.exe
Version = 
Time = 16.02.2022 12:45:07


[*** svchost.exe ***]
CommandLine = C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s UmRdpService
ExecutablePath = C:\Windows\System32\svchost.exe
Version = 
Time = 16.02.2022 12:45:07


[*** svchost.exe ***]
CommandLine = C:\Windows\system32\svchost.exe -k netsvcs -p -s SENS
ExecutablePath = C:\Windows\system32\svchost.exe
Version = 
Time = 16.02.2022 12:45:07


[*** svchost.exe ***]
CommandLine = C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s AudioEndpointBuilder
ExecutablePath = C:\Windows\System32\svchost.exe
Version = 
Time = 16.02.2022 12:45:07


[*** svchost.exe ***]
CommandLine = C:\Windows\system32\svchost.exe -k LocalService -p -s FontCache
ExecutablePath = C:\Windows\system32\svchost.exe
Version = 
Time = 16.02.2022 12:45:07


[*** svchost.exe ***]
CommandLine = C:\Windows\system32\svchost.exe -k LocalService -p -s DispBrokerDesktopSvc
ExecutablePath = C:\Windows\system32\svchost.exe
Version = 
Time = 16.02.2022 12:45:07


[*** svchost.exe ***]
CommandLine = C:\Windows\System32\svchost.exe -k LocalService -p -s netprofm
ExecutablePath = C:\Windows\System32\svchost.exe
Version = 
Time = 16.02.2022 12:45:07


[*** svchost.exe ***]
CommandLine = C:\Windows\system32\svchost.exe -k netsvcs -s CertPropSvc
ExecutablePath = C:\Windows\system32\svchost.exe
Version = 
Time = 16.02.2022 12:45:07


[*** svchost.exe ***]
CommandLine = C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted -p
ExecutablePath = C:\Windows\System32\svchost.exe
Version = 
Time = 16.02.2022 12:45:07


[*** svchost.exe ***]
CommandLine = C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted -p
ExecutablePath = C:\Windows\System32\svchost.exe
Version = 
Time = 16.02.2022 12:45:07


[*** svchost.exe ***]
CommandLine = C:\Windows\system32\svchost.exe -k NetworkService -p -s Dnscache
ExecutablePath = C:\Windows\system32\svchost.exe
Version = 
Time = 16.02.2022 12:45:07


[*** svchost.exe ***]
CommandLine = C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted -p
ExecutablePath = C:\Windows\system32\svchost.exe
Version = 
Time = 16.02.2022 12:45:07


[*** svchost.exe ***]
CommandLine = C:\Windows\System32\svchost.exe -k NetworkService -p -s LanmanWorkstation
ExecutablePath = C:\Windows\System32\svchost.exe
Version = 
Time = 16.02.2022 12:45:07


[*** svchost.exe ***]
CommandLine = C:\Windows\System32\svchost.exe -k netsvcs -p -s ShellHWDetection
ExecutablePath = C:\Windows\System32\svchost.exe
Version = 
Time = 16.02.2022 12:45:07


[*** svchost.exe ***]
CommandLine = C:\Windows\System32\svchost.exe -k netsvcs -p -s SessionEnv
ExecutablePath = C:\Windows\System32\svchost.exe
Version = 
Time = 16.02.2022 12:45:07


[*** svchost.exe ***]
CommandLine = C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s WinHttpAutoProxySvc
ExecutablePath = C:\Windows\system32\svchost.exe
Version = 
Time = 16.02.2022 12:45:07


[*** spoolsv.exe ***]
CommandLine = C:\Windows\System32\spoolsv.exe
ExecutablePath = C:\Windows\System32\spoolsv.exe
Version = 
Time = 16.02.2022 12:44:52


[*** svchost.exe ***]
CommandLine = C:\Windows\system32\svchost.exe -k LocalServiceNoNetworkFirewall -p
ExecutablePath = C:\Windows\system32\svchost.exe
Version = 
Time = 16.02.2022 12:45:07


[*** svchost.exe ***]
CommandLine = C:\Windows\system32\svchost.exe -k netsvcs -p -s IKEEXT
ExecutablePath = C:\Windows\system32\svchost.exe
Version = 
Time = 16.02.2022 12:45:07


[*** svchost.exe ***]
CommandLine = C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted -p -s PolicyAgent
ExecutablePath = C:\Windows\system32\svchost.exe
Version = 
Time = 16.02.2022 12:45:07


[*** svchost.exe ***]
CommandLine = C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork -p -s DPS
ExecutablePath = C:\Windows\System32\svchost.exe
Version = 
Time = 16.02.2022 12:45:07


[*** svchost.exe ***]
CommandLine = C:\Windows\System32\svchost.exe -k utcsvc -p
ExecutablePath = C:\Windows\System32\svchost.exe
Version = 
Time = 16.02.2022 12:45:07


[*** svchost.exe ***]
CommandLine = C:\Windows\system32\svchost.exe -k NetworkService -p -s CryptSvc
ExecutablePath = C:\Windows\system32\svchost.exe
Version = 
Time = 16.02.2022 12:45:07


[*** rutserv.exe ***]
CommandLine = "C:\Program Files (x86)\Remote Manipulator System - Host\rutserv.exe"
ExecutablePath = C:\Program Files (x86)\Remote Manipulator System - Host\rutserv.exe
Version = 6.10.10.0
Time = 03.07.2019 21:17:12


[*** wrapper.exe ***]
CommandLine = "C:\Program Files\Supermicro\SuperDoctor5\wrapper.exe" -s "C:\Program Files\Supermicro\SuperDoctor5\wrapper-sd5-windows.conf"
ExecutablePath = C:\Program Files\Supermicro\SuperDoctor5\wrapper.exe
Version = 
Time = 18.10.2018 17:55:38


[*** pcns.exe ***]
CommandLine = "C:\Program Files\APC\PowerChute\group1\pcns.exe"
ExecutablePath = C:\Program Files\APC\PowerChute\group1\pcns.exe
Version = 
Time = 22.01.2021 20:22:32


[*** svchost.exe ***]
CommandLine = C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s TrkWks
ExecutablePath = C:\Windows\System32\svchost.exe
Version = 
Time = 16.02.2022 12:45:07


[*** zabbix_agentd.exe ***]
CommandLine = "C:\Program Files\Zabbix Agent\zabbix_agentd.exe" --config "C:\Program Files\Zabbix Agent\zabbix_agentd.conf"
ExecutablePath = C:\Program Files\Zabbix Agent\zabbix_agentd.exe
Version = 5.0.21.47104dd574
Time = 28.02.2022 18:27:26


[*** svchost.exe ***]
CommandLine = C:\Windows\system32\svchost.exe -k netsvcs -p -s WpnService
ExecutablePath = C:\Windows\system32\svchost.exe
Version = 
Time = 16.02.2022 12:45:07


[*** snmp.exe ***]
CommandLine = C:\Windows\System32\snmp.exe
ExecutablePath = C:\Windows\System32\snmp.exe
Version = 
Time = 06.12.2019 21:15:00


[*** svchost.exe ***]
CommandLine = C:\Windows\system32\svchost.exe -k netsvcs -p -s Winmgmt
ExecutablePath = C:\Windows\system32\svchost.exe
Version = 
Time = 16.02.2022 12:45:07


[*** svchost.exe ***]
CommandLine = C:\Windows\system32\svchost.exe -k LocalService -p -s SstpSvc
ExecutablePath = C:\Windows\system32\svchost.exe
Version = 
Time = 16.02.2022 12:45:07


[*** MsMpEng.exe ***]


[*** svchost.exe ***]
CommandLine = C:\Windows\System32\svchost.exe -k LocalService -p -s WdiServiceHost
ExecutablePath = C:\Windows\System32\svchost.exe
Version = 
Time = 16.02.2022 12:45:07


[*** VivaldiFramework.exe ***]
CommandLine = "C:\Program Files (x86)\MegaRAID Storage Manager\Framework\VivaldiFramework.exe"
ExecutablePath = C:\Program Files (x86)\MegaRAID Storage Manager\Framework\VivaldiFramework.exe
Version = 
Time = 20.10.2015 00:25:30


[*** svchost.exe ***]
CommandLine = C:\Windows\System32\svchost.exe -k NetSvcs -p -s iphlpsvc
ExecutablePath = C:\Windows\System32\svchost.exe
Version = 
Time = 16.02.2022 12:45:07


[*** svchost.exe ***]
CommandLine = C:\Windows\system32\svchost.exe -k netsvcs -p -s LanmanServer
ExecutablePath = C:\Windows\system32\svchost.exe
Version = 
Time = 16.02.2022 12:45:07


[*** conhost.exe ***]
CommandLine = \??\C:\Windows\system32\conhost.exe 0x4
ExecutablePath = C:\Windows\system32\conhost.exe
Version = 
Time = 16.02.2022 12:45:07


[*** svchost.exe ***]
CommandLine = C:\Windows\System32\svchost.exe -k netsvcs
ExecutablePath = C:\Windows\System32\svchost.exe
Version = 
Time = 16.02.2022 12:45:07


[*** java.exe ***]
CommandLine = -Xrs -Xms32m -Xmx64m -Dfile.encoding=UTF-8 -cp .;.\lib\*;.\comp\pcns.jar;.\comp\Notifier.jar com.apcc.m11.arch.application.Application
ExecutablePath = C:\Program Files\APC\PowerChute\jre_x64\bin\java.exe
Version = 
Time = 26.11.2020 13:12:58


[*** cmd.exe ***]
CommandLine = C:\Windows\system32\cmd.exe /c ..\JRE\bin\javaw -Xrs -classpath ..\JRE\lib\rt.jar;mail.jar;Framework.jar -Djava.library.path=. Framework.FrameworkManager > start.log
ExecutablePath = C:\Windows\SysWOW64\cmd.exe
Version = 
Time = 06.10.2021 16:31:20


[*** conhost.exe ***]
CommandLine = \??\C:\Windows\system32\conhost.exe 0x4
ExecutablePath = C:\Windows\system32\conhost.exe
Version = 
Time = 16.02.2022 12:45:07


[*** javaw.exe ***]
CommandLine = ..\JRE\bin\javaw  -Xrs -classpath ..\JRE\lib\rt.jar;mail.jar;Framework.jar -Djava.library.path=. Framework.FrameworkManager 
ExecutablePath = C:\Program Files (x86)\MegaRAID Storage Manager\JRE\bin\javaw.exe
Version = 
Time = 20.03.2016 22:39:42


[*** svchost.exe ***]
CommandLine = C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted -s RmSvc
ExecutablePath = C:\Windows\System32\svchost.exe
Version = 
Time = 16.02.2022 12:45:07


[*** java.exe ***]
CommandLine = "jre\bin\java.exe" -XX:+HeapDumpOnOutOfMemoryError -Djava.io.tmpdir=./cache -Dfile.encoding=UTF-8 -Dsun.jnu.encoding=UTF-8 -Djna.nosys=true -Duser.language=en -Xms8m -Xmx128m -Djava.library.path=".;./libs/native;./libs/native;./libs/native/64-bit;./libs/native;./libs/native/64-bit;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files\Supermicro\SuperDoctor5;C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\WindowsApps" -classpath "./bootstrap/libs/SSMAgent-3.4.0-20181018175405.jar;./bootstrap/libs/SSMCommon-3.10.0-20181018170805.jar;./bootstrap/libs/bootstrap.jar;./bootstrap/libs/commons-compress-1.13.jar;./bootstrap/libs/gson-2.8.0.jar;./bootstrap/libs/jna-4.1.0.jar;./bootstrap/libs/jna-platform-4.1.0.jar;./bootstrap/libs/logback-classic-1.1.9.jar;./bootstrap/libs/logback-core-1.1.9.jar;./bootstrap/libs/slf4j-api-1.7.25.jar;./bootstrap/libs/wrapper-3.5.26.jar;./libs/native;./certificates;./config;." -Dwrapper.key="Lwo35NjLhCT_rN_7yLZH50oFuXDNmYY0" -Dwrapper.port=32000 -Dwrapper.pid=3636 -Dwrapper.version="3.5.26-st" -Dwrapper.native_library="wrapper" -Dwrapper.arch="x86" -Dwrapper.service="TRUE" -Dwrapper.cpu.timeout="10" -Dwrapper.jvmid=1 -Dwrapper.lang.domain=wrapper -Dwrapper.lang.folder=../lang com.supermicro.ssm.agent.SSMAgentService _updatefolder 7777 com.supermicro.ssm.agent.SSMAgentMain ./libs -c agent.cfg
ExecutablePath = C:\Program Files\Supermicro\SuperDoctor5\jre\bin\java.exe
Version = 
Time = 16.02.2022 13:39:53


[*** WmiPrvSE.exe ***]
CommandLine = C:\Windows\system32\wbem\wmiprvse.exe
ExecutablePath = C:\Windows\system32\wbem\wmiprvse.exe
Version = 
Time = 06.10.2021 16:30:45


[*** NisSrv.exe ***]


[*** svchost.exe ***]
CommandLine = C:\Windows\system32\svchost.exe -k appmodel -p -s StateRepository
ExecutablePath = C:\Windows\system32\svchost.exe
Version = 
Time = 16.02.2022 12:45:07


[*** svchost.exe ***]
CommandLine = C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s WdiSystemHost
ExecutablePath = C:\Windows\System32\svchost.exe
Version = 
Time = 16.02.2022 12:45:07


[*** svchost.exe ***]
CommandLine = C:\Windows\system32\svchost.exe -k netsvcs -p -s TokenBroker
ExecutablePath = C:\Windows\system32\svchost.exe
Version = 
Time = 16.02.2022 12:45:07


[*** svchost.exe ***]
CommandLine = C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s TabletInputService
ExecutablePath = C:\Windows\System32\svchost.exe
Version = 
Time = 16.02.2022 12:45:07


[*** svchost.exe ***]
CommandLine = C:\Windows\system32\svchost.exe -k LocalService -p -s CDPSvc
ExecutablePath = C:\Windows\system32\svchost.exe
Version = 
Time = 16.02.2022 12:45:07


[*** SearchIndexer.exe ***]
CommandLine = C:\Windows\system32\SearchIndexer.exe /Embedding
ExecutablePath = C:\Windows\system32\SearchIndexer.exe
Version = 
Time = 16.02.2022 12:44:57


[*** svchost.exe ***]
CommandLine = C:\Windows\System32\svchost.exe -k LocalService -p -s LicenseManager
ExecutablePath = C:\Windows\System32\svchost.exe
Version = 
Time = 16.02.2022 12:45:07


[*** svchost.exe ***]
CommandLine = C:\Windows\system32\svchost.exe -k netsvcs -p -s lfsvc
ExecutablePath = C:\Windows\system32\svchost.exe
Version = 
Time = 16.02.2022 12:45:07


[*** svchost.exe ***]
CommandLine = C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s PcaSvc
ExecutablePath = C:\Windows\system32\svchost.exe
Version = 
Time = 16.02.2022 12:45:07


[*** svchost.exe ***]
CommandLine = C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation -p -s SSDPSRV
ExecutablePath = C:\Windows\system32\svchost.exe
Version = 
Time = 16.02.2022 12:45:07


[*** svchost.exe ***]
CommandLine = C:\Windows\system32\svchost.exe -k netsvcs -p -s Appinfo
ExecutablePath = C:\Windows\system32\svchost.exe
Version = 
Time = 16.02.2022 12:45:07


[*** SgrmBroker.exe ***]


[*** svchost.exe ***]
CommandLine = C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s StorSvc
ExecutablePath = C:\Windows\System32\svchost.exe
Version = 
Time = 16.02.2022 12:45:07


[*** svchost.exe ***]
CommandLine = C:\Windows\system32\svchost.exe -k netsvcs -p -s UsoSvc
ExecutablePath = C:\Windows\system32\svchost.exe
Version = 
Time = 16.02.2022 12:45:07


[*** svchost.exe ***]


[*** svchost.exe ***]
CommandLine = C:\Windows\System32\svchost.exe -k netsvcs -p
ExecutablePath = C:\Windows\System32\svchost.exe
Version = 
Time = 16.02.2022 12:45:07


[*** csrss.exe ***]


[*** winlogon.exe ***]
CommandLine = C:\Windows\System32\WinLogon.exe -SpecialSession
ExecutablePath = C:\Windows\System32\WinLogon.exe
Version = 
Time = 16.02.2022 12:30:29


[*** fontdrvhost.exe ***]
CommandLine = "fontdrvhost.exe"
ExecutablePath = C:\Windows\System32\fontdrvhost.exe
Version = 
Time = 16.02.2022 12:45:10


[*** dwm.exe ***]
CommandLine = "dwm.exe"
ExecutablePath = C:\Windows\System32\dwm.exe
Version = 
Time = 06.10.2021 16:30:51


[*** rfusclient.exe ***]
CommandLine = "C:\Program Files (x86)\Remote Manipulator System - Host\rfusclient.exe" /rsession
ExecutablePath = C:\Program Files (x86)\Remote Manipulator System - Host\rfusclient.exe
Version = 6.10.10.0
Time = 03.07.2019 21:17:12


[*** svchost.exe ***]
CommandLine = C:\Windows\system32\svchost.exe -k UnistackSvcGroup -s CDPUserSvc
ExecutablePath = C:\Windows\system32\svchost.exe
Version = 
Time = 16.02.2022 12:45:07


[*** sihost.exe ***]
CommandLine = sihost.exe
ExecutablePath = C:\Windows\system32\sihost.exe
Version = 
Time = 06.10.2021 16:30:37


[*** svchost.exe ***]
CommandLine = C:\Windows\system32\svchost.exe -k UnistackSvcGroup -s WpnUserService
ExecutablePath = C:\Windows\system32\svchost.exe
Version = 
Time = 16.02.2022 12:45:07


[*** taskhostw.exe ***]
CommandLine = taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
ExecutablePath = C:\Windows\system32\taskhostw.exe
Version = 
Time = 16.02.2022 12:30:32


[*** explorer.exe ***]
CommandLine = C:\Windows\Explorer.EXE
ExecutablePath = C:\Windows\Explorer.EXE
Version = 
Time = 16.02.2022 12:44:53


[*** svchost.exe ***]
CommandLine = C:\Windows\system32\svchost.exe -k ClipboardSvcGroup -p -s cbdhsvc
ExecutablePath = C:\Windows\system32\svchost.exe
Version = 
Time = 16.02.2022 12:45:07


[*** svchost.exe ***]
CommandLine = C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s lmhosts
ExecutablePath = C:\Windows\System32\svchost.exe
Version = 
Time = 16.02.2022 12:45:07


[*** StartMenuExperienceHost.exe ***]
CommandLine = "C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe" -ServerName:App.AppXywbrabmsek0gm3tkwpr5kwzbs55tkqay.mca
ExecutablePath = C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
Version = 
Time = 16.02.2022 12:30:17


[*** RuntimeBroker.exe ***]
CommandLine = C:\Windows\System32\RuntimeBroker.exe -Embedding
ExecutablePath = C:\Windows\System32\RuntimeBroker.exe
Version = 
Time = 06.10.2021 16:30:20


[*** rfusclient.exe ***]
CommandLine = "C:\Program Files (x86)\Remote Manipulator System - Host\rfusclient.exe" /tray
ExecutablePath = C:\Program Files (x86)\Remote Manipulator System - Host\rfusclient.exe
Version = 6.10.10.0
Time = 03.07.2019 21:17:12


[*** SearchApp.exe ***]
CommandLine = "C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe" -ServerName:CortanaUI.AppX8z9r6jm96hw4bsbneegw0kyxx296wr9t.mca
ExecutablePath = C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
Version = 
Time = 16.02.2022 12:45:48


[*** RuntimeBroker.exe ***]
CommandLine = C:\Windows\System32\RuntimeBroker.exe -Embedding
ExecutablePath = C:\Windows\System32\RuntimeBroker.exe
Version = 
Time = 06.10.2021 16:30:20


[*** YourPhone.exe ***]
CommandLine = "C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22012.160.0_x64__8wekyb3d8bbwe\YourPhone.exe" -ServerName:App.AppX9yct9q388jvt4h7y0gn06smzkxcsnt8m.mca
ExecutablePath = C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22012.160.0_x64__8wekyb3d8bbwe\YourPhone.exe
Version = 
Time = 04.03.2022 07:19:46


[*** RuntimeBroker.exe ***]
CommandLine = C:\Windows\System32\RuntimeBroker.exe -Embedding
ExecutablePath = C:\Windows\System32\RuntimeBroker.exe
Version = 
Time = 06.10.2021 16:30:20


[*** smartscreen.exe ***]
CommandLine = C:\Windows\System32\smartscreen.exe -Embedding
ExecutablePath = C:\Windows\System32\smartscreen.exe
Version = 
Time = 16.02.2022 12:44:54


[*** SecurityHealthSystray.exe ***]
CommandLine = "C:\Windows\System32\SecurityHealthSystray.exe" 
ExecutablePath = C:\Windows\System32\SecurityHealthSystray.exe
Version = 
Time = 07.12.2019 12:08:41


[*** RuntimeBroker.exe ***]
CommandLine = C:\Windows\System32\RuntimeBroker.exe -Embedding
ExecutablePath = C:\Windows\System32\RuntimeBroker.exe
Version = 
Time = 06.10.2021 16:30:20


[*** OneDrive.exe ***]
CommandLine = "C:\Users\itterm\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
ExecutablePath = C:\Users\itterm\AppData\Local\Microsoft\OneDrive\OneDrive.exe
Version = 
Time = 04.03.2022 06:48:06


[*** msedge.exe ***]
CommandLine = "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5
ExecutablePath = C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
Version = 
Time = 24.02.2022 00:58:49


[*** msedge.exe ***]
CommandLine = "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\itterm\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\itterm\AppData\Local\Microsoft\Edge\User Data\Crashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=98.0.4758.102 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=98.0.1108.62 --initial-client-data=0xf4,0xf8,0xfc,0xd0,0x100,0x7ff901e84cc0,0x7ff901e84cd0,0x7ff901e84ce0
ExecutablePath = C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
Version = 
Time = 24.02.2022 00:58:49


[*** java.exe ***]
CommandLine = ..\JRE\bin\java.exe -classpath  Popup.jar;..\GUI.jar Popup.Communicator ajsgyqkj=71244
ExecutablePath = C:\Program Files (x86)\MegaRAID Storage Manager\JRE\bin\java.exe
Version = 
Time = 20.03.2016 22:39:30


[*** conhost.exe ***]
CommandLine = \??\C:\Windows\system32\conhost.exe 0x4
ExecutablePath = C:\Windows\system32\conhost.exe
Version = 
Time = 16.02.2022 12:45:07


[*** ShellExperienceHost.exe ***]
CommandLine = "C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
ExecutablePath = C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
Version = 
Time = 16.02.2022 12:31:11


[*** RuntimeBroker.exe ***]
CommandLine = C:\Windows\System32\RuntimeBroker.exe -Embedding
ExecutablePath = C:\Windows\System32\RuntimeBroker.exe
Version = 
Time = 06.10.2021 16:30:20


[*** msedge.exe ***]
CommandLine = "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2092 --field-trial-handle=2112,6131787525318190957,17373877424836252196,131072 /prefetch:2
ExecutablePath = C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
Version = 
Time = 24.02.2022 00:58:49


[*** msedge.exe ***]
CommandLine = "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=ru --service-sandbox-type=none --mojo-platform-channel-handle=2308 --field-trial-handle=2112,6131787525318190957,17373877424836252196,131072 /prefetch:3
ExecutablePath = C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
Version = 
Time = 24.02.2022 00:58:49


[*** msedge.exe ***]
CommandLine = "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=ru --service-sandbox-type=utility --mojo-platform-channel-handle=2888 --field-trial-handle=2112,6131787525318190957,17373877424836252196,131072 /prefetch:8
ExecutablePath = C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
Version = 
Time = 24.02.2022 00:58:49


[*** TextInputHost.exe ***]
CommandLine = "C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TextInputHost.exe" -ServerName:InputApp.AppXjd5de1g66v206tj52m9d0dtpppx4cgpn.mca
ExecutablePath = C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TextInputHost.exe
Version = 
Time = 16.02.2022 12:31:15


[*** svchost.exe ***]
CommandLine = C:\Windows\system32\svchost.exe -k UnistackSvcGroup
ExecutablePath = C:\Windows\system32\svchost.exe
Version = 
Time = 16.02.2022 12:45:07


[*** dllhost.exe ***]
CommandLine = C:\Windows\system32\DllHost.exe /Processid:{973D20D7-562D-44B9-B70B-5A0F49CCDF3F}
ExecutablePath = C:\Windows\system32\DllHost.exe
Version = 
Time = 06.10.2021 16:30:52


[*** ApplicationFrameHost.exe ***]
CommandLine = C:\Windows\system32\ApplicationFrameHost.exe -Embedding
ExecutablePath = C:\Windows\system32\ApplicationFrameHost.exe
Version = 
Time = 06.10.2021 16:30:45


[*** svchost.exe ***]
CommandLine = C:\Windows\system32\svchost.exe -k LocalService -p -s BthAvctpSvc
ExecutablePath = C:\Windows\system32\svchost.exe
Version = 
Time = 16.02.2022 12:45:07


[*** UserOOBEBroker.exe ***]
CommandLine = C:\Windows\System32\oobe\UserOOBEBroker.exe -Embedding
ExecutablePath = C:\Windows\System32\oobe\UserOOBEBroker.exe
Version = 
Time = 06.10.2021 16:31:04


[*** svchost.exe ***]
CommandLine = C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DisplayEnhancementService
ExecutablePath = C:\Windows\system32\svchost.exe
Version = 
Time = 16.02.2022 12:45:07


[*** SearchApp.exe ***]
CommandLine = "C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe" -ServerName:ShellFeedsUI.AppX88fpyyrd21w8wqe62wzsjh5agex7tf1e.mca
ExecutablePath = C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
Version = 
Time = 16.02.2022 12:45:48


[*** Microsoft.Photos.exe ***]
CommandLine = "C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2021.21090.10008.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe" -ServerName:App.AppXzst44mncqdg84v7sv6p7yznqwssy6f7f.mca
ExecutablePath = C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2021.21090.10008.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
Version = 
Time = 16.02.2022 15:06:54


[*** RuntimeBroker.exe ***]
CommandLine = C:\Windows\System32\RuntimeBroker.exe -Embedding
ExecutablePath = C:\Windows\System32\RuntimeBroker.exe
Version = 
Time = 06.10.2021 16:30:20


[*** SystemSettingsAdminFlows.exe ***]
CommandLine = "C:\Windows\system32\SystemSettingsAdminFlows.exe" CleanmgrAdminHelper
ExecutablePath = C:\Windows\system32\SystemSettingsAdminFlows.exe
Version = 
Time = 16.02.2022 12:45:01


[*** DismHost.exe ***]
CommandLine = C:\Users\itterm\AppData\Local\Temp\DF883CF4-0848-4214-8F0E-04F80B8F1C09\dismhost.exe {944F67EA-3D4E-4DED-8C63-37DA920403ED}
ExecutablePath = C:\Users\itterm\AppData\Local\Temp\DF883CF4-0848-4214-8F0E-04F80B8F1C09\dismhost.exe
Version = 
Time = 06.10.2021 16:31:07


[*** TrustedInstaller.exe ***]
CommandLine = C:\Windows\servicing\TrustedInstaller.exe
ExecutablePath = C:\Windows\servicing\TrustedInstaller.exe
Version = 
Time = 16.02.2022 12:45:15


[*** TiWorker.exe ***]
CommandLine = C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.1525_none_7e00daaa7c97a563\TiWorker.exe -Embedding
ExecutablePath = C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.1525_none_7e00daaa7c97a563\TiWorker.exe
Version = 
Time = 27.01.2022 09:28:32


[*** YourPhoneServer.exe ***]
CommandLine = "C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22012.160.0_x64__8wekyb3d8bbwe\YourPhoneServer/YourPhoneServer.exe" -Embedding
ExecutablePath = C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22012.160.0_x64__8wekyb3d8bbwe\YourPhoneServer\YourPhoneServer.exe
Version = 
Time = 04.03.2022 07:19:47


[*** SystemSettings.exe ***]
CommandLine = "C:\Windows\ImmersiveControlPanel\SystemSettings.exe" -ServerName:microsoft.windows.immersivecontrolpanel
ExecutablePath = C:\Windows\ImmersiveControlPanel\SystemSettings.exe
Version = 
Time = 16.02.2022 12:45:48


[*** svchost.exe ***]
CommandLine = C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s DsSvc
ExecutablePath = C:\Windows\System32\svchost.exe
Version = 
Time = 16.02.2022 12:45:07


[*** svchost.exe ***]
CommandLine = C:\Windows\system32\svchost.exe -k netsvcs -p -s wuauserv
ExecutablePath = C:\Windows\system32\svchost.exe
Version = 
Time = 16.02.2022 12:45:07


[*** csrss.exe ***]


[*** winlogon.exe ***]
CommandLine = winlogon.exe
ExecutablePath = C:\Windows\system32\winlogon.exe
Version = 
Time = 16.02.2022 12:30:29


[*** rdpclip.exe ***]
CommandLine = rdpclip
ExecutablePath = C:\Windows\System32\rdpclip.exe
Version = 
Time = 06.10.2021 16:31:41


[*** fontdrvhost.exe ***]
CommandLine = "fontdrvhost.exe"
ExecutablePath = C:\Windows\system32\fontdrvhost.exe
Version = 
Time = 16.02.2022 12:45:10


[*** LogonUI.exe ***]
CommandLine = "LogonUI.exe" /flags:0x2 /state0:0xaccf4055 /state1:0x41c64e6d
ExecutablePath = C:\Windows\system32\LogonUI.exe
Version = 
Time = 07.12.2019 12:08:19


[*** dwm.exe ***]
CommandLine = "dwm.exe"
ExecutablePath = C:\Windows\system32\dwm.exe
Version = 
Time = 06.10.2021 16:30:51


[*** ctfmon.exe ***]
CommandLine = "ctfmon.exe"
ExecutablePath = C:\Windows\system32\ctfmon.exe
Version = 
Time = 07.12.2019 12:09:00


[*** rfusclient.exe ***]
CommandLine = "C:\Program Files (x86)\Remote Manipulator System - Host\rfusclient.exe"
ExecutablePath = C:\Program Files (x86)\Remote Manipulator System - Host\rfusclient.exe
Version = 6.10.10.0
Time = 03.07.2019 21:17:12


[*** kernel.exe ***]
CommandLine = "C:\Program Files\DevLine\Line\kernel.exe" /i /Service
ExecutablePath = C:\Program Files\DevLine\Line\kernel.exe
Version = 7.7.0_x64
Time = 15.08.2019 12:41:16


[*** dumper.exe ***]
CommandLine = -e 820
ExecutablePath = C:\Program Files\DevLine\Line\dumper.exe
Version = 
Time = 15.08.2019 12:15:48


[*** SecurityHealthService.exe ***]


[*** svchost.exe ***]
CommandLine = C:\Windows\system32\svchost.exe -k netsvcs -p -s DsmSvc
ExecutablePath = C:\Windows\system32\svchost.exe
Version = 
Time = 16.02.2022 12:45:07


[*** svchost.exe ***]
CommandLine = C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -s ScDeviceEnum
ExecutablePath = C:\Windows\system32\svchost.exe
Version = 
Time = 16.02.2022 12:45:07


[*** svchost.exe ***]


[*** svchost.exe ***]


[*** WUDFHost.exe ***]
CommandLine = "C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-f87c632f-8bcf-4a01-9501-60b4184c838e -SystemEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-3855026d-085d-4284-a2cc-9db1902f0f1c -IoCancelEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-5fb27612-7f49-4e66-99ac-8d5f6ffc46b7 -NonStateChangingEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-00502fce-3cb6-4a41-8c6d-b50e9d4e820d -LifetimeId:c21e0dad-8369-4812-b974-6a4fe72a4635 -DeviceGroupId: -HostArg:0
ExecutablePath = C:\Windows\System32\WUDFHost.exe
Version = 
Time = 16.02.2022 12:30:31


[*** javaw.exe ***]
CommandLine = JRE\bin\javaw  -DVENUS=true -classpath .;GUI.jar;monitorgui.jar;DebugLog.jar;log4j-1.2.15.jar;jaxen-1.1.jar;jdom-1.1.jar GUI.VivaldiStartupDialog ajsgyqkj=71244
ExecutablePath = C:\Program Files (x86)\MegaRAID Storage Manager\JRE\bin\javaw.exe
Version = 
Time = 20.03.2016 22:39:42


[*** svchost.exe ***]
CommandLine = C:\Windows\system32\svchost.exe -k netsvcs -p -s wlidsvc
ExecutablePath = C:\Windows\system32\svchost.exe
Version = 
Time = 16.02.2022 12:45:07


[*** LiniaSysInfo.exe ***]
CommandLine = "C:\Program Files\DevLine\Line\LiniaSysInfo.exe" 
ExecutablePath = C:\Program Files\DevLine\Line\LiniaSysInfo.exe
Version = 
Time = 15.08.2019 12:17:16


[*** dumper.exe ***]
CommandLine = -e 420
ExecutablePath = C:\Program Files\DevLine\Line\dumper.exe
Version = 
Time = 15.08.2019 12:15:48


[*** WmiPrvSE.exe ***]
CommandLine = C:\Windows\system32\wbem\wmiprvse.exe
ExecutablePath = C:\Windows\system32\wbem\wmiprvse.exe
Version = 
Time = 06.10.2021 16:30:45


