Scribd Logo
Upload

Welcome to Scribd!

  • 461 views

    Untitled

    Uploaded by

    Yousuf Hasan
    This document contains a list of processes running on a Windows system with their process IDs and command lines. It includes common system processes like csrss.exe, winlogon.exe and explorer.exe as well as Microsoft Teams related processes like Teams.exe, msteams.exe and msedgewebview2.exe. The command lines provide details on the arguments passed to each process.

    Copyright:

    © All Rights Reserved
    Download as TXT, PDF, TXT or read online from Scribd

    Untitled

    Uploaded by

    Yousuf Hasan
    461 views12 pages
    This document contains a list of processes running on a Windows system with their process IDs and command lines. It includes common system processes like csrss.exe, winlogon.exe and explorer.exe as well as Microsoft Teams related processes like Teams.exe, msteams.exe and msedgewebview2.exe. The command lines provide details on the arguments passed to each process.

    Original Description:

    Fjxx

    Copyright

    © © All Rights Reserved

    Available Formats

    TXT, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    This document contains a list of processes running on a Windows system with their process IDs and command lines. It includes common system processes like csrss.exe, winlogon.exe and explorer.exe as well as Microsoft Teams related processes like Teams.exe, msteams.exe and msedgewebview2.exe. The command lines provide details on the arguments passed to each process.

    Copyright:

    © All Rights Reserved
    Download as TXT, PDF, TXT or read online from Scribd
    Download as txt, pdf, or txt
    461 views12 pages

    Untitled

    Uploaded by

    Yousuf Hasan
    This document contains a list of processes running on a Windows system with their process IDs and command lines. It includes common system processes like csrss.exe, winlogon.exe and explorer.exe as well as Microsoft Teams related processes like Teams.exe, msteams.exe and msedgewebview2.exe. The command lines provide details on the arguments passed to each process.

    Copyright:

    © All Rights Reserved
    Download as TXT, PDF, TXT or read online from Scribd
    Download as txt, pdf, or txt
    of 12

    ***********************************************

    * *
    * ____ _____ ____ _ ___ _ _ _____ *
    * | _ \| ____| _ \| | |_ _| \ | | ____| *
    * | |_) | _| | | | | | | || \| | _| *
    * | _ <| |___| |_| | |___ | || |\ | |___ *
    * |_| \_|_____|____/|_____|___|_| \_|_____| *
    * *
    * Telegram: https://t.me/REDLINESELLER *
    ***********************************************

    ID: 6464, Name: csrss.exe, CommandLine:


    ===============
    ID: 8256, Name: winlogon.exe, CommandLine: C:\WINDOWS\System32\WinLogon.exe -
    SpecialSession
    ===============
    ID: 7264, Name: fontdrvhost.exe, CommandLine: "fontdrvhost.exe"
    ===============
    ID: 4232, Name: dwm.exe, CommandLine: "dwm.exe"
    ===============
    ID: 7696, Name: NVDisplay.Container.exe, CommandLine: "C:\Program Files\NVIDIA
    Corporation\Display.NvContainer\NVDisplay.Container.exe" -f "C:\ProgramData\NVIDIA\
    DisplaySessionContainer%d.log" -d "C:\Program Files\NVIDIA Corporation\
    Display.NvContainer\plugins\Session" -r -l 3 -p 30000 -c
    ===============
    ID: 6448, Name: SynTPEnh.exe, CommandLine: "C:\Program Files\Synaptics\SynTP\
    SynTPEnh.exe"
    ===============
    ID: 7952, Name: sihost.exe, CommandLine: sihost.exe
    ===============
    ID: 8228, Name: svchost.exe, CommandLine: C:\WINDOWS\system32\svchost.exe -k
    BthAppGroup -p -s BluetoothUserService
    ===============
    ID: 6584, Name: svchost.exe, CommandLine: C:\WINDOWS\system32\svchost.exe -k
    UnistackSvcGroup -s CDPUserSvc
    ===============
    ID: 1852, Name: svchost.exe, CommandLine: C:\WINDOWS\system32\svchost.exe -k
    UnistackSvcGroup -s WpnUserService
    ===============
    ID: 1188, Name: taskhostw.exe, CommandLine: taskhostw.exe {222A245B-E637-4AE9-A93F-
    A59CA119A75E}
    ===============
    ID: 5980, Name: explorer.exe, CommandLine: C:\WINDOWS\Explorer.EXE
    ===============
    ID: 1528, Name: SynTPHelper.exe, CommandLine: "C:\PROGRAM FILES\SYNAPTICS\SYNTP\
    SYNTPHELPER.EXE"
    ===============
    ID: 1988, Name: svchost.exe, CommandLine: C:\WINDOWS\system32\svchost.exe -k
    ClipboardSvcGroup -p -s cbdhsvc
    ===============
    ID: 3220, Name: Widgets.exe, CommandLine: "C:\Program Files\WindowsApps\
    MicrosoftWindows.Client.WebExperience_421.20070.685.0_x64__cw5n1h2txyewy\Dashboard\
    Widgets.exe" -ServerName:Microsoft.Windows.DashboardServer
    ===============
    ID: 8860, Name: SearchHost.exe, CommandLine: "C:\WINDOWS\SystemApps\
    MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe" -
    ServerName:CortanaUI.AppXstmwaab17q5s3y22tp6apqz7a45vwv65.mca
    ===============
    ID: 6948, Name: StartMenuExperienceHost.exe, CommandLine: "C:\WINDOWS\SystemApps\
    Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\
    StartMenuExperienceHost.exe" -
    ServerName:App.AppXywbrabmsek0gm3tkwpr5kwzbs55tkqay.mca
    ===============
    ID: 4244, Name: RuntimeBroker.exe, CommandLine: C:\Windows\System32\
    RuntimeBroker.exe -Embedding
    ===============
    ID: 2032, Name: RuntimeBroker.exe, CommandLine: C:\Windows\System32\
    RuntimeBroker.exe -Embedding
    ===============
    ID: 9180, Name: svchost.exe, CommandLine: C:\WINDOWS\system32\svchost.exe -k
    UdkSvcGroup -s UdkUserSvc
    ===============
    ID: 5264, Name: dllhost.exe, CommandLine: C:\WINDOWS\system32\DllHost.exe
    /Processid:{973D20D7-562D-44B9-B70B-5A0F49CCDF3F}
    ===============
    ID: 9436, Name: ctfmon.exe, CommandLine: "ctfmon.exe"
    ===============
    ID: 10092, Name: SecurityHealthSystray.exe, CommandLine: "C:\Windows\System32\
    SecurityHealthSystray.exe"
    ===============
    ID: 10196, Name: igfxtray.exe, CommandLine: "C:\Windows\System32\igfxtray.exe"
    ===============
    ID: 9304, Name: hkcmd.exe, CommandLine: "C:\Windows\System32\hkcmd.exe"
    ===============
    ID: 9312, Name: igfxpers.exe, CommandLine: "C:\Windows\System32\igfxpers.exe"
    ===============
    ID: 5620, Name: OneDrive.exe, CommandLine: "C:\Users\prave\AppData\Local\Microsoft\
    OneDrive\OneDrive.exe" /background
    ===============
    ID: 10432, Name: Teams.exe, CommandLine: "C:\Users\prave\AppData\Local\Microsoft\
    Teams\current\Teams.exe" --system-initiated
    ===============
    ID: 10604, Name: msteams.exe, CommandLine: "C:\Program Files\WindowsApps\
    MicrosoftTeams_22227.300.1508.3394_x64__8wekyb3d8bbwe\msteams.exe" ms-teams:system-
    initiated
    ===============
    ID: 10832, Name: Cortana.exe, CommandLine: "C:\Program Files\WindowsApps\
    Microsoft.549981C3F5F10_4.2204.13303.0_x64__8wekyb3d8bbwe\Cortana.exe" -
    ServerName:App.AppX2y379sjp88wjq1y80217mddj3fargf2y.mca
    ===============
    ID: 10332, Name: RuntimeBroker.exe, CommandLine: C:\Windows\System32\
    RuntimeBroker.exe -Embedding
    ===============
    ID: 8664, Name: Teams.exe, CommandLine: "C:\Users\prave\AppData\Local\Microsoft\
    Teams\current\Teams.exe" --type=gpu-process --field-trial-
    handle=1616,7367391587419915672,7488999970747184181,131072 --enable-
    features=ContextBridgeMutability,SharedArrayBuffer,WinUseBrowserSpellChecker,WinUse
    HybridSpellChecker --disable-
    features=CalculateNativeWinOcclusion,ExtraCookieValidityChecks,ForcedColors,MediaFo
    undationAsyncH264Encoding,PlzServiceWorker,SpareRendererForSitePerProcess,WinRetrie
    veSuggestionsOnlyOnDemand --user-data-dir="C:\Users\prave\AppData\Roaming\
    Microsoft\Teams" --gpu-
    preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAA
    AAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAA
    ANAAAAEAAAAAAAAAABAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-
    handle=1612 /prefetch:2
    ===============
    ID: 7188, Name: Teams.exe, CommandLine: "C:\Users\prave\AppData\Local\Microsoft\
    Teams\current\Teams.exe" --type=utility --utility-sub-
    type=network.mojom.NetworkService --field-trial-
    handle=1616,7367391587419915672,7488999970747184181,131072 --enable-
    features=ContextBridgeMutability,SharedArrayBuffer,WinUseBrowserSpellChecker,WinUse
    HybridSpellChecker --disable-
    features=CalculateNativeWinOcclusion,ExtraCookieValidityChecks,ForcedColors,MediaFo
    undationAsyncH264Encoding,PlzServiceWorker,SpareRendererForSitePerProcess,WinRetrie
    veSuggestionsOnlyOnDemand --lang=en-US --service-sandbox-type=none --enable-wer --
    user-data-dir="C:\Users\prave\AppData\Roaming\Microsoft\Teams" --ms-teams-less-
    cors=522133263 --mojo-platform-channel-handle=2172 /prefetch:8
    ===============
    ID: 11312, Name: Teams.exe, CommandLine: "C:\Users\prave\AppData\Local\Microsoft\
    Teams\current\Teams.exe" --type=renderer --enable-wer --user-data-dir="C:\Users\
    prave\AppData\Roaming\Microsoft\Teams" --ms-teams-less-cors=522133263 --app-user-
    model-id=com.squirrel.Teams.Teams --app-path="C:\Users\prave\AppData\Local\
    Microsoft\Teams\current\resources\app.asar" --enable-sandbox --autoplay-policy=no-
    user-gesture-required --disable-background-timer-throttling --field-trial-
    handle=1616,7367391587419915672,7488999970747184181,131072 --enable-
    features=ContextBridgeMutability,SharedArrayBuffer,WinUseBrowserSpellChecker,WinUse
    HybridSpellChecker --disable-
    features=CalculateNativeWinOcclusion,ExtraCookieValidityChecks,ForcedColors,MediaFo
    undationAsyncH264Encoding,PlzServiceWorker,SpareRendererForSitePerProcess,WinRetrie
    veSuggestionsOnlyOnDemand --lang=en-US --device-scale-factor=1 --num-raster-
    threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-
    platform-channel-handle=3044 --msteams-process-type=notificationsManager
    /prefetch:1
    ===============
    ID: 11640, Name: msedgewebview2.exe, CommandLine: "C:\Program Files (x86)\
    Microsoft\EdgeWebView\Application\106.0.1370.47\msedgewebview2.exe" --embedded-
    browser-webview=1 --webview-exe-name=msteams.exe --webview-exe-
    version=22227.300.1508.3394 --user-data-dir="C:\Users\prave\AppData\Local\Packages\
    MicrosoftTeams_8wekyb3d8bbwe\LocalCache\Microsoft\MSTeams\EBWebView" --noerrdialogs
    --embedded-browser-webview-dpi-awareness=2 --edge-webview-is-background --enable-
    features=msSingleSignOnOSForPrimaryAccountIsShared,msWebView2CodeCache --mojo-
    named-platform-channel-pipe=10604.11588.10234437348691745495
    ===============
    ID: 11848, Name: msedgewebview2.exe, CommandLine: "C:\Program Files (x86)\
    Microsoft\EdgeWebView\Application\106.0.1370.47\msedgewebview2.exe" --
    type=crashpad-handler --user-data-dir=C:\Users\prave\AppData\Local\Packages\
    MicrosoftTeams_8wekyb3d8bbwe\LocalCache\Microsoft\MSTeams\EBWebView /prefetch:7 --
    monitor-self-annotation=ptype=crashpad-handler --database=C:\Users\prave\AppData\
    Local\Packages\MicrosoftTeams_8wekyb3d8bbwe\LocalCache\Microsoft\MSTeams\EBWebView\
    Crashpad --metrics-dir=C:\Users\prave\AppData\Local\Packages\
    MicrosoftTeams_8wekyb3d8bbwe\LocalCache\Microsoft\MSTeams\EBWebView --
    annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-
    version=106.0.5249.119 "--annotation=exe=C:\Program Files (x86)\Microsoft\
    EdgeWebView\Application\106.0.1370.47\msedgewebview2.exe" --annotation=plat=Win64
    "--annotation=prod=Edge WebView2" --annotation=ver=106.0.1370.47 --initial-client-
    data=0xe8,0xe0,0x10c,0xe4,0x118,0x7ff85dc56e08,0x7ff85dc56e18,0x7ff85dc56e28
    ===============
    ID: 11880, Name: Teams.exe, CommandLine: "C:\Users\prave\AppData\Local\Microsoft\
    Teams\current\Teams.exe" --type=utility --utility-sub-type=audio.mojom.AudioService
    --field-trial-handle=1616,7367391587419915672,7488999970747184181,131072 --enable-
    features=ContextBridgeMutability,SharedArrayBuffer,WinUseBrowserSpellChecker,WinUse
    HybridSpellChecker --disable-
    features=CalculateNativeWinOcclusion,ExtraCookieValidityChecks,ForcedColors,MediaFo
    undationAsyncH264Encoding,PlzServiceWorker,SpareRendererForSitePerProcess,WinRetrie
    veSuggestionsOnlyOnDemand --lang=en-US --service-sandbox-type=audio --enable-wer --
    user-data-dir="C:\Users\prave\AppData\Roaming\Microsoft\Teams" --ms-teams-less-
    cors=522133263 --mojo-platform-channel-handle=3548 /prefetch:8
    ===============
    ID: 12172, Name: msedgewebview2.exe, CommandLine: "C:\Program Files (x86)\
    Microsoft\EdgeWebView\Application\106.0.1370.47\msedgewebview2.exe" --type=gpu-
    process --noerrdialogs --user-data-dir="C:\Users\prave\AppData\Local\Packages\
    MicrosoftTeams_8wekyb3d8bbwe\LocalCache\Microsoft\MSTeams\EBWebView" --webview-exe-
    name=msteams.exe --webview-exe-version=22227.300.1508.3394 --embedded-browser-
    webview=1 --embedded-browser-webview-dpi-awareness=2 --gpu-
    preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAA
    AAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAA
    AOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-
    handle=1848 --field-trial-
    handle=1840,i,12757690527101142428,15330523438760311867,131072 --enable-
    features=msSingleSignOnOSForPrimaryAccountIsShared,msWebView2CodeCache /prefetch:2
    ===============
    ID: 12180, Name: msedgewebview2.exe, CommandLine: "C:\Program Files (x86)\
    Microsoft\EdgeWebView\Application\106.0.1370.47\msedgewebview2.exe" --type=utility
    --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-
    type=none --noerrdialogs --user-data-dir="C:\Users\prave\AppData\Local\Packages\
    MicrosoftTeams_8wekyb3d8bbwe\LocalCache\Microsoft\MSTeams\EBWebView" --webview-exe-
    name=msteams.exe --webview-exe-version=22227.300.1508.3394 --embedded-browser-
    webview=1 --embedded-browser-webview-dpi-awareness=2 --mojo-platform-channel-
    handle=1952 --field-trial-
    handle=1840,i,12757690527101142428,15330523438760311867,131072 --enable-
    features=msSingleSignOnOSForPrimaryAccountIsShared,msWebView2CodeCache /prefetch:3
    ===============
    ID: 12204, Name: msedgewebview2.exe, CommandLine: "C:\Program Files (x86)\
    Microsoft\EdgeWebView\Application\106.0.1370.47\msedgewebview2.exe" --type=utility
    --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-
    type=utility --noerrdialogs --user-data-dir="C:\Users\prave\AppData\Local\Packages\
    MicrosoftTeams_8wekyb3d8bbwe\LocalCache\Microsoft\MSTeams\EBWebView" --webview-exe-
    name=msteams.exe --webview-exe-version=22227.300.1508.3394 --embedded-browser-
    webview=1 --embedded-browser-webview-dpi-awareness=2 --mojo-platform-channel-
    handle=2372 --field-trial-
    handle=1840,i,12757690527101142428,15330523438760311867,131072 --enable-
    features=msSingleSignOnOSForPrimaryAccountIsShared,msWebView2CodeCache /prefetch:8
    ===============
    ID: 6060, Name: msedgewebview2.exe, CommandLine: "C:\Program Files (x86)\Microsoft\
    EdgeWebView\Application\106.0.1370.47\msedgewebview2.exe" --type=renderer --
    noerrdialogs --user-data-dir="C:\Users\prave\AppData\Local\Packages\
    MicrosoftTeams_8wekyb3d8bbwe\LocalCache\Microsoft\MSTeams\EBWebView" --webview-exe-
    name=msteams.exe --webview-exe-version=22227.300.1508.3394 --embedded-browser-
    webview=1 --embedded-browser-webview-dpi-awareness=2 --display-capture-permissions-
    policy-allowed --js-flags=--ms-user-locale= --first-renderer-process --js-flags="--
    harmony-weak-refs-with-cleanup-some --expose-gc" --lang=en-US --device-scale-
    factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-
    client-id=5 --time-ticks-at-unix-epoch=-1666282003301556 --launch-time-
    ticks=76013410375 --mojo-platform-channel-handle=2888 --field-trial-
    handle=1840,i,12757690527101142428,15330523438760311867,131072 --enable-
    features=msSingleSignOnOSForPrimaryAccountIsShared,msWebView2CodeCache /prefetch:1
    ===============
    ID: 12344, Name: RuntimeBroker.exe, CommandLine: C:\Windows\System32\
    RuntimeBroker.exe -Embedding
    ===============
    ID: 12828, Name: svchost.exe, CommandLine: C:\WINDOWS\system32\svchost.exe -k
    LocalService -p -s NPSMSvc
    ===============
    ID: 12852, Name: Teams.exe, CommandLine: "C:\Users\prave\AppData\Local\Microsoft\
    Teams\current\Teams.exe" --type=renderer --enable-wer --user-data-dir="C:\Users\
    prave\AppData\Roaming\Microsoft\Teams" --ms-teams-less-cors=522133263 --app-user-
    model-id=com.squirrel.Teams.Teams --app-path="C:\Users\prave\AppData\Local\
    Microsoft\Teams\current\resources\app.asar" --enable-sandbox --ms-allow-
    videorenderer --autoplay-policy=no-user-gesture-required --disable-background-
    timer-throttling --field-trial-
    handle=1616,7367391587419915672,7488999970747184181,131072 --enable-
    features=ContextBridgeMutability,SharedArrayBuffer,WinUseBrowserSpellChecker,WinUse
    HybridSpellChecker --disable-
    features=CalculateNativeWinOcclusion,ExtraCookieValidityChecks,ForcedColors,MediaFo
    undationAsyncH264Encoding,PlzServiceWorker,SpareRendererForSitePerProcess,WinRetrie
    veSuggestionsOnlyOnDemand --lang=en-US --device-scale-factor=1 --num-raster-
    threads=4 --enable-main-frame-before-activation --renderer-client-id=4 --mojo-
    platform-channel-handle=3704 --msteams-process-type=main-renderer --msteams-
    rendererid=main-renderer /prefetch:1
    ===============
    ID: 12976, Name: svchost.exe, CommandLine: C:\WINDOWS\system32\svchost.exe -k
    AarSvcGroup -p -s AarSvc
    ===============
    ID: 12756, Name: java.exe, CommandLine: C:\Users\prave\AppData\Roaming\Java\jre8\
    bin\java.exe --expose-gc C:\Users\prave\AppData\Roaming\Java\jre8\bin\java.exe:jnl
    ===============
    ID: 13300, Name: Teams.exe, CommandLine: "C:\Users\prave\AppData\Local\Microsoft\
    Teams\current\Teams.exe" --type=renderer --enable-wer --user-data-dir="C:\Users\
    prave\AppData\Roaming\Microsoft\Teams" --ms-teams-less-cors=522133263 --app-user-
    model-id=com.squirrel.Teams.Teams --app-path="C:\Users\prave\AppData\Local\
    Microsoft\Teams\current\resources\app.asar" --no-sandbox --no-zygote --autoplay-
    policy=no-user-gesture-required --disable-background-timer-throttling --field-
    trial-handle=1616,7367391587419915672,7488999970747184181,131072 --enable-
    features=ContextBridgeMutability,SharedArrayBuffer,WinUseBrowserSpellChecker,WinUse
    HybridSpellChecker --disable-
    features=CalculateNativeWinOcclusion,ExtraCookieValidityChecks,ForcedColors,MediaFo
    undationAsyncH264Encoding,PlzServiceWorker,SpareRendererForSitePerProcess,WinRetrie
    veSuggestionsOnlyOnDemand --lang=en-US --device-scale-factor=1 --num-raster-
    threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-
    platform-channel-handle=4868 --msteams-process-type=pluginHost /prefetch:1
    ===============
    ID: 12108, Name: csrss.exe, CommandLine: "C:\Windows\rss\csrss.exe"
    ===============
    ID: 9664, Name: Teams.exe, CommandLine: "C:\Users\prave\AppData\Local\Microsoft\
    Teams\current\Teams.exe" --type=renderer --enable-wer --user-data-dir="C:\Users\
    prave\AppData\Roaming\Microsoft\Teams" --ms-teams-less-cors=522133263 --app-user-
    model-id=com.squirrel.Teams.Teams --app-path="C:\Users\prave\AppData\Local\
    Microsoft\Teams\current\resources\app.asar" --enable-sandbox --enable-blink-
    features --disable-blink-features --ms-allow-videorenderer --ms-allow-video-
    extensibility --autoplay-policy=no-user-gesture-required --disable-background-
    timer-throttling --field-trial-
    handle=1616,7367391587419915672,7488999970747184181,131072 --enable-
    features=ContextBridgeMutability,SharedArrayBuffer,WinUseBrowserSpellChecker,WinUse
    HybridSpellChecker --disable-
    features=CalculateNativeWinOcclusion,ExtraCookieValidityChecks,ForcedColors,MediaFo
    undationAsyncH264Encoding,PlzServiceWorker,SpareRendererForSitePerProcess,WinRetrie
    veSuggestionsOnlyOnDemand --lang=en-US --device-scale-factor=1 --num-raster-
    threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-
    platform-channel-handle=4996 --msteams-process-type=experience-renderer /prefetch:1
    ===============
    ID: 12612, Name: msedgewebview2.exe, CommandLine: "C:\Program Files (x86)\
    Microsoft\EdgeWebView\Application\106.0.1370.47\msedgewebview2.exe" --type=utility
    --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-
    type=audio --noerrdialogs --user-data-dir="C:\Users\prave\AppData\Local\Packages\
    MicrosoftTeams_8wekyb3d8bbwe\LocalCache\Microsoft\MSTeams\EBWebView" --webview-exe-
    name=msteams.exe --webview-exe-version=22227.300.1508.3394 --embedded-browser-
    webview=1 --embedded-browser-webview-dpi-awareness=2 --mojo-platform-channel-
    handle=4968 --field-trial-
    handle=1840,i,12757690527101142428,15330523438760311867,131072 --enable-
    features=msSingleSignOnOSForPrimaryAccountIsShared,msWebView2CodeCache /prefetch:8
    ===============
    ID: 14272, Name: injector.exe, CommandLine: C:\Users\prave\AppData\Local\Temp\
    csrss\injector\injector.exe taskmgr.exe C:\Users\prave\AppData\Local\Temp\csrss\
    injector\NtQuerySystemInformationHook.dll
    ===============
    ID: 14328, Name: conhost.exe, CommandLine: \??\C:\WINDOWS\system32\conhost.exe 0x4
    ===============
    ID: 13716, Name: svchost.exe, CommandLine: C:\WINDOWS\system32\svchost.exe -k
    UnistackSvcGroup
    ===============
    ID: 10444, Name: PhoneExperienceHost.exe, CommandLine: "C:\Program Files\
    WindowsApps\Microsoft.YourPhone_1.22082.117.0_x64__8wekyb3d8bbwe\
    PhoneExperienceHost.exe" -ComServer:Background -Embedding
    ===============
    ID: 14056, Name: msedgewebview2.exe, CommandLine: "C:\Program Files (x86)\
    Microsoft\EdgeWebView\Application\106.0.1370.47\msedgewebview2.exe" --type=utility
    --utility-sub-type=proxy_resolver.mojom.ProxyResolverFactory --lang=en-US --
    service-sandbox-type=service --noerrdialogs --user-data-dir="C:\Users\prave\
    AppData\Local\Packages\MicrosoftTeams_8wekyb3d8bbwe\LocalCache\Microsoft\MSTeams\
    EBWebView" --webview-exe-name=msteams.exe --webview-exe-version=22227.300.1508.3394
    --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --mojo-
    platform-channel-handle=3776 --field-trial-
    handle=1840,i,12757690527101142428,15330523438760311867,131072 --enable-
    features=msSingleSignOnOSForPrimaryAccountIsShared,msWebView2CodeCache /prefetch:8
    ===============
    ID: 11436, Name: Teams.exe, CommandLine: "C:\Users\prave\AppData\Local\Microsoft\
    Teams\current\Teams.exe" --type=utility --utility-sub-
    type=proxy_resolver.mojom.ProxyResolverFactory --field-trial-
    handle=1616,7367391587419915672,7488999970747184181,131072 --enable-
    features=ContextBridgeMutability,SharedArrayBuffer,WinUseBrowserSpellChecker,WinUse
    HybridSpellChecker --disable-
    features=CalculateNativeWinOcclusion,ExtraCookieValidityChecks,ForcedColors,MediaFo
    undationAsyncH264Encoding,PlzServiceWorker,SpareRendererForSitePerProcess,WinRetrie
    veSuggestionsOnlyOnDemand --lang=en-US --service-sandbox-type=service --enable-wer
    --user-data-dir="C:\Users\prave\AppData\Roaming\Microsoft\Teams" --ms-teams-less-
    cors=522133263 --mojo-platform-channel-handle=3464 /prefetch:8
    ===============
    ID: 668, Name: ShellExperienceHost.exe, CommandLine: "C:\Windows\SystemApps\
    ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -
    ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
    ===============
    ID: 1068, Name: RuntimeBroker.exe, CommandLine: C:\Windows\System32\
    RuntimeBroker.exe -Embedding
    ===============
    ID: 8644, Name: RuntimeBroker.exe, CommandLine: C:\Windows\System32\
    RuntimeBroker.exe -Embedding
    ===============
    ID: 12556, Name: conhost.exe, CommandLine: \??\C:\WINDOWS\system32\conhost.exe 0x4
    ===============
    ID: 13584, Name: wup.exe, CommandLine: C:\Users\prave\AppData\Local\Temp\csrss\wup\
    xarch\wup.exe -o orgirout.com:40001 --rig-id 14b152a7-4c00-4f99-b8d2-8dedf263b07c
    --tls --nicehash -o orgirout.com:443 --rig-id 14b152a7-4c00-4f99-b8d2-8dedf263b07c
    --tls --nicehash -o orgirout.com:80 --rig-id 14b152a7-4c00-4f99-b8d2-8dedf263b07c
    --nicehash --http-port 3433 --http-access-token 14b152a7-4c00-4f99-b8d2-
    8dedf263b07c --randomx-wrmsr=-1 --background
    ===============
    ID: 572, Name: 45de073220d50c54b2720a748e83e265.exe, CommandLine: C:\Users\prave\
    AppData\Local\Temp\csrss\45de073220d50c54b2720a748e83e265.exe
    ===============
    ID: 6508, Name: conhost.exe, CommandLine: \??\C:\WINDOWS\system32\conhost.exe 0x4
    ===============
    ID: 5652, Name: taskhostw.exe, CommandLine: taskhostw.exe
    ===============
    ID: 2484, Name: msedgewebview2.exe, CommandLine: "C:\Program Files (x86)\Microsoft\
    EdgeWebView\Application\106.0.1370.47\msedgewebview2.exe" --embedded-browser-
    webview=1 --webview-exe-name=Widgets.exe --webview-exe-version=421.20070.715.0 --
    user-data-dir="C:\Users\prave\AppData\Local\Packages\
    MicrosoftWindows.Client.WebExperience_cw5n1h2txyewy\LocalState\EBWebView" --
    noerrdialogs --embedded-browser-webview-dpi-awareness=2 --disk-cache-size=52428800
    --edge-webview-is-background --enable-
    features=msWebView2TreatAppSuspendAsDeviceSuspend,UseNativeThreadPool,UseBackground
    NativeThreadPool --lang=en-US --mojo-named-platform-channel-
    pipe=3220.416.5159173029464549954
    ===============
    ID: 12452, Name: msedgewebview2.exe, CommandLine: "C:\Program Files (x86)\
    Microsoft\EdgeWebView\Application\106.0.1370.47\msedgewebview2.exe" --
    type=crashpad-handler --user-data-dir=C:\Users\prave\AppData\Local\Packages\
    MicrosoftWindows.Client.WebExperience_cw5n1h2txyewy\LocalState\EBWebView
    /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Users\
    prave\AppData\Local\Packages\MicrosoftWindows.Client.WebExperience_cw5n1h2txyewy\
    LocalState\EBWebView\Crashpad --metrics-dir=C:\Users\prave\AppData\Local\Packages\
    MicrosoftWindows.Client.WebExperience_cw5n1h2txyewy\LocalState\EBWebView --
    annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-
    version=106.0.5249.119 "--annotation=exe=C:\Program Files (x86)\Microsoft\
    EdgeWebView\Application\106.0.1370.47\msedgewebview2.exe" --annotation=plat=Win64
    "--annotation=prod=Edge WebView2" --annotation=ver=106.0.1370.47 --initial-client-
    data=0x10c,0x110,0x114,0xe8,0x120,0x7ff85dc56e08,0x7ff85dc56e18,0x7ff85dc56e28
    ===============
    ID: 6176, Name: msedgewebview2.exe, CommandLine: "C:\Program Files (x86)\Microsoft\
    EdgeWebView\Application\106.0.1370.47\msedgewebview2.exe" --type=gpu-process --
    noerrdialogs --user-data-dir="C:\Users\prave\AppData\Local\Packages\
    MicrosoftWindows.Client.WebExperience_cw5n1h2txyewy\LocalState\EBWebView" --
    webview-exe-name=Widgets.exe --webview-exe-version=421.20070.715.0 --embedded-
    browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --gpu-
    preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAA
    AAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAA
    AOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-
    handle=1756 --field-trial-
    handle=1784,i,5883646316991268774,9032310850331904049,131072 --enable-
    features=UseBackgroundNativeThreadPool,UseNativeThreadPool,msWebView2TreatAppSuspen
    dAsDeviceSuspend /prefetch:2
    ===============
    ID: 10180, Name: msedgewebview2.exe, CommandLine: "C:\Program Files (x86)\
    Microsoft\EdgeWebView\Application\106.0.1370.47\msedgewebview2.exe" --type=utility
    --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-
    type=none --noerrdialogs --user-data-dir="C:\Users\prave\AppData\Local\Packages\
    MicrosoftWindows.Client.WebExperience_cw5n1h2txyewy\LocalState\EBWebView" --
    webview-exe-name=Widgets.exe --webview-exe-version=421.20070.715.0 --embedded-
    browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --mojo-platform-
    channel-handle=1920 --field-trial-
    handle=1784,i,5883646316991268774,9032310850331904049,131072 --enable-
    features=UseBackgroundNativeThreadPool,UseNativeThreadPool,msWebView2TreatAppSuspen
    dAsDeviceSuspend /prefetch:3
    ===============
    ID: 816, Name: msedgewebview2.exe, CommandLine: "C:\Program Files (x86)\Microsoft\
    EdgeWebView\Application\106.0.1370.47\msedgewebview2.exe" --type=utility --utility-
    sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility
    --noerrdialogs --user-data-dir="C:\Users\prave\AppData\Local\Packages\
    MicrosoftWindows.Client.WebExperience_cw5n1h2txyewy\LocalState\EBWebView" --
    webview-exe-name=Widgets.exe --webview-exe-version=421.20070.715.0 --embedded-
    browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --mojo-platform-
    channel-handle=2300 --field-trial-
    handle=1784,i,5883646316991268774,9032310850331904049,131072 --enable-
    features=UseBackgroundNativeThreadPool,UseNativeThreadPool,msWebView2TreatAppSuspen
    dAsDeviceSuspend /prefetch:8
    ===============
    ID: 3016, Name: msedgewebview2.exe, CommandLine: "C:\Program Files (x86)\Microsoft\
    EdgeWebView\Application\106.0.1370.47\msedgewebview2.exe" --type=utility --utility-
    sub-type=proxy_resolver.mojom.ProxyResolverFactory --lang=en-US --service-sandbox-
    type=service --noerrdialogs --user-data-dir="C:\Users\prave\AppData\Local\Packages\
    MicrosoftWindows.Client.WebExperience_cw5n1h2txyewy\LocalState\EBWebView" --
    webview-exe-name=Widgets.exe --webview-exe-version=421.20070.715.0 --embedded-
    browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --mojo-platform-
    channel-handle=3008 --field-trial-
    handle=1784,i,5883646316991268774,9032310850331904049,131072 --enable-
    features=UseBackgroundNativeThreadPool,UseNativeThreadPool,msWebView2TreatAppSuspen
    dAsDeviceSuspend /prefetch:8
    ===============
    ID: 2936, Name: msedgewebview2.exe, CommandLine: "C:\Program Files (x86)\Microsoft\
    EdgeWebView\Application\106.0.1370.47\msedgewebview2.exe" --type=renderer --
    noerrdialogs --user-data-dir="C:\Users\prave\AppData\Local\Packages\
    MicrosoftWindows.Client.WebExperience_cw5n1h2txyewy\LocalState\EBWebView" --
    webview-exe-name=Widgets.exe --webview-exe-version=421.20070.715.0 --embedded-
    browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --display-capture-
    permissions-policy-allowed --js-flags=--ms-user-locale= --first-renderer-process --
    js-flags="--harmony-weak-refs-with-cleanup-some --expose-gc" --lang=en-US --device-
    scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --
    renderer-client-id=6 --time-ticks-at-unix-epoch=-1666282003298132 --launch-time-
    ticks=76325027028 --mojo-platform-channel-handle=3384 --field-trial-
    handle=1784,i,5883646316991268774,9032310850331904049,131072 --enable-
    features=UseBackgroundNativeThreadPool,UseNativeThreadPool,msWebView2TreatAppSuspen
    dAsDeviceSuspend /prefetch:1
    ===============
    ID: 12992, Name: dllhost.exe, CommandLine: C:\Intel\Logs\dllhost.exe
    ===============
    ID: 10700, Name: MiniSearchHost.exe, CommandLine: "C:\WINDOWS\SystemApps\
    MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe" -
    ServerName:MiniSearchUI.AppXj3y73at8fy1htwztzxs68sxx1v7cksp7.mca
    ===============
    ID: 4852, Name: ApplicationFrameHost.exe, CommandLine: C:\WINDOWS\system32\
    ApplicationFrameHost.exe -Embedding
    ===============
    ID: 15128, Name: msedge.exe, CommandLine: "C:\Program Files (x86)\Microsoft\Edge\
    Application\msedge.exe" --no-startup-window /prefetch:5
    ===============
    ID: 15148, Name: msedge.exe, CommandLine: "C:\Program Files (x86)\Microsoft\Edge\
    Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\prave\
    AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-
    annotation=ptype=crashpad-handler "--database=C:\Users\prave\AppData\Local\
    Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\prave\AppData\Local\
    Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --
    annotation=chromium-version=106.0.5249.119 "--annotation=exe=C:\Program Files
    (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--
    annotation=prod=Microsoft Edge" --annotation=ver=106.0.1370.52 --initial-client-
    data=0x104,0x108,0x10c,0xe0,0x11c,0x7ff83e376e08,0x7ff83e376e18,0x7ff83e376e28
    ===============
    ID: 15340, Name: msedge.exe, CommandLine: "C:\Program Files (x86)\Microsoft\Edge\
    Application\msedge.exe" --type=gpu-process --gpu-
    preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAA
    AAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAA
    AOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-
    handle=1936 --field-trial-
    handle=2020,i,9102037717287950236,9372949024191406559,131072 /prefetch:2
    ===============
    ID: 15348, Name: msedge.exe, CommandLine: "C:\Program Files (x86)\Microsoft\Edge\
    Application\msedge.exe" --type=utility --utility-sub-
    type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-
    platform-channel-handle=2212 --field-trial-
    handle=2020,i,9102037717287950236,9372949024191406559,131072 /prefetch:3
    ===============
    ID: 9820, Name: msedge.exe, CommandLine: "C:\Program Files (x86)\Microsoft\Edge\
    Application\msedge.exe" --type=utility --utility-sub-
    type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --
    mojo-platform-channel-handle=2556 --field-trial-
    handle=2020,i,9102037717287950236,9372949024191406559,131072 /prefetch:8
    ===============
    ID: 14672, Name: msedge.exe, CommandLine: "C:\Program Files (x86)\Microsoft\Edge\
    Application\msedge.exe" --type=utility --utility-sub-
    type=proxy_resolver.mojom.ProxyResolverFactory --lang=en-US --service-sandbox-
    type=service --mojo-platform-channel-handle=4516 --field-trial-
    handle=2020,i,9102037717287950236,9372949024191406559,131072 /prefetch:8
    ===============
    ID: 10328, Name: msedge.exe, CommandLine: "C:\Program Files (x86)\Microsoft\Edge\
    Application\msedge.exe" --type=renderer --instant-process --display-capture-
    permissions-policy-allowed --js-flags=--ms-user-locale= --lang=en-US --device-
    scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --
    renderer-client-id=18 --time-ticks-at-unix-epoch=-1666282003301256 --launch-time-
    ticks=77435829866 --mojo-platform-channel-handle=6076 --field-trial-
    handle=2020,i,9102037717287950236,9372949024191406559,131072 /prefetch:1
    ===============
    ID: 14688, Name: msedge.exe, CommandLine: "C:\Program Files (x86)\Microsoft\Edge\
    Application\msedge.exe" --type=renderer --display-capture-permissions-policy-
    allowed --js-flags=--ms-user-locale= --lang=en-US --device-scale-factor=1 --num-
    raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --
    time-ticks-at-unix-epoch=-1666282003301256 --launch-time-ticks=77667423165 --mojo-
    platform-channel-handle=8212 --field-trial-
    handle=2020,i,9102037717287950236,9372949024191406559,131072 /prefetch:1
    ===============
    ID: 13680, Name: msedge.exe, CommandLine: "C:\Program Files (x86)\Microsoft\Edge\
    Application\msedge.exe" --type=renderer --display-capture-permissions-policy-
    allowed --js-flags=--ms-user-locale= --lang=en-US --device-scale-factor=1 --num-
    raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --
    time-ticks-at-unix-epoch=-1666282003301256 --launch-time-ticks=77671255712 --mojo-
    platform-channel-handle=8500 --field-trial-
    handle=2020,i,9102037717287950236,9372949024191406559,131072 /prefetch:1
    ===============
    ID: 2012, Name: msedge.exe, CommandLine: "C:\Program Files (x86)\Microsoft\Edge\
    Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService
    --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=8740 --
    field-trial-handle=2020,i,9102037717287950236,9372949024191406559,131072
    /prefetch:8
    ===============
    ID: 596, Name: Video.UI.exe, CommandLine: "C:\Program Files\WindowsApps\
    Microsoft.ZuneVideo_10.22041.10091.0_x64__8wekyb3d8bbwe\Video.UI.exe" -
    ServerName:Microsoft.ZuneVideo.AppX758ya5sqdjd98rx6z7g95nw6jy7bqx9y.mca
    ===============
    ID: 7352, Name: RuntimeBroker.exe, CommandLine: C:\Windows\System32\
    RuntimeBroker.exe -Embedding
    ===============
    ID: 6196, Name: msedge.exe, CommandLine: "C:\Program Files (x86)\Microsoft\Edge\
    Application\msedge.exe" --type=renderer --display-capture-permissions-policy-
    allowed --js-flags=--ms-user-locale= --lang=en-US --device-scale-factor=1 --num-
    raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=64 --
    time-ticks-at-unix-epoch=-1666282003301256 --launch-time-ticks=77819767000 --mojo-
    platform-channel-handle=6108 --field-trial-
    handle=2020,i,9102037717287950236,9372949024191406559,131072 /prefetch:1
    ===============
    ID: 6776, Name: svchost.exe, CommandLine: C:\WINDOWS\system32\svchost.exe -k
    BcastDVRUserService -s BcastDVRUserService
    ===============
    ID: 14612, Name: backgroundTaskHost.exe, CommandLine: "C:\WINDOWS\system32\
    BackgroundTaskHost.exe" -ServerName:BackgroundTaskHost.WebAccountProvider
    ===============
    ID: 14972, Name: smartscreen.exe, CommandLine: C:\Windows\System32\smartscreen.exe
    -Embedding
    ===============
    ID: 8168, Name: iPQkgHUOGFbT0WRy8ShJNW9o.exe, CommandLine: "C:\Users\prave\
    Pictures\Minor Policy\iPQkgHUOGFbT0WRy8ShJNW9o.exe"
    ===============
    ID: 13576, Name: 6lOeMfGE9tXueFfVejCivT3Z.exe, CommandLine: "C:\Users\prave\
    Pictures\Minor Policy\6lOeMfGE9tXueFfVejCivT3Z.exe"
    ===============
    ID: 7084, Name: 5sg4_qVxexWLFgCYaEVpEl_t.exe, CommandLine: "C:\Users\prave\
    Pictures\Minor Policy\5sg4_qVxexWLFgCYaEVpEl_t.exe"
    ===============
    ID: 9672, Name: NxO1w7M40pQHvrzKrsGr9Dsn.exe, CommandLine: "C:\Users\prave\
    Pictures\Minor Policy\NxO1w7M40pQHvrzKrsGr9Dsn.exe"
    ===============
    ID: 14252, Name: ViwwLBjN7k4WmG_gsESSRGjK.exe, CommandLine: "C:\Users\prave\
    Pictures\Minor Policy\ViwwLBjN7k4WmG_gsESSRGjK.exe"
    ===============
    ID: 3888, Name: Dj6xmfkRejaI9lOcYTl2dOrQ.exe, CommandLine: "C:\Users\prave\
    Pictures\Minor Policy\Dj6xmfkRejaI9lOcYTl2dOrQ.exe"
    ===============
    ID: 11780, Name: l1f2pU20O_HiqHSCJK4_ho_r.exe, CommandLine: "C:\Users\prave\
    Pictures\Minor Policy\l1f2pU20O_HiqHSCJK4_ho_r.exe"
    ===============
    ID: 5164, Name: Install.exe, CommandLine: .\Install.exe
    ===============
    ID: 6636, Name: Install.exe, CommandLine: .\Install.exe /S /site_id "525403"
    ===============
    ID: 9088, Name: SETUP_~1.EXE, CommandLine: C:\Users\prave\AppData\Local\Temp\
    IXP011.TMP\SETUP_~1.EXE
    ===============
    ID: 3108, Name: powershell.exe, CommandLine: powershell "" "Get-WmiObject
    Win32_PortConnector"
    ===============
    ID: 6600, Name: vbc.exe, CommandLine: "C:\Windows\Microsoft.NET\Framework\
    v4.0.30319\vbc.exe"
    ===============
    ID: 4236, Name: node.exe, CommandLine: node.exe node.lib 48626618 6361097195
    ===============
    ID: 9128, Name: conhost.exe, CommandLine: \??\C:\WINDOWS\system32\conhost.exe 0x4
    ===============
    ID: 12844, Name: f0de926e1cfc0c209d8f8a555ba8affc.exe, CommandLine: C:\temp\
    f0de926e1cfc0c209d8f8a555ba8affc.exe
    ===============
    ID: 4092, Name: backgroundTaskHost.exe, CommandLine: C:\SystemID\
    backgroundTaskHost.exe
    ===============
    ID: 7368, Name: powershell.exe, CommandLine: C:\WINDOWS\System32\WindowsPowerShell\
    v1.0\powershell.EXE -WindowStyle Hidden -EncodedCommand
    cwB0AGEAcgB0AC0AcAByAG8AYwBlAHMAcwAgAC0AVwBpAG4AZABvAHcAUwB0AHkAbABlACAASABpAGQAZAB
    lAG4AIABnAHAAdQBwAGQAYQB0AGUALgBlAHgAZQAgAC8AZgBvAHIAYwBlAA==
    ===============
    ID: 10100, Name: Rugs.exe.pif, CommandLine: Rugs.exe.pif f
    ===============
    ID: 8944, Name: Tex.exe.pif, CommandLine: Tex.exe.pif l
    ===============
    ID: 10184, Name: rundll32.exe, CommandLine:
    ===============
    ID: 14136, Name: conhost.exe, CommandLine: \??\C:\WINDOWS\system32\conhost.exe 0x4
    ===============
    ID: 9736, Name: Teams.exe, CommandLine: "C:\Users\prave\AppData\Local\Microsoft\
    Teams\current\Teams.exe" --type=renderer --enable-wer --user-data-dir="C:\Users\
    prave\AppData\Roaming\Microsoft\Teams" --ms-teams-less-cors=522133263 --app-user-
    model-id=com.squirrel.Teams.Teams --app-path="C:\Users\prave\AppData\Local\
    Microsoft\Teams\current\resources\app.asar" --autoplay-policy=no-user-gesture-
    required --disable-background-timer-throttling --field-trial-
    handle=1616,7367391587419915672,7488999970747184181,131072 --enable-
    features=ContextBridgeMutability,SharedArrayBuffer,WinUseBrowserSpellChecker,WinUse
    HybridSpellChecker --disable-
    features=CalculateNativeWinOcclusion,ExtraCookieValidityChecks,ForcedColors,MediaFo
    undationAsyncH264Encoding,PlzServiceWorker,SpareRendererForSitePerProcess,WinRetrie
    veSuggestionsOnlyOnDemand --lang=en-US --device-scale-factor=1 --num-raster-
    threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --mojo-
    platform-channel-handle=5932 /prefetch:1
    ===============
    ID: 3296, Name: SecurityHealthHost.exe, CommandLine: \\?\C:\Windows\System32\
    SecurityHealth\1.0.2207.20002-0\SecurityHealthHost.exe {08728914-3F57-4D52-9E31-
    49DAECA5A80A} -Embedding
    ===============
    ID: 13104, Name: RuntimeBroker.exe, CommandLine: C:\temp\RuntimeBroker.exe
    ===============
    ID: 2036, Name: injector.exe, CommandLine: C:\SystemID\injector.exe
    ===============
    ID: 10928, Name: tasklist.exe, CommandLine: tasklist /fo csv /nh
    ===============
    ID: 5248, Name: conhost.exe, CommandLine: \??\C:\WINDOWS\system32\conhost.exe 0x4
    ===============
    ID: 1664, Name: powershell.exe, CommandLine: "C:\Windows\System32\
    WindowsPowerShell\v1.0\powershell.exe" -enc
    UwB0AGEAcgB0AC0AUwBsAGUAZQBwACAALQBTAGUAYwBvAG4AZABzACAAMwA0AA==
    ===============
    ID: 10840, Name: AEEF.exe, CommandLine: C:\Users\prave\AppData\Local\Temp\AEEF.exe
    ===============
    ID: 7192, Name: conhost.exe, CommandLine: \??\C:\WINDOWS\system32\conhost.exe 0x4
    ===============
    ID: 13332, Name: tasklist.exe, CommandLine: tasklist /fo csv /nh
    ===============
    ID: 15052, Name: conhost.exe, CommandLine: \??\C:\WINDOWS\system32\conhost.exe 0x4
    ===============
    ID: 7528, Name: gijahivo lic jiloma voga sesogowi livi sasisoto wak yajavah.exe,
    CommandLine: "C:\Users\prave\Loh boxiwame xin beyanev tove semopok\gijahivo lic
    jiloma voga sesogowi livi sasisoto wak yajavah.exe"
    ===============
    ID: 7460, Name: cmd.exe, CommandLine: "C:\Windows\System32\cmd.exe" /c chcp 65001
    && ping 127.0.0.1 && DEL /F /S /Q /A "C:\Users\prave\Pictures\Minor Policy\
    EIunIgwQHrMdvvJEi3aBd5e5.exe"
    ===============
    ID: 2856, Name: conhost.exe, CommandLine: \??\C:\WINDOWS\system32\conhost.exe 0x4
    ===============
    ID: 5396, Name: PING.EXE, CommandLine: ping 127.0.0.1
    ===============
    ID: 13456, Name: reg.exe, CommandLine: reg query HKCU\Software\Microsoft\Windows\
    CurrentVersion\Run
    ===============
    ID: 2804, Name: conhost.exe, CommandLine: \??\C:\WINDOWS\system32\conhost.exe 0x4
    ===============
    ID: 13176, Name: E3AC.exe, CommandLine: C:\Users\prave\AppData\Local\Temp\E3AC.exe
    ===============
    ID: 11040, Name: tasklist.exe, CommandLine: tasklist /fo csv /nh
    ===============
    ID: 6280, Name: conhost.exe, CommandLine: \??\C:\WINDOWS\system32\conhost.exe 0x4
    ===============
    ID: 6740, Name: ipconfig.exe, CommandLine: ipconfig.exe /all

    You might also like

    pFad - Phonifier reborn

    Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

    Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


    Alternative Proxies:

    Alternative Proxy

    pFad Proxy

    pFad v3 Proxy

    pFad v4 Proxy