Process List

***********************************************
* _ _ _ _ *
* / \ / \ / \ / \ *
* ( M | E | T | A ) *
* \_/ \_/ \_/ \_/ *
* *
* Telegram: https://t.me/metastealer_bot *
***********************************************
ID: 628, Name: csrss.exe, CommandLine:

===============
ID: 808, Name: winlogon.exe, CommandLine: winlogon.exe
===============
ID: 952, Name: fontdrvhost.exe, CommandLine: "fontdrvhost.exe"
===============
ID: 1040, Name: dwm.exe, CommandLine: "dwm.exe"
===============
ID: 1340, Name: atieclxx.exe, CommandLine: atieclxx
===============
ID: 3992, Name: sihost.exe, CommandLine: sihost.exe
===============
ID: 4020, Name: svchost.exe, CommandLine: c:\windows\system32\svchost.exe -k
unistacksvcgroup -s CDPUserSvc
===============
unistacksvcgroup -s WpnUserService
===============
ID: 1128, Name: taskhostw.exe, CommandLine: taskhostw.exe {222A245B-E637-4AE9-A93F-
A59CA119A75E}
===============
ID: 4284, Name: ctfmon.exe, CommandLine: "ctfmon.exe"
===============
ID: 4476, Name: explorer.exe, CommandLine: C:\WINDOWS\Explorer.EXE
===============
ID: 5060, Name: ShellExperienceHost.exe, CommandLine: "C:\Windows\SystemApps\
ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -
ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
===============
ID: 4352, Name: SearchUI.exe, CommandLine: "C:\Windows\SystemApps\
Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -
ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
===============
ID: 3880, Name: RuntimeBroker.exe, CommandLine: C:\Windows\System32\
RuntimeBroker.exe -Embedding
===============
===============
ID: 5480, Name: SkypeBackgroundHost.exe, CommandLine: "C:\Program Files\
WindowsApps\Microsoft.SkypeApp_14.56.102.0_x64__kzf8qxf38zg5c\
SkypeBackgroundHost.exe" -ServerName:SkypeBackgroundHost
===============
ID: 5496, Name: ApplicationFrameHost.exe, CommandLine: C:\WINDOWS\system32\
ApplicationFrameHost.exe -Embedding
===============
===============
ID: 1360, Name: MSASCuiL.exe, CommandLine: "C:\Program Files\Windows Defender\
MSASCuiL.exe"
===============
ID: 6716, Name: OneDrive.exe, CommandLine: "C:\Users\User\AppData\Local\Microsoft\
OneDrive\OneDrive.exe" /background
===============
ID: 7556, Name: svcservice.exe, CommandLine: "C:\Users\User\AppData\Roaming\
telemetry\svcservice.exe"
===============
ID: 7652, Name: oneetx.exe, CommandLine: "C:\Users\User\AppData\Local\Temp\
10180c8ca3\oneetx.exe"
===============
ID: 7704, Name: AutodeskDesktopApp.exe, CommandLine: "C:\Program Files (x86)\
Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe" -tray
===============
ID: 7724, Name: GenuineService.exe, CommandLine: "C:\ProgramData\Autodesk\Genuine
Service\x64\GenuineService.exe"
===============
ID: 7776, Name: AcWebBrowser.exe, CommandLine: "C:\Program Files (x86)\Autodesk\
Autodesk Desktop App\acwebbrowser\acwebbrowser.exe" --approot=SOFTWARE\Autodesk --
appAgent=/AUTODESKDESKTOPAPP/8.5.0.17/es-ES/0001 --lang=es-ES --cache-path="C:\
Users\User\AppData\Local\Autodesk\Autodesk Desktop App\BrowserCache" --peerPid=7704
===============
Autodesk Desktop App\acwebbrowser\acwebbrowser.exe" --type=gpu-process --
channel="7776.0.1937806387\744104333" --no-sandbox --lang=es-ES --log-file="C:\
Program Files (x86)\Autodesk\Autodesk Desktop App\acwebbrowser\debug.log" --log-
severity=disable --peerpid=7704 --disable-direct-composition --supports-dual-
gpus=false --gpu-driver-bug-workarounds=4,12,13,25,54 --gpu-vendor-id=0x1002 --gpu-
device-id=0x6810 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-
version=22.19.162.4 --lang=es-ES --log-file="C:\Program Files (x86)\Autodesk\
Autodesk Desktop App\acwebbrowser\debug.log" --log-severity=disable --peerpid=7704
--mojo-platform-channel-handle=1300 /prefetch:2
===============
Autodesk Desktop App\acwebbrowser\acwebbrowser.exe" --type=renderer --no-sandbox --
primordial-pipe-token=9DB26E3B0071B6FB128A472BD455CFCF --lang=en-US --lang=es-ES --
log-file="C:\Program Files (x86)\Autodesk\Autodesk Desktop App\acwebbrowser\
debug.log" --log-severity=disable --peerpid=7704 --enable-pinch --device-scale-
factor=1 --num-raster-threads=2 --content-image-texture-
target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --
video-image-texture-
target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --
channel="7776.1.460668884\194047198" --mojo-platform-channel-handle=1896
/prefetch:1
===============
ID: 8052, Name: mstsca.exe, CommandLine: C:\Users\User\AppData\Roaming\Microsoft\
Network\mstsca.exe
===============
ID: 7204, Name: oneetx.exe, CommandLine: C:\Users\User\AppData\Local\Temp\
cb7ae701b3\oneetx.exe
===============
ID: 5960, Name: cmd.exe, CommandLine: "C:\Windows\System32\cmd.exe" /k echo Y|CACLS
"oneetx.exe" /P "User:N"&&CACLS "oneetx.exe" /P "User:R" /E&&echo Y|CACLS "..\
cb7ae701b3" /P "User:N"&&CACLS "..\cb7ae701b3" /P "User:R" /E&&Exit
===============
ID: 5532, Name: acad.exe, CommandLine: "C:\Program Files\Autodesk\AutoCAD 2018\
acad.exe" /product ACAD /language "es-ES"
===============
ID: 7628, Name: conhost.exe, CommandLine: \??\C:\WINDOWS\system32\conhost.exe 0x4
===============
unistacksvcgroup
===============
ID: 7040, Name: OpenWith.exe, CommandLine: C:\WINDOWS\system32\OpenWith.exe -
Embedding
===============
ID: 7544, Name: SkypeApp.exe, CommandLine: "C:\Program Files\WindowsApps\
Microsoft.SkypeApp_14.56.102.0_x64__kzf8qxf38zg5c\SkypeApp.exe" -
ServerName:App.AppXffn3yxqvgawq9fpmnhy90fr3y01d1t5b.mca
===============
===============
ID: 9308, Name: WRlr93jfY6F2v8kcgnz_9dEN.exe, CommandLine: "D:\Documents\Pictures\
Minor Policy\WRlr93jfY6F2v8kcgnz_9dEN.exe"
===============
ID: 7548, Name: csrss.exe, CommandLine: C:\WINDOWS\rss\csrss.exe
===============
ID: 8856, Name: injector.exe, CommandLine: C:\Users\User\AppData\Local\Temp\csrss\
injector\injector.exe taskmgr.exe C:\Users\User\AppData\Local\Temp\csrss\injector\
NtQuerySystemInformationHook.dll
===============
===============
ID: 9088, Name: taskhostw.exe, CommandLine: taskhostw.exe
===============
ID: 9740, Name: vbc.exe, CommandLine: C:\Windows\Microsoft.NET\Framework64\
v4.0.30319\vbc.exe -o xmr-eu1.nanopool.org:14433 -u
4BrL51JCc9NGQ71kWhnYoDRffsDZy7m1HUU7MRU4nUMXAHNFBEJhkTZV9HdaL4gfuNBxLPc3BeMkLGaPbF5
vWtANQoBJqYKAGMEQrLE8L8 --tls --coin monero
===============
ID: 6832, Name: dSBtq.exe, CommandLine: C:\Users\User\AppData\Local\c9f346a0-b2de-
4370-961e-ea0e586137ce\dSBtq.exe --Task
===============
ID: 6824, Name: explorer.exe, CommandLine: C:\WINDOWS\SysWOW64\explorer.exe
===============
ID: 10236, Name: explorer.exe, CommandLine: C:\WINDOWS\explorer.exe
===============
===============
===============
===============
===============
===============
===============
===============
===============
ID: 6324, Name: wup.exe, CommandLine: C:\Users\User\AppData\Local\Temp\csrss\wup\
xarch\wup.exe -o dxpools.net:40001 --rig-id 0ebea37d-a215-4e4b-8e3a-7eef19c4bace --
tls --nicehash -o dxpools.net:443 --rig-id 0ebea37d-a215-4e4b-8e3a-7eef19c4bace --
tls --nicehash -o dxpools.net:80 --rig-id 0ebea37d-a215-4e4b-8e3a-7eef19c4bace --
nicehash --http-port 3433 --http-access-token 0ebea37d-a215-4e4b-8e3a-7eef19c4bace
--randomx-wrmsr=-1
===============
ID: 9660, Name: FDTSH0DLi5H1_wAgQLp7PBti.exe, CommandLine: "D:\Documents\Pictures\
Minor Policy\FDTSH0DLi5H1_wAgQLp7PBti.exe"
===============
ID: 7684, Name: acad.exe, CommandLine: "C:\Program Files\Autodesk\AutoCAD 2018\
acad.exe"
===============
ID: 6040, Name: acwebbrowser.exe, CommandLine: "C:\Program Files\Common Files\
Autodesk Shared\CLM\V5\MSVC14\cliccore\acwebbrowser.exe" -approot=\SOFTWARE\
Autodesk\Clm\ -extension=ClicJsBrowserExtensions.dll -interopid=000002859C5A8B50
--force-device-scale-factor=1 --peerPid=7684
===============
Autodesk Shared\CLM\V5\MSVC14\cliccore\acwebbrowser.exe" --type=gpu-process --
channel="6040.0.1208888166\1964452983" --no-sandbox --lang=en-US --log-file="C:\
Program Files\Common Files\Autodesk Shared\CLM\V5\MSVC14\cliccore\debug.log" --log-
severity=disable --peerpid=7684 --extension="C:\Program Files\Common Files\Autodesk
Shared\CLM\V5\MSVC14\cliccore\ClicJsBrowserExtensions.dll" --
interopid=000002859C5A8B50 --disable-direct-composition --supports-dual-gpus=false
--gpu-driver-bug-workarounds=4,12,13,25,54 --gpu-vendor-id=0x1002 --gpu-device-
id=0x6810 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-
version=22.19.162.4 --lang=en-US --log-file="C:\Program Files\Common Files\Autodesk
Shared\CLM\V5\MSVC14\cliccore\debug.log" --log-severity=disable --peerpid=7684 --
extension="C:\Program Files\Common Files\Autodesk Shared\CLM\V5\MSVC14\cliccore\
ClicJsBrowserExtensions.dll" --interopid=000002859C5A8B50 --mojo-platform-channel-
handle=1340 /prefetch:2
===============
ID: 7152, Name: AcWebBrowser.exe, CommandLine: "C:\Program Files\Autodesk\AutoCAD
2018\acwebbrowser\acwebbrowser.exe" --appRoot=Software\Autodesk\AutoCAD\R22.0\ACAD-
1001:40A\Applications --appAgent=Autodesk/ACAD/22.0/es-ES/1001 --lang=es-ES --
cache-path="C:\Users\User\AppData\Local\Autodesk\AutoCAD 2018\R22.0\esp\
BrowserCache" --peerPid=7684
===============
2018\acwebbrowser\acwebbrowser.exe" --type=gpu-process --
channel="7152.0.1281999637\632044022" --no-sandbox --lang=es-ES --log-file="C:\
Program Files\Autodesk\AutoCAD 2018\acwebbrowser\debug.log" --log-severity=disable
--peerpid=7684 --disable-direct-composition --supports-dual-gpus=false --gpu-
driver-bug-workarounds=4,12,13,25,54 --gpu-vendor-id=0x1002 --gpu-device-id=0x6810
--gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=22.19.162.4
--lang=es-ES --log-file="C:\Program Files\Autodesk\AutoCAD 2018\acwebbrowser\
debug.log" --log-severity=disable --peerpid=7684 --mojo-platform-channel-
handle=1284 /prefetch:2
===============
Autodesk Shared\CLM\V5\MSVC14\cliccore\acwebbrowser.exe" --type=renderer --force-
device-scale-factor=1 --no-sandbox --disable-databases --primordial-pipe-
token=FB9C41D7E74C4216D023372C73D5AE4B --lang=en-US --lang=en-US --log-file="C:\
Program Files\Common Files\Autodesk Shared\CLM\V5\MSVC14\cliccore\debug.log" --log-
severity=disable --peerpid=7684 --extension="C:\Program Files\Common Files\Autodesk
Shared\CLM\V5\MSVC14\cliccore\ClicJsBrowserExtensions.dll" --
interopid=000002859C5A8B50 --enable-pinch --device-scale-factor=1 --num-raster-
threads=2 --content-image-texture-
target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --
target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --
/prefetch:1
===============
2018\acwebbrowser\acwebbrowser.exe" --type=renderer --no-sandbox --primordial-pipe-
token=420A3CE620467D2E62E3699DD415E2A0 --lang=en-US --lang=es-ES --log-file="C:\
--peerpid=7684 --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --
content-image-texture-
target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --
target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --
/prefetch:1
===============
ID: 9908, Name: AcHelp2.exe, CommandLine: "C:\Program Files\Common Files\Autodesk
Shared\AcHelp2.exe" /Automation -Embedding
===============
2018\acwebbrowser\acwebbrowser.exe" --type=renderer --no-sandbox --primordial-pipe-
token=03AE9E469A24EFB5D199F469EEFCD421 --lang=en-US --lang=es-ES --log-file="C:\
--peerpid=7684 --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --
content-image-texture-
target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --
target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --
/prefetch:1
===============
ID: 6748, Name: SWyxXAL3aA0H8OArgi0xqYXq.exe, CommandLine: "D:\Documents\Pictures\
Minor Policy\SWyxXAL3aA0H8OArgi0xqYXq.exe"
===============
ID: 1384, Name: RegSvcs.exe, CommandLine: "C:\Windows\Microsoft.NET\Framework\
v4.0.30319\RegSvcs.exe"
===============
ID: 1112, Name: 934057bb263593087d4cce4817adb057.exe, CommandLine: C:\Users\User\
AppData\Local\Temp\csrss\934057bb263593087d4cce4817adb057.exe
===============
===============
ID: 8204, Name: RegSvcs.exe, CommandLine: "C:\Windows\Microsoft.NET\Framework\
v4.0.30319\RegSvcs.exe"
===============
ID: 8008, Name: DVbTMCiVq9nJoGROzZZCPO7Z.exe, CommandLine: "D:\Documents\Pictures\
Minor Policy\DVbTMCiVq9nJoGROzZZCPO7Z.exe"
===============
ID: 10212, Name: OV27PXY0AvduG2i2myf55Hga.exe, CommandLine: "D:\Documents\Pictures\
Minor Policy\OV27PXY0AvduG2i2myf55Hga.exe"
===============
ID: 472, Name: is-O7JTK.tmp, CommandLine: "C:\Users\User\AppData\Local\Temp\is-
2JOBS.tmp\is-O7JTK.tmp" /SL4 $D0400 "D:\Documents\Pictures\Minor Policy\
DVbTMCiVq9nJoGROzZZCPO7Z.exe" 2562561 56320
===============
ID: 2500, Name: Rec419.exe, CommandLine: "C:\Program Files (x86)\FKDsoftFR\Rec419\
Rec419.exe"
===============
ID: 8148, Name: Vyd_pkJfkheUyRurbhlHef0U.exe, CommandLine: "D:\Documents\Pictures\
Minor Policy\Vyd_pkJfkheUyRurbhlHef0U.exe"
===============
ID: 7024, Name: bjlk_7b_S9vJXUko_9mHwiFQ.exe, CommandLine: "D:\Documents\Pictures\
Minor Policy\bjlk_7b_S9vJXUko_9mHwiFQ.exe"
===============
ID: 2932, Name: AppLaunch.exe, CommandLine: "C:\\Windows\\Microsoft.NET\\
Framework\\v4.0.30319\\AppLaunch.exe"
===============
ID: 3560, Name: Install.exe, CommandLine: .\Install.exe
===============
ID: 8380, Name: node.exe, CommandLine: node.exe node.lib 3956101466505 1929535733
===============
ID: 2412, Name: Install.exe, CommandLine: .\Install.exe /S /site_id "525403"
===============
ID: 1944, Name: gpupdate.exe, CommandLine: "C:\WINDOWS\system32\gpupdate.exe"
/force
===============

Process List

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Process List

Uploaded by

Copyright:

Available Formats

***********************************************

ID: 628, Name: csrss.exe, CommandLine:

You might also like