[smss.exe]
PID = 0x280
[csrss.exe]
PID = 0x2b0
CommandLine = C:\WINDOWS\system32\csrss.exe
ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
[winlogon.exe]
PID = 0x2c8
CommandLine = winlogon.exe
[services.exe]
PID = 0x2f4
CommandLine = C:\WINDOWS\system32\services.exe
[lsass.exe]
PID = 0x300
CommandLine = C:\WINDOWS\system32\lsass.exe
[svchost.exe]
PID = 0x3ac
CommandLine = C:\WINDOWS\system32\svchost -k rpcss
[CCenter.exe]
PID = 0x404
CommandLine = "C:\Program Files\Rising\Rav\CCenter.exe"
[svchost.exe]
PID = 0x414
CommandLine = C:\WINDOWS\System32\svchost.exe -k netsvcs
[svchost.exe]
PID = 0x4ac
CommandLine = C:\WINDOWS\System32\svchost.exe -k NetworkService
[svchost.exe]
PID = 0x4e8
CommandLine = C:\WINDOWS\System32\svchost.exe -k LocalService
[RavMonD.exe]
PID = 0x4f4
CommandLine = "C:\Program Files\Rising\Rav\Ravmond.exe"
[spoolsv.exe]
PID = 0x5a0
CommandLine = C:\WINDOWS\system32\spoolsv.exe
[RavStub.exe]
PID = 0x600
CommandLine = "C:\Program Files\Rising\Rav\RavStub.exe" /RAVMOND
[explorer.exe]
PID = 0x770
CommandLine = C:\WINDOWS\Explorer.EXE
[realsched.exe]
PID = 0x178
CommandLine = "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
[RavTask.exe]
PID = 0x180
CommandLine = "C:\PROGRAM FILES\RISING\RAV\RAVTASK.EXE" -SYSTEM
[RavMon.exe]
PID = 0x19c
CommandLine = "C:\Program Files\Rising\Rav\Ravmon.exe" -SYSTEM
[csrssX.exe]
PID = 0x1cc
CommandLine = "C:\WINDOWS\System32\csrssX.exe"
[ctfmon.exe]
PID = 0x1d8
CommandLine = "C:\WINDOWS\System32\ctfmon.exe"
[wxpdll32.exe]
PID = 0x4b4
CommandLine = "C:\WINDOWS\wxpdll32.exe"
[wuauclt.exe]
PID = 0xbc
CommandLine = "C:\WINDOWS\System32\wuauclt.exe" /RunStoreAsComServer Local\[414]SUSDSf232ce064b766746a0b7a6af891bed19
[KillProc.exe]
PID = 0x66c
CommandLine = "D:\KakaSetup.exe\kaka\KillProc.exe"
