zenon/digital-forensics-ram
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
digital-forensics-ram/processes-image1.txt

40 lines
3.1 KiB
Plaintext
Raw Permalink Blame History

Volatility 3 Framework 1.0.1
PID PPID ImageFileName Offset Threads Handles SessionId Wow64 CreateTime ExitTime File output
3692 1512 AcroRd32.exe 0x1fc5958 4 161 0 False 2011-11-30 11:12:27.000000 N/A Disabled
3728 860 AcroRd32Info.ex 0x1ffa918 7 149 0 False 2011-11-30 11:12:28.000000 N/A Disabled
3560 1032 wuauclt.exe 0x201cb08 6 118 0 False 2011-11-30 11:11:55.000000 N/A Disabled
992 860 wmiprvse.exe 0x2023878 5 189 0 False 2011-11-30 11:10:54.000000 N/A Disabled
252 676 vmtoolsd.exe 0x2027da0 6 222 0 False 2011-11-30 11:10:51.000000 N/A Disabled
3976 1512 Netlogon.exe 0x2067308 1 14 0 False 2011-11-30 11:14:06.000000 N/A Disabled
1028 1036 wuauclt.exe 0x2075be0 0 - 0 False 2011-11-30 11:05:21.000000 2011-11-30 11:10:23.000000 Disabled
1804 1512 ctfmon.exe 0x207a2a0 1 99 0 False 2011-11-30 11:10:43.000000 N/A Disabled
1796 1512 AdobeARM.exe 0x207d020 8 143 0 False 2011-11-30 11:10:43.000000 N/A Disabled
1620 676 spoolsv.exe 0x20a1558 14 123 0 False 2011-11-30 11:10:42.000000 N/A Disabled
1088 668 svchost.exe 0x20d3c50 7 0 0 False 2011-11-30 11:05:07.000000 N/A Disabled
932 668 svchost.exe 0x2107160 10 - 0 False 2011-11-30 11:05:07.000000 N/A Disabled
1080 676 svchost.exe 0x2296748 5 - 0 False 2011-11-30 11:10:40.000000 N/A Disabled
688 624 lsass.exe 0x22a3aa8 24 362 0 False 2011-11-30 11:10:40.000000 N/A Disabled
940 676 svchost.exe 0x2300b28 9 261 0 False 2011-11-30 11:10:40.000000 N/A Disabled
1124 676 svchost.exe 0x239d578 15 210 0 False 2011-11-30 11:10:41.000000 N/A Disabled
1132 1032 wuauclt.exe 0x23a1650 8 177 0 False 2011-11-30 11:10:54.000000 N/A Disabled
512 676 VMUpgradeHelper 0x23a23c0 6 97 0 False 2011-11-30 11:10:54.000000 N/A Disabled
3708 3632 svchost.exe 0x23d7da0 5 144 0 False 2011-11-30 11:12:28.000000 N/A Disabled
1368 676 alg.exe 0x23e3260 7 104 0 False 2011-11-30 11:10:56.000000 N/A Disabled
1988 1032 wscntfy.exe 0x23ea4c0 1 39 0 False 2011-11-30 11:10:56.000000 N/A Disabled
416 1828 svchost.exe 0x23fb3d8 4 138 0 False 2011-11-30 11:10:53.000000 N/A Disabled
1772 1512 VMwareUser.exe 0x2403da0 6 211 0 False 2011-11-30 11:10:43.000000 N/A Disabled
1512 1460 explorer.exe 0x240ac08 16 424 0 False 2011-11-30 11:10:42.000000 N/A Disabled
1752 1512 VMwareTray.exe 0x24149f8 1 58 0 False 2011-11-30 11:10:43.000000 N/A Disabled
552 4 smss.exe 0x24224c8 3 19 N/A False 2011-11-30 11:10:38.000000 N/A Disabled
844 676 vmacthlp.exe 0x2425020 1 25 0 False 2011-11-30 11:10:40.000000 N/A Disabled
860 676 svchost.exe 0x2428020 19 204 0 False 2011-11-30 11:10:40.000000 N/A Disabled
624 552 winlogon.exe 0x24479c0 24 522 0 False 2011-11-30 11:10:40.000000 N/A Disabled
3968 3692 rundll32.exe 0x248c400 1 59 0 False 2011-11-30 11:14:06.000000 N/A Disabled
3832 3692 dumprep.exe 0x248dd48 0 - 0 False 2011-11-30 11:12:31.000000 2011-11-30 11:12:31.000000 Disabled
1032 676 svchost.exe 0x2493728 84 1552 0 False 2011-11-30 11:10:40.000000 N/A Disabled
676 624 services.exe 0x249db68 15 259 0 False 2011-11-30 11:10:40.000000 N/A Disabled
600 552 csrss.exe 0x24aaae0 10 431 0 False 2011-11-30 11:10:39.000000 N/A Disabled
4 0 System 0x25c8830 56 252 N/A False N/A N/A Disabled
Reference in New Issue View Git Blame Copy Permalink