Last active
June 15, 2018 10:45
-
-
Save hungnt0013/218bddf845765f288758e87ad6d9c243 to your computer and use it in GitHub Desktop.
IAR-HUNGNT03913
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Name: DESKTOP-KF7T1HV-20180615-024031.dmp | |
| Hash: 2F8E19F417A4D45FE9563D2EF5CEA9C5 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| COMMAND: | |
| python vol.py -f DESKTOP-KF7T1HV-20180615-024031.dmp --profile=Win10x64_17134 netscan | |
| OUTPUT: | |
| Volatility Foundation Volatility Framework 2.6 | |
| Offset(P) Proto Local Address Foreign Address State Pid Owner Created | |
| 0xd90fc66bcb90 UDPv6 fe80::60bf:8aa9:5be5:ba51:1900 *:* 3340 svchost.exe 2018-06-15 02:37:10 UTC+0000 | |
| 0xd90fc6716010 UDPv4 0.0.0.0:56038 *:* 6132 TeamViewer_Ser 2018-06-15 02:36:25 UTC+0000 | |
| 0xd90fc6716010 UDPv6 :::56038 *:* 6132 TeamViewer_Ser 2018-06-15 02:36:25 UTC+0000 | |
| 0xd90fc6752eb0 UDPv4 127.0.0.1:56039 *:* 5924 nvcontainer.ex 2018-06-15 02:36:26 UTC+0000 | |
| 0xd90fc6759200 UDPv4 127.0.0.1:56053 *:* 5924 nvcontainer.ex 2018-06-15 02:36:26 UTC+0000 | |
| 0xd90fc62e08a0 TCPv4 0.0.0.0:1539 0.0.0.0:0 LISTENING 2600 svchost.exe 2018-06-15 02:36:21 UTC+0000 | |
| 0xd90fc6795cb0 TCPv4 0.0.0.0:1544 0.0.0.0:0 LISTENING 952 services.exe 2018-06-15 02:36:25 UTC+0000 | |
| 0xd90fc6795cb0 TCPv6 :::1544 :::0 LISTENING 952 services.exe 2018-06-15 02:36:25 UTC+0000 | |
| 0xd90fc63f3cc0 TCPv4 127.0.0.1:5354 127.0.0.1:1541 ESTABLISHED -1 - | |
| 0xd90fc66f0b30 TCPv4 127.0.0.1:1543 127.0.0.1:5354 ESTABLISHED -1 | |
| 0xd90fc71918c0 UDPv4 0.0.0.0:5353 *:* 3116 chrome.exe 2018-06-15 02:39:36 UTC+0000 | |
| 0xd90fc7191eb0 UDPv4 0.0.0.0:5353 *:* 3116 chrome.exe 2018-06-15 02:39:36 UTC+0000 | |
| 0xd90fc7191eb0 UDPv6 :::5353 *:* 3116 chrome.exe 2018-06-15 02:39:36 UTC+0000 | |
| 0xd90fc7192780 UDPv4 0.0.0.0:5353 *:* 3116 chrome.exe 2018-06-15 02:39:36 UTC+0000 | |
| 0xd90fc71cdce0 UDPv4 0.0.0.0:5353 *:* 3116 chrome.exe 2018-06-15 02:39:36 UTC+0000 | |
| 0xd90fc71d0010 UDPv4 0.0.0.0:5353 *:* 3116 chrome.exe 2018-06-15 02:39:36 UTC+0000 | |
| 0xd90fc71d0010 UDPv6 :::5353 *:* 3116 chrome.exe 2018-06-15 02:39:36 UTC+0000 | |
| 0xd90fc7102c30 TCPv4 10.22.161.118:2545 10.22.194.34:8080 ESTABLISHED -1 | |
| 0xd90fc712acc0 TCPv4 10.22.161.118:2516 10.22.194.35:8080 ESTABLISHED -1 | |
| 0xd90fc7166720 TCPv4 10.22.161.118:2517 10.22.194.34:8080 ESTABLISHED -1 | |
| 0xd90fc7177010 TCPv4 10.22.161.118:2513 10.22.194.35:8080 ESTABLISHED -1 - | |
| 0xd90fc71b14b0 TCPv4 10.22.161.118:2397 10.22.194.32:8080 ESTABLISHED -1 | |
| 0xd90fc72e9830 TCPv4 10.22.161.118:2737 8.36.113.137:443 SYN_SENT -1 | |
| 0xd90fc72ebcc0 TCPv4 10.22.161.118:2644 10.22.194.32:8080 CLOSED -1 | |
| 0xd90fc730f4a0 TCPv4 127.0.0.1:2898 127.0.0.1:6467 SYN_SENT -1 - | |
| 0xd90fc7501b30 UDPv4 0.0.0.0:0 *:* 6132 TeamViewer_Ser 2018-06-15 02:41:15 UTC+0000 | |
| 0xd90fc7501b30 UDPv6 :::0 *:* 6132 TeamViewer_Ser 2018-06-15 02:41:15 UTC+0000 | |
| 0xd90fc7434cc0 TCPv4 10.22.161.118:2493 10.22.194.35:8080 ESTABLISHED -1 - | |
| 0xd90fc7439cc0 TCPv4 10.22.161.118:2887 37.252.230.28:5938 CLOSED -1 | |
| 0xd90fc7462cc0 TCPv4 10.22.161.118:2511 10.22.194.34:8080 ESTABLISHED -1 - | |
| 0xd90fc7464bf0 TCPv4 10.22.161.118:2529 10.22.194.32:8080 ESTABLISHED -1 - | |
| 0xd90fc74d7540 TCPv4 10.22.161.118:2542 10.22.194.35:8080 ESTABLISHED -1 | |
| 0xd90fc7505600 TCPv4 10.22.161.118:2535 10.22.194.33:8080 ESTABLISHED -1 - | |
| 0xd90fc75069c0 TCPv4 10.22.161.118:2534 10.22.194.32:8080 ESTABLISHED -1 - | |
| 0xd90fc7539c20 TCPv4 10.22.161.118:2884 8.36.112.54:443 CLOSED -1 | |
| 0xd90fc75b3cc0 TCPv4 10.22.161.118:2526 10.22.194.35:8080 ESTABLISHED -1 - | |
| 0xd90fc7646010 TCPv4 10.22.161.118:2909 5.45.58.171:80 SYN_SENT -1 | |
| 0xd90fc7672a40 TCPv4 10.22.161.118:2515 10.22.194.34:8080 ESTABLISHED -1 | |
| 0xd90fc76b5960 TCPv4 10.22.161.118:2519 10.22.194.35:8080 ESTABLISHED -1 | |
| 0xd90fc76b6cc0 TCPv4 10.22.161.118:2428 10.22.194.33:8080 ESTABLISHED -1 | |
| 0xd90fc76c2cc0 TCPv4 10.22.161.118:2547 10.22.194.35:8080 ESTABLISHED -1 - | |
| 0xd90fc76c5cc0 TCPv4 10.22.161.118:2910 37.252.230.28:443 CLOSED -1 - | |
| 0xd90fc76d3b80 TCPv4 10.22.161.118:2755 10.22.194.35:8080 ESTABLISHED -1 - | |
| 0xd90fc77197c0 TCPv4 10.22.161.118:2907 8.36.113.137:443 CLOSED -1 - | |
| 0xd90fc777f890 TCPv4 10.22.161.118:2512 10.22.194.35:8080 ESTABLISHED -1 | |
| 0xd90fc77b2bf0 TCPv4 10.22.161.118:2914 8.36.112.54:443 SYN_SENT -1 | |
| 0xd90fc77df010 TCPv4 127.0.0.1:2906 127.0.0.1:6469 CLOSED -1 | |
| 0xd90fc8258b50 TCPv4 10.22.161.118:2506 10.22.194.32:8080 ESTABLISHED -1 | |
| 0xd90fcbab1980 UDPv4 127.0.0.1:57355 *:* 2672 svchost.exe 2018-06-15 02:37:22 UTC+0000 | |
| 0xd90fcc492db0 TCPv6 ::1:27275 :::0 LISTENING 4388 AVGSvc.exe 2018-06-15 02:36:28 UTC+0000 | |
| 0xd90fcd22ae20 UDPv4 192.168.56.1:138 *:* 4 System 2018-06-15 02:36:15 UTC+0000 | |
| 0xd90fcd22bb40 UDPv4 192.168.56.1:137 *:* 4 System 2018-06-15 02:36:15 UTC+0000 | |
| 0xd90fcd22acd0 TCPv4 192.168.56.1:139 0.0.0.0:0 LISTENING 4 System 2018-06-15 02:36:15 UTC+0000 | |
| 0xd90fcd33c4d0 TCPv4 0.0.0.0:135 0.0.0.0:0 LISTENING 1108 svchost.exe 2018-06-15 02:36:20 UTC+0000 | |
| 0xd90fcd35f070 TCPv4 0.0.0.0:1538 0.0.0.0:0 LISTENING 1972 svchost.exe 2018-06-15 02:36:20 UTC+0000 | |
| 0xd90fcdf1d010 UDPv4 127.0.0.1:56052 *:* 5924 nvcontainer.ex 2018-06-15 02:36:26 UTC+0000 | |
| 0xd90fce4d09e0 UDPv4 0.0.0.0:0 *:* 5744 mDNSResponder. 2018-06-15 02:36:24 UTC+0000 | |
| 0xd90fce57f3b0 TCPv4 0.0.0.0:135 0.0.0.0:0 LISTENING 1108 svchost.exe 2018-06-15 02:36:20 UTC+0000 | |
| 0xd90fce57f3b0 TCPv6 :::135 :::0 LISTENING 1108 svchost.exe 2018-06-15 02:36:20 UTC+0000 | |
| 0xd90fce5a78b0 TCPv4 0.0.0.0:1536 0.0.0.0:0 LISTENING 880 wininit.exe 2018-06-15 02:36:20 UTC+0000 | |
| 0xd90fce5a78b0 TCPv6 :::1536 :::0 LISTENING 880 wininit.exe 2018-06-15 02:36:20 UTC+0000 | |
| 0xd90fce5a8520 TCPv4 0.0.0.0:1536 0.0.0.0:0 LISTENING 880 wininit.exe 2018-06-15 02:36:20 UTC+0000 | |
| 0xd90fce5d1c40 TCPv4 0.0.0.0:1539 0.0.0.0:0 LISTENING 2600 svchost.exe 2018-06-15 02:36:21 UTC+0000 | |
| 0xd90fce5d1c40 TCPv6 :::1539 :::0 LISTENING 2600 svchost.exe 2018-06-15 02:36:21 UTC+0000 | |
| 0xd90fce59e590 TCPv4 10.22.161.118:2503 10.22.194.32:8080 ESTABLISHED -1 | |
| 0xd90fce846eb0 UDPv4 0.0.0.0:0 *:* 5832 svchost.exe 2018-06-15 02:36:23 UTC+0000 | |
| 0xd90fce86a2e0 UDPv6 fe80::4888:b84b:d5ff:fa18:57357 *:* 3340 svchost.exe 2018-06-15 02:37:10 UTC+0000 | |
| 0xd90fce9af320 UDPv4 127.0.0.1:59260 *:* 11748 nvsphelper64.e 2018-06-15 02:36:45 UTC+0000 | |
| 0xd90fce9d69e0 UDPv4 192.168.30.1:137 *:* 4 System 2018-06-15 02:36:39 UTC+0000 | |
| 0xd90fcecd4010 UDPv4 192.168.116.1:137 *:* 4 System 2018-06-15 02:36:39 UTC+0000 | |
| 0xd90fcecd4d50 UDPv4 192.168.30.1:138 *:* 4 System 2018-06-15 02:36:39 UTC+0000 | |
| 0xd90fcedc7aa0 UDPv4 0.0.0.0:5355 *:* 3136 svchost.exe 2018-06-15 02:38:41 UTC+0000 | |
| 0xd90fcedc7aa0 UDPv6 :::5355 *:* 3136 svchost.exe 2018-06-15 02:38:41 UTC+0000 | |
| 0xd90fcede7910 UDPv4 0.0.0.0:0 *:* 8104 DellUpService. 2018-06-15 02:38:41 UTC+0000 | |
| 0xd90fcede7910 UDPv6 :::0 *:* 8104 DellUpService. 2018-06-15 02:38:41 UTC+0000 | |
| 0xd90fce6baad0 TCPv4 0.0.0.0:1537 0.0.0.0:0 LISTENING 1800 svchost.exe 2018-06-15 02:36:20 UTC+0000 | |
| 0xd90fce86c0c0 TCPv4 0.0.0.0:1538 0.0.0.0:0 LISTENING 1972 svchost.exe 2018-06-15 02:36:20 UTC+0000 | |
| 0xd90fce86c0c0 TCPv6 :::1538 :::0 LISTENING 1972 svchost.exe 2018-06-15 02:36:20 UTC+0000 | |
| 0xd90fce87e390 TCPv4 0.0.0.0:1537 0.0.0.0:0 LISTENING 1800 svchost.exe 2018-06-15 02:36:20 UTC+0000 | |
| 0xd90fce87e390 TCPv6 :::1537 :::0 LISTENING 1800 svchost.exe 2018-06-15 02:36:20 UTC+0000 | |
| 0xd90fcea69010 TCPv4 127.0.0.1:1541 127.0.0.1:5354 ESTABLISHED -1 | |
| 0xd90fcf10a5a0 UDPv4 127.0.0.1:60047 *:* 5760 AppleMobileDev 2018-06-15 02:36:23 UTC+0000 | |
| 0xd90fcf110aa0 UDPv6 fe80::443d:e3d6:420b:3a3f:1900 *:* 3340 svchost.exe 2018-06-15 02:37:10 UTC+0000 | |
| 0xd90fcf112d10 UDPv4 192.168.116.1:5353 *:* 6132 TeamViewer_Ser 2018-06-15 02:37:10 UTC+0000 | |
| 0xd90fcf13ceb0 UDPv6 fe80::4888:b84b:d5ff:fa18:1900 *:* 3340 svchost.exe 2018-06-15 02:37:10 UTC+0000 | |
| 0xd90fcf18ceb0 UDPv4 127.0.0.1:1900 *:* 3340 svchost.exe 2018-06-15 02:37:10 UTC+0000 | |
| 0xd90fcf1b8270 UDPv6 fe80::c170:5fe4:981f:78d:1900 *:* 3340 svchost.exe 2018-06-15 02:37:10 UTC+0000 | |
| 0xd90fcf1b99f0 UDPv4 192.168.30.1:5353 *:* 5744 mDNSResponder. 2018-06-15 02:37:12 UTC+0000 | |
| 0xd90fcf1f7dd0 UDPv4 0.0.0.0:60046 *:* 5744 mDNSResponder. 2018-06-15 02:36:23 UTC+0000 | |
| 0xd90fcf1f7dd0 UDPv6 :::60046 *:* 5744 mDNSResponder. 2018-06-15 02:36:23 UTC+0000 | |
| 0xd90fcf62deb0 UDPv4 10.22.161.118:1900 *:* 3340 svchost.exe 2018-06-15 02:37:10 UTC+0000 | |
| 0xd90fcf6f5090 UDPv4 0.0.0.0:0 *:* 8104 DellUpService. 2018-06-15 02:38:41 UTC+0000 | |
| 0xd90fcf6f5090 UDPv6 :::0 *:* 8104 DellUpService. 2018-06-15 02:38:41 UTC+0000 | |
| 0xd90fcf708c00 UDPv4 192.168.30.1:1900 *:* 3340 svchost.exe 2018-06-15 02:37:10 UTC+0000 | |
| 0xd90fcf752010 UDPv4 0.0.0.0:0 *:* 3136 svchost.exe 2018-06-15 02:37:11 UTC+0000 | |
| 0xd90fcf752010 UDPv6 :::0 *:* 3136 svchost.exe 2018-06-15 02:37:11 UTC+0000 | |
| 0xd90fcf7adb30 UDPv4 0.0.0.0:60045 *:* 5744 mDNSResponder. 2018-06-15 02:36:23 UTC+0000 | |
| 0xd90fcf8a0550 UDPv4 192.168.56.1:5353 *:* 6132 TeamViewer_Ser 2018-06-15 02:37:10 UTC+0000 | |
| 0xd90fcf1159b0 TCPv4 0.0.0.0:1540 0.0.0.0:0 LISTENING 4200 spoolsv.exe 2018-06-15 02:36:22 UTC+0000 | |
| 0xd90fcf118b80 TCPv4 192.168.30.1:139 0.0.0.0:0 LISTENING 4 System 2018-06-15 02:36:39 UTC+0000 | |
| 0xd90fcf226350 TCPv4 0.0.0.0:1554 0.0.0.0:0 LISTENING 972 lsass.exe 2018-06-15 02:36:29 UTC+0000 | |
| 0xd90fcf226350 TCPv6 :::1554 :::0 LISTENING 972 lsass.exe 2018-06-15 02:36:29 UTC+0000 | |
| 0xd90fcf5389e0 TCPv4 0.0.0.0:1540 0.0.0.0:0 LISTENING 4200 spoolsv.exe 2018-06-15 02:36:22 UTC+0000 | |
| 0xd90fcf5389e0 TCPv6 :::1540 :::0 LISTENING 4200 spoolsv.exe 2018-06-15 02:36:22 UTC+0000 | |
| 0xd90fcf682d50 TCPv4 0.0.0.0:445 0.0.0.0:0 LISTENING 4 System 2018-06-15 02:36:23 UTC+0000 | |
| 0xd90fcf682d50 TCPv6 :::445 :::0 LISTENING 4 System 2018-06-15 02:36:23 UTC+0000 | |
| 0xd90fcf883c90 TCPv4 0.0.0.0:1544 0.0.0.0:0 LISTENING 952 services.exe 2018-06-15 02:36:25 UTC+0000 | |
| 0xd90fcf8b7c40 TCPv4 127.0.0.1:65000 0.0.0.0:0 LISTENING 5924 nvcontainer.ex 2018-06-15 02:36:25 UTC+0000 | |
| 0xd90fcf8f6410 TCPv4 127.0.0.1:1001 0.0.0.0:0 LISTENING 4 System 2018-06-15 02:36:23 UTC+0000 | |
| 0xd90fcf117cc0 TCPv4 127.0.0.1:65001 127.0.0.1:1559 ESTABLISHED -1 - | |
| 0xd90fcf121cc0 TCPv4 10.22.161.118:2485 10.22.194.35:8080 ESTABLISHED -1 - | |
| 0xd90fcf12c5d0 TCPv4 10.22.161.118:2930 8.36.112.54:443 CLOSED -1 | |
| 0xd90fcf575010 TCPv4 127.0.0.1:1553 127.0.0.1:5939 ESTABLISHED -1 - | |
| 0xd90fcfac99e0 UDPv4 0.0.0.0:500 *:* 5832 svchost.exe 2018-06-15 02:36:23 UTC+0000 | |
| 0xd90fcfb43280 UDPv4 0.0.0.0:4500 *:* 5832 svchost.exe 2018-06-15 02:36:23 UTC+0000 | |
| 0xd90fcfb467a0 UDPv4 0.0.0.0:4500 *:* 5832 svchost.exe 2018-06-15 02:36:23 UTC+0000 | |
| 0xd90fcfb467a0 UDPv6 :::4500 *:* 5832 svchost.exe 2018-06-15 02:36:23 UTC+0000 | |
| 0xd90fcfb47c40 UDPv4 0.0.0.0:500 *:* 5832 svchost.exe 2018-06-15 02:36:23 UTC+0000 | |
| 0xd90fcfb47c40 UDPv6 :::500 *:* 5832 svchost.exe 2018-06-15 02:36:23 UTC+0000 | |
| 0xd90fcfb78b90 UDPv4 0.0.0.0:0 *:* 5832 svchost.exe 2018-06-15 02:36:23 UTC+0000 | |
| 0xd90fcfb78b90 UDPv6 :::0 *:* 5832 svchost.exe 2018-06-15 02:36:23 UTC+0000 | |
| 0xd90fcfb89560 UDPv4 127.0.0.1:60048 *:* 5760 AppleMobileDev 2018-06-15 02:36:23 UTC+0000 | |
| 0xd90fcfc044c0 UDPv4 127.0.0.1:60049 *:* 6448 svchost.exe 2018-06-15 02:36:23 UTC+0000 | |
| 0xd90fcfcceeb0 UDPv4 127.0.0.1:65000 *:* 5924 nvcontainer.ex 2018-06-15 02:36:25 UTC+0000 | |
| 0xd90fcfecfb30 UDPv4 10.22.161.118:5353 *:* 6132 TeamViewer_Ser 2018-06-15 02:37:10 UTC+0000 | |
| 0xd90fcff14010 UDPv4 0.0.0.0:56037 *:* 6132 TeamViewer_Ser 2018-06-15 02:36:25 UTC+0000 | |
| 0xd90fcff16680 UDPv4 192.168.116.1:138 *:* 4 System 2018-06-15 02:36:39 UTC+0000 | |
| 0xd90fcff1d1a0 UDPv4 127.0.0.1:56074 *:* 8320 nvcontainer.ex 2018-06-15 02:36:26 UTC+0000 | |
| 0xd90fcff47440 UDPv4 10.22.161.118:138 *:* 4 System 2018-06-15 02:37:10 UTC+0000 | |
| 0xd90fd0009390 UDPv6 fe80::443d:e3d6:420b:3a3f:57356 *:* 3340 svchost.exe 2018-06-15 02:37:10 UTC+0000 | |
| 0xd90fd000c010 UDPv4 0.0.0.0:0 *:* 6132 TeamViewer_Ser 2018-06-15 02:40:32 UTC+0000 | |
| 0xd90fd000c010 UDPv6 :::0 *:* 6132 TeamViewer_Ser 2018-06-15 02:40:32 UTC+0000 | |
| 0xd90fd002e930 UDPv4 127.0.0.1:48201 *:* 11152 NVIDIA Web Hel 2018-06-15 02:36:40 UTC+0000 | |
| 0xd90fd00a0010 UDPv4 10.22.161.118:5353 *:* 5924 nvcontainer.ex 2018-06-15 02:37:12 UTC+0000 | |
| 0xd90fd00a1010 UDPv6 ::1:5353 *:* 5924 nvcontainer.ex 2018-06-15 02:37:12 UTC+0000 | |
| 0xd90fd00a1190 UDPv4 192.168.56.1:5353 *:* 5924 nvcontainer.ex 2018-06-15 02:37:12 UTC+0000 | |
| 0xd90fd00aa4a0 UDPv4 0.0.0.0:5353 *:* 3136 svchost.exe 2018-06-15 02:37:11 UTC+0000 | |
| 0xd90fd00aa4a0 UDPv6 :::5353 *:* 3136 svchost.exe 2018-06-15 02:37:11 UTC+0000 | |
| 0xd90fd01b4270 UDPv6 ::1:5353 *:* 6132 TeamViewer_Ser 2018-06-15 02:37:10 UTC+0000 | |
| 0xd90fd024ca90 UDPv4 0.0.0.0:0 *:* 5924 nvcontainer.ex 2018-06-15 02:36:41 UTC+0000 | |
| 0xd90fd0284b10 UDPv4 0.0.0.0:5050 *:* 5412 svchost.exe 2018-06-15 02:36:32 UTC+0000 | |
| 0xd90fd03921b0 UDPv4 192.168.116.1:5353 *:* 5924 nvcontainer.ex 2018-06-15 02:37:12 UTC+0000 | |
| 0xd90fcfb55510 TCPv4 127.0.0.1:27015 0.0.0.0:0 LISTENING 5760 AppleMobileDev 2018-06-15 02:36:23 UTC+0000 | |
| 0xd90fcfc94ec0 TCPv4 127.0.0.1:1542 0.0.0.0:0 LISTENING 4864 explorer.exe 2018-06-15 02:36:24 UTC+0000 | |
| 0xd90fcfd2b950 TCPv4 0.0.0.0:902 0.0.0.0:0 LISTENING 6536 vmware-authd.e 2018-06-15 02:36:23 UTC+0000 | |
| 0xd90fcfd2cb60 TCPv4 0.0.0.0:912 0.0.0.0:0 LISTENING 6536 vmware-authd.e 2018-06-15 02:36:23 UTC+0000 | |
| 0xd90fcfd3bb50 TCPv6 ::1:12143 :::0 LISTENING 4388 AVGSvc.exe 2018-06-15 02:36:28 UTC+0000 | |
| 0xd90fcff207b0 TCPv4 127.0.0.1:5354 0.0.0.0:0 LISTENING 5744 mDNSResponder. 2018-06-15 02:36:24 UTC+0000 | |
| 0xd90fcff4d5d0 TCPv4 127.0.0.1:5939 0.0.0.0:0 LISTENING 6132 TeamViewer_Ser 2018-06-15 02:36:25 UTC+0000 | |
| 0xd90fcffc8da0 TCPv4 127.0.0.1:1564 0.0.0.0:0 LISTENING 11152 NVIDIA Web Hel 2018-06-15 02:36:45 UTC+0000 | |
| 0xd90fd033eb60 TCPv4 127.0.0.1:27275 0.0.0.0:0 LISTENING 4388 AVGSvc.exe 2018-06-15 02:36:28 UTC+0000 | |
| 0xd90fd0398b20 TCPv4 127.0.0.1:12995 0.0.0.0:0 LISTENING 4388 AVGSvc.exe 2018-06-15 02:36:28 UTC+0000 | |
| 0xd90fd03ad010 TCPv6 ::1:12119 :::0 LISTENING 4388 AVGSvc.exe 2018-06-15 02:36:28 UTC+0000 | |
| 0xd90fd03d41e0 TCPv4 127.0.0.1:12119 0.0.0.0:0 LISTENING 4388 AVGSvc.exe 2018-06-15 02:36:28 UTC+0000 | |
| 0xd90fcfa74010 TCPv4 10.22.161.118:2612 10.22.194.33:8080 ESTABLISHED -1 - | |
| 0xd90fcfacab70 TCPv4 10.22.161.118:2819 10.22.194.32:8080 ESTABLISHED -1 - | |
| 0xd90fcfefa010 TCPv4 10.22.161.118:2481 10.22.194.32:8080 ESTABLISHED -1 - | |
| 0xd90fd0064cc0 TCPv4 127.0.0.1:5354 127.0.0.1:1543 ESTABLISHED -1 | |
| 0xd90fd0444df0 UDPv4 0.0.0.0:54915 *:* 8648 LCore.exe 2018-06-15 02:36:46 UTC+0000 | |
| 0xd90fd0444df0 UDPv6 :::54915 *:* 8648 LCore.exe 2018-06-15 02:36:46 UTC+0000 | |
| 0xd90fd04de010 UDPv4 0.0.0.0:5353 *:* 3116 chrome.exe 2018-06-15 02:39:36 UTC+0000 | |
| 0xd90fd04de010 UDPv6 :::5353 *:* 3116 chrome.exe 2018-06-15 02:39:36 UTC+0000 | |
| 0xd90fd05a4980 UDPv4 192.168.116.1:1900 *:* 3340 svchost.exe 2018-06-15 02:37:10 UTC+0000 | |
| 0xd90fd0615910 UDPv4 127.0.0.1:59258 *:* 11152 NVIDIA Web Hel 2018-06-15 02:36:43 UTC+0000 | |
| 0xd90fd07a2eb0 UDPv4 127.0.0.1:59254 *:* 11152 NVIDIA Web Hel 2018-06-15 02:36:41 UTC+0000 | |
| 0xd90fd08ee150 UDPv4 0.0.0.0:59256 *:* 5924 nvcontainer.ex 2018-06-15 02:36:41 UTC+0000 | |
| 0xd90fd08ee150 UDPv6 :::59256 *:* 5924 nvcontainer.ex 2018-06-15 02:36:41 UTC+0000 | |
| 0xd90fd08f6480 UDPv4 192.168.30.1:5353 *:* 5924 nvcontainer.ex 2018-06-15 02:37:12 UTC+0000 | |
| 0xd90fd09e04c0 UDPv4 0.0.0.0:5353 *:* 3116 chrome.exe 2018-06-15 02:39:36 UTC+0000 | |
| 0xd90fd09e1590 UDPv4 127.0.0.1:59253 *:* 11152 NVIDIA Web Hel 2018-06-15 02:36:41 UTC+0000 | |
| 0xd90fd0a96630 UDPv4 127.0.0.1:59257 *:* 11152 NVIDIA Web Hel 2018-06-15 02:36:41 UTC+0000 | |
| 0xd90fd0a9cc60 UDPv4 127.0.0.1:58380 *:* 8328 nvcontainer.ex 2018-06-15 02:36:29 UTC+0000 | |
| 0xd90fd0ad62c0 UDPv6 fe80::60bf:8aa9:5be5:ba51:57359 *:* 3340 svchost.exe 2018-06-15 02:37:10 UTC+0000 | |
| 0xd90fd0b12d20 UDPv4 192.168.56.1:5353 *:* 5744 mDNSResponder. 2018-06-15 02:37:12 UTC+0000 | |
| 0xd90fd0b4a010 UDPv4 127.0.0.1:59261 *:* 11152 NVIDIA Web Hel 2018-06-15 02:36:45 UTC+0000 | |
| 0xd90fd0ca7690 UDPv6 ::1:57360 *:* 3340 svchost.exe 2018-06-15 02:37:10 UTC+0000 | |
| 0xd90fd0cc59b0 UDPv4 0.0.0.0:59255 *:* 5924 nvcontainer.ex 2018-06-15 02:36:41 UTC+0000 | |
| 0xd90fd04aab70 TCPv4 127.0.0.1:12143 0.0.0.0:0 LISTENING 4388 AVGSvc.exe 2018-06-15 02:36:28 UTC+0000 | |
| 0xd90fd0593860 TCPv6 ::1:12993 :::0 LISTENING 4388 AVGSvc.exe 2018-06-15 02:36:28 UTC+0000 | |
| 0xd90fd0623010 TCPv6 ::1:12563 :::0 LISTENING 4388 AVGSvc.exe 2018-06-15 02:36:28 UTC+0000 | |
| 0xd90fd065b840 TCPv6 ::1:12995 :::0 LISTENING 4388 AVGSvc.exe 2018-06-15 02:36:28 UTC+0000 | |
| 0xd90fd065bec0 TCPv6 ::1:12110 :::0 LISTENING 4388 AVGSvc.exe 2018-06-15 02:36:28 UTC+0000 | |
| 0xd90fd067ad80 TCPv4 127.0.0.1:12465 0.0.0.0:0 LISTENING 4388 AVGSvc.exe 2018-06-15 02:36:28 UTC+0000 | |
| 0xd90fd067b820 TCPv6 ::1:12025 :::0 LISTENING 4388 AVGSvc.exe 2018-06-15 02:36:28 UTC+0000 | |
| 0xd90fd06836b0 TCPv6 ::1:12465 :::0 LISTENING 4388 AVGSvc.exe 2018-06-15 02:36:28 UTC+0000 | |
| 0xd90fd06874e0 TCPv4 127.0.0.1:12993 0.0.0.0:0 LISTENING 4388 AVGSvc.exe 2018-06-15 02:36:28 UTC+0000 | |
| 0xd90fd06add80 TCPv4 127.0.0.1:12110 0.0.0.0:0 LISTENING 4388 AVGSvc.exe 2018-06-15 02:36:28 UTC+0000 | |
| 0xd90fd06beb00 TCPv4 127.0.0.1:12025 0.0.0.0:0 LISTENING 4388 AVGSvc.exe 2018-06-15 02:36:28 UTC+0000 | |
| 0xd90fd06d3d30 TCPv4 127.0.0.1:12563 0.0.0.0:0 LISTENING 4388 AVGSvc.exe 2018-06-15 02:36:28 UTC+0000 | |
| 0xd90fd08dca40 TCPv4 0.0.0.0:443 0.0.0.0:0 LISTENING 7860 vmware-hostd.e 2018-06-15 02:36:32 UTC+0000 | |
| 0xd90fd08dca40 TCPv6 :::443 :::0 LISTENING 7860 vmware-hostd.e 2018-06-15 02:36:32 UTC+0000 | |
| 0xd90fd08ec6f0 TCPv4 127.0.0.1:65001 0.0.0.0:0 LISTENING 5924 nvcontainer.ex 2018-06-15 02:36:41 UTC+0000 | |
| 0xd90fd08efbb0 TCPv4 0.0.0.0:443 0.0.0.0:0 LISTENING 7860 vmware-hostd.e 2018-06-15 02:36:32 UTC+0000 | |
| 0xd90fd0917bd0 TCPv4 0.0.0.0:1554 0.0.0.0:0 LISTENING 972 lsass.exe 2018-06-15 02:36:29 UTC+0000 | |
| 0xd90fd0a2f6d0 TCPv4 0.0.0.0:5040 0.0.0.0:0 LISTENING 5412 svchost.exe 2018-06-15 02:36:32 UTC+0000 | |
| 0xd90fd0bad1b0 TCPv4 192.168.116.1:139 0.0.0.0:0 LISTENING 4 System 2018-06-15 02:36:39 UTC+0000 | |
| 0xd90fd0c55a30 TCPv4 127.0.0.1:8307 0.0.0.0:0 LISTENING 7860 vmware-hostd.e 2018-06-15 02:36:32 UTC+0000 | |
| 0xd90fd0c84ec0 TCPv6 ::1:8307 :::0 LISTENING 7860 vmware-hostd.e 2018-06-15 02:36:32 UTC+0000 | |
| 0xd90fd06938b0 TCPv4 127.0.0.1:5939 127.0.0.1:1553 ESTABLISHED -1 - | |
| 0xd90fd085b4a0 TCPv4 127.0.0.1:1559 127.0.0.1:65001 ESTABLISHED -1 - | |
| 0xd90fd08a1390 TCPv4 10.22.161.118:2389 10.22.194.34:8080 ESTABLISHED -1 | |
| 0xd90fd0987580 TCPv4 10.22.161.118:2349 10.22.194.33:8080 ESTABLISHED -1 | |
| 0xd90fd0bd5c00 TCPv4 10.22.161.118:2677 8.36.113.137:443 CLOSED -1 | |
| 0xd90fd0be5630 TCPv4 10.22.161.118:2786 8.36.113.137:443 CLOSED -1 - | |
| 0xd90fd0c0bc30 TCPv4 10.22.161.118:2680 37.252.230.28:5938 CLOSED -1 | |
| 0xd90fd0cf48a0 TCPv4 10.22.161.118:2352 10.22.194.34:8080 ESTABLISHED -1 - | |
| 0xd90fd0e6b2d0 UDPv4 0.0.0.0:5353 *:* 3116 chrome.exe 2018-06-15 02:39:36 UTC+0000 | |
| 0xd90fd0e6b2d0 UDPv6 :::5353 *:* 3116 chrome.exe 2018-06-15 02:39:36 UTC+0000 | |
| 0xd90fd1177e10 UDPv6 fe80::c170:5fe4:981f:78d:57358 *:* 3340 svchost.exe 2018-06-15 02:37:10 UTC+0000 | |
| 0xd90fd11d4ad0 UDPv4 10.22.161.118:5353 *:* 5744 mDNSResponder. 2018-06-15 02:37:12 UTC+0000 | |
| 0xd90fd11dfa40 UDPv6 ::1:5353 *:* 5744 mDNSResponder. 2018-06-15 02:37:12 UTC+0000 | |
| 0xd90fd1207990 UDPv4 0.0.0.0:59259 *:* 10492 SkypeHost.exe 2018-06-15 02:36:44 UTC+0000 | |
| 0xd90fd1207990 UDPv6 :::59259 *:* 10492 SkypeHost.exe 2018-06-15 02:36:44 UTC+0000 | |
| 0xd90fd123eeb0 UDPv4 0.0.0.0:0 *:* 8104 DellUpService. 2018-06-15 02:38:41 UTC+0000 | |
| 0xd90fd132c5b0 UDPv6 ::1:1900 *:* 3340 svchost.exe 2018-06-15 02:37:10 UTC+0000 | |
| 0xd90fd1341730 UDPv4 0.0.0.0:5355 *:* 3136 svchost.exe 2018-06-15 02:38:41 UTC+0000 | |
| 0xd90fd137e010 UDPv4 192.168.30.1:5353 *:* 6132 TeamViewer_Ser 2018-06-15 02:37:10 UTC+0000 | |
| 0xd90fd168eb40 UDPv4 192.168.56.1:1900 *:* 3340 svchost.exe 2018-06-15 02:37:10 UTC+0000 | |
| 0xd90fd168f670 UDPv4 0.0.0.0:0 *:* 8104 DellUpService. 2018-06-15 02:38:41 UTC+0000 | |
| 0xd90fd16935d0 UDPv4 192.168.30.1:57362 *:* 3340 svchost.exe 2018-06-15 02:37:10 UTC+0000 | |
| 0xd90fd169daa0 UDPv4 192.168.116.1:57363 *:* 3340 svchost.exe 2018-06-15 02:37:10 UTC+0000 | |
| 0xd90fd169faa0 UDPv4 192.168.56.1:57361 *:* 3340 svchost.exe 2018-06-15 02:37:10 UTC+0000 | |
| 0xd90fd16ef3a0 UDPv4 127.0.0.1:57366 *:* 3340 svchost.exe 2018-06-15 02:37:10 UTC+0000 | |
| 0xd90fd174ba50 UDPv4 10.22.161.118:137 *:* 4 System 2018-06-15 02:37:10 UTC+0000 | |
| 0xd90fd1553d30 TCPv4 10.22.161.118:139 0.0.0.0:0 LISTENING 4 System 2018-06-15 02:37:10 UTC+0000 | |
| 0xd90fd12c7cc0 TCPv4 10.22.161.118:2492 10.22.194.33:8080 ESTABLISHED -1 | |
| 0xd90fd1339bb0 TCPv4 10.22.161.118:2338 10.22.194.35:8080 ESTABLISHED -1 | |
| 0xd90fd14d6670 TCPv4 127.0.0.1:1637 127.0.0.1:1638 ESTABLISHED -1 - | |
| 0xd90fd14dacc0 TCPv4 127.0.0.1:1638 127.0.0.1:1637 ESTABLISHED -1 - | |
| 0xd90fd1527cc0 TCPv4 10.22.161.118:2405 10.22.194.35:8080 ESTABLISHED -1 - | |
| 0xd90fd155ccc0 TCPv4 10.22.161.118:2373 10.22.194.33:8080 ESTABLISHED -1 | |
| 0xd90fd1584370 TCPv4 127.0.0.1:1564 127.0.0.1:1575 ESTABLISHED -1 | |
| 0xd90fd1584cc0 TCPv4 127.0.0.1:1575 127.0.0.1:1564 ESTABLISHED -1 2992-01-27 03:53:25 UTC+0000 | |
| 0xd90fd1586cc0 TCPv4 10.22.161.118:2382 10.22.194.35:8080 ESTABLISHED -1 - | |
| 0xd90fd16e6750 TCPv4 10.22.161.118:2345 10.22.194.32:8080 ESTABLISHED -1 | |
| 0xd90fd1729010 TCPv4 10.22.161.118:2337 10.22.194.35:8080 ESTABLISHED -1 | |
| 0xd90fd17308b0 TCPv4 10.22.161.118:2118 10.22.194.34:8080 CLOSE_WAIT -1 | |
| 0xd90fd176f0e0 TCPv4 10.22.161.118:2403 10.22.194.34:8080 ESTABLISHED -1 | |
| 0xd90fd17952e0 TCPv4 10.22.161.118:2763 8.36.112.54:443 SYN_SENT -1 - | |
| 0xd90fd20b5970 UDPv4 0.0.0.0:5353 *:* 3136 svchost.exe 2018-06-15 02:37:11 UTC+0000 | |
| 0xd90fd20c0860 UDPv4 192.168.116.1:5353 *:* 5744 mDNSResponder. 2018-06-15 02:37:12 UTC+0000 | |
| 0xd90fd219eeb0 UDPv4 10.22.161.118:57365 *:* 3340 svchost.exe 2018-06-15 02:37:10 UTC+0000 | |
| 0xd90fd186f360 TCPv6 ::1:2023 :::0 LISTENING 1116 jhi_service.ex 2018-06-15 02:38:31 UTC+0000 | |
| 0xd90fd18583d0 TCPv4 10.22.161.118:2124 10.22.194.35:8080 ESTABLISHED -1 - | |
| 0xd90fd1882010 TCPv4 10.22.161.118:2362 10.22.194.32:8080 ESTABLISHED -1 - | |
| 0xd90fd18942d0 TCPv4 10.22.161.118:1720 10.22.194.35:8080 ESTABLISHED -1 | |
| 0xd90fd18b8cc0 TCPv4 10.22.161.118:2765 8.36.120.249:443 SYN_SENT -1 - | |
| 0xd90fd192ccc0 TCPv4 127.0.0.1:2602 127.0.0.1:6471 CLOSED -1 - | |
| 0xd90fd1981bf0 TCPv4 10.22.161.118:2410 10.22.194.33:8080 ESTABLISHED -1 | |
| 0xd90fd19a0010 TCPv4 10.22.161.118:2431 10.22.194.35:8080 ESTABLISHED -1 | |
| 0xd90fd19a54e0 TCPv4 10.22.161.118:2505 10.22.194.34:8080 ESTABLISHED -1 - | |
| 0xd90fd20f54a0 TCPv4 10.22.161.118:2611 10.22.194.34:8080 ESTABLISHED -1 - | |
| 0xd90fd3045270 TCPv4 10.22.161.118:2650 8.36.120.11:443 CLOSED -1 | |
| 0xd90fd30919c0 TCPv4 10.22.161.118:2432 10.22.194.32:8080 ESTABLISHED -1 - | |
| 0xd90fd3099010 TCPv4 10.22.161.118:2488 10.22.194.32:8080 ESTABLISHED -1 - | |
| 0xd90fd31a6bf0 TCPv4 10.22.161.118:2385 10.22.194.33:8080 ESTABLISHED -1 - | |
| 0xd90fd31a76f0 TCPv4 10.22.161.118:2525 10.22.194.33:8080 ESTABLISHED -1 - | |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| COMMAND: | |
| python vol.py -f DESKTOP-KF7T1HV-20180615-024031.dmp --profile=Win10x64_17134 imageinfo | |
| OUTPUT: | |
| Volatility Foundation Volatility Framework 2.6 | |
| INFO : volatility.debug : Determining profile based on KDBG search... | |
| Suggested Profile(s) : Win10x64_17134 | |
| AS Layer1 : SkipDuplicatesAMD64PagedMemory (Kernel AS) | |
| AS Layer2 : WindowsCrashDumpSpace64 (Unnamed AS) | |
| AS Layer3 : FileAddressSpace (C:\Users\Hungnt\Desktop\volatility-master\volatility-master\DESKTOP-KF7T1HV-20180615-024031.dmp) | |
| PAE type : No PAE | |
| DTB : 0x1ad002L | |
| KDBG : 0xf8004ddaa520L | |
| Number of Processors : 8 | |
| Image Type (Service Pack) : 0 | |
| KPCR for CPU 0 : 0xfffff8004c667000L | |
| KPCR for CPU 1 : 0xffffb1005d390000L | |
| KPCR for CPU 2 : 0xffffb1005d440000L | |
| KPCR for CPU 3 : 0xffffb1005d4cf000L | |
| KPCR for CPU 4 : 0xffffb1005d565000L | |
| KPCR for CPU 5 : 0xffffb1005cfb1000L | |
| KPCR for CPU 6 : 0xffffb1005d680000L | |
| KPCR for CPU 7 : 0xffffb1005d716000L | |
| KUSER_SHARED_DATA : 0xfffff78000000000L | |
| Image date and time : 2018-06-15 02:40:36 UTC+0000 | |
| Image local date and time : 2018-06-15 09:40:36 +0700 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| COMMAND: | |
| python vol.py -f DESKTOP-KF7T1HV-20180615-024031.dmp --profile=Win10x64_17134 pslist | |
| OUTPUT: | |
| Volatility Foundation Volatility Framework 2.6 | |
| Offset(V) Name PID PPID Thds Hnds Sess Wow64 Start Exit | |
| ------------------ -------------------- ------ ------ ------ -------- ------ ------ ------------------------------ ------------------------------ | |
| 0xffffd90fc62d3440 System 4 0 215 0 ------ 0 2018-06-15 02:36:11 UTC+0000 | |
| 0xffffd90fc63e3040 Registry 120 4 3 0 ------ 0 2018-06-15 02:36:09 UTC+0000 | |
| 0xffffd90fcc353580 smss.exe 596 4 4 0 ------ 0 2018-06-15 02:36:11 UTC+0000 | |
| 0xffffd90fcdf5a580 csrss.exe 776 712 15 0 0 0 2018-06-15 02:36:17 UTC+0000 | |
| 0xffffd90fce35b580 wininit.exe 880 712 5 0 0 0 2018-06-15 02:36:19 UTC+0000 | |
| 0xffffd90fcd4c7580 csrss.exe 888 872 15 0 1 0 2018-06-15 02:36:19 UTC+0000 | |
| 0xffffd90fce3dd080 services.exe 952 880 43 0 0 0 2018-06-15 02:36:19 UTC+0000 | |
| 0xffffd90fce3f6080 lsass.exe 972 880 11 0 0 0 2018-06-15 02:36:19 UTC+0000 | |
| 0xffffd90fce3ac580 winlogon.exe 296 872 5 0 1 0 2018-06-15 02:36:19 UTC+0000 | |
| 0xffffd90fce45f580 svchost.exe 604 952 2 0 0 0 2018-06-15 02:36:19 UTC+0000 | |
| 0xffffd90fce46e080 fontdrvhost.ex 668 296 6 0 1 0 2018-06-15 02:36:19 UTC+0000 | |
| 0xffffd90fce46f4c0 fontdrvhost.ex 672 880 6 0 0 0 2018-06-15 02:36:19 UTC+0000 | |
| 0xffffd90fce39f080 svchost.exe 756 952 31 0 0 0 2018-06-15 02:36:19 UTC+0000 | |
| 0xffffd90fce49b580 WUDFHost.exe 452 952 14 0 0 0 2018-06-15 02:36:19 UTC+0000 | |
| 0xffffd90fce519080 svchost.exe 1108 952 18 0 0 0 2018-06-15 02:36:20 UTC+0000 | |
| 0xffffd90fce56f080 WUDFHost.exe 1184 952 10 0 0 0 2018-06-15 02:36:20 UTC+0000 | |
| 0xffffd90fce54a080 svchost.exe 1196 952 12 0 0 0 2018-06-15 02:36:20 UTC+0000 | |
| 0xffffd90fce5fe580 dwm.exe 1320 296 18 0 1 0 2018-06-15 02:36:20 UTC+0000 | |
| 0xffffd90fce634080 svchost.exe 1456 952 6 0 0 0 2018-06-15 02:36:20 UTC+0000 | |
| 0xffffd90fce630080 svchost.exe 1464 952 11 0 0 0 2018-06-15 02:36:20 UTC+0000 | |
| 0xffffd90fce55f080 svchost.exe 1472 952 24 0 0 0 2018-06-15 02:36:20 UTC+0000 | |
| 0xffffd90fce55c080 svchost.exe 1488 952 5 0 0 0 2018-06-15 02:36:20 UTC+0000 | |
| 0xffffd90fce65f080 svchost.exe 1516 952 11 0 0 0 2018-06-15 02:36:20 UTC+0000 | |
| 0xffffd90fce55a080 svchost.exe 1524 952 8 0 0 0 2018-06-15 02:36:20 UTC+0000 | |
| 0xffffd90fce661080 svchost.exe 1648 952 4 0 0 0 2018-06-15 02:36:20 UTC+0000 | |
| 0xffffd90fce6a0580 svchost.exe 1660 952 4 0 0 0 2018-06-15 02:36:20 UTC+0000 | |
| 0xffffd90fce6fa580 svchost.exe 1800 952 23 0 0 0 2018-06-15 02:36:20 UTC+0000 | |
| 0xffffd90fce6e7080 svchost.exe 1860 952 8 0 0 0 2018-06-15 02:36:20 UTC+0000 | |
| 0xffffd90fce6c6080 svchost.exe 1916 952 7 0 0 0 2018-06-15 02:36:20 UTC+0000 | |
| 0xffffd90fce76f080 svchost.exe 1972 952 11 0 0 0 2018-06-15 02:36:20 UTC+0000 | |
| 0xffffd90fce7d6080 svchost.exe 1308 952 10 0 0 0 2018-06-15 02:36:20 UTC+0000 | |
| 0xffffd90fce7d2080 svchost.exe 1404 952 4 0 0 0 2018-06-15 02:36:20 UTC+0000 | |
| 0xffffd90fce7c8580 svchost.exe 1808 952 8 0 0 0 2018-06-15 02:36:20 UTC+0000 | |
| 0xffffd90fce3a1080 svchost.exe 2104 952 7 0 0 0 2018-06-15 02:36:20 UTC+0000 | |
| 0xffffd90fce83f580 svchost.exe 2128 952 6 0 0 0 2018-06-15 02:36:20 UTC+0000 | |
| 0xffffd90fce868080 svchost.exe 2196 952 6 0 0 0 2018-06-15 02:36:20 UTC+0000 | |
| 0xffffd90fce8db500 dasHost.exe 2324 2128 7 0 0 0 2018-06-15 02:36:20 UTC+0000 | |
| 0xffffd90fce946080 svchost.exe 2352 952 7 0 0 0 2018-06-15 02:36:20 UTC+0000 | |
| 0xffffd90fce858080 svchost.exe 2360 952 13 0 0 0 2018-06-15 02:36:20 UTC+0000 | |
| 0xffffd90fce954080 svchost.exe 2424 952 6 0 0 0 2018-06-15 02:36:20 UTC+0000 | |
| 0xffffd90fce973080 NVDisplay.Cont 2504 952 16 0 0 0 2018-06-15 02:36:20 UTC+0000 | |
| 0xffffd90fce9ba080 svchost.exe 2600 952 7 0 0 0 2018-06-15 02:36:21 UTC+0000 | |
| 0xffffd90fce9e1080 svchost.exe 2672 952 21 0 0 0 2018-06-15 02:36:21 UTC+0000 | |
| 0xffffd90fce9d5080 gxxsvc.exe 2680 952 38 0 0 1 2018-06-15 02:36:21 UTC+0000 | |
| 0xffffd90fceaee580 svchost.exe 2792 952 21 0 0 0 2018-06-15 02:36:21 UTC+0000 | |
| 0xffffd90fceb08080 NVDisplay.Cont 2876 2504 25 0 1 0 2018-06-15 02:36:21 UTC+0000 | |
| 0xffffd90fceb2a080 svchost.exe 2936 952 3 0 0 0 2018-06-15 02:36:21 UTC+0000 | |
| 0xffffd90fceb84080 svchost.exe 2224 952 11 0 0 0 2018-06-15 02:36:21 UTC+0000 | |
| 0xffffd90fceb83080 svchost.exe 2052 952 4 0 0 0 2018-06-15 02:36:21 UTC+0000 | |
| 0xffffd90fceb89080 svchost.exe 2544 952 7 0 0 0 2018-06-15 02:36:21 UTC+0000 | |
| 0xffffd90fcebd5080 svchost.exe 3136 952 20 0 0 0 2018-06-15 02:36:21 UTC+0000 | |
| 0xffffd90fcebf7480 MemCompression 3196 4 18 0 ------ 0 2018-06-15 02:36:21 UTC+0000 | |
| 0xffffd90fcec9d080 svchost.exe 3308 952 7 0 0 0 2018-06-15 02:36:21 UTC+0000 | |
| 0xffffd90fced3a080 svchost.exe 3340 952 20 0 0 0 2018-06-15 02:36:21 UTC+0000 | |
| 0xffffd90fced4d080 igfxCUIService 3392 952 6 0 0 0 2018-06-15 02:36:21 UTC+0000 | |
| 0xffffd90fced49080 svchost.exe 3412 952 15 0 0 0 2018-06-15 02:36:21 UTC+0000 | |
| 0xffffd90fcedbe080 svchost.exe 3472 952 7 0 0 0 2018-06-15 02:36:21 UTC+0000 | |
| 0xffffd90fcedc0080 svchost.exe 3488 952 9 0 0 0 2018-06-15 02:36:21 UTC+0000 | |
| 0xffffd90fcf1ba580 svchost.exe 3748 952 14 0 0 0 2018-06-15 02:36:21 UTC+0000 | |
| 0xffffd90fcf206080 RtkAudioServic 3844 952 6 0 0 0 2018-06-15 02:36:21 UTC+0000 | |
| 0xffffd90fcf241080 svchost.exe 3948 952 10 0 0 0 2018-06-15 02:36:21 UTC+0000 | |
| 0xffffd90fcf26d080 sihost.exe 3980 1308 15 0 1 0 2018-06-15 02:36:21 UTC+0000 | |
| 0xffffd90fcf28a080 svchost.exe 4012 952 14 0 1 0 2018-06-15 02:36:21 UTC+0000 | |
| 0xffffd90fcf291580 svchost.exe 4036 952 8 0 0 0 2018-06-15 02:36:21 UTC+0000 | |
| 0xffffd90fcf299080 svchost.exe 4044 952 22 0 0 0 2018-06-15 02:36:21 UTC+0000 | |
| 0xffffd90fcf30b080 PresentationFo 3364 952 7 0 0 0 2018-06-15 02:36:21 UTC+0000 | |
| 0xffffd90fcf317080 svchost.exe 1016 952 13 0 1 0 2018-06-15 02:36:21 UTC+0000 | |
| 0xffffd90fcf372080 svchost.exe 4240 952 15 0 0 0 2018-06-15 02:36:21 UTC+0000 | |
| 0xffffd90fcf38b080 taskhostw.exe 4324 1800 10 0 1 0 2018-06-15 02:36:21 UTC+0000 | |
| 0xffffd90fcf3a2080 svchost.exe 4372 952 11 0 0 0 2018-06-15 02:36:21 UTC+0000 | |
| 0xffffd90fcf394080 AVGSvc.exe 4388 952 123 0 0 1 2018-06-15 02:36:21 UTC+0000 | |
| 0xffffd90fcf42e080 svchost.exe 4532 952 9 0 0 0 2018-06-15 02:36:22 UTC+0000 | |
| 0xffffd90fcf4d3080 svchost.exe 4632 952 5 0 0 0 2018-06-15 02:36:22 UTC+0000 | |
| 0xffffd90fcf502380 svchost.exe 4668 952 6 0 0 0 2018-06-15 02:36:22 UTC+0000 | |
| 0xffffd90fcf516580 userinit.exe 4800 296 0 -------- 1 0 2018-06-15 02:36:22 UTC+0000 2018-06-15 02:36:48 UTC+0000 | |
| 0xffffd90fcf58f580 ctfmon.exe 4852 4668 13 0 1 0 2018-06-15 02:36:22 UTC+0000 | |
| 0xffffd90fcf588580 explorer.exe 4864 4800 118 0 1 0 2018-06-15 02:36:22 UTC+0000 | |
| 0xffffd90fcf3e4080 igfxEM.exe 5052 4876 6 0 1 0 2018-06-15 02:36:22 UTC+0000 | |
| 0xffffd90fcf3fa080 RAVBg64.exe 5100 3844 9 0 1 0 2018-06-15 02:36:22 UTC+0000 | |
| 0xffffd90fcfa09400 spoolsv.exe 4200 952 18 0 0 0 2018-06-15 02:36:22 UTC+0000 | |
| 0xffffd90fcf6233c0 svchost.exe 5016 952 5 0 0 0 2018-06-15 02:36:22 UTC+0000 | |
| 0xffffd90fcf64e080 svchost.exe 4960 952 4 0 0 0 2018-06-15 02:36:22 UTC+0000 | |
| 0xffffd90fcf834080 audiodg.exe 5644 3748 5 0 0 0 2018-06-15 02:36:22 UTC+0000 | |
| 0xffffd90fcf9f9080 svchost.exe 5668 952 10 0 0 0 2018-06-15 02:36:23 UTC+0000 | |
| 0xffffd90fcf89f080 AGMService.exe 5708 952 4 0 0 1 2018-06-15 02:36:23 UTC+0000 | |
| 0xffffd90fcf878080 AdobeUpdateSer 5724 952 4 0 0 1 2018-06-15 02:36:23 UTC+0000 | |
| 0xffffd90fcf874080 IntelCpHDCPSvc 5736 952 6 0 0 0 2018-06-15 02:36:23 UTC+0000 | |
| 0xffffd90fcf890080 mDNSResponder. 5744 952 6 0 0 0 2018-06-15 02:36:23 UTC+0000 | |
| 0xffffd90fcf893080 AGSService.exe 5752 952 5 0 0 1 2018-06-15 02:36:23 UTC+0000 | |
| 0xffffd90fcf88d080 AppleMobileDev 5760 952 8 0 0 0 2018-06-15 02:36:23 UTC+0000 | |
| 0xffffd90fcf870080 svchost.exe 5768 952 11 0 0 0 2018-06-15 02:36:23 UTC+0000 | |
| 0xffffd90fcf869080 svchost.exe 5776 952 19 0 0 0 2018-06-15 02:36:23 UTC+0000 | |
| 0xffffd90fcf889080 svchost.exe 5784 952 15 0 0 0 2018-06-15 02:36:23 UTC+0000 | |
| 0xffffd90fcf863080 ibtsiva.exe 5792 952 5 0 0 0 2018-06-15 02:36:23 UTC+0000 | |
| 0xffffd90fcf8c3080 esif_uf.exe 5816 952 6 0 0 0 2018-06-15 02:36:23 UTC+0000 | |
| 0xffffd90fcf8d7580 svchost.exe 5824 952 17 0 0 0 2018-06-15 02:36:23 UTC+0000 | |
| 0xffffd90fcf886580 svchost.exe 5832 952 10 0 0 0 2018-06-15 02:36:23 UTC+0000 | |
| 0xffffd90fcf8ec080 LogiRegistrySe 5904 952 6 0 0 0 2018-06-15 02:36:23 UTC+0000 | |
| 0xffffd90fcf91f080 nvcontainer.ex 5924 952 31 0 0 0 2018-06-15 02:36:23 UTC+0000 | |
| 0xffffd90fcf8b4080 NvTelemetryCon 5940 952 16 0 0 1 2018-06-15 02:36:23 UTC+0000 | |
| 0xffffd90fcf90f240 svchost.exe 5980 952 3 0 0 0 2018-06-15 02:36:23 UTC+0000 | |
| 0xffffd90fcf98a400 sqlwriter.exe 6020 952 5 0 0 0 2018-06-15 02:36:23 UTC+0000 | |
| 0xffffd90fcf975580 SecurityHealth 6052 952 9 0 0 0 2018-06-15 02:36:23 UTC+0000 | |
| 0xffffd90fcf9ad080 svchost.exe 6064 952 7 0 0 0 2018-06-15 02:36:23 UTC+0000 | |
| 0xffffd90fcf9b8580 TeamViewer_Ser 6132 952 28 0 0 1 2018-06-15 02:36:23 UTC+0000 | |
| 0xffffd90fcf93c200 svchost.exe 5156 952 4 0 0 0 2018-06-15 02:36:23 UTC+0000 | |
| 0xffffd90fcf9e0580 vmnetdhcp.exe 4340 952 3 0 0 1 2018-06-15 02:36:23 UTC+0000 | |
| 0xffffd90fcf9d9580 vmnat.exe 5328 952 6 0 0 1 2018-06-15 02:36:23 UTC+0000 | |
| 0xffffd90fcfa44580 WavesSysSvc64. 5884 952 2 0 0 0 2018-06-15 02:36:23 UTC+0000 | |
| 0xffffd90fcfa62080 svchost.exe 6152 952 11 0 0 0 2018-06-15 02:36:23 UTC+0000 | |
| 0xffffd90fcfa48080 dptf_helper.ex 6264 5816 4 0 1 0 2018-06-15 02:36:23 UTC+0000 | |
| 0xffffd90fcfb32080 vmware-usbarbi 6436 952 5 0 0 0 2018-06-15 02:36:23 UTC+0000 | |
| 0xffffd90fcfb0f080 svchost.exe 6448 952 28 0 0 0 2018-06-15 02:36:23 UTC+0000 | |
| 0xffffd90fcfb68080 vmware-authd.e 6536 952 8 0 0 1 2018-06-15 02:36:23 UTC+0000 | |
| 0xffffd90fcfb9a580 svchost.exe 6764 952 16 0 0 0 2018-06-15 02:36:23 UTC+0000 | |
| 0xffffd90fcfc5a580 IntelCpHeciSvc 6824 952 10 0 0 1 2018-06-15 02:36:23 UTC+0000 | |
| 0xffffd90fcfc4f080 svchost.exe 6840 952 4 0 0 0 2018-06-15 02:36:23 UTC+0000 | |
| 0xffffd90fc676e080 dllhost.exe 7792 756 6 0 1 0 2018-06-15 02:36:24 UTC+0000 | |
| 0xffffd90fc66ed080 vmware-hostd.e 7860 952 21 0 0 1 2018-06-15 02:36:24 UTC+0000 | |
| 0xffffd90fd0343080 WmiPrvSE.exe 8296 756 9 0 0 0 2018-06-15 02:36:26 UTC+0000 | |
| 0xffffd90fcfd5c080 nvcontainer.ex 8320 5924 13 0 1 1 2018-06-15 02:36:26 UTC+0000 | |
| 0xffffd90fcfc16540 nvcontainer.ex 8328 5924 31 0 1 1 2018-06-15 02:36:26 UTC+0000 | |
| 0xffffd90fd01c7080 TeamViewer.exe 8420 6132 17 0 1 1 2018-06-15 02:36:26 UTC+0000 | |
| 0xffffd90fd01af080 svchost.exe 8464 952 9 0 0 0 2018-06-15 02:36:26 UTC+0000 | |
| 0xffffd90fd023d080 ShellExperienc 8628 756 25 0 1 0 2018-06-15 02:36:26 UTC+0000 | |
| 0xffffd90fd0356080 SearchUI.exe 8884 756 37 0 1 0 2018-06-15 02:36:27 UTC+0000 | |
| 0xffffd90fcf147080 RuntimeBroker. 9148 756 5 0 1 0 2018-06-15 02:36:27 UTC+0000 | |
| 0xffffd90fd048f080 RuntimeBroker. 9264 756 32 0 1 0 2018-06-15 02:36:27 UTC+0000 | |
| 0xffffd90fd0409580 svchost.exe 9284 952 3 0 0 0 2018-06-15 02:36:27 UTC+0000 | |
| 0xffffd90fd0629080 svchost.exe 9328 952 7 0 0 0 2018-06-15 02:36:27 UTC+0000 | |
| 0xffffd90fd06b0080 aswidsagenta.e 9588 952 23 0 0 0 2018-06-15 02:36:28 UTC+0000 | |
| 0xffffd90fd0730080 smartscreen.ex 9836 756 25 0 1 0 2018-06-15 02:36:28 UTC+0000 | |
| 0xffffd90fd0727080 tv_w32.exe 10068 6132 4 0 1 1 2018-06-15 02:36:28 UTC+0000 | |
| 0xffffd90fd0824080 tv_x64.exe 9508 6132 4 0 1 0 2018-06-15 02:36:28 UTC+0000 | |
| 0xffffd90fd0937580 RuntimeBroker. 10276 756 8 0 1 0 2018-06-15 02:36:29 UTC+0000 | |
| 0xffffd90fd08ac080 SearchIndexer. 10320 952 19 0 0 0 2018-06-15 02:36:29 UTC+0000 | |
| 0xffffd90fd089f580 SettingSyncHos 10484 756 10 0 1 0 2018-06-15 02:36:29 UTC+0000 | |
| 0xffffd90fce5ff080 SkypeHost.exe 10492 756 30 0 1 0 2018-06-15 02:36:29 UTC+0000 | |
| 0xffffd90fd0b61080 SearchProtocol 10920 10320 6 0 0 0 2018-06-15 02:36:30 UTC+0000 | |
| 0xffffd90fcedbd080 NVIDIA Web Hel 11152 4360 94 0 1 1 2018-06-15 02:36:31 UTC+0000 | |
| 0xffffd90fcf2c8080 conhost.exe 8572 11152 3 0 1 0 2018-06-15 02:36:31 UTC+0000 | |
| 0xffffd90fd07ee080 GoogleCrashHan 5400 4260 5 0 0 1 2018-06-15 02:36:31 UTC+0000 | |
| 0xffffd90fd096b080 svchost.exe 5412 952 13 0 0 0 2018-06-15 02:36:31 UTC+0000 | |
| 0xffffd90fd0c27080 GoogleCrashHan 4644 4260 4 0 0 0 2018-06-15 02:36:32 UTC+0000 | |
| 0xffffd90fd0c6c580 svchost.exe 11064 952 18 0 0 0 2018-06-15 02:36:32 UTC+0000 | |
| 0xffffd90fd0c89080 svchost.exe 10968 952 8 0 0 0 2018-06-15 02:36:32 UTC+0000 | |
| 0xffffd90fd0d4d580 svchost.exe 5292 952 3 0 0 0 2018-06-15 02:36:32 UTC+0000 | |
| 0xffffd90fd0df1580 RuntimeBroker. 5916 756 6 0 1 0 2018-06-15 02:36:33 UTC+0000 | |
| 0xffffd90fcff96080 svchost.exe 11284 952 16 0 0 0 2018-06-15 02:36:34 UTC+0000 | |
| 0xffffd90fd0d8f580 MSASCuiL.exe 11948 4864 3 0 1 0 2018-06-15 02:36:39 UTC+0000 | |
| 0xffffd90fd0c7e080 AGCInvokerUtil 12108 4864 0 -------- 1 1 2018-06-15 02:36:39 UTC+0000 2018-06-15 02:36:40 UTC+0000 | |
| 0xffffd90fd11ec080 IAStorIconLaun 11460 4864 0 -------- 1 1 2018-06-15 02:36:40 UTC+0000 2018-06-15 02:37:41 UTC+0000 | |
| 0xffffd90fd0dbf080 urmain.exe 7896 4864 0 -------- 1 1 2018-06-15 02:36:40 UTC+0000 2018-06-15 02:36:54 UTC+0000 | |
| 0xffffd90fd0798080 svchost.exe 7876 952 11 0 0 0 2018-06-15 02:36:40 UTC+0000 | |
| 0xffffd90fc66cd340 RtkNGUI64.exe 11756 4864 9 0 1 0 2018-06-15 02:36:40 UTC+0000 | |
| 0xffffd90fd11dd580 svchost.exe 8716 952 18 0 1 0 2018-06-15 02:36:41 UTC+0000 | |
| 0xffffd90fd1266580 RAVBg64.exe 9948 4864 8 0 1 0 2018-06-15 02:36:41 UTC+0000 | |
| 0xffffd90fd120b580 LCore.exe 8648 4864 20 0 1 0 2018-06-15 02:36:42 UTC+0000 | |
| 0xffffd90fd0805080 svchost.exe 10204 952 6 0 0 0 2018-06-15 02:36:42 UTC+0000 | |
| 0xffffd90fd13ac580 laclient.exe 11916 8648 6 0 1 0 2018-06-15 02:36:42 UTC+0000 | |
| 0xffffd90fd12ea080 conhost.exe 11720 11916 4 0 1 0 2018-06-15 02:36:43 UTC+0000 | |
| 0xffffd90fd1205580 rundll32.exe 3388 5924 0 -------- 1 0 2018-06-15 02:36:44 UTC+0000 2018-06-15 02:36:45 UTC+0000 | |
| 0xffffd90fd1150080 nvsphelper64.e 11748 5924 7 0 1 0 2018-06-15 02:36:45 UTC+0000 | |
| 0xffffd90fd1202580 NVIDIA Share.e 9000 8320 29 0 1 1 2018-06-15 02:36:45 UTC+0000 | |
| 0xffffd90fd1170080 NVIDIA Share.e 11724 9000 12 0 1 1 2018-06-15 02:36:46 UTC+0000 | |
| 0xffffd90fcf396080 NVIDIA Share.e 7868 9000 18 0 1 1 2018-06-15 02:36:46 UTC+0000 | |
| 0xffffd90fd0612080 WavesSvc64.exe 12352 4864 9 0 1 0 2018-06-15 02:36:46 UTC+0000 | |
| 0xffffd90fd1592080 logitechg_disc 12968 8648 6 0 1 1 2018-06-15 02:36:48 UTC+0000 | |
| 0xffffd90fd15c5080 AvLaunch.exe 12984 4864 0 -------- 1 1 2018-06-15 02:36:48 UTC+0000 2018-06-15 02:37:48 UTC+0000 | |
| 0xffffd90fd15ca080 AVGUI.exe 12992 12984 31 0 1 1 2018-06-15 02:36:48 UTC+0000 | |
| 0xffffd90fd094b080 OneDrive.exe 13000 4864 28 0 1 1 2018-06-15 02:36:49 UTC+0000 | |
| 0xffffd90fd125f080 UniKeyNT.exe 13100 4864 4 0 1 0 2018-06-15 02:36:50 UTC+0000 | |
| 0xffffd90fd209e3c0 IDMan.exe 13140 4864 4 0 1 1 2018-06-15 02:36:51 UTC+0000 | |
| 0xffffd90fd2113080 IEMonitor.exe 13180 13140 2 0 1 1 2018-06-15 02:36:51 UTC+0000 | |
| 0xffffd90fd21f4080 MSOSYNC.EXE 13236 4864 19 0 1 0 2018-06-15 02:36:52 UTC+0000 | |
| 0xffffd90fd12d5080 vmware-tray.ex 13264 13224 4 0 1 1 2018-06-15 02:36:52 UTC+0000 | |
| 0xffffd90fd21ca080 jusched.exe 12320 13224 2 0 1 1 2018-06-15 02:36:53 UTC+0000 | |
| 0xffffd90fcf697080 volatility_2.6 12908 4864 0 -------- 1 0 2018-06-15 02:36:59 UTC+0000 2018-06-15 02:37:02 UTC+0000 | |
| 0xffffd90fd171a080 svchost.exe 3968 952 9 0 0 0 2018-06-15 02:37:07 UTC+0000 | |
| 0xffffd90fd18e3080 svchost.exe 11752 952 6 0 0 0 2018-06-15 02:37:10 UTC+0000 | |
| 0xffffd90fd1826180 svchost.exe 4136 952 7 0 0 0 2018-06-15 02:37:38 UTC+0000 | |
| 0xffffd90fd1819400 IAStorIcon.exe 4656 11460 10 0 1 1 2018-06-15 02:37:40 UTC+0000 | |
| 0xffffd90fd0d8d080 DellUpService. 8104 952 16 0 0 1 2018-06-15 02:38:25 UTC+0000 | |
| 0xffffd90fcfe47080 WmiPrvSE.exe 10352 756 10 0 0 0 2018-06-15 02:38:26 UTC+0000 | |
| 0xffffd90fd0159580 svchost.exe 10456 952 15 0 0 0 2018-06-15 02:38:28 UTC+0000 | |
| 0xffffd90fcf64d080 IAStorDataMgrS 3556 952 10 0 0 1 2018-06-15 02:38:28 UTC+0000 | |
| 0xffffd90fd061b080 DellUpTray.exe 4464 8104 13 0 1 1 2018-06-15 02:38:28 UTC+0000 | |
| 0xffffd90fce8a1080 svchost.exe 11176 952 4 0 0 0 2018-06-15 02:38:29 UTC+0000 | |
| 0xffffd90fcf313080 jhi_service.ex 1116 952 4 0 0 1 2018-06-15 02:38:30 UTC+0000 | |
| 0xffffd90fcf6c7580 LMS.exe 2552 952 6 0 0 1 2018-06-15 02:38:31 UTC+0000 | |
| 0xffffd90fd16b4580 SgrmBroker.exe 12744 952 2 0 0 0 2018-06-15 02:38:33 UTC+0000 | |
| 0xffffd90fcff0d580 WmiPrvSE.exe 12872 756 8 0 0 1 2018-06-15 02:38:45 UTC+0000 | |
| 0xffffd90fd1758080 chrome.exe 3116 4864 42 0 1 0 2018-06-15 02:39:34 UTC+0000 | |
| 0xffffd90fd1155080 chrome.exe 3812 3116 7 0 1 0 2018-06-15 02:39:36 UTC+0000 | |
| 0xffffd90fd0a39080 chrome.exe 6664 3116 2 0 1 0 2018-06-15 02:39:36 UTC+0000 | |
| 0xffffd90fd1688080 chrome.exe 836 3116 21 0 1 0 2018-06-15 02:39:36 UTC+0000 | |
| 0xffffd90fc712b580 chrome.exe 3496 3116 15 0 1 0 2018-06-15 02:39:36 UTC+0000 | |
| 0xffffd90fc825c580 chrome.exe 9772 3116 11 0 1 0 2018-06-15 02:39:36 UTC+0000 | |
| 0xffffd90fd0bea080 chrome.exe 6112 3116 17 0 1 0 2018-06-15 02:39:38 UTC+0000 | |
| 0xffffd90fd31c7080 chrome.exe 5248 3116 16 0 1 0 2018-06-15 02:39:57 UTC+0000 | |
| 0xffffd90fd0858080 chrome.exe 2408 3116 17 0 1 0 2018-06-15 02:39:57 UTC+0000 | |
| 0xffffd90fd31c3580 chrome.exe 2696 3116 16 0 1 0 2018-06-15 02:40:00 UTC+0000 | |
| 0xffffd90fc7176080 chrome.exe 5932 3116 15 0 1 0 2018-06-15 02:40:00 UTC+0000 | |
| 0xffffd90fc778c4c0 SearchFilterHo 12624 10320 4 0 0 0 2018-06-15 02:40:06 UTC+0000 | |
| 0xffffd90fc7657580 WMIADAP.exe 9380 5776 5 0 0 0 2018-06-15 02:40:23 UTC+0000 | |
| 0xffffd90fc7816080 DumpIt.exe 2456 4864 4 0 1 0 2018-06-15 02:40:31 UTC+0000 | |
| 0xffffd90fd18104c0 conhost.exe 6468 2456 4 0 1 0 2018-06-15 02:40:31 UTC+0000 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment