-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathpslist.txt
93 lines (93 loc) · 13.2 KB
/
pslist.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
Volatility Foundation Volatility Framework 2.6.1
Offset(V) Name PID PPID Thds Hnds Sess Wow64 Start Exit
------------------ -------------------- ------ ------ ------ -------- ------ ------ ------------------------------ ------------------------------
0xffffc98693c87040 System 4 0 156 0 ------ 0 2021-12-09 19:43:04 UTC+0000
0xffffc98693cf2080 Registry 92 4 4 0 ------ 0 2021-12-09 19:42:58 UTC+0000
0xffffc98695ebd040 smss.exe 312 4 2 0 ------ 0 2021-12-09 19:43:04 UTC+0000
0xffffc986976a0140 csrss.exe 424 416 12 0 0 0 2021-12-09 19:43:04 UTC+0000
0xffffc98697ea3080 wininit.exe 500 416 3 0 0 0 2021-12-09 19:43:05 UTC+0000
0xffffc9869722d0c0 csrss.exe 520 492 14 0 1 0 2021-12-09 19:43:05 UTC+0000
0xffffc9869729d080 winlogon.exe 608 492 6 0 1 0 2021-12-09 19:43:05 UTC+0000
0xffffc98697e5f080 services.exe 644 500 9 0 0 0 2021-12-09 19:43:05 UTC+0000
0xffffc98697f260c0 lsass.exe 668 500 12 0 0 0 2021-12-09 19:43:05 UTC+0000
0xffffc98697f7e140 fontdrvhost.ex 764 608 5 0 1 0 2021-12-09 19:43:05 UTC+0000
0xffffc98697f80140 fontdrvhost.ex 772 500 5 0 0 0 2021-12-09 19:43:05 UTC+0000
0xffffc98697f8b240 svchost.exe 780 644 32 0 0 0 2021-12-09 19:43:05 UTC+0000
0xffffc986973172c0 svchost.exe 888 644 16 0 0 0 2021-12-09 19:43:05 UTC+0000
0xffffc98697364080 dwm.exe 980 608 17 0 1 0 2021-12-09 19:43:05 UTC+0000
0xffffc986973c4240 svchost.exe 496 644 81 0 0 0 2021-12-09 19:43:06 UTC+0000
0xffffc986973cc2c0 svchost.exe 388 644 15 0 0 0 2021-12-09 19:43:06 UTC+0000
0xffffc986973ce300 svchost.exe 720 644 25 0 0 0 2021-12-09 19:43:06 UTC+0000
0xffffc986973cf080 svchost.exe 956 644 8 0 0 0 2021-12-09 19:43:06 UTC+0000
0xffffc986973d0080 svchost.exe 416 644 39 0 0 0 2021-12-09 19:43:06 UTC+0000
0xffffc98698617280 svchost.exe 1084 644 21 0 0 0 2021-12-09 19:43:06 UTC+0000
0xffffc9869876c2c0 svchost.exe 1404 644 28 0 0 0 2021-12-09 19:43:06 UTC+0000
0xffffc98693d6f080 svchost.exe 1468 644 4 0 0 0 2021-12-09 19:43:06 UTC+0000
0xffffc98693d20040 MemCompression 1556 4 46 0 ------ 0 2021-12-09 19:43:06 UTC+0000
0xffffc986987aa300 svchost.exe 1652 644 12 0 0 0 2021-12-09 19:43:06 UTC+0000
0xffffc98698815300 svchost.exe 1744 644 6 0 0 0 2021-12-09 19:43:07 UTC+0000
0xffffc98698819300 svchost.exe 1756 644 14 0 0 0 2021-12-09 19:43:07 UTC+0000
0xffffc98698878240 svchost.exe 1800 644 15 0 0 0 2021-12-09 19:43:07 UTC+0000
0xffffc986988ef240 spoolsv.exe 1924 644 9 0 0 0 2021-12-09 19:43:07 UTC+0000
0xffffc986988fa300 svchost.exe 1952 644 18 0 0 0 2021-12-09 19:43:07 UTC+0000
0xffffc98698a94240 svchost.exe 2180 644 16 0 0 0 2021-12-09 19:43:08 UTC+0000
0xffffc98698b45300 VGAuthService. 2248 644 4 0 0 0 2021-12-09 19:43:08 UTC+0000
0xffffc98698b56080 vm3dservice.ex 2272 644 4 0 0 0 2021-12-09 19:43:08 UTC+0000
0xffffc98698b57080 vmtoolsd.exe 2284 644 11 0 0 0 2021-12-09 19:43:08 UTC+0000
0xffffc98698b5b280 MsMpEng.exe 2324 644 29 0 0 0 2021-12-09 19:43:08 UTC+0000
0xffffc98698bdf200 vm3dservice.ex 2432 2272 4 0 1 0 2021-12-09 19:43:08 UTC+0000
0xffffc98698e12280 dllhost.exe 2736 644 12 0 0 0 2021-12-09 19:43:10 UTC+0000
0xffffc98698eb40c0 WmiPrvSE.exe 2832 780 13 0 0 0 2021-12-09 19:43:10 UTC+0000
0xffffc9869713a080 NisSrv.exe 1796 644 6 0 0 0 2021-12-09 19:43:12 UTC+0000
0xffffc986952be0c0 msdtc.exe 1060 644 11 0 0 0 2021-12-09 19:43:12 UTC+0000
0xffffc98698d8e280 sihost.exe 3092 496 20 0 1 0 2021-12-09 19:43:12 UTC+0000
0xffffc98698dc52c0 svchost.exe 3108 644 25 0 1 0 2021-12-09 19:43:12 UTC+0000
0xffffc98698de3300 taskhostw.exe 3236 496 11 0 1 0 2021-12-09 19:43:13 UTC+0000
0xffffc986990a4340 userinit.exe 3464 608 0 -------- 1 0 2021-12-09 19:43:13 UTC+0000 2021-12-09 19:43:37 UTC+0000
0xffffc986990cf340 explorer.exe 3496 3464 99 0 1 0 2021-12-09 19:43:13 UTC+0000
0xffffc9869916d240 ctfmon.exe 3660 1084 11 0 1 0 2021-12-09 19:43:14 UTC+0000
0xffffc986991e22c0 svchost.exe 3828 644 8 0 1 0 2021-12-09 19:43:15 UTC+0000
0xffffc986992da080 StartMenuExper 2132 780 14 0 1 0 2021-12-09 19:43:16 UTC+0000
0xffffc986993e32c0 RuntimeBroker. 4012 780 6 0 1 0 2021-12-09 19:43:16 UTC+0000
0xffffc986994a7080 SearchApp.exe 4156 780 31 0 1 0 2021-12-09 19:43:17 UTC+0000
0xffffc98699624080 RuntimeBroker. 4244 780 14 0 1 0 2021-12-09 19:43:18 UTC+0000
0xffffc98699535080 MicrosoftEdge. 4476 780 0 -------- 1 0 2021-12-09 19:43:18 UTC+0000 2021-12-10 06:44:36 UTC+0000
0xffffc98699534300 ApplicationFra 4492 780 11 0 1 0 2021-12-09 19:43:18 UTC+0000
0xffffc98699ae22c0 RuntimeBroker. 4836 780 15 0 1 0 2021-12-09 19:43:19 UTC+0000
0xffffc98699be1240 SearchIndexer. 5176 644 19 0 0 0 2021-12-09 19:43:21 UTC+0000
0xffffc986989882c0 svchost.exe 5428 644 9 0 0 0 2021-12-09 19:43:29 UTC+0000
0xffffc986999a50c0 smartscreen.ex 5496 780 16 0 1 0 2021-12-09 19:43:30 UTC+0000
0xffffc986994920c0 SecurityHealth 5540 3496 3 0 1 0 2021-12-09 19:43:30 UTC+0000
0xffffc986994bc0c0 TrueCrypt.exe 5564 3496 7 0 1 1 2021-12-09 19:43:30 UTC+0000
0xffffc98699bdd080 SecurityHealth 5592 644 9 0 0 0 2021-12-09 19:43:30 UTC+0000
0xffffc98699be2080 vmtoolsd.exe 5716 3496 8 0 1 0 2021-12-09 19:43:31 UTC+0000
0xffffc986999e90c0 OneDrive.exe 5808 3496 23 0 1 1 2021-12-09 19:43:33 UTC+0000
0xffffc98698d8d080 SgrmBroker.exe 516 644 7 0 0 0 2021-12-09 19:45:09 UTC+0000
0xffffc98699ca6300 svchost.exe 2020 644 7 0 0 0 2021-12-09 19:45:09 UTC+0000
0xffffc98699ee4080 svchost.exe 540 644 12 0 0 0 2021-12-09 19:45:53 UTC+0000
0xffffc98699ca3300 dllhost.exe 2724 780 12 0 1 0 2021-12-09 19:45:54 UTC+0000
0xffffc98699c5d340 TextInputHost. 4748 780 11 0 1 0 2021-12-09 19:45:54 UTC+0000
0xffffc986995cc080 MicrosoftEdgeC 4412 780 0 -------- 1 0 2021-12-09 19:45:56 UTC+0000 2021-12-10 06:44:36 UTC+0000
0xffffc9869a91f240 ShellExperienc 1056 780 14 0 ------ 0 2021-12-09 19:46:27 UTC+0000
0xffffc98699ca7080 powershell.exe 5084 3496 10 0 1 0 2021-12-09 19:49:35 UTC+0000
0xffffc9869a039080 conhost.exe 5512 5084 4 0 1 0 2021-12-09 19:49:35 UTC+0000
0xffffc9869ab14080 taskhostw.exe 1984 496 6 0 1 0 2021-12-09 19:58:10 UTC+0000
0xffffc98699832080 svchost.exe 6764 644 3 0 0 0 2021-12-09 20:01:37 UTC+0000
0xffffc98699277080 Taskmgr.exe 5312 3496 16 0 1 0 2021-12-09 20:07:39 UTC+0000
0xffffc9869a9c4300 notepad.exe 6148 3496 5 0 1 0 2021-12-09 20:19:10 UTC+0000
0xffffc9869aa0b340 RuntimeBroker. 4640 780 5 0 1 0 2021-12-09 20:21:59 UTC+0000
0xffffc9869c267340 svchost.exe 3304 644 41 0 0 0 2021-12-10 06:42:46 UTC+0000
0xffffc9869abb30c0 TrustedInstall 6428 644 7 0 0 0 2021-12-10 06:43:03 UTC+0000
0xffffc9869c2522c0 TiWorker.exe 592 780 6 0 0 0 2021-12-10 06:43:04 UTC+0000
0xffffc9869cfb8080 WmiPrvSE.exe 3688 780 7 0 0 0 2021-12-10 06:43:10 UTC+0000
0xffffc9869ce7d080 MoUsoCoreWorke 1396 780 14 0 0 0 2021-12-10 06:43:13 UTC+0000
0xffffc9869c9722c0 audiodg.exe 2848 1652 5 0 0 0 2021-12-10 06:43:27 UTC+0000
0xffffc986998f5080 svchost.exe 5272 644 24 0 0 0 2021-12-10 06:43:50 UTC+0000
0xffffc986994db080 HxTsr.exe 7988 780 24 0 1 0 2021-12-10 06:44:15 UTC+0000
0xffffc9869c964080 RuntimeBroker. 5328 780 10 0 1 0 2021-12-10 06:44:25 UTC+0000
0xffffc9869a9fc080 MicrosoftEdge. 8088 780 34 0 1 0 2021-12-10 06:44:37 UTC+0000
0xffffc98699c74080 browser_broker 7784 780 9 0 1 0 2021-12-10 06:44:37 UTC+0000
0xffffc98698cca080 MicrosoftEdgeS 7288 4836 9 0 1 0 2021-12-10 06:44:38 UTC+0000
0xffffc9869d03d340 MicrosoftEdgeC 7460 780 39 0 1 0 2021-12-10 06:44:38 UTC+0000
0xffffc9869ce68340 DumpIt.exe 5940 3496 3 0 1 1 2021-12-10 06:44:57 UTC+0000
0xffffc98699292080 conhost.exe 4976 5940 6 0 1 0 2021-12-10 06:44:57 UTC+0000