Volatility psxview duplicate processes in output

General (Technical, Procedural, Software, Hardware etc.)

Last Post by fritter 10 years ago

1 Posts

1 Users

0 Reactions

1,054 Views

RSS

fritter

(@fritter)

New Member

Joined: 10 years ago

Posts: 4

Topic starter 29/05/2015 10:04 pm

Folks, A “psxview –apply-rules” command output showing a good number of duplicate results

0x000000017bbb7b30 atieclxx.exe 3680 FALSE TRUE FALSE FALSE FALSE FALSE FALSE
0x00000000a3e94b30 atieclxx.exe 3680 FALSE TRUE FALSE FALSE FALSE FALSE FALSE
0x0000000022365b30 atieclxx.exe 3680 FALSE TRUE FALSE FALSE FALSE FALSE FALSE
0x0000000062cb0b30 atieclxx.exe 3680 FALSE TRUE FALSE FALSE FALSE FALSE FALSE
0x000000023d26fb30 atieclxx.exe 3680 TRUE TRUE FALSE TRUE TRUE TRUE TRUE
0x00000001358ecb30 atiesrxx.exe 168 FALSE TRUE FALSE FALSE FALSE FALSE FALSE
0x0000000070f96b30 atiesrxx.exe 168 FALSE TRUE FALSE FALSE FALSE FALSE FALSE
0x0000000238a7eb30 atiesrxx.exe 168 TRUE TRUE FALSE TRUE TRUE TRUE FALSE
0x00000001c70c1b30 audiodg.exe 1288 FALSE TRUE FALSE FALSE FALSE FALSE FALSE
0x000000004498eb30 audiodg.exe 1288 FALSE TRUE FALSE FALSE FALSE FALSE FALSE
0x00000001ab9e4b30 audiodg.exe 1288 FALSE TRUE FALSE FALSE FALSE FALSE FALSE
0x00000002376ffb30 audiodg.exe 1288 TRUE TRUE FALSE TRUE TRUE TRUE TRUE

I ran this on a freshly installed reference system with EMET also installed, and did not get these type of results. Any ideas why I'd be seeing duplicates like this and if there's anything I can do about it?

Thanks!

Quote

8 Forums
15.7 K Topics
92.3 K Posts
171 Online
41.1 K Members

Forum Icons: Forum contains no unread posts Forum contains unread posts

Topic Icons: Not Replied Replied Active Hot Sticky Unapproved Solved Private Closed