Hey all,

So...Win 7 SP1 64 bit..here's what I got:

vol.py -f bleh-20140421-203458.raw imageinfo

Volatility Foundation Volatility Framework 2.3.1

Determining profile based on KDBG search...

          Suggested Profile(s) : Win2008R2SP0x64, Win7SP1x64, Win7SP0x64, Win2008R2SP1x64

                     AS Layer1 : AMD64PagedMemory (Kernel AS)

                     AS Layer2 : FileAddressSpace (/home/bleh/bleh-20140421-203458.raw)

                      PAE type : No PAE

                           DTB : 0x187000L

vol.py --profile Win7SP1x64 -f bleh-20140421-203458.raw pslist

Volatility Foundation Volatility Framework 2.3.1

Offset(V)          Name                    PID   PPID   Thds     Hnds   Sess  Wow64 Start                          Exit

------------------ -------------------- ------ ------ ------ -------- ------ ------ ------------------------------ ------------------------------

0xfffffa80066b8040 5??b              32...4 79...2 14...6 -------- ------      1                                3302-11-11 21:17:40 UTC+0000

And that's it.  This was dumped using DumpIt.  Is there something I'm missing?  My process:

wget latest volatility

python setup.py build

sudo python setup.py install

then the above commands.  Thanks for any assistance.

James