1:29 p.m.
Anyone ever seen anything like this? It came out of a WinXPSP3x86 ram capture.
PCSXView results;
Offset(P) Name PID pslist psscan thrdproc pspcid csrss session
deskthrd
---------- -------------------- ------ ------ ------ -------- ------ ----- -------
--------
0x0a074da0 X???E?P??(O'? 23...6 False True False False False False False
PSSCan results;
Offset(P) Name PID PPID PDB Time created Time
exited
---------- ---------------- ------ ------ ---------- ------------------------------
------------------------------
0x0a074da0 X???E?P??(O'? 23...6 23...4 0x8a274dc0
Thanks,
Robert Ayers,
4417
days inactive
4418
days old
vol-users@lists.volatilityfoundation.org
1 comments
2 participants
participants (2)
-
Ayers, Robert -
Michael Cohen