Deserialized.System.Diagnostics.Process
Deserialized.System.ComponentModel.Component
Deserialized.System.MarshalByRefObject
Deserialized.System.Object
System.Diagnostics.Process (AutoHotkey)
8
false
Deserialized.System.IntPtr
Deserialized.System.ValueType
Deserialized.System.Object
2500
Deserialized.Microsoft.Win32.SafeHandles.SafeProcessHandle
Deserialized.Microsoft.Win32.SafeHandles.SafeHandleZeroOrMinusOneIsInvalid
Deserialized.System.Runtime.InteropServices.SafeHandle
Deserialized.System.Runtime.ConstrainedExecution.CriticalFinalizerObject
Deserialized.System.Object
Microsoft.Win32.SafeHandles.SafeProcessHandle
false
false
171
14912
.
0
AutoHotkey.exe
C:\Program Files\AutoHotkey\AutoHotkey.exe
5368709120
1245184
5369430152
File: C:\Program Files\AutoHotkey\AutoHotkey.exe_x000D__x000A_InternalName: AutoHotkey_x000D__x000A_OriginalFilename: AutoHotkey.exe_x000D__x000A_FileVersion: 1.1.28.00_x000D__x000A_FileDescription: AutoHotkey Unicode 64-bit_x000D__x000A_Product: AutoHotkey_x000D__x000A_ProductVersion: 1.1.28.00_x000D__x000A_Debug: False_x000D__x000A_Patched: False_x000D__x000A_PreRelease: False_x000D__x000A_PrivateBuild: False_x000D__x000A_SpecialBuild: False_x000D__x000A_Language: English (United States)_x000D__x000A_
1216
1.1.28.00
1.1.28.00
AutoHotkey Unicode 64-bit
AutoHotkey
1413120
204800
System.Diagnostics.ProcessThreadCollection
13592
13592
5296128
5296128
246000
246000
5414912
5414912
12247040
12247040
209362944
4504330240
true
Deserialized.System.Diagnostics.ProcessPriorityClass
Deserialized.System.Enum
Deserialized.System.ValueType
Deserialized.System.Object
Normal
32
5296128
5296128
PT0.328125S
AutoHotkey
255
true
1
Deserialized.System.Diagnostics.ProcessStartInfo
Deserialized.System.Object
System.Diagnostics.ProcessStartInfo
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
Deserialized.System.Collections.Specialized.StringDictionary+GenericAdapter
Deserialized.System.Object
[OneDriveConsumer, C:\Users\illym\OneDrive]
[PATHEXT, .COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC;.PL;.CPL]
[TERM_PROGRAM_VERSION, 1.37.1]
[FPS_BROWSER_USER_PROFILE_STRING, Default]
[TEMP, C:\Users\illym\AppData\Local\Temp]
[LOGONSERVER, \\DC1]
[PROCESSOR_ARCHITECTURE, AMD64]
[FPS_BROWSER_APP_PROFILE_STRING, Internet Explorer]
[USERNAME, ili]
[LANG, en_US.UTF-8]
[windir, C:\WINDOWS]
[COMPUTERNAME, ILI]
[ComSpec, C:\WINDOWS\system32\cmd.exe]
[ProgramData, C:\ProgramData]
[DriverData, C:\Windows\System32\Drivers\DriverData]
[VS140COMNTOOLS, C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\Tools\]
[PUBLIC, C:\Users\Public]
[PROCESSOR_IDENTIFIER, Intel64 Family 6 Model 60 Stepping 3, GenuineIntel]
[USERPROFILE, C:\Users\illym]
[PROCESSOR_LEVEL, 6]
[CommonProgramFiles(x86), C:\Program Files (x86)\Common Files]
[OneDrive, C:\Users\illym\OneDrive]
[USERDOMAIN, NTSERV1]
[ProgramFiles, C:\Program Files]
[ALLUSERSPROFILE, C:\ProgramData]
[SystemRoot, C:\WINDOWS]
[OPENSSL_CONF, C:\Program Files\OpenSSL-Win64\bin\openssl.cfg]
[USERDOMAIN_ROAMINGPROFILE, NTSERV1]
[JD2_HOME, C:\Users\illym\AppData\Local\JDownloader v2.0]
[APPDATA, C:\Users\illym\AppData\Roaming]
[ProgramW6432, C:\Program Files]
[NUMBER_OF_PROCESSORS, 8]
[COLORTERM, truecolor]
[HOMEPATH, \Users\illym]
[ChocolateyPath, C:\Chocolatey]
[TERM_PROGRAM, vscode]
[SESSIONNAME, Console]
[PSExecutionPolicyPreference, Bypass]
[CommonProgramFiles, C:\Program Files\Common Files]
[SystemDrive, C:]
[ChocolateyInstall, C:\ProgramData\chocolatey]
[CommonProgramW6432, C:\Program Files\Common Files]
[HOMEDRIVE, C:]
[OS, Windows_NT]
[PROCESSOR_REVISION, 3c03]
[PSModulePath, D:\ILI\Profile\Documents\WindowsPowerShell\Modules;C:\Program Files\WindowsPowerShell\Modules;C:\WINDOWS\system32\WindowsPowerShell\v1.0\Modules\;C:\Program Files (x86)\Microsoft SDKs\Azure\PowerShell\ResourceManager\AzureResourceManager;C:\Program Files (x86)\Microsoft SDKs\Azure\PowerShell\ServiceManagement;C:\Program Files\Microsoft System Center 2012 R2\Virtual Machine Manager\bin\psModules\;C:\Program Files (x86)\VMware\Infrastructure\PowerCLI\Modules;C:\Users\illym\.vscode\extensions\ms-vscode.powershell-2019.5.0\modules]
[Path, C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\iCLS\;C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Wireshark\;C:\ProgramData\chocolatey\bin;C:\Program Files\OpenSSL-Win64\bin;C:\Strawberry\c\bin;C:\Strawberry\perl\site\bin;C:\Strawberry\perl\bin;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files\OpenSSH\;C:\Program Files\PuTTY\;C:\Program Files\php\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\Microsoft SQL Server\130\Tools\Binn\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\PowerShell\6-preview\preview;C:\Program Files\Git\cmd;C:\Program Files\PowerShell\6\;C:\Program Files\dotnet\;C:\Program Files\Microsoft SQL Server\Client SDK\ODBC\170\Tools\Binn\;C:\Program Files\PowerShell\6.0.5\;C:\Program Files\PowerShell\7-preview\preview;C:\Users\illym\AppData\Local\Programs\Python\Python37\Scripts\;C:\Users\illym\AppData\Local\Programs\Python\Python37\;C:\Users\illym\AppData\Local\Microsoft\WindowsApps;C:\Users\illym\AppData\Local\GitHubDesktop\bin;C:\Program Files (x86)\Nmap;C:\Program Files\Microsoft VS Code\bin;C:\Users\illym\AppData\Local\Programs\Microsoft VS Code\bin;C:\Users\illym\.dotnet\tools;C:\Users\illym\AppData\Local\Programs\Microsoft VS Code Insiders\bin;C:\Users\illym\AppData\Local\Microsoft\WindowsApps;C:\Users\illym\AppData\Roaming\Python\Python37\Scripts\;C:\Users\illym\AppData\Local\nvs\default;C:\Users\illym\AppData\Local\nvs\;C:\Users\illym\AppData\Local\Programs\Fiddler]
[TMP, C:\Users\illym\AppData\Local\Temp]
[USERDNSDOMAIN, CCC.CO.IL]
[TVT, C:\Program Files (x86)\Lenovo]
[ProgramFiles(x86), C:\Program Files (x86)]
[LOCALAPPDATA, C:\Users\illym\AppData\Local]
false
false
false
true
Deserialized.System.String[]
Deserialized.System.Array
Deserialized.System.Object
0
Normal
2019-08-27T10:56:21.5460487+03:00
System.Diagnostics.ProcessThreadCollection
PT0.515625S
PT0.1875S
180191232
4475158528
false
10293248
10293248
AutoHotkey
1
171
4475158528
10293248
5296128
13592
C:\Program Files\AutoHotkey\AutoHotkey.exe
1.1.28.00
1.1.28.00
AutoHotkey Unicode 64-bit
AutoHotkey
Process
System.Diagnostics.Process (browsernativehost)
8
false
14816
Microsoft.Win32.SafeHandles.SafeProcessHandle
false
false
210
18092
.
0
browsernativehost.exe
C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\browsernativehost.exe
140702562582528
761856
140702562979756
File: C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\browsernativehost.exe_x000D__x000A_InternalName: _x000D__x000A_OriginalFilename: browsernativehost.exe_x000D__x000A_FileVersion: 5.1.38.7312_x000D__x000A_FileDescription: _x000D__x000A_Product: browsernativehost_x000D__x000A_ProductVersion: 5.1.38.7312_x000D__x000A_Debug: False_x000D__x000A_Patched: False_x000D__x000A_PreRelease: False_x000D__x000A_PrivateBuild: False_x000D__x000A_SpecialBuild: False_x000D__x000A_Language: English (United States)_x000D__x000A_
744
5.1.38.7312
5.1.38.7312
browsernativehost
1413120
204800
System.Diagnostics.ProcessThreadCollection
16680
16680
6434816
6434816
280880
280880
6434816
6434816
16957440
16957440
179355648
4474322944
true
Normal
32
6434816
6434816
PT5.203125S
browsernativehost
255
true
1
System.Diagnostics.ProcessStartInfo
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
[OneDriveConsumer, C:\Users\illym\OneDrive]
[PATHEXT, .COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC;.PL;.CPL]
[TERM_PROGRAM_VERSION, 1.37.1]
[FPS_BROWSER_USER_PROFILE_STRING, Default]
[TEMP, C:\Users\illym\AppData\Local\Temp]
[LOGONSERVER, \\DC1]
[PROCESSOR_ARCHITECTURE, AMD64]
[FPS_BROWSER_APP_PROFILE_STRING, Internet Explorer]
[USERNAME, ili]
[LANG, en_US.UTF-8]
[windir, C:\WINDOWS]
[COMPUTERNAME, ILI]
[ComSpec, C:\WINDOWS\system32\cmd.exe]
[ProgramData, C:\ProgramData]
[DriverData, C:\Windows\System32\Drivers\DriverData]
[VS140COMNTOOLS, C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\Tools\]
[PUBLIC, C:\Users\Public]
[PROCESSOR_IDENTIFIER, Intel64 Family 6 Model 60 Stepping 3, GenuineIntel]
[USERPROFILE, C:\Users\illym]
[PROCESSOR_LEVEL, 6]
[CommonProgramFiles(x86), C:\Program Files (x86)\Common Files]
[OneDrive, C:\Users\illym\OneDrive]
[USERDOMAIN, NTSERV1]
[ProgramFiles, C:\Program Files]
[ALLUSERSPROFILE, C:\ProgramData]
[SystemRoot, C:\WINDOWS]
[OPENSSL_CONF, C:\Program Files\OpenSSL-Win64\bin\openssl.cfg]
[USERDOMAIN_ROAMINGPROFILE, NTSERV1]
[JD2_HOME, C:\Users\illym\AppData\Local\JDownloader v2.0]
[APPDATA, C:\Users\illym\AppData\Roaming]
[ProgramW6432, C:\Program Files]
[NUMBER_OF_PROCESSORS, 8]
[COLORTERM, truecolor]
[HOMEPATH, \Users\illym]
[ChocolateyPath, C:\Chocolatey]
[TERM_PROGRAM, vscode]
[SESSIONNAME, Console]
[PSExecutionPolicyPreference, Bypass]
[CommonProgramFiles, C:\Program Files\Common Files]
[SystemDrive, C:]
[ChocolateyInstall, C:\ProgramData\chocolatey]
[CommonProgramW6432, C:\Program Files\Common Files]
[HOMEDRIVE, C:]
[OS, Windows_NT]
[PROCESSOR_REVISION, 3c03]
[PSModulePath, D:\ILI\Profile\Documents\WindowsPowerShell\Modules;C:\Program Files\WindowsPowerShell\Modules;C:\WINDOWS\system32\WindowsPowerShell\v1.0\Modules\;C:\Program Files (x86)\Microsoft SDKs\Azure\PowerShell\ResourceManager\AzureResourceManager;C:\Program Files (x86)\Microsoft SDKs\Azure\PowerShell\ServiceManagement;C:\Program Files\Microsoft System Center 2012 R2\Virtual Machine Manager\bin\psModules\;C:\Program Files (x86)\VMware\Infrastructure\PowerCLI\Modules;C:\Users\illym\.vscode\extensions\ms-vscode.powershell-2019.5.0\modules]
[Path, C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\iCLS\;C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Wireshark\;C:\ProgramData\chocolatey\bin;C:\Program Files\OpenSSL-Win64\bin;C:\Strawberry\c\bin;C:\Strawberry\perl\site\bin;C:\Strawberry\perl\bin;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files\OpenSSH\;C:\Program Files\PuTTY\;C:\Program Files\php\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\Microsoft SQL Server\130\Tools\Binn\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\PowerShell\6-preview\preview;C:\Program Files\Git\cmd;C:\Program Files\PowerShell\6\;C:\Program Files\dotnet\;C:\Program Files\Microsoft SQL Server\Client SDK\ODBC\170\Tools\Binn\;C:\Program Files\PowerShell\6.0.5\;C:\Program Files\PowerShell\7-preview\preview;C:\Users\illym\AppData\Local\Programs\Python\Python37\Scripts\;C:\Users\illym\AppData\Local\Programs\Python\Python37\;C:\Users\illym\AppData\Local\Microsoft\WindowsApps;C:\Users\illym\AppData\Local\GitHubDesktop\bin;C:\Program Files (x86)\Nmap;C:\Program Files\Microsoft VS Code\bin;C:\Users\illym\AppData\Local\Programs\Microsoft VS Code\bin;C:\Users\illym\.dotnet\tools;C:\Users\illym\AppData\Local\Programs\Microsoft VS Code Insiders\bin;C:\Users\illym\AppData\Local\Microsoft\WindowsApps;C:\Users\illym\AppData\Roaming\Python\Python37\Scripts\;C:\Users\illym\AppData\Local\nvs\default;C:\Users\illym\AppData\Local\nvs\;C:\Users\illym\AppData\Local\Programs\Fiddler]
[TMP, C:\Users\illym\AppData\Local\Temp]
[USERDNSDOMAIN, CCC.CO.IL]
[TVT, C:\Program Files (x86)\Lenovo]
[ProgramFiles(x86), C:\Program Files (x86)]
[LOCALAPPDATA, C:\Users\illym\AppData\Local]
false
false
false
true
0
Normal
2019-08-27T10:56:42.5627771+03:00
System.Diagnostics.ProcessThreadCollection
PT34.484375S
PT29.28125S
173064192
4468031488
false
14827520
14827520
browsernativehost
1
210
4468031488
14827520
6434816
16680
C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\browsernativehost.exe
5.1.38.7312
5.1.38.7312
browsernativehost
Process
System.Diagnostics.Process (Ditto)
8
false
7668
Microsoft.Win32.SafeHandles.SafeProcessHandle
false
false
343
9032
.
0
Ditto.exe
C:\Program Files\WindowsApps\60145ScottBrogden.ditto-cp_3.22.20.0_x005F_x86__n6b029mg40na2\Ditto.exe
17498112
4165632
19651218
File: C:\Program Files\WindowsApps\60145ScottBrogden.ditto-cp_3.22.20.0_x005F_x86__n6b029mg40na2\Ditto.exe_x000D__x000A_InternalName: CP_Main_x000D__x000A_OriginalFilename: Ditto_x000D__x000A_FileVersion: 3.22.20.0_x000D__x000A_FileDescription: Ditto_x000D__x000A_Product: Ditto_x000D__x000A_ProductVersion: 3.22.20.0_x000D__x000A_Debug: False_x000D__x000A_Patched: False_x000D__x000A_PreRelease: False_x000D__x000A_PrivateBuild: False_x000D__x000A_SpecialBuild: False_x000D__x000A_Language: English (United States)_x000D__x000A_
4068
3.22.20.0
3.22.20.0
Ditto
Ditto
1413120
204800
System.Diagnostics.ProcessThreadCollection
23104
23104
7507968
7507968
335880
335880
8241152
8241152
23441408
23441408
214507520
214507520
true
Normal
32
7507968
7507968
PT5.390625S
Ditto
255
true
1
System.Diagnostics.ProcessStartInfo
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
[OneDriveConsumer, C:\Users\illym\OneDrive]
[PATHEXT, .COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC;.PL;.CPL]
[TERM_PROGRAM_VERSION, 1.37.1]
[FPS_BROWSER_USER_PROFILE_STRING, Default]
[TEMP, C:\Users\illym\AppData\Local\Temp]
[LOGONSERVER, \\DC1]
[PROCESSOR_ARCHITECTURE, AMD64]
[FPS_BROWSER_APP_PROFILE_STRING, Internet Explorer]
[USERNAME, ili]
[LANG, en_US.UTF-8]
[windir, C:\WINDOWS]
[COMPUTERNAME, ILI]
[ComSpec, C:\WINDOWS\system32\cmd.exe]
[ProgramData, C:\ProgramData]
[DriverData, C:\Windows\System32\Drivers\DriverData]
[VS140COMNTOOLS, C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\Tools\]
[PUBLIC, C:\Users\Public]
[PROCESSOR_IDENTIFIER, Intel64 Family 6 Model 60 Stepping 3, GenuineIntel]
[USERPROFILE, C:\Users\illym]
[PROCESSOR_LEVEL, 6]
[CommonProgramFiles(x86), C:\Program Files (x86)\Common Files]
[OneDrive, C:\Users\illym\OneDrive]
[USERDOMAIN, NTSERV1]
[ProgramFiles, C:\Program Files]
[ALLUSERSPROFILE, C:\ProgramData]
[SystemRoot, C:\WINDOWS]
[OPENSSL_CONF, C:\Program Files\OpenSSL-Win64\bin\openssl.cfg]
[USERDOMAIN_ROAMINGPROFILE, NTSERV1]
[JD2_HOME, C:\Users\illym\AppData\Local\JDownloader v2.0]
[APPDATA, C:\Users\illym\AppData\Roaming]
[ProgramW6432, C:\Program Files]
[NUMBER_OF_PROCESSORS, 8]
[COLORTERM, truecolor]
[HOMEPATH, \Users\illym]
[ChocolateyPath, C:\Chocolatey]
[TERM_PROGRAM, vscode]
[SESSIONNAME, Console]
[PSExecutionPolicyPreference, Bypass]
[CommonProgramFiles, C:\Program Files\Common Files]
[SystemDrive, C:]
[ChocolateyInstall, C:\ProgramData\chocolatey]
[CommonProgramW6432, C:\Program Files\Common Files]
[HOMEDRIVE, C:]
[OS, Windows_NT]
[PROCESSOR_REVISION, 3c03]
[PSModulePath, D:\ILI\Profile\Documents\WindowsPowerShell\Modules;C:\Program Files\WindowsPowerShell\Modules;C:\WINDOWS\system32\WindowsPowerShell\v1.0\Modules\;C:\Program Files (x86)\Microsoft SDKs\Azure\PowerShell\ResourceManager\AzureResourceManager;C:\Program Files (x86)\Microsoft SDKs\Azure\PowerShell\ServiceManagement;C:\Program Files\Microsoft System Center 2012 R2\Virtual Machine Manager\bin\psModules\;C:\Program Files (x86)\VMware\Infrastructure\PowerCLI\Modules;C:\Users\illym\.vscode\extensions\ms-vscode.powershell-2019.5.0\modules]
[Path, C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\iCLS\;C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Wireshark\;C:\ProgramData\chocolatey\bin;C:\Program Files\OpenSSL-Win64\bin;C:\Strawberry\c\bin;C:\Strawberry\perl\site\bin;C:\Strawberry\perl\bin;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files\OpenSSH\;C:\Program Files\PuTTY\;C:\Program Files\php\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\Microsoft SQL Server\130\Tools\Binn\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\PowerShell\6-preview\preview;C:\Program Files\Git\cmd;C:\Program Files\PowerShell\6\;C:\Program Files\dotnet\;C:\Program Files\Microsoft SQL Server\Client SDK\ODBC\170\Tools\Binn\;C:\Program Files\PowerShell\6.0.5\;C:\Program Files\PowerShell\7-preview\preview;C:\Users\illym\AppData\Local\Programs\Python\Python37\Scripts\;C:\Users\illym\AppData\Local\Programs\Python\Python37\;C:\Users\illym\AppData\Local\Microsoft\WindowsApps;C:\Users\illym\AppData\Local\GitHubDesktop\bin;C:\Program Files (x86)\Nmap;C:\Program Files\Microsoft VS Code\bin;C:\Users\illym\AppData\Local\Programs\Microsoft VS Code\bin;C:\Users\illym\.dotnet\tools;C:\Users\illym\AppData\Local\Programs\Microsoft VS Code Insiders\bin;C:\Users\illym\AppData\Local\Microsoft\WindowsApps;C:\Users\illym\AppData\Roaming\Python\Python37\Scripts\;C:\Users\illym\AppData\Local\nvs\default;C:\Users\illym\AppData\Local\nvs\;C:\Users\illym\AppData\Local\Programs\Fiddler]
[TMP, C:\Users\illym\AppData\Local\Temp]
[USERDNSDOMAIN, CCC.CO.IL]
[TVT, C:\Program Files (x86)\Lenovo]
[ProgramFiles(x86), C:\Program Files (x86)]
[LOCALAPPDATA, C:\Users\illym\AppData\Local]
false
false
false
true
0
Normal
2019-08-27T10:56:18.6499958+03:00
System.Diagnostics.ProcessThreadCollection
PT6.90625S
PT1.515625S
192929792
192929792
false
21688320
21688320
Ditto
1
343
192929792
21688320
7507968
23104
C:\Program Files\WindowsApps\60145ScottBrogden.ditto-cp_3.22.20.0_x005F_x86__n6b029mg40na2\Ditto.exe
3.22.20.0
3.22.20.0
Ditto
Ditto
Process
System.Diagnostics.Process (dweundo)
8
false
13960
Microsoft.Win32.SafeHandles.SafeProcessHandle
false
false
140
15204
.
0
dweundo.exe
C:\Program Files (x86)\dweundo\dweundo.exe
4194304
45056
4199044
File: C:\Program Files (x86)\dweundo\dweundo.exe_x000D__x000A_InternalName: _x000D__x000A_OriginalFilename: dweundo.exe_x000D__x000A_FileVersion: 1.1_x000D__x000A_FileDescription: dweundo (http://purl.org/net/dweundo)_x000D__x000A_Product: dweundo_x000D__x000A_ProductVersion: 1.1_x000D__x000A_Debug: False_x000D__x000A_Patched: False_x000D__x000A_PreRelease: False_x000D__x000A_PrivateBuild: False_x000D__x000A_SpecialBuild: False_x000D__x000A_Language: English (United States)_x000D__x000A_
44
1.1
1.1
dweundo (http://purl.org/net/dweundo)
dweundo
1413120
204800
System.Diagnostics.ProcessThreadCollection
12024
12024
3481600
3481600
122672
122672
3698688
3698688
7946240
7946240
76582912
76582912
true
Normal
32
3481600
3481600
PT0S
dweundo
255
true
1
System.Diagnostics.ProcessStartInfo
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
[OneDriveConsumer, C:\Users\illym\OneDrive]
[PATHEXT, .COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC;.PL;.CPL]
[TERM_PROGRAM_VERSION, 1.37.1]
[FPS_BROWSER_USER_PROFILE_STRING, Default]
[TEMP, C:\Users\illym\AppData\Local\Temp]
[LOGONSERVER, \\DC1]
[PROCESSOR_ARCHITECTURE, AMD64]
[FPS_BROWSER_APP_PROFILE_STRING, Internet Explorer]
[USERNAME, ili]
[LANG, en_US.UTF-8]
[windir, C:\WINDOWS]
[COMPUTERNAME, ILI]
[ComSpec, C:\WINDOWS\system32\cmd.exe]
[ProgramData, C:\ProgramData]
[DriverData, C:\Windows\System32\Drivers\DriverData]
[VS140COMNTOOLS, C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\Tools\]
[PUBLIC, C:\Users\Public]
[PROCESSOR_IDENTIFIER, Intel64 Family 6 Model 60 Stepping 3, GenuineIntel]
[USERPROFILE, C:\Users\illym]
[PROCESSOR_LEVEL, 6]
[CommonProgramFiles(x86), C:\Program Files (x86)\Common Files]
[OneDrive, C:\Users\illym\OneDrive]
[USERDOMAIN, NTSERV1]
[ProgramFiles, C:\Program Files]
[ALLUSERSPROFILE, C:\ProgramData]
[SystemRoot, C:\WINDOWS]
[OPENSSL_CONF, C:\Program Files\OpenSSL-Win64\bin\openssl.cfg]
[USERDOMAIN_ROAMINGPROFILE, NTSERV1]
[JD2_HOME, C:\Users\illym\AppData\Local\JDownloader v2.0]
[APPDATA, C:\Users\illym\AppData\Roaming]
[ProgramW6432, C:\Program Files]
[NUMBER_OF_PROCESSORS, 8]
[COLORTERM, truecolor]
[HOMEPATH, \Users\illym]
[ChocolateyPath, C:\Chocolatey]
[TERM_PROGRAM, vscode]
[SESSIONNAME, Console]
[PSExecutionPolicyPreference, Bypass]
[CommonProgramFiles, C:\Program Files\Common Files]
[SystemDrive, C:]
[ChocolateyInstall, C:\ProgramData\chocolatey]
[CommonProgramW6432, C:\Program Files\Common Files]
[HOMEDRIVE, C:]
[OS, Windows_NT]
[PROCESSOR_REVISION, 3c03]
[PSModulePath, D:\ILI\Profile\Documents\WindowsPowerShell\Modules;C:\Program Files\WindowsPowerShell\Modules;C:\WINDOWS\system32\WindowsPowerShell\v1.0\Modules\;C:\Program Files (x86)\Microsoft SDKs\Azure\PowerShell\ResourceManager\AzureResourceManager;C:\Program Files (x86)\Microsoft SDKs\Azure\PowerShell\ServiceManagement;C:\Program Files\Microsoft System Center 2012 R2\Virtual Machine Manager\bin\psModules\;C:\Program Files (x86)\VMware\Infrastructure\PowerCLI\Modules;C:\Users\illym\.vscode\extensions\ms-vscode.powershell-2019.5.0\modules]
[Path, C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\iCLS\;C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Wireshark\;C:\ProgramData\chocolatey\bin;C:\Program Files\OpenSSL-Win64\bin;C:\Strawberry\c\bin;C:\Strawberry\perl\site\bin;C:\Strawberry\perl\bin;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files\OpenSSH\;C:\Program Files\PuTTY\;C:\Program Files\php\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\Microsoft SQL Server\130\Tools\Binn\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\PowerShell\6-preview\preview;C:\Program Files\Git\cmd;C:\Program Files\PowerShell\6\;C:\Program Files\dotnet\;C:\Program Files\Microsoft SQL Server\Client SDK\ODBC\170\Tools\Binn\;C:\Program Files\PowerShell\6.0.5\;C:\Program Files\PowerShell\7-preview\preview;C:\Users\illym\AppData\Local\Programs\Python\Python37\Scripts\;C:\Users\illym\AppData\Local\Programs\Python\Python37\;C:\Users\illym\AppData\Local\Microsoft\WindowsApps;C:\Users\illym\AppData\Local\GitHubDesktop\bin;C:\Program Files (x86)\Nmap;C:\Program Files\Microsoft VS Code\bin;C:\Users\illym\AppData\Local\Programs\Microsoft VS Code\bin;C:\Users\illym\.dotnet\tools;C:\Users\illym\AppData\Local\Programs\Microsoft VS Code Insiders\bin;C:\Users\illym\AppData\Local\Microsoft\WindowsApps;C:\Users\illym\AppData\Roaming\Python\Python37\Scripts\;C:\Users\illym\AppData\Local\nvs\default;C:\Users\illym\AppData\Local\nvs\;C:\Users\illym\AppData\Local\Programs\Fiddler]
[TMP, C:\Users\illym\AppData\Local\Temp]
[USERDNSDOMAIN, CCC.CO.IL]
[TVT, C:\Program Files (x86)\Lenovo]
[ProgramFiles(x86), C:\Program Files (x86)]
[LOCALAPPDATA, C:\Users\illym\AppData\Local]
false
false
false
true
0
Normal
2019-08-27T10:56:20.8463745+03:00
System.Diagnostics.ProcessThreadCollection
PT0.015625S
PT0.015625S
69505024
69505024
false
7376896
7376896
dweundo
1
140
69505024
7376896
3481600
12024
C:\Program Files (x86)\dweundo\dweundo.exe
1.1
1.1
dweundo (http://purl.org/net/dweundo)
dweundo
Process
System.Diagnostics.Process (Everything)
8
false
10084
Microsoft.Win32.SafeHandles.SafeProcessHandle
false
false
247
9780
.
0
Everything.exe
C:\Program Files\Everything\Everything.exe
5368709120
2203648
5368763952
File: C:\Program Files\Everything\Everything.exe_x000D__x000A_InternalName: Everything_x000D__x000A_OriginalFilename: Everything.exe_x000D__x000A_FileVersion: 1.4.1.877_x000D__x000A_FileDescription: Everything_x000D__x000A_Product: Everything_x000D__x000A_ProductVersion: 1.4.1.877_x000D__x000A_Debug: False_x000D__x000A_Patched: False_x000D__x000A_PreRelease: False_x000D__x000A_PrivateBuild: False_x000D__x000A_SpecialBuild: False_x000D__x000A_Language: English (United States)_x000D__x000A_
2152
1.4.1.877
1.4.1.877
Everything
Everything
1413120
204800
System.Diagnostics.ProcessThreadCollection
16648
16648
88150016
88150016
231952
231952
88150016
88150016
93569024
93569024
250003456
4544970752
true
Normal
32
88150016
88150016
PT11.171875S
Everything
255
true
1
System.Diagnostics.ProcessStartInfo
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
[OneDriveConsumer, C:\Users\illym\OneDrive]
[PATHEXT, .COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC;.PL;.CPL]
[TERM_PROGRAM_VERSION, 1.37.1]
[FPS_BROWSER_USER_PROFILE_STRING, Default]
[TEMP, C:\Users\illym\AppData\Local\Temp]
[LOGONSERVER, \\DC1]
[PROCESSOR_ARCHITECTURE, AMD64]
[FPS_BROWSER_APP_PROFILE_STRING, Internet Explorer]
[USERNAME, ili]
[LANG, en_US.UTF-8]
[windir, C:\WINDOWS]
[COMPUTERNAME, ILI]
[ComSpec, C:\WINDOWS\system32\cmd.exe]
[ProgramData, C:\ProgramData]
[DriverData, C:\Windows\System32\Drivers\DriverData]
[VS140COMNTOOLS, C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\Tools\]
[PUBLIC, C:\Users\Public]
[PROCESSOR_IDENTIFIER, Intel64 Family 6 Model 60 Stepping 3, GenuineIntel]
[USERPROFILE, C:\Users\illym]
[PROCESSOR_LEVEL, 6]
[CommonProgramFiles(x86), C:\Program Files (x86)\Common Files]
[OneDrive, C:\Users\illym\OneDrive]
[USERDOMAIN, NTSERV1]
[ProgramFiles, C:\Program Files]
[ALLUSERSPROFILE, C:\ProgramData]
[SystemRoot, C:\WINDOWS]
[OPENSSL_CONF, C:\Program Files\OpenSSL-Win64\bin\openssl.cfg]
[USERDOMAIN_ROAMINGPROFILE, NTSERV1]
[JD2_HOME, C:\Users\illym\AppData\Local\JDownloader v2.0]
[APPDATA, C:\Users\illym\AppData\Roaming]
[ProgramW6432, C:\Program Files]
[NUMBER_OF_PROCESSORS, 8]
[COLORTERM, truecolor]
[HOMEPATH, \Users\illym]
[ChocolateyPath, C:\Chocolatey]
[TERM_PROGRAM, vscode]
[SESSIONNAME, Console]
[PSExecutionPolicyPreference, Bypass]
[CommonProgramFiles, C:\Program Files\Common Files]
[SystemDrive, C:]
[ChocolateyInstall, C:\ProgramData\chocolatey]
[CommonProgramW6432, C:\Program Files\Common Files]
[HOMEDRIVE, C:]
[OS, Windows_NT]
[PROCESSOR_REVISION, 3c03]
[PSModulePath, D:\ILI\Profile\Documents\WindowsPowerShell\Modules;C:\Program Files\WindowsPowerShell\Modules;C:\WINDOWS\system32\WindowsPowerShell\v1.0\Modules\;C:\Program Files (x86)\Microsoft SDKs\Azure\PowerShell\ResourceManager\AzureResourceManager;C:\Program Files (x86)\Microsoft SDKs\Azure\PowerShell\ServiceManagement;C:\Program Files\Microsoft System Center 2012 R2\Virtual Machine Manager\bin\psModules\;C:\Program Files (x86)\VMware\Infrastructure\PowerCLI\Modules;C:\Users\illym\.vscode\extensions\ms-vscode.powershell-2019.5.0\modules]
[Path, C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\iCLS\;C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Wireshark\;C:\ProgramData\chocolatey\bin;C:\Program Files\OpenSSL-Win64\bin;C:\Strawberry\c\bin;C:\Strawberry\perl\site\bin;C:\Strawberry\perl\bin;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files\OpenSSH\;C:\Program Files\PuTTY\;C:\Program Files\php\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\Microsoft SQL Server\130\Tools\Binn\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\PowerShell\6-preview\preview;C:\Program Files\Git\cmd;C:\Program Files\PowerShell\6\;C:\Program Files\dotnet\;C:\Program Files\Microsoft SQL Server\Client SDK\ODBC\170\Tools\Binn\;C:\Program Files\PowerShell\6.0.5\;C:\Program Files\PowerShell\7-preview\preview;C:\Users\illym\AppData\Local\Programs\Python\Python37\Scripts\;C:\Users\illym\AppData\Local\Programs\Python\Python37\;C:\Users\illym\AppData\Local\Microsoft\WindowsApps;C:\Users\illym\AppData\Local\GitHubDesktop\bin;C:\Program Files (x86)\Nmap;C:\Program Files\Microsoft VS Code\bin;C:\Users\illym\AppData\Local\Programs\Microsoft VS Code\bin;C:\Users\illym\.dotnet\tools;C:\Users\illym\AppData\Local\Programs\Microsoft VS Code Insiders\bin;C:\Users\illym\AppData\Local\Microsoft\WindowsApps;C:\Users\illym\AppData\Roaming\Python\Python37\Scripts\;C:\Users\illym\AppData\Local\nvs\default;C:\Users\illym\AppData\Local\nvs\;C:\Users\illym\AppData\Local\Programs\Fiddler]
[TMP, C:\Users\illym\AppData\Local\Temp]
[USERDNSDOMAIN, CCC.CO.IL]
[TVT, C:\Program Files (x86)\Lenovo]
[ProgramFiles(x86), C:\Program Files (x86)]
[LOCALAPPDATA, C:\Users\illym\AppData\Local]
false
false
false
true
0
Normal
2019-08-27T10:56:02.8003554+03:00
System.Diagnostics.ProcessThreadCollection
PT1M5.484375S
PT54.3125S
242663424
4537630720
false
92327936
92327936
Everything
1
247
4537630720
92327936
88150016
16648
C:\Program Files\Everything\Everything.exe
1.4.1.877
1.4.1.877
Everything
Everything
Process
System.Diagnostics.Process (fdm)
8
false
4212
Microsoft.Win32.SafeHandles.SafeProcessHandle
false
false
956
14972
.
0
fdm.exe
C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\fdm.exe
140695710007296
10248192
140695716260092
File: C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\fdm.exe_x000D__x000A_InternalName: _x000D__x000A_OriginalFilename: fdm.exe_x000D__x000A_FileVersion: 5.1.38.7312_x000D__x000A_FileDescription: Free Download Manager_x000D__x000A_Product: Free Download Manager_x000D__x000A_ProductVersion: 5.1.38.7312_x000D__x000A_Debug: False_x000D__x000A_Patched: False_x000D__x000A_PreRelease: False_x000D__x000A_PrivateBuild: False_x000D__x000A_SpecialBuild: False_x000D__x000A_Language: English (United States)_x000D__x000A_
10008
FreeDownloadManager.org
5.1.38.7312
5.1.38.7312
Free Download Manager
Free Download Manager
1413120
204800
System.Diagnostics.ProcessThreadCollection
67328
67328
130387968
130387968
908224
908224
176160768
176160768
166035456
166035456
1364267008
5659234304
true
Normal
32
130387968
130387968
PT5.203125S
fdm
255
true
1
System.Diagnostics.ProcessStartInfo
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
[OneDriveConsumer, C:\Users\illym\OneDrive]
[PATHEXT, .COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC;.PL;.CPL]
[TERM_PROGRAM_VERSION, 1.37.1]
[FPS_BROWSER_USER_PROFILE_STRING, Default]
[TEMP, C:\Users\illym\AppData\Local\Temp]
[LOGONSERVER, \\DC1]
[PROCESSOR_ARCHITECTURE, AMD64]
[FPS_BROWSER_APP_PROFILE_STRING, Internet Explorer]
[USERNAME, ili]
[LANG, en_US.UTF-8]
[windir, C:\WINDOWS]
[COMPUTERNAME, ILI]
[ComSpec, C:\WINDOWS\system32\cmd.exe]
[ProgramData, C:\ProgramData]
[DriverData, C:\Windows\System32\Drivers\DriverData]
[VS140COMNTOOLS, C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\Tools\]
[PUBLIC, C:\Users\Public]
[PROCESSOR_IDENTIFIER, Intel64 Family 6 Model 60 Stepping 3, GenuineIntel]
[USERPROFILE, C:\Users\illym]
[PROCESSOR_LEVEL, 6]
[CommonProgramFiles(x86), C:\Program Files (x86)\Common Files]
[OneDrive, C:\Users\illym\OneDrive]
[USERDOMAIN, NTSERV1]
[ProgramFiles, C:\Program Files]
[ALLUSERSPROFILE, C:\ProgramData]
[SystemRoot, C:\WINDOWS]
[OPENSSL_CONF, C:\Program Files\OpenSSL-Win64\bin\openssl.cfg]
[USERDOMAIN_ROAMINGPROFILE, NTSERV1]
[JD2_HOME, C:\Users\illym\AppData\Local\JDownloader v2.0]
[APPDATA, C:\Users\illym\AppData\Roaming]
[ProgramW6432, C:\Program Files]
[NUMBER_OF_PROCESSORS, 8]
[COLORTERM, truecolor]
[HOMEPATH, \Users\illym]
[ChocolateyPath, C:\Chocolatey]
[TERM_PROGRAM, vscode]
[SESSIONNAME, Console]
[PSExecutionPolicyPreference, Bypass]
[CommonProgramFiles, C:\Program Files\Common Files]
[SystemDrive, C:]
[ChocolateyInstall, C:\ProgramData\chocolatey]
[CommonProgramW6432, C:\Program Files\Common Files]
[HOMEDRIVE, C:]
[OS, Windows_NT]
[PROCESSOR_REVISION, 3c03]
[PSModulePath, D:\ILI\Profile\Documents\WindowsPowerShell\Modules;C:\Program Files\WindowsPowerShell\Modules;C:\WINDOWS\system32\WindowsPowerShell\v1.0\Modules\;C:\Program Files (x86)\Microsoft SDKs\Azure\PowerShell\ResourceManager\AzureResourceManager;C:\Program Files (x86)\Microsoft SDKs\Azure\PowerShell\ServiceManagement;C:\Program Files\Microsoft System Center 2012 R2\Virtual Machine Manager\bin\psModules\;C:\Program Files (x86)\VMware\Infrastructure\PowerCLI\Modules;C:\Users\illym\.vscode\extensions\ms-vscode.powershell-2019.5.0\modules]
[Path, C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\iCLS\;C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Wireshark\;C:\ProgramData\chocolatey\bin;C:\Program Files\OpenSSL-Win64\bin;C:\Strawberry\c\bin;C:\Strawberry\perl\site\bin;C:\Strawberry\perl\bin;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files\OpenSSH\;C:\Program Files\PuTTY\;C:\Program Files\php\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\Microsoft SQL Server\130\Tools\Binn\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\PowerShell\6-preview\preview;C:\Program Files\Git\cmd;C:\Program Files\PowerShell\6\;C:\Program Files\dotnet\;C:\Program Files\Microsoft SQL Server\Client SDK\ODBC\170\Tools\Binn\;C:\Program Files\PowerShell\6.0.5\;C:\Program Files\PowerShell\7-preview\preview;C:\Users\illym\AppData\Local\Programs\Python\Python37\Scripts\;C:\Users\illym\AppData\Local\Programs\Python\Python37\;C:\Users\illym\AppData\Local\Microsoft\WindowsApps;C:\Users\illym\AppData\Local\GitHubDesktop\bin;C:\Program Files (x86)\Nmap;C:\Program Files\Microsoft VS Code\bin;C:\Users\illym\AppData\Local\Programs\Microsoft VS Code\bin;C:\Users\illym\.dotnet\tools;C:\Users\illym\AppData\Local\Programs\Microsoft VS Code Insiders\bin;C:\Users\illym\AppData\Local\Microsoft\WindowsApps;C:\Users\illym\AppData\Roaming\Python\Python37\Scripts\;C:\Users\illym\AppData\Local\nvs\default;C:\Users\illym\AppData\Local\nvs\;C:\Users\illym\AppData\Local\Programs\Fiddler]
[TMP, C:\Users\illym\AppData\Local\Temp]
[USERDNSDOMAIN, CCC.CO.IL]
[TVT, C:\Program Files (x86)\Lenovo]
[ProgramFiles(x86), C:\Program Files (x86)]
[LOCALAPPDATA, C:\Users\illym\AppData\Local]
false
false
false
true
0
Normal
2019-08-27T10:56:15.3434446+03:00
System.Diagnostics.ProcessThreadCollection
PT8.96875S
PT3.765625S
1328422912
5623390208
false
90644480
90644480
fdm
1
956
5623390208
90644480
130387968
67328
C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\fdm.exe
FreeDownloadManager.org
8.96875
5.1.38.7312
5.1.38.7312
Free Download Manager
Free Download Manager
Process
System.Diagnostics.Process (firefox)
8
false
13208
Microsoft.Win32.SafeHandles.SafeProcessHandle
false
false
1601
656
.
0
firefox.exe
C:\Program Files\Mozilla Firefox\firefox.exe
140695213506560
606208
140695213813968
File: C:\Program Files\Mozilla Firefox\firefox.exe_x000D__x000A_InternalName: Firefox_x000D__x000A_OriginalFilename: firefox.exe_x000D__x000A_FileVersion: 68.0.2_x000D__x000A_FileDescription: Firefox_x000D__x000A_Product: Firefox_x000D__x000A_ProductVersion: 68.0.2_x000D__x000A_Debug: False_x000D__x000A_Patched: False_x000D__x000A_PreRelease: False_x000D__x000A_PrivateBuild: False_x000D__x000A_SpecialBuild: False_x000D__x000A_Language: Language Neutral_x000D__x000A_
592
Mozilla Corporation
68.0.2
68.0.2
Firefox
Firefox
1413120
204800
System.Diagnostics.ProcessThreadCollection
136504
136504
208261120
208261120
1709408
1709408
240967680
240967680
293175296
293175296
-808570880
2206804619264
true
Normal
32
208261120
208261120
PT1.921875S
firefox
255
true
1
System.Diagnostics.ProcessStartInfo
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
[OneDriveConsumer, C:\Users\illym\OneDrive]
[PATHEXT, .COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC;.PL;.CPL]
[TERM_PROGRAM_VERSION, 1.37.1]
[FPS_BROWSER_USER_PROFILE_STRING, Default]
[TEMP, C:\Users\illym\AppData\Local\Temp]
[LOGONSERVER, \\DC1]
[PROCESSOR_ARCHITECTURE, AMD64]
[FPS_BROWSER_APP_PROFILE_STRING, Internet Explorer]
[USERNAME, ili]
[LANG, en_US.UTF-8]
[windir, C:\WINDOWS]
[COMPUTERNAME, ILI]
[ComSpec, C:\WINDOWS\system32\cmd.exe]
[ProgramData, C:\ProgramData]
[DriverData, C:\Windows\System32\Drivers\DriverData]
[VS140COMNTOOLS, C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\Tools\]
[PUBLIC, C:\Users\Public]
[PROCESSOR_IDENTIFIER, Intel64 Family 6 Model 60 Stepping 3, GenuineIntel]
[USERPROFILE, C:\Users\illym]
[PROCESSOR_LEVEL, 6]
[CommonProgramFiles(x86), C:\Program Files (x86)\Common Files]
[OneDrive, C:\Users\illym\OneDrive]
[USERDOMAIN, NTSERV1]
[ProgramFiles, C:\Program Files]
[ALLUSERSPROFILE, C:\ProgramData]
[SystemRoot, C:\WINDOWS]
[OPENSSL_CONF, C:\Program Files\OpenSSL-Win64\bin\openssl.cfg]
[USERDOMAIN_ROAMINGPROFILE, NTSERV1]
[JD2_HOME, C:\Users\illym\AppData\Local\JDownloader v2.0]
[APPDATA, C:\Users\illym\AppData\Roaming]
[ProgramW6432, C:\Program Files]
[NUMBER_OF_PROCESSORS, 8]
[COLORTERM, truecolor]
[HOMEPATH, \Users\illym]
[ChocolateyPath, C:\Chocolatey]
[TERM_PROGRAM, vscode]
[SESSIONNAME, Console]
[PSExecutionPolicyPreference, Bypass]
[CommonProgramFiles, C:\Program Files\Common Files]
[SystemDrive, C:]
[ChocolateyInstall, C:\ProgramData\chocolatey]
[CommonProgramW6432, C:\Program Files\Common Files]
[HOMEDRIVE, C:]
[OS, Windows_NT]
[PROCESSOR_REVISION, 3c03]
[PSModulePath, D:\ILI\Profile\Documents\WindowsPowerShell\Modules;C:\Program Files\WindowsPowerShell\Modules;C:\WINDOWS\system32\WindowsPowerShell\v1.0\Modules\;C:\Program Files (x86)\Microsoft SDKs\Azure\PowerShell\ResourceManager\AzureResourceManager;C:\Program Files (x86)\Microsoft SDKs\Azure\PowerShell\ServiceManagement;C:\Program Files\Microsoft System Center 2012 R2\Virtual Machine Manager\bin\psModules\;C:\Program Files (x86)\VMware\Infrastructure\PowerCLI\Modules;C:\Users\illym\.vscode\extensions\ms-vscode.powershell-2019.5.0\modules]
[Path, C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\iCLS\;C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Wireshark\;C:\ProgramData\chocolatey\bin;C:\Program Files\OpenSSL-Win64\bin;C:\Strawberry\c\bin;C:\Strawberry\perl\site\bin;C:\Strawberry\perl\bin;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files\OpenSSH\;C:\Program Files\PuTTY\;C:\Program Files\php\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\Microsoft SQL Server\130\Tools\Binn\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\PowerShell\6-preview\preview;C:\Program Files\Git\cmd;C:\Program Files\PowerShell\6\;C:\Program Files\dotnet\;C:\Program Files\Microsoft SQL Server\Client SDK\ODBC\170\Tools\Binn\;C:\Program Files\PowerShell\6.0.5\;C:\Program Files\PowerShell\7-preview\preview;C:\Users\illym\AppData\Local\Programs\Python\Python37\Scripts\;C:\Users\illym\AppData\Local\Programs\Python\Python37\;C:\Users\illym\AppData\Local\Microsoft\WindowsApps;C:\Users\illym\AppData\Local\GitHubDesktop\bin;C:\Program Files (x86)\Nmap;C:\Program Files\Microsoft VS Code\bin;C:\Users\illym\AppData\Local\Programs\Microsoft VS Code\bin;C:\Users\illym\.dotnet\tools;C:\Users\illym\AppData\Local\Programs\Microsoft VS Code Insiders\bin;C:\Users\illym\AppData\Local\Microsoft\WindowsApps;C:\Users\illym\AppData\Roaming\Python\Python37\Scripts\;C:\Users\illym\AppData\Local\nvs\default;C:\Users\illym\AppData\Local\nvs\;C:\Users\illym\AppData\Local\Programs\Fiddler]
[TMP, C:\Users\illym\AppData\Local\Temp]
[USERDNSDOMAIN, CCC.CO.IL]
[TVT, C:\Program Files (x86)\Lenovo]
[ProgramFiles(x86), C:\Program Files (x86)]
[LOCALAPPDATA, C:\Users\illym\AppData\Local]
false
false
false
true
0
Normal
2019-08-27T14:31:38.2846991+03:00
System.Diagnostics.ProcessThreadCollection
PT16.203125S
PT14.28125S
-832069632
2206781120512
false
198844416
198844416
firefox
1
1601
2206781120512
198844416
208261120
136504
C:\Program Files\Mozilla Firefox\firefox.exe
Mozilla Corporation
16.203125
68.0.2
68.0.2
Firefox
Firefox
Process
System.Diagnostics.Process (firefox)
8
false
11848
Microsoft.Win32.SafeHandles.SafeProcessHandle
false
false
1537
2576
.
0
firefox.exe
C:\Program Files\Mozilla Firefox\firefox.exe
140695213506560
606208
140695213813968
File: C:\Program Files\Mozilla Firefox\firefox.exe_x000D__x000A_InternalName: Firefox_x000D__x000A_OriginalFilename: firefox.exe_x000D__x000A_FileVersion: 68.0.2_x000D__x000A_FileDescription: Firefox_x000D__x000A_Product: Firefox_x000D__x000A_ProductVersion: 68.0.2_x000D__x000A_Debug: False_x000D__x000A_Patched: False_x000D__x000A_PreRelease: False_x000D__x000A_PrivateBuild: False_x000D__x000A_SpecialBuild: False_x000D__x000A_Language: Language Neutral_x000D__x000A_
592
Mozilla Corporation
68.0.2
68.0.2
Firefox
Firefox
1413120
204800
System.Diagnostics.ProcessThreadCollection
146072
146072
120373248
120373248
1597024
1597024
331005952
331005952
300834816
300834816
-884568064
2206728622080
true
Normal
32
120373248
120373248
PT3.453125S
firefox
255
true
1
System.Diagnostics.ProcessStartInfo
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
[OneDriveConsumer, C:\Users\illym\OneDrive]
[PATHEXT, .COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC;.PL;.CPL]
[TERM_PROGRAM_VERSION, 1.37.1]
[FPS_BROWSER_USER_PROFILE_STRING, Default]
[TEMP, C:\Users\illym\AppData\Local\Temp]
[LOGONSERVER, \\DC1]
[PROCESSOR_ARCHITECTURE, AMD64]
[FPS_BROWSER_APP_PROFILE_STRING, Internet Explorer]
[USERNAME, ili]
[LANG, en_US.UTF-8]
[windir, C:\WINDOWS]
[COMPUTERNAME, ILI]
[ComSpec, C:\WINDOWS\system32\cmd.exe]
[ProgramData, C:\ProgramData]
[DriverData, C:\Windows\System32\Drivers\DriverData]
[VS140COMNTOOLS, C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\Tools\]
[PUBLIC, C:\Users\Public]
[PROCESSOR_IDENTIFIER, Intel64 Family 6 Model 60 Stepping 3, GenuineIntel]
[USERPROFILE, C:\Users\illym]
[PROCESSOR_LEVEL, 6]
[CommonProgramFiles(x86), C:\Program Files (x86)\Common Files]
[OneDrive, C:\Users\illym\OneDrive]
[USERDOMAIN, NTSERV1]
[ProgramFiles, C:\Program Files]
[ALLUSERSPROFILE, C:\ProgramData]
[SystemRoot, C:\WINDOWS]
[OPENSSL_CONF, C:\Program Files\OpenSSL-Win64\bin\openssl.cfg]
[USERDOMAIN_ROAMINGPROFILE, NTSERV1]
[JD2_HOME, C:\Users\illym\AppData\Local\JDownloader v2.0]
[APPDATA, C:\Users\illym\AppData\Roaming]
[ProgramW6432, C:\Program Files]
[NUMBER_OF_PROCESSORS, 8]
[COLORTERM, truecolor]
[HOMEPATH, \Users\illym]
[ChocolateyPath, C:\Chocolatey]
[TERM_PROGRAM, vscode]
[SESSIONNAME, Console]
[PSExecutionPolicyPreference, Bypass]
[CommonProgramFiles, C:\Program Files\Common Files]
[SystemDrive, C:]
[ChocolateyInstall, C:\ProgramData\chocolatey]
[CommonProgramW6432, C:\Program Files\Common Files]
[HOMEDRIVE, C:]
[OS, Windows_NT]
[PROCESSOR_REVISION, 3c03]
[PSModulePath, D:\ILI\Profile\Documents\WindowsPowerShell\Modules;C:\Program Files\WindowsPowerShell\Modules;C:\WINDOWS\system32\WindowsPowerShell\v1.0\Modules\;C:\Program Files (x86)\Microsoft SDKs\Azure\PowerShell\ResourceManager\AzureResourceManager;C:\Program Files (x86)\Microsoft SDKs\Azure\PowerShell\ServiceManagement;C:\Program Files\Microsoft System Center 2012 R2\Virtual Machine Manager\bin\psModules\;C:\Program Files (x86)\VMware\Infrastructure\PowerCLI\Modules;C:\Users\illym\.vscode\extensions\ms-vscode.powershell-2019.5.0\modules]
[Path, C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\iCLS\;C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Wireshark\;C:\ProgramData\chocolatey\bin;C:\Program Files\OpenSSL-Win64\bin;C:\Strawberry\c\bin;C:\Strawberry\perl\site\bin;C:\Strawberry\perl\bin;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files\OpenSSH\;C:\Program Files\PuTTY\;C:\Program Files\php\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\Microsoft SQL Server\130\Tools\Binn\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\PowerShell\6-preview\preview;C:\Program Files\Git\cmd;C:\Program Files\PowerShell\6\;C:\Program Files\dotnet\;C:\Program Files\Microsoft SQL Server\Client SDK\ODBC\170\Tools\Binn\;C:\Program Files\PowerShell\6.0.5\;C:\Program Files\PowerShell\7-preview\preview;C:\Users\illym\AppData\Local\Programs\Python\Python37\Scripts\;C:\Users\illym\AppData\Local\Programs\Python\Python37\;C:\Users\illym\AppData\Local\Microsoft\WindowsApps;C:\Users\illym\AppData\Local\GitHubDesktop\bin;C:\Program Files (x86)\Nmap;C:\Program Files\Microsoft VS Code\bin;C:\Users\illym\AppData\Local\Programs\Microsoft VS Code\bin;C:\Users\illym\.dotnet\tools;C:\Users\illym\AppData\Local\Programs\Microsoft VS Code Insiders\bin;C:\Users\illym\AppData\Local\Microsoft\WindowsApps;C:\Users\illym\AppData\Roaming\Python\Python37\Scripts\;C:\Users\illym\AppData\Local\nvs\default;C:\Users\illym\AppData\Local\nvs\;C:\Users\illym\AppData\Local\Programs\Fiddler]
[TMP, C:\Users\illym\AppData\Local\Temp]
[USERDNSDOMAIN, CCC.CO.IL]
[TVT, C:\Program Files (x86)\Lenovo]
[ProgramFiles(x86), C:\Program Files (x86)]
[LOCALAPPDATA, C:\Users\illym\AppData\Local]
false
false
false
true
0
Normal
2019-08-27T13:56:19.6329372+03:00
System.Diagnostics.ProcessThreadCollection
PT35.015625S
PT31.5625S
-929198080
2206683992064
false
134737920
134737920
firefox
1
1537
2206683992064
134737920
120373248
146072
C:\Program Files\Mozilla Firefox\firefox.exe
Mozilla Corporation
35.015625
68.0.2
68.0.2
Firefox
Firefox
Process
System.Diagnostics.Process (firefox)
8
false
14956
Microsoft.Win32.SafeHandles.SafeProcessHandle
false
false
1503
10108
.
0
firefox.exe
C:\Program Files\Mozilla Firefox\firefox.exe
140695213506560
606208
140695213813968
File: C:\Program Files\Mozilla Firefox\firefox.exe_x000D__x000A_InternalName: Firefox_x000D__x000A_OriginalFilename: firefox.exe_x000D__x000A_FileVersion: 68.0.2_x000D__x000A_FileDescription: Firefox_x000D__x000A_Product: Firefox_x000D__x000A_ProductVersion: 68.0.2_x000D__x000A_Debug: False_x000D__x000A_Patched: False_x000D__x000A_PreRelease: False_x000D__x000A_PrivateBuild: False_x000D__x000A_SpecialBuild: False_x000D__x000A_Language: Language Neutral_x000D__x000A_
592
Mozilla Corporation
68.0.2
68.0.2
Firefox
Firefox
1413120
204800
System.Diagnostics.ProcessThreadCollection
115352
115352
100982784
100982784
1538656
1538656
115798016
115798016
167231488
167231488
-1156718592
2206456471552
true
Normal
32
100982784
100982784
PT0.5S
firefox
255
true
1
System.Diagnostics.ProcessStartInfo
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
[OneDriveConsumer, C:\Users\illym\OneDrive]
[PATHEXT, .COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC;.PL;.CPL]
[TERM_PROGRAM_VERSION, 1.37.1]
[FPS_BROWSER_USER_PROFILE_STRING, Default]
[TEMP, C:\Users\illym\AppData\Local\Temp]
[LOGONSERVER, \\DC1]
[PROCESSOR_ARCHITECTURE, AMD64]
[FPS_BROWSER_APP_PROFILE_STRING, Internet Explorer]
[USERNAME, ili]
[LANG, en_US.UTF-8]
[windir, C:\WINDOWS]
[COMPUTERNAME, ILI]
[ComSpec, C:\WINDOWS\system32\cmd.exe]
[ProgramData, C:\ProgramData]
[DriverData, C:\Windows\System32\Drivers\DriverData]
[VS140COMNTOOLS, C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\Tools\]
[PUBLIC, C:\Users\Public]
[PROCESSOR_IDENTIFIER, Intel64 Family 6 Model 60 Stepping 3, GenuineIntel]
[USERPROFILE, C:\Users\illym]
[PROCESSOR_LEVEL, 6]
[CommonProgramFiles(x86), C:\Program Files (x86)\Common Files]
[OneDrive, C:\Users\illym\OneDrive]
[USERDOMAIN, NTSERV1]
[ProgramFiles, C:\Program Files]
[ALLUSERSPROFILE, C:\ProgramData]
[SystemRoot, C:\WINDOWS]
[OPENSSL_CONF, C:\Program Files\OpenSSL-Win64\bin\openssl.cfg]
[USERDOMAIN_ROAMINGPROFILE, NTSERV1]
[JD2_HOME, C:\Users\illym\AppData\Local\JDownloader v2.0]
[APPDATA, C:\Users\illym\AppData\Roaming]
[ProgramW6432, C:\Program Files]
[NUMBER_OF_PROCESSORS, 8]
[COLORTERM, truecolor]
[HOMEPATH, \Users\illym]
[ChocolateyPath, C:\Chocolatey]
[TERM_PROGRAM, vscode]
[SESSIONNAME, Console]
[PSExecutionPolicyPreference, Bypass]
[CommonProgramFiles, C:\Program Files\Common Files]
[SystemDrive, C:]
[ChocolateyInstall, C:\ProgramData\chocolatey]
[CommonProgramW6432, C:\Program Files\Common Files]
[HOMEDRIVE, C:]
[OS, Windows_NT]
[PROCESSOR_REVISION, 3c03]
[PSModulePath, D:\ILI\Profile\Documents\WindowsPowerShell\Modules;C:\Program Files\WindowsPowerShell\Modules;C:\WINDOWS\system32\WindowsPowerShell\v1.0\Modules\;C:\Program Files (x86)\Microsoft SDKs\Azure\PowerShell\ResourceManager\AzureResourceManager;C:\Program Files (x86)\Microsoft SDKs\Azure\PowerShell\ServiceManagement;C:\Program Files\Microsoft System Center 2012 R2\Virtual Machine Manager\bin\psModules\;C:\Program Files (x86)\VMware\Infrastructure\PowerCLI\Modules;C:\Users\illym\.vscode\extensions\ms-vscode.powershell-2019.5.0\modules]
[Path, C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\iCLS\;C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Wireshark\;C:\ProgramData\chocolatey\bin;C:\Program Files\OpenSSL-Win64\bin;C:\Strawberry\c\bin;C:\Strawberry\perl\site\bin;C:\Strawberry\perl\bin;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files\OpenSSH\;C:\Program Files\PuTTY\;C:\Program Files\php\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\Microsoft SQL Server\130\Tools\Binn\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\PowerShell\6-preview\preview;C:\Program Files\Git\cmd;C:\Program Files\PowerShell\6\;C:\Program Files\dotnet\;C:\Program Files\Microsoft SQL Server\Client SDK\ODBC\170\Tools\Binn\;C:\Program Files\PowerShell\6.0.5\;C:\Program Files\PowerShell\7-preview\preview;C:\Users\illym\AppData\Local\Programs\Python\Python37\Scripts\;C:\Users\illym\AppData\Local\Programs\Python\Python37\;C:\Users\illym\AppData\Local\Microsoft\WindowsApps;C:\Users\illym\AppData\Local\GitHubDesktop\bin;C:\Program Files (x86)\Nmap;C:\Program Files\Microsoft VS Code\bin;C:\Users\illym\AppData\Local\Programs\Microsoft VS Code\bin;C:\Users\illym\.dotnet\tools;C:\Users\illym\AppData\Local\Programs\Microsoft VS Code Insiders\bin;C:\Users\illym\AppData\Local\Microsoft\WindowsApps;C:\Users\illym\AppData\Roaming\Python\Python37\Scripts\;C:\Users\illym\AppData\Local\nvs\default;C:\Users\illym\AppData\Local\nvs\;C:\Users\illym\AppData\Local\Programs\Fiddler]
[TMP, C:\Users\illym\AppData\Local\Temp]
[USERDNSDOMAIN, CCC.CO.IL]
[TVT, C:\Program Files (x86)\Lenovo]
[ProgramFiles(x86), C:\Program Files (x86)]
[LOCALAPPDATA, C:\Users\illym\AppData\Local]
false
false
false
true
0
Normal
2019-08-27T19:14:36.6065595+03:00
System.Diagnostics.ProcessThreadCollection
PT3.671875S
PT3.171875S
-1162158080
2206451032064
false
132882432
132882432
firefox
1
1503
2206451032064
132882432
100982784
115352
C:\Program Files\Mozilla Firefox\firefox.exe
Mozilla Corporation
3.671875
68.0.2
68.0.2
Firefox
Firefox
Process
System.Diagnostics.Process (firefox)
8
false
16076
Microsoft.Win32.SafeHandles.SafeProcessHandle
false
false
1433
16092
.
0
firefox.exe
C:\Program Files\Mozilla Firefox\firefox.exe
140695213506560
606208
140695213813968
File: C:\Program Files\Mozilla Firefox\firefox.exe_x000D__x000A_InternalName: Firefox_x000D__x000A_OriginalFilename: firefox.exe_x000D__x000A_FileVersion: 68.0.2_x000D__x000A_FileDescription: Firefox_x000D__x000A_Product: Firefox_x000D__x000A_ProductVersion: 68.0.2_x000D__x000A_Debug: False_x000D__x000A_Patched: False_x000D__x000A_PreRelease: False_x000D__x000A_PrivateBuild: False_x000D__x000A_SpecialBuild: False_x000D__x000A_Language: Language Neutral_x000D__x000A_
592
Mozilla Corporation
68.0.2
68.0.2
Firefox
Firefox
1413120
204800
System.Diagnostics.ProcessThreadCollection
139448
139448
203829248
203829248
1709112
1709112
363675648
363675648
365461504
365461504
-658911232
2206954278912
true
Normal
32
203829248
203829248
PT9.125S
firefox
255
true
1
System.Diagnostics.ProcessStartInfo
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
[OneDriveConsumer, C:\Users\illym\OneDrive]
[PATHEXT, .COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC;.PL;.CPL]
[TERM_PROGRAM_VERSION, 1.37.1]
[FPS_BROWSER_USER_PROFILE_STRING, Default]
[TEMP, C:\Users\illym\AppData\Local\Temp]
[LOGONSERVER, \\DC1]
[PROCESSOR_ARCHITECTURE, AMD64]
[FPS_BROWSER_APP_PROFILE_STRING, Internet Explorer]
[USERNAME, ili]
[LANG, en_US.UTF-8]
[windir, C:\WINDOWS]
[COMPUTERNAME, ILI]
[ComSpec, C:\WINDOWS\system32\cmd.exe]
[ProgramData, C:\ProgramData]
[DriverData, C:\Windows\System32\Drivers\DriverData]
[VS140COMNTOOLS, C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\Tools\]
[PUBLIC, C:\Users\Public]
[PROCESSOR_IDENTIFIER, Intel64 Family 6 Model 60 Stepping 3, GenuineIntel]
[USERPROFILE, C:\Users\illym]
[PROCESSOR_LEVEL, 6]
[CommonProgramFiles(x86), C:\Program Files (x86)\Common Files]
[OneDrive, C:\Users\illym\OneDrive]
[USERDOMAIN, NTSERV1]
[ProgramFiles, C:\Program Files]
[ALLUSERSPROFILE, C:\ProgramData]
[SystemRoot, C:\WINDOWS]
[OPENSSL_CONF, C:\Program Files\OpenSSL-Win64\bin\openssl.cfg]
[USERDOMAIN_ROAMINGPROFILE, NTSERV1]
[JD2_HOME, C:\Users\illym\AppData\Local\JDownloader v2.0]
[APPDATA, C:\Users\illym\AppData\Roaming]
[ProgramW6432, C:\Program Files]
[NUMBER_OF_PROCESSORS, 8]
[COLORTERM, truecolor]
[HOMEPATH, \Users\illym]
[ChocolateyPath, C:\Chocolatey]
[TERM_PROGRAM, vscode]
[SESSIONNAME, Console]
[PSExecutionPolicyPreference, Bypass]
[CommonProgramFiles, C:\Program Files\Common Files]
[SystemDrive, C:]
[ChocolateyInstall, C:\ProgramData\chocolatey]
[CommonProgramW6432, C:\Program Files\Common Files]
[HOMEDRIVE, C:]
[OS, Windows_NT]
[PROCESSOR_REVISION, 3c03]
[PSModulePath, D:\ILI\Profile\Documents\WindowsPowerShell\Modules;C:\Program Files\WindowsPowerShell\Modules;C:\WINDOWS\system32\WindowsPowerShell\v1.0\Modules\;C:\Program Files (x86)\Microsoft SDKs\Azure\PowerShell\ResourceManager\AzureResourceManager;C:\Program Files (x86)\Microsoft SDKs\Azure\PowerShell\ServiceManagement;C:\Program Files\Microsoft System Center 2012 R2\Virtual Machine Manager\bin\psModules\;C:\Program Files (x86)\VMware\Infrastructure\PowerCLI\Modules;C:\Users\illym\.vscode\extensions\ms-vscode.powershell-2019.5.0\modules]
[Path, C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\iCLS\;C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Wireshark\;C:\ProgramData\chocolatey\bin;C:\Program Files\OpenSSL-Win64\bin;C:\Strawberry\c\bin;C:\Strawberry\perl\site\bin;C:\Strawberry\perl\bin;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files\OpenSSH\;C:\Program Files\PuTTY\;C:\Program Files\php\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\Microsoft SQL Server\130\Tools\Binn\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\PowerShell\6-preview\preview;C:\Program Files\Git\cmd;C:\Program Files\PowerShell\6\;C:\Program Files\dotnet\;C:\Program Files\Microsoft SQL Server\Client SDK\ODBC\170\Tools\Binn\;C:\Program Files\PowerShell\6.0.5\;C:\Program Files\PowerShell\7-preview\preview;C:\Users\illym\AppData\Local\Programs\Python\Python37\Scripts\;C:\Users\illym\AppData\Local\Programs\Python\Python37\;C:\Users\illym\AppData\Local\Microsoft\WindowsApps;C:\Users\illym\AppData\Local\GitHubDesktop\bin;C:\Program Files (x86)\Nmap;C:\Program Files\Microsoft VS Code\bin;C:\Users\illym\AppData\Local\Programs\Microsoft VS Code\bin;C:\Users\illym\.dotnet\tools;C:\Users\illym\AppData\Local\Programs\Microsoft VS Code Insiders\bin;C:\Users\illym\AppData\Local\Microsoft\WindowsApps;C:\Users\illym\AppData\Roaming\Python\Python37\Scripts\;C:\Users\illym\AppData\Local\nvs\default;C:\Users\illym\AppData\Local\nvs\;C:\Users\illym\AppData\Local\Programs\Fiddler]
[TMP, C:\Users\illym\AppData\Local\Temp]
[USERDNSDOMAIN, CCC.CO.IL]
[TVT, C:\Program Files (x86)\Lenovo]
[ProgramFiles(x86), C:\Program Files (x86)]
[LOCALAPPDATA, C:\Users\illym\AppData\Local]
false
false
false
true
0
Normal
2019-08-27T10:56:40.4452145+03:00
System.Diagnostics.ProcessThreadCollection
PT1M21.015625S
PT1M11.890625S
-695328768
2206917861376
false
216018944
216018944
firefox
1
1433
2206917861376
216018944
203829248
139448
C:\Program Files\Mozilla Firefox\firefox.exe
Mozilla Corporation
81.015625
68.0.2
68.0.2
Firefox
Firefox
Process
System.Diagnostics.Process (firefox)
8
false
14648
Microsoft.Win32.SafeHandles.SafeProcessHandle
false
false
2185
16716
.
67132
StartInfo - Google Search - Mozilla Firefox
System.Diagnostics.ProcessModule (firefox.exe)
firefox.exe
C:\Program Files\Mozilla Firefox\firefox.exe
140695213506560
606208
140695213813968
File: C:\Program Files\Mozilla Firefox\firefox.exe_x000D__x000A_InternalName: Firefox_x000D__x000A_OriginalFilename: firefox.exe_x000D__x000A_FileVersion: 68.0.2_x000D__x000A_FileDescription: Firefox_x000D__x000A_Product: Firefox_x000D__x000A_ProductVersion: 68.0.2_x000D__x000A_Debug: False_x000D__x000A_Patched: False_x000D__x000A_PreRelease: False_x000D__x000A_PrivateBuild: False_x000D__x000A_SpecialBuild: False_x000D__x000A_Language: Language Neutral_x000D__x000A_
592
Mozilla Corporation
68.0.2
68.0.2
Firefox
Firefox
1413120
204800
System.Diagnostics.ProcessThreadCollection
346064
346064
932839424
932839424
1492728
1492728
2142216192
2142216192
1811857408
1811857408
1115385856
2208728576000
true
Normal
32
932839424
932839424
PT5M45.828125S
firefox
255
true
1
System.Diagnostics.ProcessStartInfo
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
[OneDriveConsumer, C:\Users\illym\OneDrive]
[PATHEXT, .COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC;.PL;.CPL]
[TERM_PROGRAM_VERSION, 1.37.1]
[FPS_BROWSER_USER_PROFILE_STRING, Default]
[TEMP, C:\Users\illym\AppData\Local\Temp]
[LOGONSERVER, \\DC1]
[PROCESSOR_ARCHITECTURE, AMD64]
[FPS_BROWSER_APP_PROFILE_STRING, Internet Explorer]
[USERNAME, ili]
[LANG, en_US.UTF-8]
[windir, C:\WINDOWS]
[COMPUTERNAME, ILI]
[ComSpec, C:\WINDOWS\system32\cmd.exe]
[ProgramData, C:\ProgramData]
[DriverData, C:\Windows\System32\Drivers\DriverData]
[VS140COMNTOOLS, C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\Tools\]
[PUBLIC, C:\Users\Public]
[PROCESSOR_IDENTIFIER, Intel64 Family 6 Model 60 Stepping 3, GenuineIntel]
[USERPROFILE, C:\Users\illym]
[PROCESSOR_LEVEL, 6]
[CommonProgramFiles(x86), C:\Program Files (x86)\Common Files]
[OneDrive, C:\Users\illym\OneDrive]
[USERDOMAIN, NTSERV1]
[ProgramFiles, C:\Program Files]
[ALLUSERSPROFILE, C:\ProgramData]
[SystemRoot, C:\WINDOWS]
[OPENSSL_CONF, C:\Program Files\OpenSSL-Win64\bin\openssl.cfg]
[USERDOMAIN_ROAMINGPROFILE, NTSERV1]
[JD2_HOME, C:\Users\illym\AppData\Local\JDownloader v2.0]
[APPDATA, C:\Users\illym\AppData\Roaming]
[ProgramW6432, C:\Program Files]
[NUMBER_OF_PROCESSORS, 8]
[COLORTERM, truecolor]
[HOMEPATH, \Users\illym]
[ChocolateyPath, C:\Chocolatey]
[TERM_PROGRAM, vscode]
[SESSIONNAME, Console]
[PSExecutionPolicyPreference, Bypass]
[CommonProgramFiles, C:\Program Files\Common Files]
[SystemDrive, C:]
[ChocolateyInstall, C:\ProgramData\chocolatey]
[CommonProgramW6432, C:\Program Files\Common Files]
[HOMEDRIVE, C:]
[OS, Windows_NT]
[PROCESSOR_REVISION, 3c03]
[PSModulePath, D:\ILI\Profile\Documents\WindowsPowerShell\Modules;C:\Program Files\WindowsPowerShell\Modules;C:\WINDOWS\system32\WindowsPowerShell\v1.0\Modules\;C:\Program Files (x86)\Microsoft SDKs\Azure\PowerShell\ResourceManager\AzureResourceManager;C:\Program Files (x86)\Microsoft SDKs\Azure\PowerShell\ServiceManagement;C:\Program Files\Microsoft System Center 2012 R2\Virtual Machine Manager\bin\psModules\;C:\Program Files (x86)\VMware\Infrastructure\PowerCLI\Modules;C:\Users\illym\.vscode\extensions\ms-vscode.powershell-2019.5.0\modules]
[Path, C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\iCLS\;C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Wireshark\;C:\ProgramData\chocolatey\bin;C:\Program Files\OpenSSL-Win64\bin;C:\Strawberry\c\bin;C:\Strawberry\perl\site\bin;C:\Strawberry\perl\bin;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files\OpenSSH\;C:\Program Files\PuTTY\;C:\Program Files\php\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\Microsoft SQL Server\130\Tools\Binn\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\PowerShell\6-preview\preview;C:\Program Files\Git\cmd;C:\Program Files\PowerShell\6\;C:\Program Files\dotnet\;C:\Program Files\Microsoft SQL Server\Client SDK\ODBC\170\Tools\Binn\;C:\Program Files\PowerShell\6.0.5\;C:\Program Files\PowerShell\7-preview\preview;C:\Users\illym\AppData\Local\Programs\Python\Python37\Scripts\;C:\Users\illym\AppData\Local\Programs\Python\Python37\;C:\Users\illym\AppData\Local\Microsoft\WindowsApps;C:\Users\illym\AppData\Local\GitHubDesktop\bin;C:\Program Files (x86)\Nmap;C:\Program Files\Microsoft VS Code\bin;C:\Users\illym\AppData\Local\Programs\Microsoft VS Code\bin;C:\Users\illym\.dotnet\tools;C:\Users\illym\AppData\Local\Programs\Microsoft VS Code Insiders\bin;C:\Users\illym\AppData\Local\Microsoft\WindowsApps;C:\Users\illym\AppData\Roaming\Python\Python37\Scripts\;C:\Users\illym\AppData\Local\nvs\default;C:\Users\illym\AppData\Local\nvs\;C:\Users\illym\AppData\Local\Programs\Fiddler]
[TMP, C:\Users\illym\AppData\Local\Temp]
[USERDNSDOMAIN, CCC.CO.IL]
[TVT, C:\Program Files (x86)\Lenovo]
[ProgramFiles(x86), C:\Program Files (x86)]
[LOCALAPPDATA, C:\Users\illym\AppData\Local]
false
false
false
true
0
Normal
2019-08-27T10:56:36.0803246+03:00
System.Diagnostics.ProcessThreadCollection
PT25M21.390625S
PT19M35.5625S
581672960
2208194863104
false
947494912
947494912
firefox
1
2185
2208194863104
947494912
932839424
346064
C:\Program Files\Mozilla Firefox\firefox.exe
Mozilla Corporation
1521.390625
68.0.2
68.0.2
Firefox
Firefox
Process
System.Diagnostics.Process (firefox)
8
false
12964
Microsoft.Win32.SafeHandles.SafeProcessHandle
false
false
574
17072
.
0
firefox.exe
C:\Program Files\Mozilla Firefox\firefox.exe
140695213506560
606208
140695213813968
File: C:\Program Files\Mozilla Firefox\firefox.exe_x000D__x000A_InternalName: Firefox_x000D__x000A_OriginalFilename: firefox.exe_x000D__x000A_FileVersion: 68.0.2_x000D__x000A_FileDescription: Firefox_x000D__x000A_Product: Firefox_x000D__x000A_ProductVersion: 68.0.2_x000D__x000A_Debug: False_x000D__x000A_Patched: False_x000D__x000A_PreRelease: False_x000D__x000A_PrivateBuild: False_x000D__x000A_SpecialBuild: False_x000D__x000A_Language: Language Neutral_x000D__x000A_
592
Mozilla Corporation
68.0.2
68.0.2
Firefox
Firefox
1413120
204800
System.Diagnostics.ProcessThreadCollection
102832
102832
153145344
153145344
934456
934456
281669632
281669632
132628480
132628480
1000808448
2204319031296
true
Normal
32
153145344
153145344
PT55.796875S
firefox
255
true
1
System.Diagnostics.ProcessStartInfo
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
[OneDriveConsumer, C:\Users\illym\OneDrive]
[PATHEXT, .COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC;.PL;.CPL]
[TERM_PROGRAM_VERSION, 1.37.1]
[FPS_BROWSER_USER_PROFILE_STRING, Default]
[TEMP, C:\Users\illym\AppData\Local\Temp]
[LOGONSERVER, \\DC1]
[PROCESSOR_ARCHITECTURE, AMD64]
[FPS_BROWSER_APP_PROFILE_STRING, Internet Explorer]
[USERNAME, ili]
[LANG, en_US.UTF-8]
[windir, C:\WINDOWS]
[COMPUTERNAME, ILI]
[ComSpec, C:\WINDOWS\system32\cmd.exe]
[ProgramData, C:\ProgramData]
[DriverData, C:\Windows\System32\Drivers\DriverData]
[VS140COMNTOOLS, C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\Tools\]
[PUBLIC, C:\Users\Public]
[PROCESSOR_IDENTIFIER, Intel64 Family 6 Model 60 Stepping 3, GenuineIntel]
[USERPROFILE, C:\Users\illym]
[PROCESSOR_LEVEL, 6]
[CommonProgramFiles(x86), C:\Program Files (x86)\Common Files]
[OneDrive, C:\Users\illym\OneDrive]
[USERDOMAIN, NTSERV1]
[ProgramFiles, C:\Program Files]
[ALLUSERSPROFILE, C:\ProgramData]
[SystemRoot, C:\WINDOWS]
[OPENSSL_CONF, C:\Program Files\OpenSSL-Win64\bin\openssl.cfg]
[USERDOMAIN_ROAMINGPROFILE, NTSERV1]
[JD2_HOME, C:\Users\illym\AppData\Local\JDownloader v2.0]
[APPDATA, C:\Users\illym\AppData\Roaming]
[ProgramW6432, C:\Program Files]
[NUMBER_OF_PROCESSORS, 8]
[COLORTERM, truecolor]
[HOMEPATH, \Users\illym]
[ChocolateyPath, C:\Chocolatey]
[TERM_PROGRAM, vscode]
[SESSIONNAME, Console]
[PSExecutionPolicyPreference, Bypass]
[CommonProgramFiles, C:\Program Files\Common Files]
[SystemDrive, C:]
[ChocolateyInstall, C:\ProgramData\chocolatey]
[CommonProgramW6432, C:\Program Files\Common Files]
[HOMEDRIVE, C:]
[OS, Windows_NT]
[PROCESSOR_REVISION, 3c03]
[PSModulePath, D:\ILI\Profile\Documents\WindowsPowerShell\Modules;C:\Program Files\WindowsPowerShell\Modules;C:\WINDOWS\system32\WindowsPowerShell\v1.0\Modules\;C:\Program Files (x86)\Microsoft SDKs\Azure\PowerShell\ResourceManager\AzureResourceManager;C:\Program Files (x86)\Microsoft SDKs\Azure\PowerShell\ServiceManagement;C:\Program Files\Microsoft System Center 2012 R2\Virtual Machine Manager\bin\psModules\;C:\Program Files (x86)\VMware\Infrastructure\PowerCLI\Modules;C:\Users\illym\.vscode\extensions\ms-vscode.powershell-2019.5.0\modules]
[Path, C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\iCLS\;C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Wireshark\;C:\ProgramData\chocolatey\bin;C:\Program Files\OpenSSL-Win64\bin;C:\Strawberry\c\bin;C:\Strawberry\perl\site\bin;C:\Strawberry\perl\bin;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files\OpenSSH\;C:\Program Files\PuTTY\;C:\Program Files\php\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\Microsoft SQL Server\130\Tools\Binn\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\PowerShell\6-preview\preview;C:\Program Files\Git\cmd;C:\Program Files\PowerShell\6\;C:\Program Files\dotnet\;C:\Program Files\Microsoft SQL Server\Client SDK\ODBC\170\Tools\Binn\;C:\Program Files\PowerShell\6.0.5\;C:\Program Files\PowerShell\7-preview\preview;C:\Users\illym\AppData\Local\Programs\Python\Python37\Scripts\;C:\Users\illym\AppData\Local\Programs\Python\Python37\;C:\Users\illym\AppData\Local\Microsoft\WindowsApps;C:\Users\illym\AppData\Local\GitHubDesktop\bin;C:\Program Files (x86)\Nmap;C:\Program Files\Microsoft VS Code\bin;C:\Users\illym\AppData\Local\Programs\Microsoft VS Code\bin;C:\Users\illym\.dotnet\tools;C:\Users\illym\AppData\Local\Programs\Microsoft VS Code Insiders\bin;C:\Users\illym\AppData\Local\Microsoft\WindowsApps;C:\Users\illym\AppData\Roaming\Python\Python37\Scripts\;C:\Users\illym\AppData\Local\nvs\default;C:\Users\illym\AppData\Local\nvs\;C:\Users\illym\AppData\Local\Programs\Fiddler]
[TMP, C:\Users\illym\AppData\Local\Temp]
[USERDNSDOMAIN, CCC.CO.IL]
[TVT, C:\Program Files (x86)\Lenovo]
[ProgramFiles(x86), C:\Program Files (x86)]
[LOCALAPPDATA, C:\Users\illym\AppData\Local]
false
false
false
true
0
Normal
2019-08-27T10:56:38.0120624+03:00
System.Diagnostics.ProcessThreadCollection
PT3M54.265625S
PT2M58.46875S
845369344
2204163592192
false
80388096
80388096
firefox
1
574
2204163592192
80388096
153145344
102832
C:\Program Files\Mozilla Firefox\firefox.exe
Mozilla Corporation
234.265625
68.0.2
68.0.2
Firefox
Firefox
Process
System.Diagnostics.Process (firefox)
8
false
3964
Microsoft.Win32.SafeHandles.SafeProcessHandle
false
false
873
17080
.
0
firefox.exe
C:\Program Files\Mozilla Firefox\firefox.exe
140695213506560
606208
140695213813968
File: C:\Program Files\Mozilla Firefox\firefox.exe_x000D__x000A_InternalName: Firefox_x000D__x000A_OriginalFilename: firefox.exe_x000D__x000A_FileVersion: 68.0.2_x000D__x000A_FileDescription: Firefox_x000D__x000A_Product: Firefox_x000D__x000A_ProductVersion: 68.0.2_x000D__x000A_Debug: False_x000D__x000A_Patched: False_x000D__x000A_PreRelease: False_x000D__x000A_PrivateBuild: False_x000D__x000A_SpecialBuild: False_x000D__x000A_Language: Language Neutral_x000D__x000A_
592
Mozilla Corporation
68.0.2
68.0.2
Firefox
Firefox
1413120
204800
System.Diagnostics.ProcessThreadCollection
113656
113656
329662464
329662464
1042712
1042712
366370816
366370816
397377536
397377536
-993525760
2206619664384
true
Normal
32
329662464
329662464
PT12.265625S
firefox
255
true
1
System.Diagnostics.ProcessStartInfo
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
[OneDriveConsumer, C:\Users\illym\OneDrive]
[PATHEXT, .COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC;.PL;.CPL]
[TERM_PROGRAM_VERSION, 1.37.1]
[FPS_BROWSER_USER_PROFILE_STRING, Default]
[TEMP, C:\Users\illym\AppData\Local\Temp]
[LOGONSERVER, \\DC1]
[PROCESSOR_ARCHITECTURE, AMD64]
[FPS_BROWSER_APP_PROFILE_STRING, Internet Explorer]
[USERNAME, ili]
[LANG, en_US.UTF-8]
[windir, C:\WINDOWS]
[COMPUTERNAME, ILI]
[ComSpec, C:\WINDOWS\system32\cmd.exe]
[ProgramData, C:\ProgramData]
[DriverData, C:\Windows\System32\Drivers\DriverData]
[VS140COMNTOOLS, C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\Tools\]
[PUBLIC, C:\Users\Public]
[PROCESSOR_IDENTIFIER, Intel64 Family 6 Model 60 Stepping 3, GenuineIntel]
[USERPROFILE, C:\Users\illym]
[PROCESSOR_LEVEL, 6]
[CommonProgramFiles(x86), C:\Program Files (x86)\Common Files]
[OneDrive, C:\Users\illym\OneDrive]
[USERDOMAIN, NTSERV1]
[ProgramFiles, C:\Program Files]
[ALLUSERSPROFILE, C:\ProgramData]
[SystemRoot, C:\WINDOWS]
[OPENSSL_CONF, C:\Program Files\OpenSSL-Win64\bin\openssl.cfg]
[USERDOMAIN_ROAMINGPROFILE, NTSERV1]
[JD2_HOME, C:\Users\illym\AppData\Local\JDownloader v2.0]
[APPDATA, C:\Users\illym\AppData\Roaming]
[ProgramW6432, C:\Program Files]
[NUMBER_OF_PROCESSORS, 8]
[COLORTERM, truecolor]
[HOMEPATH, \Users\illym]
[ChocolateyPath, C:\Chocolatey]
[TERM_PROGRAM, vscode]
[SESSIONNAME, Console]
[PSExecutionPolicyPreference, Bypass]
[CommonProgramFiles, C:\Program Files\Common Files]
[SystemDrive, C:]
[ChocolateyInstall, C:\ProgramData\chocolatey]
[CommonProgramW6432, C:\Program Files\Common Files]
[HOMEDRIVE, C:]
[OS, Windows_NT]
[PROCESSOR_REVISION, 3c03]
[PSModulePath, D:\ILI\Profile\Documents\WindowsPowerShell\Modules;C:\Program Files\WindowsPowerShell\Modules;C:\WINDOWS\system32\WindowsPowerShell\v1.0\Modules\;C:\Program Files (x86)\Microsoft SDKs\Azure\PowerShell\ResourceManager\AzureResourceManager;C:\Program Files (x86)\Microsoft SDKs\Azure\PowerShell\ServiceManagement;C:\Program Files\Microsoft System Center 2012 R2\Virtual Machine Manager\bin\psModules\;C:\Program Files (x86)\VMware\Infrastructure\PowerCLI\Modules;C:\Users\illym\.vscode\extensions\ms-vscode.powershell-2019.5.0\modules]
[Path, C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\iCLS\;C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Wireshark\;C:\ProgramData\chocolatey\bin;C:\Program Files\OpenSSL-Win64\bin;C:\Strawberry\c\bin;C:\Strawberry\perl\site\bin;C:\Strawberry\perl\bin;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files\OpenSSH\;C:\Program Files\PuTTY\;C:\Program Files\php\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\Microsoft SQL Server\130\Tools\Binn\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\PowerShell\6-preview\preview;C:\Program Files\Git\cmd;C:\Program Files\PowerShell\6\;C:\Program Files\dotnet\;C:\Program Files\Microsoft SQL Server\Client SDK\ODBC\170\Tools\Binn\;C:\Program Files\PowerShell\6.0.5\;C:\Program Files\PowerShell\7-preview\preview;C:\Users\illym\AppData\Local\Programs\Python\Python37\Scripts\;C:\Users\illym\AppData\Local\Programs\Python\Python37\;C:\Users\illym\AppData\Local\Microsoft\WindowsApps;C:\Users\illym\AppData\Local\GitHubDesktop\bin;C:\Program Files (x86)\Nmap;C:\Program Files\Microsoft VS Code\bin;C:\Users\illym\AppData\Local\Programs\Microsoft VS Code\bin;C:\Users\illym\.dotnet\tools;C:\Users\illym\AppData\Local\Programs\Microsoft VS Code Insiders\bin;C:\Users\illym\AppData\Local\Microsoft\WindowsApps;C:\Users\illym\AppData\Roaming\Python\Python37\Scripts\;C:\Users\illym\AppData\Local\nvs\default;C:\Users\illym\AppData\Local\nvs\;C:\Users\illym\AppData\Local\Programs\Fiddler]
[TMP, C:\Users\illym\AppData\Local\Temp]
[USERDNSDOMAIN, CCC.CO.IL]
[TVT, C:\Program Files (x86)\Lenovo]
[ProgramFiles(x86), C:\Program Files (x86)]
[LOCALAPPDATA, C:\Users\illym\AppData\Local]
false
false
false
true
0
Normal
2019-08-27T10:56:40.1021012+03:00
System.Diagnostics.ProcessThreadCollection
PT1M51.734375S
PT1M39.46875S
-1007157248
2206606032896
false
277827584
277827584
firefox
1
873
2206606032896
277827584
329662464
113656
C:\Program Files\Mozilla Firefox\firefox.exe
Mozilla Corporation
111.734375
68.0.2
68.0.2
Firefox
Firefox
Process
System.Diagnostics.Process (firefox)
8
false
9176
Microsoft.Win32.SafeHandles.SafeProcessHandle
false
false
826
17272
.
0
firefox.exe
C:\Program Files\Mozilla Firefox\firefox.exe
140695213506560
606208
140695213813968
File: C:\Program Files\Mozilla Firefox\firefox.exe_x000D__x000A_InternalName: Firefox_x000D__x000A_OriginalFilename: firefox.exe_x000D__x000A_FileVersion: 68.0.2_x000D__x000A_FileDescription: Firefox_x000D__x000A_Product: Firefox_x000D__x000A_ProductVersion: 68.0.2_x000D__x000A_Debug: False_x000D__x000A_Patched: False_x000D__x000A_PreRelease: False_x000D__x000A_PrivateBuild: False_x000D__x000A_SpecialBuild: False_x000D__x000A_Language: Language Neutral_x000D__x000A_
592
Mozilla Corporation
68.0.2
68.0.2
Firefox
Firefox
1413120
204800
System.Diagnostics.ProcessThreadCollection
88008
88008
129679360
129679360
1109168
1109168
230346752
230346752
273293312
273293312
-1222299648
2206390890496
true
Normal
32
129679360
129679360
PT4.859375S
firefox
255
true
1
System.Diagnostics.ProcessStartInfo
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
[OneDriveConsumer, C:\Users\illym\OneDrive]
[PATHEXT, .COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC;.PL;.CPL]
[TERM_PROGRAM_VERSION, 1.37.1]
[FPS_BROWSER_USER_PROFILE_STRING, Default]
[TEMP, C:\Users\illym\AppData\Local\Temp]
[LOGONSERVER, \\DC1]
[PROCESSOR_ARCHITECTURE, AMD64]
[FPS_BROWSER_APP_PROFILE_STRING, Internet Explorer]
[USERNAME, ili]
[LANG, en_US.UTF-8]
[windir, C:\WINDOWS]
[COMPUTERNAME, ILI]
[ComSpec, C:\WINDOWS\system32\cmd.exe]
[ProgramData, C:\ProgramData]
[DriverData, C:\Windows\System32\Drivers\DriverData]
[VS140COMNTOOLS, C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\Tools\]
[PUBLIC, C:\Users\Public]
[PROCESSOR_IDENTIFIER, Intel64 Family 6 Model 60 Stepping 3, GenuineIntel]
[USERPROFILE, C:\Users\illym]
[PROCESSOR_LEVEL, 6]
[CommonProgramFiles(x86), C:\Program Files (x86)\Common Files]
[OneDrive, C:\Users\illym\OneDrive]
[USERDOMAIN, NTSERV1]
[ProgramFiles, C:\Program Files]
[ALLUSERSPROFILE, C:\ProgramData]
[SystemRoot, C:\WINDOWS]
[OPENSSL_CONF, C:\Program Files\OpenSSL-Win64\bin\openssl.cfg]
[USERDOMAIN_ROAMINGPROFILE, NTSERV1]
[JD2_HOME, C:\Users\illym\AppData\Local\JDownloader v2.0]
[APPDATA, C:\Users\illym\AppData\Roaming]
[ProgramW6432, C:\Program Files]
[NUMBER_OF_PROCESSORS, 8]
[COLORTERM, truecolor]
[HOMEPATH, \Users\illym]
[ChocolateyPath, C:\Chocolatey]
[TERM_PROGRAM, vscode]
[SESSIONNAME, Console]
[PSExecutionPolicyPreference, Bypass]
[CommonProgramFiles, C:\Program Files\Common Files]
[SystemDrive, C:]
[ChocolateyInstall, C:\ProgramData\chocolatey]
[CommonProgramW6432, C:\Program Files\Common Files]
[HOMEDRIVE, C:]
[OS, Windows_NT]
[PROCESSOR_REVISION, 3c03]
[PSModulePath, D:\ILI\Profile\Documents\WindowsPowerShell\Modules;C:\Program Files\WindowsPowerShell\Modules;C:\WINDOWS\system32\WindowsPowerShell\v1.0\Modules\;C:\Program Files (x86)\Microsoft SDKs\Azure\PowerShell\ResourceManager\AzureResourceManager;C:\Program Files (x86)\Microsoft SDKs\Azure\PowerShell\ServiceManagement;C:\Program Files\Microsoft System Center 2012 R2\Virtual Machine Manager\bin\psModules\;C:\Program Files (x86)\VMware\Infrastructure\PowerCLI\Modules;C:\Users\illym\.vscode\extensions\ms-vscode.powershell-2019.5.0\modules]
[Path, C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\iCLS\;C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Wireshark\;C:\ProgramData\chocolatey\bin;C:\Program Files\OpenSSL-Win64\bin;C:\Strawberry\c\bin;C:\Strawberry\perl\site\bin;C:\Strawberry\perl\bin;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files\OpenSSH\;C:\Program Files\PuTTY\;C:\Program Files\php\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\Microsoft SQL Server\130\Tools\Binn\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\PowerShell\6-preview\preview;C:\Program Files\Git\cmd;C:\Program Files\PowerShell\6\;C:\Program Files\dotnet\;C:\Program Files\Microsoft SQL Server\Client SDK\ODBC\170\Tools\Binn\;C:\Program Files\PowerShell\6.0.5\;C:\Program Files\PowerShell\7-preview\preview;C:\Users\illym\AppData\Local\Programs\Python\Python37\Scripts\;C:\Users\illym\AppData\Local\Programs\Python\Python37\;C:\Users\illym\AppData\Local\Microsoft\WindowsApps;C:\Users\illym\AppData\Local\GitHubDesktop\bin;C:\Program Files (x86)\Nmap;C:\Program Files\Microsoft VS Code\bin;C:\Users\illym\AppData\Local\Programs\Microsoft VS Code\bin;C:\Users\illym\.dotnet\tools;C:\Users\illym\AppData\Local\Programs\Microsoft VS Code Insiders\bin;C:\Users\illym\AppData\Local\Microsoft\WindowsApps;C:\Users\illym\AppData\Roaming\Python\Python37\Scripts\;C:\Users\illym\AppData\Local\nvs\default;C:\Users\illym\AppData\Local\nvs\;C:\Users\illym\AppData\Local\Programs\Fiddler]
[TMP, C:\Users\illym\AppData\Local\Temp]
[USERDNSDOMAIN, CCC.CO.IL]
[TVT, C:\Program Files (x86)\Lenovo]
[ProgramFiles(x86), C:\Program Files (x86)]
[LOCALAPPDATA, C:\Users\illym\AppData\Local]
false
false
false
true
0
Normal
2019-08-27T10:56:38.8269003+03:00
System.Diagnostics.ProcessThreadCollection
PT1M1.578125S
PT56.71875S
-1248059392
2206365130752
false
156524544
156524544
firefox
1
826
2206365130752
156524544
129679360
88008
C:\Program Files\Mozilla Firefox\firefox.exe
Mozilla Corporation
61.578125
68.0.2
68.0.2
Firefox
Firefox
Process
System.Diagnostics.Process (firefox)
8
false
6440
Microsoft.Win32.SafeHandles.SafeProcessHandle
false
false
1232
17504
.
0
firefox.exe
C:\Program Files\Mozilla Firefox\firefox.exe
140695213506560
606208
140695213813968
File: C:\Program Files\Mozilla Firefox\firefox.exe_x000D__x000A_InternalName: Firefox_x000D__x000A_OriginalFilename: firefox.exe_x000D__x000A_FileVersion: 68.0.2_x000D__x000A_FileDescription: Firefox_x000D__x000A_Product: Firefox_x000D__x000A_ProductVersion: 68.0.2_x000D__x000A_Debug: False_x000D__x000A_Patched: False_x000D__x000A_PreRelease: False_x000D__x000A_PrivateBuild: False_x000D__x000A_SpecialBuild: False_x000D__x000A_Language: Language Neutral_x000D__x000A_
592
Mozilla Corporation
68.0.2
68.0.2
Firefox
Firefox
1413120
204800
System.Diagnostics.ProcessThreadCollection
148256
148256
514801664
514801664
1548280
1548280
679268352
679268352
658161664
658161664
-1496309760
2231886684160
true
Normal
32
514801664
514801664
PT46.953125S
firefox
255
true
1
System.Diagnostics.ProcessStartInfo
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
[OneDriveConsumer, C:\Users\illym\OneDrive]
[PATHEXT, .COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC;.PL;.CPL]
[TERM_PROGRAM_VERSION, 1.37.1]
[FPS_BROWSER_USER_PROFILE_STRING, Default]
[TEMP, C:\Users\illym\AppData\Local\Temp]
[LOGONSERVER, \\DC1]
[PROCESSOR_ARCHITECTURE, AMD64]
[FPS_BROWSER_APP_PROFILE_STRING, Internet Explorer]
[USERNAME, ili]
[LANG, en_US.UTF-8]
[windir, C:\WINDOWS]
[COMPUTERNAME, ILI]
[ComSpec, C:\WINDOWS\system32\cmd.exe]
[ProgramData, C:\ProgramData]
[DriverData, C:\Windows\System32\Drivers\DriverData]
[VS140COMNTOOLS, C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\Tools\]
[PUBLIC, C:\Users\Public]
[PROCESSOR_IDENTIFIER, Intel64 Family 6 Model 60 Stepping 3, GenuineIntel]
[USERPROFILE, C:\Users\illym]
[PROCESSOR_LEVEL, 6]
[CommonProgramFiles(x86), C:\Program Files (x86)\Common Files]
[OneDrive, C:\Users\illym\OneDrive]
[USERDOMAIN, NTSERV1]
[ProgramFiles, C:\Program Files]
[ALLUSERSPROFILE, C:\ProgramData]
[SystemRoot, C:\WINDOWS]
[OPENSSL_CONF, C:\Program Files\OpenSSL-Win64\bin\openssl.cfg]
[USERDOMAIN_ROAMINGPROFILE, NTSERV1]
[JD2_HOME, C:\Users\illym\AppData\Local\JDownloader v2.0]
[APPDATA, C:\Users\illym\AppData\Roaming]
[ProgramW6432, C:\Program Files]
[NUMBER_OF_PROCESSORS, 8]
[COLORTERM, truecolor]
[HOMEPATH, \Users\illym]
[ChocolateyPath, C:\Chocolatey]
[TERM_PROGRAM, vscode]
[SESSIONNAME, Console]
[PSExecutionPolicyPreference, Bypass]
[CommonProgramFiles, C:\Program Files\Common Files]
[SystemDrive, C:]
[ChocolateyInstall, C:\ProgramData\chocolatey]
[CommonProgramW6432, C:\Program Files\Common Files]
[HOMEDRIVE, C:]
[OS, Windows_NT]
[PROCESSOR_REVISION, 3c03]
[PSModulePath, D:\ILI\Profile\Documents\WindowsPowerShell\Modules;C:\Program Files\WindowsPowerShell\Modules;C:\WINDOWS\system32\WindowsPowerShell\v1.0\Modules\;C:\Program Files (x86)\Microsoft SDKs\Azure\PowerShell\ResourceManager\AzureResourceManager;C:\Program Files (x86)\Microsoft SDKs\Azure\PowerShell\ServiceManagement;C:\Program Files\Microsoft System Center 2012 R2\Virtual Machine Manager\bin\psModules\;C:\Program Files (x86)\VMware\Infrastructure\PowerCLI\Modules;C:\Users\illym\.vscode\extensions\ms-vscode.powershell-2019.5.0\modules]
[Path, C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\iCLS\;C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Wireshark\;C:\ProgramData\chocolatey\bin;C:\Program Files\OpenSSL-Win64\bin;C:\Strawberry\c\bin;C:\Strawberry\perl\site\bin;C:\Strawberry\perl\bin;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files\OpenSSH\;C:\Program Files\PuTTY\;C:\Program Files\php\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\Microsoft SQL Server\130\Tools\Binn\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\PowerShell\6-preview\preview;C:\Program Files\Git\cmd;C:\Program Files\PowerShell\6\;C:\Program Files\dotnet\;C:\Program Files\Microsoft SQL Server\Client SDK\ODBC\170\Tools\Binn\;C:\Program Files\PowerShell\6.0.5\;C:\Program Files\PowerShell\7-preview\preview;C:\Users\illym\AppData\Local\Programs\Python\Python37\Scripts\;C:\Users\illym\AppData\Local\Programs\Python\Python37\;C:\Users\illym\AppData\Local\Microsoft\WindowsApps;C:\Users\illym\AppData\Local\GitHubDesktop\bin;C:\Program Files (x86)\Nmap;C:\Program Files\Microsoft VS Code\bin;C:\Users\illym\AppData\Local\Programs\Microsoft VS Code\bin;C:\Users\illym\.dotnet\tools;C:\Users\illym\AppData\Local\Programs\Microsoft VS Code Insiders\bin;C:\Users\illym\AppData\Local\Microsoft\WindowsApps;C:\Users\illym\AppData\Roaming\Python\Python37\Scripts\;C:\Users\illym\AppData\Local\nvs\default;C:\Users\illym\AppData\Local\nvs\;C:\Users\illym\AppData\Local\Programs\Fiddler]
[TMP, C:\Users\illym\AppData\Local\Temp]
[USERDNSDOMAIN, CCC.CO.IL]
[TVT, C:\Program Files (x86)\Lenovo]
[ProgramFiles(x86), C:\Program Files (x86)]
[LOCALAPPDATA, C:\Users\illym\AppData\Local]
false
false
false
true
0
Normal
2019-08-27T10:56:40.7954589+03:00
System.Diagnostics.ProcessThreadCollection
PT3M38.078125S
PT2M51.125S
1417457664
2226210516992
false
524640256
524640256
firefox
1
1232
2226210516992
524640256
514801664
148256
C:\Program Files\Mozilla Firefox\firefox.exe
Mozilla Corporation
218.078125
68.0.2
68.0.2
Firefox
Firefox
Process
System.Diagnostics.Process (firefox)
8
false
12428
Microsoft.Win32.SafeHandles.SafeProcessHandle
false
false
1472
18204
.
0
firefox.exe
C:\Program Files\Mozilla Firefox\firefox.exe
140695213506560
606208
140695213813968
File: C:\Program Files\Mozilla Firefox\firefox.exe_x000D__x000A_InternalName: Firefox_x000D__x000A_OriginalFilename: firefox.exe_x000D__x000A_FileVersion: 68.0.2_x000D__x000A_FileDescription: Firefox_x000D__x000A_Product: Firefox_x000D__x000A_ProductVersion: 68.0.2_x000D__x000A_Debug: False_x000D__x000A_Patched: False_x000D__x000A_PreRelease: False_x000D__x000A_PrivateBuild: False_x000D__x000A_SpecialBuild: False_x000D__x000A_Language: Language Neutral_x000D__x000A_
592
Mozilla Corporation
68.0.2
68.0.2
Firefox
Firefox
1413120
204800
System.Diagnostics.ProcessThreadCollection
125784
125784
162258944
162258944
1619192
1619192
237072384
237072384
273928192
273928192
-898707456
2206714482688
true
Normal
32
162258944
162258944
PT4.53125S
firefox
255
true
1
System.Diagnostics.ProcessStartInfo
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
[OneDriveConsumer, C:\Users\illym\OneDrive]
[PATHEXT, .COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC;.PL;.CPL]
[TERM_PROGRAM_VERSION, 1.37.1]
[FPS_BROWSER_USER_PROFILE_STRING, Default]
[TEMP, C:\Users\illym\AppData\Local\Temp]
[LOGONSERVER, \\DC1]
[PROCESSOR_ARCHITECTURE, AMD64]
[FPS_BROWSER_APP_PROFILE_STRING, Internet Explorer]
[USERNAME, ili]
[LANG, en_US.UTF-8]
[windir, C:\WINDOWS]
[COMPUTERNAME, ILI]
[ComSpec, C:\WINDOWS\system32\cmd.exe]
[ProgramData, C:\ProgramData]
[DriverData, C:\Windows\System32\Drivers\DriverData]
[VS140COMNTOOLS, C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\Tools\]
[PUBLIC, C:\Users\Public]
[PROCESSOR_IDENTIFIER, Intel64 Family 6 Model 60 Stepping 3, GenuineIntel]
[USERPROFILE, C:\Users\illym]
[PROCESSOR_LEVEL, 6]
[CommonProgramFiles(x86), C:\Program Files (x86)\Common Files]
[OneDrive, C:\Users\illym\OneDrive]
[USERDOMAIN, NTSERV1]
[ProgramFiles, C:\Program Files]
[ALLUSERSPROFILE, C:\ProgramData]
[SystemRoot, C:\WINDOWS]
[OPENSSL_CONF, C:\Program Files\OpenSSL-Win64\bin\openssl.cfg]
[USERDOMAIN_ROAMINGPROFILE, NTSERV1]
[JD2_HOME, C:\Users\illym\AppData\Local\JDownloader v2.0]
[APPDATA, C:\Users\illym\AppData\Roaming]
[ProgramW6432, C:\Program Files]
[NUMBER_OF_PROCESSORS, 8]
[COLORTERM, truecolor]
[HOMEPATH, \Users\illym]
[ChocolateyPath, C:\Chocolatey]
[TERM_PROGRAM, vscode]
[SESSIONNAME, Console]
[PSExecutionPolicyPreference, Bypass]
[CommonProgramFiles, C:\Program Files\Common Files]
[SystemDrive, C:]
[ChocolateyInstall, C:\ProgramData\chocolatey]
[CommonProgramW6432, C:\Program Files\Common Files]
[HOMEDRIVE, C:]
[OS, Windows_NT]
[PROCESSOR_REVISION, 3c03]
[PSModulePath, D:\ILI\Profile\Documents\WindowsPowerShell\Modules;C:\Program Files\WindowsPowerShell\Modules;C:\WINDOWS\system32\WindowsPowerShell\v1.0\Modules\;C:\Program Files (x86)\Microsoft SDKs\Azure\PowerShell\ResourceManager\AzureResourceManager;C:\Program Files (x86)\Microsoft SDKs\Azure\PowerShell\ServiceManagement;C:\Program Files\Microsoft System Center 2012 R2\Virtual Machine Manager\bin\psModules\;C:\Program Files (x86)\VMware\Infrastructure\PowerCLI\Modules;C:\Users\illym\.vscode\extensions\ms-vscode.powershell-2019.5.0\modules]
[Path, C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\iCLS\;C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Wireshark\;C:\ProgramData\chocolatey\bin;C:\Program Files\OpenSSL-Win64\bin;C:\Strawberry\c\bin;C:\Strawberry\perl\site\bin;C:\Strawberry\perl\bin;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files\OpenSSH\;C:\Program Files\PuTTY\;C:\Program Files\php\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\Microsoft SQL Server\130\Tools\Binn\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\PowerShell\6-preview\preview;C:\Program Files\Git\cmd;C:\Program Files\PowerShell\6\;C:\Program Files\dotnet\;C:\Program Files\Microsoft SQL Server\Client SDK\ODBC\170\Tools\Binn\;C:\Program Files\PowerShell\6.0.5\;C:\Program Files\PowerShell\7-preview\preview;C:\Users\illym\AppData\Local\Programs\Python\Python37\Scripts\;C:\Users\illym\AppData\Local\Programs\Python\Python37\;C:\Users\illym\AppData\Local\Microsoft\WindowsApps;C:\Users\illym\AppData\Local\GitHubDesktop\bin;C:\Program Files (x86)\Nmap;C:\Program Files\Microsoft VS Code\bin;C:\Users\illym\AppData\Local\Programs\Microsoft VS Code\bin;C:\Users\illym\.dotnet\tools;C:\Users\illym\AppData\Local\Programs\Microsoft VS Code Insiders\bin;C:\Users\illym\AppData\Local\Microsoft\WindowsApps;C:\Users\illym\AppData\Roaming\Python\Python37\Scripts\;C:\Users\illym\AppData\Local\nvs\default;C:\Users\illym\AppData\Local\nvs\;C:\Users\illym\AppData\Local\Programs\Fiddler]
[TMP, C:\Users\illym\AppData\Local\Temp]
[USERDNSDOMAIN, CCC.CO.IL]
[TVT, C:\Program Files (x86)\Lenovo]
[ProgramFiles(x86), C:\Program Files (x86)]
[LOCALAPPDATA, C:\Users\illym\AppData\Local]
false
false
false
true
0
Normal
2019-08-27T11:02:53.225385+03:00
System.Diagnostics.ProcessThreadCollection
PT34.734375S
PT30.203125S
-930471936
2206682718208
false
189308928
189308928
firefox
1
1472
2206682718208
189308928
162258944
125784
C:\Program Files\Mozilla Firefox\firefox.exe
Mozilla Corporation
34.734375
68.0.2
68.0.2
Firefox
Firefox
Process
System.Diagnostics.Process (firefox)
8
false
12332
Microsoft.Win32.SafeHandles.SafeProcessHandle
false
false
1362
18232
.
0
firefox.exe
C:\Program Files\Mozilla Firefox\firefox.exe
140695213506560
606208
140695213813968
File: C:\Program Files\Mozilla Firefox\firefox.exe_x000D__x000A_InternalName: Firefox_x000D__x000A_OriginalFilename: firefox.exe_x000D__x000A_FileVersion: 68.0.2_x000D__x000A_FileDescription: Firefox_x000D__x000A_Product: Firefox_x000D__x000A_ProductVersion: 68.0.2_x000D__x000A_Debug: False_x000D__x000A_Patched: False_x000D__x000A_PreRelease: False_x000D__x000A_PrivateBuild: False_x000D__x000A_SpecialBuild: False_x000D__x000A_Language: Language Neutral_x000D__x000A_
592
Mozilla Corporation
68.0.2
68.0.2
Firefox
Firefox
1413120
204800
System.Diagnostics.ProcessThreadCollection
111816
111816
181530624
181530624
1607976
1607976
196968448
196968448
230113280
230113280
-879996928
2206733193216
true
Normal
32
181530624
181530624
PT5.75S
firefox
255
true
1
System.Diagnostics.ProcessStartInfo
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
[OneDriveConsumer, C:\Users\illym\OneDrive]
[PATHEXT, .COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC;.PL;.CPL]
[TERM_PROGRAM_VERSION, 1.37.1]
[FPS_BROWSER_USER_PROFILE_STRING, Default]
[TEMP, C:\Users\illym\AppData\Local\Temp]
[LOGONSERVER, \\DC1]
[PROCESSOR_ARCHITECTURE, AMD64]
[FPS_BROWSER_APP_PROFILE_STRING, Internet Explorer]
[USERNAME, ili]
[LANG, en_US.UTF-8]
[windir, C:\WINDOWS]
[COMPUTERNAME, ILI]
[ComSpec, C:\WINDOWS\system32\cmd.exe]
[ProgramData, C:\ProgramData]
[DriverData, C:\Windows\System32\Drivers\DriverData]
[VS140COMNTOOLS, C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\Tools\]
[PUBLIC, C:\Users\Public]
[PROCESSOR_IDENTIFIER, Intel64 Family 6 Model 60 Stepping 3, GenuineIntel]
[USERPROFILE, C:\Users\illym]
[PROCESSOR_LEVEL, 6]
[CommonProgramFiles(x86), C:\Program Files (x86)\Common Files]
[OneDrive, C:\Users\illym\OneDrive]
[USERDOMAIN, NTSERV1]
[ProgramFiles, C:\Program Files]
[ALLUSERSPROFILE, C:\ProgramData]
[SystemRoot, C:\WINDOWS]
[OPENSSL_CONF, C:\Program Files\OpenSSL-Win64\bin\openssl.cfg]
[USERDOMAIN_ROAMINGPROFILE, NTSERV1]
[JD2_HOME, C:\Users\illym\AppData\Local\JDownloader v2.0]
[APPDATA, C:\Users\illym\AppData\Roaming]
[ProgramW6432, C:\Program Files]
[NUMBER_OF_PROCESSORS, 8]
[COLORTERM, truecolor]
[HOMEPATH, \Users\illym]
[ChocolateyPath, C:\Chocolatey]
[TERM_PROGRAM, vscode]
[SESSIONNAME, Console]
[PSExecutionPolicyPreference, Bypass]
[CommonProgramFiles, C:\Program Files\Common Files]
[SystemDrive, C:]
[ChocolateyInstall, C:\ProgramData\chocolatey]
[CommonProgramW6432, C:\Program Files\Common Files]
[HOMEDRIVE, C:]
[OS, Windows_NT]
[PROCESSOR_REVISION, 3c03]
[PSModulePath, D:\ILI\Profile\Documents\WindowsPowerShell\Modules;C:\Program Files\WindowsPowerShell\Modules;C:\WINDOWS\system32\WindowsPowerShell\v1.0\Modules\;C:\Program Files (x86)\Microsoft SDKs\Azure\PowerShell\ResourceManager\AzureResourceManager;C:\Program Files (x86)\Microsoft SDKs\Azure\PowerShell\ServiceManagement;C:\Program Files\Microsoft System Center 2012 R2\Virtual Machine Manager\bin\psModules\;C:\Program Files (x86)\VMware\Infrastructure\PowerCLI\Modules;C:\Users\illym\.vscode\extensions\ms-vscode.powershell-2019.5.0\modules]
[Path, C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\iCLS\;C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Wireshark\;C:\ProgramData\chocolatey\bin;C:\Program Files\OpenSSL-Win64\bin;C:\Strawberry\c\bin;C:\Strawberry\perl\site\bin;C:\Strawberry\perl\bin;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files\OpenSSH\;C:\Program Files\PuTTY\;C:\Program Files\php\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\Microsoft SQL Server\130\Tools\Binn\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\PowerShell\6-preview\preview;C:\Program Files\Git\cmd;C:\Program Files\PowerShell\6\;C:\Program Files\dotnet\;C:\Program Files\Microsoft SQL Server\Client SDK\ODBC\170\Tools\Binn\;C:\Program Files\PowerShell\6.0.5\;C:\Program Files\PowerShell\7-preview\preview;C:\Users\illym\AppData\Local\Programs\Python\Python37\Scripts\;C:\Users\illym\AppData\Local\Programs\Python\Python37\;C:\Users\illym\AppData\Local\Microsoft\WindowsApps;C:\Users\illym\AppData\Local\GitHubDesktop\bin;C:\Program Files (x86)\Nmap;C:\Program Files\Microsoft VS Code\bin;C:\Users\illym\AppData\Local\Programs\Microsoft VS Code\bin;C:\Users\illym\.dotnet\tools;C:\Users\illym\AppData\Local\Programs\Microsoft VS Code Insiders\bin;C:\Users\illym\AppData\Local\Microsoft\WindowsApps;C:\Users\illym\AppData\Roaming\Python\Python37\Scripts\;C:\Users\illym\AppData\Local\nvs\default;C:\Users\illym\AppData\Local\nvs\;C:\Users\illym\AppData\Local\Programs\Fiddler]
[TMP, C:\Users\illym\AppData\Local\Temp]
[USERDNSDOMAIN, CCC.CO.IL]
[TVT, C:\Program Files (x86)\Lenovo]
[ProgramFiles(x86), C:\Program Files (x86)]
[LOCALAPPDATA, C:\Users\illym\AppData\Local]
false
false
false
true
0
Normal
2019-08-27T10:56:43.0255902+03:00
System.Diagnostics.ProcessThreadCollection
PT51.59375S
PT45.84375S
-901230592
2206711959552
false
211763200
211763200
firefox
1
1362
2206711959552
211763200
181530624
111816
C:\Program Files\Mozilla Firefox\firefox.exe
Mozilla Corporation
51.59375
68.0.2
68.0.2
Firefox
Firefox
Process
System.Diagnostics.Process (navicat)
8
false
16636
Microsoft.Win32.SafeHandles.SafeProcessHandle
false
false
2473
7688
.
1314902
* Untitled - Query - Navicat for PostgreSQL
System.Diagnostics.ProcessModule (navicat.exe)
navicat.exe
C:\Program Files\PremiumSoft\Navicat 12 for PostgreSQL\navicat.exe
4194304
53858304
36932272
File: C:\Program Files\PremiumSoft\Navicat 12 for PostgreSQL\navicat.exe_x000D__x000A_InternalName: navicat.exe_x000D__x000A_OriginalFilename: navicat.exe_x000D__x000A_FileVersion: 12.1.22.0_x000D__x000A_FileDescription: Navicat for PostgreSQL_x000D__x000A_Product: Navicat for PostgreSQL_x000D__x000A_ProductVersion: 12.1_x000D__x000A_Debug: False_x000D__x000A_Patched: False_x000D__x000A_PreRelease: False_x000D__x000A_PrivateBuild: False_x000D__x000A_SpecialBuild: False_x000D__x000A_Language: English (United States)_x000D__x000A_
52596
PremiumSoft CyberTech Ltd.
12.1.22.0
12.1
Navicat for PostgreSQL
Navicat for PostgreSQL
1413120
204800
System.Diagnostics.ProcessThreadCollection
276000
276000
173408256
173408256
697776
697776
269389824
269389824
292655104
292655104
679415808
4974383104
true
Normal
32
173408256
173408256
PT30.875S
navicat
255
true
1
System.Diagnostics.ProcessStartInfo
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
[OneDriveConsumer, C:\Users\illym\OneDrive]
[PATHEXT, .COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC;.PL;.CPL]
[TERM_PROGRAM_VERSION, 1.37.1]
[FPS_BROWSER_USER_PROFILE_STRING, Default]
[TEMP, C:\Users\illym\AppData\Local\Temp]
[LOGONSERVER, \\DC1]
[PROCESSOR_ARCHITECTURE, AMD64]
[FPS_BROWSER_APP_PROFILE_STRING, Internet Explorer]
[USERNAME, ili]
[LANG, en_US.UTF-8]
[windir, C:\WINDOWS]
[COMPUTERNAME, ILI]
[ComSpec, C:\WINDOWS\system32\cmd.exe]
[ProgramData, C:\ProgramData]
[DriverData, C:\Windows\System32\Drivers\DriverData]
[VS140COMNTOOLS, C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\Tools\]
[PUBLIC, C:\Users\Public]
[PROCESSOR_IDENTIFIER, Intel64 Family 6 Model 60 Stepping 3, GenuineIntel]
[USERPROFILE, C:\Users\illym]
[PROCESSOR_LEVEL, 6]
[CommonProgramFiles(x86), C:\Program Files (x86)\Common Files]
[OneDrive, C:\Users\illym\OneDrive]
[USERDOMAIN, NTSERV1]
[ProgramFiles, C:\Program Files]
[ALLUSERSPROFILE, C:\ProgramData]
[SystemRoot, C:\WINDOWS]
[OPENSSL_CONF, C:\Program Files\OpenSSL-Win64\bin\openssl.cfg]
[USERDOMAIN_ROAMINGPROFILE, NTSERV1]
[JD2_HOME, C:\Users\illym\AppData\Local\JDownloader v2.0]
[APPDATA, C:\Users\illym\AppData\Roaming]
[ProgramW6432, C:\Program Files]
[NUMBER_OF_PROCESSORS, 8]
[COLORTERM, truecolor]
[HOMEPATH, \Users\illym]
[ChocolateyPath, C:\Chocolatey]
[TERM_PROGRAM, vscode]
[SESSIONNAME, Console]
[PSExecutionPolicyPreference, Bypass]
[CommonProgramFiles, C:\Program Files\Common Files]
[SystemDrive, C:]
[ChocolateyInstall, C:\ProgramData\chocolatey]
[CommonProgramW6432, C:\Program Files\Common Files]
[HOMEDRIVE, C:]
[OS, Windows_NT]
[PROCESSOR_REVISION, 3c03]
[PSModulePath, D:\ILI\Profile\Documents\WindowsPowerShell\Modules;C:\Program Files\WindowsPowerShell\Modules;C:\WINDOWS\system32\WindowsPowerShell\v1.0\Modules\;C:\Program Files (x86)\Microsoft SDKs\Azure\PowerShell\ResourceManager\AzureResourceManager;C:\Program Files (x86)\Microsoft SDKs\Azure\PowerShell\ServiceManagement;C:\Program Files\Microsoft System Center 2012 R2\Virtual Machine Manager\bin\psModules\;C:\Program Files (x86)\VMware\Infrastructure\PowerCLI\Modules;C:\Users\illym\.vscode\extensions\ms-vscode.powershell-2019.5.0\modules]
[Path, C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\iCLS\;C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Wireshark\;C:\ProgramData\chocolatey\bin;C:\Program Files\OpenSSL-Win64\bin;C:\Strawberry\c\bin;C:\Strawberry\perl\site\bin;C:\Strawberry\perl\bin;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files\OpenSSH\;C:\Program Files\PuTTY\;C:\Program Files\php\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\Microsoft SQL Server\130\Tools\Binn\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\PowerShell\6-preview\preview;C:\Program Files\Git\cmd;C:\Program Files\PowerShell\6\;C:\Program Files\dotnet\;C:\Program Files\Microsoft SQL Server\Client SDK\ODBC\170\Tools\Binn\;C:\Program Files\PowerShell\6.0.5\;C:\Program Files\PowerShell\7-preview\preview;C:\Users\illym\AppData\Local\Programs\Python\Python37\Scripts\;C:\Users\illym\AppData\Local\Programs\Python\Python37\;C:\Users\illym\AppData\Local\Microsoft\WindowsApps;C:\Users\illym\AppData\Local\GitHubDesktop\bin;C:\Program Files (x86)\Nmap;C:\Program Files\Microsoft VS Code\bin;C:\Users\illym\AppData\Local\Programs\Microsoft VS Code\bin;C:\Users\illym\.dotnet\tools;C:\Users\illym\AppData\Local\Programs\Microsoft VS Code Insiders\bin;C:\Users\illym\AppData\Local\Microsoft\WindowsApps;C:\Users\illym\AppData\Roaming\Python\Python37\Scripts\;C:\Users\illym\AppData\Local\nvs\default;C:\Users\illym\AppData\Local\nvs\;C:\Users\illym\AppData\Local\Programs\Fiddler]
[TMP, C:\Users\illym\AppData\Local\Temp]
[USERDNSDOMAIN, CCC.CO.IL]
[TVT, C:\Program Files (x86)\Lenovo]
[ProgramFiles(x86), C:\Program Files (x86)]
[LOCALAPPDATA, C:\Users\illym\AppData\Local]
false
false
false
true
0
Normal
2019-08-27T15:56:21.1328039+03:00
System.Diagnostics.ProcessThreadCollection
PT56.234375S
PT25.359375S
644014080
4938981376
false
66871296
66871296
navicat
1
2473
4938981376
66871296
173408256
276000
C:\Program Files\PremiumSoft\Navicat 12 for PostgreSQL\navicat.exe
PremiumSoft CyberTech Ltd.
56.234375
12.1.22.0
12.1
Navicat for PostgreSQL
Navicat for PostgreSQL
Process
System.Diagnostics.Process (notepad++)
8
false
4624
Microsoft.Win32.SafeHandles.SafeProcessHandle
false
false
290
22024
.
792130
C:\Users\illym\Desktop\Temp\Get-Process.xml - Notepad++
System.Diagnostics.ProcessModule (notepad++.exe)
notepad++.exe
C:\Program Files\Notepad++\notepad++.exe
140697733693440
3649536
140697734995844
File: C:\Program Files\Notepad++\notepad++.exe_x000D__x000A_InternalName: npp.exe_x000D__x000A_OriginalFilename: Notepad++.exe_x000D__x000A_FileVersion: 7.7_x000D__x000A_FileDescription: Notepad++ : a free (GNU) source code editor_x000D__x000A_Product: Notepad++_x000D__x000A_ProductVersion: 7.7_x000D__x000A_Debug: False_x000D__x000A_Patched: False_x000D__x000A_PreRelease: False_x000D__x000A_PrivateBuild: False_x000D__x000A_SpecialBuild: False_x000D__x000A_Language: English (United States)_x000D__x000A_
3564
Don HO don.h@free.fr
7.7
7.7
Notepad++ : a free (GNU) source code editor
Notepad++
1413120
204800
System.Diagnostics.ProcessThreadCollection
21888
21888
16732160
16732160
353992
353992
24780800
24780800
36184064
36184064
275099648
4570066944
true
Normal
32
16732160
16732160
PT2.546875S
notepad++
255
true
1
System.Diagnostics.ProcessStartInfo
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
[OneDriveConsumer, C:\Users\illym\OneDrive]
[PATHEXT, .COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC;.PL;.CPL]
[TERM_PROGRAM_VERSION, 1.37.1]
[FPS_BROWSER_USER_PROFILE_STRING, Default]
[TEMP, C:\Users\illym\AppData\Local\Temp]
[LOGONSERVER, \\DC1]
[PROCESSOR_ARCHITECTURE, AMD64]
[FPS_BROWSER_APP_PROFILE_STRING, Internet Explorer]
[USERNAME, ili]
[LANG, en_US.UTF-8]
[windir, C:\WINDOWS]
[COMPUTERNAME, ILI]
[ComSpec, C:\WINDOWS\system32\cmd.exe]
[ProgramData, C:\ProgramData]
[DriverData, C:\Windows\System32\Drivers\DriverData]
[VS140COMNTOOLS, C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\Tools\]
[PUBLIC, C:\Users\Public]
[PROCESSOR_IDENTIFIER, Intel64 Family 6 Model 60 Stepping 3, GenuineIntel]
[USERPROFILE, C:\Users\illym]
[PROCESSOR_LEVEL, 6]
[CommonProgramFiles(x86), C:\Program Files (x86)\Common Files]
[OneDrive, C:\Users\illym\OneDrive]
[USERDOMAIN, NTSERV1]
[ProgramFiles, C:\Program Files]
[ALLUSERSPROFILE, C:\ProgramData]
[SystemRoot, C:\WINDOWS]
[OPENSSL_CONF, C:\Program Files\OpenSSL-Win64\bin\openssl.cfg]
[USERDOMAIN_ROAMINGPROFILE, NTSERV1]
[JD2_HOME, C:\Users\illym\AppData\Local\JDownloader v2.0]
[APPDATA, C:\Users\illym\AppData\Roaming]
[ProgramW6432, C:\Program Files]
[NUMBER_OF_PROCESSORS, 8]
[COLORTERM, truecolor]
[HOMEPATH, \Users\illym]
[ChocolateyPath, C:\Chocolatey]
[TERM_PROGRAM, vscode]
[SESSIONNAME, Console]
[PSExecutionPolicyPreference, Bypass]
[CommonProgramFiles, C:\Program Files\Common Files]
[SystemDrive, C:]
[ChocolateyInstall, C:\ProgramData\chocolatey]
[CommonProgramW6432, C:\Program Files\Common Files]
[HOMEDRIVE, C:]
[OS, Windows_NT]
[PROCESSOR_REVISION, 3c03]
[PSModulePath, D:\ILI\Profile\Documents\WindowsPowerShell\Modules;C:\Program Files\WindowsPowerShell\Modules;C:\WINDOWS\system32\WindowsPowerShell\v1.0\Modules\;C:\Program Files (x86)\Microsoft SDKs\Azure\PowerShell\ResourceManager\AzureResourceManager;C:\Program Files (x86)\Microsoft SDKs\Azure\PowerShell\ServiceManagement;C:\Program Files\Microsoft System Center 2012 R2\Virtual Machine Manager\bin\psModules\;C:\Program Files (x86)\VMware\Infrastructure\PowerCLI\Modules;C:\Users\illym\.vscode\extensions\ms-vscode.powershell-2019.5.0\modules]
[Path, C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\iCLS\;C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Wireshark\;C:\ProgramData\chocolatey\bin;C:\Program Files\OpenSSL-Win64\bin;C:\Strawberry\c\bin;C:\Strawberry\perl\site\bin;C:\Strawberry\perl\bin;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files\OpenSSH\;C:\Program Files\PuTTY\;C:\Program Files\php\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\Microsoft SQL Server\130\Tools\Binn\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\PowerShell\6-preview\preview;C:\Program Files\Git\cmd;C:\Program Files\PowerShell\6\;C:\Program Files\dotnet\;C:\Program Files\Microsoft SQL Server\Client SDK\ODBC\170\Tools\Binn\;C:\Program Files\PowerShell\6.0.5\;C:\Program Files\PowerShell\7-preview\preview;C:\Users\illym\AppData\Local\Programs\Python\Python37\Scripts\;C:\Users\illym\AppData\Local\Programs\Python\Python37\;C:\Users\illym\AppData\Local\Microsoft\WindowsApps;C:\Users\illym\AppData\Local\GitHubDesktop\bin;C:\Program Files (x86)\Nmap;C:\Program Files\Microsoft VS Code\bin;C:\Users\illym\AppData\Local\Programs\Microsoft VS Code\bin;C:\Users\illym\.dotnet\tools;C:\Users\illym\AppData\Local\Programs\Microsoft VS Code Insiders\bin;C:\Users\illym\AppData\Local\Microsoft\WindowsApps;C:\Users\illym\AppData\Roaming\Python\Python37\Scripts\;C:\Users\illym\AppData\Local\nvs\default;C:\Users\illym\AppData\Local\nvs\;C:\Users\illym\AppData\Local\Programs\Fiddler]
[TMP, C:\Users\illym\AppData\Local\Temp]
[USERDNSDOMAIN, CCC.CO.IL]
[TVT, C:\Program Files (x86)\Lenovo]
[ProgramFiles(x86), C:\Program Files (x86)]
[LOCALAPPDATA, C:\Users\illym\AppData\Local]
false
false
false
true
0
Normal
2019-08-27T18:17:00.4985191+03:00
System.Diagnostics.ProcessThreadCollection
PT3.4375S
PT0.890625S
247128064
4542095360
false
24793088
24793088
notepad++
1
290
4542095360
24793088
16732160
21888
C:\Program Files\Notepad++\notepad++.exe
Don HO don.h@free.fr
3.4375
7.7
7.7
Notepad++ : a free (GNU) source code editor
Notepad++
Process
System.Diagnostics.Process (nvcontainer)
8
false
7076
Microsoft.Win32.SafeHandles.SafeProcessHandle
false
false
555
6568
.
0
nvcontainer.exe
C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
13369344
479232
13441489
File: C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe_x000D__x000A_InternalName: _x000D__x000A_OriginalFilename: _x000D__x000A_FileVersion: _x000D__x000A_FileDescription: _x000D__x000A_Product: _x000D__x000A_ProductVersion: _x000D__x000A_Debug: False_x000D__x000A_Patched: False_x000D__x000A_PreRelease: False_x000D__x000A_PrivateBuild: False_x000D__x000A_SpecialBuild: False_x000D__x000A_Language: English_x000D__x000A_
468
System.Diagnostics.ProcessThreadCollection
59016
59016
29392896
29392896
247960
247960
113201152
113201152
112721920
112721920
253108224
253108224
true
Normal
32
29392896
29392896
PT9.0625S
nvcontainer
255
true
1
System.Diagnostics.ProcessStartInfo
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
System.Collections.DictionaryEntry
[OneDriveConsumer, C:\Users\illym\OneDrive]
[PATHEXT, .COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC;.PL;.CPL]
[TERM_PROGRAM_VERSION, 1.37.1]
[FPS_BROWSER_USER_PROFILE_STRING, Default]
[TEMP, C:\Users\illym\AppData\Local\Temp]
[LOGONSERVER, \\DC1]
[PROCESSOR_ARCHITECTURE, AMD64]
[FPS_BROWSER_APP_PROFILE_STRING, Internet Explorer]
[USERNAME, ili]
[LANG, en_US.UTF-8]
[windir, C:\WINDOWS]
[COMPUTERNAME, ILI]
[ComSpec, C:\WINDOWS\system32\cmd.exe]
[ProgramData, C:\ProgramData]
[DriverData, C:\Windows\System32\Drivers\DriverData]
[VS140COMNTOOLS, C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\Tools\]
[PUBLIC, C:\Users\Public]
[PROCESSOR_IDENTIFIER, Intel64 Family 6 Model 60 Stepping 3, GenuineIntel]
[USERPROFILE, C:\Users\illym]
[PROCESSOR_LEVEL, 6]
[CommonProgramFiles(x86), C:\Program Files (x86)\Common Files]
[OneDrive, C:\Users\illym\OneDrive]
[USERDOMAIN, NTSERV1]
[ProgramFiles, C:\Program Files]
[ALLUSERSPROFILE, C:\ProgramData]
[SystemRoot, C:\WINDOWS]
[OPENSSL_CONF, C:\Program Files\OpenSSL-Win64\bin\openssl.cfg]
[USERDOMAIN_ROAMINGPROFILE, NTSERV1]
[JD2_HOME, C:\Users\illym\AppData\Local\JDownloader v2.0]
[APPDATA, C:\Users\illym\AppData\Roaming]
[ProgramW6432, C:\Program Files]
[NUMBER_OF_PROCESSORS, 8]
[COLORTERM, truecolor]
[HOMEPATH, \Users\illym]
[ChocolateyPath, C:\Chocolatey]
[TERM_PROGRAM, vscode]
[SESSIONNAME, Console]
[PSExecutionPolicyPreference, Bypass]
[CommonProgramFiles, C:\Program Files\Common Files]
[SystemDrive, C:]
[ChocolateyInstall, C:\ProgramData\chocolatey]
[CommonProgramW6432, C:\Program Files\Common Files]
[HOMEDRIVE, C:]
[OS, Windows_NT]
[PROCESSOR_REVISION, 3c03]
[PSModulePath, D:\ILI\Profile\Documents\WindowsPowerShell\Modules;C:\Program Files\WindowsPowerShell\Modules;C:\WINDOWS\system32\WindowsPowerShell\v1.0\Modules\;C:\Program Files (x86)\Microsoft SDKs\Azure\PowerShell\ResourceManager\AzureResourceManager;C:\Program Files (x86)\Microsoft SDKs\Azure\PowerShell\ServiceManagement;C:\Program Files\Microsoft System Center 2012 R2\Virtual Machine Manager\bin\psModules\;C:\Program Files (x86)\VMware\Infrastructure\PowerCLI\Modules;C:\Users\illym\.vscode\extensions\ms-vscode.powershell-2019.5.0\modules]
[Path, C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\iCLS\;C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Wireshark\;C:\ProgramData\chocolatey\bin;C:\Program Files\OpenSSL-Win64\bin;C:\Strawberry\c\bin;C:\Strawberry\perl\site\bin;C:\Strawberry\perl\bin;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files\OpenSSH\;C:\Program Files\PuTTY\;C:\Program Files\php\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\Microsoft SQL Server\130\Tools\Binn\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\PowerShell\6-preview\preview;C:\Program Files\Git\cmd;C:\Program Files\PowerShell\6\;C:\Program Files\dotnet\;C:\Program Files\Microsoft SQL Server\Client SDK\ODBC\170\Tools\Binn\;C:\Program Files\PowerShell\6.0.5\;C:\Program Files\PowerShell\7-preview\preview;C:\Users\illym\AppData\Local\Programs\Python\Python37\Scripts\;C:\Users\illym\AppData\Local\Programs\Python\Python37\;C:\Users\illym\AppData\Local\Microsoft\WindowsApps;C:\Users\illym\AppData\Local\GitHubDesktop\bin;C:\Program Files (x86)\Nmap;C:\Program Files\Microsoft VS Code\bin;C:\Users\illym\AppData\Local\Programs\Microsoft VS Code\bin;C:\Users\illym\.dotnet\tools;C:\Users\illym\AppData\Local\Programs\Microsoft VS Code Insiders\bin;C:\Users\illym\AppData\Local\Microsoft\WindowsApps;C:\Users\illym\AppData\Roaming\Python\Python37\Scripts\;C:\Users\illym\AppData\Local\nvs\default;C:\Users\illym\AppData\Local\nvs\;C:\Users\illym\AppData\Local\Programs\Fiddler]
[TMP, C:\Users\illym\AppData\Local\Temp]
[USERDNSDOMAIN, CCC.CO.IL]
[TVT, C:\Program Files (x86)\Lenovo]
[ProgramFiles(x86), C:\Program Files (x86)]
[LOCALAPPDATA, C:\Users\illym\AppData\Local]
false
false
false
true
0
Normal
2019-08-27T10:55:46.7219066+03:00
System.Diagnostics.ProcessThreadCollection
PT19.5S
PT10.4375S
215621632
215621632
false
27176960
27176960
nvcontainer
1
555
215621632
27176960
29392896
59016
C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
Process