Scribd
Upload
148 views9 pages

Test

The document contains details about various running processes and network connections on a Windows system. It lists the process name, process ID, network protocol, port numbers, remote IP addresses and other metadata for each active connection.

Uploaded by

Jim Rodgers
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
148 views9 pages

Test

The document contains details about various running processes and network connections on a Windows system. It lists the process name, process ID, network protocol, port numbers, remote IP addresses and other metadata for each active connection.

Uploaded by

Jim Rodgers
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
You are on page 1/ 9

CcmExec.

exe
5760
TCP
50726
10.104.16.13
10123
10.50.144.94
cvgwpsccm02.ga.afginc.com
Established
C:\WINDOWS\CCM\C
cmExec.exe
System Center 2012 Configuration Manager
Host Process for
Microsoft Configuration Manager
5.00.7958.1000 (SCCM.130911-1354)
Microsoft Corporation 2/6/2015 7:59:18 AM
NT AUTHORITY\SYSTEM
CcmExec
A
2/6/2015 10:13:50 AM
CcmExec.exe
5760
UDP
61937
127.0.0.1
C:\WINDOWS\CCM\CcmExec.exe
System Center 2012 Configuration Manager
Host Process for Microsoft Configuration Manager
5.00.7958.1000 (SCCM.130
911-1354)
Microsoft Corporation 2/6/2015 7:59:18 AM
NT AUTHORITY\SYS
TEM
CcmExec A
2/6/2015 10:13:50 AM
chrome.exe
4400
TCP
52333
10.104.16.13
443
https
216.58.216.68 ord30s21-in-f4.1e100.net
Established
C:\Program Files
(x86)\Google\Chrome\Application\chrome.exe
Google Chrome Google Chrome
38.0.2125.104 Google Inc.
2/6/2015 7:58:17 AM
AAG\jrodgers2
A
2/6/2015 10:13:50 AM
CurrPorts: Monitoring TCP/IP net
work connections on Windows - Google Chrome
chrome.exe
4400
TCP
52347
10.104.16.13
443
https
199.16.156.21
Established
C:\Program Files (x86)\Google\Chrome\App
lication\chrome.exe
Google Chrome Google Chrome 38.0.2125.104 Google I
nc.
2/6/2015 7:58:17 AM
AAG\jrodgers2
A
2/6/2015 10:13:5
0 AM
CurrPorts: Monitoring TCP/IP network connections on Wind
ows - Google Chrome
chrome.exe
4400
TCP
52427
10.104.16.13
443
https
74.125.228.6
iad23s05-in-f6.1e100.net
Established
C:\Program Files
(x86)\Google\Chrome\Application\chrome.exe
Google Chrome Google Chrome
38.0.2125.104 Google Inc.
2/6/2015 7:58:17 AM
AAG\jrodgers2
A
2/6/2015 10:13:50 AM
CurrPorts: Monitoring TCP/IP net
work connections on Windows - Google Chrome
chrome.exe
4400
TCP
52426
10.104.16.13
80
http
23.235.46.130
Established
C:\Program Files (x86)\Google\Chrome\App
lication\chrome.exe
Google Chrome Google Chrome 38.0.2125.104 Google I
nc.
2/6/2015 7:58:17 AM
AAG\jrodgers2
A
2/6/2015 10:13:5
0 AM
CurrPorts: Monitoring TCP/IP network connections on Wind
ows - Google Chrome
chrome.exe
4400
TCP
52245
10.104.16.13
443
https
74.125.228.14 iad23s05-in-f14.1e100.net
Established
C:\Program Files
(x86)\Google\Chrome\Application\chrome.exe
Google Chrome Google Chrome
38.0.2125.104 Google Inc.
2/6/2015 7:58:17 AM
AAG\jrodgers2
A
2/6/2015 10:13:50 AM
CurrPorts: Monitoring TCP/IP net
work connections on Windows - Google Chrome
chrome.exe
4400
TCP
51830
10.104.16.13
443
https
173.194.68.189 qa-in-f189.1e100.net
Established
C:\Program Files (x86)\G
oogle\Chrome\Application\chrome.exe
Google Chrome Google Chrome 38.0.212
5.104 Google Inc.
2/6/2015 7:58:17 AM
AAG\jrodgers2
A
2/6/2015 10:13:50 AM
CurrPorts: Monitoring TCP/IP network con
nections on Windows - Google Chrome
chrome.exe
4400
TCP
52419
10.104.16.13
80
http
8.21.198.139
alb54.clearspring.com Established
C:\Program Files (x86)\G
oogle\Chrome\Application\chrome.exe
Google Chrome Google Chrome 38.0.212
5.104 Google Inc.
2/6/2015 7:58:17 AM
AAG\jrodgers2
A
2/6/2015 10:13:50 AM
CurrPorts: Monitoring TCP/IP network con
nections on Windows - Google Chrome
chrome.exe
4400
TCP
50920
10.104.16.13
443
https
173.194.204.188
Established
C:\Program Files (x86)\Google\Chrome\App
lication\chrome.exe
Google Chrome Google Chrome 38.0.2125.104 Google I
nc.
2/6/2015 7:58:17 AM
AAG\jrodgers2
A
2/6/2015 10:13:5
0 AM
CurrPorts: Monitoring TCP/IP network connections on Wind
ows - Google Chrome
chrome.exe
4400
TCP
52413
10.104.16.13
80
http

74.125.228.24 iad23s05-in-f24.1e100.net
Established
C:\Program Files
(x86)\Google\Chrome\Application\chrome.exe
Google Chrome Google Chrome
38.0.2125.104 Google Inc.
2/6/2015 7:58:17 AM
AAG\jrodgers2
A
2/6/2015 10:13:50 AM
CurrPorts: Monitoring TCP/IP net
work connections on Windows - Google Chrome
chrome.exe
4400
TCP
52411
10.104.16.13
80
http
23.235.39.184
Established
C:\Program Files (x86)\Google\Chrome\App
lication\chrome.exe
Google Chrome Google Chrome 38.0.2125.104 Google I
nc.
2/6/2015 7:58:17 AM
AAG\jrodgers2
A
2/6/2015 10:13:5
0 AM
CurrPorts: Monitoring TCP/IP network connections on Wind
ows - Google Chrome
chrome.exe
4400
TCP
52409
10.104.16.13
80
http
50.22.232.74
50.22.232.74-static.reverse.softlayer.com
Established
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Google Chrome
Google Chrome 38.0.2125.104 Google Inc.
2/6/2015 7:58:17 AM
AAG\jrod
gers2
A
2/6/2015 10:13:50 AM
CurrPorts: Monit
oring TCP/IP network connections on Windows - Google Chrome
chrome.exe
4400
TCP
52392
10.104.16.13
443
https
198.252.206.149 stackoverflow.com
Established
C:\Program Files (x86)\G
oogle\Chrome\Application\chrome.exe
Google Chrome Google Chrome 38.0.212
5.104 Google Inc.
2/6/2015 7:58:17 AM
AAG\jrodgers2
A
2/6/2015 10:13:50 AM
CurrPorts: Monitoring TCP/IP network con
nections on Windows - Google Chrome
chrome.exe
4400
TCP
52417
10.104.16.13
80
http
74.125.228.5
iad23s05-in-f5.1e100.net
Established
C:\Program Files
(x86)\Google\Chrome\Application\chrome.exe
Google Chrome Google Chrome
38.0.2125.104 Google Inc.
2/6/2015 7:58:17 AM
AAG\jrodgers2
A
2/6/2015 10:13:50 AM
CurrPorts: Monitoring TCP/IP net
work connections on Windows - Google Chrome
CmRcService.exe 3172
TCP
2701
sms-rcinfo
::
::
Listening
C:\WINDOWS\CCM\RemCtrl\CmRcService.exe System C
enter 2012 Configuration Manager
Configuration Manager Remote Control Ser
vice
5.00.7958.1401 (hermbld.140904-1713)
Microsoft Corporation 2/6/2015
7:59:23 AM
NT AUTHORITY\SYSTEM
CmRcService
A
2/6/2015 10:13:5
0 AM
CmRcService.exe 3172
TCP
2701
sms-rcinfo
0.0.0.0
0.0.0.0
Listening
C:\WINDOWS\CCM\RemCtrl\CmRcService.exe System C
enter 2012 Configuration Manager
Configuration Manager Remote Control Ser
vice
5.00.7958.1401 (hermbld.140904-1713)
Microsoft Corporation 2/6/2015
7:59:23 AM
NT AUTHORITY\SYSTEM
CmRcService
A
2/6/2015 10:13:5
0 AM
communicator.exe
2236
UDP
51941
127.0.0.1
C:\Program Files (x86)\Microsoft Lync\communicator.exe Microsoft Lync 2010
Microsoft Lync 2010
4.0.7577.0 built by: lcs_se_w14_main(rtbldlab) Microsof
t Corporation 2/6/2015 7:58:23 AM
AAG\jrodgers2
A
2/6/2015
10:13:50 AM
Microsoft Lync
communicator.exe
2236
TCP
50641
10.104.16.13
5061
10.50.144.228 cvgwp19802.ga.afginc.com
Established
C:\Program Files
(x86)\Microsoft Lync\communicator.exe Microsoft Lync 2010
Microsoft Lync 2
010
4.0.7577.0 built by: lcs_se_w14_main(rtbldlab) Microsoft Corporation
2/6/2015 7:58:23 AM
AAG\jrodgers2
A
2/6/2015 10:13:50 AM
Microsoft Lync
EXCEL.EXE
7320
UDP
62913
127.0.0.1
C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE
Microsoft Office
2010 Microsoft Excel 14.0.6126.5003 Microsoft Corporation 2/6/2015 8:23:37
AM
AAG\jrodgers2
A
2/6/2015 10:13:50 AM
Microsoft Excel - Installed Applications (Master List)
FrameworkService.exe
1428
TCP
8081
::
::
Listening
C:\Program Files (x86)\McAfee\Common Framework\F
rameworkService.exe
McAfee Agent
Framework Service
4.8.0.887

McAfee, Inc.
2/6/2015 7:57:04 AM
NT AUTHORITY\SYSTEM
McAfeeFramework
A
2/6/2015 10:13:50 AM
FrameworkService.exe
1428
TCP
8081
0.0.0.0
0.0.0.0
Listening
C:\Program Files (x86)\McAfee\Common Framework\F
rameworkService.exe
McAfee Agent
Framework Service
4.8.0.887
McAfee, Inc.
2/6/2015 7:57:04 AM
NT AUTHORITY\SYSTEM
McAfeeFramework
A
2/6/2015 10:13:50 AM
iexplore.exe
11056 UDP
59043
127.0.0.1
C:\Program Files (x86)\Internet Explorer\iexplore.exe Windows Internet Explorer
Internet Explorer
8.00.7600.16385 (win7_rtm.090713-1255) Microsoft Corpor
ation 2/6/2015 9:29:41 AM
AAG\jrodgers2
A
2/6/2015 10:13:5
0 AM
LpSystemsMonitorService.exe
1988
TCP
65329
0.0.0.0
0.0.0.0
Listening
C:\Program Files\GAFRI\LpsystemMonitorServiceV1\
LpSystemsMonitorService.exe
LpSystemsMonitorService LpSystemsMonitorService
1.0.0.0 GAFRI 2/6/2015 7:57:03 AM
NT AUTHORITY\SYSTEM
LpSystemsMonitor
Service A
2/6/2015 10:13:50 AM
LpSystemsMonitorService.exe
1988
TCP
65329
::
::
Listening
C:\Program Files\GAFRI\LpsystemMonitorServiceV1\
LpSystemsMonitorService.exe
LpSystemsMonitorService LpSystemsMonitorService
1.0.0.0 GAFRI 2/6/2015 7:57:03 AM
NT AUTHORITY\SYSTEM
LpSystemsMonitor
Service A
2/6/2015 10:13:50 AM
lsass.exe
788
TCP
49155
0.0.0.0
0.0.0.0
Listening
C:\WINDOWS\system32\lsass.exe Microsoft Windows Operating System
Local Security Authority Process
6.1.7601.18443 (win7sp1_gdr.140411-1533)
Microsoft Corporation 2/6/2015 7:56:53 AM
NT AUTHORITY\SYSTEM
KeyIso,
Netlogon, ProtectedStorage, SamSs
A
2/6/2015 10:13:50 AM
lsass.exe
788
UDP
65368
127.0.0.1
C:\WINDOWS\system32\lsass.exe Microsoft Windows Operating System
Local Se
curity Authority Process
6.1.7601.18443 (win7sp1_gdr.140411-1533)
Microsoft Corporation 2/6/2015 7:56:53 AM
NT AUTHORITY\SYSTEM
KeyIso,
Netlogon, ProtectedStorage, SamSs
A
2/6/2015 10:13:50 AM
lsass.exe
788
TCP
49155
::
::
Listening
C:\WINDOWS\system32\lsass.exe Microsoft Windows Operating System
Local Security Authority Process
6.1.7601.18443 (win7sp1_gdr.140411-1533)
Microsoft Corporation 2/6/2015 7:56:53 AM
NT AUTHORITY\SYSTEM
KeyIso,
Netlogon, ProtectedStorage, SamSs
A
2/6/2015 10:13:50 AM
msaccess.exe
6368
TCP
52212
10.104.16.13
80
http
137.117.85.146
Close Wait
c:\program files (x86)\microsoft office\
office14\msaccess.exe Microsoft Office 2010 Microsoft Access
14.0.602
4.1000 Microsoft Corporation 2/6/2015 9:47:59 AM
AAG\jrodgers2
A
2/6/2015 10:13:50 AM
Microsoft Access - HyenaDB : Dat
abase (Access 2007 - 2010)
msaccess.exe
6368
TCP
52211
10.104.16.13
80
http
137.116.64.35
Close Wait
c:\program files (x86)\microsoft office\
office14\msaccess.exe Microsoft Office 2010 Microsoft Access
14.0.602
4.1000 Microsoft Corporation 2/6/2015 9:47:59 AM
AAG\jrodgers2
A
2/6/2015 10:13:50 AM
Microsoft Access - HyenaDB : Dat
abase (Access 2007 - 2010)
mstsc.exe
6624
TCP
52401
10.104.16.13
443
https
10.50.16.64
cinrdpgw01.aag.gfrinc.net
Established
C:\WINDOWS\syste
m32\mstsc.exe Microsoft Windows Operating System
Remote Desktop Connectio
n
6.3.9600.16415 (winblue_gdr_oob.131001-0952)
Microsoft Corporation
2/6/2015 10:08:55 AM
AAG\jrodgers2
A
2/6/2015 10:13:50 AM
CINAPP106D - Remote Desktop Connection
mstsc.exe
6624
TCP
52400
10.104.16.13
443
https
10.50.16.64
cinrdpgw01.aag.gfrinc.net
Established
C:\WINDOWS\syste
m32\mstsc.exe Microsoft Windows Operating System
Remote Desktop Connectio
n
6.3.9600.16415 (winblue_gdr_oob.131001-0952)
Microsoft Corporation
2/6/2015 10:08:55 AM
AAG\jrodgers2
A
2/6/2015 10:13:50 AM

CINAPP106D - Remote Desktop Connection


OUTLOOK.EXE
5928
TCP
52322
10.104.16.13
59533
10.50.136.28
autodiscover.ga.afginc.com
Established
C:\Program Files
(x86)\Microsoft Office\Office14\OUTLOOK.EXE
Microsoft Outlook
Microsof
t Outlook
14.0.6131.5000 Microsoft Corporation 2/6/2015 8:03:55 AM
AAG\jrodgers2
A
2/6/2015 10:13:50 AM
Sent Ite
ms - [email protected] - Microsoft Outlook
OUTLOOK.EXE
5928
UDP
51825
127.0.0.1
C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE
Microsoft Outloo
k
Microsoft Outlook
14.0.6131.5000 Microsoft Corporation 2/6/2015
8:03:55 AM
AAG\jrodgers2
A
2/6/2015 10:13:50 AM
Sent Items - [email protected] - Microsoft Outlook
OUTLOOK.EXE
5928
UDP
53258
127.0.0.1
C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE
Microsoft Outloo
k
Microsoft Outlook
14.0.6131.5000 Microsoft Corporation 2/6/2015
8:03:55 AM
AAG\jrodgers2
A
2/6/2015 10:13:50 AM
Sent Items - [email protected] - Microsoft Outlook
OUTLOOK.EXE
5928
TCP
50647
10.104.16.13
59532
10.50.136.28
autodiscover.ga.afginc.com
Established
C:\Program Files
(x86)\Microsoft Office\Office14\OUTLOOK.EXE
Microsoft Outlook
Microsof
t Outlook
14.0.6131.5000 Microsoft Corporation 2/6/2015 8:03:55 AM
AAG\jrodgers2
A
2/6/2015 10:13:50 AM
Sent Ite
ms - [email protected] - Microsoft Outlook
OUTLOOK.EXE
5928
TCP
50653
10.104.16.13
59532
10.50.144.178 cvgwp19931.ga.afginc.com
Established
C:\Program Files
(x86)\Microsoft Office\Office14\OUTLOOK.EXE
Microsoft Outlook
Microsof
t Outlook
14.0.6131.5000 Microsoft Corporation 2/6/2015 8:03:55 AM
AAG\jrodgers2
A
2/6/2015 10:13:50 AM
Sent Ite
ms - [email protected] - Microsoft Outlook
OUTLOOK.EXE
5928
TCP
50693
10.104.16.13
59532
10.50.136.28
autodiscover.ga.afginc.com
Established
C:\Program Files
(x86)\Microsoft Office\Office14\OUTLOOK.EXE
Microsoft Outlook
Microsof
t Outlook
14.0.6131.5000 Microsoft Corporation 2/6/2015 8:03:55 AM
AAG\jrodgers2
A
2/6/2015 10:13:50 AM
Sent Ite
ms - [email protected] - Microsoft Outlook
SCNotification.exe
6796
TCP
49158
127.0.0.1
0.0.0.0
Listening
C:\WINDOWS\CCM\SCNotification.exe
System C
enter Configuration Manager
SCNotification 5.0.7958.1000 Microsoft Corpor
ation 2/6/2015 7:59:57 AM
AAG\jrodgers2
A
2/6/2015 10:13:5
0 AM
services.exe
764
TCP
49156
::
::
Listening
C:\WINDOWS\system32\services.exe
Microsoft Windows Operatin
g System
Services and Controller app
6.1.7600.16385 (win7_rtm.0907131255) Microsoft Corporation 2/6/2015 7:56:53 AM
NT AUTHORITY\SYSTEM
A
2/6/2015 10:13:50 AM
services.exe
764
TCP
49156
0.0.0.0
0.0.0.0
Listening
C:\WINDOWS\system32\services.exe
Microsoft Windows Operatin
g System
Services and Controller app
6.1.7600.16385 (win7_rtm.0907131255) Microsoft Corporation 2/6/2015 7:56:53 AM
NT AUTHORITY\SYSTEM
A
2/6/2015 10:13:50 AM
svchost.exe
1480
TCP
3389
ms-wbt-server ::
::
Listening
C:\WINDOWS\system32\svchost.exe Microsoft Windows
Operating System
Host Process for Windows Services
6.1.7600.16385 (
win7_rtm.090713-1255) Microsoft Corporation 2/6/2015 7:57:01 AM
NT AUTHO
RITY\NETWORK SERVICE
CryptSvc, Dnscache, LanmanWorkstation, NlaSvc, TermServi
ce, WinRM
A
2/6/2015 10:13:50 AM
C:\WINDOWS\system32\svchost.exe
svchost.exe
428
TCP
49153
::
::
Listening
C:\WINDOWS\system32\svchost.exe Microsoft Windows Operating System
Host Process for Windows Services
6.1.7600.16385 (win7_rtm.090713-1255)
Microsoft Corporation 2/6/2015 7:57:00 AM
NT AUTHORITY\LOCAL SERVICE

AudioSrv, Dhcp, eventlog, lmhosts, wscsvc


A
2/6/2015 10:13:50 AM
svchost.exe
1100
TCP
49154
::
::
Listening
C:\WINDOWS\system32\svchost.exe Microsoft Windows Operating System
Host Process for Windows Services
6.1.7600.16385 (win7_rtm.090713-1255)
Microsoft Corporation 2/6/2015 7:57:00 AM
NT AUTHORITY\SYSTEM
AeLookup
Svc, BDESVC, BITS, Browser, CertPropSvc, EapHost, IKEEXT, iphlpsvc, LanmanServer
, MMCSS, ProfSvc, Schedule, seclogon, SENS, SessionEnv A
2/6/2015 10:13:5
0 AM
svchost.exe
1100
UDP
500
isakmp ::
C:\WINDOWS\system32\svchost.exe Microsoft Windows Operating System
Host Pro
cess for Windows Services
6.1.7600.16385 (win7_rtm.090713-1255) Microsof
t Corporation 2/6/2015 7:57:00 AM
NT AUTHORITY\SYSTEM
AeLookupSvc, BDE
SVC, BITS, Browser, CertPropSvc, EapHost, IKEEXT, iphlpsvc, LanmanServer, MMCSS,
ProfSvc, Schedule, seclogon, SENS, SessionEnv A
2/6/2015 10:13:50 AM
svchost.exe
6252
TCP
49176
0.0.0.0
0.0.0.0
Listening
C:\WINDOWS\system32\svchost.exe Microsoft Windows Operating System
Host Process for Windows Services
6.1.7600.16385 (win7_rtm.090713-1255)
Microsoft Corporation 2/6/2015 8:02:13 AM
NT AUTHORITY\NETWORK SERVICE
PolicyAgent
A
2/6/2015 10:13:50 AM
svchost.exe
436
TCP
135
epmap ::
::
Listening
C:\WINDOWS\system32\svchost.exe Microsoft Windows Operating System
Host Process for Windows Services
6.1.7600.16385 (win7_rtm.090713-1255)
Microsoft Corporation 2/6/2015 7:57:00 AM
NT AUTHORITY\NETWORK SERVICE
RpcEptMapper, RpcSs
A
2/6/2015 10:13:50 AM
svchost.exe
1648
UDP
1900
ssdp
::1
C:\WINDOWS\system32\svchost.exe Microsoft Windows Operating System
Host Pro
cess for Windows Services
6.1.7600.16385 (win7_rtm.090713-1255) Microsof
t Corporation 2/6/2015 7:57:02 AM
NT AUTHORITY\LOCAL SERVICE
SCardSvr
, SSDPSRV, TBS A
2/6/2015 10:13:50 AM
svchost.exe
1064
UDP
123
ntp
::
C:\WINDOWS\system32\svchost.exe Microsoft Windows Operating System
Host Pro
cess for Windows Services
6.1.7600.16385 (win7_rtm.090713-1255) Microsof
t Corporation 2/6/2015 7:57:00 AM
NT AUTHORITY\LOCAL SERVICE
EventSys
tem, FontCache, netprofm, nsi, W32Time, WdiServiceHost, WebClient
A
2/6/2015 10:13:50 AM
svchost.exe
1648
UDP
53267
::1
C:\WINDOWS\system32\svchost.exe Microsoft Windows Operating System
Host Pro
cess for Windows Services
6.1.7600.16385 (win7_rtm.090713-1255) Microsof
t Corporation 2/6/2015 7:57:02 AM
NT AUTHORITY\LOCAL SERVICE
SCardSvr
, SSDPSRV, TBS A
2/6/2015 10:13:50 AM
svchost.exe
1212
UDP
60867
127.0.0.1
C:\WINDOWS\system32\svchost.exe Microsoft Windows Operating System
Host Pro
cess for Windows Services
6.1.7600.16385 (win7_rtm.090713-1255) Microsof
t Corporation 2/6/2015 7:57:01 AM
NT AUTHORITY\SYSTEM
gpsvc A
2/6/2015 10:13:50 AM
svchost.exe
1100
TCP
49154
0.0.0.0
0.0.0.0
Listening
C:\WINDOWS\system32\svchost.exe Microsoft Windows Operating System
Host Process for Windows Services
6.1.7600.16385 (win7_rtm.090713-1255)
Microsoft Corporation 2/6/2015 7:57:00 AM
NT AUTHORITY\SYSTEM
AeLookup
Svc, BDESVC, BITS, Browser, CertPropSvc, EapHost, IKEEXT, iphlpsvc, LanmanServer
, MMCSS, ProfSvc, Schedule, seclogon, SENS, SessionEnv A
2/6/2015 10:13:5
0 AM
svchost.exe
428
TCP
49153
0.0.0.0
0.0.0.0
Listening
C:\WINDOWS\system32\svchost.exe Microsoft Windows Operating System
Host Process for Windows Services
6.1.7600.16385 (win7_rtm.090713-1255)
Microsoft Corporation 2/6/2015 7:57:00 AM
NT AUTHORITY\LOCAL SERVICE
AudioSrv, Dhcp, eventlog, lmhosts, wscsvc
A
2/6/2015 10:13:50 AM
svchost.exe
1100
UDP
4500
ipsec-msft
::
C:\WINDOWS\system32\svchost.exe Microsoft Windows Operating System
Host Pro
cess for Windows Services
6.1.7600.16385 (win7_rtm.090713-1255) Microsof

t Corporation 2/6/2015 7:57:00 AM


NT AUTHORITY\SYSTEM
AeLookupSvc, BDE
SVC, BITS, Browser, CertPropSvc, EapHost, IKEEXT, iphlpsvc, LanmanServer, MMCSS,
ProfSvc, Schedule, seclogon, SENS, SessionEnv A
2/6/2015 10:13:50 AM
svchost.exe
1648
UDP
53269
127.0.0.1
C:\WINDOWS\system32\svchost.exe Microsoft Windows Operating System
Host Pro
cess for Windows Services
6.1.7600.16385 (win7_rtm.090713-1255) Microsof
t Corporation 2/6/2015 7:57:02 AM
NT AUTHORITY\LOCAL SERVICE
SCardSvr
, SSDPSRV, TBS A
2/6/2015 10:13:50 AM
svchost.exe
1648
UDP
53268
10.104.16.13
C:\WINDOWS\system32\svchost.exe Microsoft Windows Operating System
Host Pro
cess for Windows Services
6.1.7600.16385 (win7_rtm.090713-1255) Microsof
t Corporation 2/6/2015 7:57:02 AM
NT AUTHORITY\LOCAL SERVICE
SCardSvr
, SSDPSRV, TBS A
2/6/2015 10:13:50 AM
svchost.exe
1480
TCP
3389
ms-wbt-server 0.0.0.0
0.0.0.0
Listening
C:\WINDOWS\system32\svchost.exe Microsoft Windows
Operating System
Host Process for Windows Services
6.1.7600.16385 (
win7_rtm.090713-1255) Microsoft Corporation 2/6/2015 7:57:01 AM
NT AUTHO
RITY\NETWORK SERVICE
CryptSvc, Dnscache, LanmanWorkstation, NlaSvc, TermServi
ce, WinRM
A
2/6/2015 10:13:50 AM
svchost.exe
6252
TCP
49176
::
::
Listening
C:\WINDOWS\system32\svchost.exe Microsoft Windows Operating System
Host Process for Windows Services
6.1.7600.16385 (win7_rtm.090713-1255)
Microsoft Corporation 2/6/2015 8:02:13 AM
NT AUTHORITY\NETWORK SERVICE
PolicyAgent
A
2/6/2015 10:13:50 AM
svchost.exe
1480
UDP
65104
127.0.0.1
C:\WINDOWS\system32\svchost.exe Microsoft Windows Operating System
Host Pro
cess for Windows Services
6.1.7600.16385 (win7_rtm.090713-1255) Microsof
t Corporation 2/6/2015 7:57:01 AM
NT AUTHORITY\NETWORK SERVICE
CryptSvc
, Dnscache, LanmanWorkstation, NlaSvc, TermService, WinRM
A
2/6/2015
10:13:50 AM
svchost.exe
436
TCP
135
epmap 0.0.0.0
0.0.0.0
Listening
C:\WINDOWS\system32\svchost.exe Microsoft Windows Operating System
Host Process for Windows Services
6.1.7600.16385 (win7_rtm.090713-1255)
Microsoft Corporation 2/6/2015 7:57:00 AM
NT AUTHORITY\NETWORK SERVICE
RpcEptMapper, RpcSs
A
2/6/2015 10:13:50 AM
svchost.exe
1480
UDP
5355
llmnr 0.0.0.0
C:\WINDOWS\system32\svchost.exe Microsoft Windows Operating System
Host Pro
cess for Windows Services
6.1.7600.16385 (win7_rtm.090713-1255) Microsof
t Corporation 2/6/2015 7:57:01 AM
NT AUTHORITY\NETWORK SERVICE
CryptSvc
, Dnscache, LanmanWorkstation, NlaSvc, TermService, WinRM
A
2/6/2015
10:13:50 AM
svchost.exe
1064
UDP
123
ntp
0.0.0.0
C:\WINDOWS\system32\svchost.exe Microsoft Windows Operating System
Host Pro
cess for Windows Services
6.1.7600.16385 (win7_rtm.090713-1255) Microsof
t Corporation 2/6/2015 7:57:00 AM
NT AUTHORITY\LOCAL SERVICE
EventSys
tem, FontCache, netprofm, nsi, W32Time, WdiServiceHost, WebClient
A
2/6/2015 10:13:50 AM
svchost.exe
1100
UDP
500
isakmp 0.0.0.0
C:\WINDOWS\system32\svchost.exe Microsoft Windows Operating System
Host Pro
cess for Windows Services
6.1.7600.16385 (win7_rtm.090713-1255) Microsof
t Corporation 2/6/2015 7:57:00 AM
NT AUTHORITY\SYSTEM
AeLookupSvc, BDE
SVC, BITS, Browser, CertPropSvc, EapHost, IKEEXT, iphlpsvc, LanmanServer, MMCSS,
ProfSvc, Schedule, seclogon, SENS, SessionEnv A
2/6/2015 10:13:50 AM
svchost.exe
1648
UDP
1900
ssdp
10.104.16.13
C:\WINDOWS\system32\svchost.exe Microsoft Windows Operating System
Host Pro
cess for Windows Services
6.1.7600.16385 (win7_rtm.090713-1255) Microsof
t Corporation 2/6/2015 7:57:02 AM
NT AUTHORITY\LOCAL SERVICE
SCardSvr
, SSDPSRV, TBS A
2/6/2015 10:13:50 AM
svchost.exe
1648
UDP
1900
ssdp
127.0.0.1
C:\WINDOWS\system32\svchost.exe Microsoft Windows Operating System
Host Pro

cess for Windows Services


6.1.7600.16385 (win7_rtm.090713-1255) Microsof
t Corporation 2/6/2015 7:57:02 AM
NT AUTHORITY\LOCAL SERVICE
SCardSvr
, SSDPSRV, TBS A
2/6/2015 10:13:50 AM
svchost.exe
1100
UDP
4500
ipsec-msft
0.0.0.0
C:\WINDOWS\system32\svchost.exe Microsoft Windows Operating System
Host Pro
cess for Windows Services
6.1.7600.16385 (win7_rtm.090713-1255) Microsof
t Corporation 2/6/2015 7:57:00 AM
NT AUTHORITY\SYSTEM
AeLookupSvc, BDE
SVC, BITS, Browser, CertPropSvc, EapHost, IKEEXT, iphlpsvc, LanmanServer, MMCSS,
ProfSvc, Schedule, seclogon, SENS, SessionEnv A
2/6/2015 10:13:50 AM
System 4
TCP
47001
0.0.0.0
0.0.0.0
Listening
N/A
2/6/2015 10:13:50 AM
System 4
TCP
8000
::
::
Listening
N/A
2/6/2015 10:13:50 AM
System 4
TCP
8000
0.0.0.0
0.0.0.0
Listening
N/A
2/6/2015 10:13:50 AM
System 4
TCP
5986
0.0.0.0
0.0.0.0
Listening
N/A
2/6/2015 10:13:50 AM
System 4
TCP
445
microsoft-ds
0.0.0.0
0.0.0.0
Listening
N/A
2/6/2015 10:13:50 AM
System 4
TCP
50757
10.104.16.13
445
microsoft-ds
10.50.73.61
cinfile01.aag.gfrinc.net
Established
N/A
2/6/2015 10:13:50 AM
System 4
TCP
5986
::
::
Listening
N/A
2/6/2015 10:13:50 AM
System 4
TCP
445
microsoft-ds
::
::
Listening
N/A
2/6/2015 10:13:50 AM
System 4
TCP
47001
::
::
Listening
N/A
2/6/2015 10:13:50 AM
System 4
TCP
52406
10.104.16.13
445
microsoft-ds
10.50.16.50
cinmgt12.aag.gfrinc.net Established
N/A
2/6/2015 10:13:50 AM
UcMapi.exe
3064
TCP
50639
10.104.16.13
59532
10.50.136.28
autodiscover.ga.afginc.com
Established
C:\Program Files
(x86)\Microsoft Lync\UcMapi.exe
Microsoft Lync 2010
Microsoft Lync 2
010 MAPI COM Server
4.0.7577.0 built by: lcs_se_w14_main(rtbldlab) Microsof
t Corporation 2/6/2015 8:03:46 AM
AAG\jrodgers2
A
2/6/2015
10:13:50 AM
Unknown 0
TCP
52390
10.104.16.13
80
http
190.93.2
47.58
Time Wait
N/A
2/6/2015 10:13:50 AM
Unknown 0
TCP
52387
10.104.16.13
80
http
216.68.1
0.161 akamai-216-68-10-161.fuse.net Time Wait
N/A
2/6/2015 10:13:50 AM
Unknown 0
TCP
52385
10.104.16.13
80
http
104.16.1
3.8
Time Wait
N/A
2/6/2015 10:13:50 AM
Unknown 0
TCP
52422
10.104.16.13
80
http
74.125.2
28.13 iad23s05-in-f13.1e100.net
Time Wait
N/A
2/6/2015 10:13:50 AM
Unknown 0
TCP
52384
10.104.16.13
80
http
103.31.6
.36
Time Wait
N/A
2/6/2015 10:13:50 AM

Unknown 0
TCP
52377
10.104.16.13
80
http
103.31.6
.36
Time Wait
N/A
2/6/2015 10:13:50 AM
Unknown 0
TCP
52338
10.104.16.13
80
http
92.53.24
1.180 orion-sysinternals.webwiz.co.uk Time Wait
N/A
2/6/2015 10:13:50 AM
Unknown 0
TCP
52421
10.104.16.13
80
http
8.21.198
.139
alb54.clearspring.com Time Wait
N/A
2/6/2015 10:13:50 AM
Unknown 0
TCP
52376
10.104.16.13
80
http
190.93.2
46.58
Time Wait
N/A
2/6/2015 10:13:50 AM
Unknown 0
TCP
52391
10.104.16.13
80
http
190.93.2
47.58
Time Wait
N/A
2/6/2015 10:13:50 AM
Unknown 0
TCP
52340
10.104.16.13
80
http
92.53.24
1.180 orion-sysinternals.webwiz.co.uk Time Wait
N/A
2/6/2015 10:13:50 AM
Unknown 0
TCP
52344
10.104.16.13
80
http
92.53.24
1.180 orion-sysinternals.webwiz.co.uk Time Wait
N/A
2/6/2015 10:13:50 AM
Unknown 0
TCP
52343
10.104.16.13
80
http
92.53.24
1.180 orion-sysinternals.webwiz.co.uk Time Wait
N/A
2/6/2015 10:13:50 AM
Unknown 0
TCP
52342
10.104.16.13
80
http
92.53.24
1.180 orion-sysinternals.webwiz.co.uk Time Wait
N/A
2/6/2015 10:13:50 AM
Unknown 0
TCP
52341
10.104.16.13
80
http
92.53.24
1.180 orion-sysinternals.webwiz.co.uk Time Wait
N/A
2/6/2015 10:13:50 AM
Unknown 0
TCP
52420
10.104.16.13
80
http
8.21.198
.139
alb54.clearspring.com Time Wait
N/A
2/6/2015 10:13:50 AM
vpnagent.exe
1388
TCP
62522
127.0.0.1
49157
127.0.0.1
GFR-CVG-0012098.ga.afginc.com Established
C:\Program Files
(x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
Cisco An
yConnect Secure Mobility Client VPN Agent Service
3, 0, 5080
Cisco Sy
stems, Inc.
2/6/2015 7:57:01 AM
NT AUTHORITY\SYSTEM
vpnagent
A
2/6/2015 10:13:50 AM
vpnagent.exe
1388
TCP
62522
127.0.0.1
0.0.0.0
Listening
C:\Program Files (x86)\Cisco\Cisco AnyConnect Se
cure Mobility Client\vpnagent.exe
Cisco AnyConnect Secure Mobility Client
VPN Agent Service
3, 0, 5080
Cisco Systems, Inc.
2/6/2015 7:57:01
AM
NT AUTHORITY\SYSTEM
vpnagent
A
2/6/2015 10:13:50 AM
vpnui.exe
4544
TCP
49157
127.0.0.1
62522
127.0.0.1
GFR-CVG-0012098.ga.afginc.com Established
C:\Program Files
(x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe Cisco AnyConnect
Secure Mobility Client Cisco AnyConnect User Interface 3, 0, 5080
Cisco Sy
stems, Inc.
2/6/2015 7:58:23 AM
AAG\jrodgers2
A
2/6/2015
10:13:50 AM
wininit.exe
708
TCP
49152
0.0.0.0
0.0.0.0
Listening
C:\WINDOWS\system32\wininit.exe Microsoft Windows Operating System
Windows Start-Up Application
6.1.7600.16385 (win7_rtm.090713-1255) Microsof
t Corporation 2/6/2015 7:56:53 AM
NT AUTHORITY\SYSTEM
A
2/6/2015 10:13:50 AM
wininit.exe
708
TCP
49152
::
::
Listening
C:\WINDOWS\system32\wininit.exe Microsoft Windows Operating System
Windows Start-Up Application
6.1.7600.16385 (win7_rtm.090713-1255) Microsof
t Corporation 2/6/2015 7:56:53 AM
NT AUTHORITY\SYSTEM
A
2/6/2015 10:13:50 AM

wmiprvse.exe
2492
UDP
49865
127.0.0.1
C:\WINDOWS\system32\wbem\wmiprvse.exe Microsoft Windows Operating System
WMI Provider Host
6.2.9200.16398 (win8_gdr_oobssr.120820-1900)
Microsof
t Corporation 2/6/2015 7:57:09 AM
NT AUTHORITY\NETWORK SERVICE
A
2/6/2015 10:13:50 AM

You might also like