PS C:\Windows\system32> Get-Process | FT Name, Path
Name Path
---- ----
3D Live Pool C:\Program Files (x86)\Arcade Tribe\Game\3D Live Poo
arcadetribe C:\Program Files (x86)\Arcade Tribe\arcadetribe.exe
audiodg
CAudioFilterAgent64 C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFi
ClassicStartMenu C:\Program Files\Classic Shell\ClassicStartMenu.exe
conhost C:\Windows\system32\conhost.exe
conhost C:\Windows\system32\conhost.exe
csrss
csrss
CxAudMsg64 C:\Windows\system32\CxAudMsg64.exe
dasHost C:\Windows\system32\dashost.exe
dwm C:\Windows\system32\dwm.exe
Energy Management C:\Program Files (x86)\Lenovo\Energy Management\Ener
ETDCtrl C:\Program Files\Elantech\ETDCtrl.exe
ETDCtrlHelper C:\Program Files\Elantech\ETDCtrlHelper.exe
ETDIntelligent C:\Program Files\Elantech\ETDIntelligent.exe
ETDService C:\Program Files\Elantech\ETDService.exe
explorer C:\Windows\Explorer.EXE
firefox C:\Program Files (x86)\Mozilla Firefox\firefox.exe
fmapp C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
GWX C:\Windows\system32\GWX\GWX.exe
HeciServer C:\Program Files\Intel\TXE Components\TCS\HeciServer
Idle
igfxCUIService C:\Windows\system32\igfxCUIService.exe
igfxEM C:\Windows\system32\igfxEM.exe
igfxHK C:\Windows\system32\igfxHK.exe
lsass C:\Windows\system32\lsass.exe
MsMpEng
NisSrv
powershell C:\Windows\System32\WindowsPowerShell\v1.0\powershel
PresentationFontCache C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\Presen
PWRISOVM C:\Program Files\PowerISO\PWRISOVM.EXE
Rainmeter C:\Program Files\Rainmeter\Rainmeter.exe
RuntimeBroker C:\Windows\System32\RuntimeBroker.exe
SASrv C:\Windows\SysWOW64\SAsrv.exe
SearchIndexer C:\Windows\system32\SearchIndexer.exe
services
SkyDrive C:\Windows\System32\skydrive.exe
smss
spoolsv C:\Windows\System32\spoolsv.exe
svchost C:\Windows\system32\svchost.exe
svchost C:\Windows\system32\svchost.exe
svchost C:\Windows\System32\svchost.exe
svchost C:\Windows\System32\svchost.exe
svchost C:\Windows\system32\svchost.exe
svchost C:\Windows\system32\svchost.exe
svchost C:\Windows\system32\svchost.exe
svchost C:\Windows\system32\svchost.exe
svchost C:\Windows\System32\svchost.exe
svchost C:\Windows\system32\svchost.exe
svchost C:\Windows\system32\svchost.exe
svchost C:\Windows\system32\svchost.exe
System
taskhostex C:\Windows\system32\taskhostex.exe
TeamViewer_Service C:\Program Files (x86)\TeamViewer\TeamViewer_Service
utility C:\Program Files (x86)\Lenovo\Energy Management\util
VfConnectorService C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConn
Viber C:\Users\Johnny\AppData\Local\Viber\Viber.exe
wcmmon C:\Program Files (x86)\WebcamMax\wcmmon.exe
wininit C:\Windows\system32\wininit.exe
winlogon C:\Windows\system32\winlogon.exe
wlanext C:\Windows\system32\WLANExt.exe
wuauclt C:\Windows\system32\wuauclt.exe
WUDFHost C:\Windows\System32\WUDFHost.exe
PS C:\Windows\system32> Netstat -anob
Active Connections
Proto Local Address Foreign Address State PID
TCP 0.0.0.0:135 0.0.0.0:0 LISTENING 804
RpcSs
[svchost.exe]
TCP 0.0.0.0:445 0.0.0.0:0 LISTENING 4
Can not obtain ownership information
TCP 0.0.0.0:1025 0.0.0.0:0 LISTENING 604
[wininit.exe]
TCP 0.0.0.0:1026 0.0.0.0:0 LISTENING 916
EventLog
[svchost.exe]
TCP 0.0.0.0:1027 0.0.0.0:0 LISTENING 968
Schedule
[svchost.exe]
TCP 0.0.0.0:1028 0.0.0.0:0 LISTENING 1372
[spoolsv.exe]
TCP 0.0.0.0:1029 0.0.0.0:0 LISTENING 708
[lsass.exe]
TCP 0.0.0.0:1031 0.0.0.0:0 LISTENING 700
Can not obtain ownership information
TCP 127.0.0.1:1245 127.0.0.1:1246 ESTABLISHED 4388
[Viber.exe]
TCP 127.0.0.1:1246 127.0.0.1:1245 ESTABLISHED 4388
[Viber.exe]
TCP 127.0.0.1:1247 127.0.0.1:1248 ESTABLISHED 4388
[Viber.exe]
TCP 127.0.0.1:1248 127.0.0.1:1247 ESTABLISHED 4388
[Viber.exe]
TCP 127.0.0.1:1249 127.0.0.1:1250 ESTABLISHED 4388
[Viber.exe]
TCP 127.0.0.1:1250 127.0.0.1:1249 ESTABLISHED 4388
[Viber.exe]
TCP 127.0.0.1:1251 127.0.0.1:1252 ESTABLISHED 4388
[Viber.exe]
TCP 127.0.0.1:1252 127.0.0.1:1251 ESTABLISHED 4388
[Viber.exe]
TCP 127.0.0.1:1253 127.0.0.1:1254 ESTABLISHED 4388
[Viber.exe]
TCP 127.0.0.1:1254 127.0.0.1:1253 ESTABLISHED 4388
[Viber.exe]
TCP 127.0.0.1:1994 127.0.0.1:1995 ESTABLISHED 4436
[firefox.exe]
TCP 127.0.0.1:1995 127.0.0.1:1994 ESTABLISHED 4436
[firefox.exe]
TCP 127.0.0.1:5939 0.0.0.0:0 LISTENING 1956
[TeamViewer_Service.exe]
TCP 127.0.0.1:30666 0.0.0.0:0 LISTENING 4388
[Viber.exe]
TCP 127.0.0.1:45112 0.0.0.0:0 LISTENING 4388
[Viber.exe]
TCP 192.168.0.12:139 0.0.0.0:0 LISTENING 4
Can not obtain ownership information
TCP 192.168.0.12:1037 157.56.124.150:443 ESTABLISHED 2400
[Explorer.EXE]
TCP 192.168.0.12:1992 52.0.253.148:443 ESTABLISHED 4388
[Viber.exe]
TCP 192.168.0.12:2019 52.34.46.156:443 ESTABLISHED 4436
[firefox.exe]
TCP 192.168.0.12:2419 74.125.24.189:443 ESTABLISHED 4436
[firefox.exe]
TCP [::]:135 [::]:0 LISTENING 804
RpcSs
[svchost.exe]
TCP [::]:445 [::]:0 LISTENING 4
Can not obtain ownership information
TCP [::]:1025 [::]:0 LISTENING 604
[wininit.exe]
TCP [::]:1026 [::]:0 LISTENING 916
EventLog
[svchost.exe]
TCP [::]:1027 [::]:0 LISTENING 968
Schedule
[svchost.exe]
TCP [::]:1028 [::]:0 LISTENING 1372
[spoolsv.exe]
TCP [::]:1029 [::]:0 LISTENING 708
[lsass.exe]
TCP [::]:1031 [::]:0 LISTENING 700
Can not obtain ownership information
UDP 0.0.0.0:500 *:* 968
IKEEXT
[svchost.exe]
UDP 0.0.0.0:4500 *:* 968
IKEEXT
[svchost.exe]
UDP 0.0.0.0:5355 *:* 1080
Dnscache
[svchost.exe]
UDP 0.0.0.0:49223 *:* 2516
[arcadetribe.exe]
UDP 0.0.0.0:52626 *:* 2516
[arcadetribe.exe]
UDP 0.0.0.0:52627 *:* 2516
[arcadetribe.exe]
UDP 0.0.0.0:60098 *:* 1956
[TeamViewer_Service.exe]
UDP 127.0.0.1:1900 *:* 2268
SSDPSRV
[svchost.exe]
UDP 127.0.0.1:53124 *:* 2268
SSDPSRV
[svchost.exe]
UDP 192.168.0.12:137 *:* 4
Can not obtain ownership information
UDP 192.168.0.12:138 *:* 4
Can not obtain ownership information
UDP 192.168.0.12:1900 *:* 2268
SSDPSRV
[svchost.exe]
UDP 192.168.0.12:5353 *:* 1956
[TeamViewer_Service.exe]
UDP [::]:500 *:* 968
IKEEXT
[svchost.exe]
UDP [::]:4500 *:* 968
IKEEXT
[svchost.exe]
UDP [::]:5355 *:* 1080
Dnscache
[svchost.exe]
UDP [::]:60099 *:* 1956
[TeamViewer_Service.exe]
UDP [::1]:1900 *:* 2268
SSDPSRV
[svchost.exe]
UDP [::1]:5353 *:* 1956
[TeamViewer_Service.exe]
UDP [::1]:53123 *:* 2268
SSDPSRV
[svchost.exe]
UDP [fe80::32:30a2:a69a:d158%4]:546 *:* 916
Dhcp
[svchost.exe]
UDP [fe80::31bb:c3c5:6a7d:5fba%5]:546 *:* 916
Dhcp
[svchost.exe]
UDP [fe80::31bb:c3c5:6a7d:5fba%5]:1900 *:* 2268
SSDPSRV
[svchost.exe]
PS C:\Windows\system32>