Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

I need testers, please!

Started by Machiavelli , Oct 27 2013 01:28 PM

This topic is locked

#1
Machiavelli

Posted 27 October 2013 - 01:28 PM

GeekU Moderator

GeekU Moderator
4,722 posts

Hello and welcome,
I've developed a little tool which lists at the moment only Processes and Services. Also the header can read out some information about the OS. (Architecture, system, ServicePack, etc.)

First, a ToDo List:

~~Processes~~
~~Services~~
~~Drivers~~
RegistrySection
FilesSection
FixSection
Expand the Whitelist
Design
Icon

Known Bugs:

~~Still some file path errors (under Services) - explanation to this will follow tomorrow (29.10.2013)~~
~~Too high Net.Framework (At the moment 4.5!)~~
~~Bug with listing Drivers~~
~~Another bug with listing drivers~~

Example Log (08.11.2013):

MVS - Machiavelli's Scanner - Version 1.0.0.1.
MVS Logfile created on: 28.11.2013 18:58:10 Logfile saved under = C:\Users\Machiavelli\Desktop\MVS.txt
Running from C:\Users\Machiavelli\Desktop\MVS.exe
SYSTEM => Microsoft Windows 8.1 64 bit 

=== Processes ===

C:\Users\Machiavelli\AppData\Local\Google\Chrome\Application\chrome.exe [ 9444 ]  (Google Inc.)
C:\Users\Machiavelli\AppData\Local\Google\Chrome\Application\chrome.exe [ 11608 ]  (Google Inc.)
C:\Users\Machiavelli\AppData\Local\Google\Chrome\Application\chrome.exe [ 8972 ]  (Google Inc.)
C:\WINDOWS\system32\taskhostex.exe [ 10804 ]  (Microsoft Corporation)
C:\Windows\System32\RuntimeBroker.exe [ 10212 ]  (Microsoft Corporation)
C:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\Packages\Debugger\X64\msvsmon.exe [ 12568 ]  (Microsoft Corporation)
C:\Users\Machiavelli\AppData\Local\Google\Chrome\Application\chrome.exe [ 6856 ]  (Google Inc.)
c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [ 8420 ]  (Microsoft Corporation)
C:\WINDOWS\system32\DllHost.exe [ 7432 ]  (Microsoft Corporation)
C:\Users\Machiavelli\AppData\Local\Google\Chrome\Application\chrome.exe [ 1664 ]  (Google Inc.)
C:\Users\Machiavelli\AppData\Local\Google\Chrome\Application\chrome.exe [ 6820 ]  (Google Inc.)
c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [ 10176 ]  (Microsoft Corporation)
C:\WINDOWS\system32\conhost.exe [ 6628 ]  (Microsoft Corporation)
C:\Users\Machiavelli\Desktop\MVS.exe [ 5640 ]  ()
C:\Program Files\AVAST Software\Avast\avastui.exe [ 5436 ]  (AVAST Software)
C:\Users\Machiavelli\AppData\Local\Google\Chrome\Application\chrome.exe [ 5832 ]  (Google Inc.)
C:\Users\Machiavelli\documents\visual studio 2012\Projects\MVS\MVS\bin\Debug\MVS.vshost.exe [ 8576 ]  (Microsoft Corporation)
C:\Users\Machiavelli\AppData\Local\Google\Chrome\Application\chrome.exe [ 9560 ]  (Google Inc.)
C:\Users\Machiavelli\AppData\Local\Google\Chrome\Application\chrome.exe [ 5812 ]  (Google Inc.)
C:\Program Files (x86)\Microsoft SDKs\Windows\v8.0A\bin\NETFX 4.0 Tools\MSBuildTaskHost.exe [ 10340 ]  (Microsoft Corporation)
C:\Program Files\Oracle\VirtualBox\VBoxSVC.exe [ 9548 ]  (Oracle Corporation)
C:\WINDOWS\Explorer.EXE [ 8168 ]  (Microsoft Corporation)
C:\Users\Machiavelli\AppData\Roaming\Dropbox\bin\Dropbox.exe [ 6392 ]  (Dropbox, Inc.)
C:\Program Files\Oracle\VirtualBox\VirtualBox.exe [ 10180 ]  (Oracle Corporation)
C:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\WDExpress.exe [ 14040 ]  (Microsoft Corporation)
C:\Program Files\Oracle\VirtualBox\VirtualBox.exe [ 10864 ]  (Oracle Corporation)
C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20315_x64__8wekyb3d8bbwe\LiveComm.exe [ 2112 ]  (Microsoft Corporation)
C:\Users\Machiavelli\AppData\Local\Google\Chrome\Application\chrome.exe [ 11832 ]  (Google Inc.)
C:\WINDOWS\syswow64\wwahost.exe [ 1384 ]  (Microsoft Corporation)

=== Services ===

SRV - [ AdobeFlashPlayerUpdateSvc | Adobe Flash Player Update Service | Stopped] - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe - [10.09.2013 14:45:42 | 257416 | (Adobe Systems Incorporated)]
SRV - [ AMD FUEL Service | AMD FUEL Service | Running] - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe /launchService => File not found!
SRV - [ avast! Antivirus | avast! Antivirus | Running] - C:\Program Files\AVAST Software\Avast\AvastSvc.exe - [01.11.2013 11:10:56 | 50344 | (AVAST Software)]
SRV - [ MBAMScheduler | MBAMScheduler | Running] - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe - [11.11.2013 19:10:48 | 418376 | (Malwarebytes Corporation)]
SRV - [ MBAMService | MBAMService | Stopped] - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe - [11.11.2013 19:10:48 | 701512 | (Malwarebytes Corporation)]
SRV - [ MozillaMaintenance | Mozilla Maintenance Service | Stopped] - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe - [28.10.2013 11:32:50 | 119408 | (Mozilla Foundation)]
SRV - [ Steam Client Service | Steam Client Service | Stopped] - C:\Program Files (x86)\Common Files\Steam\SteamService.exe - [18.07.2013 08:00:01 | 566696 | (Valve Corporation)]
SRV - [ VsEtwService120 | Visual Studio ETW-Ereignisauflistungsdienst | Stopped] - C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe - [05.10.2013 00:58:24 | 87728 | (Microsoft Corporation)]
SRV - [ WinDefend | Windows Defender-Dienst | Stopped] - C:\Program Files\Windows Defender\MsMpEng.exe - [22.08.2013 13:30:34 | 23840 | (Microsoft Corporation)]

=== Drivers ===

DRV - [ aswFsBlk | 2 | 38984] - C:\WINDOWS\system32\drivers\aswFsBlk.sys (AVAST Software)
DRV - [ aswMonFlt | 2 | 84328] - C:\WINDOWS\system32\drivers\aswMonFlt.sys (AVAST Software)
DRV - [ aswRdr | 1 | 92544] - C:\WINDOWS\system32\drivers\aswRdr2.sys (AVAST Software)
DRV - [ aswSnx | 1 | 1032416] - C:\WINDOWS\system32\drivers\aswSnx.sys (AVAST Software)
DRV - [ aswSP | 1 | 409832] - C:\WINDOWS\system32\drivers\aswSP.sys (AVAST Software)
DRV - [ MBAMProtector | 3 | 25928] - C:\WINDOWS\system32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - [ speedfan | 2 | 28664] - C:\WINDOWS\SysWOW64\speedfan.sys (Almico Software)
DRV - [ VBoxDrv | 1 | 252688] - C:\Windows\system32\DRIVERS\VBoxDrv.sys (Oracle Corporation)
DRV - [ VBoxNetAdp | 3 | 140560] - C:\Windows\system32\DRIVERS\VBoxNetAdp.sys (Oracle Corporation)
DRV - [ VBoxNetFlt | 3 | 154896] - C:\Windows\system32\DRIVERS\VBoxNetFlt.sys (Oracle Corporation)
DRV - [ VBoxUSBMon | 1 | 126736] - C:\Windows\system32\DRIVERS\VBoxUSBMon.sys (Oracle Corporation)
DRV - [ aswMBR | 3 |  File not found ] - C:\Users\MACHIA~1\AppData\Local\Temp\aswMBR.sys

Instructions:

Start the program as Administrator
Click on the button Scan
Wait a while
A log is produced in the same location where the exe file is saved
Please post that log

Changelog:

Version 1.0.0.
- Tool lists Processes and Services

Version 1.0.0.1
- Tool lists Drivers
- Fixed a bug (if the file doesn't exist a error message pop up)
- Another bug (Didn't list all drivers)
- Fixed a formatting issues with the drivers

Attached Files

MVSNew.zip 19.61KB 518 downloads

Edited by Machiavelli, 28 November 2013 - 11:59 AM.

#2
zep516

Posted 27 October 2013 - 01:37 PM

Trusted Helper

Malware Removal
8,093 posts

Ran from Windows 7 32 bit home premium

=== Services/Drivers ===

(AdobeFlashPlayerUpdateSvc) - Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Flash Player Update Service)
(aic78xx) - SystemRoot\system32\DRIVERS\djsvs.sys ()
(aliide) - SystemRoot\system32\drivers\aliide.sys ()
(amdagp) - SystemRoot\system32\drivers\amdagp.sys (AMD AGP Bus Filter Driver)
(amdide) - SystemRoot\system32\drivers\amdide.sys ()
(amdiox86) - system32\DRIVERS\amdiox86.sys (AMD IO Driver)
(AODDriver4.01) - Program Files\ATI Technologies\ATI.ACE\Fuel\i386\AODDriver2.sys (AODDriver4.01)
(AODDriver4.2) - Program Files\ATI Technologies\ATI.ACE\Fuel\i386\AODDriver2.sys (AODDriver4.2)
(Apple Mobile Device) - "C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe" (Apple Mobile Device)
(AppMgmt) - Windows\system32\svchost.exe -k netsvcs ()
(atikmdag) - SystemRoot\system32\drivers\atikmdag.sys ()
(b57nd60x) - system32\DRIVERS\b57nd60x.sys (Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0)
(blbdrive) - system32\DRIVERS\blbdrive.sys ()
(Bonjour Service) - "C:\Program Files\Bonjour\mDNSResponder.exe" (Bonjour Service)
(BrFiltLo) - SystemRoot\system32\DRIVERS\BrFiltLo.sys (Brother USB Mass-Storage Lower Filter Driver)
(BrFiltUp) - SystemRoot\system32\DRIVERS\BrFiltUp.sys (Brother USB Mass-Storage Upper Filter Driver)
(BridgeMP) - system32\DRIVERS\bridge.sys (@%SystemRoot%\system32\bridgeres.dll,-1)
(BrSerIb) - system32\DRIVERS\BrSerIb.sys (Brother Serial Interface Driver(WDM))
(Brserid) - system32\DRIVERS\BrSerId.sys (Brother MFC Serial Port Interface Driver (WDM))
(BrSerWdm) - SystemRoot\System32\Drivers\BrSerWdm.sys (Brother WDM Serial driver)
(BrUsbMdm) - SystemRoot\System32\Drivers\BrUsbMdm.sys (Brother MFC USB Fax Only Modem)
(BrUsbSer) - system32\DRIVERS\BrUsbSer.sys (Brother MFC USB Serial WDM Driver)
(BrUsbSIb) - system32\DRIVERS\BrUsbSIb.sys (Brother Serial USB Driver(WDM))
(BrYNSvc) - "C:\Program Files\Browny02\BrYNSvc.exe" (BrYNSvc)
(catchme) - Users\JOE\AppData\Local\Temp\catchme.sys ()
(clr_optimization_v2.0.50727_32) - Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft .NET Framework NGEN v2.0.50727_X86)
(clr_optimization_v4.0.30319_32) - Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft .NET Framework NGEN v4.0.30319_X86)
(cmdide) - SystemRoot\system32\drivers\cmdide.sys ()
(Compbatt) - SystemRoot\system32\DRIVERS\compbatt.sys ()
(crcdisk) - SystemRoot\system32\DRIVERS\crcdisk.sys (Crcdisk Filter Driver)
(DfsC) - System32\Drivers\dfsc.sys (@%systemroot%\system32\drivers\dfsc.sys,-101)
(Disk) - system32\DRIVERS\disk.sys (Disk Driver)
(EapHost) - Windows\System32\svchost.exe -k netsvcs (@%systemroot%\system32\eapsvc.dll,-1)
(ehRecvr) - Windows\ehome\ehRecvr.exe (@%SystemRoot%\ehome\ehrecvr.exe,-101)
(ehSched) - Windows\ehome\ehsched.exe (@%SystemRoot%\ehome\ehsched.exe,-101)
(elxstor) - SystemRoot\system32\DRIVERS\elxstor.sys ()
(eventlog) - Windows\System32\svchost.exe -k LocalServiceNetworkRestricted (@%SystemRoot%\system32\wevtsvc.dll,-200)
(GEARAspiWDM) - system32\DRIVERS\GEARAspiWDM.sys (GEAR ASPI Filter Driver)
(hcw85cir) - SystemRoot\system32\drivers\hcw85cir.sys (Hauppauge Consumer Infrared Receiver)
(idsvc) - "C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe" (@%systemroot%\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll,-8193)
(IPBusEnum) - Windows\system32\svchost.exe -k LocalSystemNetworkRestricted (@%systemroot%\system32\IPBusEnum.dll,-102)
(iPod Service) - "C:\Program Files\iPod\bin\iPodService.exe" (iPod Service)
(LSI_FC) - SystemRoot\system32\DRIVERS\lsi_fc.sys ()
(MBAMSwissArmy) - Windows\system32\drivers\mbamswissarmy.sys ()
(Mcx2Svc) - Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation (@%SystemRoot%\ehome\ehres.dll,-15501)
(MozillaMaintenance) - "C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe" (Mozilla Maintenance Service)
(MpFilter) - system32\DRIVERS\MpFilter.sys (Microsoft Malware Protection Driver)
(mpio) - SystemRoot\system32\drivers\mpio.sys (Microsoft Multi-Path Bus Driver)
(msahci) - SystemRoot\system32\drivers\msahci.sys ()
(msdsm) - SystemRoot\system32\drivers\msdsm.sys (Microsoft Multi-Path Device Specific Module)
(MsMpSvc) - "c:\Program Files\Microsoft Security Client\MsMpEng.exe" (Microsoft Antimalware Service)
(NetMsmqActivator) - "C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe" -NetMsmqActivator (@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195)
(NetPipeActivator) - Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197)
(netr73) - system32\DRIVERS\netr73.sys (Netopia RT73 Wireless Driver for Vista)
(NetTcpActivator) - Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199)
(NisDrv) - system32\DRIVERS\NisDrvWFP.sys (Microsoft Network Inspection System)
(NisSrv) - "c:\Program Files\Microsoft Security Client\NisSrv.exe" (@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243)
(ohci1394) - SystemRoot\system32\drivers\ohci1394.sys (1394 OHCI Compliant Host Controller (Legacy))
(Parvdm) - system32\DRIVERS\parvdm.sys ()
(ProtectedStorage) - Windows\system32\lsass.exe (@%systemroot%\system32\psbase.dll,-300)
(ql2300) - SystemRoot\system32\DRIVERS\ql2300.sys ()
(ql40xx) - SystemRoot\system32\DRIVERS\ql40xx.sys ()
(RDPCDD) - System32\DRIVERS\RDPCDD.sys (@%systemroot%\system32\DRIVERS\RDPCDD.sys,-100)
(RDPENCDD) - system32\drivers\rdpencdd.sys (@%systemroot%\system32\drivers\RDPENCDD.sys,-101)
(RDPREFMP) - system32\drivers\rdprefmp.sys (@%systemroot%\system32\drivers\RdpRefMp.sys,-101)
(ROOTMODEM) - System32\Drivers\RootMdm.sys (Microsoft Legacy Modem Driver)
(RTL8167) - system32\DRIVERS\Rt86win7.sys (Realtek 8167 NT Driver)
(sffdisk) - SystemRoot\system32\drivers\sffdisk.sys (SFF Storage Class Driver)
(sffp_mmc) - SystemRoot\system32\drivers\sffp_mmc.sys (SFF Storage Protocol Driver for MMC)
(sffp_sd) - SystemRoot\system32\drivers\sffp_sd.sys (SFF Storage Protocol Driver for SDBus)
(sisagp) - SystemRoot\system32\drivers\sisagp.sys (SIS AGP Bus Filter)
(Smb) - system32\DRIVERS\smb.sys (@%SystemRoot%\system32\tcpipcfg.dll,-50005)
(sppuinotify) - Windows\system32\svchost.exe -k LocalService (@%SystemRoot%\system32\sppuinotify.dll,-103)
(SrvHsfPCI) - system32\DRIVERS\VSTBS23.SYS ()
(SrvHsfV92) - system32\DRIVERS\VSTDPV3.SYS ()
(SrvHsfWinac) - system32\DRIVERS\VSTCNXT3.SYS ()
(sscdbus) - system32\DRIVERS\sscdbus.sys (SAMSUNG USB Composite Device driver (WDM))
(sscdmdfl) - system32\DRIVERS\sscdmdfl.sys (SAMSUNG Mobile Modem Filter)
(sscdmdm) - system32\DRIVERS\sscdmdm.sys (SAMSUNG Mobile Modem Drivers)
(sscdserd) - system32\DRIVERS\sscdserd.sys (SAMSUNG Mobile Modem Diagnostic Serial Port (WDM))
(StiSvc) - Windows\system32\svchost.exe -k imgsvc (@%SystemRoot%\system32\wiaservc.dll,-9)
(TBS) - Windows\System32\svchost.exe -k LocalServiceAndNoImpersonation (@%SystemRoot%\system32\tbssvc.dll,-100)
(TDPIPE) - system32\drivers\tdpipe.sys (TDPIPE)
(TDTCP) - system32\drivers\tdtcp.sys (TDTCP)
(TermDD) - SystemRoot\system32\drivers\termdd.sys (Terminal Device Driver)
(tssecsrv) - System32\DRIVERS\tssecsrv.sys (@%SystemRoot%\System32\DRIVERS\tssecsrv.sys,-101)
(usbscan) - system32\DRIVERS\usbscan.sys (USB Scanner Driver)
(UxSms) - Windows\System32\svchost.exe -k LocalSystemNetworkRestricted (@%SystemRoot%\system32\dwm.exe,-2000)
(vga) - system32\DRIVERS\vgapnp.sys ()
(VgaSave) - SystemRoot\System32\drivers\vga.sys ()
(viaagp) - SystemRoot\system32\drivers\viaagp.sys (VIA AGP Bus Filter)
(ViaC7) - SystemRoot\system32\DRIVERS\viac7.sys (VIA C7 Processor Driver)
(VSTHWBS2) - system32\DRIVERS\VSTBS23.SYS ()
(VST_DPV) - system32\DRIVERS\VSTDPV3.SYS ()
(WANARP) - system32\DRIVERS\wanarp.sys (@%systemroot%\system32\rascfg.dll,-32011)
(WatAdminSvc) - Windows\system32\Wat\WatAdminSvc.exe (@%SystemRoot%\system32\Wat\WatUX.exe,-601)
(WfpLwf) - system32\DRIVERS\wfplwf.sys (WFP Lightweight Filter)
(winachsf) - system32\DRIVERS\VSTCNXT3.SYS ()
(Wlansvc) - Windows\system32\svchost.exe -k LocalSystemNetworkRestricted (@%SystemRoot%\System32\wlansvc.dll,-257)

#3
Machiavelli

Posted 27 October 2013 - 02:29 PM

GeekU Moderator

Topic Starter
GeekU Moderator
4,722 posts

Updated

In my first post there is a new Attachment - it would be nice if you could try again

#4
zep516

Posted 27 October 2013 - 02:33 PM

Trusted Helper

Malware Removal
8,093 posts

Here you go...

=== Services/Drivers ===

(AdobeFlashPlayerUpdateSvc) - Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Flash Player Update Service)
(Apple Mobile Device) - "C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe" (Apple Mobile Device)
(Bonjour Service) - "C:\Program Files\Bonjour\mDNSResponder.exe" (Bonjour Service)
(ehRecvr) - Windows\ehome\ehRecvr.exe (@%SystemRoot%\ehome\ehrecvr.exe,-101)
(ehSched) - Windows\ehome\ehsched.exe (@%SystemRoot%\ehome\ehsched.exe,-101)
(elxstor) - SystemRoot\system32\DRIVERS\elxstor.sys ()
(iPod Service) - "C:\Program Files\iPod\bin\iPodService.exe" (iPod Service)
(MBAMSwissArmy) - Windows\system32\drivers\mbamswissarmy.sys ()
(MozillaMaintenance) - "C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe" (Mozilla Maintenance Service)
(MsMpSvc) - "c:\Program Files\Microsoft Security Client\MsMpEng.exe" (Microsoft Antimalware Service)

#5
Machiavelli

Posted 27 October 2013 - 02:35 PM

GeekU Moderator

Topic Starter
GeekU Moderator
4,722 posts

So many thanks to you - you really helped me

#6
zep516

Posted 27 October 2013 - 02:51 PM

Trusted Helper

Malware Removal
8,093 posts

Just make sure my name gets listed on the developer / Tester, in the product development section ...

Joe

#7
Nutloaf

Posted 27 October 2013 - 03:25 PM

Trusted Helper

Malware Removal
1,790 posts

Here's me. Windows 7 64bit.

=== Services/Drivers ===

(A2DDA) - Users\Nutloaf\Desktop\Run\a2ddax64.sys (A2 Direct Disk Access Support Driver)
(AdobeARMservice) - "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe" (Adobe Acrobat Update Service)
(AdobeFlashPlayerUpdateSvc) - Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Flash Player Update Service)
(Apple Mobile Device) - "C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe" (Apple Mobile Device)
(aswFsBlk) - Windows\system32\drivers\aswFsBlk.sys (aswFsBlk)
(aswMonFlt) - Windows\system32\drivers\aswMonFlt.sys (aswMonFlt)
(aswRdr) - Windows\system32\drivers\aswRdr2.sys (aswRdr)
(aswSnx) - Windows\system32\drivers\aswSnx.sys (aswSnx)
(aswSP) - Windows\system32\drivers\aswSP.sys (aswSP)
(aswTdi) - Windows\system32\drivers\aswTdi.sys (aswTdi)
(AudioSrv) - Windows\System32\svchost.exe -k LocalServiceNetworkRestricted (@%SystemRoot%\system32\audiosrv.dll,-200)
(avast! Antivirus) - "C:\Program Files\AVAST Software\Avast\AvastSvc.exe" (avast! Antivirus)
(b57nd60a) - system32\DRIVERS\b57nd60a.sys (Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0)
(Bonjour Service) - "C:\Program Files\Bonjour\mDNSResponder.exe" (Bonjour Service)
(clr_optimization_v2.0.50727_64) - Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe (Microsoft .NET Framework NGEN v2.0.50727_X64)
(clr_optimization_v4.0.30319_64) - Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe (Microsoft .NET Framework NGEN v4.0.30319_X64)
(Creative Audio Engine Licensing Service) - "C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe" (Creative Audio Engine Licensing Service)
(Dot4) - system32\DRIVERS\Dot4.sys (MS IEEE-1284.4 Driver)
(Dot4Print) - SystemRoot\system32\drivers\Dot4Prt.sys (Print Class Driver for IEEE-1284.4)
(dot4usb) - system32\DRIVERS\dot4usb.sys (MS Dot4USB Filter Dot4USB Filter)
(e1yexpress) - system32\DRIVERS\e1y62x64.sys (Intel® Gigabit Network Connections Driver)
(ehRecvr) - Windows\ehome\ehRecvr.exe (@%SystemRoot%\ehome\ehrecvr.exe,-101)
(ehSched) - Windows\ehome\ehsched.exe (@%SystemRoot%\ehome\ehsched.exe,-101)
(elxstor) - SystemRoot\system32\DRIVERS\elxstor.sys ()
(ggflt) - system32\DRIVERS\ggflt.sys (SEMC USB Flash Driver Filter)
(ggsemc) - system32\DRIVERS\ggsemc.sys (SEMC USB Flash Driver)
(gupdate) - "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc (Google Update Service (gupdate))
(gupdatem) - "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc (Google Update Service (gupdatem))
(HECIx64) - system32\DRIVERS\HECIx64.sys (Intel® Management Engine Interface)
(hpqcxs08) - Windows\system32\svchost.exe -k hpdevmgmt (hpqcxs08)
(Intel® PROSet Monitoring Service) - Windows\system32\IProsetMonitor.exe (Intel® PROSet Monitoring Service)
(iPod Service) - "C:\Program Files\iPod\bin\iPodService.exe" (iPod Service)
(LMS) - Program Files (x86)\Intel\AMT\LMS.exe (Intel® Management and Security Application Local Management Service)
(Net Driver HPZ12) - Windows\System32\svchost.exe -k HPZ12 ()
(nvlddmkm) - system32\DRIVERS\nvlddmkm.sys ()
(nvsvc) - "C:\Windows\system32\nvvsvc.exe" (NVIDIA Display Driver Service)
(P17) - system32\drivers\P17.sys (SB Audigy)
(Pml Driver HPZ12) - Windows\System32\svchost.exe -k HPZ12 ()
(RimUsb) - System32\Drivers\RimUsb_AMD64.sys (BlackBerry Smartphone)
(SbieDrv) - Program Files\Sandboxie\SbieDrv.sys (SbieDrv)
(SbieSvc) - "C:\Program Files\Sandboxie\SbieSvc.exe" (Sandboxie Service)
(Sony PC Companion) - "C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe" (Sony PC Companion)
(sptd) - System32\Drivers\sptd.sys ()
(tvnserver) - "C:\Users\Nutloaf\AppData\Local\CrossLoop\tvnserver.exe" -service (TightVNC Server)
(UNS) - Program Files (x86)\Common Files\Intel\Privacy Icon\UNS\UNS.exe (Intel® Management and Security Application User Notification Service)
(USBAAPL64) - System32\Drivers\usbaapl64.sys (Apple Mobile USB Driver)
(wanatw) - system32\DRIVERS\wanatw64.sys (WAN Miniport (ATW))

#8
Machiavelli

Posted 28 October 2013 - 04:43 AM

GeekU Moderator

Topic Starter
GeekU Moderator
4,722 posts

Updated 28.10.2013 ~ Please download the new attachment in the first post and try again

#9
Machiavelli

Posted 28 October 2013 - 07:27 AM

GeekU Moderator

Topic Starter
GeekU Moderator
4,722 posts

A new update! Maybe the path problem is now fixed

#10
Machiavelli

Posted 28 October 2013 - 09:41 AM

GeekU Moderator

Topic Starter
GeekU Moderator
4,722 posts

New version released.

New Syntax:

SRV - [ SERVICENAME | DISPLAYNAME | STATUS] - FILENAME [CREATION DATE | FILE SIZE | (COMPANY NAME)]

New Attachement in first post! PLEASE test it

#11
Nutloaf

Posted 28 October 2013 - 05:18 PM

Trusted Helper

Malware Removal
1,790 posts

Here we go

#12
zep516

Posted 28 October 2013 - 05:22 PM

Trusted Helper

Malware Removal
8,093 posts

#13
Machiavelli

Posted 29 October 2013 - 05:23 AM

GeekU Moderator

Topic Starter
GeekU Moderator
4,722 posts

Thanks! I will try to fix some problems.

#14
Machiavelli

Posted 29 October 2013 - 03:30 PM

GeekU Moderator

Topic Starter
GeekU Moderator
4,722 posts

Now the little beta of the big program is coming.

Example Log:

MVS - Machiavelli's Scanner - Version 1.0.0.0
MVS Logfile created on: 29.10.2013 22:26:02 Logfile saved under = C:\Users\Machiavelli\documents\visual studio 2012\Projects\MVS\MVS\bin\Debug\MVS.txt
Running from C:\Users\Machiavelli\documents\visual studio 2012\Projects\MVS\MVS\bin\Debug\MVS.exe
SYSTEM => Microsoft Windows 8.1 64 bit

=== Processes ===

C:\Users\Machiavelli\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.)
C:\Users\Machiavelli\documents\visual studio 2012\Projects\MVS\MVS\bin\Debug\MVS.vshost.exe (Microsoft Corporation)
c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe (Microsoft Corporation)
C:\Users\Machiavelli\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.)
C:\Program Files (x86)\Origin\Origin.exe (Electronic Arts)
C:\Program Files (x86)\Internet Explorer\IELowutil.exe (Microsoft Corporation)
C:\WINDOWS\SysWOW64\DllHost.exe (Microsoft Corporation)
C:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\Packages\Debugger\X64\msvsmon.exe (Microsoft Corporation)
C:\Users\Machiavelli\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.)
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\MSBuild.exe (Microsoft Corporation)
C:\Users\Machiavelli\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.)
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (Advanced Micro Devices Inc.)
C:\Users\Machiavelli\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.)
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe (Hewlett-Packard)
C:\Users\Machiavelli\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.)
C:\Users\Machiavelli\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.)
C:\Users\Machiavelli\Downloads\HoldOn.exe (darkness unlimited)
C:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\WDExpress.exe (Microsoft Corporation)
c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe (Microsoft Corporation)
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (ATI Technologies Inc.)
C:\WINDOWS\system32\taskhostex.exe (Microsoft Corporation)
C:\Program Files\WindowsApps\Microsoft.Reader_6.3.9600.16422_x64__8wekyb3d8bbwe\glcnd.exe (Microsoft Corporation)
C:\WINDOWS\Explorer.EXE (Microsoft Corporation)
C:\WINDOWS\syswow64\wwahost.exe (Microsoft Corporation)
C:\WINDOWS\system32\conhost.exe (Microsoft Corporation)
C:\Windows\System32\RuntimeBroker.exe (Microsoft Corporation)


=== Services ===

SRV - [ AdobeFlashPlayerUpdateSvc | Adobe Flash Player Update Service | Stopped] - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe - [10.09.2013 14:45:42 | 257416 | (Adobe Systems Incorporated)]
SRV - [ Steam Client Service | Steam Client Service | Stopped] - C:\Program Files (x86)\Common Files\Steam\SteamService.exe" /RunAsService - [CTF | FSF | ()]
SRV - [ MozillaMaintenance | Mozilla Maintenance Service | Stopped] - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe - [28.10.2013 11:32:50 | 118680 | (Mozilla Foundation)]
SRV - [ PnkBstrA | PnkBstrA | Running] - C:\WINDOWS\system32\PnkBstrA.exe - [01.01.1601 01:00:00 | FSF | ()]

Please give it a try

Instructions:

Start the program as Administrator
Click on the button Scan
Wait a while
A log is produced in the same location where the exe file is saved
Please post that log

Thanks!

Edited by Machiavelli, 29 October 2013 - 03:33 PM.

#15
zep516

Posted 29 October 2013 - 03:35 PM

Trusted Helper

Malware Removal
8,093 posts

MVS - Machiavelli's Scanner - Version 1.0.0.0
MVS Logfile created on: 10/29/2013 5:33:32 PM Logfile saved under = C:\Users\JOE\Desktop\MVS\MVS.txt
Running from C:\Users\JOE\Desktop\MVS\MVS.exe
SYSTEM => Microsoft Windows 7 Home Premium 32 bitService Pack 1

=== Processes ===

C:\Program Files\iTunes\iTunes.exe (Apple Inc.)
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe (Apple Inc.)
C:\Program Files\NetworkIndicator.exe (ITSamples.com)
C:\Users\JOE\Desktop\MVS\MVS.exe ()
C:\Windows\system32\taskhost.exe (Microsoft Corporation)
C:\Windows\system32\Dwm.exe (Microsoft Corporation)
C:\Windows\system32\conhost.exe (Microsoft Corporation)
C:\Windows\system32\conhost.exe (Microsoft Corporation)
C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
C:\Windows\Explorer.EXE (Microsoft Corporation)
C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
C:\Program Files\Common Files\Apple\Apple Application Support\distnoted.exe (Apple Inc.)
C:\Program Files\Start Menu 7\StartMenu7.exe (OrdinarySoft)

=== Services ===

SRV - [ AdobeFlashPlayerUpdateSvc | Adobe Flash Player Update Service | Stopped] - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe - [3/29/2012 7:55:06 AM | 257416 | (Adobe Systems Incorporated)]
SRV - [ Apple Mobile Device | Apple Mobile Device | Stopped] - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe - [12/21/2012 4:27:46 PM | 57008 | (Apple Inc.)]
SRV - [ Bonjour Service | Bonjour Service | Stopped] - C:\Program Files\Bonjour\mDNSResponder.exe - [8/30/2011 11:05:02 PM | 390504 | (Apple Inc.)]
SRV - [ ehRecvr | Windows Media Center Receiver Service | Stopped] - C:\Windows\ehome\ehRecvr.exe - [4/13/2011 4:26:58 PM | 556544 | (Microsoft Corporation)]
SRV - [ ehSched | Windows Media Center Scheduler Service | Stopped] - C:\Windows\ehome\ehsched.exe - [7/13/2009 8:09:49 PM | 94720 | (Microsoft Corporation)]
SRV - [ iPod Service | iPod Service | Running] - C:\Program Files\iPod\bin\iPodService.exe - [2/20/2013 12:35:06 PM | 553288 | (Apple Inc.)]
SRV - [ MozillaMaintenance | Mozilla Maintenance Service | Stopped] - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe - [4/24/2012 10:02:19 PM | 118680 | (Mozilla Foundation)]
SRV - [ MsMpSvc | Microsoft Antimalware Service | Running] - c:\Program Files\Microsoft Security Client\MsMpEng.exe - [8/12/2013 10:12:38 AM | 22208 | (Microsoft Corporation)]