21/06/2018 22:51:26,01
* * * H E L L O from jcgriff2 * * *
* * * H E L L O from jcgriff2 * * *
* * * H E L L O from jcgriff2 * * *
username Palutena
Windows OS Windows_NT
Computer Name PALUTENA
PC Brand
Processor Architecture AMD64
Processor Intel64 Family 6 Model 94 Stepping 3, GenuineIntel
Number of Proc's 8
----------- We will begin in 5 seconds . . . .
Copying mini-kernel dump files . . .
Copying mini-kernel dump files . . . D O N E
Running WHOAMI command . . .
Running WHOAMI command . . . D O N E
--
21/06/2018 22:51:31,59
Starting Separate subtasks
Running msinfo32 - saving as NFO file
Begin DirectX Kernel Diagnostics Report . . .
21/06/2018 22:51:31,79
Starting Driver Queries
Running Driver Query . . . driverquery - verbose output
program 1 of 3 . . . executing
---
Running Driver Query . . . driverquery - Signed Drivers
program 2 of 3 . . . executing
---
Running Driver Query . . . driverquery - List Format
program 3 of 3 . . . executing
---
21/06/2018 22:51:32,12
Driver Queries Running
21/06/2018 22:51:32,15
Dumping Event Viewer Application Log . . . 50,000 records
21/06/2018 22:51:32,28
Dumping Event Viewer System Log . . . 50,000 records
21/06/2018 22:51:32,42
Running TRACERT and IPCONFIG . . . .
21/06/2018 22:51:32,54
Running TRACERT . . . D O N E
Running IPCONFIG . . .
Running IPCONFIG . . . D O N E
Running systeminfo report . . .
21/06/2018 22:51:33,47 Export current variables
21/06/2018 22:51:33,61
Starting process to search for Drivers . . .
-
-
21/06/2018 22:51:33,82 Running NETSH Commands
21/06/2018 22:51:33,85
Gathering Network Information . . .
21/06/2018 22:51:35,29
Gathering Network Statistics, please wait as this may take a moment!
21/06/2018 22:51:52,17
Gathering Network Information . . . D O N E
21/06/2018 22:51:52,19
Obtaining Windows Error Reporting information . . .
21/06/2018 22:51:52,33
Obtaining Windows Error Reporting information . . . D O N E
21/06/2018 22:51:52,35
Running Windows Management Instrumentation -
"Recoveros" and Page File . . .
AllocatedBaseSize=16384
Caption=C:\pagefile.sys
CurrentUsage=0
Description=C:\pagefile.sys
InstallDate=20160909182111.792517-180
Name=C:\pagefile.sys
PeakUsage=0
Status=
TempPageFile=FALSE
Nenhuma instância disponível.
21/06/2018 22:51:53,45
"Recoveros" and Page File . . . D O N E
Listing running Tasks . . . EXECUTING . . . Please Wait . . .
21/06/2018 22:51:55,34
Running executing Tasks Listing . . . D O N E
21/06/2018 22:51:55,41
Downloading and executing autorunsc.exe. . .
Sysinternals Autoruns v13.82 - Autostart program viewer
Copyright (C) 2002-2018 Mark Russinovich
Sysinternals -
www.sysinternals.com
Autorunsc shows programs configured to autostart during boot.
Usage: autorunsc [-a <*|bdeghiklmoprsw>] [-c|-ct] [-h] [-m] [-s] [-u] [-vt] [-o <output file>] [[-z <systemroot> <userprofile>] | [user]]]
-a Autostart entry selection:
* All.
b Boot execute.
c Codecs.
d Appinit DLLs.
e Explorer addons.
g Sidebar gadgets (Vista and higher)
h Image hijacks.
i Internet Explorer addons.
k Known DLLs.
l Logon startups (this is the default).
m WMI entries.
n Winsock protocol and network providers.
o Office addins.
p Printer monitor DLLs.
r LSA security providers.
s Autostart services and non-disabled drivers.
t Scheduled tasks.
w Winlogon entries.
-c Print output as CSV.
-ct Print output as tab-delimited values.
-h Show file hashes.
-m Hide Microsoft entries (signed entries if used with -s).
-o Write output to the specified file.
-s Verify digital signatures.
-t Show timestamps in normalized UTC (YYYYMMDD-hhmmss).
-u If VirusTotal check is enabled, show files that are unknown
by VirusTotal or have non-zero detection, otherwise show only
unsigned files.
-x Print output as XML.
-v[rs] Query VirusTotal (
www.virustotal.com) for malware based on file hash.
Add 'r' to open reports for files with non-zero detection. Files
reported as not previously scanned will be uploaded to VirusTotal
if the 's' option is specified. Note scan results may not be
available for five or more minutes.
-vt Before using VirusTotal features, you must accept
VirusTotal terms of service. See:
Terms of Service – VirusTotal
If you haven't accepted the terms and you omit this
option, you will be interactively prompted.
-z Specifies the offline Windows system to scan.
user Specifies the name of the user account for which
autorun items will be shown. Specify '*' to scan
all user profiles.
-nobanner
Do not display the startup banner and copyright message.
21/06/2018 22:52:00,86
Autoruns. . . D O N E
Waiting for SystemInfo
Waiting for SystemInfo
Waiting for SystemInfo
Waiting for SystemInfo
Waiting for SystemInfo
Waiting for SystemInfo
Waiting for SystemInfo
Waiting for SystemInfo
Waiting for SystemInfo
Waiting for SystemInfo
Waiting for SystemInfo
Waiting for SystemInfo
Waiting for SystemInfo
Waiting for SystemInfo
Waiting for SystemInfo
Waiting for SystemInfo
Waiting for SystemInfo
Waiting for SystemInfo
Waiting for SystemInfo
Waiting for SystemInfo
Waiting for SystemInfo
Waiting for SystemInfo
Waiting for SystemInfo
Waiting for SystemInfo
Waiting for SystemInfo
Waiting for SystemInfo
Waiting for SystemInfo
Waiting for SystemInfo
Waiting for SystemInfo
Waiting for SystemInfo
Waiting for SystemInfo
Waiting for SystemInfo
Waiting for SystemInfo
Waiting for SystemInfo
Waiting for SystemInfo
Waiting for SystemInfo
Waiting for SystemInfo
Waiting for SystemInfo
Waiting for SystemInfo
Waiting for SystemInfo
Waiting for SystemInfo
Waiting for SystemInfo
Waiting for SystemInfo
Waiting for SystemInfo
Waiting for SystemInfo
Waiting for SystemInfo
Waiting for SystemInfo
Waiting for SystemInfo
Waiting for SystemInfo
Waiting for SystemInfo
Waiting for SystemInfo
Waiting for SystemInfo
Waiting for SystemInfo
Waiting for SystemInfo
Waiting for SystemInfo
Waiting for SystemInfo
Waiting for SystemInfo
Waiting for SystemInfo
Waiting for SystemInfo
Waiting for SystemInfo
Waiting for SystemInfo
Waiting for SystemInfo
Waiting for SystemInfo
Waiting for SystemInfo