Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected Vista asking for my computer's serial key.


  • Please log in to reply
10 replies to this topic

#1 Flyingshark

Flyingshark

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:08:42 PM

Posted 09 October 2016 - 10:59 AM

Hello, I'm new here and I really need some help. My OS is Vista Home Premium. I don't have an anti-virus, just malware bytes and windows defender.

 

Yesterday I tried to run an application I downloaded (scanned it with malware bytes first and got nothing) but instead of an error (I didn't let it download fully because I changed my mind and I was going to delete it), a command window opened for a moment and closed. I did it again with the same result. I didn't think much of it so I tried to delete the file but I couldn't since it "was being used by another process". I thought it was just vista being vista so I restarted windows and tried again but I got the same error. I wanted to do a system restore but there were no restore points!

 

I spent most of my day uploading my most important files while scanning my computer with m.bytes (got nothing)  and googling for clues (all those in safe-mode to avoid further mess). I googled the exe's name with "virus" and I found a few Indonesian blogs about hacking with batch files (still nothing I can do). I can find them again if needed.

 

Today I started my computer in normal mode and it's asking me for my computer's serial key (I actually started typing it but stopped so I dodged that bullet). I can still use my computer (I have it disconnected from the internet, just in case) so I was looking at the task manager while browsing with this laptop the rootkit list. I couldn't do much since this laptop seems to have some issues on it's own but I did find RasMan, the list says it's a keylogging backdoor Trojan.

I also checked for recent modified files and today I found a bunch of useless ones in appdata, in the roaming folder I think. One of the files created had the name "croxx quickbms script".

I haven't tried scanning with windows defender because a few days ago it was a bit wonky with its updates (it has happened to me before and after several days it fixed itself). I wasn't sure it'd do the job plus I was worried I might trigger something more.

 

Now I have my computer on stand by again because there's nothing I can do (I still can't believe how stupid I was). If someone could help me it'd be great.

 

Thanks in advance.

 

EDIT: I forgot to say what the message about the key was saying (sorry for the trouble!). My windows are not English so I can't type word for word:

Activation of Windows

 

An unauthorized change was made in Windows.

 

You have to type again the serial number of the Windows Vista Home Premium product for activation.

The sticker with the serial number is located on your computer or in the case of the installation disk in the windows package.

 

Example of sticker:(picture of a sticker)

Product's serial number:

 

Connect to verify that your OS is genuine. (this line could be clicked but I didn't)


Edited by Flyingshark, 09 October 2016 - 11:46 AM.


BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,530 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:42 PM

Posted 18 October 2016 - 11:06 AM

Hi can you run these?

ZN3USrZ.png Emsisoft Emergency Kit
  • Click here to download Emsisoft Emergency Kit. The download will automatically start after a moment.
  • Save EmsisoftEmergencyKit.exe to your Desktop.
  • Double click on EmsisoftEmergencyKit.exe (Windows Vista/7/8 users: Accept UAC warning if it is enabled). A screen like this will appear:
    dQVDkTW.png
  • Leave everything as it is, then click Extract. This will unpack Emsisoft Emergency Kit to the EEK folder located in the root drive (usually C:\).
  • Once the extraction is done, an icon qwL1Upn.png will appear on your Desktop. Double click it to start Emsisoft Emergency Kit.
  • Wait for Emsisoft Emergency Kit to finish loading signatures. A screen like this should appear:
    yEgPemv.png
  • Choose Yes, then wait for EEK to finish updating.
  • Choose Malware Scan under the Scan button. When EEK asks to activate PUP detection, choose Yes.
  • Wait for the scan to finish.
    RUeRoi4.png
  • If EEK detects something, all detected items will be displayed. Place a checkmark before everything, then choose Quarantine Selected.
  • If Emsisoft Emergency Kit asks to reboot, please do so immediately.
  • The scan log is located in Logs -> Scan Logs. Click on the entry of the latest scan, choose Export and save the report on your Desktop.
    P7FSALs.png
  • Please Copy and Paste the contents of the scan log in your next reply.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 Flyingshark

Flyingshark
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:08:42 PM

Posted 19 October 2016 - 01:09 PM

Thanks for the reply and sorry for the delay!

 

I can't run it, it says "This program cannot be run on Windows versions prior to Windows 7." and my poor OP is to blame, I'm really sorry. I have Windows Vista Home Premium, Service Pack 2, 32-bit. I hope I didn't forget anything.

 

Anyway, I have additional things to post but I couldn't edit further my OP.

First of all, I forgot to say that I ran the infected .exe as admin (the habit just kicked in).

 

Now, about the junk files. They're created in Local\Temp, not Roaming like I said in my OP. They're folders with the name "Temp1", Temp2" etc (several of each number) which is followed by the name of a random zipped file of mine. Example: "Temp6_funnypics". It also copies the files in them. They're created when I use the search function. After this post, I'll leave my computer as it is to see if it'll create folders without me searching anything.

 

About RasMan, I googled about it and there is a legit service like that so I was probably wrong.

 

A couple of days ago I tried repairing my windows by hitting F8 on startup and clicking the repair option (in the same screen with the safe mode options). Either it worked and the virus messed my files again or it didn't work to begin with. Today, for the first time after the infection, I started Windows normally and it asked for the serial again.

 

I also did try scanning with Windows Defender after all but found nothing. I looked at its history and "mbamswissarmy", from Malware Bytes, was blocked or something (it was also blocked before the infection). I had no clue but I didn't unblock it because now I think it's not the time to unblock even the most innocent of things. I never had problems with MBytes though.

 

Today, when I started Windows normally, I opened the task manager and I saw _iu14D2N.tmp running in the background and after 2 minutes (max) it disappeared. Its description was saying "Setup/Uninstall". There was also VSSVC.exe running which is about the shadow copies of the computer and they're related with system restore from what I've read. Also, MpCmdRun.exe was running and from what I can remember (I hope I'm not wrong), that was running when I was playing dos games. If I remember right then it's running now because the virus is CMD based. MpCmdRun.exe's description was saying "Windows Defender Command Line", just in case.

 

I also found in my second driver "D:" a folder named "Microsoft" with a folder named IMJP10 in it and in there is a file named imjp10u.dic (D:\Microsoft\IMJP10\imjp10u.dic). I never made such a folder so it has to be from the virus but I haven't deleted yet in case you didn't want me to. The exact same thing exists in C:. The sites I mentioned in my OP, among deletion of windows files, replicating the infected.exe (haven't found something like that) and other things, mention flash infection commands (to infect usb sticks etc I guess) so that might be related to those folders.

 

Yesterday I installed avast to see if it can do something but I got an error while trying to save the settings and also it was taking a long time to update so I uninstalled it. I tried it in the past and for some reason I uninstalled it back then so maybe it's not related to the virus.

 

 

I don't think I have something more to add (although I always forget things). I'm sorry for the mess but the laptop's keyboard has big issues (spilled coffee by me :/ ) and makes typing very hard which also affects my train of thought. I tried replying here and I lost the reply because the keyboard was doing its thing so now I'm logged in from my infected computer, I hope my account won't have problems. @_@

 

Sorry again and thanks for the reply.


Edited by Flyingshark, 19 October 2016 - 01:30 PM.


#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,530 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:42 PM

Posted 19 October 2016 - 02:04 PM

OK, try to do these then.. If you cannot get on the Net use a Flashdrive to copy them from another computer and run from that.

3Al62Pm.pngMiniToolBox
  • Please download MiniToolBox, save it to your desktop and run it.
  • Checkmark the following checkboxes:
    • Flush DNS
    • Report IE Proxy Settings
    • Reset IE Proxy Settings
    • Report FF Proxy Settings
    • Reset FF Proxy Settings
    • List content of Hosts
    • List IP configuration
    • List Winsock Entries
    • List last 10 Event Viewer log
    • List Installed Programs
    • List Users, Partitions and Memory size.
  • Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run. Note: When using "Reset FF Proxy Settings" option Firefox should be closed.
zcMPezJ.pngAdwCleaner
  • Please download AdwCleaner by Xplode and save to your Desktop.
  • Double click on AdwCleaner.exe to run the tool. Vista/Windows 7/8 users right-click and select Run As Administrator
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, let me know about it.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.
lv0mVRW.pngJunkware Removal Tool
  • Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
EDIT:
now try to run SFC
Lets see if you have a corrupt file.
 
Please run SFC (System File Checker)
Please run System File Checker sfc /scannow... For more information on this tool see [url="Elevated%5B/url] Command Prompt.Click Start, type cmd into the Start/Search box,
right-click cmd.exe in the list above and select 'Run as Administrator'
You will need your operating system  CD handy.
Open Windows Task Manager....by pressing CTRL+SHIFT+ESC
Then click  File.. then New Task(Run)
In the box that opens type sfc /scannow ......There is a space between c and /
Click OK
Let it run and insert the CD when asked.

Edited by boopme, 19 October 2016 - 02:06 PM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 Flyingshark

Flyingshark
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:08:42 PM

Posted 19 October 2016 - 02:58 PM

About MTB log. Should I copy-paste it or attach it?

 

# AdwCleaner v6.030 - Logfile created 19/10/2016 at 22:53:06
# Updated on 19/10/2016 by Malwarebytes
# Database : 2016-10-18.1 [Server]
# Operating System : Windows Vista ™ Home Premium Service Pack 2 (X86)
# Username : Juggernaut - JUGGERNAUT-PC
# Running from : C:\Users\Juggernaut\Desktop\adwcleaner_6.030.exe
# Mode: Scan
# Support : https://www.malwarebytes.com/support



***** [ Services ] *****

No malicious services found.


***** [ Folders ] *****

Folder Found:  C:\Program Files\Common Files\Software Update Utility


***** [ Files ] *****

File Found:  C:\END
File Found:  C:\Users\Juggernaut\AppData\Roaming\Mozilla\Firefox\Profiles\5055lzeh.default\extensions\DailymotionVideoDownloader@PeterOlayev.com.xpi


***** [ DLL ] *****

No malicious DLLs found.


***** [ WMI ] *****

No malicious keys found.


***** [ Shortcuts ] *****

No infected shortcut found.


***** [ Scheduled Tasks ] *****

No malicious task found.


***** [ Registry ] *****

Key Found:  HKLM\SOFTWARE\Classes\dnUpdate
Key Found:  HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser
Key Found:  HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser.1
Key Found:  HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController
Key Found:  HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController.1
Key Found:  HKLM\SOFTWARE\Classes\protector_dll.Protector
Key Found:  HKLM\SOFTWARE\Classes\protector_dll.Protector.1
Key Found:  HKLM\SOFTWARE\Classes\protector_dll.ProtectorBho
Key Found:  HKLM\SOFTWARE\Classes\protector_dll.ProtectorBho.1
Key Found:  HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib
Key Found:  HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib.1
Key Found:  HKLM\SOFTWARE\Classes\AppID\{6C259840-5BA8-46E6-8ED1-EF3BA47D8BA1}
Key Found:  HKLM\SOFTWARE\Classes\CLSID\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Found:  HKLM\SOFTWARE\Classes\CLSID\{E15A9BFD-D16D-496D-8222-44CADF316E70}
Key Found:  HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
Key Found:  HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
Key Found:  HKLM\SOFTWARE\Classes\TypeLib\{92380354-381A-471F-BE2E-DD9ACD9777EA}
Key Found:  HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Found:  HKU\S-1-5-21-702310460-481098760-3291540200-1000\Software\Headlight
Key Found:  HKU\S-1-5-21-702310460-481098760-3291540200-1000\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SoftwareUpdUtility
Key Found:  HKCU\Software\Headlight
Key Found:  HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdUtility
Key Found:  HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SoftwareUpdUtility
Key Found:  HKLM\SOFTWARE\Classes\AppID\dnu.EXE


***** [ Web browsers ] *****

No malicious Firefox based browser items found.
No malicious Chromium based browser items found.

*************************

C:\AdwCleaner\AdwCleaner[S0].txt - [2973 Bytes] - [19/10/2016 22:53:06]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [3046 Bytes] ##########
 

I have a problem with JRT so I'll have to restart windows. First download was 0 bytes so when I tried to run it it failed and I can't delete it (I should be able to do it after a restart).



#6 Flyingshark

Flyingshark
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:08:42 PM

Posted 19 October 2016 - 03:18 PM

I decided to just copy-paste the MTB log.

About JRT, it keeps telling me it's been used by another process. I even started Windows in normal mode but nothing. I have already downloaded it again, the second file is in my Downloads folder. Should I just run that from where it is?

 

MTB log:

MiniToolBox by Farbar  Version: 17-06-2016
Ran by Juggernaut (administrator) on 19-10-2016 at 22:48:55
Running from "C:\Users\Juggernaut\Desktop"
Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86)
Model: AMILO Desktop Li3745A Manufacturer: FUJITSU SIEMENS
Boot Mode: Network
***************************************************************************

========================= Flush DNS: ===================================

矣 ⫨ IP Windows

⫬ ᨠ 㣞 cache ᢬ DNS.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================
127.0.0.1       localhost
========================= IP Configuration: ================================

NVIDIA nForce Networking Controller = Τοπική σύνδεση (Connected)


# ----------------------------------
# η£ © §¨£β«¨ΰ¤ IPv4
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# ’βΆ¦ ¨η£ © §¨£β«¨ΰ¤ IPv4



η£ © §¨£β«¨ΰ¤ IP «ΰ¤ Windows

   £ ΅¤«¨΅¦η ¬§¦Ά¦ ©«γ . . . . : Juggernaut-PC
   „§ε£ ΅η¨ ¦¬ DNS  . . . . . . . :
   ’秦 ΅ζ£™¦¬. . . . . . . . . . . : “™¨ › ΅ζ
   „¤¨¦§¦ε© ›¨¦£¦Άζ© IP. . . : ξ®
   „¤¨¦§¦ε© £©¦Άα™© WINS . . : ξ®

¨¦©¨£¦β Ethernet ’¦§ ΅γ ©η¤›©:

   „§ε£ DNS ©¬΅΅¨ £β¤ ©η¤›©:
   ¨ ¨­γ . . . . . . . . . . . . : NVIDIA nForce Networking Controller
   ”¬© ΅γ › η¬¤©. . . . . . . . . : 00-24-21-53-27-3C
   „¤¨¦§¦ε© DHCP. . . . . . . .  :
   €¬«ζ£« ¨η£ © ¤¨γ . . . . . :
   ƒ η¬¤© IPv6 «¦§ ΅γ ©η¤›© . : fe80::90c5:6b4c:8a78:2b7d%10(¨¦« £ι£¤¦)
   ƒ η¬¤© IPv4. . . . . . . . . . : 192.168.2.2(¨¦« £ι£¤¦)
   ‹α©΅ ¬§¦› ΅«η¦¬. . . . . . . . . : 255.255.255.0
   뤨¥ ΅£ε©ΰ©. . . . . . . .  : ’«α¨«, 19 Ž΅«ΰ™¨ε¦¬ 2016 7:43:27 ££
   γ¥ ΅£ε©ΰ© . . . . . . . . . : ¨©΅¬γ, 21 Ž΅«ΰ™¨ε¦¬ 2016 7:43:27 ££
   ¨¦§ Ά£β¤ §ηΆ . . . . . . .  : 192.168.2.1
   ƒ ΅¦£ ©«γ DHCP . . . . . . . .  : 192.168.2.1
   DHCPv6 IAID . . . . . . . . . . . : 218112389
   DUID ¬§¦Ά¦ ©«γ-§Άα« DHCPv6 . . : 00-01-00-01-17-30-3B-F7-00-24-21-53-27-3C
   ƒ ΅¦£ ©«β DNS . . . . . . . . . : 192.168.2.1
   NetBIOS © Tcpip. . . . . . . . . : „¤¨¦§¦ £β¤¦

¨¦©¨£¦β › ¦®β«¬© ‘礛© «¦§ ΅¦η › ΅«η¦¬* 6:

   ‰«α©«© £β©¦¬ . . . . . . . . . : λ®  §¦©¬¤›ε
   „§ε£ DNS ©¬΅΅¨ £β¤ ©η¤›©:
   ¨ ¨­γ . . . . . . . . . . . . : isatap.{D271A3C4-27A9-46DA-8693-4588E1A02028}
   ”¬© ΅γ › η¬¤©. . . . . . . . . : 00-00-00-00-00-00-00-E0
   „¤¨¦§¦ε© DHCP. . . . . . .. . : ξ®
   €¬«ζ£« ¨η£ © ¤¨γ . . . . . :

¨¦©¨£¦β › ¦®β«¬© ‘礛© «¦§ ΅¦η › ΅«η¦¬* 7:

   ‰«α©«© £β©¦¬ . . . . . . . . . : λ®  §¦©¬¤›ε
   „§ε£ DNS ©¬΅΅¨ £β¤ ©η¤›©:
   ¨ ¨­γ . . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   ”¬© ΅γ › η¬¤©. . . . . . . . . : 02-00-54-55-4E-01
   „¤¨¦§¦ε© DHCP. . . . . . .. . : ξ®
   €¬«ζ£« ¨η£ © ¤¨γ . . . . . :
Διακομιστής:  netfaster.modem
Address:  192.168.2.1

Όνομα:   google.com
Addresses:  2a00:1450:4001:805::200e
      172.217.16.174



„΅«Άε«  Ά «¦¬¨ε Ping ©«¦ google.com [172.217.16.174] £ 32 byte ››¦£β¤ΰ¤:

€§α¤«© §ζ: 172.217.16.174: bytes=32 ®¨ζ¤¦=333ms TTL=53

€§α¤«© §ζ: 172.217.16.174: bytes=32 ®¨ζ¤¦=327ms TTL=53



‘«« ©« ΅α ©«¦ ®ε Ping   172.217.16.174:

    ΅β«: €§©«Ά£β¤ = 2, ­β¤« = 2, €§¦Ά©β¤« = 0 (§ιΆ  0%),

Άγ¦ › ›¨¦£ι¤ §¦©«¦Άγ ΅  § ©«¨¦­γ ΅«α §¨¦©β © © ® Ά ¦©«α «¦¬

›¬«¨¦Άβ§«¦¬:

    „Άα® ©«¦ = 327ms, ‹β ©«¦ = 333ms, ‹β©¦ 樦 = 330ms

Διακομιστής:  netfaster.modem
Address:  192.168.2.1

Όνομα:   yahoo.com
Addresses:  2001:4998:58:c02::a9
      2001:4998:c:a06::2:4008
      2001:4998:44:204::a7
      98.138.253.109
      98.139.183.24
      206.190.36.45



„΅«Άε«  Ά «¦¬¨ε Ping ©«¦ yahoo.com [206.190.36.45] £ 32 byte ››¦£β¤ΰ¤:

€§α¤«© §ζ: 206.190.36.45: bytes=32 ®¨ζ¤¦=236ms TTL=50

€§α¤«© §ζ: 206.190.36.45: bytes=32 ®¨ζ¤¦=237ms TTL=50



‘«« ©« ΅α ©«¦ ®ε Ping   206.190.36.45:

    ΅β«: €§©«Ά£β¤ = 2, ­β¤« = 2, €§¦Ά©β¤« = 0 (§ιΆ  0%),

Άγ¦ › ›¨¦£ι¤ §¦©«¦Άγ ΅  § ©«¨¦­γ ΅«α §¨¦©β © © ® Ά ¦©«α «¦¬

›¬«¨¦Άβ§«¦¬:

    „Άα® ©«¦ = 236ms, ‹β ©«¦ = 237ms, ‹β©¦ 樦 = 236ms



„΅«Άε«  Ά «¦¬¨ε Ping ©«¦ 127.0.0.1 £ 32 byte ››¦£β¤ΰ¤:

€§α¤«© §ζ: 127.0.0.1: bytes=32 ®¨ζ¤¦<1ms TTL=128

€§α¤«© §ζ: 127.0.0.1: bytes=32 ®¨ζ¤¦<1ms TTL=128



‘«« ©« ΅α ©«¦ ®ε Ping   127.0.0.1:

    ΅β«: €§©«Ά£β¤ = 2, ­β¤« = 2, €§¦Ά©β¤« = 0 (§ιΆ  0%),

Άγ¦ › ›¨¦£ι¤ §¦©«¦Άγ ΅  § ©«¨¦­γ ΅«α §¨¦©β © © ® Ά ¦©«α «¦¬

›¬«¨¦Άβ§«¦¬:

    „Άα® ©«¦ = 0ms, ‹β ©«¦ = 0ms, ‹β©¦ 樦 = 0ms

===========================================================================
ε©« › ©¬¤›β©ΰ¤
 10 ...00 24 21 53 27 3c ...... NVIDIA nForce Networking Controller
  1 ........................... Software Loopback Interface 1
 11 ...00 00 00 00 00 00 00 e0  isatap.{D271A3C4-27A9-46DA-8693-4588E1A02028}
 12 ...02 00 54 55 4e 01 ...... Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 夡 › ›¨¦£ι¤
===========================================================================
„¤¨β › ›¨¦£β:
ƒ η¬¤© › ΅«η¦¬    ‹α©΅ › ΅«η¦¬             ηΆ      ƒ ©η¤›©   ‹β«¨¦
          0.0.0.0          0.0.0.0      192.168.2.1      192.168.2.2     20
        127.0.0.0        255.0.0.0      ‹ ©η¤›©         127.0.0.1    306
        127.0.0.1  255.255.255.255      ‹ ©η¤›©         127.0.0.1    306
  127.255.255.255  255.255.255.255      ‹ ©η¤›©         127.0.0.1    306
      192.168.2.0    255.255.255.0      ‹ ©η¤›©       192.168.2.2    276
      192.168.2.2  255.255.255.255      ‹ ©η¤›©       192.168.2.2    276
    192.168.2.255  255.255.255.255      ‹ ©η¤›©       192.168.2.2    276
        224.0.0.0        240.0.0.0      ‹ ©η¤›©         127.0.0.1    306
        224.0.0.0        240.0.0.0      ‹ ©η¤›©       192.168.2.2    276
  255.255.255.255  255.255.255.255      ‹ ©η¤›©         127.0.0.1    306
  255.255.255.255  255.255.255.255      ‹ ©η¤›©       192.168.2.2    276
===========================================================================
‘¬¤®ε › ›¨¦£β:
  ‰£ε

IPv6 夡 › ›¨¦£ι¤
===========================================================================
„¤¨β › ›¨¦£β:
 ƒ η¬¤© › ΅«η¦¬ £«¨ ΅γ If    ηΆ
  1    306 ::1/128                  ‹ ©η¤›©
 10    276 fe80::/64                ‹ ©η¤›©
 10    276 fe80::90c5:6b4c:8a78:2b7d/128
                                    ‹ ©η¤›©
  1    306 ff00::/8                 ‹ ©η¤›©
 10    276 ff00::/8                 ‹ ©η¤›©
===========================================================================
‘¬¤®ε › ›¨¦£β:
  ‰£ε
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\system32\NLAapi.dll [48640] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [50176] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 05 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog5 06 C:\Windows\system32\winrnr.dll [19968] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (10/19/2016 07:41:41 PM) (Source: EventSystem) (User: )
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

Error: (10/19/2016 07:41:27 PM) (Source: profsvc) (User: NT AUTHORITY)
Description: Δεν είναι δυνατή η φόρτωση του αρχείου μητρώου κλάσεων από τα Windows.
 ΛΕΠΤΟΜΕΡΕΙΑ - Δεν είναι δυνατή η εύρεση του καθορισμένου αρχείου από το σύστημα.

Error: (10/19/2016 07:05:28 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/19/2016 07:02:21 PM) (Source: Application Error) (User: )
Description: Ελαττωματική εφαρμογή msiexec.exe, έκδοση 4.5.6002.19424, χρονική σήμανση 0x55818d9c, ελαττωματική λειτουργική μονάδα msi.dll, έκδοση 4.5.6002.19424, χρονική σήμανση 0x5581a5c1, κωδικός εξαίρεσης 0xc0000005, μετατόπιση σφάλματος 0x0003702e,
αναγνωριστικό διεργασίας 0xe9c, χρόνος έναρξης εφαρμογής 0xmsiexec.exe0.

Error: (10/19/2016 05:45:06 PM) (Source: VSS) (User: )
Description: Σφάλμα της υπηρεσίας σκιωδών αντιγράφων τόμου: Μη αναμενόμενο σφάλμα κατά την αναζήτηση της διασύνδεσης IVssWriterCallback. hr = 0x80070005.
Αυτό συχνά προκαλείται από λανθασμένες ρυθμίσεις ασφαλείας κατά τη διεργασία εγγραφής ή αίτησης.


Λειτουργία:
   Συγκέντρωση δεδομένων συσκευής εγγραφής

Περιβάλλον:
   Αναγνωριστικό κλάσης συσκευής εγγραφής: {e8132975-6f93-4464-a53e-1050253ae220}
   Όνομα συσκευής εγγραφής: System Writer
   Αναγνωριστικό παρουσίας συσκευής εγγραφής: {b8e9c114-5840-4683-b39a-f4ef1662b323}

Error: (10/19/2016 05:43:37 PM) (Source: VSS) (User: )
Description: Σφάλμα της υπηρεσίας σκιωδών αντιγράφων τόμου: Μη αναμενόμενο σφάλμα κατά την αναζήτηση της διασύνδεσης IVssWriterCallback. hr = 0x80070005.
Αυτό συχνά προκαλείται από λανθασμένες ρυθμίσεις ασφαλείας κατά τη διεργασία εγγραφής ή αίτησης.


Λειτουργία:
   Συγκέντρωση δεδομένων συσκευής εγγραφής

Περιβάλλον:
   Αναγνωριστικό κλάσης συσκευής εγγραφής: {e8132975-6f93-4464-a53e-1050253ae220}
   Όνομα συσκευής εγγραφής: System Writer
   Αναγνωριστικό παρουσίας συσκευής εγγραφής: {b8e9c114-5840-4683-b39a-f4ef1662b323}

Error: (10/19/2016 05:42:43 PM) (Source: VSS) (User: )
Description: Σφάλμα της υπηρεσίας σκιωδών αντιγράφων τόμου: Μη αναμενόμενο σφάλμα κατά την αναζήτηση της διασύνδεσης IVssWriterCallback. hr = 0x80070005.
Αυτό συχνά προκαλείται από λανθασμένες ρυθμίσεις ασφαλείας κατά τη διεργασία εγγραφής ή αίτησης.


Λειτουργία:
   Συγκέντρωση δεδομένων συσκευής εγγραφής

Περιβάλλον:
   Αναγνωριστικό κλάσης συσκευής εγγραφής: {e8132975-6f93-4464-a53e-1050253ae220}
   Όνομα συσκευής εγγραφής: System Writer
   Αναγνωριστικό παρουσίας συσκευής εγγραφής: {b8e9c114-5840-4683-b39a-f4ef1662b323}

Error: (10/19/2016 05:41:37 PM) (Source: VSS) (User: )
Description: Σφάλμα της υπηρεσίας σκιωδών αντιγράφων τόμου: Μη αναμενόμενο σφάλμα κατά την αναζήτηση της διασύνδεσης IVssWriterCallback. hr = 0x80070005.
Αυτό συχνά προκαλείται από λανθασμένες ρυθμίσεις ασφαλείας κατά τη διεργασία εγγραφής ή αίτησης.


Λειτουργία:
   Συγκέντρωση δεδομένων συσκευής εγγραφής

Περιβάλλον:
   Αναγνωριστικό κλάσης συσκευής εγγραφής: {e8132975-6f93-4464-a53e-1050253ae220}
   Όνομα συσκευής εγγραφής: System Writer
   Αναγνωριστικό παρουσίας συσκευής εγγραφής: {b8e9c114-5840-4683-b39a-f4ef1662b323}

Error: (10/19/2016 05:39:43 PM) (Source: VSS) (User: )
Description: Σφάλμα της υπηρεσίας σκιωδών αντιγράφων τόμου: Μη αναμενόμενο σφάλμα κατά την αναζήτηση της διασύνδεσης IVssWriterCallback. hr = 0x80070005.
Αυτό συχνά προκαλείται από λανθασμένες ρυθμίσεις ασφαλείας κατά τη διεργασία εγγραφής ή αίτησης.


Λειτουργία:
   Συγκέντρωση δεδομένων συσκευής εγγραφής

Περιβάλλον:
   Αναγνωριστικό κλάσης συσκευής εγγραφής: {e8132975-6f93-4464-a53e-1050253ae220}
   Όνομα συσκευής εγγραφής: System Writer
   Αναγνωριστικό παρουσίας συσκευής εγγραφής: {b8e9c114-5840-4683-b39a-f4ef1662b323}

Error: (10/19/2016 05:38:25 PM) (Source: VSS) (User: )
Description: Σφάλμα της υπηρεσίας σκιωδών αντιγράφων τόμου: Μη αναμενόμενο σφάλμα κατά την αναζήτηση της διασύνδεσης IVssWriterCallback. hr = 0x80070005.
Αυτό συχνά προκαλείται από λανθασμένες ρυθμίσεις ασφαλείας κατά τη διεργασία εγγραφής ή αίτησης.


Λειτουργία:
   Συγκέντρωση δεδομένων συσκευής εγγραφής

Περιβάλλον:
   Αναγνωριστικό κλάσης συσκευής εγγραφής: {e8132975-6f93-4464-a53e-1050253ae220}
   Όνομα συσκευής εγγραφής: System Writer
   Αναγνωριστικό παρουσίας συσκευής εγγραφής: {b8e9c114-5840-4683-b39a-f4ef1662b323}


System errors:
=============
Error: (10/19/2016 08:50:21 PM) (Source: DCOM) (User: )
Description: 1068stisvc{A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error: (10/19/2016 07:49:34 PM) (Source: DCOM) (User: )
Description: 1084NVSvc{DCAB0989-1301-4319-BE5F-ADE89F88581C}

Error: (10/19/2016 07:43:35 PM) (Source: DCOM) (User: )
Description: 1068fdPHost{145B4335-FE2A-4927-A040-7C35AD3180EF}

Error: (10/19/2016 07:41:55 PM) (Source: DCOM) (User: )
Description: 1084WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error: (10/19/2016 07:41:54 PM) (Source: DCOM) (User: )
Description: 1084WSearch{9E175B6D-F52A-11D8-B9A5-505054503030}

Error: (10/19/2016 07:41:41 PM) (Source: DCOM) (User: )
Description: 1084EventSystem{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (10/19/2016 07:41:32 PM) (Source: DCOM) (User: )
Description: 1084ShellHWDetection{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (10/19/2016 07:05:28 PM) (Source: Service Control Manager) (User: )
Description: spldr
Wanarpv6

Error: (10/19/2016 07:05:28 PM) (Source: Service Control Manager) (User: )
Description: Αναζήτηση υπολογιστώνΔιακομιστής%%1068 = Η υπηρεσία εξάρτησης ή η ομάδα απέτυχε να ξεκινήσει.


Error: (10/19/2016 04:58:56 PM) (Source: Microsoft-Windows-LanguagePackSetup) (User: NT AUTHORITY)
Description: 0x80070032


Microsoft Office Sessions:
=========================
Error: (10/19/2016 07:41:41 PM) (Source: EventSystem)(User: )
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

Error: (10/19/2016 07:41:27 PM) (Source: profsvc)(User: NT AUTHORITY)
Description: Δεν είναι δυνατή η εύρεση του καθορισμένου αρχείου από το σύστημα.

Error: (10/19/2016 07:05:28 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/19/2016 07:02:21 PM) (Source: Application Error)(User: )
Description: msiexec.exe4.5.6002.1942455818d9cmsi.dll4.5.6002.194245581a5c1c00000050003702ee9c01d22a1736e0a953

Error: (10/19/2016 05:45:06 PM) (Source: VSS)(User: )
Description: 0x80070005

Λειτουργία:
   Συγκέντρωση δεδομένων συσκευής εγγραφής

Περιβάλλον:
   Αναγνωριστικό κλάσης συσκευής εγγραφής: {e8132975-6f93-4464-a53e-1050253ae220}
   Όνομα συσκευής εγγραφής: System Writer
   Αναγνωριστικό παρουσίας συσκευής εγγραφής: {b8e9c114-5840-4683-b39a-f4ef1662b323}

Error: (10/19/2016 05:43:37 PM) (Source: VSS)(User: )
Description: 0x80070005

Λειτουργία:
   Συγκέντρωση δεδομένων συσκευής εγγραφής

Περιβάλλον:
   Αναγνωριστικό κλάσης συσκευής εγγραφής: {e8132975-6f93-4464-a53e-1050253ae220}
   Όνομα συσκευής εγγραφής: System Writer
   Αναγνωριστικό παρουσίας συσκευής εγγραφής: {b8e9c114-5840-4683-b39a-f4ef1662b323}

Error: (10/19/2016 05:42:43 PM) (Source: VSS)(User: )
Description: 0x80070005

Λειτουργία:
   Συγκέντρωση δεδομένων συσκευής εγγραφής

Περιβάλλον:
   Αναγνωριστικό κλάσης συσκευής εγγραφής: {e8132975-6f93-4464-a53e-1050253ae220}
   Όνομα συσκευής εγγραφής: System Writer
   Αναγνωριστικό παρουσίας συσκευής εγγραφής: {b8e9c114-5840-4683-b39a-f4ef1662b323}

Error: (10/19/2016 05:41:37 PM) (Source: VSS)(User: )
Description: 0x80070005

Λειτουργία:
   Συγκέντρωση δεδομένων συσκευής εγγραφής

Περιβάλλον:
   Αναγνωριστικό κλάσης συσκευής εγγραφής: {e8132975-6f93-4464-a53e-1050253ae220}
   Όνομα συσκευής εγγραφής: System Writer
   Αναγνωριστικό παρουσίας συσκευής εγγραφής: {b8e9c114-5840-4683-b39a-f4ef1662b323}

Error: (10/19/2016 05:39:43 PM) (Source: VSS)(User: )
Description: 0x80070005

Λειτουργία:
   Συγκέντρωση δεδομένων συσκευής εγγραφής

Περιβάλλον:
   Αναγνωριστικό κλάσης συσκευής εγγραφής: {e8132975-6f93-4464-a53e-1050253ae220}
   Όνομα συσκευής εγγραφής: System Writer
   Αναγνωριστικό παρουσίας συσκευής εγγραφής: {b8e9c114-5840-4683-b39a-f4ef1662b323}

Error: (10/19/2016 05:38:25 PM) (Source: VSS)(User: )
Description: 0x80070005

Λειτουργία:
   Συγκέντρωση δεδομένων συσκευής εγγραφής

Περιβάλλον:
   Αναγνωριστικό κλάσης συσκευής εγγραφής: {e8132975-6f93-4464-a53e-1050253ae220}
   Όνομα συσκευής εγγραφής: System Writer
   Αναγνωριστικό παρουσίας συσκευής εγγραφής: {b8e9c114-5840-4683-b39a-f4ef1662b323}


CodeIntegrity Errors:
===================================
  Date: 2016-10-16 19:23:49.963
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

  Date: 2016-10-16 19:23:49.573
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

  Date: 2016-10-16 19:23:49.183
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

  Date: 2016-10-16 19:23:48.762
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

  Date: 2016-10-16 16:27:09.890
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

  Date: 2016-10-16 16:27:09.313
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

  Date: 2016-10-16 16:27:08.689
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

  Date: 2016-10-16 16:27:08.034
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

  Date: 2016-10-16 16:27:07.410
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

  Date: 2016-10-16 16:27:06.786
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.


=========================== Installed Programs ============================

7-Zip 15.05 beta (HKLM\...\7-Zip) (Version:  - )
Adobe AIR (HKLM\...\{14DC0059-00F1-4F62-BD1A-AB23CD51A95E}) (Version: 3.4.0.2540 - Adobe Systems Incorporated) Hidden
Adobe AIR (HKLM\...\Adobe AIR) (Version: 3.4.0.2540 - Adobe Systems Incorporated)
Adobe Flash Player 10 ActiveX (HKLM\...\{2BD2FA21-B51D-4F01-94A7-AC16737B2163}) (Version: 10.0.12.36 - Adobe Systems, Inc.)
Adobe Flash Player 17 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Reader X (10.1.5) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.5 - Adobe Systems Incorporated)
Adobe Refresh Manager (HKLM\...\{AC76BA86-0804-1033-1959-001802114130}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Apple Application Support (HKLM\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ATLAS Translation Standard V14.0 Trial Version (HKLM\...\{6652750B-AA69-49B7-9D09-C0A28B6FFC9F}) (Version: 14.00.2000 - FUJITSU LIMITED)
ATLAS V14.0 L10 Update Pack U003 (HKLM\...\{8C8816ED-E050-4E20-8CDD-26D29F5C9EDF}) (Version: 14.03.0000 - FUJITSU LIMITED) Hidden
Audacity 2.0 (HKLM\...\Audacity_is1) (Version:  - Audacity Team)
Blender (remove only) (HKLM\...\Blender) (Version:  - )
Blender NIF Scripts (remove only) (HKLM\...\BlenderNIFScripts) (Version:  - )
Dolphin x86 (HKLM\...\Dolphin x86) (Version: 4.0.2 - Dolphin Development Team)
Download Updater (AOL Inc.) (HKLM\...\SoftwareUpdUtility) (Version:  - AOL Inc.)
Energy Settings (HKLM\...\{7613592F-B20C-4E1B-B2DD-67F0784D4373}) (Version: 1.0.7 - Fujitsu Siemens Computers)
Everything 1.2.1.371 (HKLM\...\Everything) (Version:  - )
FaceGen Modeller 3.4 (HKLM\...\{82B0940F-A8ED-4F74-935A-CF6AF8530769}) (Version: 3.4.0 - Singular Inversions Inc.)
Free Running (HKLM\...\Free Running_is1) (Version:  - )
Freelang Dictionary (wordlist) (HKLM\...\{6B5E816C-A761-4F5B-BF48-84B794556CAA}_is1) (Version:  - Freelang)
Freelang Dictionary 3.74 beta (HKLM\...\{8A95C2DC-779A-4EA8-9DE3-B118D1411E8B}_is1) (Version:  - Freelang)
Fujitsu Siemens Computers Recovery (HKLM\...\{AFC454ED-A26F-4816-826B-C35129D82E1F}) (Version: 1.3.9 - Fujitsu Siemens Computers)
Google Desktop (HKLM\...\Google Desktop) (Version: 5.7.0802.22438 - Google)
Google Toolbar for Internet Explorer (HKLM\...\{18455581-E099-4BA8-BC6B-F34B2F06600C}) (Version: 1.0.0 - Google Inc.) Hidden
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version:  - Google Inc.)
Guild 2 Patch (HKLM\...\{0C6F0F18-61EE-457C-BA92-055FA151B90A}) (Version: 1.0.0 - JoWood)
HF pAppLoc version 1.0 (HKLM\...\{9143B17E-BBDE-4EA7-A4E3-20D384D9C8A5}_is1) (Version: 1.0 - Inquisitor)
HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.14.280 - SurfRight B.V.)
Hooligans - Storm over Europe (HKLM\...\{B89933C8-E38D-44BE-B3DB-96657D11338F}) (Version:  - )
I Was an Atomic Mutant (HKLM\...\{F2CF53FB-EA98-4AA8-A4E9-17B5B9BBA037}) (Version:  - )
K-Lite Codec Pack 9.2.0 (Basic) (HKLM\...\KLiteCodecPack_is1) (Version: 9.2.0 - )
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (Ελληνικά) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1032) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Age of Empires (HKLM\...\Age of Empires) (Version:  - )
Microsoft Office Excel Viewer (HKLM\...\{95120000-003F-0409-0000-0000000FF1CE}) (Version: 12.0.6219.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM\...\{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Windows Application Compatibility Database (HKLM\...\{deb7008b-681e-4a4a-8aae-cc833e8216ce}.sdb) (Version:  - )
Microsoft XNA Framework Redistributable 3.0 (HKLM\...\{3898934B-05AE-41CD-96BE-70DA9BFBCE1F}) (Version: 3.0.11010.0 - Microsoft Corporation)
Mozilla Firefox 43.0.1 (x86 en-US) (HKLM\...\Mozilla Firefox 43.0.1 (x86 en-US)) (Version: 43.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero 8 Essentials (HKLM\...\{373C3C97-2FA9-4E18-85A2-255060C21032}) (Version: 8.3.228 - Nero AG)
neroxml (HKLM\...\{56C049BE-79E9-4502-BEA7-9754A3E60F9B}) (Version: 1.0.0 - Nero AG) Hidden
NifSkope (remove only) (HKLM\...\NifSkope) (Version:  - )
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version:  - )
NVIDIA Photoshop Plug-ins (HKLM\...\{23F79416-CAD1-41BF-99A3-040F6C814AAA}) (Version: 8.50 - )
NVIDIA PhysX (HKLM\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA Πρόγραμμα οδήγησης γραφικών 331.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 331.65 - NVIDIA Corporation)
NVIDIA Πρόγραμμα οδήγησης ελεγκτή 3D Vision 331.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 331.65 - NVIDIA Corporation)
Oblivion - Construction Set (HKLM\...\{23D683DD-93C6-48E6-B84E-78B57778F126}) (Version: 1.00.0000 - Bethesda Softworks)
Oblivion - Horse Armor Pack (HKLM\...\{3ABEBD00-299D-4DCA-967F-B912163AB5EA}) (Version: 1.00.0000 - Bethesda Softworks)
Oblivion - Knights of the Nine (HKLM\...\{14C87AA7-08E6-419F-A165-998EBE5023D7}) (Version: 1.00.0000 - Bethesda Softworks)
Oblivion - Mehrunes Razor (HKLM\...\{EF295F5C-7B57-47AA-8889-6B3E8E214E89}) (Version: 1.00.0000 - Bethesda Softworks)
Oblivion - Orrery (HKLM\...\{EC425CFC-EE78-4A91-AA25-3BFA65B75364}) (Version: 1.00.0000 - Bethesda Softworks)
Oblivion - Thieves Den (HKLM\...\{FFFFFD17-B460-41EB-93F1-C48ABAD63828}) (Version: 1.00.0000 - Bethesda Softworks)
Oblivion - Vile Lair (HKLM\...\{520F4B09-3A51-47A2-82B0-9FF1DC2D20FA}) (Version: 1.00.0000 - Bethesda Softworks)
Oblivion (HKLM\...\{35CB6715-41F8-4F99-8881-6FC75BF054B0}) (Version: 1.00.0000 - Bethesda Softworks)
Oblivion mod manager 1.1.12 (HKLM\...\Oblivion mod manager_is1) (Version:  - Timeslip)
OpenAL (HKLM\...\OpenAL) (Version:  - )
PCSX2 - Playstation 2 Emulator (HKLM\...\pcsx2) (Version:  - )
piaip AppLocale (HKLM\...\{394BE3D9-7F57-4638-A8D1-1D88671913B7}) (Version: 1.0.0 - MS)
Postal Fudge Pack (HKLM\...\Postal Fudge Pack) (Version:  - )
PyFFI 2.1.11 (HKLM\...\PyFFI) (Version: 2.1.11 - Amorilia <amorilia@users.sourceforge.net>)
Python 2.6 (HKLM\...\{110EB5C4-E995-4CFB-AB80-A5F315BEA9E8}) (Version: 2.6.150 - Python Software Foundation)
Python 2.6 PyFFI-2.1.11 (HKLM\...\PyFFI-py2.6) (Version:  - Python File Format Interface)
QuickTime 7 (HKLM\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version:  - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
RGSS-RTP Standard (HKLM\...\RGSS-RTP Standard_is1) (Version: 1.03 - Enterbrain)
Rome Total War - patch 1.3 (HKLM\...\{A5D65411-8E73-4C85-AD80-9FE8B7391CF9}) (Version: 1.3 - )
RPG MAKER VX Ace RTP (HKLM\...\RPGVXAce_RTP_is1) (Version: 1.00 - Enterbrain)
RPGツクール2000 ランタイムパッケージ (HKLM\...\{33F7A957-A66D-45A1-BADF-6576083B14E2}) (Version:  - )
RPGツクールVX RTP (HKLM\...\RPGツクールVX RTP_is1) (Version: 1.02 - Enterbrain)
Sid Meier's Pirates! (HKLM\...\{1632FD86-1BA4-4FC4-8B25-A8C655D63F68}) (Version: 1.00.0000 - Firaxis Games) Hidden
Sid Meier's Pirates! (HKLM\...\InstallShield_{1632FD86-1BA4-4FC4-8B25-A8C655D63F68}) (Version: 1.00.0000 - Firaxis Games)
SystemDiagnostics (HKLM\...\{2F926AE7-9FB7-4B34-906F-9C29A6D146A7}) (Version: 2.01.0004 - Fujitsu Siemens Computers       )
TEncoder Video Converter version 4.5.8 (HKLM\...\{7B1F9D22-568D-4109-B128-040BF8A932FC}_is1) (Version: 4.5.8 - ozok)
The Sims 2 Family Fun Stuff (HKLM\...\{6BDD9CE6-D0A6-478A-BAD3-BA6945E89EB0}) (Version:  - )
The Sims 2 Glamour Life Stuff (HKLM\...\{9CDBC303-3EED-40b0-8E41-A7C65AA96C26}) (Version:  - )
The Sims 2 Open For Business (HKLM\...\{7B3577F5-1D82-4C9B-008B-69D026FD8BCA}) (Version:  - )
The Sims 2 Pets (HKLM\...\{4817189D-1785-4627-A33C-39FD90919300}) (Version:  - )
The Sims 2 Seasons (HKLM\...\{DFEF49D9-FC95-4301-99B9-2FB91C6ABA06}) (Version:  - )
The Sims 2 University (HKLM\...\{01521746-02A6-4A72-00BD-A285DF6B80C6}) (Version:  - )
The Sims™ 2 Apartment Life (HKLM\...\{B6F5B704-06D3-4687-90F3-6195304AD755}) (Version:  - Electronic Arts)
The Sims™ 2 Bon Voyage (HKLM\...\{F248ADFA-64E0-4b03-8A83-059078BED6A0}) (Version:  - Electronic Arts)
The Sims™ 2 Celebration! Stuff (HKLM\...\{EAA38532-7AD0-4f78-918A-4F4F02096ECE}) (Version:  - )
The Sims™ 2 Deluxe (HKLM\...\{9C244239-ED8E-40f1-937F-51C706CD2160}) (Version:  - )
The Sims™ 2 FreeTime (HKLM\...\{87F6C83D-F949-4d14-B5CB-DC8C75F8932D}) (Version:  - Electronic Arts)
The Sims™ 2 H&M® Fashion Stuff (HKLM\...\{84DDE556-43EF-43ed-B2DF-37AF9E5DDD75}) (Version:  - )
The Sims™ 2 IKEA® Home Stuff (HKLM\...\{6E17F9751-F056-4335-B718-8AF1B1092AFB}) (Version:  - Electronic Arts)
The Sims™ 2 Kitchen & Bath Interior Design Stuff (HKLM\...\{6522C636-B04C-4333-9BEB-9E0C0B6350D6}) (Version:  - Electronic Arts)
The Sims™ 2 Mansion and Garden Stuff (HKLM\...\{1A2A15C2-6780-49c1-B296-503230E9DE00}) (Version:  - Electronic Arts)
The Sims™ 2 Teen Style Stuff (HKLM\...\{5C648FDB-0138-4619-B66E-230EF53E8E2C}) (Version:  - Electronic Arts)
This War of Mine (HKLM\...\{5FD7B6B3-08C7-4FEE-9C37-A2134C699885}}_is1) (Version: 1 - 11 bit studios)
Trespasser (HKLM\...\DreamWorks Interactive: Trespasser) (Version:  - )
Ultra Street Fighter IV (HKLM\...\{XXXXXXXX-XXXX-XXXX-XXXX-BLACKBOX0006}) (Version: 6.0 - Black Box)
VC80CRTRedist - 8.0.50727.6195 (HKLM\...\{933B4015-4618-4716-A828-5289FC03165F}) (Version: 1.2.0 - DivX, Inc) Hidden
VCRedistSetup (HKLM\...\{3921A67A-5AB1-4E48-9444-C71814CF3027}) (Version: 1.0.0 - Nero AG) Hidden
VDMSound (HKLM\...\VDMSound) (Version: 2.1.0 - Vlad Romascanu)
VideoPad Video Editor (HKLM\...\VideoPad) (Version: 4.14 - NCH Software)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Winamp (HKLM\...\Winamp) (Version: 5.63  - Nullsoft, Inc)
Winamp Detector Plug-in (HKCU\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
wxPython 2.8.12.1 (unicode) for Python 2.7 (HKLM\...\wxPython2.8-unicode-py27_is1) (Version: 2.8.12.1-unicode - Total Control Software)
Πακέτο γλώσσας του Microsoft .NET Framework 3.5 SP1 - ELL (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - ell) (Version:  - Microsoft Corporation)
Πίνακας Ελέγχου NVIDIA 331.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 331.65 - NVIDIA Corporation) Hidden

========================= Memory info: ===================================

Percentage of memory in use: 21%
Total physical RAM: 3070.32 MB
Available physical RAM: 2398.69 MB
Total Virtual: 6356.84 MB
Available Virtual: 5934.02 MB

========================= Partitions: =====================================

1 Drive c: (System) (Fixed) (Total:614.34 GB) (Free:42.36 GB) NTFS
2 Drive d: (Data) (Fixed) (Total:308.17 GB) (Free:4.64 GB) NTFS

========================= Users: ========================================

¦¨ ©£¦ε User   \\JUGGERNAUT-PC

Administrator            Guest                    Juggernaut               
† ¤«¦Άγ ¦Ά¦΅Ά¨ι΅ £ § «¬®ε.


**** End of log ****
 

 

 

To be honest, the jumbled words don't look so good. Do you think I should just reinstall my windows and get this over with?


Edited by Flyingshark, 19 October 2016 - 03:23 PM.


#7 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,530 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:42 PM

Posted 20 October 2016 - 11:28 AM

Well actually I think that would be the quickest.. Do you have a Greek operating system?
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#8 Flyingshark

Flyingshark
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:08:42 PM

Posted 20 October 2016 - 11:40 AM

Yes but the jibberish are unknown to me. I've never made such a scan before but I really don't think those things belong there. :q

You're the captain, if you'll tell me we can't fix this or anything similar then I'll just reinstall. I've already prepared myself mentally. xD To be honest I feel bad troubling others for my mess and I sure did quite a mess here!



#9 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,530 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:42 PM

Posted 20 October 2016 - 12:24 PM

Lets get a deeper look.

Start at step 6. Please follow this Preparation Guide and post in a new topic.
Let me know if all went well.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#10 Flyingshark

Flyingshark
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:08:42 PM

Posted 20 October 2016 - 01:00 PM

I did the scan but I changed my mind. I'll just start fresh and get this over with.

I'm sorry for all the trouble and thanks for the help!



#11 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,530 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:42 PM

Posted 20 October 2016 - 01:41 PM

No trouble a all.. If you need help proceeding, ask in Vista.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users