Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Windows 7 build 7601 This copy of windows is not genuine.


  • Please log in to reply
3 replies to this topic

#1 Naranthor

Naranthor

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North Somerset, UK
  • Local time:11:15 AM

Posted 18 February 2016 - 11:10 AM

I'm going to post this here first to see if I can find a permenant fix here before I go on to either hardware support or Malware support.

 

When I turned my computer on yesterday, I was greeted with a message in the bottom right corner saying "Windows 7 build 7601 This copy of windows is not genuine." and was then sent popups to get the activation key off of me. Now, my Windows 7 Ultimate 64x is a legitimate copy (as far as I can tell) that I've been using since early 2014 (when I activated it). Along with this, I have had rather high CPU usage (Using a 6 core AMD gaming processor) for doing very little and some BSODs (I need to note the error if and when i next have them). The system, particularly the start up, has been feeling rather sluggish since my first boot up yesterday. FPS in World of tanks has been reduced to about 15 FPS.

 

What I've done so far:

 

Chkdsk /r (did one pass, which took something like 8 hours and seems to have fixed a good chunk of the problem, must have scheduled a second as it said the volume was clean when i booted the second time).

Run various anti virals (Antimalware bytes at the advice of a friend, Kapersky's online scanner and a scan with my own Webroot).

Installed the latest version of Java (did some google-fu).

Downloaded Window's own verification tool and ran it (came back negative).

Currently checking the health of the hard drive (It doesn't seem to be making the noises that dying hard drives tend to make, so that SHOULD come back fine in 2 hours or so).

 

That's what I can remember trying.

 

any suggestions?


Edited by Naranthor, 18 February 2016 - 11:17 AM.


BC AdBot (Login to Remove)

 


#2 hamluis

hamluis

    Moderator


  • Moderator
  • 55,238 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:06:15 AM

Posted 18 February 2016 - 11:26 AM

1.  Please download MiniToolBox  , save it to your desktop and run it.
 
Checkmark the following checkboxes:
  List last 10 Event Viewer log
  List Installed Programs
  List Users, Partitions and Memory size.
 
Click Go and paste the content into your next post.
 
2.  Please download and install Speccy to provide us with information about your computer.  Clicking on this link will automatically initiate the download.  
 
When Speccy opens you will see a screen similar to the one below.
 
speccy9_zps2d9cdedc.png
 
Click on File which is outlined in red in the screen above, and then click on Publish Snapshot.
 
The following screen will appear, click on Yes.
 
speccy7_zpsfa02105f.png
 
The following screen will appear, click on Copy to Clipboard.
 
speccy3_zps1791b093.png
 
In your next post right click inside the Reply to Topic box, then click on Paste.  This will load a link to the Speccy log.
 
Louis


#3 Naranthor

Naranthor
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North Somerset, UK
  • Local time:11:15 AM

Posted 18 February 2016 - 02:26 PM

Speccy Results:  http://speccy.piriform.com/results/OboEsL5pykdDuvFcELrNRCN
 
MiniToolBox results.
MiniToolBox by Farbar  Version: 25-07-2015 01
Ran by Naranthor (administrator) on 18-02-2016 at 19:21:24
Running from "C:\Users\Naranthor\Downloads"
Microsoft Windows 7 Ultimate  Service Pack 1 (X64)
Model: BB-63008A Manufacturer: NOVATECH LTD

Boot Mode: Normal
***************************************************************************

========================= Event log errors: ===============================

Application errors:
==================
Error: (02/18/2016 02:19:15 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CreateVssExamineWriterMetadata.  hr = 0x80042302, A Volume Shadow Copy Service component encountered an unexpected error.
Check the Application event log for more information.
Operation:
   Writer Exposing its Metadata
Context:
   Execution Context: Requestor
   Writer Instance ID: {DF2BD936-0F3A-4F04-ADE5-B08DBBA98C63}
   Writer Class Id: {E8132975-6F93-4464-A53E-1050253AE220}
   Writer Name: System Writer

Error: (02/18/2016 02:19:15 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine XML document is too long.  hr = 0x80070018, The program issued a command but the command length is incorrect.
Operation:
   Writer Exposing its Metadata
Context:
   Execution Context: Requestor
   Writer Instance ID: {DF2BD936-0F3A-4F04-ADE5-B08DBBA98C63}
   Writer Class Id: {E8132975-6F93-4464-A53E-1050253AE220}
   Writer Name: System Writer

Error: (02/18/2016 02:18:43 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CreateVssExamineWriterMetadata.  hr = 0x80042302, A Volume Shadow Copy Service component encountered an unexpected error.
Check the Application event log for more information.
Operation:
   Writer Exposing its Metadata
Context:
   Execution Context: Requestor
   Writer Instance ID: {DF2BD936-0F3A-4F04-ADE5-B08DBBA98C63}
   Writer Class Id: {E8132975-6F93-4464-A53E-1050253AE220}
   Writer Name: System Writer

Error: (02/18/2016 02:18:43 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine XML document is too long.  hr = 0x80070018, The program issued a command but the command length is incorrect.
Operation:
   Writer Exposing its Metadata
Context:
   Execution Context: Requestor
   Writer Instance ID: {DF2BD936-0F3A-4F04-ADE5-B08DBBA98C63}
   Writer Class Id: {E8132975-6F93-4464-A53E-1050253AE220}
   Writer Name: System Writer

Error: (02/18/2016 02:10:59 PM) (Source: Microsoft-Windows-RestartManager) (User: Naranthor-PC)
Description: Application or service 'Windows Explorer' could not be shut down.

Error: (02/18/2016 02:06:08 PM) (Source: Microsoft-Windows-RestartManager) (User: Naranthor-PC)
Description: Application or service 'Windows Explorer' could not be shut down.

Error: (02/18/2016 01:59:09 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CreateVssExamineWriterMetadata.  hr = 0x80042302, A Volume Shadow Copy Service component encountered an unexpected error.
Check the Application event log for more information.
Operation:
   Writer Exposing its Metadata
Context:
   Execution Context: Requestor
   Writer Instance ID: {DF2BD936-0F3A-4F04-ADE5-B08DBBA98C63}
   Writer Class Id: {E8132975-6F93-4464-A53E-1050253AE220}
   Writer Name: System Writer

Error: (02/18/2016 01:59:09 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine XML document is too long.  hr = 0x80070018, The program issued a command but the command length is incorrect.
Operation:
   Writer Exposing its Metadata
Context:
   Execution Context: Requestor
   Writer Instance ID: {DF2BD936-0F3A-4F04-ADE5-B08DBBA98C63}
   Writer Class Id: {E8132975-6F93-4464-A53E-1050253AE220}
   Writer Name: System Writer

Error: (02/18/2016 01:58:26 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CreateVssExamineWriterMetadata.  hr = 0x80042302, A Volume Shadow Copy Service component encountered an unexpected error.
Check the Application event log for more information.
Operation:
   Writer Exposing its Metadata
Context:
   Execution Context: Requestor
   Writer Instance ID: {DF2BD936-0F3A-4F04-ADE5-B08DBBA98C63}
   Writer Class Id: {E8132975-6F93-4464-A53E-1050253AE220}
   Writer Name: System Writer

Error: (02/18/2016 01:58:26 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine XML document is too long.  hr = 0x80070018, The program issued a command but the command length is incorrect.
Operation:
   Writer Exposing its Metadata
Context:
   Execution Context: Requestor
   Writer Instance ID: {DF2BD936-0F3A-4F04-ADE5-B08DBBA98C63}
   Writer Class Id: {E8132975-6F93-4464-A53E-1050253AE220}
   Writer Name: System Writer

System errors:
=============
Error: (02/18/2016 02:05:05 PM) (Source: volsnap) (User: )
Description: The shadow copies of volume C: were aborted because of an IO failure on volume C:.


Error: (02/18/2016 12:26:46 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 10. The internal error state is 10.

Error: (02/18/2016 12:26:46 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 10. The internal error state is 10.

Error: (02/18/2016 12:14:49 PM) (Source: Service Control Manager) (User: )
Description: The Internet Connection Sharing (ICS) service hung on starting.

Error: (02/18/2016 12:13:19 PM) (Source: Service Control Manager) (User: )
Description: The LogMeIn Hamachi Tunneling Engine service failed to start due to the following error:
%%1053

Error: (02/18/2016 12:13:19 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the LogMeIn Hamachi Tunneling Engine service to connect.

Error: (02/18/2016 12:12:39 PM) (Source: Service Control Manager) (User: )
Description: The lirsgt service failed to start due to the following error: %%577

Error: (02/18/2016 12:12:37 PM) (Source: Service Control Manager) (User: )
Description: The atksgt service failed to start due to the following error: %%577

Error: (02/18/2016 12:05:35 PM) (Source: BugCheck) (User: )
Description: 0x0000008e (0xffffffffc0000005, 0x000000000000d4fb, 0x0000000000000000, 0x0000000000000000)C:\Windows\MEMORY.DMP021816-25818-01

Error: (02/18/2016 12:05:34 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 12:02:32 on ‎18/‎02/‎2016 was unexpected.

Microsoft Office Sessions:
=========================
Error: (02/18/2016 02:19:15 PM) (Source: VSS)(User: )
Description: CreateVssExamineWriterMetadata0x80042302, A Volume Shadow Copy Service component encountered an unexpected error.
Check the Application event log for more information.
Operation:
   Writer Exposing its Metadata
Context:
   Execution Context: Requestor
   Writer Instance ID: {DF2BD936-0F3A-4F04-ADE5-B08DBBA98C63}
   Writer Class Id: {E8132975-6F93-4464-A53E-1050253AE220}
   Writer Name: System Writer

Error: (02/18/2016 02:19:15 PM) (Source: VSS)(User: )
Description: XML document is too long0x80070018, The program issued a command but the command length is incorrect.
Operation:
   Writer Exposing its Metadata
Context:
   Execution Context: Requestor
   Writer Instance ID: {DF2BD936-0F3A-4F04-ADE5-B08DBBA98C63}
   Writer Class Id: {E8132975-6F93-4464-A53E-1050253AE220}
   Writer Name: System Writer

Error: (02/18/2016 02:18:43 PM) (Source: VSS)(User: )
Description: CreateVssExamineWriterMetadata0x80042302, A Volume Shadow Copy Service component encountered an unexpected error.
Check the Application event log for more information.
Operation:
   Writer Exposing its Metadata
Context:
   Execution Context: Requestor
   Writer Instance ID: {DF2BD936-0F3A-4F04-ADE5-B08DBBA98C63}
   Writer Class Id: {E8132975-6F93-4464-A53E-1050253AE220}
   Writer Name: System Writer

Error: (02/18/2016 02:18:43 PM) (Source: VSS)(User: )
Description: XML document is too long0x80070018, The program issued a command but the command length is incorrect.
Operation:
   Writer Exposing its Metadata
Context:
   Execution Context: Requestor
   Writer Instance ID: {DF2BD936-0F3A-4F04-ADE5-B08DBBA98C63}
   Writer Class Id: {E8132975-6F93-4464-A53E-1050253AE220}
   Writer Name: System Writer

Error: (02/18/2016 02:10:59 PM) (Source: Microsoft-Windows-RestartManager)(User: Naranthor-PC)
Description: 1C:\Windows\explorer.exeWindows Explorer0411725600

Error: (02/18/2016 02:06:08 PM) (Source: Microsoft-Windows-RestartManager)(User: Naranthor-PC)
Description: 1C:\Windows\explorer.exeWindows Explorer0411725600

Error: (02/18/2016 01:59:09 PM) (Source: VSS)(User: )
Description: CreateVssExamineWriterMetadata0x80042302, A Volume Shadow Copy Service component encountered an unexpected error.
Check the Application event log for more information.
Operation:
   Writer Exposing its Metadata
Context:
   Execution Context: Requestor
   Writer Instance ID: {DF2BD936-0F3A-4F04-ADE5-B08DBBA98C63}
   Writer Class Id: {E8132975-6F93-4464-A53E-1050253AE220}
   Writer Name: System Writer

Error: (02/18/2016 01:59:09 PM) (Source: VSS)(User: )
Description: XML document is too long0x80070018, The program issued a command but the command length is incorrect.
Operation:
   Writer Exposing its Metadata
Context:
   Execution Context: Requestor
   Writer Instance ID: {DF2BD936-0F3A-4F04-ADE5-B08DBBA98C63}
   Writer Class Id: {E8132975-6F93-4464-A53E-1050253AE220}
   Writer Name: System Writer

Error: (02/18/2016 01:58:26 PM) (Source: VSS)(User: )
Description: CreateVssExamineWriterMetadata0x80042302, A Volume Shadow Copy Service component encountered an unexpected error.
Check the Application event log for more information.
Operation:
   Writer Exposing its Metadata
Context:
   Execution Context: Requestor
   Writer Instance ID: {DF2BD936-0F3A-4F04-ADE5-B08DBBA98C63}
   Writer Class Id: {E8132975-6F93-4464-A53E-1050253AE220}
   Writer Name: System Writer

Error: (02/18/2016 01:58:26 PM) (Source: VSS)(User: )
Description: XML document is too long0x80070018, The program issued a command but the command length is incorrect.
Operation:
   Writer Exposing its Metadata
Context:
   Execution Context: Requestor
   Writer Instance ID: {DF2BD936-0F3A-4F04-ADE5-B08DBBA98C63}
   Writer Class Id: {E8132975-6F93-4464-A53E-1050253AE220}
   Writer Name: System Writer

CodeIntegrity Errors:
===================================
  Date: 2016-02-18 12:12:39.872
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\lirsgt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-02-18 12:12:39.472
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\lirsgt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-02-18 12:12:37.412
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\atksgt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-02-18 12:12:36.952
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\atksgt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-02-18 11:57:27.081
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\lirsgt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-02-18 11:57:26.641
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\lirsgt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-02-18 11:57:23.130
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\atksgt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-02-18 11:57:22.610
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\atksgt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-02-18 11:44:22.171
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\lirsgt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-02-18 11:44:21.719
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\lirsgt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

=========================== Installed Programs ============================
7-Zip 15.14 (x64 edition) (HKLM\...\{23170F69-40C1-2702-1514-000001000000}) (Version: 15.14.00.0 - Igor Pavlov)
Adblock Plus for IE (32-bit and 64-bit) (HKLM\...\{77588F59-3C58-4675-8EEE-998E5BC33CF4}) (Version: 1.4 - Eyeo GmbH)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.010.20059 - Adobe Systems Incorporated)
Adobe Flash Player 10 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 10.0.42.34 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.306 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM-x32\...\{E38C529D-DD73-4002-8489-E09CEBD9BF32}) (Version: 12.2.0.162 - Adobe Systems, Inc)
Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.3.183 - Adobe Systems, Inc.)
AI Suite II (HKLM-x32\...\{34D3688E-A737-44C5-9E2A-FF73618728E1}) (Version: 2.04.01 - ASUSTeK Computer Inc.)
Akamai NetSession Interface (HKCU\...\Akamai) (Version:  - Akamai Technologies, Inc)
AKIBA'S TRIP: Undead & Undressed (HKLM-x32\...\Steam App 333980) (Version:  - ACQUIRE Corp.)
Amazon Music (HKCU\...\Amazon Amazon Music) (Version: 4.0.0.1205 - Amazon Services LLC)
AMD Catalyst Install Manager (HKLM\...\{5DDB9EF7-1BC0-C9C1-9829-6B9CF68AC357}) (Version: 8.0.903.0 - Advanced Micro Devices, Inc.)
Ancient Wars - Sparta (HKLM-x32\...\{554532CE-43E2-4B4F-BBDE-27742A32C236}) (Version: 1.00.0000 - PlayLogic)
Apple Application Support (32-bit) (HKLM-x32\...\{7FA9ECCF-A2DE-4DA1-BFF3-81260DBDA68F}) (Version: 4.1.2 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{691F30EB-9009-475A-B8A9-E1BF39598FD5}) (Version: 4.1.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
Armored Warfare MyCom (HKCU\...\Armored Warfare MyCom) (Version: 1.65 - My.com B.V.)
Armored Warfare MyCom Beta (HKCU\...\Armored Warfare MyCom Beta) (Version: 1.59 - My.com B.V.)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.12.0 - Asmedia Technology)
Assassin's Creed (HKLM-x32\...\{8CFA9151-6404-409A-AF22-4632D04582FD}) (Version: 1.02 - Ubisoft)
Assassins Creed IV Black Flag (HKLM-x32\...\Uplay Install 273) (Version:  - Ubisoft)
ASUS Product Register Program (HKLM-x32\...\{C0B16F2E-3980-44F8-8CF4-F84696541FF7}) (Version: 1.0.018 - ASUSTek Computer Inc.)
ASUS Product Register Program (HKLM-x32\...\{C87D79F6-F813-4812-B7A9-CCCAAB8B1188}) (Version: 1.0.030 - ASUSTek Computer Inc.)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
Audacity 2.1.2 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.2 - Audacity Team)
Baldur's Gate II: Enhanced Edition (HKLM-x32\...\Steam App 257350) (Version:  - Beamdog)
Baldur's Gate: Enhanced Edition (HKLM-x32\...\Steam App 228280) (Version:  - Beamdog)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.14 - Piriform)
Chivalry BETA (HKLM-x32\...\Steam App 232210) (Version:  - )
Chivalry: Medieval Warfare (HKLM-x32\...\Steam App 219640) (Version:  - Torn Banner Studios)
Citrix Receiver (HKLM-x32\...\CitrixOnlinePluginPackWeb) (Version: 14.1.200.13 - Citrix Systems, Inc.)
CPUID CPU-Z 1.75 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
CyberLink PhotoNow (HKLM-x32\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.5203 - CyberLink Corp.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Darkest Dungeon (HKLM-x32\...\Steam App 262060) (Version:  - Red Hook Studios)
Dell System Detect (HKCU\...\73f463568823ebbe) (Version: 6.6.0.2 - Dell)
Dragonshard (HKLM-x32\...\{85DF2C7E-183B-4153-9B89-36D0E239E2CB}) (Version: 1.1.12 - Atari)
EA Download Manager (HKLM-x32\...\{EF7E931D-DC84-471B-8DB6-A83358095474}) (Version: 4.0.0.455 - Electronic Arts) Hidden
EaseUS Partition Master 10.8 (HKLM-x32\...\EaseUS Partition Master_is1) (Version:  - EaseUS)
EaseUS Todo Backup Free 9.0  (HKLM-x32\...\EaseUS Todo Backup_is1) (Version: 9.0 - CHENGDU YIWO Tech Development Co., Ltd)
Empire: Total War (HKLM-x32\...\Steam App 10500) (Version:  - The Creative Assembly)
Eternal Senia (HKLM-x32\...\Steam App 351640) (Version:  - Holy Priest)
Evolve (HKLM\...\{670B1B49-9FD3-4827-9B41-471EFF580AA8}) (Version: 1.8.7 - Echobit, LLC)
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
FinalTorrent 2012 (HKLM-x32\...\FinalTorrent_is1) (Version: 2012.12.09.27 - Bitberry Software)
Free RAR Extract Frog (HKLM-x32\...\Free RAR Extract Frog) (Version: 5.20 - Philipp Winterberg)
Free WebM Video Converter version 5.0.52.1122 (HKLM-x32\...\Free WebM Video Converter_is1) (Version: 5.0.52.1122 - DVDVideoSoft Ltd.)
GameSpy Arcade (HKLM-x32\...\GameSpy Arcade) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 48.0.2564.109 - Google Inc.)
Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.29.5 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Guns of Icarus Online (HKLM-x32\...\Steam App 209080) (Version:  - Muse Games)
Happy Cloud Client (HKCU\...\HappyCloud) (Version: 4.28 - Happy Cloud, Inc.)
Heroes & Generals (HKLM-x32\...\Steam App 227940) (Version:  - Reto-Moto)
Hyperdimension Neptunia Re;Birth1 (HKLM-x32\...\Steam App 282900) (Version:  - Idea Factory, Inc.)
Hyperdimension Neptunia Re;Birth2 Sisters Generation (HKLM-x32\...\Steam App 351710) (Version:  - )
Icewind Dale - Heart of Winter (HKLM-x32\...\{433BF933-81D6-4646-A318-3DE5DB6108F2}) (Version:  - )
Icewind Dale (HKLM-x32\...\Icewind Dale) (Version:  - )
Icewind Dale II (HKLM-x32\...\{588C135F-0B15-4A02-8F2D-04697BE2904E}) (Version: 1.00.000 - Black Isle)
Icewind Dale: Enhanced Edition (HKLM-x32\...\Steam App 321800) (Version:  - Beamdog)
iTunes (HKLM\...\{FBEB98F8-64E4-4FA3-A15E-4A9F42FF962E}) (Version: 12.3.2.35 - Apple Inc.)
Java 8 Update 74 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418074F0}) (Version: 8.0.740.2 - Oracle Corporation)
Kaspersky Security Scan (HKLM-x32\...\{D1282694-0693-41A8-ABC1-6D1FFC1F65C5}) (Version: 15.0.0.737 - Kaspersky Lab) Hidden
Kaspersky Security Scan (HKLM-x32\...\InstallWIX_{D1282694-0693-41A8-ABC1-6D1FFC1F65C5}) (Version: 15.0.0.737 - Kaspersky Lab)
Kaspersky Software Updater Beta (HKLM-x32\...\{A19807B6-6057-456E-A560-A2A04862C1C6}) (Version: 1.5.1.202 - Kaspersky Lab) Hidden
Kaspersky Software Updater Beta (HKLM-x32\...\InstallWIX_{A19807B6-6057-456E-A560-A2A04862C1C6}) (Version: 1.5.1.202 - Kaspersky Lab)
LogMeIn Hamachi (HKLM-x32\...\{D31AA60E-A9E5-47CF-AE3C-C980C5A1FF51}) (Version: 2.2.0.410 - LogMeIn, Inc.) Hidden
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.410 - LogMeIn, Inc.)
Medieval II: Total War (HKLM-x32\...\Steam App 4700) (Version:  - The Creative Assembly)
Microsoft .NET Framework 4.6.1 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (dansk) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1030) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (español) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 3082) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (Français) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1036) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (Italiano) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1040) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (Nederlands) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1043) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (norsk språkpakke) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1044) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (Polski) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (Português do Brasil) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1046) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (Português) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 2070) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (suomi) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1035) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (svenska) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1053) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (Türkçe) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1055) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (Ελληνικά) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1032) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (Русский) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1049) (Version: 4.6.01055 - Корпорация Майкрософт)
Microsoft .NET Framework 4.6.1 ‏(עברית) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1037) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (العربية) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1025) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (한국어) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1042) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (日本語) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1041) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (简体中文) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 2052) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET-keretrendszer 4.6.1 (magyar) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1038) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Application Compatibility Toolkit 5.6 (HKLM-x32\...\{0F5AEBB0-43F3-4571-ACE7-A7942E8AA179}) (Version: 5.6.7324.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{2DFD8316-9EF1-3210-908C-4CB61961C1AC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Middle-earth: Shadow of Mordor (HKLM-x32\...\Steam App 241930) (Version:  - Monolith Productions, Inc.)
Mount & Blade: Warband (HKLM-x32\...\Steam App 48700) (Version:  - TaleWorlds Entertainment)
Mount & Blade: With Fire and Sword (HKLM-x32\...\Steam App 48720) (Version:  - TaleWorlds Entertainment)
Movie Maker (HKLM-x32\...\{38F03569-A636-4CF3-BDDE-032C8C251304}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 44.0.2 (x86 en-GB) (HKLM-x32\...\Mozilla Firefox 44.0.2 (x86 en-GB)) (Version: 44.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 38.6.0 - Mozilla)
Mozilla Thunderbird 38.6.0 (x86 en-GB) (HKLM-x32\...\Mozilla Thunderbird 38.6.0 (x86 en-GB)) (Version: 38.6.0 - Mozilla)
MSI Afterburner 2.3.1 (HKLM-x32\...\Afterburner) (Version: 2.3.1 - MSI Co., LTD)
MSI Kombustor 2.5.5 (HKLM-x32\...\{0B7C79A5-5CB2-4ABD-A9C1-92A6213CE8DD}_is1) (Version:  - MSI Co., LTD)
My.com Game Center (HKCU\...\MyComGames) (Version: 3.151 - My.com B.V.)
Napoleon: Total War (HKLM-x32\...\Steam App 34030) (Version:  - The Creative Assembly)
Neverwinter (HKLM-x32\...\Steam App 109600) (Version:  - Cryptic Studios)
Neverwinter Nights (HKLM-x32\...\{7C503E58-B2BC-11D5-978A-0050BA84F5F7}) (Version:  - )
Neverwinter Nights 2 (HKLM-x32\...\{F20C1251-1D0A-4944-B2AE-678581B33B19}) (Version: 1.00.0000 - Obsidian)
NewBlue Video Essentials for Windows (HKLM-x32\...\NewBlue Video Essentials for Windows) (Version: 3.0 - NewBlue)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.61.5 - Black Tree Gaming)
Nokia Connectivity Cable Driver (HKLM\...\{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}) (Version: 7.1.32.69 - )
NotGTAV (HKLM-x32\...\Steam App 369580) (Version:  - Not Games LLP)
NVIDIA 3D Vision Controller Driver 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 361.91 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 361.91 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.9.1.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.9.1.35 - NVIDIA Corporation)
NVIDIA Graphics Driver 361.91 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 361.91 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.34.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.4 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Online Plug-in (HKLM-x32\...\{70DCAD2C-31C1-43F9-AD4D-D45C7DC1F6F5}) (Version: 14.1.200.13 - Citrix Systems, Inc.) Hidden
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenOffice 4.1.1 (HKLM-x32\...\{86F2B095-3998-41D5-833D-1C5075300950}) (Version: 4.11.9775 - Apache Software Foundation)
OpenOffice 4.1.1 Language Pack (Dutch) (HKLM-x32\...\{3706BA4B-3197-49D0-8159-40585BF853FB}) (Version: 4.11.9775 - Apache Software Foundation)
OpenOffice 4.1.1 Language Pack (French) (HKLM-x32\...\{2319074D-5C2A-433D-91C6-16587FDFDC1D}) (Version: 4.11.9775 - Apache Software Foundation)
OpenOffice 4.1.1 Language Pack (German) (HKLM-x32\...\{68AF7AB8-E018-40D9-B703-0129274FDBAE}) (Version: 4.11.9775 - Apache Software Foundation)
OpenOffice 4.1.1 Language Pack (Japanese) (HKLM-x32\...\{8DE1C68C-18D2-4BC1-90F7-A8E4ECFFA6A6}) (Version: 4.11.9775 - Apache Software Foundation)
OpenOffice 4.1.1 Language Pack (Polish) (HKLM-x32\...\{B0A41CF6-68A5-4E36-B84B-D016BE3E548F}) (Version: 4.11.9775 - Apache Software Foundation)
OpenOffice 4.1.1 Language Pack (Russian) (HKLM-x32\...\{159F095A-AFF1-4D9D-962B-F7213B2AA473}) (Version: 4.11.9775 - Apache Software Foundation)
OpenOffice 4.1.1 Language Pack (Swedish) (HKLM-x32\...\{5A6AA697-1CDE-4D08-9B37-AD42DAF02577}) (Version: 4.11.9775 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 9.2.1.4399 - Electronic Arts, Inc.)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.89.63.0 - Overwolf Ltd.)
paint.net (HKLM\...\{DADC2AF6-DC9F-4BCF-BFCE-DCEC16EF507C}) (Version: 4.0.9 - dotPDN LLC)
PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version:  - OVERKILL - a Starbreeze Studio.)
PlanetSide 2 (HKCU\...\DG0-PlanetSide 2) (Version:  - Sony Online Entertainment)
PlanetSide 2 (HKCU\...\SOE-PlanetSide 2) (Version:  - Sony Online Entertainment)
PlanetSide 2 (HKLM-x32\...\Steam App 218230) (Version:  - Sony Online Entertainment)
Python 3.5.0 (32-bit) (HKCU\...\{1197d2bb-6cf8-488a-b994-d5bf6d7efe7b}) (Version: 3.5.150.0 - Python Software Foundation)
Python 3.5.0 Add to Path (32-bit) (HKLM-x32\...\{2ACA9F2F-F5DA-4D92-8DC3-88AAE8CCEB2C}) (Version: 3.5.150.0 - Python Software Foundation) Hidden
Python 3.5.0 Core Interpreter (32-bit) (HKLM-x32\...\{E9E55FC3-A47F-4ACA-8691-C22469450FB1}) (Version: 3.5.150.0 - Python Software Foundation) Hidden
Python 3.5.0 Development Libraries (32-bit) (HKLM-x32\...\{D5A057BD-471E-40D6-B7E0-79E08210D8F6}) (Version: 3.5.150.0 - Python Software Foundation) Hidden
Python 3.5.0 Documentation (32-bit) (HKLM-x32\...\{169B7A58-FE29-48E8-8773-9D6390815C8C}) (Version: 3.5.150.0 - Python Software Foundation) Hidden
Python 3.5.0 Executables (32-bit) (HKLM-x32\...\{CE48771A-4CC2-4F35-A7B3-D136E91D04F3}) (Version: 3.5.150.0 - Python Software Foundation) Hidden
Python 3.5.0 Launcher (32-bit) (HKLM-x32\...\{CAA5FC80-DEF6-4DFA-9C06-23921A87F092}) (Version: 3.5.150.0 - Python Software Foundation) Hidden
Python 3.5.0 pip Bootstrap (32-bit) (HKLM-x32\...\{11187860-0D92-490D-86EC-3A941C98D451}) (Version: 3.5.150.0 - Python Software Foundation) Hidden
Python 3.5.0 Standard Library (32-bit) (HKLM-x32\...\{0740B2CD-63EC-44C7-B39E-B6EB579773E6}) (Version: 3.5.150.0 - Python Software Foundation) Hidden
Python 3.5.0 Tcl/Tk Support (32-bit) (HKLM-x32\...\{7AB85182-2EE4-4137-A5C6-D8C03958DCBA}) (Version: 3.5.150.0 - Python Software Foundation) Hidden
Python 3.5.0 Test Suite (32-bit) (HKLM-x32\...\{2234BC4D-E95D-40C2-818D-7845760C510F}) (Version: 3.5.150.0 - Python Software Foundation) Hidden
Python 3.5.0 Utility Scripts (32-bit) (HKLM-x32\...\{4A69B338-2C0C-4726-A261-44DBCF0DA94A}) (Version: 3.5.150.0 - Python Software Foundation) Hidden
QuickTime 7 (HKLM-x32\...\{80CEEB1E-0A6C-45B9-A312-37A1D25FDEBC}) (Version: 7.78.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6699 - Realtek Semiconductor Corp.)
Rome: Total War (HKLM-x32\...\Steam App 4760) (Version:  - The Creative Assembly)
RuneScape Launcher 1.2.7 (HKLM-x32\...\{FA52A2D0-298E-4D40-8BB7-39928627EA6A}) (Version: 1.2.7 - Jagex Ltd)
S.T.A.L.K.E.R.: Call of Pripyat (HKLM-x32\...\Steam App 41700) (Version:  - GSC Game World)
S.T.A.L.K.E.R.: Clear Sky (HKLM-x32\...\Steam App 20510) (Version:  - GSC Game World)
S.T.A.L.K.E.R.: Shadow of Chernobyl (HKLM-x32\...\Steam App 4500) (Version:  - GSC Game World)
Sakura Clicker (HKLM-x32\...\Steam App 383080) (Version:  - Winged Cloud)
Sakura Spirit (HKLM-x32\...\Steam App 313740) (Version:  - Winged Cloud)
Seagate DiscWizard (HKLM-x32\...\{AC5BFE42-B72A-467C-B9B2-8BF77C6D4D70}) (Version: 16.0.5840 - Seagate)
SeaTools for Windows 1.4.0.4 (HKLM-x32\...\SeaTools for Windows) (Version: 1.4.0.4 - Seagate Technology)
Self-service Plug-in (HKLM-x32\...\{19D38B09-9030-4475-90E5-2DDA3A36F670}) (Version: 4.1.200.588 - Citrix Systems, Inc.) Hidden
Serious Sam 2 (HKLM-x32\...\Steam App 204340) (Version:  - Croteam)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 4.1.0260 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 2.9.1.35 - NVIDIA Corporation) Hidden
Sid Meier's Civilization V (HKLM-x32\...\steam app 8930) (Version:  - 2K Games, Inc.)
Skype™ 7.18 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.109 - Skype Technologies S.A.)
Skyrim Script Extender (SKSE) (HKLM-x32\...\Steam App 365720) (Version:  - The SKSE Team)
Slack (HKCU\...\slack) (Version: 1.2.2 - Slack Technologies)
Smart Defrag 4 (HKLM-x32\...\Smart Defrag 4_is1) (Version: 4.3 - IObit)
Speccy (HKLM\...\Speccy) (Version: 1.28 - Piriform)
Star Wars Battlefront II (HKLM-x32\...\{3D374523-CFDE-461A-827E-2A102E2AB365}) (Version: 1.0 - LucasArts)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
SteamVR (HKLM-x32\...\Steam App 250820) (Version:  - )
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.17 - TeamSpeak Systems GmbH)
Terraria (HKLM-x32\...\Steam App 105600) (Version:  - Re-Logic)
The Battle for Middle-earth ™ (HKLM-x32\...\{3F290582-3F4E-4B96-009C-E0BABAA40C42}) (Version:  - )
The Battle for Middle-earth ™ II (HKLM-x32\...\{2A9F95AB-65A3-432c-8631-B8BC5BF7477A}) (Version:  - )
The Elder Scrolls III: Morrowind (HKLM-x32\...\Steam App 22320) (Version:  - Bethesda Game Studios®)
The Elder Scrolls IV: Oblivion  (HKLM-x32\...\Steam App 22330) (Version:  - Bethesda Game Studios)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
The Hobbit™ (HKLM-x32\...\{023FFB0A-C5DB-4930-B3E4-D48266C21738}) (Version: 1.00.000 - Sierra) Hidden
The Hobbit™ (HKLM-x32\...\InstallShield_{023FFB0A-C5DB-4930-B3E4-D48266C21738}) (Version: 1.00.000 - Sierra)
The Lord of the Rings Online™ (HKLM-x32\...\Steam App 212500) (Version:  - Turbine, Inc.)
The Lord of the Rings, The Rise of the Witch-king (HKLM-x32\...\{B931FB80-537A-4600-00AD-AC5DEDB6C25B}) (Version:  - )
The Lord of the Rings: War in the North (HKLM-x32\...\Steam App 32800) (Version:  - Snowblind Studios)
THE SETTLERS - Heritage of Kings (HKLM-x32\...\{8FDC1610-3FB5-4EF2-A0D0-CEDC3A525A25}) (Version: 1.00.0000 - Blue Byte)
Thief - Deadly Shadows (HKLM-x32\...\{FC123EEA-330A-4685-911C-95B8F5E9DE68}) (Version: 1.0 - )
Thief 2 - The Metal Age  (Remove Only) (HKLM-x32\...\Thief 2 - The Metal Age) (Version: 1.18 - Mastertronic Group Ltd.)
Thief Gold (HKLM-x32\...\{37EE6FD9-CCD5-4423-9494-3AF36B8BFC7D}) (Version: 1.00.000 - Eidos)
Third Age - Total War 3.0 (Part 1of2) (HKCU\...\Third Age - Total War 3.0 (Part 1of2)) (Version:  - )
Third Age - Total War 3.0 (Part 2of2) (HKCU\...\Third Age - Total War 3.0 (Part 2of2)) (Version:  - )
Total War: SHOGUN 2 (HKLM-x32\...\Steam App 34330) (Version:  - The Creative Assembly)
Toy Soldiers (HKLM-x32\...\Steam App 98300) (Version:  - Signal Studios)
Tropico 3 - Steam Special Edition (HKLM-x32\...\Steam App 23490) (Version:  - Haemimont Games)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version: 4.6.0f3 - Unity Technologies ApS)
Uplay (HKLM-x32\...\Uplay) (Version: 4.3 - Ubisoft)
Virtual Audio Cable 4.10 (HKLM\...\Virtual Audio Cable 4.10) (Version:  - )
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.2 - VideoLAN)
Webroot SecureAnywhere (HKLM-x32\...\WRUNINST) (Version: 9.0.7.46 - Webroot)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows XP Mode (HKLM\...\{1374CC63-B520-4f3f-98E8-E9020BF01CFF}) (Version: 1.3.7600.16423 - Microsoft Corporation)
WinRAR 5.31 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
WinZip 20.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240EF}) (Version: 20.0.11659 - WinZip Computing, S.L. )
World of Tanks (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1) (Version:  - Wargaming.net)
Xfire 2.0 (HKLM-x32\...\{43ADAE00-A4ED-4379-A76D-A1FF5D9D334A}_is1) (Version: 2.0 - Xfire, Inc.)
Xfire Codec (remove only) (HKLM-x32\...\XfireCodec) (Version:  - )
XVM version 6.2.0.1 (HKLM-x32\...\{2865cd27-6b8b-4413-8272-cd968f316050}_is1) (Version: 6.2.0.1 - XVM team)

========================= Memory info: ===================================
Percentage of memory in use: 29%
Total physical RAM: 24476.39 MB
Available physical RAM: 17357.52 MB
Total Virtual: 48951 MB
Available Virtual: 41745.28 MB

========================= Partitions: =====================================
1 Drive c: () (Fixed) (Total:931.41 GB) (Free:136.99 GB) NTFS
4 Drive f: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS
5 Drive g: () (Fixed) (Total:465.66 GB) (Free:35.46 GB) NTFS

========================= Users: ========================================
User accounts for \\NARANTHOR-PC

Administrator            Guest                    Naranthor                


**** End of log ****


Edited by hamluis, 18 February 2016 - 05:29 PM.


#4 hamluis

hamluis

    Moderator


  • Moderator
  • 55,238 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:06:15 AM

Posted 18 February 2016 - 06:03 PM

Antivirus reflects "disabled" status...never a good thing, IMO.

 

Something definitely wrong here, max RAM is waaay over normal for this process:  explorer.exe   Process ID: 2560   User: Naranthor   Domain: Naranthor-PC

Path: C:\Windows\Explorer.EXE   Memory Usage: 203 MB   Peak Memory Usage: 2.42 GB.

 

Ditto for this one:  firefox.exe   Process ID: 2192   User: Naranthor   Domain: Naranthor-PC   Path: C:\Program Files (x86)\Mozilla Firefox\firefox.exe

Memory Usage: 803 MB   Peak Memory Usage: 1.11 GB
 
Kaspersky process running, listed as installed.  Ditto for Webroot, but Webroot is listed by Speccy as AV of choice.  Also has Kapersky Virus Removal Tool installed/running.  KVRT reflects almost 1GB RAM max usage, which is about 3 times what I would expect.
 
You also have a svchost process with a max RAM usage of about 800MB.  Typical max usage on any system is for AV and browsers, with 300MB or so normally the max RAM usage.
 
Trusted Installer reflect max RAM usage of 1.2GB.
 
The 500GB Seagate hard drive...looks like it could a diagnostic.
 
I don't know what the problems are...but I would definitely uninstall ALL of the above named security apps...then reinstall only one.  Current situation is ripe for conflicts and data corruption, IMO.
 
A trip to Am I Infected...would also seem a logical first step, IMO.
 
Louis
 
 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users