Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

svchost.exe balloons up and causes huge performance issues


  • Please log in to reply
6 replies to this topic

#1 Lurdiak

Lurdiak

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:07:45 AM

Posted 23 December 2014 - 12:39 PM

I'm operating on an outdated machine and recently had Windows 7 installed when support for XP ran out. I also had a new hard drive installed and moved all my data to it, while leaving only the OS on the main drive, hoping to improve performance.

 

A few months ago, I noticed that performance started to drop at random times. I eventually discovered that it seemed to be tied to an instance of svchost.exe becoming increasingly huge until the flimsy 1.92 gigabytes of operating RAM I'm working with began to choke. I have no real idea of what the process is tied to, or what's causing it to behave like this. It sometimes occurs when I'm watching videos, browsing Firefox, or playing World of Warcraft, and each time it affects performance rather violently. Usually it eventually subsides, but I have no idea why. I don't know if this is a virus or simply a crappy program leaking memory. I've seen it go up to 1.1 gig of processing power in the task manager.

 

My computer runs worse now than it did before the upgrade, and it's a pain in the neck.

 

I had planned to simply post a Hijackthis! log and have people in the know tell me what doesn't belong, but apparently that is verboten.



BC AdBot (Login to Remove)

 


#2 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,663 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:05:45 AM

Posted 23 December 2014 - 04:21 PM

Welcome aboard p22002758.gif

 

p22002970.gif Download Security Check from here or here and save it to your Desktop.

  • Double-click SecurityCheck.exe
  • Follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

NOTE 1. If one of your security applications (e.g., third-party firewall) requests permission to allow DIG.EXE access the Internet, allow it to do so.
NOTE 2. SecurityCheck may produce some false warning(s), so leave the results reading to me.
NOTE 3. If you receive UNSUPPORTED OPERATING SYSTEM! ABORTED! message restart computer and Security Check should run

p22002970.gif Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.


p22002970.gif Please download MiniToolBox and run it.

Checkmark following boxes:
  • Report IE Proxy Settings
  • Report FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices (do NOT change any settings here)
  • List Users, Partitions and Memory size
  • List Restore Points

Click Go and post the result.

p22002970.gif Please download Malwarebytes Anti-Malware (MBAM) to your desktop.
NOTE. If you already have MBAM 2.0 installed scroll down.

  • Double-click mb3-setup-1878.1878-3.5.1.2522.exe and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to the following:

    • Launch Malwarebytes Anti-Malware
    • A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.

  • Click Finish.
  • On the Dashboard, click the 'Update Now >>' link
  • After the update completes, click the 'Scan Now >>' button.
  • Or, on the Dashboard, click the Scan Now >> button.
  • If an update is available, click the Update Now button.
  • A Threat Scan will begin.
  • When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
  • In most cases, a restart will be required.
  • Wait for the prompt to restart the computer to appear, then click on Yes.



If you already have MBAM 2.0 installed:

  • On the Dashboard, click the 'Update Now >>' link
  • After the update completes, click the 'Scan Now >>' button.
  • Or, on the Dashboard, click the Scan Now >> button.
  • If an update is available, click the Update Now button.
  • A Threat Scan will begin.
  • When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
  • In most cases, a restart will be required.
  • Wait for the prompt to restart the computer to appear, then click on Yes.


How to get logs:
(Export log to save as txt)


  • After the restart once you are back at your desktop, open MBAM once more.
  • Click on the History tab > Application Logs.
  • Double click on the Scan Log which shows the Date and time of the scan just performed.
  • Click 'Export'.
  • Click 'Text file (*.txt)'
  • In the Save File dialog box which appears, click on Desktop.
  • In the File name: box type a name for your scan log.
  • A message box named 'File Saved' should appear stating "Your file has been successfully exported".
  • Click Ok
  • Attach that saved log to your next reply.



(Copy to clipboard for pasting into forum replies or tickets)

  • After the restart once you are back at your desktop, open MBAM once more.
  • Click on the History tab > Application Logs.
  • Double click on the Scan Log which shows the Date and time of the scan just performed.
  • Click 'Copy to Clipboard'
  • Paste the contents of the clipboard into your reply.


p22002970.gifDownload 51a5f31352b88-icon_MBAR.pngMalwarebytes Anti-Rootkit (MBAR) to your desktop.
  • Warning! Malwarebytes Anti-Rootkit needs to be run from an account with administrator rights.
  • Double click on downloaded file. OK self extracting prompt.
  • MBAR will start. Click "Next" to continue.
  • Click in the following screen "Update" to obtain the latest malware definitions.
  • Once the update is complete select "Next" and click "Scan".
  • When the scan is finished and no malware has been found select "Exit".
  • If malware was detected, make sure to check all the items and click "Cleanup". Reboot your computer.
  • Open the MBAR folder located on your Desktop and paste the content of the following files in your next reply:
  • "mbar-log-{date} (xx-xx-xx).txt"
  • "system-log.txt"


NOTE. If you see This version requires you to completely exit the Anti Malware application message right click on the Malwarebytes Anti-Malware icon in the system tray and click on Exit.

p22002970.gif Please download Rkill (courtesy of BleepingComputer.com) to your desktop.
There are 2 different versions. If one of them won't run then download and try to run the other one.
You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.

rKill.exe: http://www.bleepingcomputer.com/download/rkill/dl/10/
iExplore.exe (renamed rKill.exe): http://www.bleepingcomputer.com/download/rkill/dl/11/

  • Double-click on the Rkill desktop icon to run the tool.
  • If using Vista or Windows 7 right-click on it and choose Run As Administrator.
  • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
  • If not, delete the file, then download and use the one provided in Link 2.
  • Do not reboot until instructed.
  • If the tool does not run from any of the links provided, please let me know.


If normal mode still doesn't work, run the tool from safe mode.

When the scan is done Notepad will open with rKill log.
Post it in your next reply.

NOTE. rKill.txt log will also be present on your desktop.

NOTE Do NOT wrap your logs in "quote" or "code" brackets.
Do NOT use spoilers.
Do NOT edit your reply to post additional logs. Create new reply. I'll not get any email notifications about edits so I won't know you posted something new.


My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#3 Lurdiak

Lurdiak
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:07:45 AM

Posted 27 December 2014 - 08:54 PM

It's not letting me post my logs. :(



#4 Lurdiak

Lurdiak
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:07:45 AM

Posted 27 December 2014 - 08:56 PM

 Results of screen317's Security Check version 0.99.93  
 Windows 7 Service Pack 1 x64 (UAC is disabled!)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:``````````````
 WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
 Java 7 Update 67  
 Java 8 Update 25  
 Java version 32-bit out of Date!
 Adobe Flash Player 16.0.0.235  
 Adobe Reader XI  
 Mozilla Firefox (34.0.5)
 Google Chrome (39.0.2171.71)
 Google Chrome (39.0.2171.95)
````````Process Check: objlist.exe by Laurent````````  
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: =
````````````````````End of Log``````````````````````
 

Farbar Service Scanner Version: 21-07-2014
Ran by Cedric (administrator) on 27-12-2014 at 19:48:15
Running from "D:\Documents\Downloads"
Microsoft Windows 7 Professionnel  Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============


Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\dhcpcore.dll => File is digitally signed
C:\Windows\System32\drivers\afd.sys => File is digitally signed
C:\Windows\System32\drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\mpssvc.dll => File is digitally signed
C:\Windows\System32\bfe.dll => File is digitally signed
C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed
C:\Windows\System32\SDRSVC.dll => File is digitally signed
C:\Windows\System32\vssvc.exe => File is digitally signed
C:\Windows\System32\wscsvc.dll => File is digitally signed
C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\System32\wuaueng.dll => File is digitally signed
C:\Windows\System32\qmgr.dll => File is digitally signed
C:\Windows\System32\es.dll => File is digitally signed
C:\Windows\System32\cryptsvc.dll => File is digitally signed
C:\Windows\System32\ipnathlp.dll => File is digitally signed
C:\Windows\System32\iphlpsvc.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed


**** End of log ****


Rkill 2.6.9 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2014 BleepingComputer.com
More Information about Rkill can be found at this link:
 http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 12/27/2014 08:50:53 PM in x64 mode.
Windows Version: Windows 7 Professional Service Pack 1

Checking for Windows services to stop:

 * No malware services found to stop.

Checking for processes to terminate:

 * No malware processes found to kill.

Checking Registry for malware related settings:

 * No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

 * No issues found.

Checking Windows Service Integrity:

 * No issues found.

Searching for Missing Digital Signatures:

 * No issues found.

Checking HOSTS File:

 * No issues found.

Program finished at: 12/27/2014 08:52:41 PM
Execution time: 0 hours(s), 1 minute(s), and 48 seconds(s)



#5 Lurdiak

Lurdiak
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:07:45 AM

Posted 27 December 2014 - 09:02 PM

MiniToolBox by Farbar  Version: 30-11-2014
Ran by Cedric (administrator) on 27-12-2014 at 19:51:32
Running from "D:\Documents\Downloads"
Microsoft Windows 7 Professionnel  Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

========================= FF Proxy Settings: ==============================

========================= Hosts content: =================================



========================= IP Configuration: ================================

Realtek PCIe GBE Family Controller = Connexion au réseau local (Connected)


# ----------------------------------
# Configuration du protocole IPv4
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# Fin de la configuration du protocole IPv4


Configuration IP de Windows

   Nom de l'h�te . . . . . . . . . . : Cedric-PC
   Suffixe DNS principal . . . . . . :
   Type de noeud. . . . . . . . . .  : Hybride
   Routage IP activ� . . . . . . . . : Non
   Proxy WINS activ� . . . . . . . . : Non

Carte Ethernet Connexion au r�seau local :

   Suffixe DNS propre � la connexion. . . :
   Description. . . . . . . . . . . . . . : Realtek PCIe GBE Family Controller
   Adresse physique . . . . . . . . . . . : 90-E6-BA-71-7C-89
   DHCP activ�. . . . . . . . . . . . . . : Oui
   Configuration automatique activ�e. . . : Oui
   Adresse IPv6 de liaison locale. . . . .: fe80::d5:813a:34b2:9f66%10(pr�f�r�)
   Adresse IPv4. . . . . . . . . . . . . .: 192.168.0.101(pr�f�r�)
   Masque de sous-r�seau. . . .�. . . . . : 255.255.255.0
   Bail obtenu. . . . . . . . .�. . . . . : 22 d�cembre 2014 14:50:43
   Bail expirant. . . . . . . . .�. . . . : 27 d�cembre 2014 22:21:09
   Passerelle par d�faut. . . .�. . . . . : 192.168.0.1
   Serveur DHCP . . . . . . . . . . . . . : 192.168.0.1
   IAID DHCPv6 . . . . . . . . . . . : 244377274
   DUID de client DHCPv6. . . . . . . . : 00-01-00-01-1B-05-2D-EE-90-E6-BA-71-7C-89
   Serveurs DNS. . .  . . . . . . . . . . : 192.168.0.1
   NetBIOS sur Tcpip. . . . . . . . . . . : Activ�

Carte Tunnel isatap.{0AD24835-8926-47BF-96BF-66CBCDFE133B} :

   Statut du m�dia. . . . . . . . . . . . : M�dia d�connect�
   Suffixe DNS propre � la connexion. . . :
   Description. . . . . . . . . . . . . . : Carte Microsoft ISATAP
   Adresse physique . . . . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP activ�. . . . . . . . . . . . . . : Non
   Configuration automatique activ�e. . . : Oui

Carte Tunnel Connexion au r�seau local* :

   Suffixe DNS propre � la connexion. . . :
   Description. . . . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Adresse physique . . . . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP activ�. . . . . . . . . . . . . . : Non
   Configuration automatique activ�e. . . : Oui
   Adresse IPv6. . . . . . . . . . .�. . .: 2001:0:9d38:6ab8:1c28:b58:e737:d285(pr�f�r�)
   Adresse IPv6 de liaison locale. . . . .: fe80::1c28:b58:e737:d285%12(pr�f�r�)
   Passerelle par d�faut. . . .�. . . . . : ::
   NetBIOS sur TCPIP. . . . . . . . . . . : D�sactiv�
Serveur :   UnKnown
Address:  192.168.0.1

Nom :    google.com
Addresses:  2607:f8b0:4006:80c::1004
      74.125.226.169
      74.125.226.166
      74.125.226.160
      74.125.226.163
      74.125.226.164
      74.125.226.168
      74.125.226.174
      74.125.226.165
      74.125.226.162
      74.125.226.161
      74.125.226.167


Envoi d'une requ�te 'ping' sur google.com [74.125.226.33] avec 32 octets de donn�es�:
R�ponse de 74.125.226.33�: octets=32 temps=30 ms TTL=53
R�ponse de 74.125.226.33�: octets=32 temps=32 ms TTL=53

Statistiques Ping pour 74.125.226.33:
    Paquets�: envoy�s = 2, re�us = 2, perdus = 0 (perte 0%),
Dur�e approximative des boucles en millisecondes :
    Minimum = 30ms, Maximum = 32ms, Moyenne = 31ms
Serveur :   UnKnown
Address:  192.168.0.1

Nom :    yahoo.com
Addresses:  206.190.36.45
      98.139.183.24
      98.138.253.109
 


Envoi d'une requ�te 'ping' sur yahoo.com [98.138.253.109] avec 32 octets de donn�es�:
R�ponse de 98.138.253.109�: octets=32 temps=48 ms TTL=53
R�ponse de 98.138.253.109�: octets=32 temps=50 ms TTL=53

Statistiques Ping pour 98.138.253.109:
    Paquets�: envoy�s = 2, re�us = 2, perdus = 0 (perte 0%),
Dur�e approximative des boucles en millisecondes :
    Minimum = 48ms, Maximum = 50ms, Moyenne = 49ms

Envoi d'une requ�te 'Ping'  127.0.0.1 avec 32 octets de donn�es�:
R�ponse de 127.0.0.1�: octets=32 temps<1ms TTL=128
R�ponse de 127.0.0.1�: octets=32 temps<1ms TTL=128

Statistiques Ping pour 127.0.0.1:
    Paquets�: envoy�s = 2, re�us = 2, perdus = 0 (perte 0%),
Dur�e approximative des boucles en millisecondes :
    Minimum = 0ms, Maximum = 0ms, Moyenne = 0ms
===========================================================================
Liste d'Interfaces
 10...90 e6 ba 71 7c 89 ......Realtek PCIe GBE Family Controller
  1...........................Software Loopback Interface 1
 11...00 00 00 00 00 00 00 e0 Carte Microsoft ISATAP
 12...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Table de routage
===========================================================================
Itin�raires actifs�:
Destination r�seau    Masque r�seau  Adr. passerelle   Adr. interface M�trique
          0.0.0.0          0.0.0.0      192.168.0.1    192.168.0.101     20
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.0.0    255.255.255.0         On-link     192.168.0.101    276
    192.168.0.101  255.255.255.255         On-link     192.168.0.101    276
    192.168.0.255  255.255.255.255         On-link     192.168.0.101    276
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link     192.168.0.101    276
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link     192.168.0.101    276
===========================================================================
Itin�raires persistants�:
  Aucun

IPv6 Table de routage
===========================================================================
Itin�raires actifs�:
 If Metric Network Destination      Gateway
 12     58 ::/0                     On-link
  1    306 ::1/128                  On-link
 12     58 2001::/32                On-link
 12    306 2001:0:9d38:6ab8:1c28:b58:e737:d285/128
                                    On-link
 10    276 fe80::/64                On-link
 12    306 fe80::/64                On-link
 10    276 fe80::d5:813a:34b2:9f66/128
                                    On-link
 12    306 fe80::1c28:b58:e737:d285/128
                                    On-link
  1    306 ff00::/8                 On-link
 12    306 ff00::/8                 On-link
 10    276 ff00::/8                 On-link
===========================================================================
Itin�raires persistants�:
  Aucun
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

========================= Event log errors: ===============================


Application errors:
==================
Error: (12/23/2014 00:26:02 PM) (Source: Application Error) (User: )
Description: Nom de l’application défaillante plugin-container.exe, version : 34.0.5.5443, horodatage : 0x5475dd5d
Nom du module défaillant : mozalloc.dll, version : 34.0.5.5443, horodatage : 0x5475d664
Code d’exception : 0x80000003
Décalage d’erreur : 0x00001425
ID du processus défaillant : 0xf8c
Heure de début de l’application défaillante : 0xplugin-container.exe0
Chemin d’accès de l’application défaillante : plugin-container.exe1
Chemin d’accès du module défaillant: plugin-container.exe2
ID de rapport : plugin-container.exe3

Error: (12/19/2014 06:41:08 AM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005

Error: (12/18/2014 11:42:05 AM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005

Error: (12/18/2014 06:51:15 AM) (Source: Application Error) (User: )
Description: Nom de l’application défaillante plugin-container.exe, version : 34.0.5.5443, horodatage : 0x5475dd5d
Nom du module défaillant : mozalloc.dll, version : 34.0.5.5443, horodatage : 0x5475d664
Code d’exception : 0x80000003
Décalage d’erreur : 0x00001425
ID du processus défaillant : 0xdc8
Heure de début de l’application défaillante : 0xplugin-container.exe0
Chemin d’accès de l’application défaillante : plugin-container.exe1
Chemin d’accès du module défaillant: plugin-container.exe2
ID de rapport : plugin-container.exe3

Error: (12/17/2014 04:10:38 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005

Error: (12/16/2014 09:14:27 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005

Error: (12/16/2014 02:39:58 AM) (Source: Customer Experience Improvement Program) (User: )
Description: 90080108

Error: (12/15/2014 07:34:07 AM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005

Error: (12/14/2014 00:43:50 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005

Error: (12/13/2014 05:34:45 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005


System errors:
=============
Error: (12/22/2014 02:50:43 PM) (Source: EventLog) (User: )
Description: L’arrêt système précédant à 14:49:26 le ‎2014-‎12-‎22 n’était pas prévu.

Error: (12/20/2014 00:36:05 AM) (Source: EventLog) (User: )
Description: L’arrêt système précédant à 00:34:40 le ‎2014-‎12-‎20 n’était pas prévu.

Error: (12/16/2014 02:40:39 PM) (Source: EventLog) (User: )
Description: L’arrêt système précédant à 14:39:20 le ‎2014-‎12-‎16 n’était pas prévu.

Error: (12/16/2014 02:38:01 PM) (Source: Service Control Manager) (User: )
Description: Le service Windows Update s’est terminé de manière inattendue. Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans 60000 millisecondes : Redémarrer le service.

Error: (12/16/2014 02:38:01 PM) (Source: Service Control Manager) (User: )
Description: Le service Infrastructure de gestion Windows s’est terminé de manière inattendue. Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans 120000 millisecondes : Redémarrer le service.

Error: (12/16/2014 02:38:01 PM) (Source: Service Control Manager) (User: )
Description: Le service Thèmes s’est terminé de manière inattendue. Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans 60000 millisecondes : Redémarrer le service.

Error: (12/16/2014 02:38:01 PM) (Source: Service Control Manager) (User: )
Description: Le service Détection matériel noyau s’est terminé de manière inattendue. Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans 60000 millisecondes : Redémarrer le service.

Error: (12/16/2014 02:38:01 PM) (Source: Service Control Manager) (User: )
Description: Le service Service de notification d’événements système s’est terminé de manière inattendue. Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans 120000 millisecondes : Redémarrer le service.

Error: (12/16/2014 02:38:01 PM) (Source: Service Control Manager) (User: )
Description: Le service Ouverture de session secondaire s’est terminé de manière inattendue. Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans 120000 millisecondes : Redémarrer le service.

Error: (12/16/2014 02:38:01 PM) (Source: Service Control Manager) (User: )
Description: Le service Planificateur de tâches s’est terminé de manière inattendue. Ceci s’est produit 1 fois. L’action corrective suivante va être effectuée dans 60000 millisecondes : Redémarrer le service.
 


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2014-05-15 10:27:44.874
  Description: Windows ne peut pas vérifier l’intégrité d’image du fichier \Device\HarddiskVolume3\Windows\System32\{EF7AEA4C-EC87-45fd-A909-47D0136316DE}##CTEAPSFX.DLL, car le fichier à hacher est introuvable sur le système. Une modification matérielle ou logicielle récente a peut-être installé un fichier incorrectement signé ou endommagé ou il s’agit éventuellement d’un logiciel malveillant d’une source inconnue.

  Date: 2014-05-15 10:27:44.780
  Description: Windows ne peut pas vérifier l’intégrité d’image du fichier \Device\HarddiskVolume3\Windows\System32\{EF7AEA4C-EC87-45fd-A909-47D0136316DE}##CTEAPSFX.DLL, car le fichier à hacher est introuvable sur le système. Une modification matérielle ou logicielle récente a peut-être installé un fichier incorrectement signé ou endommagé ou il s’agit éventuellement d’un logiciel malveillant d’une source inconnue.

  Date: 2014-05-15 10:27:44.141
  Description: Windows ne peut pas vérifier l’intégrité d’image du fichier \Device\HarddiskVolume3\Windows\System32\{EF7AEA4C-EC87-45fd-A909-47D0136316DE}##CTAUDFX.DLL, car le fichier à hacher est introuvable sur le système. Une modification matérielle ou logicielle récente a peut-être installé un fichier incorrectement signé ou endommagé ou il s’agit éventuellement d’un logiciel malveillant d’une source inconnue.

  Date: 2014-05-15 10:27:44.032
  Description: Windows ne peut pas vérifier l’intégrité d’image du fichier \Device\HarddiskVolume3\Windows\System32\{EF7AEA4C-EC87-45fd-A909-47D0136316DE}##CTAUDFX.DLL, car le fichier à hacher est introuvable sur le système. Une modification matérielle ou logicielle récente a peut-être installé un fichier incorrectement signé ou endommagé ou il s’agit éventuellement d’un logiciel malveillant d’une source inconnue.

  Date: 2014-05-15 10:27:43.345
  Description: Windows ne peut pas vérifier l’intégrité d’image du fichier \Device\HarddiskVolume3\Windows\System32\{EF7AEA4C-EC87-45fd-A909-47D0136316DE}##CTSBLFX.DLL, car le fichier à hacher est introuvable sur le système. Une modification matérielle ou logicielle récente a peut-être installé un fichier incorrectement signé ou endommagé ou il s’agit éventuellement d’un logiciel malveillant d’une source inconnue.

  Date: 2014-05-15 10:27:43.236
  Description: Windows ne peut pas vérifier l’intégrité d’image du fichier \Device\HarddiskVolume3\Windows\System32\{EF7AEA4C-EC87-45fd-A909-47D0136316DE}##CTSBLFX.DLL, car le fichier à hacher est introuvable sur le système. Une modification matérielle ou logicielle récente a peut-être installé un fichier incorrectement signé ou endommagé ou il s’agit éventuellement d’un logiciel malveillant d’une source inconnue.

  Date: 2014-05-15 10:27:42.331
  Description: Windows ne peut pas vérifier l’intégrité d’image du fichier \Device\HarddiskVolume3\Windows\System32\{EF7AEA4C-EC87-45fd-A909-47D0136316DE}##CTEDSPSY.DLL, car le fichier à hacher est introuvable sur le système. Une modification matérielle ou logicielle récente a peut-être installé un fichier incorrectement signé ou endommagé ou il s’agit éventuellement d’un logiciel malveillant d’une source inconnue.

  Date: 2014-05-15 10:27:42.222
  Description: Windows ne peut pas vérifier l’intégrité d’image du fichier \Device\HarddiskVolume3\Windows\System32\{EF7AEA4C-EC87-45fd-A909-47D0136316DE}##CTEDSPSY.DLL, car le fichier à hacher est introuvable sur le système. Une modification matérielle ou logicielle récente a peut-être installé un fichier incorrectement signé ou endommagé ou il s’agit éventuellement d’un logiciel malveillant d’une source inconnue.

  Date: 2014-05-15 10:27:41.620
  Description: Windows ne peut pas vérifier l’intégrité d’image du fichier \Device\HarddiskVolume3\Windows\System32\{EF7AEA4C-EC87-45fd-A909-47D0136316DE}##CTEDSPIO.DLL, car le fichier à hacher est introuvable sur le système. Une modification matérielle ou logicielle récente a peut-être installé un fichier incorrectement signé ou endommagé ou il s’agit éventuellement d’un logiciel malveillant d’une source inconnue.

  Date: 2014-05-15 10:27:41.520
  Description: Windows ne peut pas vérifier l’intégrité d’image du fichier \Device\HarddiskVolume3\Windows\System32\{EF7AEA4C-EC87-45fd-A909-47D0136316DE}##CTEDSPIO.DLL, car le fichier à hacher est introuvable sur le système. Une modification matérielle ou logicielle récente a peut-être installé un fichier incorrectement signé ou endommagé ou il s’agit éventuellement d’un logiciel malveillant d’une source inconnue.


Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Access MUI (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office InfoPath MUI (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2007 (HKLM-x32\...\PROPLUS) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Arabic) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Dutch) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (French) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Publisher MUI (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (French) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.31211.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{45CD67FD-3218-4207-A0A2-BC41245189E3}) (Version: 1.20.146.0 - Microsoft)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Mise à jour Microsoft Office Excel 2007 Help  (KB963678) (HKLM-x32\...\{90120000-0016-040C-0000-0000000FF1CE}_PROPLUS_{B761869A-B85C-40E2-994C-A1CE78AC8F2C}) (Version:  - Microsoft)
Mise à jour Microsoft Office Outlook 2007 Help  (KB963677) (HKLM-x32\...\{90120000-001A-040C-0000-0000000FF1CE}_PROPLUS_{51EFB347-1F3D-4BAC-8B79-F056B904FE21}) (Version:  - Microsoft)
Mise à jour Microsoft Office Powerpoint 2007 Help  (KB963669) (HKLM-x32\...\{90120000-0018-040C-0000-0000000FF1CE}_PROPLUS_{C3DCA38E-005E-41BA-A52A-7C3429F351C3}) (Version:  - Microsoft)
Mise à jour Microsoft Office Word 2007 Help  (KB963665) (HKLM-x32\...\{90120000-001B-040C-0000-0000000FF1CE}_PROPLUS_{81536A04-DBFB-4DB3-978F-0F284590C223}) (Version:  - Microsoft)
Monkey Island 2: Special Edition (HKLM-x32\...\Steam App 32460) (Version:  - LucasArts)
Mozilla Firefox 34.0.5 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 34.0.5 (x86 en-US)) (Version: 34.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVCRT Redists (x32 Version: 1.0 - Sony Creative Software Inc.) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero 7 Essentials (HKLM-x32\...\{714ACFF3-B8A3-4AD6-937B-13C833D71033}) (Version: 7.03.1054 - Nero AG)
neroxml (x32 Version: 1.0.0 - Nero AG) Hidden
Nidhogg (HKLM-x32\...\Steam App 94400) (Version:  - Messhof)
NightSky (HKLM-x32\...\Steam App 99700) (Version:  - Nicalis)
NVIDIA PhysX (HKLM-x32\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation)
Octodad: Dadliest Catch (HKLM-x32\...\Steam App 224480) (Version:  - Young Horses)
On the Rain-Slick Precipice of Darkness, Episode One (HKLM-x32\...\Steam App 18000) (Version:  - Hothead Games)
On the Rain-Slick Precipice of Darkness, Episode Two (HKLM-x32\...\Steam App 18020) (Version:  - Hothead Games)
Orcs Must Die! (HKLM-x32\...\Steam App 102600) (Version:  - Robot Entertainment)
Organ Trail: Director's Cut (HKLM-x32\...\Steam App 233740) (Version:  - The Men Who Wear Many Hats)
Osmos (HKLM-x32\...\Steam App 29180) (Version:  - Hemisphere Games)
Overlord (HKLM-x32\...\Steam App 11450) (Version:  - Triumph Studios)
Overlord II (HKLM-x32\...\Steam App 12810) (Version:  - Triumph Studios)
Overlord: Raising Hell (HKLM-x32\...\Steam App 12710) (Version:  - Triumph Studios)
Penumbra: Black Plague (HKLM-x32\...\Steam App 22120) (Version:  - Frictional Games)
Penumbra: Overture (HKLM-x32\...\Steam App 22180) (Version:  - Frictional Games)
Penumbra: Requiem (HKLM-x32\...\Steam App 22140) (Version:  - Frictional Games)
Pidgin (HKLM-x32\...\Pidgin) (Version: 2.10.0 - )
Plants vs. Zombies: Game of the Year (HKLM-x32\...\Steam App 3590) (Version:  - PopCap Games, Inc.)
Poker Night 2 (HKLM-x32\...\Steam App 234710) (Version:  - Telltale Games)
Poker Night at the Inventory (HKLM-x32\...\Steam App 31280) (Version:  - Telltale Games)
Portal (HKLM-x32\...\Steam App 400) (Version:  - Valve)
Portal 2 (HKLM-x32\...\Steam App 620) (Version:  - Valve)
PowerDVD (HKLM-x32\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version: 7.0.3409.a - CyberLink Corporation)
Psychonauts (HKLM-x32\...\Steam App 3830) (Version:  - Double Fine Productions)
Renegade Ops (HKLM-x32\...\Steam App 99300) (Version:  - Avalanche Studios)
Retro City Rampage™ (HKLM-x32\...\Steam App 204630) (Version:  - Vblank Entertainment, Inc.)
Revenge of the Titans (HKLM-x32\...\Steam App 93200) (Version:  - Puppygames)
Rock of Ages (HKLM-x32\...\Steam App 22230) (Version:  - ACE Team)
Rome: Total War (HKLM-x32\...\Steam App 4760) (Version:  - The Creative Assembly)
Runespell: Overture (HKLM-x32\...\Steam App 102200) (Version:  - Mystic Box)
Sam & Max 101: Culture Shock (HKLM-x32\...\Steam App 8200) (Version:  - Telltale Games)
Sam & Max 102: Situation: Comedy (HKLM-x32\...\Steam App 8210) (Version:  - Telltale Games)
Sam & Max 103: The Mole, the Mob and the Meatball (HKLM-x32\...\Steam App 8220) (Version:  - Telltale Games)
Sam & Max 104: Abe Lincoln Must Die! (HKLM-x32\...\Steam App 8230) (Version:  - Telltale Games)
Sam & Max 105: Reality 2.0 (HKLM-x32\...\Steam App 8240) (Version:  - Telltale Games)
Sam & Max 106: Bright Side of the Moon (HKLM-x32\...\Steam App 8250) (Version:  - Telltale Games)
Sam & Max 201: Ice Station Santa (HKLM-x32\...\Steam App 8260) (Version:  - Telltale Games)
Sam & Max 202: Moai Better Blues (HKLM-x32\...\Steam App 8270) (Version:  - Telltale Games)
Sam & Max 203: Night of the Raving Dead (HKLM-x32\...\Steam App 8280) (Version:  - Telltale Games)
Sam & Max 204: Chariots of the Dogs (HKLM-x32\...\Steam App 8290) (Version:  - Telltale Games)
Sam & Max 205: What's New Beelzebub? (HKLM-x32\...\Steam App 8300) (Version:  - Telltale Games)
Sam & Max 301: The Penal Zone (HKLM-x32\...\Steam App 31220) (Version:  - Telltale Games)
Sam & Max 302: The Tomb of Sammun-Mak (HKLM-x32\...\Steam App 31230) (Version:  - Telltale Games)
Sam & Max 303: They Stole Max's Brain! (HKLM-x32\...\Steam App 31240) (Version:  - Telltale Games)
Sam & Max 304: Beyond the Alley of the Dolls (HKLM-x32\...\Steam App 31250) (Version:  - Telltale Games)
Sam & Max 305: The City that Dares not Sleep (HKLM-x32\...\Steam App 31260) (Version:  - Telltale Games)
Sang-Froid - Tales of Werewolves (HKLM-x32\...\Steam App 227220) (Version:  - Artifice Studio)
Scribblenauts Unlimited (HKLM-x32\...\Steam App 218680) (Version:  - 5th Cell Media)
SEGA Bass Fishing (HKLM-x32\...\Steam App 71240) (Version:  - SEGA)
SEGA Genesis & Mega Drive Classics (HKLM-x32\...\Steam App 34270) (Version:  - Sega)
Serious Sam 2 (HKLM-x32\...\Steam App 204340) (Version:  - Croteam)
Serious Sam 3: BFE (HKLM-x32\...\Steam App 41070) (Version:  - Croteam)
Serious Sam Classic: The First Encounter (HKLM-x32\...\Steam App 41050) (Version:  - Croteam)
Serious Sam Classic: The Second Encounter (HKLM-x32\...\Steam App 41060) (Version:  - Croteam)
Serious Sam Classics: Revolution (HKLM-x32\...\Steam App 227780) (Version:  - Croteam)
Serious Sam Double D XXL (HKLM-x32\...\Steam App 111600) (Version:  - Mommy's Best Games)
Serious Sam HD: The First Encounter (HKLM-x32\...\Steam App 41000) (Version:  - Croteam)
Serious Sam HD: The Second Encounter (HKLM-x32\...\Steam App 41010) (Version:  - Croteam)
Serious Sam: The Random Encounter (HKLM-x32\...\Steam App 201480) (Version:  - Vlambeer)
Shadow Man (HKLM-x32\...\Steam App 251770) (Version:  - Acclaim Studios Teeside)
Shadowgrounds (HKLM-x32\...\Steam App 2500) (Version:  - Frozenbyte)
Shadowgrounds: Survivor (HKLM-x32\...\Steam App 11200) (Version:  - Frozenbyte)
Shadowrun Returns (HKLM-x32\...\Steam App 234650) (Version:  - Harebrained Schemes)
Shadowrun: Dragonfall - Director's Cut (HKLM-x32\...\Steam App 300550) (Version:  - Harebrained Schemes)
Shank (HKLM-x32\...\Steam App 6120) (Version:  - Klei Entertainment)
Shovel Knight (HKLM-x32\...\Steam App 250760) (Version:  - Yacht Club Games)
Sid Meier's Pirates! (HKLM-x32\...\Steam App 3920) (Version:  - Firaxis Games)
Sideway (HKLM-x32\...\Steam App 200190) (Version:  - Playbrains)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Sniper Elite V2 (HKLM-x32\...\Steam App 63380) (Version:  - Rebellion)
Snuggle Truck (HKLM-x32\...\Steam App 111100) (Version:  - Owlchemy Labs)
Sonic Adventure DX (HKLM-x32\...\Steam App 71250) (Version:  - SEGA)
Sonic Adventure™ 2  (HKLM-x32\...\Steam App 213610) (Version:  - SEGA)
Sonic and SEGA All Stars Racing (HKLM-x32\...\Steam App 34190) (Version:  - Sumo Digital)
Sonic CD (HKLM-x32\...\Steam App 200940) (Version:  - Blit Software)
Sonic Generations (HKLM-x32\...\Steam App 71340) (Version:  - Devil's Details)
Space Channel 5: Part 2 (HKLM-x32\...\Steam App 71260) (Version:  - SEGA)
Space Hulk (HKLM-x32\...\Steam App 242570) (Version:  - Full Control Studios)
Stacking (HKLM-x32\...\Steam App 115110) (Version:  - Double Fine Productions)
Standalone Flash Player 1.2 (HKLM-x32\...\{A3B31D43-75F4-4CF4-8330-6DE62C3540FA}_is1) (Version:  - StandaloneFlashPlayer.com)
Star Wars: Knights of the Old Republic (HKLM-x32\...\Steam App 32370) (Version:  - BioWare)
Star Wars: Knights of the Old Republic II (HKLM-x32\...\Steam App 208580) (Version:  - Obsidian Entertainment)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
Steel Storm: Burning Retribution (HKLM-x32\...\Steam App 96200) (Version:  - Kot in Action Creative Artel)
Stronghold Crusader Extreme HD (HKLM-x32\...\Steam App 16700) (Version:  - Firefly Studios)
Stronghold Crusader HD (HKLM-x32\...\Steam App 40970) (Version:  - FireFly Studios)
Super Amazing Wagon Adventure (HKLM-x32\...\Steam App 250500) (Version:  - sparsevector)
Super Meat Boy (HKLM-x32\...\Steam App 40800) (Version:  - Team Meat)
System Shock 2 (HKLM-x32\...\Steam App 238210) (Version:  - Irrational Games)
Tales of Monkey Island: Chapter 1 - Launch of the Screaming Narwhal (HKLM-x32\...\Steam App 31170) (Version:  - Telltale Games)
Tales of Monkey Island: Chapter 2 - The Siege of Spinner Cay  (HKLM-x32\...\Steam App 31180) (Version:  - Telltale Games)
Tales of Monkey Island: Chapter 3 - Lair of the Leviathan  (HKLM-x32\...\Steam App 31190) (Version:  - Telltale Games)
Tales of Monkey Island: Chapter 4 - The Trial and Execution of Guybrush Threepwood  (HKLM-x32\...\Steam App 31200) (Version:  - Telltale Games)
Tales of Monkey Island: Chapter 5 - Rise of the Pirate God (HKLM-x32\...\Steam App 31210) (Version:  - Telltale Games)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
TeamViewer 8 (HKLM-x32\...\TeamViewer 8) (Version: 8.0.30992 - TeamViewer)
Terraria (HKLM-x32\...\Steam App 105600) (Version:  - Re-Logic)
The Binding of Isaac (HKLM-x32\...\Steam App 113200) (Version:  - Edmund McMillen and Florian Himsl)
The Dig (HKLM-x32\...\Steam App 6040) (Version:  - LucasArts)
The Expendabros (HKLM-x32\...\Steam App 312990) (Version:  - Free Lives)
The Next BIG Thing (HKLM-x32\...\Steam App 58570) (Version:  - Pendulo Studios)
The Secret of Monkey Island: Special Edition (HKLM-x32\...\Steam App 32360) (Version:  - LucasArts)
The Ship (HKLM-x32\...\Steam App 2400) (Version:  - Outerlight Ltd.)
The Ship Single Player (HKLM-x32\...\Steam App 2420) (Version:  - Outerlight Ltd.)
The Stanley Parable (HKLM-x32\...\Steam App 221910) (Version:  - Galactic Cafe)
The Typing of The Dead: Overkill (HKLM-x32\...\Steam App 246580) (Version:  - Modern Dream)
The Walking Dead (HKLM-x32\...\Steam App 207610) (Version:  - )
The Wolf Among Us (HKLM-x32\...\Steam App 250320) (Version:  - Telltale Games)
The Wonderful End of the World (HKLM-x32\...\Steam App 15500) (Version:  - Dejobaan Games, LLC)
Tiny Barbarian DX (HKLM-x32\...\Steam App 253350) (Version:  - StarQuail Games)
Titan Quest (HKLM-x32\...\Steam App 4540) (Version:  - Iron Lore Entertainment)
Titan Quest: Immortal Throne (HKLM-x32\...\Steam App 4550) (Version:  - Iron Lore Entertainment)
Torchlight (HKLM-x32\...\Steam App 41500) (Version:  - Runic Games)
Transistor (HKLM-x32\...\Steam App 237930) (Version:  - Supergiant Games)
Trapped Dead (HKLM-x32\...\Steam App 46540) (Version:  - Headup Games / Crenetic)
Trine (HKLM-x32\...\Steam App 35700) (Version:  - Frozenbyte)
Trine 2 (HKLM-x32\...\Steam App 35720) (Version:  - Frozenbyte)
Unity of Command (HKLM-x32\...\Steam App 218090) (Version:  - 2x2 Games)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_PROPLUS_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-040C-0000-0000000FF1CE}_PROPLUS_{B83A8864-A85D-437E-9D4C-27350765BF46}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2920789) 32-Bit Edition (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{9913305E-D4AC-4D26-B30F-799D529FB282}) (Version:  - Microsoft)
Update for Microsoft Office PowerPoint 2007 (KB2597972) 32-Bit Edition (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{7B9D2746-D03B-442B-A691-90B748E316B4}) (Version:  - Microsoft)
Vampire: The Masquerade - Bloodlines (HKLM-x32\...\Steam App 2600) (Version:  - Troika Games)
Vegas Pro 11.0 (HKLM-x32\...\{6AEFCA01-8DF1-11E1-A17B-F04DA23A5C58}) (Version: 11.0.682 - Sony)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Volgarr the Viking (HKLM-x32\...\Steam App 247240) (Version:  - Crazy Viking Studios)
VVVVVV (HKLM-x32\...\Steam App 70300) (Version:  - Terry Cavanagh)
Warhammer® 40,000™: Dawn of War® II - Chaos Rising™ (HKLM-x32\...\Steam App 20570) (Version:  - Relic Entertainment)
Warhammer® 40,000™: Dawn of War® II – Retribution™ (HKLM-x32\...\Steam App 56400) (Version:  - Relic Entertainment)
Warhammer® 40,000™: Dawn of War® II (HKLM-x32\...\Steam App 15620) (Version:  - Relic Entertainment)
WebcamMax (HKLM-x32\...\WebcamMax) (Version: 7.8.2.8.MultiLanguage - )
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
World of Goo (HKLM-x32\...\Steam App 22000) (Version:  - 2D BOY)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)
XSplit Broadcaster (HKLM-x32\...\{19F00CA3-338D-497C-BA31-0507101F2BBB}) (Version: 1.3.1403.1202 - SplitmediaLabs)
Zen Bound® 2 (HKLM-x32\...\Steam App 61600) (Version:  - Secret Exit Ltd.)
Zombie Bowl-O-Rama (HKLM-x32\...\Steam App 32160) (Version:  - MumboJumbo)
Zombie Driver (HKLM-x32\...\Steam App 31410) (Version:  - EXOR Studios)
Zombie Shooter (HKLM-x32\...\Steam App 33130) (Version:  - Sigma Team Inc.)
Zombie Shooter 2 (HKLM-x32\...\Steam App 33180) (Version:  - Sigma Team Inc.)


========================= Devices: ================================


========================= Memory info: ===================================

Percentage of memory in use: 72%
Total physical RAM: 2047.18 MB
Available physical RAM: 557.71 MB
Total Pagefile: 5128.77 MB
Available Pagefile: 2645.39 MB
Total Virtual: 4095.88 MB
Available Virtual: 3974.66 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:931.41 GB) (Free:872.04 GB) NTFS
2 Drive d: () (Fixed) (Total:3726.02 GB) (Free:2489.5 GB) NTFS
3 Drive e: () (Fixed) (Total:149.05 GB) (Free:32.51 GB) NTFS

========================= Users: ========================================

comptes d'utilisateurs de \\CEDRIC-PC

Administrateur           Cedric                   Invit‚                   
La commande s'est termin‚e correctement.

========================= Restore Points ==================================

25-11-2014 05:58:25 Windows Update
28-11-2014 10:37:06 Windows Update
02-12-2014 11:20:02 Windows Update
09-12-2014 07:02:34 Windows Update
10-12-2014 08:00:48 Windows Update
13-12-2014 08:00:15 Windows Update
14-12-2014 08:00:17 Windows Update
19-12-2014 08:00:23 Windows Update
23-12-2014 17:20:21 Windows Update

**** End of log ****

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 2014-12-27
Scan Time: 19:55:38
Logfile: MBAM2.txt
Administrator: Yes

Version: 2.00.4.1028
Malware Database: v2014.12.27.08
Rootkit Database: v2014.12.23.02
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Cedric

Scan Type: Threat Scan
Result: Cancelled
Objects Scanned: 0
(No malicious items detected)
Time Elapsed: 0 min, 28 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)

Malwarebytes Anti-Rootkit BETA 1.08.2.1001
www.malwarebytes.org

Database version: v2014.12.27.08

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.17501
Cedric :: CEDRIC-PC [administrator]

2014-12-27 20:26:52
mbar-log-2014-12-27 (20-26-52).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 331838
Time elapsed: 9 minute(s), 7 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)



#6 Lurdiak

Lurdiak
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:07:45 AM

Posted 27 December 2014 - 09:04 PM

I think that's all of it... I think some of them only scanned my main drive, and that isn't where I keep most of my programs, but I can't be certain of it.



#7 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,663 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:05:45 AM

Posted 27 December 2014 - 09:15 PM

I don't see any AV program running.

 

Install ONE of these:

- Avast! free antivirus: http://www.avast.com/eng/download-avast-home.html

- free Microsoft Security Essentials: http://windows.microsoft.com/en-GB/windows/products/security-essentials
Note for Windows 8 users: Microsoft Security Essentials comes preinstalled and renamed as Windows Defender.
You can keep it or you have to disable it before installing another AV program.  How to...

- free Comodo Antivirus: http://www.comodo.com/home/internet-security/antivirus.php

Update, run full scan, report on any findings.
 


My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users