pc lent

Vous pensez être infecté, des pubs s'affichent quand vous naviguez sur internet ?
Perte de données, ralentissement système, virus USB ?
Désinfectez votre ordinateur gratuitement !
 Répondre
  • Avatar du membre
  • Avatar du membre
Avatar du membre

pc lent

par jean69
 jeu. 15 mai 2014 23:01 #146471
bonjour suite a une lenteur de mon pc j'ai fait un scan avec OLT . ci joint le rapport


OTL logfile created on: 15/05/2014 22:43:23 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\juan\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16521)
Locale: 0000040c | Country: France | Language: FRA | Date Format: dd/MM/yyyy

3,90 Gb Total Physical Memory | 3,14 Gb Available Physical Memory | 80,51% Memory free
7,80 Gb Paging File | 6,99 Gb Available in Paging File | 89,56% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 97,56 Gb Total Space | 30,73 Gb Free Space | 31,50% Space Free | Partition Type: NTFS
Drive D: | 135,23 Gb Total Space | 59,96 Gb Free Space | 44,34% Space Free | Partition Type: NTFS

Computer Name: JUAN-PC | User Name: juan | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014/05/15 22:37:33 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\juan\Desktop\OTL.exe
PRC - [2014/04/02 11:42:58 | 003,774,312 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\avastui.exe
PRC - [2014/02/14 15:32:58 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2012/09/23 21:43:36 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2010/04/10 10:03:46 | 000,077,824 | ---- | M] () -- C:\Windows\KMService.exe
PRC - [2003/04/18 20:06:26 | 000,008,192 | ---- | M] () -- C:\Windows\SysWOW64\srvany.exe


========== Modules (No Company Name) ==========

MOD - [2014/02/14 15:32:59 | 019,336,120 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll


========== Services (SafeList) ==========

SRV:64bit: - [2014/02/14 15:32:58 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2009/07/14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2014/05/10 14:05:21 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/09/23 21:43:36 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2009/06/10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2003/04/18 20:06:26 | 000,008,192 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\srvany.exe -- (KMService)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2014/02/14 15:33:04 | 000,207,904 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2014/02/14 15:33:04 | 000,080,184 | ---- | M] (AVAST Software) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\aswStm.sys -- (aswStm)
DRV:64bit: - [2014/02/14 15:33:03 | 001,038,072 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2014/02/14 15:33:03 | 000,421,704 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2014/02/14 15:33:03 | 000,092,544 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2014/02/14 15:33:03 | 000,078,648 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2014/02/14 15:33:03 | 000,065,776 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2012/03/01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/08/08 20:13:12 | 000,198,480 | ---- | M] (SysProgs.org) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BazisVirtualCDBus.sys -- (BazisVirtualCDBus)
DRV:64bit: - [2010/11/21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/21 05:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2010/11/21 05:23:47 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2010/11/21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/11/21 05:23:47 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009/07/14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 22:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009/06/10 22:35:02 | 000,220,672 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e1k60x64.sys -- (e1kexpress)
DRV:64bit: - [2009/06/10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/02/25 19:58:58 | 000,020,504 | ---- | M] (Hewlett Packard) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hpfx64bulk.sys -- (HPEWSFXBULK)
DRV:64bit: - [2006/11/06 09:56:30 | 000,030,528 | ---- | M] (Brother Industries Ltd.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\brpar64a.sys -- (BrPar)
DRV - [2009/07/14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.nationzoom.com/web/?type=ds& ... 1129911&q=" onclick="window.open(this.href);return false;{searchTerms}
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.nationzoom.com/web/?type=ds& ... 1129911&q=" onclick="window.open(this.href);return false;{searchTerms}
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q=" onclick="window.open(this.href);return false;{searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://www.nationzoom.com/web/?type=ds& ... 1129911&q=" onclick="window.open(this.href);return false;{searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.nationzoom.com/web/?type=ds& ... 1129911&q=" onclick="window.open(this.href);return false;{searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.nationzoom.com/web/?type=ds& ... 1129911&q=" onclick="window.open(this.href);return false;{searchTerms}
IE - HKLM\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5}
IE - HKLM\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = http://feed.helperbar.com/?publisher=Ya ... type=ds&p=" onclick="window.open(this.href);return false;{searchTerms}&fr=linkury-tb&installDate=31/01/2014&type=hp2000
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q=" onclick="window.open(this.href);return false;{searchTerms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.nationzoom.com/?type=hp&ts=1 ... 2991129911" onclick="window.open(this.href);return false;
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://feed.helperbar.com/?publisher=Ya ... type=ds&p=" onclick="window.open(this.href);return false;{searchTerms}&fr=linkury-tb&installDate=31/01/2014&type=hp2000
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://feed.helperbar.com/?publisher=Ya ... type=ds&p=" onclick="window.open(this.href);return false;{searchTerms}&fr=linkury-tb&installDate=31/01/2014&type=hp2000
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [String data over 1000 bytes]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://feed.helperbar.com/?publisher=Ya ... type=ds&p=" onclick="window.open(this.href);return false;{searchTerms}&fr=linkury-tb&installDate=31/01/2014&type=hp2000
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://feed.helperbar.com/?publisher=Ya ... type=ds&p=" onclick="window.open(this.href);return false;{searchTerms}&fr=linkury-tb&installDate=31/01/2014&type=hp2000
IE - HKCU\..\URLSearchHook: {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
IE - HKCU\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = http://feed.helperbar.com/?publisher=Ya ... type=ds&p=" onclick="window.open(this.href);return false;{searchTerms}&fr=linkury-tb&installDate=31/01/2014&type=hp2000
IE - HKCU\..\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}: "URL" = http://search.conduit.com/Results.aspx? ... 600A590&q=" onclick="window.open(this.href);return false;{searchTerms}&SSPV=
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "https://www.google.fr/"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:29.0.1
FF - prefs.js..keyword.URL: "http://r.orange.fr/r?ref=O_OI_hook_open ... nge?rdata="

FF - user.js..keyword.URL: "http://r.orange.fr/r?ref=O_OI_hook_open ... nge?rdata="

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.2: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Acrobat: C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\bubbledock@nosibay.com: C:\Program Files (x86)\Nosibay\Bubble Dock\extensions\FFSurfMatch
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\web2pdfextension@web2pdf.adobedotcom: C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2014/01/09 21:55:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2014/02/25 23:40:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 29.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 29.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2014/01/09 12:17:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\juan\AppData\Roaming\Mozilla\Extensions
[2014/05/07 18:56:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\juan\AppData\Roaming\Mozilla\Firefox\Profiles\lghaqn5e.default\extensions
[2013/07/22 13:35:02 | 000,180,858 | ---- | M] () (No name found) -- C:\Users\juan\AppData\Roaming\Mozilla\Firefox\Profiles\lghaqn5e.default\extensions\jid1-FCM5fDwCW5M3AQ@jetpack.xpi
[2014/01/31 22:53:17 | 000,000,975 | ---- | M] () -- C:\Users\juan\AppData\Roaming\Mozilla\Firefox\Profiles\lghaqn5e.default\searchplugins\conduit-search.xml
[2014/02/16 21:00:47 | 000,001,368 | ---- | M] () -- C:\Users\juan\AppData\Roaming\Mozilla\Firefox\Profiles\lghaqn5e.default\searchplugins\iminent.xml
[2014/01/31 22:22:32 | 000,002,507 | ---- | M] () -- C:\Users\juan\AppData\Roaming\Mozilla\Firefox\Profiles\lghaqn5e.default\searchplugins\Web Search.xml
[2014/05/10 14:05:13 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2014/05/10 14:05:24 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

========== Chrome ==========

CHR - default_search_provider: ()
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - homepage:
CHR - Extension: No name found = C:\Users\juan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: No name found = C:\Users\juan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_1\
CHR - Extension: No name found = C:\Users\juan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: No name found = C:\Users\juan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_1\
CHR - Extension: No name found = C:\Users\juan\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj\11.0.0.379_0\
CHR - Extension: No name found = C:\Users\juan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2013.75_0\
CHR - Extension: No name found = C:\Users\juan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1\
CHR - Extension: No name found = C:\Users\juan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_2\

O1 HOSTS File: ([2014/01/09 22:22:57 | 000,004,363 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 activate.adobe.de
O1 - Hosts: 127.0.0.1 lmlicenses.wip4.adobe.com
O1 - Hosts: 127.0.0.1 lmlicenses.wip4.adobe.de
O1 - Hosts: 127.0.0.1 lm.licenses.adobe.com
O1 - Hosts: 127.0.0.1 lm.licenses.adobe.de
O1 - Hosts: 127.0.0.1 192.150.14.69
O1 - Hosts: 127.0.0.1 192.150.18.101
O1 - Hosts: 127.0.0.1 192.150.18.108
O1 - Hosts: 127.0.0.1 192.150.22.40
O1 - Hosts: 127.0.0.1 192.150.8.100
O1 - Hosts: 127.0.0.1 192.150.8.118
O1 - Hosts: 127.0.0.1 209-34-83-73.ood.opsource.net
O1 - Hosts: 127.0.0.1 3dns.adobe.com
O1 - Hosts: 127.0.0.1 3dns-1.adobe.com
O1 - Hosts: 127.0.0.1 3dns-2.adobe.com
O1 - Hosts: 127.0.0.1 3dns-3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-4.adobe.com
O1 - Hosts: 127.0.0.1 3dns.adobe.de
O1 - Hosts: 127.0.0.1 3dns-1.adobe.de
O1 - Hosts: 127.0.0.1 3dns-2.adobe.de
O1 - Hosts: 127.0.0.1 3dns-3.adobe.de
O1 - Hosts: 127.0.0.1 3dns-4.adobe.de
O1 - Hosts: 127.0.0.1 activate-sea.adobe.com
O1 - Hosts: 127.0.0.1 activate-sea.adobe.de
O1 - Hosts: 65 more lines...
O2:64bit: - BHO: (ExplorerBHO Class) - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
O2:64bit: - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2 - BHO: (Bubble Dock SurfMatch) - {23AF19F7-1D5B-442c-B14C-3D1081953C94} - C:\Program Files (x86)\Nosibay\Bubble Dock\extensions\axSurfMatch.dll File not found
O2 - BHO: (ExplorerBHO Class) - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
O2 - BHO: (no name) - {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - No CLSID value found.
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Adobe Acrobat Create PDF Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Adobe Acrobat Create PDF from Selection) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3:64bit: - HKLM\..\Toolbar: (Classic Explorer Bar) - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
O3:64bit: - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (avast! Online Security) - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (Adobe Acrobat Create PDF Toolbar) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Classic Explorer Bar) - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
O3 - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found.
O3 - HKLM\..\Toolbar: (avast! Online Security) - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [fst_fr_26] File not found
O4 - HKCU..\Run: [OrangeInside] C:\Users\juan\AppData\Roaming\Orange\OrangeInside\one\OrangeInside.exe File not found
O4 - HKCU..\Run: [uTorrent] C:\Users\juan\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: VerboseStatus = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoInternetOpenWith = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: Ajouter à  vos favoris Orange - C:\Users\juan\AppData\Roaming\Orange\OrangeInside\src\addfavorites_html\AddFavorites.html ()
O8:64bit: - Extra context menu item: Envoyer le texte sélectionné par sms - C:\Users\juan\AppData\Roaming\Orange\OrangeInside\src\sendsmsselectedtext_html\sendsmsselectedtext.html ()
O8:64bit: - Extra context menu item: Envoyer par sms - C:\Users\juan\AppData\Roaming\Orange\OrangeInside\src\sendsms_html\sendsms.html ()
O8:64bit: - Extra context menu item: Envoyer un mail - C:\Users\juan\AppData\Roaming\Orange\OrangeInside\src\sendmail_html\sendmail.html ()
O8:64bit: - Extra context menu item: orange.fr - C:\Users\juan\AppData\Roaming\Orange\OrangeInside\src\orange_html\orange.html ()
O8:64bit: - Extra context menu item: Rechercher le texte sélectionné - C:\Users\juan\AppData\Roaming\Orange\OrangeInside\src\selectedsearch_html\selectedsearch.html ()
O8:64bit: - Extra context menu item: Traduire le texte sélectionné - C:\Users\juan\AppData\Roaming\Orange\OrangeInside\src\translateSelectedText_html\translateSelectedText.html ()
O8 - Extra context menu item: Ajouter à  vos favoris Orange - C:\Users\juan\AppData\Roaming\Orange\OrangeInside\src\addfavorites_html\AddFavorites.html ()
O8 - Extra context menu item: Envoyer le texte sélectionné par sms - C:\Users\juan\AppData\Roaming\Orange\OrangeInside\src\sendsmsselectedtext_html\sendsmsselectedtext.html ()
O8 - Extra context menu item: Envoyer par sms - C:\Users\juan\AppData\Roaming\Orange\OrangeInside\src\sendsms_html\sendsms.html ()
O8 - Extra context menu item: Envoyer un mail - C:\Users\juan\AppData\Roaming\Orange\OrangeInside\src\sendmail_html\sendmail.html ()
O8 - Extra context menu item: orange.fr - C:\Users\juan\AppData\Roaming\Orange\OrangeInside\src\orange_html\orange.html ()
O8 - Extra context menu item: Rechercher le texte sélectionné - C:\Users\juan\AppData\Roaming\Orange\OrangeInside\src\selectedsearch_html\selectedsearch.html ()
O8 - Extra context menu item: Traduire le texte sélectionné - C:\Users\juan\AppData\Roaming\Orange\OrangeInside\src\translateSelectedText_html\translateSelectedText.html ()
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C443E8BD-358E-48EE-89A7-1C8EEE684EB3}: DhcpNameServer = 192.168.1.254
O18:64bit: - Protocol\Handler\cdo - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2013/07/25 19:11:27 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2014/05/15 22:39:56 | 000,000,000 | ---D | C] -- C:\_OTL
[2014/05/15 22:37:13 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\juan\Desktop\OTL.exe
[2014/05/10 14:05:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2014/05/07 18:38:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ANT Drivers
[2014/05/07 18:38:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ONconnect
[2014/05/07 18:37:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ONconnect
[2014/05/07 18:21:43 | 000,000,000 | ---D | C] -- C:\Users\juan\AppData\Roaming\Oxylane
[2014/05/07 18:21:43 | 000,000,000 | ---D | C] -- C:\Users\juan\AppData\Local\Oxylane
[2014/05/07 18:19:36 | 000,051,648 | ---- | C] (http://libusb-win32.sourceforge.net" onclick="window.open(this.href);return false;) -- C:\Windows\SysWow64\libusb0_x64.dll
[2014/05/07 18:19:36 | 000,046,016 | ---- | C] (http://libusb-win32.sourceforge.net" onclick="window.open(this.href);return false;) -- C:\Windows\SysWow64\libusb0.dll
[2014/05/07 18:19:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Silabs
[2014/05/07 13:32:39 | 022,168,168 | ---- | C] (Geonaute ) -- C:\Users\juan\Desktop\ONconnect-v3.72-prod.exe
[2014/04/17 14:31:29 | 000,000,000 | ---D | C] -- C:\Users\juan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HomePlayer
[2014/04/17 14:31:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HomePlayer
[2014/04/17 14:31:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HomePlayer

========== Files - Modified Within 30 Days ==========

[2014/05/15 22:41:49 | 000,000,288 | ---- | M] () -- C:\Windows\tasks\bench-Updater removing.job
[2014/05/15 22:41:35 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/05/15 22:37:33 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\juan\Desktop\OTL.exe
[2014/05/15 20:22:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\bench-sys.job
[2014/05/15 20:20:37 | 001,524,562 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/05/15 20:20:37 | 000,694,766 | ---- | M] () -- C:\Windows\SysNative\perfh00C.dat
[2014/05/15 20:20:37 | 000,606,992 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/05/15 20:20:37 | 000,127,478 | ---- | M] () -- C:\Windows\SysNative\perfc00C.dat
[2014/05/15 20:20:37 | 000,103,370 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/05/15 02:27:06 | 000,031,088 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/05/15 02:27:06 | 000,031,088 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/05/11 18:20:04 | 000,055,633 | ---- | M] () -- C:\Users\juan\Desktop\mensu_IRPS_changement_base_20140511_181954.pdf
[2014/05/11 18:17:43 | 000,019,421 | ---- | M] () -- C:\Users\juan\Desktop\accuseReception impots 2014.pdf
[2014/05/07 19:14:43 | 005,266,389 | ---- | M] () -- C:\Users\juan\Desktop\notice_oncoach-inter_fr-v3.pdf
[2014/05/07 13:34:08 | 022,168,168 | ---- | M] (Geonaute ) -- C:\Users\juan\Desktop\ONconnect-v3.72-prod.exe
[2014/05/06 20:24:00 | 000,101,852 | ---- | M] () -- C:\Users\juan\Desktop\Marin.pdf
[2014/05/06 20:23:39 | 000,101,939 | ---- | M] () -- C:\Users\juan\Desktop\Melle Marin.pdf

========== Files Created - No Company Name ==========

[2014/05/11 18:20:02 | 000,055,633 | ---- | C] () -- C:\Users\juan\Desktop\mensu_IRPS_changement_base_20140511_181954.pdf
[2014/05/11 18:17:42 | 000,019,421 | ---- | C] () -- C:\Users\juan\Desktop\accuseReception impots 2014.pdf
[2014/05/07 19:14:36 | 005,266,389 | ---- | C] () -- C:\Users\juan\Desktop\notice_oncoach-inter_fr-v3.pdf
[2014/05/06 20:23:59 | 000,101,852 | ---- | C] () -- C:\Users\juan\Desktop\Marin.pdf
[2014/05/06 20:23:39 | 000,101,939 | ---- | C] () -- C:\Users\juan\Desktop\Melle Marin.pdf
[2014/04/05 20:43:12 | 000,003,584 | ---- | C] () -- C:\Users\juan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2014/04/04 20:03:44 | 000,000,000 | ---- | C] () -- C:\Windows\HPMProp.INI
[2014/03/25 15:53:50 | 000,077,824 | ---- | C] () -- C:\Windows\KMService.exe
[2014/03/25 15:53:50 | 000,008,192 | ---- | C] () -- C:\Windows\SysWow64\srvany.exe
[2014/01/09 16:07:54 | 000,000,382 | ---- | C] () -- C:\Windows\ODBC.INI
[2014/01/09 15:04:09 | 000,000,193 | ---- | C] () -- C:\Windows\WORDPAD.INI
[2014/01/09 13:08:46 | 000,000,153 | ---- | C] () -- C:\Windows\BRVIDEO.INI
[2014/01/09 13:08:46 | 000,000,000 | ---- | C] () -- C:\Windows\brmx2001.ini
[2014/01/09 13:08:45 | 000,014,496 | ---- | C] () -- C:\Windows\HL-5250DN.INI
[2014/01/09 13:08:45 | 000,000,114 | ---- | C] () -- C:\Windows\SysWow64\brlmw03a.ini
[2014/01/09 13:08:34 | 000,000,441 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2014/01/09 13:08:34 | 000,000,034 | ---- | C] () -- C:\Windows\SysWow64\BD5250DN.DAT
[2014/01/09 13:07:05 | 000,000,091 | ---- | C] () -- C:\Windows\Brownie.ini

========== ZeroAccess Check ==========

[2009/07/14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 07:43:10 | 014,244,352 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 06:41:00 | 012,945,408 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

< End of report >
Avatar du membre

Re: pc lent

par billmaxime
 jeu. 15 mai 2014 23:54 #146488
:hello: jean69 et :welcome: sur sosvirus

je vais te prendre en charge ;)

fait ceci et poste le rapport s'il te plaît
  • Désactive ton antivirus sinon l'outil ne pourra pas travailler convenablement.
  • Télécharge Shortcut_Module sur ton bureau.

    Note : Enregistrer votre travail avant de continuer !
  • Lance Shortcut_Module,
  • Clic sur Nettoyer

    Image

    Note : Patiente le temps du scan
  • Laisse travailler l'outil même s'il te parait bloqué
  • Si l'outil détecte un proxy que tu ne connais pas clic sur : "Supprimer le proxy"
  • Héberge le rapport C:\Shortcut_Module_date_heure.txt sur http://upload.sosvirus.net/" onclick="window.open(this.href);return false; puis donne le lien obtenu
:merci2:
Avatar du membre

Re: pc lent

par billmaxime
 jeu. 22 mai 2014 15:37 #149344
Il est ou ?Bonjour Hello,
Sans réponse de ta part, je considère le problème comme résolu !,
Il est pourtant très important de suivre une désinfection jusqu'au bout. En effet, même si les symptômes qui t'on amené à demander de l'aide on disparu, ton ordinateur reste toutefois infecté. Tu dois savoir également que notre aide est bénévole, voir ton sujet abandonné sans aucune explication est pour nous un manque de respect. Merci de respecter les personnes qui donnent de leur temps afin de vous aider. Quoiqu'il en soit, nous laissons ton sujet ouvert au cas où tu décides de revenir ... @ Bientôt sur SosVirus.
Il est ou ?
 Répondre
 Retourner vers « Aide à  la désinfection - Forum Virus Sécurité »
Windows7 très très lent, ainsi que la plupart des programmes

bonsoir oki pour la fermeture je m'en charge car[…]

LIRE LA SUITE
how to clean junk files

Hello don't use this program , it's a bullshit :)

LIRE LA SUITE
[g3n-h@ckm@n] lien renvoyant vers un site

Bonjour https://www.aht.li/3213847/AdsFix.exe b[…]

LIRE LA SUITE
analyse par invité de commande[resolu]

De rien Bon WE :)

LIRE LA SUITE
VOIR PLUS DE SUJETS