Foxtrot631

Bonjour, je reviens vers toi pour les nouvelles! Finalement, j'ai été obligé de ré-initialiser mon pc. Coupures intempestives après quelques minutes de fonctionnement, etc Je suis en train de tout ré-installer (et c'est très long, notamment pour le téléchargement de bitdefender). Voilà, il semble que le virus avait fait nombre de dégâts dans le système. Merci pour ta gentillesse et ta disponibilité

En fait, je viens de me rendre compte en recherchant les dossiers avast sur l'ordi que ces derniers étaient liés à des fichiers Gdata (d'ailleurs, les premières alertes sont venus de Gdata qui annonçait un problème avast sur un des deux moteurs ant-virus. J'ai donc désinstallé Gdata en mode sans échec puis AV cleaner pour vider toutes traces puis de nouveau contrôle avec recherche dans ordi. J'ai réussi à faire disparaitre ce dossier temp avast En tous cas pour le moment, il ne se ré-installe pas. Je vais fonctionner avec une version d'essai bitdefender pour ces prochain jour et je te fais un topo de ce qu'il se passe. En tous cas, tous mes remerciements pour ton aide

Bien , c'est fait mais Avast n'est pas détecté Apparaissent Gdata (en tâche de fond) et Microsoft Security Esentials que je n'ose pas désinstaller puisque c'est lui qui me bloque les attaques (Gdata ne trouve rien). Dois-je supprimer les valeurs avast manuellement?

Pour bien préciser encore, je n'ai pas Avast sur mon ordi.

C:\Windows\Temp\_avast_. Les fichier infectés se chargent plusieurs fois par jour. Bloqués par Microsoft SE. Ce matin, j'ai voulu ré-utiliser ZHP fix, l'ordi s'est éteint... Mode sans echec obligé. Pareil pour charger les mises à jour de Malwarebytes. Merci pour tout

Bonjour, Hier tout semblait rentrer dans l'ordre et ce matin au démarrage, Micosoft SE vient de nouveau de bloquer une intrusion du trojan, toujours le même et dans le même dossier temporaire qui se ré-installe à chaque ouverture, Avast. Si tu as d'autres idées, elles sont les bienvenues. Grand merci

Scan malwarebytes finit. Aucune menace détectée. Je redémarre l'ordi en mode classique. Je te tiens au courant

J'ai été obligé de travailler en mode sans echec; le programme se bloquait autrement. Voila le rapport. Je télécharge malwarebytes et je te tiens au courant. Encore merci Rapport de ZHPFix 1.12.3316 par Nicolas Coolman, Update du 16/06/2011 Fichier d'export Registre : C:\ZHPExportRegistry-18-06-2011-16-14-52.txt Run by Didier at 18/06/2011 16:14:52 Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601) Web site : ZHPFix Fix de rapport ========== Logiciel(s) ========== ABSENT Software Key: {26A24AE4-039D-4CA4-87B4-2F83216024FF} ABSENT Software Key: {5F05C28D-DEA9-4AD6-A73A-064175988EAB} ========== Processus mémoire ========== SUPPRIME Reboot Memory Process: C:\Users\Didier\Appdata\LocalLow\Application Updater SUPPRIME Reboot Memory Process: C:\Users\Didier\Appdata\LocalLow\Conduit SUPPRIME Reboot Memory Process: C:\Users\Didier\Appdata\LocalLow\PriceGong SUPPRIME Reboot Memory Process: C:\Users\Didier\Appdata\LocalLow\Search Settings SUPPRIME Reboot Memory Process: C:\Program Files (x86)\Application Updater SUPPRIME Reboot Memory Process: C:\Users\Didier\AppData\Roaming\Mozilla\Firefox\Profiles\zq9h9v7h.default\Conduit SUPPRIME Reboot Memory Process: C:\Users\Didier\AppData\Roaming\Mozilla\Firefox\Profiles\zq9h9v7h.default\ConduitEngine SUPPRIME Reboot Memory Process: C:\Users\Didier\AppData\Roaming\Mozilla\Firefox\Profiles\zq9h9v7h.default\Extensions\engine@conduit.com ========== Clé(s) du Registre ========== SUPPRIME Partiel Software Key: {26A24AE4-039D-4CA4-87B4-2F86416017FF} ERREUR [HKLM\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}] SUPPRIME Key: HKCU\Software\AppDataLow\Software\PriceGong ABSENT Key: HKLM\Software\Application Updater ABSENT Key: HKLM\Software\Conduit ABSENT Key: HKLM\Software\Search Settings SUPPRIME Key: SearchScopes :{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} SUPPRIME Key: SearchScopes :{afdbddaa-5d3f-42ee-b79c-185a7020515b} SUPPRIME Key: HKCU\Software\Microsoft\Internet Explorer\lowregistry\search settings SUPPRIME Key: HKLM\Software\Classes\AppID\eoenginebho.dll ABSENT Key: HKLM\Software\Wow6432Node\Classes\AppID\eoenginebho.dll SUPPRIME Key: HKLM\Software\Classes\ASAPCom.ASAPClass ABSENT Key: HKLM\Software\Wow6432Node\Classes\ASAPCom.ASAPClass SUPPRIME Key: HKLM\Software\Classes\ASAPCom.ASAPClass.1 ABSENT Key: HKLM\Software\Wow6432Node\Classes\ASAPCom.ASAPClass.1 SUPPRIME Key: HKLM\Software\Classes\ASAPCom.ASAPEnvelope ABSENT Key: HKLM\Software\Wow6432Node\Classes\ASAPCom.ASAPEnvelope SUPPRIME Key: HKLM\Software\Classes\ASAPCom.ASAPEnvelope.1 ABSENT Key: HKLM\Software\Wow6432Node\Classes\ASAPCom.ASAPEnvelope.1 SUPPRIME Key: HKLM\Software\Classes\ASAPCom.ASAPMain ABSENT Key: HKLM\Software\Wow6432Node\Classes\ASAPCom.ASAPMain SUPPRIME Key: HKLM\Software\Classes\ASAPCom.ASAPMain.1 ABSENT Key: HKLM\Software\Wow6432Node\Classes\ASAPCom.ASAPMain.1 SUPPRIME Key: HKLM\Software\Classes\ASAPCom.ASAPMessage ABSENT Key: HKLM\Software\Wow6432Node\Classes\ASAPCom.ASAPMessage SUPPRIME Key: HKLM\Software\Classes\ASAPCom.ASAPMessage.1 ABSENT Key: HKLM\Software\Wow6432Node\Classes\ASAPCom.ASAPMessage.1 SUPPRIME Key: HKLM\Software\Classes\ASAPCom.ASAPRecipients ABSENT Key: HKLM\Software\Wow6432Node\Classes\ASAPCom.ASAPRecipients SUPPRIME Key: HKLM\Software\Classes\ASAPCom.ASAPRecipients.1 ABSENT Key: HKLM\Software\Wow6432Node\Classes\ASAPCom.ASAPRecipients.1 SUPPRIME Key: HKLM\Software\Classes\eoenginebho.eobho ABSENT Key: HKLM\Software\Wow6432Node\Classes\eoenginebho.eobho SUPPRIME Key: HKLM\Software\Classes\eoenginebho.eobho.1 ABSENT Key: HKLM\Software\Wow6432Node\Classes\eoenginebho.eobho.1 SUPPRIME Key: HKLM\Software\Classes\SearchSettings.BHO ABSENT Key: HKLM\Software\Wow6432Node\Classes\SearchSettings.BHO SUPPRIME Key: HKLM\Software\Classes\searchsettings.bho.1 ABSENT Key: HKLM\Software\Wow6432Node\Classes\searchsettings.bho.1 ABSENT Key: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ecdf796-c2dc-4d79-a620-cce0c0a66cc9} SUPPRIME Key: HKLM\Software\Classes\Interface\{21447c90-6ec1-4fc1-9379-bd515008aedb} SUPPRIME Key: HKLM\Software\Classes\Interface\{32c97a37-e2b8-4097-9330-5f3e1125e181} SUPPRIME Key: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} SUPPRIME Key: HKLM\Software\Classes\AppID\{AFBB7970-789A-4264-BA70-E8127DECE400} ABSENT Key: HKLM\Software\Wow6432Node\Classes\AppID\{AFBB7970-789A-4264-BA70-E8127DECE400} ABSENT Key: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} SUPPRIME Key: HKLM\Software\Classes\Interface\{b0c3de1b-e3ff-4dd0-9229-f452cf9c678e} SUPPRIME Key: HKLM\Software\Classes\Wow6432Node\TypeLib\{bce2e826-d0f5-41c8-97be-28a6f540ceeb} ABSENT Key: HKLM\Software\Classes\TypeLib\{bce2e826-d0f5-41c8-97be-28a6f540ceeb} SUPPRIME Key: HKLM\Software\Classes\Interface\{d2d94732-a74d-433c-98f7-9ed740e82ae9} SUPPRIME Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440} SUPPRIME Key: HKLM\Software\Classes\Interface\{D5A1EF9A-7948-435D-8B87-D6A598317288} SUPPRIME Key: HKLM\Software\Classes\Interface\{dfd5d79b-ef2f-4a51-9821-5b469f05262e} SUPPRIME Key: HKLM\Software\Classes\CLSID\{E312764E-7706-43F1-8DAB-FCDD2B1E416D} SUPPRIME Key: HKLM\Software\Classes\Installer\Features\D82C50F59AED6DA47AA360145789E8BA SUPPRIME Key: HKLM\Software\Classes\Installer\Products\D82C50F59AED6DA47AA360145789E8BA SUPPRIME Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\D82C50F59AED6DA47AA360145789E8BA SUPPRIME Key: HKLM\Software\Wow6432Node\Application Updater SUPPRIME Key: HKLM\Software\Wow6432Node\Conduit ABSENT Key: HKCU\Software\AppDataLow\Software\PriceGong ========== Valeur(s) du Registre ========== SUPPRIME Toolbar: {32099AAC-C132-4136-9E9A-4E364A424E17} ABSENT [HKLM\Software\Microsoft\Internet Explorer\Toolbar]:{32099aac-c132-4136-9e9a-4e364a424e17} SUPPRIME [HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]:{D4027C7F-154A-4066-A1AD-4243D8127440} ABSENT Valeur Standard Profile: FirewallRaz : ABSENT Valeur Domain Profile: FirewallRaz : ERREUR FirewallRaz (Domain) : FPS-SpoolSvc-In-TCP-NoScope ERREUR FirewallRaz (Public) : FPS-SpoolSvc-In-TCP ERREUR FirewallRaz (Domain) : CoreNet-GP-LSASS-Out-TCP ERREUR FirewallRaz (Domain) : RemoteSvcAdmin-In-TCP-NoScope ERREUR FirewallRaz (Public) : RemoteSvcAdmin-In-TCP ERREUR FirewallRaz (Private) : FPS-SpoolSvc-In-TCP_1 ERREUR FirewallRaz (None) : {E96D07D9-0CE9-4102-85C3-4D89AFDB6175} ========== Préférences navigateur ========== SUPPRIME /*user_pref("browser.search.order.1", "Search the web (Babylon)");*/ SUPPRIME /*user_pref("igraal._categoryVersion", "null");*/ SUPPRIME /*user_pref("igraal._current", "{\"login\":\"didier63\",\"key\":\"847928ad5598dbf4e9b09ce6af7cedbf\",\"country\":\"fr-fr\",\"epi\":\"didier63\"}");*/ SUPPRIME /*user_pref("igraal._users", "[{\"login\":\"didier63\",\"key\":\"847928ad5598dbf4e9b09ce6af7cedbf\",\"country\":\"fr-fr\",\"epi\":\"didier63\"}]");*/ SUPPRIME /*user_pref("igraal.categories.version", 0);*/ SUPPRIME /*user_pref("igraal.country", "_fr");*/ SUPPRIME /*user_pref("igraal.firstrun", false);*/ SUPPRIME /*user_pref("igraal.help.warn", false);*/ SUPPRIME /*user_pref("igraal.idcourant", "didier63");*/ SUPPRIME /*user_pref("igraal.users", "didier63:42fde0926a06426fb395678a91a96375");*/ SUPPRIME /*user_pref("igraal.version", "3.5");*/ SUPPRIME Mozilla Pref: user_pref("CT1460988.SearchEngine", "Search||http://search.conduit.com/Results.aspx? SUPPRIME Mozilla Pref: user_pref("CT1460988.SearchFromAddressBarUrl", "http://search.conduit.com/ResultsExt.aspx?ctid=CT1460988 SUPPRIME Mozilla Pref: user_pref("CT1460988.ct1670222.SearchEngine", "Recherche||http://search.conduit.com/Results.aspx? SUPPRIME Mozilla Pref: user_pref("CT1460988.myStuffSearchUrl", "http://search.conduit.com/Results.aspx? SUPPRIME Mozilla Pref: user_pref("CT2582600.SearchFromAddressBarUrl", "http://search.conduit.com/ResultsExt.aspx?ctid=CT2582600 SUPPRIME Mozilla Pref: user_pref("browser.search.defaulturl", "http://search.conduit.com/ResultsExt.aspx?ctid=CT2582600&SearchSource= ========== Dossier(s) ========== SUPPRIME Reboot C:\Users\Didier\AppData\Roaming\Mozilla\Firefox\Profiles\zq9h9v7h.default\extensions\engine@conduit.com SUPPRIME C:\Users\Didier\AppData\Roaming\Mozilla\Firefox\Profiles\zq9h9v7h.default\extensions\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7} SUPPRIME C:\Users\Didier\AppData\Roaming\Mozilla\Firefox\Profiles\zq9h9v7h.default\extensions\{e411bb40-b04c-11d8-92e7-00d09e0179f2} SUPPRIME C:\ProgramData\QUAD Utilities SUPPRIME C:\Users\Didier\Appdata\Local\{014BE56B-828E-4A3B-8BE7-744866183807} SUPPRIME C:\Users\Didier\Appdata\Local\{021CB1AC-B289-4D33-A3D2-3E727B3E4C1C} SUPPRIME C:\Users\Didier\Appdata\Local\{023B90F2-BB0B-4482-AC90-669B7436F7EB} SUPPRIME C:\Users\Didier\Appdata\Local\{02E41BDF-5D0C-4EAE-AFBC-189D2D24938A} SUPPRIME C:\Users\Didier\Appdata\Local\{02F35401-A2CC-48B3-96D1-C0BEB37F7196} SUPPRIME C:\Users\Didier\Appdata\Local\{04050C5F-D89E-4B0F-AA94-B316ECE6AE66} SUPPRIME C:\Users\Didier\Appdata\Local\{0407C0E2-33B1-4501-AF04-526DEEB7E0BB} SUPPRIME C:\Users\Didier\Appdata\Local\{04A335D9-DD61-4261-9E38-655D109C93EA} SUPPRIME C:\Users\Didier\Appdata\Local\{061E8B0B-2403-4D04-A5DB-5955746314B8} SUPPRIME C:\Users\Didier\Appdata\Local\{0693F0D7-8E51-4091-8003-F5EA53BB55E7} SUPPRIME C:\Users\Didier\Appdata\Local\{078C523F-6F49-4D55-A147-661788C57B31} SUPPRIME C:\Users\Didier\Appdata\Local\{08D6A21B-6004-4BF1-AB5F-64925D6DCCF2} SUPPRIME C:\Users\Didier\Appdata\Local\{0985DBA5-52A3-418A-B9BB-B40E8D8166F8} SUPPRIME C:\Users\Didier\Appdata\Local\{0B70134C-740D-4ACF-BFA6-D107BDBF1F19} SUPPRIME C:\Users\Didier\Appdata\Local\{0CEF5939-FE1E-49D8-B362-454461EA1AF6} SUPPRIME C:\Users\Didier\Appdata\Local\{0D1CAC6B-7759-4BD6-9643-024E5060131D} SUPPRIME C:\Users\Didier\Appdata\Local\{0DA0638D-B23E-414B-AC7E-8C4A9C32937E} SUPPRIME C:\Users\Didier\Appdata\Local\{0DE957A1-CED7-4051-91C2-E294300B92EE} SUPPRIME C:\Users\Didier\Appdata\Local\{112C720D-8A19-48E7-AD34-9717566A366E} SUPPRIME C:\Users\Didier\Appdata\Local\{113D03E3-111D-4C66-A66F-AA1347ABB8D1} SUPPRIME C:\Users\Didier\Appdata\Local\{11BB714F-E233-4454-8346-E2410CF5BD8F} SUPPRIME C:\Users\Didier\Appdata\Local\{12272447-1794-4B19-85F1-BC1CC1E445CE} SUPPRIME C:\Users\Didier\Appdata\Local\{12C44570-4F3F-4648-BFD2-DC8A62F53870} SUPPRIME C:\Users\Didier\Appdata\Local\{12EDC5F6-F737-4213-8948-3CD1D255FB58} SUPPRIME C:\Users\Didier\Appdata\Local\{135A1160-F7C4-420F-9665-3E90DE731B85} SUPPRIME C:\Users\Didier\Appdata\Local\{136E0CC9-382B-4929-A9F4-0E17FAB32962} SUPPRIME C:\Users\Didier\Appdata\Local\{1471EE73-AD86-4C5F-81BB-5984B5CB6979} SUPPRIME C:\Users\Didier\Appdata\Local\{1547B80F-7372-4EBF-B3BD-A7FB35468244} SUPPRIME C:\Users\Didier\Appdata\Local\{15EF1C7A-36D9-42B1-8E23-D9E18055ED5C} SUPPRIME C:\Users\Didier\Appdata\Local\{17194A2C-23E7-40E1-AB62-B7AEEFE125B6} SUPPRIME C:\Users\Didier\Appdata\Local\{171E8C5E-9008-4359-88B4-62ACEA13A885} SUPPRIME C:\Users\Didier\Appdata\Local\{17263FB7-CA32-4AE9-A525-E408203589E0} SUPPRIME C:\Users\Didier\Appdata\Local\{175B31D0-668E-43D5-8AEB-EADDA3D33A57} SUPPRIME C:\Users\Didier\Appdata\Local\{18580D4D-9EF6-4DF3-A5FA-1C2D3492A45E} SUPPRIME C:\Users\Didier\Appdata\Local\{193CCE31-DBCF-412D-AA83-98C48E277882} SUPPRIME C:\Users\Didier\Appdata\Local\{19F4C5D5-F6B2-4AE2-8C33-A7C899476436} SUPPRIME C:\Users\Didier\Appdata\Local\{1B25D965-C8CD-42A3-80E3-0664A28E871A} SUPPRIME C:\Users\Didier\Appdata\Local\{1CBA31BD-3EC6-401E-84D6-F988B7C5D88D} SUPPRIME C:\Users\Didier\Appdata\Local\{20AB71FC-2DE8-4B7A-B56F-E9BE9F7AB68A} SUPPRIME C:\Users\Didier\Appdata\Local\{2241F0F5-9D3C-4661-A0F9-5DEED7897921} SUPPRIME C:\Users\Didier\Appdata\Local\{251DB817-5351-4DB9-8196-942EA6DB050A} SUPPRIME C:\Users\Didier\Appdata\Local\{2702B721-5E54-4778-BE39-302E66E2BABD} SUPPRIME C:\Users\Didier\Appdata\Local\{275F52DD-6046-4637-9F86-6A3A41668F23} SUPPRIME C:\Users\Didier\Appdata\Local\{27CE7AD3-F1E4-4BB9-A973-4A9FD9D17B7C} SUPPRIME C:\Users\Didier\Appdata\Local\{27E4F8C2-EFF1-4EF1-874E-6B60EEC30A73} SUPPRIME C:\Users\Didier\Appdata\Local\{28BB539C-583D-4DE6-9185-669FD07FA4B5} SUPPRIME C:\Users\Didier\Appdata\Local\{28E395E0-BE17-486D-AC31-B52EA6A208A3} SUPPRIME C:\Users\Didier\Appdata\Local\{294E10F8-EEDC-474D-9F33-D18748D502F1} SUPPRIME C:\Users\Didier\Appdata\Local\{2A5F11A6-719D-4173-8542-46B1C57821EC} SUPPRIME C:\Users\Didier\Appdata\Local\{2AFCA027-6EDE-4034-A69A-34A926289F98} SUPPRIME C:\Users\Didier\Appdata\Local\{2C8EA470-6992-4310-B131-725AF2D5824E} SUPPRIME C:\Users\Didier\Appdata\Local\{2C950DFD-03E6-4AA7-ABB5-E03B3314A788} SUPPRIME C:\Users\Didier\Appdata\Local\{2D3AC6E4-B8F8-46BE-B3E4-B956AD8F781E} SUPPRIME C:\Users\Didier\Appdata\Local\{2DBC6652-892D-4BD1-93CE-78713774B637} SUPPRIME C:\Users\Didier\Appdata\Local\{2DC0B9D8-4C6C-45F9-AA49-CF98902AEAEE} SUPPRIME C:\Users\Didier\Appdata\Local\{2DD5E0B8-F795-4F1B-A46C-F468EC6FC99D} SUPPRIME C:\Users\Didier\Appdata\Local\{2F3B14AE-54D2-447C-A030-95EEF12921AB} SUPPRIME C:\Users\Didier\Appdata\Local\{30C06681-A51C-4279-B56F-BB546FB1D2E7} SUPPRIME C:\Users\Didier\Appdata\Local\{31909CB1-D082-46F4-B623-E05C57B1CC7B} SUPPRIME C:\Users\Didier\Appdata\Local\{31DC8470-D55B-4839-9699-49206DFECD59} SUPPRIME C:\Users\Didier\Appdata\Local\{3304C188-91B2-4323-9762-A120E690F959} SUPPRIME C:\Users\Didier\Appdata\Local\{34FF2B86-F8AF-453A-A32C-E585D79E3103} SUPPRIME C:\Users\Didier\Appdata\Local\{361B6CE3-A332-428A-BBE7-B6C7CA9E149F} SUPPRIME C:\Users\Didier\Appdata\Local\{36959A47-78BC-4680-8612-1B6AE93444C4} SUPPRIME C:\Users\Didier\Appdata\Local\{36C92CC3-4BE9-458A-9C6A-CADF54E7E370} SUPPRIME C:\Users\Didier\Appdata\Local\{375D594E-6486-4E97-972D-AC7E915A1145} SUPPRIME C:\Users\Didier\Appdata\Local\{38B3E487-06EF-48DE-81C8-84004B8E5F46} SUPPRIME C:\Users\Didier\Appdata\Local\{38F424E0-DCC9-4CCF-A76A-72576D779E81} SUPPRIME C:\Users\Didier\Appdata\Local\{3984FDE9-695C-4500-A61A-DE050F73881E} SUPPRIME C:\Users\Didier\Appdata\Local\{39B1B61E-1ED8-456A-BBBB-39DE46CEDC73} SUPPRIME C:\Users\Didier\Appdata\Local\{3A086507-F804-4CB8-B991-FA135277C19C} SUPPRIME C:\Users\Didier\Appdata\Local\{3C4760B9-7972-43C0-9A76-558FADA50F72} SUPPRIME C:\Users\Didier\Appdata\Local\{3C84B465-8F5E-4B47-ABAA-FB2F9012C203} SUPPRIME C:\Users\Didier\Appdata\Local\{3D348216-5013-471D-AA40-FD9E9BD7DB96} SUPPRIME C:\Users\Didier\Appdata\Local\{3DB65D46-32A9-4520-AC4B-6093CFABE8BC} SUPPRIME C:\Users\Didier\Appdata\Local\{3E5DFFF3-1AE9-405E-8AE2-5871C26EC94E} SUPPRIME C:\Users\Didier\Appdata\Local\{3E8AE4AF-ADC2-44A9-A092-B92B0730BC12} SUPPRIME C:\Users\Didier\Appdata\Local\{3EBFC475-7510-4309-B059-29E71A3D98AF} SUPPRIME C:\Users\Didier\Appdata\Local\{3F06AC05-3211-4B38-8B5C-CD5BBB0FE0D7} SUPPRIME C:\Users\Didier\Appdata\Local\{3FEED00D-D5CF-4D5E-98DB-D70C8378F827} SUPPRIME C:\Users\Didier\Appdata\Local\{40F87D56-818D-4D10-9A16-383DC00707E2} SUPPRIME C:\Users\Didier\Appdata\Local\{4155C14C-B57D-41DE-A7B2-0F292EE769A2} SUPPRIME C:\Users\Didier\Appdata\Local\{4252D089-6FC3-465D-87B3-518783FB111B} SUPPRIME C:\Users\Didier\Appdata\Local\{4559420C-CA85-4677-A5C1-44CEACB71638} SUPPRIME C:\Users\Didier\Appdata\Local\{456C8ECE-AF6A-460D-99A2-D78CF14FFD81} SUPPRIME C:\Users\Didier\Appdata\Local\{468AA188-D21F-4E20-B1C9-4ADF3FE88CAE} SUPPRIME C:\Users\Didier\Appdata\Local\{468F5792-BA36-4F87-A869-1C7F5B251D65} SUPPRIME C:\Users\Didier\Appdata\Local\{46A700D1-EF4E-4F27-8F87-D93E52E18FBA} SUPPRIME C:\Users\Didier\Appdata\Local\{46EC7CF0-78F0-4012-B1F5-7DCCC7532CA6} SUPPRIME C:\Users\Didier\Appdata\Local\{470D84F6-66C6-4CFC-9674-201D65FBA7EF} SUPPRIME C:\Users\Didier\Appdata\Local\{478426DA-FA18-4270-9AB2-C97CD73685B2} SUPPRIME C:\Users\Didier\Appdata\Local\{47993941-4404-485C-87ED-E7765D1D7DF6} SUPPRIME C:\Users\Didier\Appdata\Local\{48A2C830-7DEF-4349-981A-2DD4BBC9D1A7} SUPPRIME C:\Users\Didier\Appdata\Local\{48BFE6BC-9C56-498C-ACE7-81FA7C47FFC5} SUPPRIME C:\Users\Didier\Appdata\Local\{490C8698-8588-484C-848A-6D9F753DAD58} SUPPRIME C:\Users\Didier\Appdata\Local\{494FBB68-1095-4168-AC82-7936FEF0B201} SUPPRIME C:\Users\Didier\Appdata\Local\{4A3C240E-CFD6-4FB3-8B1F-DF11CF68C192} SUPPRIME C:\Users\Didier\Appdata\Local\{4A6927FA-8BF7-4B8F-9320-2C49FC36C3CC} SUPPRIME C:\Users\Didier\Appdata\Local\{4AC0A0E2-DAC7-4840-B338-84DC92A16BA5} SUPPRIME C:\Users\Didier\Appdata\Local\{4D94831B-0304-4D47-99FD-2E3DAA1EAF86} SUPPRIME C:\Users\Didier\Appdata\Local\{4DAF6BF4-4B22-43D3-B806-ABDC3136FFFA} SUPPRIME C:\Users\Didier\Appdata\Local\{4EC525A5-F27E-4EC5-A8D6-94613A4D96F0} SUPPRIME C:\Users\Didier\Appdata\Local\{4EFCDEAB-B789-4F7C-9CC3-C0FD49AB0201} SUPPRIME C:\Users\Didier\Appdata\Local\{4F303F66-BD6F-4E54-913D-C490C526A4A3} SUPPRIME C:\Users\Didier\Appdata\Local\{50FF47CC-0F32-4141-9FA7-D008E8E2436E} SUPPRIME C:\Users\Didier\Appdata\Local\{5166A2FD-E934-43B4-9826-9BB16626924B} SUPPRIME C:\Users\Didier\Appdata\Local\{532C979E-2DA6-4425-977C-824048768811} SUPPRIME C:\Users\Didier\Appdata\Local\{547D3CCD-52EF-420B-8757-D63F0D67316A} SUPPRIME C:\Users\Didier\Appdata\Local\{55EAF867-B16B-4571-AF8B-B3BC6D57CA76} SUPPRIME C:\Users\Didier\Appdata\Local\{5843BAE7-6465-43AA-9058-7356C962B54C} SUPPRIME C:\Users\Didier\Appdata\Local\{5908AF88-4339-4840-BB24-4DA827BEC8FC} SUPPRIME C:\Users\Didier\Appdata\Local\{593ACAF2-7FDF-46DD-96F2-B88CE1AAA211} SUPPRIME C:\Users\Didier\Appdata\Local\{5A361C11-A194-43A3-A905-BAF6C4191281} SUPPRIME C:\Users\Didier\Appdata\Local\{5A5FDD35-13E3-488F-B23B-D4BE2AB50D5F} SUPPRIME C:\Users\Didier\Appdata\Local\{5C76DC7B-8C59-4432-B7B3-7C62D9806A97} SUPPRIME C:\Users\Didier\Appdata\Local\{5DD5FB94-F2DF-4DDA-B018-45CA42D74EB4} SUPPRIME C:\Users\Didier\Appdata\Local\{5DE5FAA0-FDC3-49F4-B905-6DFBCC7559A4} SUPPRIME C:\Users\Didier\Appdata\Local\{5E7128B6-9653-43BC-A52E-F94DA3FE8275} SUPPRIME C:\Users\Didier\Appdata\Local\{601EE235-E6B1-49F6-A987-55D469165D4D} SUPPRIME C:\Users\Didier\Appdata\Local\{63BAF0B6-B5CC-4983-87E8-C5F1011294B4} SUPPRIME C:\Users\Didier\Appdata\Local\{652E3090-13CE-4121-AE2E-2B31DC3BABA3} SUPPRIME C:\Users\Didier\Appdata\Local\{665EFC14-1A39-4AE8-9D19-8EE626797D3B} SUPPRIME C:\Users\Didier\Appdata\Local\{67FA9FD1-4150-48F8-BB86-1B80B48DD7D9} SUPPRIME C:\Users\Didier\Appdata\Local\{68A6B39D-77B2-4E79-A24E-A7AB552BCF2C} SUPPRIME C:\Users\Didier\Appdata\Local\{68B78A54-A083-4D79-841A-7F0F6CC3650F} SUPPRIME C:\Users\Didier\Appdata\Local\{68DF713C-CCD2-4500-9376-9A8615DEEEE7} SUPPRIME C:\Users\Didier\Appdata\Local\{698E50D5-0E10-43EF-AB2F-3CD337367F36} SUPPRIME C:\Users\Didier\Appdata\Local\{69B7F636-1902-404D-8BB1-C9B4A6235331} SUPPRIME C:\Users\Didier\Appdata\Local\{6B599ECD-CBAD-4308-B6BD-09C23A66FC44} SUPPRIME C:\Users\Didier\Appdata\Local\{6BDE82A8-7281-4912-B9DE-FB8F5864C883} SUPPRIME C:\Users\Didier\Appdata\Local\{6D99B644-1AC9-4125-974D-BC3AEB20B95C} SUPPRIME C:\Users\Didier\Appdata\Local\{6E6612F9-3F28-4FA3-8126-701F6682A638} SUPPRIME C:\Users\Didier\Appdata\Local\{6EF63682-5148-4789-ABE2-49F90C01871F} SUPPRIME C:\Users\Didier\Appdata\Local\{6F2FB5DE-D3E8-48C6-930F-AC201303CDBD} SUPPRIME C:\Users\Didier\Appdata\Local\{6F885DD7-4EC6-4D62-ABD0-16CA3879AE41} SUPPRIME C:\Users\Didier\Appdata\Local\{70663690-12D4-402F-8971-86A59B245E4E} SUPPRIME C:\Users\Didier\Appdata\Local\{707D0EC6-573C-4E70-8544-AF63DA4314D6} SUPPRIME C:\Users\Didier\Appdata\Local\{716D0F9A-8EA0-431A-B4FA-D166E06D84C9} SUPPRIME C:\Users\Didier\Appdata\Local\{717CE17D-EFBF-468C-87A6-5361F816C18E} SUPPRIME C:\Users\Didier\Appdata\Local\{71D40BD4-76E5-4579-9FCF-01BD61A1E408} SUPPRIME C:\Users\Didier\Appdata\Local\{71D51271-C729-4BBA-9A7F-E2C3E9899ACC} SUPPRIME C:\Users\Didier\Appdata\Local\{729235F6-F60A-4C72-B7EE-5FA46656D271} SUPPRIME C:\Users\Didier\Appdata\Local\{73128011-50A5-4525-80FC-BAF155B236C1} SUPPRIME C:\Users\Didier\Appdata\Local\{73BE6497-51E4-4BB5-833D-1789A6D0F5A5} SUPPRIME C:\Users\Didier\Appdata\Local\{75687E1F-7EC6-462B-95BE-9DA2C0B3EF30} SUPPRIME C:\Users\Didier\Appdata\Local\{787B1216-ABA5-4C63-BDEB-8119DE15682E} SUPPRIME C:\Users\Didier\Appdata\Local\{78D65BE2-A8D8-4913-9AC1-58BACEF441F5} SUPPRIME C:\Users\Didier\Appdata\Local\{7907E961-7073-41DC-9D01-09778955138C} SUPPRIME C:\Users\Didier\Appdata\Local\{7927DEF6-E164-4F4F-A985-F109698296E0} SUPPRIME C:\Users\Didier\Appdata\Local\{7A5885B7-80C7-4A61-834A-29105F0C028E} SUPPRIME C:\Users\Didier\Appdata\Local\{7B0E86E6-C6F1-4E6A-9762-7E23940F1604} SUPPRIME C:\Users\Didier\Appdata\Local\{7B4E9A71-3C38-4122-A1CE-E8FF0E7193AF} SUPPRIME C:\Users\Didier\Appdata\Local\{7BA03FB7-718D-4F3E-B9BA-CF3527A38150} SUPPRIME C:\Users\Didier\Appdata\Local\{7BF15B15-550C-4456-B502-20EA7A990287} SUPPRIME C:\Users\Didier\Appdata\Local\{7CC556D3-854B-4112-BFCF-554A0FB56B52} SUPPRIME C:\Users\Didier\Appdata\Local\{7F19051D-BA63-4FAF-A4CC-AD96419BF6E2} SUPPRIME C:\Users\Didier\Appdata\Local\{7F7B958F-8D1A-448E-B0BF-578CD33FA01B} SUPPRIME C:\Users\Didier\Appdata\Local\{82C8E8DA-2682-4765-97A5-2723E01F048A} SUPPRIME C:\Users\Didier\Appdata\Local\{830F1D23-24D1-4595-AB96-F934F5A87EB7} SUPPRIME C:\Users\Didier\Appdata\Local\{8375DC21-8071-4BE6-9F0C-F232CD33D589} SUPPRIME C:\Users\Didier\Appdata\Local\{83848DBB-3B29-4EAB-ACFC-F24FD21EDE98} SUPPRIME C:\Users\Didier\Appdata\Local\{8567F14A-3575-4171-A9D7-25E384517FA7} SUPPRIME C:\Users\Didier\Appdata\Local\{85B5EE7B-D805-4880-B9D0-09553B3187CB} SUPPRIME C:\Users\Didier\Appdata\Local\{86ABFB3B-96A7-4571-B03E-9721428EA077} SUPPRIME C:\Users\Didier\Appdata\Local\{88FB36AE-99B4-4932-928F-0DE74D66134F} SUPPRIME C:\Users\Didier\Appdata\Local\{8A7C5039-ED56-4512-ACD8-A1788CEDDBAB} SUPPRIME C:\Users\Didier\Appdata\Local\{8B0F7E58-1133-438E-96DE-12608626EC6C} SUPPRIME C:\Users\Didier\Appdata\Local\{8CF2444B-F857-4D9D-98D3-3C5FE3ED8970} SUPPRIME C:\Users\Didier\Appdata\Local\{8D7E3C9D-9D05-4FB7-96EE-A67AFF0C16EA} SUPPRIME C:\Users\Didier\Appdata\Local\{8FD55D6D-FF82-491C-9702-30349FF934FC} SUPPRIME C:\Users\Didier\Appdata\Local\{91A93917-0128-4495-B6F0-A41ECFC920BE} SUPPRIME C:\Users\Didier\Appdata\Local\{91EB3CCC-A4CC-40D3-B9D1-0D8EE765E760} SUPPRIME C:\Users\Didier\Appdata\Local\{92E0DFA4-1E83-476F-9B75-2DF4A2FC8D4B} SUPPRIME C:\Users\Didier\Appdata\Local\{94EAB901-389C-457A-9DD2-8279361B4498} SUPPRIME C:\Users\Didier\Appdata\Local\{94F7A3DF-D1EB-4E8F-B037-B7F7C1E046E3} SUPPRIME C:\Users\Didier\Appdata\Local\{955BE8F2-5984-4EA9-A6AB-6DA24D345D3E} SUPPRIME C:\Users\Didier\Appdata\Local\{97FDB582-1BC9-4E78-BD1F-7196598D304B} SUPPRIME C:\Users\Didier\Appdata\Local\{9824C072-AC8C-469A-8AE4-FAA7EB600F9B} SUPPRIME C:\Users\Didier\Appdata\Local\{986693F7-8D44-41C0-9822-60C557C8D006} SUPPRIME C:\Users\Didier\Appdata\Local\{9946803E-7664-416E-8983-4213A7357B51} SUPPRIME C:\Users\Didier\Appdata\Local\{99A41E9B-817D-4A51-B15A-6E387908CEDE} SUPPRIME C:\Users\Didier\Appdata\Local\{9A09E76A-5D6E-4475-8FDB-031A6511BF8A} SUPPRIME C:\Users\Didier\Appdata\Local\{9A09EF37-69BF-458D-9D21-A679F9860682} SUPPRIME C:\Users\Didier\Appdata\Local\{9A6E97BC-CFE1-4319-9EF2-1E66B40AE1A2} SUPPRIME C:\Users\Didier\Appdata\Local\{9B3DE9F6-1886-4D88-A3FD-819B7B103B38} SUPPRIME C:\Users\Didier\Appdata\Local\{9B752AEE-5493-493B-8CD1-79F70698F78D} SUPPRIME C:\Users\Didier\Appdata\Local\{9BC9FB1D-115B-4A6B-A070-E99F960E7A29} SUPPRIME C:\Users\Didier\Appdata\Local\{9CEB763E-02CB-48F5-935A-306B65E00E4E} SUPPRIME C:\Users\Didier\Appdata\Local\{9DB29C18-03CA-40EE-BC91-D4489802EAF7} SUPPRIME C:\Users\Didier\Appdata\Local\{9F65123D-BEA1-4391-B12A-B36E21C2F2CC} SUPPRIME C:\Users\Didier\Appdata\Local\{A06B12C4-2CC5-4249-AFB4-2126C6EB4648} SUPPRIME C:\Users\Didier\Appdata\Local\{A23DF153-5AB6-4CA2-8E11-1DFA899F5CB8} SUPPRIME C:\Users\Didier\Appdata\Local\{A27541DC-F7D8-4AB0-9FDB-C6E057D809C7} SUPPRIME C:\Users\Didier\Appdata\Local\{A3FD3653-49F3-4469-B0AA-91AF96AF2611} SUPPRIME C:\Users\Didier\Appdata\Local\{A442F963-123D-46D2-B03D-A20310137795} SUPPRIME C:\Users\Didier\Appdata\Local\{A79D58E6-998A-45E5-AC27-F8C25026FDF7} SUPPRIME C:\Users\Didier\Appdata\Local\{A8B2C38A-8562-43D0-998A-2338EE2929B4} SUPPRIME C:\Users\Didier\Appdata\Local\{A979449C-9876-4889-8A3A-9C5A788D3B5D} SUPPRIME C:\Users\Didier\Appdata\Local\{AC3BA484-CDC1-4156-8DED-8B477DBD6709} SUPPRIME C:\Users\Didier\Appdata\Local\{AC81A1CD-30AE-4C19-9924-CD3EBDA761E5} SUPPRIME C:\Users\Didier\Appdata\Local\{AE074718-DF06-4854-A0FF-9C46D07D4EA5} SUPPRIME C:\Users\Didier\Appdata\Local\{AE4552B2-B5E7-448B-B899-2E8843BE3245} SUPPRIME C:\Users\Didier\Appdata\Local\{B0EE2CD7-5FE8-4DDC-A721-BB2316B6EA0C} SUPPRIME C:\Users\Didier\Appdata\Local\{B17E91A0-17DA-4B4F-AC6C-CC6C0D5469F8} SUPPRIME C:\Users\Didier\Appdata\Local\{B2652CF1-D57C-420B-8E96-098088020070} SUPPRIME C:\Users\Didier\Appdata\Local\{B32766CC-D538-4853-AED9-299C938FCF3E} SUPPRIME C:\Users\Didier\Appdata\Local\{B5B7FE8E-05A6-44D3-AC73-441C70B06D18} SUPPRIME C:\Users\Didier\Appdata\Local\{B5DE7FCA-24BA-418C-A268-C977F6A53765} SUPPRIME C:\Users\Didier\Appdata\Local\{B6965252-6B8D-4E7A-AC3C-E0170FEB6EF7} SUPPRIME C:\Users\Didier\Appdata\Local\{B70B1D0A-1CCB-4219-BCB6-021F1FF87BA2} SUPPRIME C:\Users\Didier\Appdata\Local\{B7BD513E-55DF-4CCB-A445-B0215BB64D39} SUPPRIME C:\Users\Didier\Appdata\Local\{B8557487-8F12-42A9-A6E1-E4D3A085FF0C} SUPPRIME C:\Users\Didier\Appdata\Local\{B86A12DD-D722-4FB4-9BF0-1241534DF5D3} SUPPRIME C:\Users\Didier\Appdata\Local\{B9954BAC-7EDD-4A56-9931-F5B4A2276009} SUPPRIME C:\Users\Didier\Appdata\Local\{BA25B4C4-C178-46DA-AB6F-F8B85F628326} SUPPRIME C:\Users\Didier\Appdata\Local\{BB31D852-181C-4CB9-9DD7-1CDC6F38573D} SUPPRIME C:\Users\Didier\Appdata\Local\{BB5A3ABD-FD80-484D-87A2-E2ECA2ACF560} SUPPRIME C:\Users\Didier\Appdata\Local\{C027BE88-98F7-4671-A9F5-38BF01622318} SUPPRIME C:\Users\Didier\Appdata\Local\{C1B96595-A3D9-4162-A560-5D0F97FF10AC} SUPPRIME C:\Users\Didier\Appdata\Local\{C2609CE7-A32B-4658-8E79-0424AE90AA43} SUPPRIME C:\Users\Didier\Appdata\Local\{C2816C35-88C3-4AB3-BF2A-BC5026373CE9} SUPPRIME C:\Users\Didier\Appdata\Local\{C52B017F-BA01-4221-B89F-2E8C473DA1C3} SUPPRIME C:\Users\Didier\Appdata\Local\{C687F477-493A-496F-B9EB-EAF6E2F5486C} SUPPRIME C:\Users\Didier\Appdata\Local\{C6F95C86-0D70-4258-8BD8-F1AEFC55B55A} SUPPRIME C:\Users\Didier\Appdata\Local\{C7319136-8B1E-40AB-A48E-E8AB8E298BE4} SUPPRIME C:\Users\Didier\Appdata\Local\{C7E7BA05-6DC3-4C42-B2E1-355256BAC33C} SUPPRIME C:\Users\Didier\Appdata\Local\{C8C6C9EE-0AAA-478A-8EE0-23DAF07FA365} SUPPRIME C:\Users\Didier\Appdata\Local\{C8E22305-01CB-49D7-A9B2-CBAB89494001} SUPPRIME C:\Users\Didier\Appdata\Local\{CA024D54-3481-41DA-B29B-4D159A23EA19} SUPPRIME C:\Users\Didier\Appdata\Local\{CA2401FC-EAC4-4EF3-82CD-146869D1A4E4} SUPPRIME C:\Users\Didier\Appdata\Local\{CF0B2C5D-900D-4D71-8DE9-071B7E3CC93C} SUPPRIME C:\Users\Didier\Appdata\Local\{CFA3804B-366C-4A08-96EA-93520811C20C} SUPPRIME C:\Users\Didier\Appdata\Local\{D292C114-6A65-4073-A9AA-9682C87CE46D} SUPPRIME C:\Users\Didier\Appdata\Local\{D324308F-5AA6-4D50-8591-10476FC1D2C1} SUPPRIME C:\Users\Didier\Appdata\Local\{D3772A25-F7F9-4C67-B087-52AB1D1B9D6B} SUPPRIME C:\Users\Didier\Appdata\Local\{D3E2B5A6-2384-43D4-B022-081BA0D82251} SUPPRIME C:\Users\Didier\Appdata\Local\{D5AD7122-1577-4865-82E5-69667C3C952E} SUPPRIME C:\Users\Didier\Appdata\Local\{D6460F0D-282C-4CE1-BA3C-2FD82053F4C6} SUPPRIME C:\Users\Didier\Appdata\Local\{D6C03C40-9531-4618-B015-40DE26C65DBC} SUPPRIME C:\Users\Didier\Appdata\Local\{D94F40EF-B0C1-4498-9A1C-3477DE5E43A4} SUPPRIME C:\Users\Didier\Appdata\Local\{D9768D45-F147-4E04-8E75-74EB5269ED8E} SUPPRIME C:\Users\Didier\Appdata\Local\{D9BFA7DF-E2A1-49ED-9F47-3D3B9F6EAB40} SUPPRIME C:\Users\Didier\Appdata\Local\{DA66DD18-A3B9-417F-B740-FDEAD57A9666} SUPPRIME C:\Users\Didier\Appdata\Local\{DA6DC3D0-739F-4319-9D0B-03AE020CEDCE} SUPPRIME C:\Users\Didier\Appdata\Local\{DA75773D-6BE0-4657-81F4-D26E5D7CD84F} SUPPRIME C:\Users\Didier\Appdata\Local\{DA8AA01E-E85C-4826-A6F5-1B3ACAC45B38} SUPPRIME C:\Users\Didier\Appdata\Local\{DB848FD0-8B48-41BF-8127-7980B56E4F69} SUPPRIME C:\Users\Didier\Appdata\Local\{DB97164F-4CF9-45A0-8F8A-654E95A1C324} SUPPRIME C:\Users\Didier\Appdata\Local\{DDAFFEAA-0F12-408E-8790-1CA25125E0C5} SUPPRIME C:\Users\Didier\Appdata\Local\{DE0ACD79-8183-4C41-811A-1DDA998DE36A} SUPPRIME C:\Users\Didier\Appdata\Local\{DE3476C8-4B6A-43BC-9F49-1BCCB1D36AD3} SUPPRIME C:\Users\Didier\Appdata\Local\{DF28811E-BF58-4980-9749-1310DD953D11} SUPPRIME C:\Users\Didier\Appdata\Local\{DF4E9953-A2A8-4D7B-8BBA-86AC02E874E1} SUPPRIME C:\Users\Didier\Appdata\Local\{DF7420B2-195B-4ACB-99F6-D851F2C2DAC4} SUPPRIME C:\Users\Didier\Appdata\Local\{E0CFD105-7FBF-473C-B64B-06C69F299B66} SUPPRIME C:\Users\Didier\Appdata\Local\{E0FF2486-F167-40FC-870D-1A691387350D} SUPPRIME C:\Users\Didier\Appdata\Local\{E43D0BA7-BF2A-4F8C-BE26-618695AA2F4A} SUPPRIME C:\Users\Didier\Appdata\Local\{E4675ECA-AE13-48EA-BABF-7E6CBFDE5048} SUPPRIME C:\Users\Didier\Appdata\Local\{E4E0113D-DB70-4895-ADED-9C1682049FF6} SUPPRIME C:\Users\Didier\Appdata\Local\{E4F12C95-687D-422E-85AE-9C4E135DFB66} SUPPRIME C:\Users\Didier\Appdata\Local\{E53D1A47-DA47-4A6C-BE0A-C229C10A64BE} SUPPRIME C:\Users\Didier\Appdata\Local\{E5849A6A-7BE1-4208-940C-9AD95D7EA88E} SUPPRIME C:\Users\Didier\Appdata\Local\{E65920CA-48B2-43CC-B57B-CBDC84D71DC0} SUPPRIME C:\Users\Didier\Appdata\Local\{E6A51938-F167-4393-86E0-05E3069F1A67} SUPPRIME C:\Users\Didier\Appdata\Local\{E6F617BF-4090-4075-B5E2-C597A5BC4618} SUPPRIME C:\Users\Didier\Appdata\Local\{E7564257-FACC-45FC-8ED4-8C9321256F1A} SUPPRIME C:\Users\Didier\Appdata\Local\{E7A7ECE7-FFF1-4BA3-8F97-046D83BB4076} SUPPRIME C:\Users\Didier\Appdata\Local\{E875BBC0-FE30-486F-A692-81FBB36DE5F9} SUPPRIME C:\Users\Didier\Appdata\Local\{E8B1EC99-93B1-4B78-B284-8F93D98BA8DC} SUPPRIME C:\Users\Didier\Appdata\Local\{E90CF425-EA9B-43B6-9ED1-4ADF6D94DA5B} SUPPRIME C:\Users\Didier\Appdata\Local\{E9278966-E71F-45D6-BB1C-B67532EA3B77} SUPPRIME C:\Users\Didier\Appdata\Local\{E9329F13-BE36-4474-B4F2-0D3D6B092B5A} SUPPRIME C:\Users\Didier\Appdata\Local\{EBAA6984-98E9-48D1-BA2E-7B2E9733CD50} SUPPRIME C:\Users\Didier\Appdata\Local\{ECB2DDA1-B9C9-43E5-9F80-ADFBC225A48E} SUPPRIME C:\Users\Didier\Appdata\Local\{ECCB7300-7716-4A50-98B0-29CD5712FC3A} SUPPRIME C:\Users\Didier\Appdata\Local\{ED09AAF1-325D-48BF-954C-3DFB496C47BF} SUPPRIME C:\Users\Didier\Appdata\Local\{EE51C373-30EB-45E6-8B09-C9F6F81D8338} SUPPRIME C:\Users\Didier\Appdata\Local\{EE659A5F-267D-4207-B2EE-BD936F0227D7} SUPPRIME C:\Users\Didier\Appdata\Local\{EEB54E16-E4B8-4C29-A8EF-C16C441B9C0F} SUPPRIME C:\Users\Didier\Appdata\Local\{EEB68C53-39CA-4F96-A8B4-A33F20552773} SUPPRIME C:\Users\Didier\Appdata\Local\{EFF08441-5B2A-4630-8C68-31D901767AEC} SUPPRIME C:\Users\Didier\Appdata\Local\{F0286ECF-5486-41AC-BA7B-13F2C673CF74} SUPPRIME C:\Users\Didier\Appdata\Local\{F0FBF277-3BAE-44DD-BD11-CE4EDCBD684A} SUPPRIME C:\Users\Didier\Appdata\Local\{F14875BD-9DB9-4AE6-8746-CCA218F5C816} SUPPRIME C:\Users\Didier\Appdata\Local\{F1D85ECC-8A6D-4BD7-87FA-742670B39ABA} SUPPRIME C:\Users\Didier\Appdata\Local\{F1F24031-B142-4483-9D42-0B2C2B40213A} SUPPRIME C:\Users\Didier\Appdata\Local\{F2E0F705-919F-4A02-8016-DD014AA36E10} SUPPRIME C:\Users\Didier\Appdata\Local\{F4A2322D-D236-42FC-A10B-45DB3EA66B03} SUPPRIME C:\Users\Didier\Appdata\Local\{F4B2EA55-A51B-442D-8926-644E7DBDF88D} SUPPRIME C:\Users\Didier\Appdata\Local\{F5842533-FC53-4FAA-9C91-5CDFEB0B27D3} SUPPRIME C:\Users\Didier\Appdata\Local\{F804FC95-1692-492C-BC76-84879050F070} SUPPRIME C:\Users\Didier\Appdata\Local\{F89CD7EF-C787-48A7-8146-FBF691594EF4} SUPPRIME C:\Users\Didier\Appdata\Local\{F9C4EA4F-EA96-48CA-90E8-A633523B1FD0} SUPPRIME C:\Users\Didier\Appdata\Local\{FB51BE74-FDB6-49A8-84F3-D05D02291367} SUPPRIME C:\Users\Didier\Appdata\Local\{FBCC09F8-9A62-427D-8C76-7B6ACDE76E54} ABSENT C:\Users\Didier\Appdata\Local\{FC7D016C-09E2-4FFF-AACE-F63FB86678F1} O43 - CFD: 08/08/2010 - 14:29:52 - [85] ----D- C:\Program Files (x86)\Application Updater SUPPRIME Flash Cookies: 39 SUPPRIME Temporaires Windows: : 80 ========== Fichier(s) ========== ABSENT Folder/File: c:\program files (x86)\quad utilities\quad driver fix\quad driver fix.exe ABSENT File: c:\users\didier\appdata\roaming\mozilla\firefox\profiles\zq9h9v7h.default\searchplugins\conduit.xml ABSENT File: c:\users\didier\appdata\roaming\mozilla\firefox\profiles\zq9h9v7h.default\searchplugins\daemon-search.xml SUPPRIME c:\windows\tasks\quad driver fix startup run.job ABSENT Folder/File: c:\users\didier\appdata\roaming\mozilla\firefox\profiles\zq9h9v7h.default\searchplugins\conduit.xml SUPPRIME Flash Cookies: 21 SUPPRIME Temporaires Windows: : 165 ========== Tache planifiée ========== ABSENT Task: SpyHunter3 ABSENT Task: QUAD Driver Fix Startup Run ========== Autre ========== NON TRAITE [HKLM\Software\Wow6432Node\Search Settings ========== Récapitulatif ========== 8 : Processus mémoire 60 : Clé(s) du Registre 12 : Valeur(s) du Registre 302 : Dossier(s) 7 : Fichier(s) 2 : Logiciel(s) 17 : Préférences navigateur 2 : Tache planifiée 1 : Autre ========== Chemin du fichier rapport ========== C:\Program Files (x86)\ZHPDiag\ZHPFixReport.txt End of the scan

Bonjour et merci de ta réactivité. Je viens de t'envoyer le rapport de ZHP Cliquez ici. et j'ai fait le nettoyage de PureRa. Le virus a d'ailleurs tenté de se réinstaller immédiatement après le nettoyage du fichier temp. Cordialement

Bonjour, je suis nouveau sur le forum. J'ai depuis plusieurs jours un trojan Win32/ Comisproc qui est détecté par Microsoft Sécurity Essentials dans un fichier Temp -avast-. A chaque redémarrage de l'ordi, il semble se ré-installer. J'ai depuis quelques semaines des plantages réguliers de l'ordi (écran bleu) après quelques minutes. Je protège mon ordi avec Gdata Internet Secutity; ce dernier plante aussi depuis quelques semaines- risque critique sur moteur B; une ré-installation résout le problème...jusqu'au suivant.J'ai par ailleurs éliminé des fichiers infectés dans un dossier de musique sur la cession de ma fille. Enfin, Malwarebytes que j'utilise parfois en complément refuse de se mettre à jour (effet du virus sans doute) J'ai réalisé un scan HijachThis en mode sans échec car j'avais un message d'erreur autrement ("For some reason your system denied write access to the hosts files. If any hijacked domains are in this files, HijackThis may not be able to fix this.If it happen you need to edit the file yourself. To do that, start, run and type: notepad C:\Windows\System32\drivers\etc\hosts and press enter. Find the line(s) hijackThis report and delete them.....") Voici le rapport généré par HijackThis Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 10:42:10, on 18/06/2011 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Safe mode Running processes: C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Bing R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=C:\Windows\SysWOW64\Userinit.exe, O1 - Hosts: ::1 localhost O2 - BHO: G Data WebFilter Class - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files (x86)\G Data\InternetSecurity\WebFilter\AVKWebIE.dll O2 - BHO: Aide à la navigation SFR - {0F6E720A-1A6B-40E1-A294-1D4D19F156C8} - C:\Program Files (x86)\SFR\Kit\SFRNavErrorHelper.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: BHO - {BA3295CF-17ED-4F49-9E95-D999A0ADBFDC} - C:\Program Files (x86)\Common Files\G DATA\AVKProxy\BanksafeBHO.dll O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing) O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - (no file) O3 - Toolbar: (no name) - {ED0E8CA5-42FB-4B18-997B-769E0408E79D} - (no file) O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing) O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O3 - Toolbar: G Data WebFilter - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files (x86)\G Data\InternetSecurity\WebFilter\AVKWebIE.dll O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [G Data AntiVirus Tray Application] C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe O4 - HKLM\..\Run: [GDFirewallTray] C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent O4 - HKCU\..\Run: [iSUSPM] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [Google Update] "C:\Users\Didier\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [EPSON Stylus CX4800 Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIADA.EXE /FU "C:\Users\Didier\AppData\Local\Temp\E_S17D7.tmp" /EF "HKCU" O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE RÉSEAU') O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D1E1F7ED622A0E5D.dll/cmsidewiki.html O8 - Extra context menu item: Télécharger en utilisant Download &Express - C:\Program Files (x86)\Download Express\Add_Url.htm O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: FreshDownload - {937D55D6-0D62-4E7E-A6A2-EA367B9FADD4} - C:\Program Files (x86)\FreshDevices\FreshDownload\fd.exe (file missing) O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - http://download.bitdefender.com/resources/scanner/sources/en/scan8/oscan8.cab O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab O16 - DPF: {8C922C73-FFFA-45A3-B2C2-BC1E30074267} - http://www.sony.fr/bravia/RegistrationAgent.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/mcfscan/2,2,0,5855/mcfscan.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: @%systemroot%\system32\appidsvc.dll,-100 (AppIDSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (AudioSrv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: G Data AntiVirus Proxy (AVKProxy) - Unknown owner - C:\Program Files (x86)\Common Files\G DATA\AVKProxy\AVKProxy.exe O23 - Service: Planificateur G Data (AVKService) - Unknown owner - C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe O23 - Service: G Data Gardien (AVKWCtl) - G Data Software AG - C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlX64.exe O23 - Service: @%SystemRoot%\system32\AxInstSV.dll,-103 (AxInstSV) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\bdesvc.dll,-100 (BDESVC) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\bthserv.dll,-101 (bthserv) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: CLHNService - Unknown owner - C:\Program Files (x86)\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\defragsvc.dll,-101 (defragsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\dhcpcore.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\ehome\ehrecvr.exe,-101 (ehRecvr) - Unknown owner - C:\Windows\ehome\ehRecvr.exe O23 - Service: @%SystemRoot%\ehome\ehsched.exe,-101 (ehSched) - Unknown owner - C:\Windows\ehome\ehsched.exe O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (eventlog) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Pare-feu personnel G Data (GDFwSvc) - G Data Software AG - C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe O23 - Service: G Data Scanner (GDScan) - Unknown owner - C:\Program Files (x86)\Common Files\G DATA\GDScan\GDScan.exe O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Service Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Service Google Update (gupdatem) (gupdatem) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\ListSvc.dll,-100 (HomeGroupListener) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\provsvc.dll,-100 (HomeGroupProvider) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-500 (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Ma-Config Service (maconfservice) - Unknown owner - C:\Program Files\ma-config.com\maconfservice.exe O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\netprofm.dll,-202 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\sysWow64\perfhost.exe,-2 (PerfHost) - Unknown owner - C:\Windows\SysWow64\perfhost.exe O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\pnrpauto.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\umpo.dll,-100 (Power) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @regsvc.dll,-1 (RemoteRegistry) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%windir%\system32\RpcEpMap.dll,-1001 (RpcEptMapper) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Secunia PSI Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\PSIA.exe O23 - Service: Secunia Update Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\sua.exe O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\sensrsvc.dll,-1000 (SensrSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppuinotify.dll,-103 (sppuinotify) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (stisvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\themeservice.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%systemroot%\system32\wbiosrvc.dll,-100 (WbioSrvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchIndexer.exe O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\wwansvc.dll,-257 (WwanSvc) - Unknown owner - C:\Windows\system32\svchost.exe -- End of file - 25225 bytes Merci d'avance pour votre aide; je vous avoue être un peu perdu avec cette infection!