Aller au contenu

inriel

Membres
  • Compteur de contenus

    4
  • Inscription

  • Dernière visite

Autres informations

  • Mes langues
    Français Anglais

inriel's Achievements

Junior Member

Junior Member (3/12)

0

Réputation sur la communauté

  1. Bonsoir Appolo, Suite au nettoyage & vaccination par Usbfix, je poste pour info les 2 rapports générés (voir ci-dessous): <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< ############################## [ UsbFix V3.016 # Cleaning ] # User : inriel (Utilisateurs) # MYPC # Update on 02/05/09 by Chiquitine29, C_XX & Chimay8 # WebSite : http://pagesperso-orange.fr/NosTools/usbfix.html # Start at: 19:04:06 | 06/05/2009 # Processeur Intel Pentium III # Microsoft Windows XP Professionnel (5.1.2600 32-bit) # Service Pack 3 # Internet Explorer 8.0.6001.18702 # Windows Firewall Status : Disabled # A:\ # Lecteur de disquettes 3 ½ pouces # C:\ # Disque fixe local # 8.59 Go (1.73 Go free) [system] # NTFS # D:\ # Disque fixe local # 9.39 Go (3.96 Go free) [data] # NTFS # E:\ # Disque CD-ROM # F:\ # Disque amovible # 125.35 Mo (69.85 Mo free) # FAT ############################## [ Processus actifs ] C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\logonui.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\system32\WgaTray.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\wbem\wmiprvse.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\System32\alg.exe C:\WINDOWS\System32\wbem\wmiapsrv.exe ################## [ Fichiers # Dossiers infectieux ] Deleted ! C:\WINDOWS\system32\tmp.reg Deleted ! C:\WINDOWS\system32\tmp.txt ################## [ Registre # Clés Run infectieuses ] ################## [ Registre # Mountpoints2 ] # -> Not Found ! ################## [ Listing des fichiers présent ] [25/08/2007 13:14|--ahs----|213] - C:\boot.ini [28/08/2001 14:00|-rahs----|4952] - C:\Bootfont.bin [?|?|?] - C:\hiberfil.sys [01/03/2008 13:52|--a------|100] - C:\index.ini [01/03/2008 22:16|--a------|164] - C:\install.dat [26/07/2007 00:17|-rahs----|0] - C:\IO.SYS [26/07/2007 00:17|-rahs----|0] - C:\MSDOS.SYS [26/07/2007 22:29|-rahs----|47564] - C:\NTDETECT.COM [21/02/2009 17:56|-rahs----|252240] - C:\ntldr [?|?|?] - C:\pagefile.sys [05/05/2009 08:19|--a------|13030] - C:\PDOXUSRS.NET [26/05/2008 11:14|--ahs----|4096] - C:\VSNAP.IDX [06/05/2009 19:03|--a------|1614] - F:\BOOTEX.LOG ################## [ Vaccination ] # C:\autorun.inf -> Folder created by UsbFix. # D:\autorun.inf -> Folder created by UsbFix. # F:\autorun.inf -> Folder created by UsbFix. ################## [ ! Fin du rapport # UsbFix V3.016 ! ] <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< ******************************************************************************** *********** ############################## [ UsbFix V3.016 # Vaccination ] # User : inriel (Utilisateurs) # MYPC # Update on 02/05/09 by Chiquitine29, C_XX & Chimay8 # WebSite : http://pagesperso-orange.fr/NosTools/usbfix.html # Start at: 19:08:31 | 06/05/2009 # Processeur Intel Pentium III # Microsoft Windows XP Professionnel (5.1.2600 32-bit) # Service Pack 3 # Internet Explorer 8.0.6001.18702 # Windows Firewall Status : Disabled # A:\ # Lecteur de disquettes 3 ½ pouces # C:\ # Disque fixe local # 8.59 Go (1.73 Go free) [system] # NTFS # D:\ # Disque fixe local # 9.39 Go (3.96 Go free) [data] # NTFS # E:\ # Disque CD-ROM # F:\ # Disque amovible # 125.35 Mo (69.85 Mo free) # FAT ################## [ Vaccination ] # C:\autorun.inf -> Folder created by UsbFix. # D:\autorun.inf -> Folder created by UsbFix. # F:\autorun.inf -> Folder created by UsbFix. ################## [ ! Fin du rapport # UsbFix V3.016 ! ] ******************************************************************************** *********** Néanmoins suite aux actions de Usbfix, j'observe que ZHP plante en signalant désormais 1 anomalie au niveau de la BdR (Base de registres WINDOWS) liée à {Type de données incorrect pour "NoDriveAutoRun"} et 1 nouveau malware lié à {nofolderoptions} (voir ci-dessous): §§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§ §§§§§§§§§§§ Zeb Help Process v2.33.8 by Nicolas Coolman - Rapport Général du 06/05/2009 20:23:52 Rapport de ZHPDiag v1.20 par Nicolas Coolman Enregistré le 06/05/2009 20:23:46 Platform : Microsoft Windows XP (5.1.2600) Service Pack 3 ---\\ ZHPSearch, Recherche particulière de Clé, valeur ou donnée de BDR (RPR) (O70) *** None *** ---\\ ZHPSearch, Outil de recherche d'infection de Base de Registres (O71) O71 - BDRI:[hklm\software\microsoft\internet explorer\main]:start page - http://fr.msn.com/ O71 - BDRI:[hkcu\software\microsoft\windows\currentversion\policies\explorer]:nofolderoptions O71 - BDRI:[hkcu\software\microsoft\windows\currentversion\run]:ctfmon.exe - C:\WINDOWS\system32\ctfmon.exe Lignes traitées 3/3 §§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§§ §§§§§§§§§§§ Merci de m'aider, @+ (Le mieux est-il l'ennemi du bien ????)
  2. Bonsoir Appolo, Le résultat du scan "Usbfix" confirme celui de ZHPDiag, à savoir: ############################## [ UsbFix V3.016 # Scan ] # User : inriel (Utilisateurs) # MYPC # Update on 02/05/09 by Chiquitine29, C_XX & Chimay8 # WebSite : http://pagesperso-orange.fr/NosTools/usbfix.html # Start at: 20:37:09 | 04/05/2009 # Processeur Intel Pentium III # Microsoft Windows XP Professionnel (5.1.2600 32-bit) # Service Pack 3 # Internet Explorer 8.0.6001.18702 # Windows Firewall Status : Disabled # A:\ # Lecteur de disquettes 3 ½ pouces # C:\ # Disque fixe local # 8.59 Go (1.73 Go free) [system] # NTFS # D:\ # Disque fixe local # 9.39 Go (3.96 Go free) [data] # NTFS # E:\ # Disque CD-ROM # F:\ # Disque amovible # 125.35 Mo (85.87 Mo free) # FAT ############################## [ Processus actifs ] C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\System32\alg.exe C:\WINDOWS\System32\wbem\wmiapsrv.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\wbem\wmiprvse.exe ################## [ Registre # Startup ] HKCU_Main: "Local Page"="C:\\windows\\system32\\blank.htm" HKCU_Main: "Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch" HKCU_Main: "Start Page"="http://www.google.fr/" HKLM_logon: "Userinit"="C:\\WINDOWS\\system32\\userinit.exe," HKLM_logon: "DefaultUserName"="inriel" HKLM_logon: "AltDefaultUserName"="inriel" HKLM_Run: HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents= HKCU_Run: ctfmon.exe=C:\WINDOWS\system32\ctfmon.exe ################## [ Informations ] ################## [ Fichiers # Dossiers infectieux ] Found ! C:\WINDOWS\system32\tmp.reg Found ! C:\WINDOWS\system32\tmp.txt ################## [ Registre # Clés Run infectieuses ] ################## [ Registre # Mountpoints2 ] # -> Not Found ! ################## [ ! Fin du rapport # UsbFix V3.016 ! ] Faut-il passer à l'opération n°2 (ie "Suppression des fichiers infectieux") sans précaution particulière ? Merci de m'aider, @+
  3. Bonjour Appolo, Un scan "Dr.Web" révèle la présence du malware "Tool.Prockill". "Usbfix.exe" est-il un risktool qui génère un tel faux positif ? Par ailleurs, pourquoi Chiquitine29 (auteur du fixtool "Usbfix.exe") a depuis retiré son fixtool de la circulation ? Merci de lever le doute, @+
  4. Bonjour aux ZHP helpers, Je subis des ralentissements & déconnexions Internet intempestives depuis des mois. Seul ZHP me signale que mon PC est infecté (détection de TMP.reg & TMP.txt) par un malware. Mais lequel ? Voici le scan de ZHPDiag: <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< Rapport de ZHPDiag v1.20 par Nicolas Coolman Enregistré le 02/05/2009 21:40:02 Platform : Microsoft Windows XP (5.1.2600) Service Pack 3 MSIE: Internet Explorer v8.0.6001.18702 MFIE: Mozilla Firefox (3.0.10) ---\\ Processus lancés C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\services.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\system32\lsass.exe ---\\ Pages de démarrage d'Internet Explorer (R0) R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?p...ER}&ar=home ---\\ Pages de recherche d'Internet Explorer (R1) R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch R1 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm ---\\ Browser Helper Objects de navigateur (O2) O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll ---\\ Applications démarrées automatiquement par le registre (O4) O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKLM\..\policies\Explorer: [NoDriveAutoRun] Data="67108863" O4 - HKLM\..\policies\Explorer: [NoDriveTypeAutoRun] Data="255" O4 - HKLM\..\policies\Explorer: [HonorAutoRunSetting] Data="1" ---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9) O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe,302 O9 - Extra 'Tools' menuitem: Windows Messenger - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Messenger\msmsgs.exe,302 O9 - Extra button: Web traffic protection statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll,101 O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe,302 ---\\ Objets ActiveX (Downloaded Program Files)(O16) O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://fpdownload.macromedia.com/get/shock...director/sw.cab O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwa...director/sw.cab O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} () - http://fpdownload.macromedia.com/get/flash...t/ultrashim.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab ---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20) O20 - Winlogon Notify: WlDimsStartup - C:\WINDOWS\System32\%SystemRoot%\System32\dimsntfy.dll O20 - Winlogon Notify: WLEventStart - C:\WINDOWS\system32\klogon.dll O20 - Winlogon Notify: WLEventStartup - C:\WINDOWS\System32\WgaLogon.dll ---\\ Liste des services NT non Microsoft et non désactivés (O23) O23 - Service: Java Quick Starter (JavaQuickStarterService) - C:\Program Files\Java\jre6\bin\jqs.exe -service -config C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf ---\\ Composants installés (ActiveSetup Installed Components) (O40) O40 - ASIC: Mise à jour de la version d’Internet Explorer - <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe O40 - ASIC: Lecteur Windows Media - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\INF\unregmp2.exe /ShowWMP O40 - ASIC: Internet Explorer - {26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig O40 - ASIC: Outlook Express - {881dd1c5-3dcf-431b-b061-f3f88e8be88a} - C:\WINDOWS\system32\shmgrate.exe OCInstallUserConfigOE O40 - ASIC: Personnalisation du navigateur - {CB58DED6-4AF3-4080-9DF1-DEE72075169F} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP O40 - ASIC: (no name) - Microsoft Base Smart Card Crypto Provider Package - (not file) O40 - ASIC: Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - (not file) O40 - ASIC: Rendu VML (Vector Graphics Rendering) - {10072CEC-8CC1-11D1-986E-00A0C955B42F} - (not file) O40 - ASIC: Microsoft NetShow Player - {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - C:\WINDOWS\system32\wmpdxm.dll O40 - ASIC: Microsoft Windows Media Player 6.4 - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\system32\wmpdxm.dll O40 - ASIC: Adobe Shockwave Director 11.0.3 - {233C1507-6A77-46A4-9443-F871F945D258} - C:\WINDOWS\system32\Adobe\Director\SwDir.dll O40 - ASIC: DirectAnimation - {283807B5-2C60-11D0-A31D-00AA00B92C03} - (not file) O40 - ASIC: Themes Setup - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - C:\WINDOWS\system32\regsvr32.exe /s /n /i:/UserInstall C:\WINDOWS\system32\themeui.dll O40 - ASIC: Liaison de données Dynamic HTML pour Java - {36f8ec70-c29a-11d1-b5c7-0000f8051515} - (not file) O40 - ASIC: Offline Browsing Pack - {3af36230-a269-11d1-b5bf-0000f8051515} - (not file) O40 - ASIC: Uniscribe - {3bf42070-b3b1-11d1-b5c5-0000f8051515} - (not file) O40 - ASIC: .NET Framework - {3F7924B9-D148-3141-87B1-68F36043A940} - (not file) O40 - ASIC: Microsoft .NET Framework 1.1 Service Pack 1 (KB867460) - {411EDCF7-755D-414E-A74B-3DCD6583F589} - (not file) O40 - ASIC: Création avancée - {4278c270-a269-11d1-b5bf-0000f8051515} - (not file) O40 - ASIC: Microsoft Outlook Express 6 - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install O40 - ASIC: NetMeeting 3.01 - {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT O40 - ASIC: DirectShow - {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - (not file) O40 - ASIC: DirectDrawEx - {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - (not file) O40 - ASIC: Internet Explorer Help - {45ea75a0-a269-11d1-b5bf-0000f8051515} - (not file) O40 - ASIC: Classes Java DirectAnimation - {4f216970-c90c-11d1-b5c7-0000f8051515} - (not file) O40 - ASIC: Microsoft Windows Script 5.7 - {4f645220-306d-11d2-995d-00c04f98bbc9} - (not file) O40 - ASIC: Mise à jour de sécurité pour Windows XP (KB923789) - {5056b317-8d4c-43ee-8543-b9d1e234b8f4} - (not file) O40 - ASIC: Windows Messenger 4.7 - {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser O40 - ASIC: (no name) - {5A8D6EE0-3E18-11D0-821E-444553540000} - (not file) O40 - ASIC: Internet Explorer Setup Tools - {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - (not file) O40 - ASIC: Browsing Enhancements - {630b1da0-b465-11d1-9948-00c04f98bbc9} - (not file) O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp11.inf,PerUserStub O40 - ASIC: MSN Site Access - {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - (not file) O40 - ASIC: .NET Framework - {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - (not file) O40 - ASIC: .NET Framework - {72AD53CC-CCC0-3757-8480-9EE176866A7C} - (not file) O40 - ASIC: Dossiers Web - {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - (not file) O40 - ASIC: Carnet d'adresses 6 - {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install O40 - ASIC: Mise à jour du Bureau Windows - {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll O40 - ASIC: Internet Explorer - {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings O40 - ASIC: (no name) - {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install O40 - ASIC: Microsoft .NET Framework 1.1 Hotfix (KB928366) - {8D1D0E9A-C799-4D28-9E29-0061D1E66E43} - (not file) O40 - ASIC: Dynamic HTML Data Binding - {9381D8F2-0288-11D0-9501-00AA00B911A5} - (not file) O40 - ASIC: .NET Framework - {9A394342-4A68-4EBA-85A6-55B559F4E700} - (not file) O40 - ASIC: .NET Framework - {B508B3F1-A24A-32C0-B310-85786919EF28} - (not file) O40 - ASIC: .NET Framework - {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - (not file) O40 - ASIC: Internet Explorer Core Fonts - {C9E9A340-D1F1-11D0-821E-444553540600} - (not file) O40 - ASIC: .NET Framework - {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - (not file) O40 - ASIC: Planificateur de tâches - {CC2A9BA0-3BDD-11D0-821E-444553540000} - (not file) O40 - ASIC: (no name) - {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - (not file) O40 - ASIC: Adobe Flash Player - {D27CDB6E-AE6D-11CF-96B8-444553540000} - C:\WINDOWS\system32\Macromed\Flash\Flash10b.ocx O40 - ASIC: HTML Help - {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - (not file) O40 - ASIC: Active Directory Service Interface - {E92B03AB-B707-11d2-9CBD-0000F87A369E} - (not file) O40 - ASIC: Hotfix for Microsoft .NET Framework 3.0 (KB932471) - {ECD292A0-0347-4244-8C24-5DBCE990FB40} - (not file) O40 - ASIC: RootsUpdate - {EF289A85-8E57-408d-BE47-73B55609861A} - (not file) O40 - ASIC: .NET Framework - {F196AC50-7C95-42E1-9947-BDAB18BF3C8C} - (not file) ---\\ Pilotes lancés au démarrage (O41) O41 - Driver: Service d'installation du pilote audio Intel® 82801 (WDM) (ac97intc) - C:\WINDOWS\system32\drivers\ac97intc.sys O41 - Driver: Ad-Watch Connect Kernel Filter (Ad-Watch Connect Filter) - C:\WINDOWS\system32\drivers\NSDriver.sys O41 - Driver: Suppresseur d'écho acoustique (Noyau Microsoft) (aec) - C:\WINDOWS\system32\drivers\aec.sys O41 - Driver: Environnement de prise en charge de réseau AFD (AFD) - C:\WINDOWS\System32\drivers\afd.sys O41 - Driver: Pilote de média asynchrone RAS (AsyncMac) - C:\WINDOWS\system32\DRIVERS\asyncmac.sys O41 - Driver: Protocole client ATM ARP (Atmarpc) - C:\WINDOWS\System32\DRIVERS\atmarpc.sys O41 - Driver: Pilote audio Stub (audstub) - C:\WINDOWS\System32\DRIVERS\audstub.sys O41 - Driver: Pont MAC (Bridge) - C:\WINDOWS\System32\DRIVERS\bridge.sys O41 - Driver: Miniport de pont MAC (BridgeMP) - C:\WINDOWS\System32\DRIVERS\bridge.sys O41 - Driver: (no object) (dmboot) - C:\WINDOWS\System32\drivers\dmboot.sys O41 - Driver: Pilote de Gestionnaire de disque logique (dmio) - C:\WINDOWS\System32\drivers\dmio.sys O41 - Driver: (no object) (dmload) - C:\WINDOWS\System32\drivers\dmload.sys O41 - Driver: Synthétiseur DLS du noyau Microsoft (DMusic) - C:\WINDOWS\system32\drivers\DMusic.sys O41 - Driver: Filtre de décodeur DRM (Noyau Microsoft) (drmkaud) - C:\WINDOWS\system32\drivers\drmkaud.sys O41 - Driver: Creative AudioPCI (ES1371,ES1373) (WDM) (es1371) - C:\WINDOWS\system32\drivers\es1371mp.sys O41 - Driver: Énumérateur de port jeu (gameenum) - C:\WINDOWS\system32\DRIVERS\gameenum.sys O41 - Driver: Classificateur de paquets générique (Gpc) - C:\WINDOWS\System32\DRIVERS\msgpc.sys O41 - Driver: Pilote pour clavier i8042 et souris sur port PS/2 (i8042prt) - C:\WINDOWS\System32\DRIVERS\i8042prt.sys O41 - Driver: (no object) (i81x) - C:\WINDOWS\System32\DRIVERS\i81xnt5.sys O41 - Driver: (no object) (iAimFP0) - C:\WINDOWS\System32\DRIVERS\wADV01nt.sys O41 - Driver: (no object) (iAimFP1) - C:\WINDOWS\System32\DRIVERS\wADV02NT.sys O41 - Driver: (no object) (iAimFP2) - C:\WINDOWS\System32\DRIVERS\wADV05NT.sys O41 - Driver: (no object) (iAimFP3) - C:\WINDOWS\System32\DRIVERS\wSiINTxx.sys O41 - Driver: (no object) (iAimFP4) - C:\WINDOWS\System32\DRIVERS\wVchNTxx.sys O41 - Driver: (no object) (iAimFP5) - C:\WINDOWS\system32\DRIVERS\wADV07nt.sys O41 - Driver: (no object) (iAimFP6) - C:\WINDOWS\system32\DRIVERS\wADV08nt.sys O41 - Driver: (no object) (iAimFP7) - C:\WINDOWS\system32\DRIVERS\wADV09nt.sys O41 - Driver: (no object) (iAimTV0) - C:\WINDOWS\System32\DRIVERS\wATV01nt.sys O41 - Driver: (no object) (iAimTV1) - C:\WINDOWS\System32\DRIVERS\wATV02NT.sys O41 - Driver: (no object) (iAimTV2) - C:\WINDOWS\System32\DRIVERS\wATV03nt.sys O41 - Driver: (no object) (iAimTV3) - C:\WINDOWS\System32\DRIVERS\wATV04nt.sys O41 - Driver: (no object) (iAimTV4) - C:\WINDOWS\System32\DRIVERS\wCh7xxNT.sys O41 - Driver: (no object) (iAimTV5) - C:\WINDOWS\system32\DRIVERS\wATV10nt.sys O41 - Driver: (no object) (iAimTV6) - C:\WINDOWS\system32\DRIVERS\wATV06nt.sys O41 - Driver: Pilote de filtre de trafic IP (IpFilterDriver) - C:\WINDOWS\System32\DRIVERS\ipfltdrv.sys O41 - Driver: Pilote de tunnelage IP dans IP (IpInIp) - C:\WINDOWS\System32\DRIVERS\ipinip.sys O41 - Driver: Traducteur d'adresses réseau IP (IpNat) - C:\WINDOWS\System32\DRIVERS\ipnat.sys O41 - Driver: Pilote IPSEC (IPSec) - C:\WINDOWS\System32\DRIVERS\ipsec.sys O41 - Driver: Service énumérateur IR (IRENUM) - C:\WINDOWS\System32\DRIVERS\irenum.sys O41 - Driver: Kl1 (kl1) - C:\WINDOWS\system32\drivers\kl1.sys O41 - Driver: Kaspersky Lab Boot Guard Driver (klbg) - C:\WINDOWS\system32\drivers\klbg.sys O41 - Driver: Kaspersky Lab KLFltDev (KLFLTDEV) - C:\WINDOWS\system32\DRIVERS\klfltdev.sys O41 - Driver: Kaspersky Lab Driver (KLIF) - C:\WINDOWS\system32\DRIVERS\klif.sys O41 - Driver: Kaspersky Anti-Virus NDIS Filter (klim5) - C:\WINDOWS\system32\DRIVERS\klim5.sys O41 - Driver: Mélangeur audio Wave de noyau Microsoft (kmixer) - C:\WINDOWS\system32\drivers\kmixer.sys O41 - Driver: Redirecteur client WebDav (MRxDAV) - C:\WINDOWS\System32\DRIVERS\mrxdav.sys O41 - Driver: MRXSMB (MRxSmb) - C:\WINDOWS\System32\DRIVERS\mrxsmb.sys O41 - Driver: Proxy de service de répartition Microsoft (MSKSSRV) - C:\WINDOWS\system32\drivers\MSKSSRV.sys O41 - Driver: Proxy d'horloge de répartition Microsoft (MSPCLOCK) - C:\WINDOWS\system32\drivers\MSPCLOCK.sys O41 - Driver: Proxy de gestion de qualité de répartition Microsoft (MSPQM) - C:\WINDOWS\system32\drivers\MSPQM.sys O41 - Driver: Pilote BIOS de gestion de systèmes Microsoft (mssmbios) - C:\WINDOWS\System32\DRIVERS\mssmbios.sys O41 - Driver: Pilote TAPI NDIS d'accès distant (NdisTapi) - C:\WINDOWS\System32\DRIVERS\ndistapi.sys O41 - Driver: NDIS mode utilisateur E/S Protocole (Ndisuio) - C:\WINDOWS\System32\DRIVERS\ndisuio.sys O41 - Driver: Pilote réseau étendu NDIS d'accès distant (NdisWan) - C:\WINDOWS\System32\DRIVERS\ndiswan.sys O41 - Driver: Interface NetBIOS (NetBIOS) - C:\WINDOWS\System32\DRIVERS\netbios.sys O41 - Driver: NetBIOS sur TCP/IP (NetBT) - C:\WINDOWS\System32\DRIVERS\netbt.sys O41 - Driver: NSNDIS5 NDIS Protocol Driver (NSNDIS5) - C:\WINDOWS\system32\NSNDIS5.SYS O41 - Driver: Pilote de filtre de trafic IPX (NwlnkFlt) - C:\WINDOWS\System32\DRIVERS\nwlnkflt.sys O41 - Driver: Pilote de transfert de trafic IPX (NwlnkFwd) - C:\WINDOWS\System32\DRIVERS\nwlnkfwd.sys O41 - Driver: Pilote processeur Intel Pentium III (P3) - C:\WINDOWS\System32\DRIVERS\p3.sys O41 - Driver: Miniport réseau étendu (PPTP) (PptpMiniport) - C:\WINDOWS\System32\DRIVERS\raspptp.sys O41 - Driver: Planificateur de paquets QoS (PSched) - C:\WINDOWS\System32\DRIVERS\psched.sys O41 - Driver: Pilote de liaison parallèle directe (Ptilink) - C:\WINDOWS\System32\DRIVERS\ptilink.sys O41 - Driver: Pilote de connexion automatique d'accès distant (RasAcd) - C:\WINDOWS\System32\DRIVERS\rasacd.sys O41 - Driver: Miniport réseau étendu (L2TP) (Rasl2tp) - C:\WINDOWS\System32\DRIVERS\rasl2tp.sys O41 - Driver: Pilote PPPOE d'accès à distance (RasPppoe) - C:\WINDOWS\System32\DRIVERS\raspppoe.sys O41 - Driver: Parallèle direct (Raspti) - C:\WINDOWS\System32\DRIVERS\raspti.sys O41 - Driver: Rdbss (Rdbss) - C:\WINDOWS\System32\DRIVERS\rdbss.sys O41 - Driver: Pilote de redirecteur de périphérique Terminal Server (rdpdr) - C:\WINDOWS\System32\DRIVERS\rdpdr.sys O41 - Driver: Pilote de filtre de lecture digitale de CD audio (redbook) - C:\WINDOWS\System32\DRIVERS\redbook.sys O41 - Driver: Secdrv (Secdrv) - C:\WINDOWS\System32\DRIVERS\secdrv.sys O41 - Driver: Pilote de filtre Serenum (serenum) - C:\WINDOWS\System32\DRIVERS\serenum.sys O41 - Driver: Pilote de filtrage Sony USB (SONYPVU1) (SONYPVU1) - C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS O41 - Driver: Splitter audio du noyau Microsoft (splitter) - C:\WINDOWS\system32\drivers\splitter.sys O41 - Driver: Pilote de filtre de restauration système (sr) - C:\WINDOWS\system32\DRIVERS\sr.sys O41 - Driver: Srv (Srv) - C:\WINDOWS\System32\DRIVERS\srv.sys O41 - Driver: Pilote de bus logiciel (swenum) - C:\WINDOWS\System32\DRIVERS\swenum.sys O41 - Driver: Synthétiseur de table de sons GC noyau Microsoft (swmidi) - C:\WINDOWS\system32\drivers\swmidi.sys O41 - Driver: Périphérique audio système du noyau Microsoft (sysaudio) - C:\WINDOWS\system32\drivers\sysaudio.sys O41 - Driver: Pilote du protocole TCP/IP (Tcpip) - C:\WINDOWS\System32\DRIVERS\tcpip.sys O41 - Driver: Pilote de mise à jour microcode (Update) - C:\WINDOWS\System32\DRIVERS\update.sys O41 - Driver: Pilote de concentrateur standard USB Microsoft (usbhub) - C:\WINDOWS\System32\DRIVERS\usbhub.sys O41 - Driver: Pilote de stockage de masse USB (USBSTOR) - C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS O41 - Driver: Pilote miniport de contrôleur hôte universel USB Microsoft (usbuhci) - C:\WINDOWS\System32\DRIVERS\usbuhci.sys O41 - Driver: Pilote ARP IP d'accès distant (Wanarp) - C:\WINDOWS\System32\DRIVERS\wanarp.sys O41 - Driver: Pilote WINMM de compatibilité audio WDM Microsoft (wdmaud) - C:\WINDOWS\system32\drivers\wdmaud.sys O41 - Driver: Windows Driver Foundation - User-mode Driver Framework Platform Driver (WudfPf) - C:\WINDOWS\system32\DRIVERS\WudfPf.sys O41 - Driver: Windows Driver Foundation - User-mode Driver Framework Reflector (WudfRd) - C:\WINDOWS\system32\DRIVERS\wudfrd.sys ---\\ Logiciels installés (O42) O42 - Logiciel: Adobe Flash Player 10 Plugin O42 - Logiciel: Adobe Reader 9.1 - Français O42 - Logiciel: Adobe Shockwave Player 11.5 O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.0 (KB932471) O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) O42 - Logiciel: Hotfix for Windows Media Format 11 SDK (KB929399) O42 - Logiciel: Hotfix for Windows Media Format SDK (KB902344) O42 - Logiciel: Hotfix for Windows XP (KB915800-v4) O42 - Logiciel: Java 6 Update 13 O42 - Logiciel: Kaspersky Internet Security 2009 O42 - Logiciel: Lecteur Windows Media 11 O42 - Logiciel: Microsoft .NET Framework 1.1 O42 - Logiciel: Microsoft .NET Framework 1.1 French Language Pack O42 - Logiciel: Microsoft .NET Framework 1.1 Hotfix (KB928366) O42 - Logiciel: Microsoft .NET Framework 2.0 Service Pack 2 O42 - Logiciel: Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - FRA O42 - Logiciel: Microsoft .NET Framework 3.0 Service Pack 2 O42 - Logiciel: Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - FRA O42 - Logiciel: Microsoft .NET Framework 3.5 Language Pack SP1 - fra O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 O42 - Logiciel: Microsoft Compression Client Pack 1.0 for Windows XP O42 - Logiciel: Microsoft Internationalized Domain Names Mitigation APIs O42 - Logiciel: Microsoft National Language Support Downlevel APIs O42 - Logiciel: Microsoft User-Mode Driver Framework Feature Pack 1.0 O42 - Logiciel: Module linguistique Microsoft .NET Framework 3.5 SP1- fra O42 - Logiciel: Package de base Microsoft de service de chiffrement pour cartes à puce O42 - Logiciel: Windows Imaging Component O42 - Logiciel: Windows Internet Explorer 8 O42 - Logiciel: Windows Media Format 11 runtime O42 - Logiciel: Windows Media Format SDK Hotfix - KB891122 O42 - Logiciel: Windows Media Player 11 O42 - Logiciel: Windows PowerShell 1.0 O42 - Logiciel: Windows Presentation Foundation O42 - Logiciel: Windows XP Service Pack 3 O42 - Logiciel: XML Paper Specification Shared Components Language Pack 1.0 O42 - Logiciel: ZebHelpProcess 2.33.8 ---\\ Contenu des dossiers Fichiers Communs (O43) O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Adobe O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Borland Shared O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Designer O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\InstallShield O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Microsoft Shared O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\MSSoap O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\ODBC O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Real O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\Services O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\SpeechEngines O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\System O43 - CFD:Common File Directory - C:\Program Files\Fichiers Communs\xing shared ---\\ Derniers fichiers modifiés ou crées sous System32 (O44) O44 - LFC:Last File Created - C:\WINDOWS\System32\admparse.dll -->08/03/2009 O44 - LFC:Last File Created - C:\WINDOWS\System32\advapi32.dll -->09/02/2009 O44 - LFC:Last File Created - C:\WINDOWS\System32\advpack.dll -->08/03/2009 O44 - LFC:Last File Created - C:\WINDOWS\System32\amcompat.tlb -->21/02/2009 O44 - LFC:Last File Created - C:\WINDOWS\System32\corpol.dll -->08/03/2009 O44 - LFC:Last File Created - C:\WINDOWS\System32\deploytk.dll -->27/03/2009 O44 - LFC:Last File Created - C:\WINDOWS\System32\dxtmsft.dll -->08/03/2009 O44 - LFC:Last File Created - C:\WINDOWS\System32\dxtrans.dll -->08/03/2009 O44 - LFC:Last File Created - C:\WINDOWS\System32\FNTCACHE.DAT -->01/05/2009 O44 - LFC:Last File Created - C:\WINDOWS\System32\html.iec -->08/03/2009 O44 - LFC:Last File Created - C:\WINDOWS\System32\icardie.dll -->08/03/2009 O44 - LFC:Last File Created - C:\WINDOWS\System32\ie4uinit.exe -->08/03/2009 O44 - LFC:Last File Created - C:\WINDOWS\System32\ieakeng.dll -->08/03/2009 O44 - LFC:Last File Created - C:\WINDOWS\System32\ieaksie.dll -->08/03/2009 O44 - LFC:Last File Created - C:\WINDOWS\System32\ieakui.dll -->08/03/2009 O44 - LFC:Last File Created - C:\WINDOWS\System32\ieapfltr.dll -->08/03/2009 O44 - LFC:Last File Created - C:\WINDOWS\System32\iedkcs32.dll -->08/03/2009 O44 - LFC:Last File Created - C:\WINDOWS\System32\iepeers.dll -->08/03/2009 O44 - LFC:Last File Created - C:\WINDOWS\System32\iernonce.dll -->08/03/2009 O44 - LFC:Last File Created - C:\WINDOWS\System32\iesetup.dll -->08/03/2009 O44 - LFC:Last File Created - C:\WINDOWS\System32\ieudinit.exe -->08/03/2009 O44 - LFC:Last File Created - C:\WINDOWS\System32\ieuinit.inf -->08/03/2009 O44 - LFC:Last File Created - C:\WINDOWS\System32\imgutil.dll -->08/03/2009 O44 - LFC:Last File Created - C:\WINDOWS\System32\inetcpl.cpl -->08/03/2009 O44 - LFC:Last File Created - C:\WINDOWS\System32\inseng.dll -->08/03/2009 O44 - LFC:Last File Created - C:\WINDOWS\System32\java.exe -->27/03/2009 O44 - LFC:Last File Created - C:\WINDOWS\System32\javacpl.cpl -->27/03/2009 O44 - LFC:Last File Created - C:\WINDOWS\System32\javaw.exe -->27/03/2009 O44 - LFC:Last File Created - C:\WINDOWS\System32\javaws.exe -->27/03/2009 O44 - LFC:Last File Created - C:\WINDOWS\System32\jscript.dll -->08/03/2009 O44 - LFC:Last File Created - C:\WINDOWS\System32\jsproxy.dll -->08/03/2009 O44 - LFC:Last File Created - C:\WINDOWS\System32\kernel32.dll -->21/03/2009 O44 - LFC:Last File Created - C:\WINDOWS\System32\LegitCheckControl.dll -->10/03/2009 O44 - LFC:Last File Created - C:\WINDOWS\System32\licmgr10.dll -->08/03/2009 O44 - LFC:Last File Created - C:\WINDOWS\System32\lsasrv.dll -->09/02/2009 O44 - LFC:Last File Created - C:\WINDOWS\System32\MRT.exe -->06/04/2009 O44 - LFC:Last File Created - C:\WINDOWS\System32\msfeeds.dll -->08/03/2009 O44 - LFC:Last File Created - C:\WINDOWS\System32\msfeedsbs.dll -->08/03/2009 O44 - LFC:Last File Created - C:\WINDOWS\System32\mshta.exe -->08/03/2009 O44 - LFC:Last File Created - C:\WINDOWS\System32\mshtml.dll -->08/03/2009 O44 - LFC:Last File Created - C:\WINDOWS\System32\mshtml.tlb -->08/03/2009 O44 - LFC:Last File Created - C:\WINDOWS\System32\mshtmled.dll -->08/03/2009 O44 - LFC:Last File Created - C:\WINDOWS\System32\mshtmler.dll -->08/03/2009 O44 - LFC:Last File Created - C:\WINDOWS\System32\msls31.dll -->08/03/2009 O44 - LFC:Last File Created - C:\WINDOWS\System32\msrating.dll -->08/03/2009 O44 - LFC:Last File Created - C:\WINDOWS\System32\mstime.dll -->08/03/2009 O44 - LFC:Last File Created - C:\WINDOWS\System32\nscompat.tlb -->21/02/2009 O44 - LFC:Last File Created - C:\WINDOWS\System32\ntdll.dll -->09/02/2009 O44 - LFC:Last File Created - C:\WINDOWS\System32\ntkrnlpa.exe -->10/02/2009 O44 - LFC:Last File Created - C:\WINDOWS\System32\ntoskrnl.exe -->09/02/2009 O44 - LFC:Last File Created - C:\WINDOWS\System32\occache.dll -->08/03/2009 O44 - LFC:Last File Created - C:\WINDOWS\System32\pdh.dll -->06/03/2009 O44 - LFC:Last File Created - C:\WINDOWS\System32\perfc009.dat -->14/04/2009 O44 - LFC:Last File Created - C:\WINDOWS\System32\perfc00C.dat -->14/04/2009 O44 - LFC:Last File Created - C:\WINDOWS\System32\perfh009.dat -->14/04/2009 O44 - LFC:Last File Created - C:\WINDOWS\System32\perfh00C.dat -->14/04/2009 O44 - LFC:Last File Created - C:\WINDOWS\System32\PerfStringBackup.INI -->14/04/2009 O44 - LFC:Last File Created - C:\WINDOWS\System32\pngfilt.dll -->08/03/2009 O44 - LFC:Last File Created - C:\WINDOWS\System32\rpcss.dll -->09/02/2009 O44 - LFC:Last File Created - C:\WINDOWS\System32\sc.exe -->06/02/2009 O44 - LFC:Last File Created - C:\WINDOWS\System32\secur32.dll -->03/02/2009 O44 - LFC:Last File Created - C:\WINDOWS\System32\services.exe -->09/02/2009 O44 - LFC:Last File Created - C:\WINDOWS\System32\spdwnwxp.log -->21/02/2009 O44 - LFC:Last File Created - C:\WINDOWS\System32\spupdwxp.log -->21/02/2009 O44 - LFC:Last File Created - C:\WINDOWS\System32\tdc.ocx -->08/03/2009 O44 - LFC:Last File Created - C:\WINDOWS\System32\tmp.reg -->19/04/2009 O44 - LFC:Last File Created - C:\WINDOWS\System32\tmp.txt -->19/04/2009 O44 - LFC:Last File Created - C:\WINDOWS\System32\url.dll -->08/03/2009 O44 - LFC:Last File Created - C:\WINDOWS\System32\urlmon.dll -->08/03/2009 O44 - LFC:Last File Created - C:\WINDOWS\System32\vbscript.dll -->08/03/2009 O44 - LFC:Last File Created - C:\WINDOWS\System32\webcheck.dll -->08/03/2009 O44 - LFC:Last File Created - C:\WINDOWS\System32\WgaLogon.dll -->10/03/2009 O44 - LFC:Last File Created - C:\WINDOWS\System32\WgaTray.exe -->10/03/2009 O44 - LFC:Last File Created - C:\WINDOWS\System32\win32k.sys -->09/02/2009 O44 - LFC:Last File Created - C:\WINDOWS\System32\wininet.dll -->08/03/2009 O44 - LFC:Last File Created - C:\WINDOWS\System32\wpa.dbl -->02/05/2009 O44 - LFC:Last File Created - C:\WINDOWS\System32\drivers\klbg.sys -->01/05/2009 O44 - LFC:Last File Created - C:\WINDOWS\System32\drivers\klick.dat -->01/05/2009 O44 - LFC:Last File Created - C:\WINDOWS\System32\drivers\klif.sys -->01/05/2009 O44 - LFC:Last File Created - C:\WINDOWS\System32\drivers\klin.dat -->01/05/2009 ---\\ Derniers fichiers créés dans Windows Prefetcher (O45) O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\ACRORD32INFO.EXE-242CE4AA.pf -->02/05/2009 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\ADDALIAS.EXE-2A3E9C61.pf -->02/05/2009 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\ALG.EXE-0F138680.pf -->01/05/2009 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\AU_.EXE-05904C56.pf -->02/05/2009 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\AVP.EXE-0FFFF63A.pf -->01/05/2009 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\CLEANAPI.EXE-0217D90D.pf -->01/05/2009 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\CMD.EXE-087B4001.pf -->02/05/2009 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\CONTROL.EXE-013DBFB5.pf -->01/05/2009 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\CTFMON.EXE-0E17969B.pf -->02/05/2009 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\DRVINS32.EXE-016B15E3.pf -->01/05/2009 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\DRVINS32.EXE-03445690.pf -->01/05/2009 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\DUMPREP.EXE-1B46F901.pf -->02/05/2009 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\DWWIN.EXE-30875ADC.pf -->02/05/2009 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\EXPLORER.EXE-082F38A9.pf -->02/05/2009 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\EXPORTCONTROLLER.EXE-0303443A.pf -->01/05/2009 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\FIREFOX.EXE-28641590.pf -->02/05/2009 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\GRPCONV.EXE-111CD845.pf -->01/05/2009 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\IEXPLORE.EXE-27122324.pf -->02/05/2009 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\IMAPI.EXE-0BF740A4.pf -->02/05/2009 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\JAVAW.EXE-2DC32ABC.pf -->02/05/2009 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\JQSNOTIFY.EXE-24AE4A36.pf -->02/05/2009 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\KIS8.0.0.506EN.EXE-10C3D778.pf -->01/05/2009 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\KMDUTIL.EXE-07E1B489.pf -->02/05/2009 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\KMDUTIL.EXE-1AD356F3.pf -->02/05/2009 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\Layout.ini -->30/04/2009 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\LOGONUI.EXE-0AF22957.pf -->02/05/2009 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\MINIREG.EXE-2E23FB19.pf -->02/05/2009 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\MPCMDRUN.EXE-1F9D1CA1.pf -->01/05/2009 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\MSASCUI.EXE-08BEC8D8.pf -->01/05/2009 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\MSIEXEC.EXE-2F8A8CAE.pf -->01/05/2009 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\NETCFG.EXE-2A9A7F47.pf -->01/05/2009 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\NOTEPAD.EXE-336351A9.pf -->02/05/2009 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\NTOSBOOT-B00DFAAD.pf -->02/05/2009 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\REGEDIT.EXE-1B606482.pf -->01/05/2009 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-1357CA32.pf -->02/05/2009 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-13F58E5F.pf -->01/05/2009 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-14FC201E.pf -->02/05/2009 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-1831A4F3.pf -->01/05/2009 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-1F20A0D1.pf -->02/05/2009 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-21F72C99.pf -->02/05/2009 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-268BFF96.pf -->01/05/2009 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-2BF3472E.pf -->02/05/2009 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-34235251.pf -->02/05/2009 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-36E45F69.pf -->01/05/2009 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-4489B61B.pf -->02/05/2009 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-4991DDE7.pf -->01/05/2009 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNDLL32.EXE-4B06AD8F.pf -->02/05/2009 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\RUNONCE.EXE-2803F297.pf -->02/05/2009 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SET1.TMP-2DF8BCA6.pf -->01/05/2009 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SET7.TMP-29F99857.pf -->02/05/2009 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SETUP.EXE-1559BD66.pf -->01/05/2009 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SHOCKWAVE_INSTALLER_FULL_V115-14D5E620.pf -->02/05/2009 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\START.EXE-1939DA06.pf -->02/05/2009 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SVCHOST.EXE-3530F672.pf -->01/05/2009 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SWHELPER_1150595.EXE-055884D9.pf -->02/05/2009 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SWHELPER_1150596.EXE-03894912.pf -->02/05/2009 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\SW_UNINSTALLER.EXE-31C991F1.pf -->02/05/2009 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\TASKMANAGER.EXE-151AA219.pf -->01/05/2009 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\UNINS000.EXE-00890270.pf -->01/05/2009 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\UNINS000.EXE-260D7493.pf -->01/05/2009 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\UNINS000.EXE-2C5A1E10.pf -->01/05/2009 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\UNINST.EXE-0A20C808.pf -->02/05/2009 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\UNINSTALLER.EXE-02C496B5.pf -->02/05/2009 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\USERINIT.EXE-30B18140.pf -->02/05/2009 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\VERCLSID.EXE-3667BD89.pf -->02/05/2009 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\WGATRAY.EXE-0ED38BED.pf -->02/05/2009 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\WMIAPSRV.EXE-1E2270A5.pf -->01/05/2009 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\WMIPRVSE.EXE-28F301A9.pf -->02/05/2009 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\WSCNTFY.EXE-1B24F5EB.pf -->02/05/2009 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\WUAUCLT.EXE-399A8E72.pf -->02/05/2009 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\ZHP2.EXE-3374FBD7.pf -->02/05/2009 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\ZHPDIAG.EXE-0180118E.pf -->02/05/2009 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\ZHPL 2.33.8.EXE-2C3F8446.pf -->02/05/2009 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\ZHPL 2.33.8.TMP-2F2FF871.pf -->02/05/2009 O45 - LFCP:Last File Created Prefetch - C:\WINDOWS\Prefetch\_IU14D2N.TMP-065EAFFD.pf -->01/05/2009 ---\\ Opérations et fonctions au démarrage de Windows Explorer (O46) O46 - SEH:ShellExecuteHooks - URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll O46 - SEH:ShellExecuteHooks - (no name) - {4F07DA45-8170-4859-9B5F-037EF2970034} - shell32.dll ---\\ Export de clé d'application autorisée (ECAA)(O47) O47 - AAKE:Key Export - "C:\WINDOWS\system32\sessmgr.exe"="C:\WINDOWS\system32\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019" O47 - AAKE:Key Export - "C:\WINDOWS\Network Diagnostic\xpnetdiag.exe"="C:\WINDOWS\Network Diagnostic\xpnetdiag.exe:*:Disabled:@xpsp3res.dll,-20000" O47 - AAKE:Key Export - "C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Disabled:Windows Messenger" O47 - AAKE:Key Export - "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" O47 - AAKE:Key Export - "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" O47 - AAKE:Key Export - "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" O47 - AAKE:Key Export - "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" ---\\ Déni du service (Local Security Authority) (LSA) (O48) O48 - LSA:Local Security Authority Authentication Packages - C:\WINDOWS\System32\msv1_0.dll O48 - LSA:Local Security Authority Notification Packages - ---\\ Contrôle du Safe Boot (CSB) (O49) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmboot.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmio.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmload.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sr.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmboot.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmio.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmload.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ip6fw.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpcdd.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpdd.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpwd.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sr.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\tdpipe.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\tdtcp.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\dmboot.sys O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\dmio.sys O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\dmload.sys O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\sermouse.sys O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\sr.sys O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\vga.sys O49 - CSB:Control Safe Boot HKLM\...\CS1\Minimal\vgasave.sys O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\dmboot.sys O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\dmio.sys O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\dmload.sys O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\ip6fw.sys O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\ipnat.sys O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\rdpcdd.sys O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\rdpdd.sys O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\rdpwd.sys O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\sermouse.sys O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\sr.sys O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\tdpipe.sys O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\tdtcp.sys O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\vga.sys O49 - CSB:Control Safe Boot HKLM\...\CS1\Network\vgasave.sys O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\dmboot.sys O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\dmio.sys O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\dmload.sys O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\sermouse.sys O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\sr.sys O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\vga.sys O49 - CSB:Control Safe Boot HKLM\...\CS2\Minimal\vgasave.sys O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\dmboot.sys O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\dmio.sys O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\dmload.sys O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\ip6fw.sys O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\ipnat.sys O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\rdpcdd.sys O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\rdpdd.sys O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\rdpwd.sys O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\sermouse.sys O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\sr.sys O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\tdpipe.sys O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\tdtcp.sys O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\vga.sys O49 - CSB:Control Safe Boot HKLM\...\CS2\Network\vgasave.sys ---\\ Image File Execution Options (IFEO) (O50) O50 - IEFO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d ---\\ Trojan Driver Search Data (TDSD) (O52) O52 - TDSD:HKLM\...\Drivers\"timer"="timer.drv" O52 - TDSD:HKLM\...\Drivers32\"midimapper"="midimap.dll" O52 - TDSD:HKLM\...\Drivers32\"msacm.imaadpcm"="imaadp32.acm" O52 - TDSD:HKLM\...\Drivers32\"msacm.msadpcm"="msadp32.acm" O52 - TDSD:HKLM\...\Drivers32\"msacm.msg711"="msg711.acm" O52 - TDSD:HKLM\...\Drivers32\"msacm.msgsm610"="msgsm32.acm" O52 - TDSD:HKLM\...\Drivers32\"msacm.trspch"="tssoft32.acm" O52 - TDSD:HKLM\...\Drivers32\"vidc.cvid"="iccvid.dll" O52 - TDSD:HKLM\...\Drivers32\"vidc.I420"="msh263.drv" O52 - TDSD:HKLM\...\Drivers32\"vidc.iv31"="ir32_32.dll" O52 - TDSD:HKLM\...\Drivers32\"vidc.iv32"="ir32_32.dll" O52 - TDSD:HKLM\...\Drivers32\"vidc.iv41"="ir41_32.ax" O52 - TDSD:HKLM\...\Drivers32\"vidc.iyuv"="iyuv_32.dll" O52 - TDSD:HKLM\...\Drivers32\"vidc.mrle"="msrle32.dll" O52 - TDSD:HKLM\...\Drivers32\"vidc.msvc"="msvidc32.dll" O52 - TDSD:HKLM\...\Drivers32\"vidc.uyvy"="msyuv.dll" O52 - TDSD:HKLM\...\Drivers32\"vidc.yuy2"="msyuv.dll" O52 - TDSD:HKLM\...\Drivers32\"vidc.yvu9"="tsbyuv.dll" O52 - TDSD:HKLM\...\Drivers32\"vidc.yvyu"="msyuv.dll" O52 - TDSD:HKLM\...\Drivers32\"wavemapper"="msacm32.drv" O52 - TDSD:HKLM\...\Drivers32\"wave"="wdmaud.drv" O52 - TDSD:HKLM\...\Drivers32\"midi"="wdmaud.drv" O52 - TDSD:HKLM\...\Drivers32\"mixer"="wdmaud.drv" O52 - TDSD:HKLM\...\Drivers32\"aux"="wdmaud.drv" O52 - TDSD:HKLM\...\Drivers32\"msacm.msg723"="msg723.acm" O52 - TDSD:HKLM\...\Drivers32\"vidc.M263"="msh263.drv" O52 - TDSD:HKLM\...\Drivers32\"vidc.M261"="msh261.drv" O52 - TDSD:HKLM\...\Drivers32\"msacm.msaudio1"="msaud32.acm" O52 - TDSD:HKLM\...\Drivers32\"msacm.iac2"="C:\WINDOWS\System32\iac25_32.ax" O52 - TDSD:HKLM\...\Drivers32\"vidc.iv50"="ir50_32.dll" O52 - TDSD:HKLM\...\Drivers32\"msacm.l3acm"="C:\WINDOWS\System32\l3codeca.acm" O52 - TDSD:HKLM\...\Drivers32\"wave1"="wdmaud.drv" O52 - TDSD:HKLM\...\Drivers32\"midi1"="wdmaud.drv" O52 - TDSD:HKLM\...\Drivers32\"mixer1"="wdmaud.drv" O52 - TDSD:HKLM\...\Drivers32\"aux1"="wdmaud.drv" O52 - TDSD:HKLM\...\Drivers32\"msacm.sl_anet"="sl_anet.acm" O52 - TDSD:HKLM\...\Drivers32\"VIDC.MP42"="mpg4c32.dll" O52 - TDSD:HKLM\...\Drivers32\"VIDC.MPG4"="mpg4c32.dll" ---\\ Microsoft Control Security Providers (MCSP) (O54) O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - "SecurityProviders"=msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll, O54 - MCSP:[HKLM\...\ControlSet001\Control] - "SecurityProviders"=msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll, ---\\ Microsoft Windows Policies System (MWPS) (O55) O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0 O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"= O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"= O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "HideLegacyLogonScripts"=0 O55 - MWPS:[HKLM\...\Policies\System] - "HideLogoffScripts"=0 O55 - MWPS:[HKLM\...\Policies\System] - "RunLogonScriptSync"=1 O55 - MWPS:[HKLM\...\Policies\System] - "RunStartupScriptSync"=0 O55 - MWPS:[HKLM\...\Policies\System] - "HideStartupScripts"=0 ---\\ Microsoft Windows Policies Explorer (MWPE) (O56) O56 - MWPE:[HKCU\...\Policies\Explorer] - "NoDriveTypeAutoRun"=145 O56 - MWPE:[HKLM\...\Policies\Explorer] - "NoDriveAutoRun"=67108863 O56 - MWPE:[HKLM\...\Policies\Explorer] - "NoDriveTypeAutoRun"=255 O56 - MWPE:[HKLM\...\Policies\Explorer] - "HonorAutoRunSetting"=1 <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< Merci de m'aider, A+
×
×
  • Créer...