Infection virus trojan:win32/sirefef

Bonjour,
je suis infecter par trojan win32/sirefef.
j'ai effectué un diag avec zhp diag dont voici le rapport pouvez vous m'aider svp;merci
Rapport de ZHPDiag v1.3.5.16 par Nicolas Coolman, Update du 04/02/2013
Run by seb et audrey at 07/02/2013 20:20:58
State : Version à jour.
UAC : Deactivate by program


---\\ Web Browser
MSIE: Internet Explorer v9.0.8112.16421
MFIE: Mozilla Firefox 17.0.1 v17.0.1 (Defaut)
GCIE: Google Chrome v24.0.1312.57

---\\ Windows Product Information
~ Langage: Français
Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
~ Windows(R) 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : 8TFF7
Windows License : OK
~ Windows Remaining Initializations Number : 3
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ System Information
~ Processor: Intel64 Family 6 Model 42 Stepping 7, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 6121 MB (71% free)
System Restore: Activé (Enable)
System drive C: has 1259 GB (69%) free of 1812 GB

---\\ Logged in mode
~ Computer Name: SEBETAUDREY-PC
~ User Name: seb et audrey
~ All Users Names: seb et audrey, Mcx1-SEBETAUDREY-PC, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator

---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Users\seb et audrey\AppData\Roaming\
~ %Desktop% : C:\Users\seb et audrey\Desktop\
~ %Favorites% : C:\Users\seb et audrey\Favorites\
~ %LocalAppData% : C:\Users\seb et audrey\AppData\Local\
~ %StartMenu% : C:\Users\seb et audrey\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 1259 Go of 1812 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 31 Go of 50 Go)
E:\ CD-ROM drive (Not Inserted)
G:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
H:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
Q:\ Hard drive, Flash drive, Thumb drive (Free 0 Go of 0 Go)



---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK
~ Scan Security Center in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 07:19:30.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.5121DB613E10A46A3C5085B479026AA7] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.14/11/2012 - 07:04:11.) -- C:\Windows\System32\wininet.dll [1392128]
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.21/11/2010 - 04:24:29.) -- C:\Windows\System32\Winlogon.exe [390656]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.21/11/2010 - 04:24:16.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.1C7857B62DE5994A75B054A9FD4C3825] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28/12/2011 - 04:59:24.) -- C:\Windows\system32\Drivers\AFD.sys [498688]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.21/11/2010 - 04:23:47.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.21/11/2010 - 04:24:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.21/11/2010 - 04:23:47.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.21/11/2010 - 04:23:51.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.E453ACF4E7D44E5530B5D5F2B9CA8563] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.31/08/2012 - 19:19:35.) -- C:\Windows\system32\Drivers\ntfs.sys [1659760]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.21/11/2010 - 04:24:33.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.21/11/2010 - 04:24:32.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.21/11/2010 - 04:23:47.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Scan Generic Processes in 00mn 00s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/54756
~ Mes musiques (My Musics) : 1/6798
~ Mes Videos (My Videos) : 1/2
~ Mes Favoris (My Favorites) : 1/99
~ Mes Documents (My Documents) : 1/2270
~ Mon Bureau (My Desktop) : 1/3299
~ Menu demarrer (Programs) : 1/29
~ Scan Hidden Files in 00mn 42s



---\\ Processus lancés
[MD5.14C816EE3C5A7D5DFF860274475778D9] - (...) -- C:\Users\seb et audrey\AppData\Roaming\Hecura\alty.exe [348488] [PID.1708]
[MD5.B159B1EBFB11934637E0EE811533499C] - (.Pas de propriétaire - DPCSB.) -- C:\Users\seb et audrey\AppData\Local\Temp\Trojan.exe [200704] [PID.1716]
[MD5.A9D4EF29AD32FB33AF9F863F2CAD276D] - (.Adobe Systems, Inc. - Adobe Bridge CS5.) -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe [11989960] [PID.1704]
[MD5.E8C05E2B72CA54E184CC7A553211F121] - (...) -- C:\Users\seb et audrey\tibealubceap.exe [35768] [PID.1036]
[MD5.D5D8A5E87D3C32C516E5B5E2BA5B0DBF] - (.TomTom - System Tray application for TomTom HOME.) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [247768] [PID.1876]
[MD5.2718DC27571BD1E37813F5759D2DC118] - (.Kaspersky Lab ZAO - Kaspersky Anti-Virus.) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe [202296] [PID.1128]
[MD5.AEB703EBF596A48F3FE707AEB7FD4902] - (...) -- c:\users\seb et audrey\appdata\local\temp\dat6633.tmp.exe [53248] [PID.2300]
[MD5.6326EE5DAC329BEF00D838A8995B62C8] - (.Motorola - Motorola Phone Service Application.) -- C:\Program Files (x86)\Motorola\MotoConnectService\MotoConnect.exe [279360] [PID.2032]
[MD5.F577910A133A592234EBAAD3F3AFA258] - (.Adobe Systems Incorporated - SwitchBoard Server (32 bit).) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096] [PID.5036]
[MD5.5D673EBF455EFA227C66EA0D8CE33B52] - (.Adobe Systems Incorporated - Adobe® Flash® Player Installer/Uninstaller.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_5_502_146_ActiveX.exe [699400] [PID.5356]
[MD5.927DC83A2FB5897DE3DDD54DF604EA00] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [5649408] [PID.4312]
[MD5.62B7936F9036DD6ED36E6A7EFA805DC0] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [63928] [PID.1796]
[MD5.A5299D04ED225D64CF07A568A3E1BF8C] - (.Apple Inc. - MobileDeviceService.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [55184] [PID.1988]
[MD5.BE72F68C3E898C6C7DD61AFDF28769DD] - (...) -- C:\Program Files (x86)\Motorola\MotoConnectService\MotoConnectService.exe [91456] [PID.2844]
[MD5.2AAE889742376EDC5C3203DFB74F28FD] - (.Nero AG - Nero BackItUp.) -- C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe [877864] [PID.2872]
[MD5.875E4E0661F3A5994DF9E5E3A0A4F96B] - (.Prolific Technology Inc. - PLFlash DeviceIoControl Service.) -- C:\Windows\SysWOW64\IoctlSvc.exe [81920] [PID.2952]
[MD5.E2E47486F9D39145DAEA03D007587A02] - (.Tanuki Software, Ltd. - Java Service Wrapper Community Edition 3.5..) -- C:\Program Files (x86)\PS3 Media Server\win32\service\wrapper.exe [366872] [PID.2976]
[MD5.A6A7AD767BF5141665F5C675F671B3E1] - (.Protexis Inc. - PsiService PsiService.) -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [185632] [PID.3020]
[MD5.078C041AC65593A812F5B2A10F53C4E8] - (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Windows\SysWOW64\java.exe [173960] [PID.2380]
[MD5.C3CDDD18F43D44AB713CF8C4916F7696] - (.Microsoft Corporation - Microsoft Application Virtualization Virtua.) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [219496] [PID.2496]
[MD5.388AE59FE75F1B959DFA0900923C61BB] - (.Skype Technologies S.A. - Skype C2C Service.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3064000] [PID.2940]
[MD5.F620772888B6E3EDEF5C3E71E3D447F0] - (.TomTom - Windows Service for TomTom HOME.) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe [92632] [PID.3192]
[MD5.13693B6354DD6E72DC5131DA7D764B90] - (.Microsoft Corporation - Microsoft Application Virtualization Client.) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [508776] [PID.3420]
[MD5.72794D112CBAFF3BC0C29BF7350D4741] - (.Microsoft Corporation - Microsoft Office Client Virtualization Serv.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.exe [822624] [PID.3964]
[MD5.D41861E56E7552C13674D7F147A02464] - (.Intel Corporation - IAStorDataSvc.) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [13592] [PID.844]
[MD5.1584DEEAE5AA0E3FB045F3D0EAC585EA] - (.Intel Corporation - Local Manageability Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [326168] [PID.4352]
[MD5.1BBBF640BC0E0B750537BAECE8D66C18] - (.Nero AG - NeroUpdate.) -- C:\Program Files (x86)\Nero\Update\NASvc.exe [641832] [PID.4924]
[MD5.FC43877B4625F6EB773C98233EB625C5] - (.Intel Corporation - User Notification Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2656280] [PID.5516]
~ Scan Processes Running in 00mn 00s



---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\seb et audrey\AppData\Local\Google\Chrome\User Data\Default\Preferences
G0 - GCSP: Preference [User Data\Default][HomePage] https://www.google.com/?gws_rd=ssl
G1 - GCS: Preference [User Data\Default] None
~ Scan Google Browser in 00mn 00s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\seb et audrey\AppData\Roaming\Mozilla\Firefox\Profiles\0\prefs.js
C:\Users\seb et audrey\AppData\Roaming\Mozilla\Firefox\Profiles\gtxexjap.default\prefs.js
M3 - MFPP: Plugins - [seb et audrey] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\amazon-france.xml
M3 - MFPP: Plugins - [seb et audrey] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\bing.xml
M3 - MFPP: Plugins - [seb et audrey] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml
M3 - MFPP: Plugins - [seb et audrey] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\eBay-france.xml
M3 - MFPP: Plugins - [seb et audrey] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\google.xml
M3 - MFPP: Plugins - [seb et audrey] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\wikipedia-fr.xml
M3 - MFPP: Plugins - [seb et audrey] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\yahoo-france.xml
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_146.dll
P2 - FPN: [HKLM] [@java.com/JavaPlugin] - (.Oracle Corporation - Next Generation Java Plug-in 10.2.0 for Mozilla browsers.) -- C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll
~ Scan Firefox Browser in 00mn 00s



---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.microsoft.com/fr-fr/
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?gws_rd=ssl
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.google.com/?gws_rd=ssl
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R3 - URLSearchHook: (no name) [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (9.00.8112.16421 (WIN7_IE9_RTM.110308-0330)) -- C:\Windows\SysWOW64\ieframe.dll
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1
R4 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1
~ Scan IE Browser in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Scan Proxy management in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Scan Keys in 00mn 00s



---\\ Redirection du fichier Hosts (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Scan Hosts File in 00mn 00s
~ Nombre de lignes (Lines number): 33



---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: AcroIEHelperStub [64Bits] - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Bubble Dock SurfMatch [64Bits] - {23AF19F7-1D5B-442c-B14C-3D1081953C94} . (...) -- C:\Program Files (x86)\Nosibay\Bubble Dock\extensions\axSurfMatch.dll (.not file.)
O2 - BHO: IEVkbdBHO [64Bits] - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} . (.Kaspersky Lab ZAO - IE Virtual Keyboard.) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll
O2 - BHO: Windows Live ID Sign-in Helper [64Bits] - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper [64Bits] - {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. - Google Toolbar.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO [64Bits] - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} . (.Skype Technologies S.A. - Skype Click to Call for Internet Explorer.) -- C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper [64Bits] - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: link filter bho [64Bits] - {E33CF602-D945-461A-83F0-819F76A199F8} . (.Kaspersky Lab ZAO - WebToolBar component.) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll
~ Scan BHO in 00mn 00s



---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: Google Toolbar [64Bits] - [HKLM]{2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
~ Scan Toolbar in 00mn 00s



---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKCU\..\Run: [Windows Update Server] . (...) -- C:\Users\seb et audrey\2376b5a3-5930.exe
O4 - HKCU\..\Run: [Yzyph] . (...) -- C:\Users\seb et audrey\AppData\Roaming\Hecura\alty.exe
O4 - HKCU\..\Run: [5cd8f17f4086744065eb0992a09e05a2] . (.Pas de propriétaire - DPCSB.) -- C:\Users\seb et audrey\AppData\Local\Temp\Trojan.exe
O4 - HKCU\..\Run: [AdobeBridge] . (.Adobe Systems, Inc. - Adobe Bridge CS5.) -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe
O4 - HKCU\..\Run: [DAT6633.tmp.exe] . (...) -- C:\Users\seb et audrey\AppData\Local\Temp\DAT6633.tmp.exe
O4 - HKCU\..\Run: [tibealubceap] . (...) -- C:\Users\seb et audrey\tibealubceap.exe
O4 - HKCU\..\Run: [Regedit32] C:\Windows\system32\regedit.exe (.not file.)
O4 - HKCU\..\Run: [TomTomHOME.exe] . (.TomTom - System Tray application for TomTom HOME.) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
O4 - HKLM\..\Wow6432Node\Run: [AVP] . (.Kaspersky Lab ZAO - Kaspersky Anti-Virus.) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-21-3777196682-1827461148-3297170606-1000\..\Run: [Windows Update Server] . (...) -- C:\Users\seb et audrey\2376b5a3-5930.exe
O4 - HKUS\S-1-5-21-3777196682-1827461148-3297170606-1000\..\Run: [Yzyph] . (...) -- C:\Users\seb et audrey\AppData\Roaming\Hecura\alty.exe
O4 - HKUS\S-1-5-21-3777196682-1827461148-3297170606-1000\..\Run: [5cd8f17f4086744065eb0992a09e05a2] . (.Pas de propriétaire - DPCSB.) -- C:\Users\seb et audrey\AppData\Local\Temp\Trojan.exe
O4 - HKUS\S-1-5-21-3777196682-1827461148-3297170606-1000\..\Run: [AdobeBridge] . (.Adobe Systems, Inc. - Adobe Bridge CS5.) -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe
O4 - HKUS\S-1-5-21-3777196682-1827461148-3297170606-1000\..\Run: [DAT6633.tmp.exe] . (...) -- C:\Users\seb et audrey\AppData\Local\Temp\DAT6633.tmp.exe
O4 - HKUS\S-1-5-21-3777196682-1827461148-3297170606-1000\..\Run: [tibealubceap] . (...) -- C:\Users\seb et audrey\tibealubceap.exe
O4 - HKUS\S-1-5-21-3777196682-1827461148-3297170606-1000\..\Run: [Regedit32] C:\Windows\system32\regedit.exe (.not file.)
O4 - HKUS\S-1-5-21-3777196682-1827461148-3297170606-1000\..\Run: [TomTomHOME.exe] . (.TomTom - System Tray application for TomTom HOME.) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
~ Scan Application in 00mn 00s



---\\ Autres liens utilisateurs (O4)
O4 - Global Startup: C:\Users\seb et audrey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\seb et audrey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\seb et audrey\Desktop\Continue PDF Creator Installation.lnk . (...) -- C:\Users\seb et audrey\AppData\Local\Temp\ICReinstall_PDFCreatorSetup.exe
O4 - Global Startup: C:\Users\seb et audrey\Desktop\Dofus2.lnk . (...) -- C:\Program Files (x86)\Dofus2\app\UpLauncher.exe
O4 - Global Startup: C:\Users\seb et audrey\Desktop\EcoLotofoot Shareware.lnk . (...) -- C:\Program Files (x86)\EcoLotofootSha\eclotofoot.exe
O4 - Global Startup: C:\Users\seb et audrey\Desktop\monAlbumPhoto.lnk . (.monAlbumPhoto.) -- C:\Program Files (x86)\monAlbumPhoto\monAlbumphoto.exe
O4 - Global Startup: C:\Users\seb et audrey\Desktop\PhotoFiltre.lnk . (.Antonio Da Cruz.) -- C:\Program Files (x86)\PhotoFiltre\PhotoFiltre.exe
O4 - Global Startup: C:\Users\seb et audrey\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk . (.Google Inc..) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - Global Startup: C:\Users\seb et audrey\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\IsoBuster.lnk . (.Smart Projects.) -- C:\Program Files (x86)\Smart Projects\IsoBuster\IsoBuster.exe
O4 - Global Startup: C:\Users\seb et audrey\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\seb et audrey\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\monAlbumPhoto.lnk . (.monAlbumPhoto.) -- C:\Program Files (x86)\monAlbumPhoto\monAlbumphoto.exe
O4 - Global Startup: C:\Users\seb et audrey\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Nero Home.lnk . (.Nero AG.) -- C:\Program Files (x86)\Nero\Nero8\Nero Home\NeroHome.exe
O4 - Global Startup: C:\Users\seb et audrey\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Nero StartSmart.lnk . (.Nero AG.) -- C:\Program Files (x86)\Nero\Nero8\Nero StartSmart\NeroStartSmart.exe
O4 - Global Startup: C:\Users\seb et audrey\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Vuze.lnk . (.Vuze Inc..) -- C:\Program Files (x86)\Vuze\Azureus.exe
O4 - Global Startup: C:\Users\Mcx1-SEBETAUDREY-PC\Desktop\EcoLotofoot Shareware.lnk . (...) -- C:\Program Files (x86)\EcoLotofootSha\eclotofoot.exe
O4 - Global Startup: C:\Users\Mcx1-SEBETAUDREY-PC\Desktop\GCI Demo.lnk . (...) -- C:\Program Files (x86)\GCI Demo\fx_loader.exe
O4 - Global Startup: C:\Users\Mcx1-SEBETAUDREY-PC\Desktop\PhotoFiltre Studio X.lnk . (.Antonio Da Cruz.) -- C:\Program Files (x86)\PhotoFiltre Studio X\pfstudiox.exe
O4 - Global Startup: C:\Users\Mcx1-SEBETAUDREY-PC\Desktop\PhotoFiltre Studio.lnk . (.Antonio Da Cruz.) -- C:\Program Files (x86)\PhotoFiltre Studio\pf-studio.exe
O4 - Global Startup: C:\Users\Mcx1-SEBETAUDREY-PC\Desktop\PhotoFiltre.lnk . (.Antonio Da Cruz.) -- C:\Program Files (x86)\PhotoFiltre\PhotoFiltre.exe
O4 - Global Startup: C:\Users\Mcx1-SEBETAUDREY-PC\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk . (.Google Inc..) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
~ Scan Global Startup in 00mn 00s



---\\ Invisibilité de l'icône d'options IE dans le panneau de Configuration (O5)
O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no
~ Scan IE Control Panel in 00mn 00s



---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: eBay.fr [64Bits] - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} . (...) -- C:\Program Files\Internet Explorer\Custom\eBay.ico
O9 - Extra button: eBay.fr [64Bits] - {4248FE82-7FCB-46AC-B270-339F08212110} . (...) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\kbrd.ico
O9 - Extra button: eBay.fr [64Bits] - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} . (...) -- c:\program files (x86)\skype\toolbars\internet explorer x64\icon.ico
O9 - Extra button: eBay.fr [64Bits] - {CCF151D8-D089-449F-A5A4-D9909053F20F} . (...) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\logo.ico
~ Scan IE Extra Buttons in 00mn 00s



---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d'espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.dll
O10 - WLSP:\000000000008\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.dll
O10 - WLSP:\000000000009\Winsock LSP File . (.Apple Inc. - Bonjour Namespace Provider.) -- C:\Program Files (x86)\Bonjour\mdnsNSP.dll
~ Scan Winsock in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{70F5E551-7360-447F-A78D-F336459BC6D8}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{70F5E551-7360-447F-A78D-F336459BC6D8}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{70F5E551-7360-447F-A78D-F336459BC6D8}: DhcpNameServer = 192.168.1.1
~ Scan Domain in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: about [64Bits] - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Handler: cdl [64Bits] - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: dvd [64Bits] - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\msvidctl.dll
O18 - Handler: file [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: ftp [64Bits] - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: http [64Bits] - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: https [64Bits] - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll
O18 - Handler: javascript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Handler: livecall [64Bits] - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll
O18 - Handler: local [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: mailto [64Bits] - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Handler: mhtml [64Bits] - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\system32\inetcomm.dll
O18 - Handler: mk [64Bits] - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: ms-its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll
O18 - Handler: msnim [64Bits] - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll
O18 - Handler: res [64Bits] - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Handler: skype-ie-addon-data [64Bits] - {91774881-D725-4E58-B298-07617B9B86A8} . (.Skype Technologies S.A. - Skype Click to Call for Internet Explorer.) -- C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
O18 - Handler: skype4com [64Bits] - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} . (.Skype Technologies - Skype for COM API.) -- C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
O18 - Handler: tv [64Bits] - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\msvidctl.dll
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Handler: wlmailhtml [64Bits] - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} . (.Microsoft Corporation - Windows Live Mail.) -- C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation - Windows Live Album Download Protocol Handle.) -- C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter: application/octet-stream [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll
O18 - Filter: application/x-complus [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll
~ Scan Protocole Additionnel in 00mn 00s



---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: klogon . (.Kaspersky Lab ZAO - Logon Visualizer.) -- C:\Windows\System32\klogon.dll
~ Scan Winlogon in 00mn 00s



---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
~ Scan SSODL in 00mn 00s



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: (AMD External Events Utility) . (.AMD - AMD External Events Service Module.) - C:\Windows\System32\atiesrxx.exe
O23 - Service: Apple Mobile Device (Apple Mobile Device) . (.Apple Inc. - MobileDeviceService.) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Kaspersky Anti-Virus Service (AVP) . (.Kaspersky Lab ZAO - Kaspersky Anti-Virus.) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe
O23 - Service: Service Bonjour (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) . (.Intel Corporation - IAStorDataSvc.) - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) Management and Security Applica (LMS) . (.Intel Corporation - Local Manageability Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MemeoBackgroundService (MemeoBackgroundService) . (.Memeo - MemeoBackgroundService.) - C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe
O23 - Service: MotoConnect Service (MotoConnect Service) . (...) - C:\Program Files (x86)\Motorola\MotoConnectService\MotoConnectService.exe
O23 - Service: (NAUpdate) . (.Nero AG - NeroUpdate.) - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: Nero BackItUp Scheduler 3 (Nero BackItUp Scheduler 3) . (.Nero AG - Nero BackItUp.) - C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: PLFlash DeviceIoControl Service (PLFlash DeviceIoControl Service) . (.Prolific Technology Inc. - PLFlash DeviceIoControl Service.) - C:\Windows\SysWOW64\IoctlSvc.exe
O23 - Service: PS3 Media Server (PS3 Media Server) . (.Tanuki Software, Ltd. - Java Service Wrapper Community Edition 3.5..) - C:\Program Files (x86)\PS3 Media Server\win32\service\wrapper.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) . (.Protexis Inc. - PsiService PsiService.) - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Skype C2C Service (Skype C2C Service) . (.Skype Technologies S.A. - Skype C2C Service.) - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: TomTomHOMEService (TomTomHOMEService) . (.TomTom - Windows Service for TomTom HOME.) - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: Intel(R) Management and Security Applica (UNS) . (.Intel Corporation - User Notification Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
~ Scan Services in 00mn 04s



---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
~ Scan Desktop Component in 00mn 00s



---\\ BootExecute (O34)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
~ Scan Keys in 00mn 00s



---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Adobe Flash Player Updater.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[MD5.424877CB9D5517F980FF7BACA2EB379D] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
[MD5.5447AF432CDA61159ADDE218C468FFD9] [APT] [AdobeAAMUpdater-1.0-sebetaudrey-PC-seb et audrey] (.Adobe Systems Incorporated.) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
[MD5.00000000000000000000000000000000] [APT] [Scheduled Update for Ask Toolbar] (...) -- C:\Program Files (x86)\Ask.com\UpdateTask.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [{30937D6A-5D1D-4A36-8B75-E29DB8B1557E}] (...) -- G:\mpman-mpmanager.exe (.not file.)
[MD5.34EBD4FF6A24D86BB4716D6AFCC1A89B] [APT] [AppleSoftwareUpdate] (.Apple Inc..) -- C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe
~ Scan Scheduled Task in 00mn 03s



---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Microsoft Windows Media Player [64Bits] - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll
O40 - ASIC: Internet Explorer [64Bits] - >{26923b43-4d38-484f-9b9e-de460746276c} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: Browser Customizations [64Bits] - >{60B49E34-C7CC-11D0-8953-00A0C90347FF} . (.Microsoft Corporation - Personnalisation d'IEAK.) -- C:\Windows\System32\iedkcs32.dll
O40 - ASIC: Java (Sun) [64Bits] - {08B0E5C0-4FCB-11CF-AAA5-00401C608500} . (.Oracle Corporation - Java(TM) Deployment Library.) -- C:\Program Files\Java\jre7\bin\deploy.dll
O40 - ASIC: Microsoft Windows Media Player 12.0 [64Bits] - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\SysWOW64\wmpdxm.dll
O40 - ASIC: Themes Setup [64Bits] - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\Windows\System32\themeui.dll
O40 - ASIC: Microsoft Windows [64Bits] - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files (x86)\Windows Mail\WinMail.exe
O40 - ASIC: Browsing Enhancements [64Bits] - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\Windows\System32\msieftp.dll
O40 - ASIC: Microsoft Windows Media Player [64Bits] - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll
O40 - ASIC: Windows Desktop Update [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll
O40 - ASIC: Web Platform Customizations [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: (no name) [64Bits] - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\system32\mscories.dll
~ Scan Active Setup in 00mn 00s



---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: C:\Windows\System32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\system32\drivers\blbdrive.sys
O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys
O41 - Driver: C:\Windows\System32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: C:\Windows\System32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys
O41 - Driver: (kl2) . (.Kaspersky Lab ZAO - Kaspersky Unified Driver.) - C:\Windows\System32\DRIVERS\kl2.sys
O41 - Driver: (KLIF) . (.Kaspersky Lab - Klif Mini-Filter [fre_wlh_AMD64].) - C:\Windows\System32\DRIVERS\klif.sys
O41 - Driver: (KLIM6) . (.Kaspersky Lab ZAO - Kaspersky Lab Intermediate Network Driver.) - C:\Windows\System32\DRIVERS\klim6.sys
O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\drivers\mssmbios.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: C:\Windows\System32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: C:\Windows\System32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\System32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys
O41 - Driver: C:\Windows\System32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: C:\Windows\System32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
O41 - Driver: C:\Windows\System32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys
O41 - Driver: C:\Windows\System32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\System32\drivers\rdprefmp.sys
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\system32\drivers\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver: (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\Windows\System32\DRIVERS\vwififlt.sys
O41 - Driver: C:\Windows\System32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys
O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\System32\DRIVERS\wfplwf.sys
~ Scan Drivers in 00mn 00s



---\\ Logiciels installés (O42)
O42 - Logiciel: AMD APP SDK Runtime - (.Advanced Micro Devices Inc..) [HKLM][64Bits] -- {503F672D-6C84-448A-8F8F-4BC35AC83441}
O42 - Logiciel: AMD AVIVO64 Codecs - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {CE4F2C90-62B4-8820-96A1-B23B1B3050CE}
O42 - Logiciel: AMD Catalyst Install Manager - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {2F949F9F-EBD4-8597-5CF0-6370C0161CC9}
O42 - Logiciel: AMD Drag and Drop Transcoding - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {E8384463-151C-473F-3A8D-54F3B11892B9}
O42 - Logiciel: AMD Media Foundation Decoders - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {5AF106BC-B27B-D0EC-28CF-7A7F20B20288}
O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe AIR
O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {47FA2C44-D148-4DBC-AF60-B91934AA4842}
O42 - Logiciel: Adobe Community Help - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
O42 - Logiciel: Adobe Community Help - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}
O42 - Logiciel: Adobe Flash Player 11 ActiveX - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 11 Plugin - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player Plugin
O42 - Logiciel: Adobe Photoshop CS5 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {15FEDA5F-141C-4127-8D7E-B962D1742728}
O42 - Logiciel: Adobe Reader X (10.1.3) MUI - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-7AD7-FFFF-7B44-AA0000000001}
O42 - Logiciel: Apple Application Support - (.Apple Inc..) [HKLM][64Bits] -- {CCE825DB-347A-4004-A186-5F4A6FDD8547}
O42 - Logiciel: Apple Mobile Device Support - (.Apple Inc..) [HKLM][64Bits] -- {D70884EA-E2CE-4539-91DB-4766CC1E5F5F}
O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM][64Bits] -- {789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}
O42 - Logiciel: Ask Toolbar - (.Ask.com.) [HKLM][64Bits] -- AskTBar Uninstall
O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM][64Bits] -- {6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}
O42 - Logiciel: Bubble Dock (remove only) - (.Nosibay.) [HKCU][64Bits] -- Bubble Dock
O42 - Logiciel: CANON iMAGE GATEWAY Task for ZoomBrowser EX - (.Canon Inc..) [HKLM][64Bits] -- CANON iMAGE GATEWAY Task
O42 - Logiciel: Canon Internet Library for ZoomBrowser EX - (.Canon Inc..) [HKLM][64Bits] -- Canon Internet Library for ZoomBrowser EX
O42 - Logiciel: Canon MOV Decoder - (.Canon Inc..) [HKLM][64Bits] -- Canon MOV Decoder
O42 - Logiciel: Canon MOV Encoder - (.Canon Inc..) [HKLM][64Bits] -- Canon MOV Encoder
O42 - Logiciel: Canon MovieEdit Task for ZoomBrowser EX - (.Canon Inc..) [HKLM][64Bits] -- MovieEditTask
O42 - Logiciel: Canon Utilities Digital Photo Professional 3.8 - (.Canon Inc..) [HKLM][64Bits] -- DPP
O42 - Logiciel: Canon Utilities EOS Utility - (.Canon Inc..) [HKLM][64Bits] -- EOS Utility
O42 - Logiciel: Canon Utilities PhotoStitch - (.Canon Inc..) [HKLM][64Bits] -- PhotoStitch
O42 - Logiciel: Canon Utilities Picture Style Editor - (.Canon Inc..) [HKLM][64Bits] -- Picture Style Editor
O42 - Logiciel: Canon Utilities WFT Utility - (.Canon Inc..) [HKLM][64Bits] -- WFTK
O42 - Logiciel: Canon Utilities ZoomBrowser EX - (.Canon Inc..) [HKLM][64Bits] -- ZoomBrowser EX
O42 - Logiciel: Canon ZoomBrowser EX Memory Card Utility - (.Canon Inc..) [HKLM][64Bits] -- ZoomBrowser EX Memory Card Utility
O42 - Logiciel: Contents - (.Corel Corporation.) [HKLM][64Bits] -- {D7D99A66-493F-468B-BCE1-6F88612B89D5}
O42 - Logiciel: Corel PaintShop Photo Pro X3 - (.Corel Corporation.) [HKLM][64Bits] -- _{D1AEB5DB-04FA-489D-94EF-8600898B93EE}
O42 - Logiciel: Corel PaintShop Photo Pro X3 - (.Corel Corporation.) [HKLM][64Bits] -- {DA4BF4BE-3CDC-43B5-BBDA-DDDA73103111}
O42 - Logiciel: CyberLink LabelPrint - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}
O42 - Logiciel: CyberLink LabelPrint - (.CyberLink Corp..) [HKLM][64Bits] -- {C59C179C-668D-49A9-B6EA-0121CCFC1243}
O42 - Logiciel: CyberLink Power2Go - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}
O42 - Logiciel: CyberLink Power2Go - (.CyberLink Corp..) [HKLM][64Bits] -- {40BF1E83-20EB-11D8-97C5-0009C5020658}
O42 - Logiciel: CyberLink PowerDVD Copy - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{E3D04529-6EDB-11D8-A372-0050BAE317E1}
O42 - Logiciel: CyberLink PowerDVD Copy - (.CyberLink Corp..) [HKLM][64Bits] -- {E3D04529-6EDB-11D8-A372-0050BAE317E1}
O42 - Logiciel: CyberLink PowerRecover - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}
O42 - Logiciel: CyberLink PowerRecover - (.CyberLink Corp..) [HKLM][64Bits] -- {44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}
O42 - Logiciel: CyberLink WaveEditor - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}
O42 - Logiciel: CyberLink WaveEditor - (.CyberLink Corp..) [HKLM][64Bits] -- {324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}
O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM][64Bits] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF}
O42 - Logiciel: DeviceIO - (.Corel Corporation.) [HKLM][64Bits] -- {D3BCC13A-E4F2-45EE-846F-D143CEDDDBCB}
O42 - Logiciel: EcoLotoFoot - (.Cellard Softwares.) [HKLM][64Bits] -- EcoLotofoot Shareware_is1
O42 - Logiciel: GCI Demo (remove only) - (.Pas de propriétaire.) [HKLM][64Bits] -- GCI Demo
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM][64Bits] -- Google Chrome
O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM][64Bits] -- {18455581-E099-4BA8-BC6B-F34B2F06600C}
O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM][64Bits] -- {2318C2B1-4965-11d4-9B18-009027A5CD4F}
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: High-Definition Video Playback - (.Nero AG.) [HKLM][64Bits] -- {9193490D-5229-4FC4-9BB9-A6D63C09574A}
O42 - Logiciel: ICA - (.Corel Corporation.) [HKLM][64Bits] -- {D1AEB5DB-04FA-489D-94EF-8600898B93EE}
O42 - Logiciel: IPM_PSP_Pro - (.Corel Corporation.) [HKLM][64Bits] -- {DCD941B6-F2E7-4FAF-B102-F7D4DE5FF99A}
O42 - Logiciel: Intel(R) Control Center - (.Intel Corporation.) [HKLM][64Bits] -- {F8A9085D-4C7A-41a9-8A77-C8998A96C421}
O42 - Logiciel: Intel(R) Management Engine Components - (.Intel Corporation.) [HKLM][64Bits] -- {65153EA5-8B6E-43B6-857B-C6E4FC25798A}
O42 - Logiciel: Intel(R) Rapid Storage Technology - (.Intel Corporation.) [HKLM][64Bits] -- {3E29EE6C-963A-4aae-86C1-DC237C4A49FC}
O42 - Logiciel: Internet Explorer Toolbar 4.6 by SweetPacks - (.SweetIM Technologies Ltd..) [HKLM][64Bits] -- {774C0434-9948-4DEE-A14E-69CDD316E36C}
O42 - Logiciel: IsoBuster 3.0 - (.Smart Projects.) [HKLM][64Bits] -- IsoBuster_is1
O42 - Logiciel: Java(TM) 7 Update 2 (64-bit) - (.Oracle.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F86417002FF}
O42 - Logiciel: Java(TM) 7 Update 2 - (.Oracle.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F83217002FF}
O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM][64Bits] -- {1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}
O42 - Logiciel: Kaspersky Internet Security 2012 - (.Kaspersky Lab.) [HKLM][64Bits] -- InstallWIX_{45E557D6-2271-4F13-8101-C620B4285AB0}
O42 - Logiciel: Kaspersky Internet Security 2012 - (.Kaspersky Lab.) [HKLM][64Bits] -- {45E557D6-2271-4F13-8101-C620B4285AB0}
O42 - Logiciel: MLE - (.Corel Corporation.) [HKLM][64Bits] -- {D84B7C7E-2E4D-4002-8CA8-EED4EDB333AC}
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM][64Bits] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
O42 - Logiciel: MSVCRT_amd64 - (.Microsoft.) [HKLM][64Bits] -- {D0B44725-3666-492D-BEF6-587A14BD9BD9}
O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM][64Bits] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM][64Bits] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
O42 - Logiciel: McAfee Security Scan Plus - (.McAfee, Inc..) [HKLM][64Bits] -- McAfee Security Scan
O42 - Logiciel: Medion Home Cinema - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}
O42 - Logiciel: Medion Home Cinema - (.CyberLink Corp..) [HKLM][64Bits] -- {1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}
O42 - Logiciel: Memeo Instant Backup - (.Memeo Inc..) [HKLM][64Bits] -- {8E666407-AC41-46a2-9692-6C7BFCBFDD37}
O42 - Logiciel: Mesh Runtime - (.Microsoft Corporation.) [HKLM][64Bits] -- {8C6D6116-B724-4810-8F2D-D047E6B7D68E}
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM][64Bits] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: MotoConnect - (.Motorola.) [HKLM][64Bits] -- {DDC5B3E0-C656-4070-9CF0-E592EC60AD42}
O42 - Logiciel: Motorola Driver Installation 4.6.0 - (.Motorola Inc..) [HKLM][64Bits] -- {37DEBC1E-0A1F-448A-8DDD-A2FF4B1578EB}
O42 - Logiciel: Mozilla Firefox 17.0.1 (x86 fr) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 17.0.1 (x86 fr)
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM][64Bits] -- MozillaMaintenanceService
O42 - Logiciel: Nero 11 - (.Nero AG.) [HKLM][64Bits] -- {F021D637-BBDA-486B-96F0-225B62596C3B}
O42 - Logiciel: Nero 11 Disc Menus Basic - (.Nero AG.) [HKLM][64Bits] -- {F49EF443-B2BD-4F10-8A46-87AFCDB90EDD}
O42 - Logiciel: Nero 11 Effects Basic - (.Nero AG.) [HKLM][64Bits] -- {E51BC4B0-EA5E-49CC-AF3B-93B5C627EC22}
O42 - Logiciel: Nero 11 Image Samples - (.Nero AG.) [HKLM][64Bits] -- {F3743A2C-5D5F-4456-8F98-5DF36A954C50}
O42 - Logiciel: Nero 11 Kwik Themes Basic - (.Nero AG.) [HKLM][64Bits] -- {5A212B2D-140D-46F4-B625-2D1CA5A00594}
O42 - Logiciel: Nero 11 PiP Effects Basic - (.Nero AG.) [HKLM][64Bits] -- {2CA7225D-CB12-462A-9DD1-50319E158BA5}
O42 - Logiciel: Nero 8 - (.Nero AG.) [HKLM][64Bits] -- {D6C9AF27-9414-46C8-B9D8-D878BA041036}
O42 - Logiciel: Nero Audio Pack 1 - (.Nero AG.) [HKLM][64Bits] -- {A7A0BF2E-31CC-49E3-9913-52C503EB969D}
O42 - Logiciel: Nero BackItUp 11 - (.Nero AG.) [HKLM][64Bits] -- {AB2BBC64-8AC8-4E66-BBF3-E22D5EACEECA}
O42 - Logiciel: Nero BackItUp 11 Help (CHM) - (.Nero AG.) [HKLM][64Bits] -- {6AB2427E-A18F-4809-9A12-29F5EBABBB3A}
O42 - Logiciel: Nero Backup Drivers - (.Nero AG.) [HKLM][64Bits] -- {D600D357-5CB9-4DE9-8FD4-14E208BD1970}
O42 - Logiciel: Nero Burning ROM 11 - (.Nero AG.) [HKLM][64Bits] -- {B1846721-A8E6-46C7-83B6-0DCF7ADB4267}
O42 - Logiciel: Nero Burning ROM 11 Help (CHM) - (.Nero AG.) [HKLM][64Bits] -- {53F7746A-96AA-49A5-86B8-59989680DAC5}
O42 - Logiciel: Nero ControlCenter 11 - (.Nero AG.) [HKLM][64Bits] -- {11D3EF85-63E1-4AE4-A7C1-9241BDB16B51}
O42 - Logiciel: Nero ControlCenter 11 Help (CHM) - (.Nero AG.) [HKLM][64Bits] -- {D4D66270-9147-4BDF-9946-FCA2B303AA8F}
O42 - Logiciel: Nero Core Components 11 - (.Nero AG.) [HKLM][64Bits] -- {BEBEE34D-84A2-4EDD-8BEA-96CC54371263}
O42 - Logiciel: Nero CoverDesigner 11 - (.Nero AG.) [HKLM][64Bits] -- {FF44BCE5-5A18-4051-85F0-BC172D7B4695}
O42 - Logiciel: Nero CoverDesigner 11 Help (CHM) - (.Nero AG.) [HKLM][64Bits] -- {55C2143E-FBA5-442F-9AFA-726FF068F39D}
O42 - Logiciel: Nero Express 11 - (.Nero AG.) [HKLM][64Bits] -- {E10AAE4A-98B8-420A-BD93-E0520C23D624}
O42 - Logiciel: Nero Express 11 Help (CHM) - (.Nero AG.) [HKLM][64Bits] -- {D2CBEFA4-F2D3-4E97-A171-8BFD6A31A5EC}
O42 - Logiciel: Nero Kwik Media - (.Nero AG.) [HKLM][64Bits] -- {BE814218-3919-4EA3-868A-2F60BC135CB4}
O42 - Logiciel: Nero Kwik Media Help (CHM) - (.Nero AG.) [HKLM][64Bits] -- {B9B1BA7F-7E07-49DD-A713-5B397A5BB66B}
O42 - Logiciel: Nero Recode 11 - (.Nero AG.) [HKLM][64Bits] -- {F69FB940-5031-4FE8-AFAD-085802D0BF63}
O42 - Logiciel: Nero Recode 11 Help (CHM) - (.Nero AG.) [HKLM][64Bits] -- {57F80ECF-E27C-4EEE-AB58-E971BACE2639}
O42 - Logiciel: Nero RescueAgent 11 - (.Nero AG.) [HKLM][64Bits] -- {034DCAF9-96E7-4936-9A07-712F80B5181E}
O42 - Logiciel: Nero RescueAgent 11 Help (CHM) - (.Nero AG.) [HKLM][64Bits] -- {D01CE99A-8802-483C-A79F-298B691EB432}
O42 - Logiciel: Nero SoundTrax 11 - (.Nero AG.) [HKLM][64Bits] -- {0713D1F9-DD77-42C1-8C7D-54D479E2E743}
O42 - Logiciel: Nero SoundTrax 11 Help (CHM) - (.Nero AG.) [HKLM][64Bits] -- {390757AA-8830-43DC-AEE0-4E5B6F8439EB}
O42 - Logiciel: Nero Update - (.Nero AG.) [HKLM][64Bits] -- {65BB0407-4CC8-4DC7-952E-3EEFDF05602A}
O42 - Logiciel: Nero Video 11 - (.Nero AG.) [HKLM][64Bits] -- {0D7A4289-99CF-4B8D-B812-86BE50A54552}
O42 - Logiciel: Nero Video 11 Help (CHM) - (.Nero AG.) [HKLM][64Bits] -- {FAC3C37E-EDAB-4F3A-A173-A7C70CC88F09}
O42 - Logiciel: Nero WaveEditor 11 - (.Nero AG.) [HKLM][64Bits] -- {8014FACB-1D1D-48C2-94AA-E29EE2E6B9CE}
O42 - Logiciel: Nero WaveEditor 11 Help (CHM) - (.Nero AG.) [HKLM][64Bits] -- {EB8DED20-A887-4A9C-BB5A-F3E7523DFB44}
O42 - Logiciel: PDF Settings CS5 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {A78FE97A-C0C8-49CE-89D0-EDD524A17392}
O42 - Logiciel: PS3 Media Server - (.PS3 Media Server.) [HKLM][64Bits] -- PS3 Media Server
O42 - Logiciel: PSPH10Pro - (.Corel Corporation.) [HKLM][64Bits] -- {DA4A2F61-1E26-4D51-94BB-36D77678BDAD}
O42 - Logiciel: PSPPContent - (.Corel Corporation.) [HKLM][64Bits] -- {DF8B9311-ADE7-4EDE-B121-326CAA3D225D}
O42 - Logiciel: PSPPRO_DCRAW - (.Corel Corporation.) [HKLM][64Bits] -- {DCF1928A-FC01-48E7-A7E6-4651D42EF6A1}
O42 - Logiciel: PhotoFiltre - (.Pas de propriétaire.) [HKCU][64Bits] -- PhotoFiltre
O42 - Logiciel: PhotoFiltre Studio - (.Pas de propriétaire.) [HKLM][64Bits] -- PhotoFiltre Studio
O42 - Logiciel: PhotoFiltre Studio X - (.Pas de propriétaire.) [HKCU][64Bits] -- PhotoFiltre Studio X
O42 - Logiciel: PlayReady PC Runtime amd64 - (.Microsoft Corporation.) [HKLM][64Bits] -- {BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}
O42 - Logiciel: PureHD - (.Corel Corporation.) [HKLM][64Bits] -- {D875FFEE-2FCE-4774-902A-749198C00A68}
O42 - Logiciel: QuickTime - (.Apple Inc..) [HKLM][64Bits] -- {8DC42D05-680B-41B0-8878-6C14D24602DB}
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: RentASoft Image Converter v2.3 - (.RentASoft.com.) [HKLM][64Bits] -- RentASoft Image Converter_is1
O42 - Logiciel: Setup - (.Corel Corporation.) [HKLM][64Bits] -- {D1612A3D-0DCC-4055-BB6A-0036F31158A0}
O42 - Logiciel: Share - (.Corel Corporation.) [HKLM][64Bits] -- {D94ABC2B-5CA9-48B2-9266-15AB78384D3C}
O42 - Logiciel: Share64 - (.Corel Corporation.) [HKLM][64Bits] -- {D5FE818E-F1C7-44F8-A3C0-C08761906E27}
O42 - Logiciel: SiteRanker - (.Crawler, LLC.) [HKLM][64Bits] -- {11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5}_is1
O42 - Logiciel: Skype Click to Call - (.Skype Technologies S.A..) [HKLM][64Bits] -- {B6CF2967-C81E-40C0-9815-C05774FEF120}
O42 - Logiciel: Skype(TM) 6.0 - (.Skype Technologies S.A..) [HKLM][64Bits] -- {EA17F4FC-FDBF-4CF8-A529-2D983132D053}
O42 - Logiciel: Smart File Advisor 1.1.1 - (.Filefacts.net.) [HKLM][64Bits] -- Smart File Advisor_is1
O42 - Logiciel: Spelling Dictionaries Support For Adobe Reader X - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-7AD7-5464-3428-A00000000004}
O42 - Logiciel: TomTom HOME - (.Nom de votre société.) [HKLM][64Bits] -- {9017CEAF-BE5A-4F73-8A0E-C87E26971E55}
O42 - Logiciel: TomTom HOME Visual Studio Merge Modules - (.TomTom International B.V..) [HKLM][64Bits] -- {8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}
O42 - Logiciel: VIO - (.Corel Corporation.) [HKLM][64Bits] -- {D9C4FA35-7C6B-4C9E-863B-58C4D7472F41}
O42 - Logiciel: VLC media player 2.0.1 - (.VideoLAN.) [HKLM][64Bits] -- VLC media player
O42 - Logiciel: Vuze - (.Vuze Inc..) [HKLM][64Bits] -- 8461-7759-5462-8226
O42 - Logiciel: WinRAR 4.11 (32-bit) - (.win.rar GmbH.) [HKLM][64Bits] -- WinRAR archiver
O42 - Logiciel: Windows Media Encoder 9 Series - (.Microsoft Corporation.) [HKLM][64Bits] -- {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}
O42 - Logiciel: Windows Media Encoder 9 Series - (.Pas de propriétaire.) [HKLM][64Bits] -- Windows Media Encoder 9
O42 - Logiciel: eMule - (.Pas de propriétaire.) [HKLM][64Bits] -- eMule
O42 - Logiciel: iTunes - (.Apple Inc..) [HKLM][64Bits] -- {22D8AE6F-3C6B-47E8-8F04-629F23DBE978}
O42 - Logiciel: monAlbumPhoto 6.3.3.0 - (.monAlbumPhoto.) [HKLM][64Bits] -- monAlbumPhoto_is1
O42 - Logiciel: neroxml - (.Nero AG.) [HKLM][64Bits] -- {56C049BE-79E9-4502-BEA7-9754A3E60F9B}
O42 - Logiciel: welcome - (.Nero AG.) [HKLM][64Bits] -- {CCE210DF-7EEF-4A76-A63C-3EB091FDB992}

---\\ HKCU & HKLM Software Keys
[HKCU\Software\5cd8f17f4086744065eb0992a09e05a2]
[HKCU\Software\AMD]
[HKCU\Software\ATI]
[HKCU\Software\Adobe]
[HKCU\Software\Ahead]
[HKCU\Software\AppDataLow\Aurigma]
[HKCU\Software\AppDataLow\Software\Microsoft]
[HKCU\Software\AppDataLow\Software\Smartbar]
[HKCU\Software\AppDataLow\Software]
[HKCU\Software\AppDataLow]
[HKCU\Software\Apple Computer, Inc.]
[HKCU\Software\Apple Inc.]
[HKCU\Software\Azureus]
[HKCU\Software\Brother]
[HKCU\Software\Canon]
[HKCU\Software\Canon_Inc_IC]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\Corel]
[HKCU\Software\CyberLink]
[HKCU\Software\EffectMgr]
[HKCU\Software\Google]
[HKCU\Software\IM Providers]
[HKCU\Software\ITOPDFD]
[HKCU\Software\IncrediMail]
[HKCU\Software\JavaSoft]
[HKCU\Software\KasperskyLab]
[HKCU\Software\LQSMon]
[HKCU\Software\Local AppWizard-Generated Applications] <