Forum Clubic

Une petite question "sécurité"

Bonjour,

Ayant un compte World of Warcraft et faisant quelque foi des achats sur internet je me suis posé une question .

Sachant qu’un virus “key logger” enregistre les touche tapé sur le clavier comme le mot de passe de mon compte WoW ou mes numéro banquaire sur ma carte de crédit, si je les enregistre sur un bloc note (le MdP wow ainssi que mes numéro banquaire) et que si je fait Ctrl-C et Ctrl-V (copier coller), le virus key logger va seulment enregistré Ctrl-C et Ctrl-V ou va t-il tout enregistré le MdP etc…?

Ps: me dite pas svp, de m’acheté un antivirus et de le mettre à jour car j’en est pas les moyen pour l’instant, et j’ai panda la version gratuite qui a détecté un virus mais il ne l’a pas suprimé …

Voilà, merci de me répondre. :icon_biggrin:

Salut

un peu de lecture

==>Les keyloggers

et pour te protéger un max mais jamais 100% il y a des softs Gratos et “Performants”

Qui a parlé d " Acheter " alors qu il y à du gratuit dispo plus performant que la plupart des payants

Par Pc 1 Firewall + 1 Antivirus + éventuellement 1 Antispyware

Reste à voir ce que tu as sur ton PC et voir avec Toi

Télécharge Random’s System Information Tool (RSIT) par random/random et sauvegarde-le sur ton Bureau.

==>Random’s System Information Tool (RSIT)

=>Important (Sous Vista)

Tu dois exécuter RSIT avec les droits d’administrateur, pour cela Clique droit sur RSIT et “Lancer en tant qu’administrateur”

==> Double-clique sur RSIT.exe afin de lancer RSIT.
==> Clique sur Continue à l’écran Disclaimer.
==> Si l’outil HijackThis (version à jour) n’est pas présent ou non détecté sur l’ordinateur, RSIT le téléchargera et tu devras accepter la licence.
==>Lorsque l’analyse sera terminée, deux fichiers texte s’ouvriront.

==> Poste le contenu de log.txt (<<qui sera affiché) ainsi que de info.txt (<<qui sera réduit dans la Barre des Tâches).

Note : Les deux rapports sont également sauvegardés %systemroot%\rsit

INFO.TXT

info.txt logfile of random’s system information tool 1.06 2009-07-16 17:10:15

======Uninstall list======

        -->MsiExec.exe /X{E9F81423-211E-46B6-9AE0-38568BC5CF6F}

–>“C:\Program Files\Creative\Sound Blaster X-Fi\Program\SETUP.EXE” /S /U /W /L:FRN
–>MsiExec /X{95FC26FB-19FD-4A96-BBB1-B1062E8648F5}
–>RunDll32 C:\PROGRA~1\FICHIE~1\InstallShield\Professional\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{06E3E953-0570-4DFF-A7B5-46114C390228}\setup.exe” -l0x40c
–>RunDll32 C:\PROGRA~1\FICHIE~1\InstallShield\Professional\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{06E3E953-0570-4DFF-A7B5-46114C390228}\setup.exe” -l0x40c /remove
–>RunDll32 C:\PROGRA~1\FICHIE~1\InstallShield\Professional\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{0B095086-7205-4D48-90DF-DCD16613C6D4}\setup.exe” -l0x40c
–>RunDll32 C:\PROGRA~1\FICHIE~1\InstallShield\Professional\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{0B095086-7205-4D48-90DF-DCD16613C6D4}\setup.exe” -l0x40c /remove
–>RunDll32 C:\PROGRA~1\FICHIE~1\InstallShield\Professional\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{0E5AA361-4B16-4282-B639-9E5B2B6A2EC8}\setup.exe” -l0x40c
–>RunDll32 C:\PROGRA~1\FICHIE~1\InstallShield\Professional\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{0E5AA361-4B16-4282-B639-9E5B2B6A2EC8}\setup.exe” -l0x40c /remove
–>RunDll32 C:\PROGRA~1\FICHIE~1\InstallShield\Professional\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{103BCDA0-E063-46AC-8028-64E78722ABA7}\setup.exe” -l0x40c
–>RunDll32 C:\PROGRA~1\FICHIE~1\InstallShield\Professional\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{103BCDA0-E063-46AC-8028-64E78722ABA7}\setup.exe” -l0x40c /remove
–>RunDll32 C:\PROGRA~1\FICHIE~1\InstallShield\Professional\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{17E96A7F-AFE3-4171-87B1-583E376319E8}\setup.exe” -l0x40c
–>RunDll32 C:\PROGRA~1\FICHIE~1\InstallShield\Professional\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{17E96A7F-AFE3-4171-87B1-583E376319E8}\setup.exe” -l0x40c /remove
–>RunDll32 C:\PROGRA~1\FICHIE~1\InstallShield\Professional\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{1EF644C7-1A0D-4B94-9AF5-AD04702094A4}\setup.exe” -l0x40c
–>RunDll32 C:\PROGRA~1\FICHIE~1\InstallShield\Professional\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{1EF644C7-1A0D-4B94-9AF5-AD04702094A4}\setup.exe” -l0x40c /remove
–>RunDll32 C:\PROGRA~1\FICHIE~1\InstallShield\Professional\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{25E6EB3A-F696-41AB-96B6-D76ECE6446BF}\setup.exe” -l0x40c
–>RunDll32 C:\PROGRA~1\FICHIE~1\InstallShield\Professional\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{25E6EB3A-F696-41AB-96B6-D76ECE6446BF}\setup.exe” -l0x40c /remove
–>RunDll32 C:\PROGRA~1\FICHIE~1\InstallShield\Professional\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{2616B36E-38CE-4357-8AB5-8B3EE9B1C117}\setup.exe” -l0x40c
–>RunDll32 C:\PROGRA~1\FICHIE~1\InstallShield\Professional\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{2616B36E-38CE-4357-8AB5-8B3EE9B1C117}\setup.exe” -l0x40c /remove
–>RunDll32 C:\PROGRA~1\FICHIE~1\InstallShield\Professional\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{32903944-19A2-418C-901D-4BBAF4C55ABA}\setup.exe” -l0x40c
–>RunDll32 C:\PROGRA~1\FICHIE~1\InstallShield\Professional\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{32903944-19A2-418C-901D-4BBAF4C55ABA}\setup.exe” -l0x40c /remove
–>RunDll32 C:\PROGRA~1\FICHIE~1\InstallShield\Professional\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{44267176-A318-447F-A62A-0A5FD608C34F}\setup.exe” -l0x40c
–>RunDll32 C:\PROGRA~1\FICHIE~1\InstallShield\Professional\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{44267176-A318-447F-A62A-0A5FD608C34F}\setup.exe” -l0x40c /remove
–>RunDll32 C:\PROGRA~1\FICHIE~1\InstallShield\Professional\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{4D8AA0B4-E890-4BF7-A9D1-8E63027E76D3}\setup.exe” -l0x40c
–>RunDll32 C:\PROGRA~1\FICHIE~1\InstallShield\Professional\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{4D8AA0B4-E890-4BF7-A9D1-8E63027E76D3}\setup.exe” -l0x40c /remove
–>RunDll32 C:\PROGRA~1\FICHIE~1\InstallShield\Professional\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{4F2F3E0C-2025-4F5E-9583-AB8CD5AA88A6}\setup.exe” -l0x40c
–>RunDll32 C:\PROGRA~1\FICHIE~1\InstallShield\Professional\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{569A9538-86EC-44C3-8EE4-C68B165F2A75}\setup.exe” -l0x40c
–>RunDll32 C:\PROGRA~1\FICHIE~1\InstallShield\Professional\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{569A9538-86EC-44C3-8EE4-C68B165F2A75}\setup.exe” -l0x40c /remove
–>RunDll32 C:\PROGRA~1\FICHIE~1\InstallShield\Professional\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{6349CEE9-19F2-49D9-AC9D-B0350E3CBDB1}\setup.exe” -l0x40c
–>RunDll32 C:\PROGRA~1\FICHIE~1\InstallShield\Professional\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{6349CEE9-19F2-49D9-AC9D-B0350E3CBDB1}\setup.exe” -l0x40c /remove
–>RunDll32 C:\PROGRA~1\FICHIE~1\InstallShield\Professional\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{63A317D0-60A6-43FC-848A-9FE4A53B29CE}\setup.exe” -l0x40c
–>RunDll32 C:\PROGRA~1\FICHIE~1\InstallShield\Professional\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{66BCC50C-22D9-4927-9251-27FA88A32214}\setup.exe” -l0x40c
–>RunDll32 C:\PROGRA~1\FICHIE~1\InstallShield\Professional\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{66BCC50C-22D9-4927-9251-27FA88A32214}\setup.exe” -l0x40c /remove
–>RunDll32 C:\PROGRA~1\FICHIE~1\InstallShield\Professional\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{6BF90A01-FA3F-42B9-A071-7D744409967E}\setup.exe” -l0x40c
–>RunDll32 C:\PROGRA~1\FICHIE~1\InstallShield\Professional\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{6BF90A01-FA3F-42B9-A071-7D744409967E}\setup.exe” -l0x40c /remove
–>RunDll32 C:\PROGRA~1\FICHIE~1\InstallShield\Professional\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe” -l0x40c
–>RunDll32 C:\PROGRA~1\FICHIE~1\InstallShield\Professional\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe” -l0x40c /remove
–>RunDll32 C:\PROGRA~1\FICHIE~1\InstallShield\Professional\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{73919E2B-725C-4FAA-8473-45E063A3575F}\setup.exe” -l0x40c
–>RunDll32 C:\PROGRA~1\FICHIE~1\InstallShield\Professional\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{73919E2B-725C-4FAA-8473-45E063A3575F}\setup.exe” -l0x40c /remove
–>RunDll32 C:\PROGRA~1\FICHIE~1\InstallShield\Professional\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{7AFFF09F-386B-4F7A-B3E0-EC24C13893AA}\setup.exe” -l0x40c
–>RunDll32 C:\PROGRA~1\FICHIE~1\InstallShield\Professional\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{7AFFF09F-386B-4F7A-B3E0-EC24C13893AA}\setup.exe” -l0x40c /remove
–>RunDll32 C:\PROGRA~1\FICHIE~1\InstallShield\Professional\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{836612F0-1571-4C65-A4B7-58A39AA578EE}\setup.exe” -l0x40c
–>RunDll32 C:\PROGRA~1\FICHIE~1\InstallShield\Professional\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{836612F0-1571-4C65-A4B7-58A39AA578EE}\setup.exe” -l0x40c /remove
–>RunDll32 C:\PROGRA~1\FICHIE~1\InstallShield\Professional\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{84F573D3-0F71-4768-978A-D35310E3FBA6}\setup.exe” -l0x40c
–>RunDll32 C:\PROGRA~1\FICHIE~1\InstallShield\Professional\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{84F573D3-0F71-4768-978A-D35310E3FBA6}\setup.exe” -l0x40c /remove
–>RunDll32 C:\PROGRA~1\FICHIE~1\InstallShield\Professional\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{8A3F2ADE-DEF2-4A50-866A-6B9357B5590F}\setup.exe” -l0x40c
–>RunDll32 C:\PROGRA~1\FICHIE~1\InstallShield\Professional\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{8A3F2ADE-DEF2-4A50-866A-6B9357B5590F}\setup.exe” -l0x40c /remove
–>RunDll32 C:\PROGRA~1\FICHIE~1\InstallShield\Professional\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{8B026740-A400-48FF-8F6B-B37C4F61C937}\setup.exe” -l0x40c
–>RunDll32 C:\PROGRA~1\FICHIE~1\InstallShield\Professional\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{8B026740-A400-48FF-8F6B-B37C4F61C937}\setup.exe” -l0x40c /remove
–>RunDll32 C:\PROGRA~1\FICHIE~1\InstallShield\Professional\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{A82F10CB-18B5-4EAC-AEF2-FA49CD565626}\setup.exe” -l0x40c
–>RunDll32 C:\PROGRA~1\FICHIE~1\InstallShield\Professional\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{B20EB9BE-3795-47BA-BDD6-889593E8FD55}\setup.exe” -l0x40c
–>RunDll32 C:\PROGRA~1\FICHIE~1\InstallShield\Professional\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{B20EB9BE-3795-47BA-BDD6-889593E8FD55}\setup.exe” -l0x40c /remove
–>RunDll32 C:\PROGRA~1\FICHIE~1\InstallShield\Professional\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{B49BCFF0-64CC-4E0E-AD9D-91BFBD344BAE}\setup.exe” -l0x40c
–>RunDll32 C:\PROGRA~1\FICHIE~1\InstallShield\Professional\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{B49BCFF0-64CC-4E0E-AD9D-91BFBD344BAE}\setup.exe” -l0x40c /remove
–>RunDll32 C:\PROGRA~1\FICHIE~1\InstallShield\Professional\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{B5AF6143-E738-4768-A5E6-C07C68A464A4}\setup.exe” -l0x9
–>RunDll32 C:\PROGRA~1\FICHIE~1\InstallShield\Professional\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{B5AF6143-E738-4768-A5E6-C07C68A464A4}\setup.exe” -l0x9 /remove
–>RunDll32 C:\PROGRA~1\FICHIE~1\InstallShield\Professional\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{B8DA9EB2-DBEF-4F0A-B90A-45B77D9E65B2}\setup.exe” -l0x40c
–>RunDll32 C:\PROGRA~1\FICHIE~1\InstallShield\Professional\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{B8DA9EB2-DBEF-4F0A-B90A-45B77D9E65B2}\setup.exe” -l0x40c /remove
–>RunDll32 C:\PROGRA~1\FICHIE~1\InstallShield\Professional\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{BD6928A2-9F8F-4AA7-9A3A-FD4A271712EE}\setup.exe” -l0x40c
–>RunDll32 C:\PROGRA~1\FICHIE~1\InstallShield\Professional\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{BD6928A2-9F8F-4AA7-9A3A-FD4A271712EE}\setup.exe” -l0x40c /remove
–>RunDll32 C:\PROGRA~1\FICHIE~1\InstallShield\Professional\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{C229589D-CC1A-43FF-9507-CDED3AB85325}\setup.exe” -l0x40c
–>RunDll32 C:\PROGRA~1\FICHIE~1\InstallShield\Professional\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{C229589D-CC1A-43FF-9507-CDED3AB85325}\setup.exe” -l0x40c /remove
–>RunDll32 C:\PROGRA~1\FICHIE~1\InstallShield\Professional\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{CB99E420-8071-48F9-9567-4A53BE7569C4}\setup.exe” -l0x40c
–>RunDll32 C:\PROGRA~1\FICHIE~1\InstallShield\Professional\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{CB99E420-8071-48F9-9567-4A53BE7569C4}\setup.exe” -l0x40c /remove
–>RunDll32 C:\PROGRA~1\FICHIE~1\InstallShield\Professional\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{D8A544F4-AC5F-4B67-9C74-F3E976798797}\setup.exe” -l0x40c
–>RunDll32 C:\PROGRA~1\FICHIE~1\InstallShield\Professional\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{D8A544F4-AC5F-4B67-9C74-F3E976798797}\setup.exe” -l0x40c /remove
–>rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
3DMark06–>RunDll32 C:\PROGRA~1\FICHIE~1\InstallShield\Professional\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{7F3AD00A-1819-4B15-BB7D-08B3586336D7}\setup.exe” -l0x9 -removeonly
Ad-aware SE - Traduction FR–>C:\Program Files\Lavasoft\Ad-Aware SE Professional\uninst-trad.exe
Ad-Aware SE Professional–>C:\PROGRA~1\Lavasoft\AD-AWA~1\UNWISE.EXE C:\PROGRA~1\Lavasoft\AD-AWA~1\INSTALL.LOG
Adobe Flash Player 10 ActiveX–>C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin–>C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 6.0.1 - Français–>MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A00000000001}
Adobe Shockwave Player 11–>C:\WINDOWS\system32\adobe\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Adobe\SHOCKW~1\Install.log
Age of Empires III–>C:\PROGRA~1\FICHIE~1\InstallShield\Driver\11\Intel 32\IDriver.exe /M{485775E8-AEB8-46BD-922B-242879E03DD5}
AGEIA PhysX v7.11.13–>MsiExec.exe /X{95FC26FB-19FD-4A96-BBB1-B1062E8648F5}
Apple Mobile Device Support–>MsiExec.exe /I{EC4455AB-F155-4CC1-A4C5-88F3777F9886}
Apple Software Update–>MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Archiveur WinRAR–>C:\Program Files\WinRAR\uninstall.exe
Assistant de connexion Windows Live–>MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}
ATI - Utilitaire de désinstallation du logiciel–>C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe
ATI AVIVO Codecs–>MsiExec.exe /I{89DE67AD-08B8-4699-A55D-CA5C0AF82BF3}
ATI Catalyst Control Center–>RunDll32 C:\PROGRA~1\FICHIE~1\InstallShield\Professional\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{055EE59D-217B-43A7-ABFF-507B966405D8}\setup.exe” -l0x0
ATI Display Driver–>rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
ATI HYDRAVISION–>RunDll32 C:\PROGRA~1\FICHIE~1\InstallShield\engine\6\Intel 32\ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{3EA9D975-BFDC-4E8E-B88B-0446FBC8CA66}\setup.exe”
ATI Parental Control & Encoder–>MsiExec.exe /I{36CDA33B-909B-4719-97D1-C4B99309BDC7}
ATI Problem Report Wizard–>MsiExec.exe /X{5DA6F06A-B389-407B-BF8C-1548767914D8}
Attansic Ethernet Utility–>RunDll32 C:\PROGRA~1\FICHIE~1\InstallShield\Professional\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{1F698102-5739-441E-96F0-74F4EA540F06}\setup.exe” -l0x9 -removeonly
Attansic L1 Gigabit Ethernet Driver–>rundll32.exe C:\WINDOWS\system32\Attansic\L1\atcInst.dll,AtcUninst C:\WINDOWS\system32\Attansic\L1 x86 1969 1048 L1
Battlefield 2 : L’Intégrale–>RunDll32 C:\PROGRA~1\FICHIE~1\InstallShield\Professional\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{A8DBF55D-73C0-4E37-A10E-365BFBB14119}\setup.exe” -l0x40c -removeonly
Boîte à outils média de Creative–>RunDll32 C:\PROGRA~1\FICHIE~1\InstallShield\Professional\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{4F2F3E0C-2025-4F5E-9583-AB8CD5AA88A6}\setup.exe” -l0x40c /remove
Catalyst Control Center - Branding–>MsiExec.exe /I{FA3A247D-437A-455E-A88F-7EB6E5F9E799}
CCleaner (remove only)–>“C:\Program Files\CCleaner\uninst.exe”
Choice Guard–>MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}
Cold War Crisis Release 1.0–>C:\C&C\C&C Heure H_CWC_UnInst.exe
Command & Conquer Generals–>C:\PROGRA~1\FICHIE~1\InstallShield\Driver\7\Intel 32\IDriver.exe /M{06F80017-8F98-4C94-B868-52358569FC32}
Command and Conquer™ Generals - Heure H–>C:\PROGRA~1\FICHIE~1\InstallShield\Driver\7\Intel 32\IDriver.exe /M{F3E9C243-122E-4D6B-ACC1-E1FEC02F6CA1}
Complément Office 2007 - Microsoft Enregistrer en tant que PDF ou XPS (Beta)–>MsiExec.exe /X{30120000-00B2-040C-0000-0000000FF1CE}
Correctif pour Windows XP (KB942288-v3)–>“C:\WINDOWS$NtUninstallKB942288-v3$\spuninst\spuninst.exe”
Counter-Strike: Source–>“C:\Program Files\Steam\steam.exe” uninstall…
Counter-Strike–>“C:\Program Files\Steam\steam.exe” uninstall…
Creative MediaSource–>RunDll32 C:\PROGRA~1\FICHIE~1\InstallShield\Professional\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{2E0C1913-886B-4C5C-8DAF-D1E649CE5FCC}\SETUP.EXE” -l0x40c /remove
Creative System Information–>RunDll32 C:\PROGRA~1\FICHIE~1\InstallShield\Professional\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{63A317D0-60A6-43FC-848A-9FE4A53B29CE}\setup.exe” -l0x40c /remove
Crysis WARHEAD® Patch–>“C:\Documents and Settings\All Users\Application Data{ADCC9DAF-34D1-4565-92F1-DDB872DCF596}\setup.exe” REMOVE=TRUE MODIFY=FALSE
Crysis WARHEAD® Patch–>C:\Documents and Settings\All Users\Application Data{ADCC9DAF-34D1-4565-92F1-DDB872DCF596}\setup.exe
Crysis WARHEAD®–>“C:\Documents and Settings\All Users\Application Data{0691F710-1ECA-4B5A-9727-25554F1BFDC6}\setup.exe” REMOVE=TRUE MODIFY=FALSE
Crysis WARHEAD®–>C:\Documents and Settings\All Users\Application Data{0691F710-1ECA-4B5A-9727-25554F1BFDC6}\setup.exe
Curse Client–>C:\Program Files\Curse\uninstall.exe
Day of Defeat: Source–>“C:\Program Files\Steam\steam.exe” uninstall…
DVD Shrink 3.2–>“C:\Program Files\DVD Shrink\unins000.exe”
EA Download Manager–>C:\Program Files\Electronic Arts\EADM\Uninstall.exe
FlashGet 1.9.6.1073–>C:\Program Files\FlashGet\uninst.exe
FlashGet(JetCar)–>C:\PROGRA~1\FlashGet\UNWISE.EXE C:\PROGRA~1\FlashGet\INSTALL.LOG
Free - Kit de connexion–>C:\Program Files\Free.fr\uninstall.exe
Freedom Fighters–>C:\PROGRA~1\EA GAMES\Freedom Fighters\UNWISE.EXE C:\PROGRA~1\EA GAMES\Freedom Fighters\INSTALL.LOG
Galerie de photos Windows Live–>MsiExec.exe /X{44E54A81-9D91-4AA1-9417-80AFF134F5FF}
GameSpy Arcade–>C:\PROGRA~1\GameSpy Arcade\UNWISE.EXE C:\PROGRA~1\GameSpy Arcade\INSTALL.LOG
GANG LAND–>C:\WINDOWS\unvise32.exe C:\Program Files\MediaMobsters\uninstal.log
Gangsters–>C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\Hothouse Creations\Gangsters\Uninst.isu"
Garmin City Navigator Europe NT v9–>MsiExec.exe /X{200B415D-7CC6-4818-8624-9E43EDF19D9C}
GCFScape 1.4.0–>“C:\Program Files\GCFScape\unins000.exe”
Google Earth–>MsiExec.exe /I{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}
GTA San Andreas–>RunDll32 C:\PROGRA~1\FICHIE~1\InstallShield\Professional\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}\setup.exe” -l0x40c -removeonly
Half-Life 2: Episode One–>“C:\Program Files\Steam\steam.exe” uninstall…
Half-Life 2: Episode Two–>“C:\Program Files\Steam\steam.exe” uninstall…
Half-Life 2–>“C:\Program Files\Steam\steam.exe” uninstall…
Hamachi 1.0.3.0–>C:\Program Files\Hamachi\uninstall.exe
High Definition Audio Driver Package - KB888111–>“C:\WINDOWS$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe”
HijackThis 2.0.2–>“C:\Program Files\trend micro\HijackThis.exe” /uninstall
HP Image Zone Express–>MsiExec.exe /X{FE64AE29-0883-4C70-8388-DC026019C900}
HP Imaging Device Functions 5.3–>C:\Program Files\HP\Digital Imaging\DigitalImagingMonitor\hpzscr01.exe -datfile hpqbud01.dat
HP PSC & OfficeJet 5.3.B–>“C:\Program Files\HP\Digital Imaging{5B79CFD1-6845-4158-9D7D-6BE89DF2C135}\setup\hpzscr01.exe” -datfile hposcr07.dat
HP Software Update–>MsiExec.exe /X{15EE79F4-4ED1-4267-9B0F-351009325D7D}
HP Solution Center & Imaging Support Tools 5.3–>C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat
Installation Windows Live–>C:\Program Files\Windows Live\Installer\wlarp.exe
Installation Windows Live–>MsiExec.exe /I{7370DF47-B4F9-4279-BFC3-3F09919F720D}
Insurgency–>“C:\Program Files\Steam\steam.exe” uninstall…
iTunes–>MsiExec.exe /I{F5C63795-2708-4D15-BF18-5ABBFF7DFFC8}
Java 2 Runtime Environment, SE v1.4.2_05–>MsiExec.exe /I{7148F0A8-6813-11D6-A77B-00B0D0142050}
Java™ 6 Update 11–>MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF}
Junk Mail filter update–>MsiExec.exe /I{4DE3E3D9-AE81-45DE-9195-3015F7B1DBF3}
Les Sims 2–>C:\Program Files\EA GAMES\Les Sims 2\EAUninstall.exe
Logitech Gaming Software 5.01–>MsiExec.exe /X{C5961323-A2E5-4FAB-B92D-DBF6C282F0F5}
Logitech G-series Keyboard Software–>MsiExec.exe /X{2FB418AB-562D-43B4-BA0D-9282AAD8C207}
Logitech SetPoint–>RunDll32 C:\PROGRA~1\FICHIE~1\InstallShield\Professional\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{2E8EAC71-BFE4-417A-88F0-5A1BDFBCF5D3}\setup.exe” -l0x40c -removeonly
Ma-Config.com–>MsiExec.exe /X{8AFB8FC4-3EBA-4C67-943F-CF43DB2180F1}
Max Payne–>RunDll32 C:\PROGRA~1\FICHIE~1\InstallShield\engine\6\Intel 32\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{39930321-4C58-4B8B-BCBF-342698C9801D}\setup.exe” uninstall uninstall
Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - FRA–>MsiExec.exe /I{3F7924B9-D148-3141-87B1-68F36043A940}
Microsoft .NET Framework 2.0 Service Pack 1–>MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}
Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - FRA–>MsiExec.exe /I{511DF669-2930-30C0-8EB6-552887E29EC8}
Microsoft .NET Framework 3.0 Service Pack 1–>MsiExec.exe /I{2BA00471-0328-3743-93BD-FA813353A783}
Microsoft .NET Framework 3.5 Language Pack - fra–>MsiExec.exe /I{5B76AEA2-D4E5-3B55-B965-ACC36AE0EAFC}
Microsoft .NET Framework 3.5–>C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\setup.exe
Microsoft .NET Framework 3.5–>MsiExec.exe /I{2FC099BD-AC9B-33EB-809C-D332E1B27C40}
Microsoft Games for Windows - LIVE -->MsiExec.exe /X{4AA3D64E-9EC3-4B0F-AB91-5885AC55641F}
Microsoft Games for Windows - LIVE Redistributable–>MsiExec.exe /X{05B49229-22A2-4F88-842A-BBC2EBE1CCF6}
Microsoft Internationalized Domain Names Mitigation APIs–>“C:\WINDOWS$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe”
Microsoft National Language Support Downlevel APIs–>“C:\WINDOWS$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe”
Microsoft Office Access MUI (French) 2007–>MsiExec.exe /X{90120000-0015-040C-0000-0000000FF1CE}
Microsoft Office Excel MUI (French) 2007–>MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (French) 2007–>MsiExec.exe /X{90120000-0044-040C-0000-0000000FF1CE}
Microsoft Office Live Add-in 1.3–>MsiExec.exe /I{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}
Microsoft Office Outlook Connector–>MsiExec.exe /I{95120000-0120-040C-0000-0000000FF1CE}
Microsoft Office Outlook MUI (French) 2007–>MsiExec.exe /X{90120000-001A-040C-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (French) 2007–>MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}
Microsoft Office Professional Plus 2007–>“C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe” /uninstall PROPLUS /dll OSETUP.DLL
Microsoft Office Professional Plus 2007–>MsiExec.exe /X{90120000-0011-0000-0000-0000000FF1CE}
Microsoft Office Proof (Arabic) 2007–>MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}
Microsoft Office Proof (Dutch) 2007–>MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007–>MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007–>MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007–>MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007–>MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (French) 2007–>MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}
Microsoft Office Publisher MUI (French) 2007–>MsiExec.exe /X{90120000-0019-040C-0000-0000000FF1CE}
Microsoft Office Shared MUI (French) 2007–>MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}
Microsoft Office Word MUI (French) 2007–>MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE}
Microsoft Search Enhancement Pack–>MsiExec.exe /I{9C9CEB9D-53FD-49A7-85D2-FE674F72F24E}
Microsoft Silverlight–>MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]–>MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Sync Framework Runtime Native v1.0 (x86)–>MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5}
Microsoft Sync Framework Services Native v1.0 (x86)–>MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}
Microsoft User-Mode Driver Framework Feature Pack 1.0–>“C:\WINDOWS$NtUninstallWudf01000$\spuninst\spuninst.exe”
Microsoft Visual C++ 2005 Redistributable–>MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2005 Redistributable–>MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Microsoft Visual C++ 2008 Express Edition - FRA–>MsiExec.exe /X{15473D70-D791-3B5E-B174-2FD19EC0D017}
Microsoft Visual C++ 2008 Express - Français–>C:\Program Files\Microsoft Visual Studio 9.0\Microsoft Visual C++ 2008 Express Edition - FRA\setup.exe
Microsoft Windows SDK for Visual Studio 2008 Express Tools for .NET Framework–>MsiExec.exe /X{AB47EEE8-507B-331F-AA28-B7C7257F014C}
Microsoft Windows SDK for Visual Studio 2008 Express Tools for Win32–>MsiExec.exe /X{07FCBED5-94C3-4F94-B9D3-360FA27C7B06}
Microsoft Windows SDK for Visual Studio 2008 Headers and Libraries–>MsiExec.exe /X{842FAF7C-50EF-4463-9B8F-6222E1384D7D}
Microsoft Zoo Tycoon–>“C:\Program Files\Microsoft Games\Zoo Tycoon\UNINSTAL.EXE” /runtemp /addremove
Module linguistique Microsoft .NET Framework 3.5 - fra–>c:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack - fra\setup.exe
Mozilla Firefox (3.0.7)–>C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSVCRT–>MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 6.0 Parser (KB925673)–>MsiExec.exe /I{FE9126DB-5F84-495A-BB46-3C724F1C2D08}
NAPALM 1.0–>“C:\Program Files\NAPALM\unins000.exe”
Need for Speed™ Carbon–>C:\Program Files\Electronic Arts\Need for Speed Carbon\EAUninstall.exe
Nero 6 Ultra Edition–>C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
NFO viewer v 2.1–>“C:\Program Files\NFO viewer\unins000.exe”
Panda Cloud Antivirus–>“C:\Program Files\Panda Security\Panda Cloud Antivirus\Setup.exe” /X{42ABBD6C-422E-4523-B776-2ADD6EEA9C65}
Panda Cloud Antivirus–>MsiExec.exe /X{42ABBD6C-422E-4523-B776-2ADD6EEA9C65}
QuickTime–>MsiExec.exe /I{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}
RayV–>C:\Program Files\RayV\RayV\uninstall.exe
Realtek High Definition Audio Driver–>RunDll32 C:\PROGRA~1\FICHIE~1\InstallShield\Professional\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\setup.exe” -l0x40c -removeonly
Rockstar Games Social Club–>“C:\Program Files\InstallShield Installation Information{08B3869E-D282-424C-9AFC-870E04A4BA14}\setup.exe” -runfromtemp -l0x040c -removeonly
S.T.A.L.K.E.R. - Clear Sky [v1.0008]–>“C:\Program Files\Deep Silver\S.T.A.L.K.E.R. - Clear Sky\unins000.exe”
Satsuki Decoder Pack–>C:\Program Files\Satsuki Decodeur Pack\Uninstall.exe
Segoe UI–>MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
SimCity 4 Deluxe–>C:\Program Files\Maxis\SimCity 4 Deluxe\EAUninstall.exe
Sound Blaster X-Fi–>RunDll32 C:\PROGRA~1\FICHIE~1\InstallShield\Professional\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{18F11181-EA1A-42AE-AF89-4867C7F7A6FA}\SETUP.EXE” -l0x40c /remove
Source SDK Base - Orange Box–>“C:\Program Files\Steam\steam.exe” uninstall…
SpeedFan (remove only)–>“C:\Program Files\SpeedFan\uninstall.exe”
Steam–>MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}
Stronghold Crusader–>RunDll32 C:\PROGRA~1\FICHIE~1\InstallShield\engine\6\Intel 32\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{8C3727F2-8E37-49E4-820C-03B1677F53B6}\setup.exe”
Stronghold–>RunDll32 C:\PROGRA~1\FICHIE~1\InstallShield\engine\6\Intel 32\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information{C917BA70-28A3-4C74-B163-41FD8C8E1A5A}\setup.exe”
Team Fortress 2–>“C:\Program Files\Steam\steam.exe” uninstall…
TeamSpeak 2 RC2–>“C:\Program Files\Teamspeak2_RC2\unins000.exe”
Tom Clancy’s H.A.W.X–>“C:\Program Files\InstallShield Installation Information{6E36A172-06FB-4BC8-B7FC-D30D219E6776}\setup.exe” -runfromtemp -l0x040c -removeonly
Universal Extractor 1.6–>“C:\Program Files\Universal Extractor\unins000.exe”
Windows Imaging Component–>“C:\WINDOWS$NtUninstallWIC$\spuninst\spuninst.exe”
Windows Live Call–>MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
Windows Live Communications Platform–>MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
Windows Live Mail–>MsiExec.exe /I{63DC2DA0-2A6C-4C38-9249-B75395458657}
Windows Live Messenger–>MsiExec.exe /X{059C042E-796A-4ACC-A81A-ECC2010BB78C}
Windows Live Toolbar–>MsiExec.exe /X{F7D27C70-90F5-49B9-B188-0A133C0CE353}
Windows Live Writer–>MsiExec.exe /X{2231CE39-B963-4B9D-823A-F412ECA637B1}
Windows Media Format 11 runtime–>“C:\Program Files\Windows Media Player\wmsetsdk.exe” /UninstallAll
Windows Media Format 11 runtime–>“C:\WINDOWS$NtUninstallWMFDist11$\spuninst\spuninst.exe”
Windows Presentation Foundation–>MsiExec.exe /X{BAF78226-3200-4DB4-BE33-4D922A799840}
Windows XP Service Pack 3–>“C:\WINDOWS$NtServicePackUninstall$\spuninst\spuninst.exe”
WinISO 5.3–>“C:\Program Files\WinISO\unins000.exe”
World of Warcraft–>C:\Program Files\Fichiers communs\Blizzard Entertainment\Wrath of the Lich King\Uninstall.exe
Wow Cartographe 1.09–>C:\Program Files\WowCartographe\uninst.exe
XML Paper Specification Shared Components Language Pack 1.0–>“C:\WINDOWS$NtUninstallXPSEPSCLP$\spuninst\spuninst.exe”

======Security center information======

AV: Panda Cloud Antivirus

======System event log======

Computer Name: TITANIUM
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service PnkBstrK.

Record Number: 8229
Source Name: Service Control Manager
Time Written: 20090527143507.000000+120
Event Type: Informations
User: AUTORITE NT\SYSTEM

Computer Name: TITANIUM
Event Code: 7036
Message: Le service PnkBstrB est entré dans l’état : en cours d’exécution.

Record Number: 8228
Source Name: Service Control Manager
Time Written: 20090527143320.000000+120
Event Type: Informations
User:

Computer Name: TITANIUM
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service PnkBstrB.

Record Number: 8227
Source Name: Service Control Manager
Time Written: 20090527143320.000000+120
Event Type: Informations
User: AUTORITE NT\SYSTEM

Computer Name: TITANIUM
Event Code: 7036
Message: Le service Service de transfert intelligent en arrière-plan est entré dans l’état : en cours d’exécution.

Record Number: 8226
Source Name: Service Control Manager
Time Written: 20090527115919.000000+120
Event Type: Informations
User:

Computer Name: TITANIUM
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service Service de transfert intelligent en arrière-plan.

Record Number: 8225
Source Name: Service Control Manager
Time Written: 20090527115918.000000+120
Event Type: Informations
User: AUTORITE NT\SYSTEM

=====Application event log=====

Computer Name: TITANIUM
Event Code: 1047
Message: Windows ne peut pas lire l’historique des objets de paramètre de groupe à partir du Registre. Le traitement de la stratégie de groupe continue.

Record Number: 1576
Source Name: Userenv
Time Written: 20090220204252.000000+060
Event Type: erreur
User: AUTORITE NT\SYSTEM

Computer Name: TITANIUM
Event Code: 1047
Message: Windows ne peut pas lire l’historique des objets de paramètre de groupe à partir du Registre. Le traitement de la stratégie de groupe continue.

Record Number: 1575
Source Name: Userenv
Time Written: 20090220204252.000000+060
Event Type: erreur
User: AUTORITE NT\SYSTEM

Computer Name: TITANIUM
Event Code: 0
Message:
Record Number: 1574
Source Name: IDriverT
Time Written: 20090220204054.000000+060
Event Type: Informations
User:

Computer Name: TITANIUM
Event Code: 11707
Message: Product: InstallScriptMSIEngine – Installation operation completed successfully.

Record Number: 1573
Source Name: MsiInstaller
Time Written: 20090220204052.000000+060
Event Type: Informations
User: TITANIUM\Administrateur

Computer Name: TITANIUM
Event Code: 1047
Message: Windows ne peut pas lire l’historique des objets de paramètre de groupe à partir du Registre. Le traitement de la stratégie de groupe continue.

Record Number: 1572
Source Name: Userenv
Time Written: 20090220185452.000000+060
Event Type: erreur
User: AUTORITE NT\SYSTEM

======Environment variables======

“ComSpec”=%SystemRoot%\system32\cmd.exe
“Path”=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files\Universal Extractor;C:\Program Files\Universal Extractor\bin;C:\Program Files\QuickTime\QTSystem
“windir”=%SystemRoot%
“FP_NO_HOST_CHECK”=NO
“OS”=Windows_NT
“PROCESSOR_ARCHITECTURE”=x86
“PROCESSOR_LEVEL”=6
“PROCESSOR_IDENTIFIER”=x86 Family 6 Model 15 Stepping 11, GenuineIntel
“PROCESSOR_REVISION”=0f0b
“NUMBER_OF_PROCESSORS”=2
“PATHEXT”=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
“TEMP”=%SystemRoot%\TEMP
“TMP”=%SystemRoot%\TEMP
“DEVMGR_SHOW_DETAILS”=1
“VS90COMNTOOLS”=C:\Program Files\Microsoft Visual Studio 9.0\Common7\Tools
“CLASSPATH”=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip
“QTJAVA”=C:\Program Files\Java\jre6\lib\ext\QTJava.zip
“RGSCLauncher”=C:\Program Files\Rockstar Games\Rockstar Games Social Club
“RGSC”=C:\Program Files\Rockstar Games\Rockstar Games Social Club\1_0_0_0

-----------------EOF-----------------

LOG.TXT

Logfile of random’s system information tool 1.06 (written by random/random)
Run by Administrateur at 2009-07-16 17:12:01
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 15 GB (10%) free of 153 GB
Total RAM: 2047 MB (72% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:12:01, on 16/07/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Creative\Sound Blaster X-Fi\DVDAudio\CTDVDDET.EXE
C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe
C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanel.exe
C:\WINDOWS\CTHELPER.EXE
C:\WINDOWS\system32\CTXFIHLP.EXE
C:\Program Files\Logitech\G-series Software\LGDCore.exe
C:\Program Files\Logitech\G-series Software\LCDMon.exe
C:\WINDOWS\SYSTEM32\CTXFISPI.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Logitech\G-series Software\Applets\LCDMedia.exe
C:\Program Files\Logitech\G-series Software\Applets\LCDClock.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUNMain.exe
C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\Curse\CurseClient.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\Creative\ShareDLL\CADI\NotiMan.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Panda Security\Panda Cloud Antivirus\PSANHost.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Administrateur\Bureau\RSIT.exe
C:\Program Files\trend micro\Administrateur.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = go.microsoft.com…
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.fr…
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.01net.com…
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = go.microsoft.com…
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = go.microsoft.com…
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.01net.com…
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Programme d’aide de l’Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (file missing)
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\fgiebar.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (file missing)
O4 - HKLM…\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM…\Run: [SunJavaUpdateSched] “C:\Program Files\Java\jre6\bin\jusched.exe”
O4 - HKLM…\Run: [CTDVDDET] “C:\Program Files\Creative\Sound Blaster X-Fi\DVDAudio\CTDVDDET.EXE”
O4 - HKLM…\Run: [RCSystem] “C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe” RCSystem * -Startup
O4 - HKLM…\Run: [AudioDrvEmulator] “C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe” -1 AudioDrvEmulator “C:\Program Files\Creative\Shared Files\Module Loader\Audio Emulator\AudDrvEm.dll”
O4 - HKLM…\Run: [VolPanel] “C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanel.exe” /r
O4 - HKLM…\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM…\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM…\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM…\Run: [Launch LGDCore] “C:\Program Files\Logitech\G-series Software\LGDCore.exe” /SHOWHIDE
O4 - HKLM…\Run: [Launch LCDMon] “C:\Program Files\Logitech\G-series Software\LCDMon.exe”
O4 - HKLM…\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM…\Run: [iTunesHelper] “C:\Program Files\iTunes\iTunesHelper.exe”
O4 - HKLM…\Run: [StartCCC] “C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe” MSRun
O4 - HKLM…\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM…\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM…\Run: [QuickTime Task] “C:\Program Files\QuickTime\qttask.exe” -atboottime
O4 - HKLM…\Run: [PSUNMain] “C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUNMain.exe” /Traybar
O4 - HKCU…\Run: [Creative Detector] “C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe” /R
O4 - HKCU…\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU…\Run: [DAEMON Tools Lite] “C:\Program Files\DAEMON Tools Lite\daemon.exe” -autorun
O4 - HKCU…\Run: [CurseClient] C:\Program Files\Curse\CurseClient.exe -silent
O8 - Extra context menu item: &Tout télécharger avec FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: &Télécharger avec FlashGet - C:\Program Files\FlashGet\jc_link.htm
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra ‘Tools’ menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra ‘Tools’ menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\Microsoft Office\Office12\REFIEBAR.DLL
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra ‘Tools’ menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra ‘Tools’ menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - www.zebulon.fr…
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - fichiers.touslesdrivers.com…
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - fpdownload2.macromedia.com…
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: NanoServiceMain - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Cloud Antivirus\PSANHost.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe


End of file - 9898 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll [2003-11-03 54248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{2F364306-AA45-47B5-9F9D-39A8B94E7EF7}]
FGCatchUrl - C:\Program Files\FlashGet\jccatch.dll [2007-08-06 94308]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll [2009-01-14 92504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java™ Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2009-01-20 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d’aide de l’Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java™ Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-01-20 34816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-01-20 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{F156768E-81EF-470C-9057-481BA8380DBA}]
FlashGet GetFlash Class - C:\Program Files\FlashGet\getflash.dll [2007-05-18 163840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{E0E899AB-F487-11D5-8D29-0050BA6940E3} - FlashGet Bar - C:\PROGRA~1\FlashGet\fgiebar.dll [2002-05-27 86016]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll []

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
“NeroFilterCheck”=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
“SunJavaUpdateSched”=C:\Program Files\Java\jre6\bin\jusched.exe [2009-01-20 136600]
“CTDVDDET”=C:\Program Files\Creative\Sound Blaster X-Fi\DVDAudio\CTDVDDET.EXE [2003-06-18 45056]
“RCSystem”=C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe [2005-06-16 49152]
“AudioDrvEmulator”=C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe [2005-06-16 49152]
“VolPanel”=C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanel.exe [2005-07-11 122880]
“CTHelper”=C:\WINDOWS\CTHELPER.EXE [2005-08-08 16384]
“CTxfiHlp”=C:\WINDOWS\system32\CTXFIHLP.EXE [2005-08-08 18944]
“UpdReg”=C:\WINDOWS\UpdReg.EXE [2000-05-11 90112]
“”= []
“Launch LGDCore”=C:\Program Files\Logitech\G-series Software\LGDCore.exe [2005-11-02 1110079]
“Launch LCDMon”=C:\Program Files\Logitech\G-series Software\LCDMon.exe [2005-11-02 188928]
“Logitech Hardware Abstraction Layer”=C:\WINDOWS\KHALMNPR.EXE [2005-07-23 28160]
“iTunesHelper”=C:\Program Files\iTunes\iTunesHelper.exe [2009-01-06 290088]
“StartCCC”=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2008-08-01 61440]
“RTHDCPL”=C:\WINDOWS\RTHDCPL.EXE [2007-03-21 16126464]
“Alcmtr”=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
“QuickTime Task”=C:\Program Files\QuickTime\qttask.exe [2009-01-05 413696]
“PSUNMain”=C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUNMain.exe [2009-04-23 353536]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
“Creative Detector”=C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe [2004-12-02 102400]
“ctfmon.exe”=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]
“DAEMON Tools Lite”=C:\Program Files\DAEMON Tools Lite\daemon.exe [2008-12-29 687560]
“CurseClient”=C:\Program Files\Curse\CurseClient.exe [2009-07-07 1966592]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AGEIA PhysX SysTray]
C:\Program Files\AGEIA Technologies\TrayIcon.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent DNA]
C:\Program Files\DNA\btdna.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EA Core]
C:\Program Files\Electronic Arts\EADM\Core.exe [2009-04-29 3338240]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2005-05-12 49152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RGSC]
C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe [2009-04-08 306088]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Start WingMan Profiler]
C:\Program Files\Logitech\Gaming Software\LWEMon.exe [2007-09-25 93208]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
C:\Program Files\Steam\Steam.exe [2009-06-13 1217784]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Administrateur^Menu Démarrer^Programmes^Démarrage^hamachi.lnk]
C:\PROGRA~1\Hamachi\hamachi.exe [2009-06-23 625952]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^HP Digital Imaging Monitor.lnk]
C:\PROGRA~1\HP\Digital Imaging\bin\hpqtra08.exe [2005-05-12 282624]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Logitech SetPoint.lnk]
C:\PROGRA~1\Logitech\SetPoint\SetPoint.exe [2005-08-04 528384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2008-08-21 143360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
“dontdisplaylastusername”=0
“legalnoticecaption”=
“legalnoticetext”=
“shutdownwithoutlogon”=1
“undockwithoutlogon”=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
“NoDriveTypeAutoRun”=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
“NoDriveTypeAutoRun”=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
“%windir%\system32\sessmgr.exe”="%windir%\system32\sessmgr.exe::enabled:@xpsp2res.dll,-22019"
“C:\Program Files\Electronic Arts\EADM\Core.exe”="C:\Program Files\Electronic Arts\EADM\Core.exe:
:Enabled:EA Download Manager"
“C:\Program Files\eMule\emule.exe”=“C:\Program Files\eMule\emule.exe::Enabled:eMule"
“C:\Program Files\EA GAMES\Battlefield 2\BF2.exe”="C:\Program Files\EA GAMES\Battlefield 2\BF2.exe:
:Enabled:Battlefield 2”
“C:\Program Files\Electronic Arts\Need for Speed Carbon\nfsc.exe”=“C:\Program Files\Electronic Arts\Need for Speed Carbon\nfsc.exe::Enabled:nfsc"
“C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE”="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:
:Enabled:Microsoft Office Outlook”
“C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe”=“C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe::Enabled:hpqste08.exe"
“C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe”="C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:
:Enabled:hpofxm08.exe”
“C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe”=“C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe::Enabled:hposfx08.exe"
“C:\Program Files\HP\Digital Imaging\bin\hposid01.exe”="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:
:Enabled:hposid01.exe”
“C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe”=“C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe::Enabled:hpqscnvw.exe"
“C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe”="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:
:Enabled:hpqkygrp.exe”
“C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe”=“C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe::Enabled:hpqcopy.exe"
“C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe”="C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:
:Enabled:hpfccopy.exe”
“C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe”=“C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe::Enabled:hpzwiz01.exe"
“C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe”="C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:
:Enabled:hpqphunl.exe”
“C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe”=“C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe::Enabled:hpoews01.exe"
“C:\Program Files\Ubisoft\Ghost Recon Advanced Warfighter\GRAW.exe”="C:\Program Files\Ubisoft\Ghost Recon Advanced Warfighter\GRAW.exe:
:Enabled:GRAW”
“C:\Program Files\LimeWire\LimeWire.exe”=“C:\Program Files\LimeWire\LimeWire.exe::Enabled:LimeWire"
“C:\Program Files\Steam\steamapps\rali\insurgency\hl2.exe”="C:\Program Files\Steam\steamapps\rali\insurgency\hl2.exe:
:Enabled:hl2”
“C:\Program Files\Steam\steamapps\rali\team fortress 2\hl2.exe”=“C:\Program Files\Steam\steamapps\rali\team fortress 2\hl2.exe::Enabled:hl2"
“C:\Program Files\iTunes\iTunes.exe”="C:\Program Files\iTunes\iTunes.exe:
:Enabled:iTunes”
“C:\Program Files\Steam\steamapps\rali\counter-strike source\hl2.exe”=“C:\Program Files\Steam\steamapps\rali\counter-strike source\hl2.exe::Enabled:hl2"
“C:\Program Files\BitTorrent\bittorrent.exe”="C:\Program Files\BitTorrent\bittorrent.exe:
:Enabled:BitTorrent”
“C:\Program Files\Microsoft Games\Age of Empires III\age3.exe”=“C:\Program Files\Microsoft Games\Age of Empires III\age3.exe::Enabled:Age of Empires 3"
“C:\Program Files\Windows Live\Messenger\wlcsdk.exe”="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:
:Enabled:Windows Live Call”
“C:\Program Files\Steam\steamapps\rali\counter-strike\hl.exe”=“C:\Program Files\Steam\steamapps\rali\counter-strike\hl.exe::Enabled:Half-Life Launcher"
“C:\Program Files\Deep Silver\S.T.A.L.K.E.R. - Clear Sky\bin\xrEngine.exe”="C:\Program Files\Deep Silver\S.T.A.L.K.E.R. - Clear Sky\bin\xrEngine.exe:
:Enabled:S.T.A.L.K.E.R. - Clear Sky (CLI)”
“C:\Program Files\Deep Silver\S.T.A.L.K.E.R. - Clear Sky\bin\dedicated\xrEngine.exe”=“C:\Program Files\Deep Silver\S.T.A.L.K.E.R. - Clear Sky\bin\dedicated\xrEngine.exe::Enabled:S.T.A.L.K.E.R. - Clear Sky (SRV)"
“C:\Program Files\Steam\steamapps\rali\source sdk base 2007\hl2.exe”="C:\Program Files\Steam\steamapps\rali\source sdk base 2007\hl2.exe:
:Enabled:hl2”
“C:\Program Files\GameSpy Arcade\Aphex.exe”=“C:\Program Files\GameSpy Arcade\Aphex.exe::Enabled:GameSpy Arcade"
“C:\Program Files\ma-config.com\maconfservice.exe”=“C:\Program Files\ma-config.com\maconfservice.exe:LocalSubNet:Enabled:maconfservice”
“C:\Program Files\Steam\steamapps\rali\day of defeat source\hl2.exe”="C:\Program Files\Steam\steamapps\rali\day of defeat source\hl2.exe:
:Enabled:hl2”
“C:\Program Files\TeamViewer\Version4\TeamViewer.exe”=“C:\Program Files\TeamViewer\Version4\TeamViewer.exe::Enabled:Application de pilotage à distance TeamViewer"
“C:\Program Files\FlashGet\flashget.exe”="C:\Program Files\FlashGet\flashget.exe:
:Enabled:Flashget”
“C:\C&C\game.dat”=“C:\C&C\game.dat::Enabled:game"
“C:\Program Files\Ubisoft\Tom Clancy’s H.A.W.X\HAWX.exe”="C:\Program Files\Ubisoft\Tom Clancy’s H.A.W.X\HAWX.exe:
:Enabled:Tom Clancy’s H.A.W.X”
“C:\Program Files\Ubisoft\Tom Clancy’s H.A.W.X\HAWX_dx10.exe”=“C:\Program Files\Ubisoft\Tom Clancy’s H.A.W.X\HAWX_dx10.exe::Enabled:Tom Clancy’s H.A.W.X"
“C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe”="C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe:
:Enabled:Rockstar Games Social Club”
“%windir%\Network Diagnostic\xpnetdiag.exe”="%windir%\Network Diagnostic\xpnetdiag.exe::Enabled:@xpsp3res.dll,-20000"
“C:\Program Files\Windows Live\Messenger\msnmsgr.exe”="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:
:Enabled:Windows Live Messenger"
“C:\C&C\C&C Heure H\game.dat”=“C:\C&C\C&C Heure H\game.dat::Enabled:game"
“C:\Documents and Settings\Administrateur\Mes documents\Ma musique\mohamed\WOW\World of Warcraft\WoW-3.0.1-to-3.0.2-frFR-Win-Update-downloader.exe”="C:\Documents and Settings\Administrateur\Mes documents\Ma musique\mohamed\WOW\World of Warcraft\WoW-3.0.1-to-3.0.2-frFR-Win-Update-downloader.exe:
:Enabled:Blizzard Downloader”
“C:\Documents and Settings\Administrateur\Mes documents\Ma musique\mohamed\WOW\World of Warcraft\Launcher.exe”=“C:\Documents and Settings\Administrateur\Mes documents\Ma musique\mohamed\WOW\World of Warcraft\Launcher.exe::Enabled:Blizzard Launcher"
“C:\Program Files\Curse\CurseClient.exe”="C:\Program Files\Curse\CurseClient.exe:
:Enabled:Curse Client”
“C:\Program Files\RayV\RayV\RayV.dll”=“C:\Program Files\RayV\RayV\RayV.dll:*:Enabled:RayV”

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
“%windir%\system32\sessmgr.exe”="%windir%\system32\sessmgr.exe::enabled:@xpsp2res.dll,-22019"
“C:\Program Files\Windows Live\Messenger\wlcsdk.exe”="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:
:Enabled:Windows Live Call"
“%windir%\Network Diagnostic\xpnetdiag.exe”="%windir%\Network Diagnostic\xpnetdiag.exe::Enabled:@xpsp3res.dll,-20000"
“C:\Program Files\Windows Live\Messenger\msnmsgr.exe”="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:
:Enabled:Windows Live Messenger"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2{6157a81a-fdb1-11dd-acd1-001d60c94b04}]
shell\AutoRun\command - I:\LaunchU3.exe -a

======List of files/folders created in the last 1 months======

2009-07-16 17:10:07 ----D---- C:\rsit
2009-07-16 17:10:07 ----D---- C:\Program Files\trend micro
2009-07-15 14:20:45 ----D---- C:\Documents and Settings\Administrateur\Application Data\RayV
2009-07-13 19:56:47 ----D---- C:\WINDOWS\BDOSCAN8
2009-07-12 23:17:18 ----D---- C:\Documents and Settings\Administrateur\Application Data\Image Zone Express
2009-07-05 00:21:25 ----D---- C:\Program Files\WowCartographe
2009-06-26 20:30:09 ----A---- C:\WINDOWS\system32\CmdLineExt.dll
2009-06-26 19:26:21 ----D---- C:\Program Files\Curse
2009-06-26 16:37:21 ----D---- C:\Program Files\Fichiers communs\Blizzard Entertainment
2009-06-26 16:30:08 ----D---- C:\Documents and Settings\All Users\Application Data\Blizzard
2009-06-23 21:51:01 ----D---- C:\Documents and Settings\Administrateur\Application Data\Hamachi
2009-06-23 21:50:40 ----D---- C:\Program Files\Hamachi
2009-06-18 21:31:50 ----D---- C:\Documents and Settings\Administrateur\Application Data\teamspeak2
2009-06-18 21:31:38 ----D---- C:\Program Files\Teamspeak2_RC2

======List of files/folders modified in the last 1 months======

2009-07-16 17:11:55 ----D---- C:\Program Files
2009-07-16 17:10:14 ----D---- C:\WINDOWS\Temp
2009-07-16 17:09:44 ----D---- C:\Program Files\FlashGet
2009-07-16 17:09:42 ----D---- C:\Downloads
2009-07-16 17:04:36 ----D---- C:\WINDOWS\system32\drivers
2009-07-16 16:43:46 ----D---- C:\WINDOWS\system32\CatRoot2
2009-07-16 06:43:19 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-07-15 20:15:20 ----D---- C:\Program Files\Steam
2009-07-15 17:45:39 ----A---- C:\WINDOWS\system32\PnkBstrB.exe
2009-07-15 14:19:26 ----D---- C:\WINDOWS\Prefetch
2009-07-15 14:09:11 ----A---- C:\WINDOWS\NeroDigital.ini
2009-07-14 20:11:26 ----D---- C:\WINDOWS\system32\config
2009-07-14 15:54:55 ----D---- C:\WINDOWS\system32
2009-07-14 11:54:30 ----D---- C:\WINDOWS
2009-07-13 21:53:26 ----D---- C:\Program Files\Mozilla Firefox
2009-07-13 19:56:50 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-07-13 19:56:47 ----HD---- C:\WINDOWS\inf
2009-06-28 23:17:22 ----ASH---- C:\boot.ini
2009-06-28 23:17:22 ----A---- C:\WINDOWS\win.ini
2009-06-28 23:17:22 ----A---- C:\WINDOWS\system.ini
2009-06-28 23:17:20 ----D---- C:\WINDOWS\pss
2009-06-26 17:37:40 ----D---- C:\Program Files\Fichiers communs
2009-06-26 16:33:42 ----D---- C:\Program Files\Rockstar Games
2009-06-26 16:33:26 ----HD---- C:\Program Files\InstallShield Installation Information

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 40576]
R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14720]
R1 prodrv06;StarForce Protection Environment Driver v6; C:\WINDOWS\System32\drivers\prodrv06.sys [2004-08-09 53920]
R1 PSINKNC;PSINKNC; C:\WINDOWS\system32\DRIVERS\psinknc.sys [2009-04-23 113928]
R1 WS2IFSL;Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-08-24 12032]
R2 Aspi32;Aspi32; C:\WINDOWS\system32\drivers\Aspi32.sys [2002-07-17 16877]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2009-03-04 279712]
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2009-03-04 25888]
R2 PSINAflt;PSINAflt; C:\WINDOWS\system32\DRIVERS\PSINAflt.sys [2009-04-23 136968]
R2 PSINFile;PSINFile; C:\WINDOWS\system32\DRIVERS\PSINFile.sys [2009-04-23 92552]
R2 PSINProc;PSINProc; C:\WINDOWS\system32\DRIVERS\PSINProc.sys [2009-04-23 98056]
R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 AtcL001;NDIS Miniport Driver for Attansic L1 Gigabit Ethernet Controller; C:\WINDOWS\system32\DRIVERS\atl01_xp.sys [2007-03-15 38656]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2008-08-21 3299840]
R3 ctac32k;Creative AC3 Software Decoder; C:\WINDOWS\system32\drivers\ctac32k.sys [2005-08-07 501760]
R3 ctaud2k;Creative Audio Driver (WDM); C:\WINDOWS\system32\drivers\ctaud2k.sys [2005-08-07 439424]
R3 ctprxy2k;Creative Proxy Driver; C:\WINDOWS\system32\drivers\ctprxy2k.sys [2005-08-07 7168]
R3 ctsfm2k;Creative SoundFont Management Device Driver; C:\WINDOW