Cette Hijack Log - Je crois que j'ai une clé de journalisation

WoW Mon compte a été piraté à deux reprises de sorte que je sais sans doute que j'ai / enregistreur a une clé. Ive fait plusieurs nettoyages de spyware, et j'ai besoin d'une confirmation.

Logfile de Trend Micro HijackThis v2.0.2
Scan sauvé à 12:35:52 PM, le 8.20.2009
Plate-forme: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C: \ WINDOWS \ System32 \ smss.exe
C: \ WINDOWS \ system32 \ winlogon. exe
C: \ WINDOWS \ system32 \ services.exe
C: \ WINDOWS \ system32 \ lsass.exe
C: \ WINDOWS \ system32 \ Ati2evxx.exe
C: \ WINDOWS \ system32 \ svchost.exe
C: \ Program Files \ COMODO \ COMODO Internet Security \ cmdagent.exe
C: \ WINDOWS \ system32 \ svchost.exe
C: \ WINDOWS \ system32 \ Ati2evxx.exe
C: \ WINDOWS \ system32 \ spoolsv.exe
C: \ WINDOWS \ Explorer.EXE
C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe
C: \ Program Files \ Bonjour \ mDNSResponder. exe
C: \ WINDOWS \ System32 \ svchost.exe
C: \ Program Files \ Viewpoint \ Common \ ViewpointService.exe
C: \ Program Files \ ATI Technologies \ ATI.ACE \ Core-Static \ MOM.exe
C: \ Program Files \ Fichiers communs \ Logitech \ G-series Software \ LGDCore.exe
C: \ Program Files \ iTunes \ iTunesHelper.exe
C: \ Program Files \ AIM6 \ aim6.exe
C: \ WINDOWS \ system32 \ ctfmon.exe
C: \ WINDOWS \ System32 \ msiexec.exe
C: \ WINDOWS \ system32 \ wscntfy.exe
C: \ Program Files \ iPod \ bin \ iPodService.exe
C: \ WINDOWS \ System32 \ svchost. exe
C: \ Program Files \ ATI Technologies \ ATI.ACE \ Core-Static \ CCC.exe
C: \ Program Files \ Mozilla Firefox \ firefox.exe
E: \ Program Files \ HijackThis. exe

R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://www.homestarrunner.com/
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU \ Software \ Microsoft \ Windows \ CurrentVersion \ Internet Settings, ProxyServer =: 0
R1 - HKCU \ Software \ Microsoft \ Windows \ CurrentVersion \ Internet Settings, ProxyOverride = *. local
O1 - Hosts: 216.107.250.194 nProtect.lineage2.com
O1 - Hosts: 78.46.49.106 L2authd.lineage2.com
O2 - BHO: AcroIEHelperStub - (18DF081C-E8AD-4283-A596-FA578C2EBDC3) - C: \ Program Files \ Fichiers communs \ Adobe \ Acrobat \ ActiveX \ AcroIEHelperShim.dll
O2 - BHO: Java (tm) Plug-In 2 SSV Helper - (DBC80044-A445-435b-BC74-9C25C1C588A9) - C: \ Program Files \ Java \ jre6 \ bin \ jp2ssv. dll (file missing)
O4 - HKLM \ .. \ Run: [D-Link RangeBooster G WDA-2320] C: \ Program Files \ D-Link \ RangeBooster G WDA-2320 \ AirPlusCFG.exe
O4 - HKLM \ .. \ Run: [StartCCC] "C: \ Program Files \ ATI Technologies \ ATI.ACE \ Core-Static \ CLIStart.exe"
O4 - HKLM \ .. \ Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM \ .. \ Run: [SkyTel] SkyTel.EXE
O4 - HKLM \ .. \ Run: [Alcmtr] alcmtr.exe
O4 - HKLM \ .. \ Run: [UserFaultCheck]% systemroot% \ system32 \ dumprep 0-u
O4 - HKLM \ .. \ Run: [Adobe Reader Speed Launcher] "C: \ Program Files \ Adobe \ Reader 9.0 \ Reader \ Reader_sl.exe"
O4 - HKLM \ .. \ Run: [Launch LGDCore] "C: \ Program Files \ Fichiers communs \ Logitech \ G-series Software \ LGDCore.exe" / affichermasquer
O4 - HKLM \ .. \ Run: [QuickTime Task] "C: \ Program Files \ QuickTime \ QTTask.exe"-atboottime
O4 - HKLM \ .. \ Run: [iTunesHelper] "C: \ Program Files \ iTunes \ iTunesHelper.exe"
O4 - HKLM \ .. \ Run: [ISUSPM Startup] C: \ PROGRA ~ 1 \ Common ~ 1 \ INSTAL ~ 1 \ UPDATE ~ 1 \ ISUSPM.exe-startup
O4 - HKLM \ .. \ Run: [COMODO Internet Security] "C: \ Program Files \ COMODO \ COMODO Internet Security \ cfp.exe"-h
O4 - HKCU \ .. \ Run: [Aim6] "C: \ Program Files \ AIM6 \ aim6.exe" / d locale = fr-FR ee://aol/imApp
O4 - HKCU \ .. \ Run: [ctfmon.exe] C: \ WINDOWS \ system32 \ ctfmon.exe
O8 - Extra du menu contextuel: E & xporter vers Microsoft Excel -- res://C : \ PROGRA ~ 1 \ MICROS ~ 2 \ Office12 \ EXCEL. EXE/3000
O9 - Extra button: Research - (92780B25-18CC-41C8-B9BE-3C9C571A8263) - C: \ PROGRA ~ 1 \ MICROS ~ 2 \ Office12 \ REFIEBAR.DLL
O9 - Extra button: (no name) - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe
O9 - Extra "Outils" menuitem: @ xpsp3res.dll, -20001 - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe
O9 - Extra button: Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs. exe (file missing)
O9 - Extra "Outils" menuitem: Windows Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe (file missing)
O16 - DPF: (D27CDB6E-AE6D-11CF-96B8-444553540000) (Shockwave Flash Object) -- http://fpdownload2.macromedia.com/get/s ... wflash.cab
O20 - AppInit_DLLs:, C: \ DOCUME ~ 1 \ Garr \ LOCALS ~ 1 \ Temp \ 11938kou.dll C: \ WINDOWS \ system32 \ guard32.dll
O23 - Service: Adobe LM Service - Adobe Systems - C: \ Program Files \ Fichiers communs \ Adobe Systems Shared \ Service \ Adobelmsvc. exe
O23 - Service: Service ANIWZCSd (ANIWZCSdService) - Unknown owner - C: \ Program Files \ ANI \ ANIWZCS2 Service \ ANIWZCSdS.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc - C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc - C: \ WINDOWS \ system32 \ Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C: \ WINDOWS \ system32 \ ati2sgag. exe
O23 - Service: Bonjour Service - Apple Inc - C: \ Program Files \ Bonjour \ mDNSResponder.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C: \ Program Files \ COMODO \ COMODO Internet Security \ cmdagent.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Unknown owner - C: \ Program Files \ Fichiers communs \ InstallShield \ Driver \ 11 \ Intel 32 \ IDriverT. exe (file missing)
O23 - Service: InstallShield Licensing Service - Macrovision - C: \ Program Files \ Fichiers communs \ InstallShield Shared \ Service \ InstallShield Licensing service.exe
O23 - Service: iPod Service - Apple Inc - C: \ Program Files \ iPod \ bin \ iPodService.exe
O23 - Service: Service nProtect GameGuard (npggsvc) - Unknown owner - C: \ WINDOWS \ system32 \ GameMon.des. exe (file missing)
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C: \ Program Files \ Viewpoint \ Common \ ViewpointService.exe

--
Fin de file - 6159 bytes

R1 - HKCU \ Software \ Microsoft \ Windows \ CurrentVersion \ Internet Settings, ProxyServer =: 0

O1 - Hosts: 216.107.250.194 nProtect.lineage2.com
O1 - Hosts: 78.46.49.106 L2authd.lineage2.com

Avez-vous entre ces adresses IP dans votre fichier hosts? Si non les supprimer.

O20 - AppInit_DLLs:, C: \ DOCUME ~ 1 \ Garr \ LOCALS ~ 1 \ Temp \ 11938kou.dll C: \ WINDOWS \ system32 \ guard32.dll

Merci beaucoup pour votre aide. J'ai supprimé par le biais de leur Hijack, c'est que tout ce que j'ai besoin de faire?

Télécharger, mettre à jour et courez la lutte contre les logiciels malveillants de malwarebytes.org