Keyloggers - la façon de dépister et de se débarrasser?

salut il ya, d'un nouvel utilisateur dans le ici! please help me vérifier si j'ai reçu un keylogger ^ ^

Logfile de HijackThis v1.99.1
Scan sauvé à 1:41:40 AM, le 1.31.2008
Plate-forme: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)

Running processes:
C: \ WINDOWS \ System32 \ smss.exe
C: \ WINDOWS \ system32 \ winlogon.exe
C: \ WINDOWS \ system32 \ services.exe
C: \ WINDOWS \ system32 \ lsass.exe
C: \ WINDOWS \ system32 \ svchost.exe
C: \ WINDOWS \ System32 \ svchost.exe
C: \ WINDOWS \ system32 \ spoolsv.exe
C: \ WINDOWS \ system32 \ cisvc. exe
C: \ WINDOWS \ Explorer.EXE
C: \ WINDOWS \ system32 \ Rundll32.exe
C: \ Program Files \ Fichiers communs \ Real \ Update_OB \ realsched.exe
C: \ WINDOWS \ system32 \ igfxtray.exe
C: \ WINDOWS \ system32 \ hkcmd.exe
C: \ WINDOWS \ system32 \ igfxpers.exe
C: \ Program Files \ Messenger \ msmsgs.exe
C: \ WINDOWS \ system32 \ ctfmon.exe
C: \ WINDOWS \ System32 \ svchost.exe
C: \ WINDOWS \ system32 \ igfxsrvc.exe
C: \ WINDOWS \ system32 \ Wuauclt.exe
C: \ Program Files \ Internet Explorer \ iexplore. exe
C: \ WINDOWS \ system32 \ wscntfy.exe
C: \ Program Files \ Webroot \ Spy Sweeper \ spysweeper.exe
C: \ Program Files \ HijackThis \ HijackThis. exe

R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R3 - URLSearchHook: (no name) - (0579B4B6-0293-4d73-B02D-5EBB0BA0F0A2) - C: \ Program Files \ AskSBar \ SrchAstt \ 1.bin \ A2SRCHAS. DLL
R3 - URLSearchHook: (no name) - (00A6FAF6-072E-44cf-8957-5838F569A31D) - C: \ Program Files \ MyWebSearch \ SrchAstt \ 2.bin \ MWSSRCAS.DLL
O2 - BHO: MyWebSearch Search Assistant BHO - (00A6FAF1-072E-44cf-8957-5838F569A31D) - C: \ Program Files \ MyWebSearch \ SrchAstt \ 2.bin \ MWSSRCAS.DLL
O2 - BHO: Ask Search Assistant BHO - (0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2) - C: \ Program Files \ AskSBar \ SrchAstt \ 1.bin \ A2SRCHAS. DLL
O2 - BHO: Adobe PDF Reader Link Helper - (06849E9F-C8D7-4D59-B87D-784B7D6BE0B3) - C: \ Program Files \ Adobe \ Acrobat 7.0 \ ActiveX \ AcroIEHelper.dll
O2 - BHO: RealPlayer Téléchargez et Record Plugin for Internet Explorer - (3049C3E9-B461-4BC5-8870-4C09146192CA) - C: \ Program Files \ Real \ RealPlayer \ rpbrowserrecordplugin.dll
O2 - BHO: Megaupload Toolbar - (4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C) - C: \ PROGRA ~ 1 \ MEGAUP ~ 1 \ MEGAUP ~ 1. DLL
O2 - BHO: Google Toolbar Helper - (AA58ED58-01DD-4d91-8333-CF10577473F7) - c: \ program files \ google \ googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - (AF69DE43-7D58-4638-B6FA-CE66B5AD205D) - C: \ Program Files \ Google \ GoogleToolbarNotifier \ 2.0.301.7164 \ swg.dll
O2 - BHO: Ask Toolbar BHO - (F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA) - C: \ Program Files \ AskSBar \ bar \ 1.bin \ ASKSBAR. DLL
O3 - Toolbar: (no name) - (0BF43445-2F28-4351-9252-17FE6E806AA0) - (no file)
O3 - Toolbar: Ask Toolbar - (F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA) - C: \ Program Files \ AskSBar \ bar \ 1.bin \ ASKSBAR.DLL
O3 - Toolbar: & Google - (2318C2B1-4965-11D4-9B18-009027A5CD4F) - c: \ program files \ google \ googletoolbar1.dll
O3 - Toolbar: Megaupload Toolbar - (4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C) - C: \ PROGRA ~ 1 \ MEGAUP ~ 1 \ MEGAUP ~ 1.DLL
O4 - HKLM \ .. \ Run: [Cmaudio] RunDll32 cmicnfg. cpl, CMICtrlWnd
O4 - HKLM \ .. \ Run: [LogMeIn GUI] "C: \ Program Files \ LogMeIn \ x86 \ LogMeInSystray.exe"
O4 - HKLM \ .. \ Run: [PCTAVApp] "C: \ Program Files \ PC Tools AntiVirus \ PCTAV.exe" / MONITORSCAN
O4 - HKLM \ .. \ Run: [TkBellExe] "C: \ Program Files \ Fichiers communs \ Real \ Update_OB \ realsched.exe"-osboot
O4 - HKLM \ .. \ Run: [igfxtray] C: \ WINDOWS \ system32 \ igfxtray.exe
O4 - HKLM \ .. \ Run: [igfxhkcmd] C: \ WINDOWS \ system32 \ hkcmd.exe
O4 - HKLM \ .. \ Run: [igfxpers] C: \ WINDOWS \ system32 \ igfxpers.exe
O4 - HKLM \ .. \ Run: [KernelFaultCheck] C: \ WINDOWS \ system32 \ dumprep 0-k
O4 - HKLM \ .. \ Run: [SpySweeper] "C: \ Program Files \ Webroot \ Spy Sweeper \ SpySweeperUI.exe" / startintray
O4 - HKCU \ .. \ Run: [MSMSGS] "C: \ Program Files \ Messenger \ msmsgs.exe" / background
O4 - HKCU \ .. \ Run: [Steam] C: \ Valve \ Steam \ Steam.exe-silent
O4 - HKCU \ .. \ Run: [ctfmon.exe] C: \ WINDOWS \ system32 \ ctfmon. exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C: \ Program Files \ Adobe \ Acrobat 7.0 \ Reader \ reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C: \ Program Files \ Microsoft Office \ Office10 \ Osa.exe
O8 - Extra du menu contextuel: E & xporter vers Microsoft Excel -- res://C : \ PROGRA ~ 1 \ MICROS ~ 2 \ Office10 \ EXCEL.EXE/3000
O9 - Extra button: Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs. exe
O9 - Extra "Outils" menuitem: Windows Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
O11 - Options group: [INTERNATIONAL] international *
O12 - Plugin for. Spop: C: \ Program Files \ Internet Explorer \ Plugins \ NPDocBox.dll
O16 - DPF: (149E45D8-163E-4189-86FC-45022AB2B6C9) (SpinTop DRM Control) - file: / / / C: / Program% 20Files/Big% 20City% 20Adventure/Images/stg_drm. ocx
O16 - DPF: (1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB) -- http://ak.exe.imgfarm.com/images/nocach ... 0.15-3.cab
O16 - DPF: (39B0684F-D7BF-4743-B050-FDC3F48F7E3B) -- http://www.fileplanet.com/fpdlmgr/cabs/ ... .6.108.cab
O16 - DPF: (4F1E5B1A-2A80-42CA-8532-2D05CB959537) (MSN Photo Upload Tool) -- http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: (55027008-315F-4F45-BBC3-8BE119764741) (Slide Image Uploader Control) -- http://static.slide.com/uploader/SlideImageUploader.cab
O16 - DPF: (CC450D71-CC90-424C-8638-1F2DBAC87A54) (ArmHelper Control) - file: / / / C: / Program% 20Files/Amazing% 20Adventures% 20the% 20Lost% 20Tomb/Images/armhelper. ocx
O17 - HKLM \ System \ CCS \ Services \ Tcpip \ .. \ (30BD8329-4B33-4E6D-B64D-DB40BD039A77): NameServer = 202.188.0.133,202.188.1.5
O17 - HKLM \ System \ CCS \ Services \ Tcpip \ .. \ (EA29F9AE-4F42-84B8-98D0-45D2E414EB32): NameServer = 202.188.0.133 202.188.1.5
O17 - HKLM \ System \ CS1 \ Services \ Tcpip \ .. \ (30BD8329-4B33-4E6D-B64D-DB40BD039A77): NameServer = 202.188.0.133,202.188.1.5
O17 - HKLM \ System \ CS2 \ Services \ Tcpip \ .. \ (30BD8329-4E6D-4B33-B64D-DB40BD039A77): NameServer = 202.188.0.133,202.188.1. 5
O20 - Winlogon Notify: ComPlusSetup - C: \ WINDOWS \ system32 \ catsrvut.dll
O20 - Winlogon Notify: igfxcui - C: \ WINDOWS \ SYSTEM32 \ igfxdev.dll
O20 - Winlogon Notify: LMIinit - C: \ WINDOWS \ SYSTEM32 \ LMIinit.dll
O20 - Winlogon Notify: WgaLogon - C: \ WINDOWS \
O20 - Winlogon Notify: WRNotifier - C: \ WINDOWS \ SYSTEM32 \ WRLogonNTF.dll
O23 - Service: PC Tools AntiVirus Engine (PCTAVSvc) - Unknown owner - C: \ Program Files \ PC Tools AntiVirus \ PCTAVSvc. exe (file missing)
O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc - C: \ Program Files \ Webroot \ Spy Sweeper \ spysweeper.exe

Qu'est-ce qui vous pensez que vous avez une clé de journalisation?

Redémarrez en mode sans échec (F8 détiennent que l'ordinateur est le démarrage) et fixer les entrées suivantes en utilisant HijackThis:

u vry remercie beaucoup ^ ^

Hey si vous avez l'ensemble de McAfee Internet Security Suite peut que déceler un keyloger?

Il suffit de télécharger HijackThis: http://www.whatthetech.com/hijackthis_v2/

Et d'après le fichier de log pour quelqu'un d'ici à regarder, ou vous pouvez utiliser AnalyzeThis de HijackThis.

Je sais que je n'ai pas un keylogger pour le moment, mais je demande simplement de côté, comme si je faisais un. Ou pourrait-il au moins détecter et de vous faire savoir?

Logfile de HijackThis v1.99.1
Scan sauvé à 7:46:12 AM, le 2.5.2008
Plate-forme: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)

Running processes:
C: \ WINDOWS \ System32 \ smss.exe
C: \ WINDOWS \ system32 \ csrss.exe
C: \ WINDOWS \ system32 \ winlogon.exe
C: \ WINDOWS \ system32 \ services.exe
C: \ WINDOWS \ system32 \ lsass.exe
C: \ WINDOWS \ system32 \ Ati2evxx.exe
C: \ WINDOWS \ system32 \ svchost.exe
C: \ WINDOWS \ system32 \ svchost. exe
C: \ Program Files \ Windows Defender \ MsMpEng.exe
C: \ WINDOWS \ System32 \ svchost.exe
C: \ WINDOWS \ System32 \ svchost.exe
C: \ WINDOWS \ system32 \ Ati2evxx.exe
C: \ WINDOWS \ System32 \ svchost.exe
C: \ WINDOWS \ system32 \ spoolsv.exe
C: \ PROGRA ~ 1 \ Common ~ 1 \ AOL \ ACS \ acsd.exe
C: \ Program Files \ Grisoft \ AVG Anti-Spyware 7.5 \ guard.exe
C: \ WINDOWS \ system32 \ Cisvc.exe
C: \ WINDOWS \ System32 \ CTsvcCDA.exe
C: \ Program Files \ Common Files \ Authentium \ AntiVirus \ dvpapi. exe
C: \ Program Files \ Intel \ Intel Matrix Storage Manager \ Iaantmon.exe
C: \ PROGRA ~ 1 \ Iomega \ System32 \ AppServices.exe
C: \ WINDOWS \ system32 \ PnkBstrA.exe
C: \ Program Files \ Spyware Doctor \ svcntaux.exe
C: \ Program Files \ Spyware Doctor \ swdsvc.exe
C: \ Program Files \ Viewpoint \ Common \ ViewpointService.exe
C: \ WINDOWS \ wanmpsvc.exe
C: \ WINDOWS \ system32 \ MsPMSPSv.exe
C: \ WINDOWS \ System32 \ alg.exe
C: \ Program Files \ Spyware Doctor \ SDTrayApp.exe
C: \ WINDOWS \ Explorer. EXE
C: \ Program Files \ Intel \ Intel Matrix Storage Manager \ Iaanotif.exe
C: \ Program Files \ ATI Technologies \ ATI Control Panel \ atiptaxx.exe
C: \ Program Files \ CyberLink \ PowerDVD \ DVDLauncher.exe
C: \ Program Files \ Intel \ Modem Event Monitor \ IntelMEM.exe
C: \ Program Files \ Creative \ SBAudigy2 \ Surround Mixer \ CTSysVol.exe
C: \ WINDOWS \ system32 \ dla \ tfswctrl.exe
C: \ Program Files \ Razer \ Diamondback \ razerhid.exe
C: \ Program Files \ Grisoft \ AVG Anti-Spyware 7.5 \ AVGAS. exe
C: \ Program Files \ Windows Defender \ MSASCui.exe
C: \ Program Files \ Adobe \ Photoshop Album Starter Edition \ 3.2 \ Apps \ apdproxy.exe
C: \ WINDOWS \ system32 \ ctfmon.exe
C: \ Program Files \ MUSICMATCH \ Musicmatch Jukebox \ mim.exe
C: \ Program Files \ Razer \ Diamondback \ razertra.exe
C: \ Program Files \ Razer \ Diamondback \ razerofa.exe
C: \ WINDOWS \ system32 \ svchost.exe
C: \ WINDOWS \ system32 \ cidaemon.exe
C: \ WINDOWS \ system32 \ taskmgr.exe
C: \ Program Files \ Mozilla Firefox \ firefox. exe
C: \ Program Files \ Common Files \ AOL \ Loader \ aolload.exe
C: \ Program Files \ Fichiers communs \ Real \ Update_OB \ realsched.exe
C: \ Program Files \ AIM6 \ aim6.exe
C: \ Program Files \ AIM6 \ aolsoftware.exe
C: \ Program Files \ Spyware Doctor \ swdoctor.exe
C: \ Program Files \ HijackThis \ HijackThis. exe

R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://www.yahoo.com
R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Window Title = Windows Internet Explorer fourni par Yahoo!
O2 - BHO: Adobe PDF Reader Link Helper - (06849E9F-C8D7-4D59-B87D-784B7D6BE0B3) - C: \ Program Files \ Fichiers communs \ Adobe \ Acrobat \ ActiveX \ AcroIEHelper.dll
O2 - BHO: DriveLetterAccess - (5CA3D70E-1895-8E15-11CF-001234567890) - C: \ WINDOWS \ system32 \ dla \ tfswshx. dll
O2 - BHO: SSVHelper Class - (761497BB-D6F0-462C-B6EB-D4DAF1D92D43) - C: \ Program Files \ Java \ jre1.5.0_11 \ bin \ ssv.dll
O2 - BHO: (no name) - (7E853D72-626A-48EC-A868-BA8D5E23E045) - (no file)
O2 - BHO: Windows Live Sign-in Helper - (9030D464-4C02-4ABF-8ECC-5164760863C6) - C: \ Program Files \ Fichiers communs \ Microsoft Shared \ Windows Live \ WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - (BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0) - C: \ Program Files \ Windows Live Toolbar \ msntb. dll
O3 - Toolbar: (no name) - (E0E899AB-F487-11D5-8D29-0050BA6940E3) - (no file)
O3 - Toolbar: Windows Live Toolbar - (BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0) - C: \ Program Files \ Windows Live Toolbar \ msntb.dll
O4 - HKLM \ .. \ Run: [IAAnotif] "C: \ Program Files \ Intel \ Intel Matrix Storage Manager \ Iaanotif.exe"
O4 - HKLM \ .. \ Run: [ATIPTA] C: \ Program Files \ ATI Technologies \ ATI Control Panel \ atiptaxx.exe
O4 - HKLM \ .. \ Run: [DVDLauncher] "C: \ Program Files \ CyberLink \ PowerDVD \ DVDLauncher.exe"
O4 - HKLM \ .. \ Run: [IntelMeM] C: \ Program Files \ Intel \ Modem Event Monitor \ IntelMEM.exe
O4 - HKLM \ .. \ Run: [CTSysVol] C: \ Program Files \ Creative \ SBAudigy2 \ Surround Mixer \ CTSysVol.exe
O4 - HKLM \ .. \ Run: [AsioReg] REGSVR32.EXE / S CTASIO.DLL
O4 - HKLM \ .. \ Run: [dla] C: \ WINDOWS \ system32 \ dla \ tfswctrl.exe
O4 - HKLM \ .. \ Run: [UpdateManager] "C: \ Program Files \ Common Files \ Sonic \ Update Manager \ sgtray. exe "/ r
O4 - HKLM \ .. \ Run: [myLinker] C: \ PROGRA ~ 1 \ myLinker \ myLinker.exe / B
O4 - HKLM \ .. \ Run: [CTHelper] CTHELPER.EXE
O4 - HKLM \ .. \ Run: [TkBellExe] "C: \ Program Files \ Fichiers communs \ Real \ Update_OB \ realsched.exe"-osboot
O4 - HKLM \ .. \ Run: [HostManager] C: \ Program Files \ Common Files \ AOL \ 1141614522 \ ee \ AOLSoftware.exe
O4 - HKLM \ .. \ Run: [MimBoot] C: \ PROGRA ~ 1 \ MUSICM ~ 1 \ MUSICM ~ 2 \ mimboot.exe
O4 - HKLM \ .. \ Run: [StartCCC] "C: \ Program Files \ ATI Technologies \ ATI. ACE \ Core-Static \ CLIStart.exe "
O4 - HKLM \ .. \ Run: [Diamondback] C: \ Program Files \ Razer \ Diamondback \ razerhid.exe
O4 - HKLM \ .. \ Run: [! AVG Anti-Spyware] "C: \ Program Files \ Grisoft \ AVG Anti-Spyware 7.5 \ avgas.exe" / minimiser
O4 - HKLM \ .. \ Run: [Windows Defender] "C: \ Program Files \ Windows Defender \ MSASCui.exe"-hide
O4 - HKLM \ .. \ Run: [Adobe Photo Downloader] "C: \ Program Files \ Adobe \ Photoshop Album Starter Edition \ 3.2 \ Apps \ apdproxy.exe"
O4 - HKLM \ .. \ Run: [SDTray] "C: \ Program Files \ Spyware Doctor \ SDTrayApp.exe"
O4 - HKLM \ .. \ Run: [UserFaultCheck]% systemroot% \ system32 \ dumprep 0-u
O4 - HKCU \ .. \ Run: [ctfmon.exe] C: \ WINDOWS \ system32 \ ctfmon.exe
O4 - HKCU \ .. \ Run: [Aim6] "C: \ Program Files \ AIM6 \ aim6.exe" / d locale = fr-FR ee://aol/imApp
O4 - HKCU \ .. \ Run: [updateMgr] C: \ Program Files \ Adobe \ Acrobat 7.0 \ Reader \ AdobeUpdateManager.exe AcRdB7_0_9
O4 - HKCU \ .. \ Run: [msnmsgr] "C: \ Program Files \ MSN Messenger \ msnmsgr.exe" / background
O4 - Global Startup: America Online 9.0 Tray = Icon.lnk C: \ Program Files \ America Online 9.0 \ aoltray.exe
O4 - Global Startup: NETGEAR WG311v3 Smart Wizard.lnk = C: \ Program Files \ NETGEAR \ WG311v3 \ wlancfg5.exe
O4 - Global Startup: NETGEAR WG511v2 Wireless Assistant.lnk =?
O4 - Global Startup: Picture Package Menu.lnk =?
O4 - Global Startup: Picture Package VCD Maker.lnk =?
O8 - Extra du menu contextuel: & Clean Traces - C: \ Program Files \ DAP \ Privacy Package \ dapcleanerie.htm
O8 - Extra du menu contextuel: & Download with & DAP - C: \ Program Files \ DAP \ dapextie.htm
O8 - Extra du menu contextuel: & Windows Live Search -- res://C : \ Program Files \ Windows Live Toolbar \ msntb.dll / recherche. htm
O8 - Extra du menu contextuel: Add to Windows & Live Favorites -- http://favorites.live.com/quickadd.aspx
O8 - Extra du menu contextuel: Télécharger tout avec & DAP - C: \ Program Files \ DAP \ dapextie2.htm
O9 - Extra button: (no name) - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.5.0_11 \ bin \ ssv.dll
O9 - Extra "Outils" menuitem: Sun Java Console - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.5.0_11 \ bin \ ssv.dll
O9 - Extra button: Real. com - (CD67F990-D8E9-11d2-98FE-00C0F0318AFE) - C: \ WINDOWS \ System32 \ Shdocvw.dll
O9 - Extra button: (no name) - (e2e2dd38-d088-4134-82b7-f2ba38496583) -% windir% \ Network Diagnostic \ xpnetdiag.exe (file missing)
O9 - Extra "Outils" menuitem: @ xpsp3res.dll, -20001 - (e2e2dd38-d088-4134-82b7-f2ba38496583) -% windir% \ Network Diagnostic \ xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs. exe
O9 - Extra "Outils" menuitem: Windows Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs. exe
O11 - Options group: [INTERNATIONAL] International *
O16 - DPF: ppctlcab -- http://www.my-etrust.com/includes/pscanner/ppctlcab.CAB
O16 - DPF: (072039AB-2117-4ED5-A85F-9B9EB903E021) --
O16 - DPF: (0AE0F5F9-8233-49A4-A3C8-004CE190787B) --
O16 - DPF: (1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB) -- http://imgfarm.com/images/nocache/funwe ... .0.0.8.cab
O16 - DPF: (2917297F-F02B-4B9D-81DF-494B6333150B) (Minesweeper Flags Class) -- http://messenger.zone.msn.com/binary/Mi ... b31267.cab
O16 - DPF: (30528230-99f7-88d8-4bb4-fa1d4f56a2ab) (YInstStarter Class) - C: \ Program Files \ Yahoo! \ Common \ yinsthelper. dll
O16 - DPF: (4C833081-D026-4FF8-968F-7EAB660D2FBA) -- http://www.sc2.org/misc/tvants.cab
O16 - DPF: (5ED80217-570B-4DA9-BF44-BE107C0EC166) (Windows Live Safety Center Base Module) -- http://cdn.scan.onecare.live.com/resour ... se9602.cab
O16 - DPF: (5F5F9FB8-878E-4455-95E0-F64B2314288A) (ijjiPlugin2 Class) -- http://gamedownload.ijjimax.com/gamedow ... n11USA.cab
O16 - DPF: (5F8469B4-B055-49DD-83F7-62B522420ECC) (Facebook Photo Uploader Control) -- http://upload.facebook.com/controls/Fac ... loader.cab
O16 - DPF: (8E0D4DE5-3180-4024-A327-4DFAD1796A8D) (MessengerStatsClient Class) -- http://messenger.zone.msn.com/binary/Me ... b31267.cab
O16 - DPF: (92D0D610-A6FA-48D8-94CB-BD47FDF68655) -- http://app.ipop.co.kr/ipop/ipopx.cab
O16 - DPF: (9BF607E0-4CC1-4099-9A07-362C9E4FB090) (WStarter Control) -- http://live.pdbox.co.kr:8057/WStarter.cab
O16 - DPF: (9E17A5F9-2B9C-4C66-A592-199A4BA1FBC8) (AIM UPF Control) -- http://pictures06.aim.com/ygp/aol/plugi ... .5.1.8.cab
O16 - DPF: (C3F79A2B-B9B4-4A66-B012-3EE46475B072) (MessengerStatsClient Class) -- http://messenger.zone.msn.com/binary/Me ... b56907.cab
O16 - DPF: (CD995117-98E5-4169-9920-6C12D4C0B548) (classe HGPlugin9USA) -- http://gamedownload.ijjimax.com/gamedow ... in9USA.cab
O16 - DPF: (CFCBEE6F-BE54-4682-84F6-0E3FCDFAE3E2) --
O16 - DPF: (F6E361B4-40F3-4C90-8A95-D95E0D8CBCD4) --
O17 - HKLM \ System \ CCS \ Services \ Tcpip \ .. \ (E13D7F62-F7EF-406C-B744-B864EC5F5CA1): NameServer = 167.206.3.206,167.206.3.205
O18 - Protocol: livecall - (828030A1-22C1-4009-854F-8E305202313F) - C: \ PROGRA ~ 1 \ MSNMES ~ 1 \ MSGRAP ~ 1.DLL
O18 - Protocol: msnim - (828030A1-22C1-4009-854F-8E305202313F) - C: \ PROGRA ~ 1 \ MSNMES ~ 1 \ MSGRAP ~ 1.DLL
O20 - Winlogon Notify: WgaLogon - C: \ WINDOWS \ SYSTEM32 \ WgaLogon. dll
O21 - SSODL: WPDShServiceObj - (AAA288BA-9A4C-45B0-95D7-94D524869DB5) - C: \ WINDOWS \ system32 \ WPDShServiceObj.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc - C: \ PROGRA ~ 1 \ Common ~ 1 \ AOL \ ACS \ acsd.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc - C: \ WINDOWS \ system32 \ Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C: \ WINDOWS \ SYSTEM32 \ ati2sgag.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT sro - C: \ Program Files \ Grisoft \ AVG Anti-Spyware 7.5 \ guard.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C: \ WINDOWS \ System32 \ CTsvcCDA.exe
O23 - Service: DvpApi (dvpapi) - Authentium, Inc - C: \ Program Files \ Common Files \ Authentium \ AntiVirus \ dvpapi.exe
O23 - Service: Intel (R) Matrix Storage Event Monitor (IAANTMon) - Intel Corporation - C: \ Program Files \ Intel \ Intel Matrix Storage Manager \ Iaantmon. exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C: \ Program Files \ Fichiers communs \ InstallShield \ Driver \ 11 \ Intel 32 \ IDriverT.exe
O23 - Service: Iomega App Services - Iomega Corporation - C: \ PROGRA ~ 1 \ Iomega \ System32 \ AppServices.exe
O23 - Service: npkcsvc - INCA Internet Co., Ltd - C: \ WINDOWS \ system32 \ npkcsvc.exe
O23 - Service: PnkBstrA - Unknown owner - C: \ WINDOWS \ system32 \ PnkBstrA. exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C: \ Program Files \ Spyware Doctor \ svcntaux.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C: \ Program Files \ Spyware Doctor \ swdsvc.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C: \ Program Files \ Viewpoint \ Common \ ViewpointService.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America en ligne, Inc - C: \ WINDOWS \ wanmpsvc. exe





Suis-je en sécurité? Mes programmes ont été plus lents, et il me semble suspect.

Démarrez en mode sans échec (F8 détiennent que l'ordinateur est le démarrage) et fixer les entrées suivantes en utilisant HijackThis:

Si elles ne sont pas vos noms, de fixer l'entrée ci-dessous:

im possible, j'ai un keylogger ou ad .. mon compte de jeu a piraté et cela doit être pour cela .. what do u think? c'est après un système a quelques scans.

Running processes:
C: \ WINDOWS \ System32 \ smss.exe
C: \ WINDOWS \ system32 \ csrss.exe
C: \ WINDOWS \ system32 \ winlogon.exe
C: \ WINDOWS \ system32 \ services.exe
C: \ WINDOWS \ system32 \ lsass.exe
C: \ WINDOWS \ system32 \ svchost.exe
C: \ WINDOWS \ system32 \ svchost.exe
C: \ WINDOWS \ System32 \ svchost. exe
C: \ Program Files \ Intel \ Wireless \ Bin \ EvtEng.exe
C: \ Program Files \ Intel \ Wireless \ Bin \ S24EvMon.exe
C: \ WINDOWS \ system32 \ svchost.exe
C: \ WINDOWS \ system32 \ svchost.exe
C: \ Program Files \ Common Files \ Symantec Shared \ ccsetmgr.exe
C: \ Program Files \ Common Files \ Symantec Shared \ ccEvtMgr.exe
C: \ Program Files \ Fichiers Communs \ Symantec Shared \ ccProxy.exe
C: \ Program Files \ Common Files \ Symantec Shared \ SNDSrvc. exe
C: \ Program Files \ Common Files \ Symantec Shared \ DPCC-LC \ symlcsvc.exe
C: \ WINDOWS \ system32 \ spoolsv.exe
C: \ Program Files \ Symantec \ LiveUpdate \ aluschedulersvc.exe
C: \ PROGRA ~ 1 \ McAfee \ MSC \ mcmscsvc.exe
c: \ Program Files \ Common Files \ McAfee \ MNA \ McNASvc.exe
C: \ Program Files \ Fichiers communs \ Microsoft Shared \ VS7DEBUG \ Mdm.exe
C: \ Program Files \ Microsoft SQL Server \ MSSQL $ MICROSOFTBCM \ Binn \ sqlservr.exe
C: \ Program Files \ Norton Internet Security \ Norton AntiVirus \ navapsvc. exe
C: \ WINDOWS \ system32 \ nvsvc32.exe
C: \ Program Files \ Intel \ Wireless \ Bin \ RegSrvc.exe
C: \ WINDOWS \ system32 \ svchost.exe
C: \ WINDOWS \ system32 \ wdfmgr.exe
C: \ Program Files \ Sony \ VAIO Event Service \ VESMgr.exe
C: \ Program Files \ Common Files \ Sony Shared \ VAIO Entertainment Platform \ VCSW \ VCSW.exe
C: \ Program Files \ Common Files \ Sony Shared \ VAIO Entertainment Platform \ VzCdb \ VzCdbSvc.exe
C: \ Program Files \ Common Files \ Sony Shared \ VAIO Entertainment Platform \ VzCdb \ VzFw. exe
C: \ WINDOWS \ Explorer.EXE
C: \ Program Files \ Intel \ Wireless \ bin \ ZCfgSvc.exe
C: \ Program Files \ Intel \ Wireless \ Bin \ ifrmewrk.exe
C: \ Program Files \ Intel \ Wireless \ Bin \ EOUWiz.exe
C: \ Program Files \ Java \ jre1.6.0_03 \ bin \ jusched.exe
C: \ Program Files \ Sony \ VAIO Power Management \ SPMgr.exe
C: \ Program Files \ Sony \ ISB Utility \ ISBMgr.exe
C: \ Program Files \ Sony \ VAIO Update 2 \ VAIOUpdt.exe
C: \ PROGRA ~ 1 \ McAfee.com \ Agent \ mcagent.exe
C: \ Program Files \ Protector Suite QL \ menusw. exe
C: \ Program Files \ Sony \ Wireless Switch Setting Utility \ Switcher.exe
C: \ Program Files \ Common Files \ Symantec Shared \ ccapp.exe
C: \ Program Files \ Sony \ VAIO Camera Utility \ VCUServe.exe
C: \ Program Files \ SiteAdvisor \ 6021 \ siteadv.exe
C: \ Program Files \ Microsoft Office \ Office12 \ GrooveMonitor.exe
C: \ Program Files \ Mouse \ Amoumain.exe
C: \ Program Files \ Common Files \ AOL \ 1149844517 \ ee \ AOLHostManager.exe
C: \ WINDOWS \ system32 \ alg. exe
C: \ Program Files \ Common Files \ AOL \ 1149844517 \ ee \ AOLServiceHost.exe
C: \ Program Files \ MSN Messenger \ msnmsgr.exe
C: \ Program Files \ Common Files \ Ahead \ lib \ NMBgMonitor.exe
C: \ PROGRA ~ 1 \ Intel \ Wireless \ Bin \ dot1xcfg.exe
C: \ WINDOWS \ system32 \ ctfmon.exe
C: \ Program Files \ Linksys EasyLink Advisor \ LinksysAgent.exe
C: \ Program Files \ Toshiba \ Toshiba Bluetooth Stack \ TosBtMng.exe
C: \ Program Files \ Trend Micro \ TMAs \ TMA. exe
C: \ Program Files \ Toshiba \ Bluetooth Toshiba Stack \ TosA2dp.exe
C: \ Program Files \ WinZip \ WZQKPICK.EXE
C: \ Program Files \ Toshiba \ Bluetooth Toshiba Stack \ TosBtHid.exe
C: \ Program Files \ Toshiba \ Toshiba Bluetooth Stack \ TosBtHsp.exe
C: \ Program Files \ Common Files \ Symantec Shared \ Security Console \ NSCSRVCE.EXE
C: \ Program Files \ McAfee \ MSC \ mcuimgr.exe
C: \ WINDOWS \ system32 \ wbem \ wmiapsrv.exe
C: \ WINDOWS \ System32 \ svchost. exe
C: \ Program Files \ Common Files \ AOL \ 1149844517 \ ee \ AOLServiceHost.exe
C: \ Program Files \ Common Files \ AOL \ 1149844517 \ ee \ AOLServiceHost.exe
C: \ Program Files \ Messenger \ msmsgs.exe
C: \ Program Files \ Trend Micro \ HijackThis \ HijackThis.exe
C: \ WINDOWS \ system32 \ wbem \ wmiprvse. exe

R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R3 - URLSearchHook: AOLSearchHook Class - (54EB34EA-E6BE-4CFD-9F4F-C4A0C2EAFA22) - C: \ Program Files \ AOL \ AOL Search Enhancement \ AOLSearch . dll
O2 - BHO: Adobe PDF Reader Link Helper - (06849E9F-C8D7-4D59-B87D-784B7D6BE0B3) - C: \ Program Files \ Adobe \ Acrobat 7.0 \ ActiveX \ AcroIEHelper.dll
O2 - BHO: (no name) - (089FD14D-132B-48FC-8861-0048AE113215) - C: \ Program Files \ SiteAdvisor \ 6028 \ SiteAdv.dll
O2 - BHO: AOL Search Enhancement - (54EB34EA-E6BE-4CFD-9F4F-C4A0C2EAFA22) - C: \ Program Files \ AOL \ AOL Search Enhancement \ AOLSearch. dll
O2 - BHO: Groove GFS Browser Helper - (72853161-30C5-4D22-B7F9-0BBC1D38A37E) - C: \ PROGRA ~ 1 \ MICROS ~ 3 \ Office12 \ GRA8E1 ~ 1.DLL
O2 - BHO: SSVHelper Class - (761497BB-D6F0-462C-B6EB-D4DAF1D92D43) - C: \ Program Files \ Java \ jre1.6.0_03 \ bin \ ssv.dll
O2 - BHO: AOL Toolbar BHO - (7C554162-8CB7-45A4-B8F4-8EA1C75885F9) - C: \ Program Files \ AOL \ AOL Toolbar 5.0 \ aoltb. dll
O2 - BHO: (no name) - (7E853D72-626A-48EC-A868-BA8D5E23E045) - (no file)
O2 - BHO: Windows Live Sign-in Helper - (9030D464-4C02-4ABF-8ECC-5164760863C6) - C: \ Program Files \ Fichiers communs \ Microsoft Shared \ Windows Live \ WindowsLiveLogin.dll
O2 - BHO: Norton Internet Security 2006 - (9ECB9560-04F9-4bbc-943D-298DDF1699E1) - C: \ Program Files \ Common Files \ Symantec Shared \ AdBlocking \ NISShExt. dll
O2 - BHO: NAV Helper - (A8F38D8D-E480-4D52-B7A2-731BB6995FDD) - C: \ Program Files \ Norton Internet Security \ Norton AntiVirus \ NavShExt.dll
O2 - BHO: Windows Live Toolbar Helper - (BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0) - C: \ Program Files \ Windows Live Toolbar \ msntb.dll
O3 - Toolbar: Norton Internet Security 2006 - (0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7) - C: \ Program Files \ Common Files \ Symantec Shared \ AdBlocking \ NISShExt. dll
O3 - Toolbar: Norton AntiVirus - (C4069E3A-68F1-403E-B40E-20066696354B) - C: \ Program Files \ Norton Internet Security \ Norton AntiVirus \ NavShExt.dll
O3 - Toolbar: McAfee SiteAdvisor - (0BF43445-2F28-4351-9252-17FE6E806AA0) - C: \ Program Files \ SiteAdvisor \ 6028 \ SiteAdv.dll
O3 - Toolbar: Windows Live Toolbar - (BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0) - C: \ Program Files \ Windows Live Toolbar \ msntb. dll
O3 - Toolbar: AOL Toolbar - (DE9C389F-3316-41A7-809B-AA305ED9D922) - C: \ Program Files \ AOL \ AOL Toolbar 5.0 \ aoltb.dll
O4 - HKLM \ .. \ Run: [NvCplDaemon] RUNDLL32.EXE C: \ WINDOWS \ system32 \ NvCpl.dll, NvStartup
O4 - HKLM \ .. \ Run: [apoint] C: \ Program Files \ apoint \ Apoint.exe
O4 - HKLM \ .. \ Run: [igfxtray] C: \ WINDOWS \ system32 \ igfxtray.exe
O4 - HKLM \ .. \ Run: [igfxhkcmd] C: \ WINDOWS \ system32 \ hkcmd.exe
O4 - HKLM \ .. \ Run: [igfxpers] C: \ WINDOWS \ system32 \ igfxpers.exe
O4 - HKLM \ .. \ Run: [IntelZeroConfig] "C: \ Program Files \ Intel \ Wireless \ bin \ ZCfgSvc.exe"
O4 - HKLM \ .. \ Run: [IntelWireless] "C: \ Program Files \ Intel \ Wireless \ Bin \ ifrmewrk.exe" / tf Intel PROSet / Wireless
O4 - HKLM \ .. \ Run: [EOUApp] "C: \ Program Files \ Intel \ Wireless \ Bin \ EOUWiz.exe"
O4 - HKLM \ .. \ Run: [SunJavaUpdateSched] "C: \ Program Files \ Java \ jre1.6.0_03 \ bin \ jusched.exe"
O4 - HKLM \ .. \ Run: [SonyPowerCfg] C: \ Program Files \ Sony \ VAIO Power Management \ SPMgr. exe
O4 - HKLM \ .. \ Run: [ISBMgr.exe] C: \ Program Files \ Sony \ ISB Utility \ ISBMgr.exe
O4 - HKLM \ .. \ Run: [VAIO Update 2] "C: \ Program Files \ Sony \ VAIO Update 2 \ VAIOUpdt.exe" / Stationary
O4 - HKLM \ .. \ Run: [HostManager] C: \ Program Files \ Common Files \ AOL \ 1149844517 \ ee \ AOLHostManager.exe
O4 - HKLM \ .. \ Run: [Biomenu] "C: \ Program Files \ Protector Suite QL \ menusw.exe"
O4 - HKLM \ .. \ Run: [Switcher.exe] C: \ Program Files \ Sony \ Wireless Switch Setting Utility \ Switcher. exe
O4 - HKLM \ .. \ Run: [ccApp] "C: \ Program Files \ Common Files \ Symantec Shared \ ccapp.exe"
O4 - HKLM \ .. \ Run: [URLLSTCK.exe] C: \ Program Files \ Norton Internet Security \ UrlLstCk.exe
O4 - HKLM \ .. \ Run: [VAIOCameraUtility] "C: \ Program Files \ Sony \ VAIO Camera Utility \ VCUServe.exe"
O4 - HKLM \ .. \ Run: [VAIO Recovery] C: \ WINDOWS \ Sonysys \ VAIO Recovery \ PartSeal.exe
O4 - HKLM \ .. \ Run: [NeroFilterCheck] C: \ WINDOWS \ system32 \ NeroCheck.exe
O4 - HKLM \ .. \ Run: [SiteAdvisor] C: \ Program Files \ SiteAdvisor \ 6021 \ siteadv.exe
O4 - HKLM \ .. \ Run: [GrooveMonitor] "C: \ Program Files \ Microsoft Office \ Office12 \ GrooveMonitor.exe"
O4 - HKLM \ .. \ Run: [molette] C: \ Program Files \ Mouse \ Amoumain.exe
O4 - HKLM \ .. \ Run: [mcagent_exe] C: \ Program Files \ McAfee.com \ Agent \ mcagent.exe / runkey
O4 - HKCU \ .. \ Run: [MsnMsgr] "C: \ Program Files \ MSN Messenger \ msnmsgr.exe" / background
O4 - HKCU \ .. \ Run: [BgMonitor_ (79662E04-7C6C-4d9f-84C7-88D8A56B10AA)] "C: \ Program Files \ Common Files \ Ahead \ lib \ NMBgMonitor.exe"
O4 - HKCU \ .. \ Run: [ctfmon.exe] C: \ WINDOWS \ system32 \ ctfmon.exe
O4 - HKCU \ .. \ Run: [EasyLinkAdvisor] "C: \ Program Files \ Linksys EasyLink Advisor \ LinksysAgent.exe" / startup
O4 - HKCU \ .. \ Run: [Steam] "C: \ Program Files \ Steam \ Steam.exe"-silent
O4 - HKCU \ .. \ Run: [amva] C: \ WINDOWS \ system32 \ amvo. exe
O4 - Startup: OneNote 2007 Screen Clipper et Launcher.lnk = C: \ Program Files \ Microsoft Office \ Office12 \ ONENOTEM.EXE
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C: \ Program Files \ Adobe \ Acrobat 7.0 \ Reader \ reader_sl.exe
O4 - Global Startup: AutoCAD Startup Accelerator.lnk = C: \ Program Files \ Fichiers communs \ Autodesk Shared \ acstart17.exe
O4 - Global Startup: Bluetooth Manager.lnk =?
O4 - Global Startup: Trend Micro Anti-Spyware. lnk = C: \ Program Files \ Trend Micro \ TMAs \ Tmas.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C: \ Program Files \ WinZip \ WZQKPICK.EXE
O8 - Extra du menu contextuel: & AOL Toolbar Search - C: \ Documents and Settings \ All Users \ Application Data \ AOL \ ieToolbar \ resources \ fr-FR \ local \ search.html
O8 - Extra du menu contextuel: & Windows Live Search -- res://C : \ Program Files \ Windows Live Toolbar \ msntb.dll / recherche. htm
O8 - Extra du menu contextuel: E & xporter vers Microsoft Excel -- res://C : \ PROGRA ~ 1 \ MICROS ~ 3 \ Office12 \ EXCEL.EXE/3000
O8 - Extra du menu contextuel: Ouvrir dans un nouvel onglet -- res://C : \ Program Files \ Windows Live Toolbar \ Components \ fr-ca \ msntabres.dll.mui/229? C1d86e6ed13e427b92b926bffbb89f7e
O8 - Extra du menu contextuel: Ouvrir dans un nouvel onglet de premier -- res://C : \ Program Files \ Windows Live Toolbar \ Components \ fr-ca \ msntabres.dll.mui/230? c1d86e6ed13e427b92b926bffbb89f7e
O8 - Extra du menu contextuel: Transfert par Image Converter 2 Plus - C: \ Program Files \ Sony \ Image Converter 2 \ menu.htm
O9 - Extra button: (no name) - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_03 \ bin \ ssv.dll
O9 - Extra "Outils" menuitem: Sun Java Console - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_03 \ bin \ ssv. dll
O9 - Extra button: Envoyer à OneNote - (2670000A-7350-4f3c-8081-5663EE0C6C49) - C: \ PROGRA ~ 1 \ MICROS ~ 3 \ Office12 \ ONBttnIE.dll
O9 - Extra "Outils" menuitem: S & end à OneNote - (2670000A-7350-4f3c-8081-5663EE0C6C49) - C: \ PROGRA ~ 1 \ MICROS ~ 3 \ Office12 \ ONBttnIE.dll
O9 - Extra button: Research - (92780B25-18CC-41C8-B9BE-3C9C571A8263) - C: \ PROGRA ~ 1 \ MICROS ~ 3 \ Office12 \ REFIEBAR. DLL
O9 - Extra button: (no name) - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe
O9 - Extra "Outils" menuitem: @ xpsp3res.dll, -20001 - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe
O9 - Extra button: Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs. exe
O9 - Extra "Outils" menuitem: Windows Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
O10 - Unknown file dans Winsock LSP: c: \ windows \ system32 \ nwprovau.dll
Ø14 - IERESET.INF: START_PAGE_URL = http://www.sony.com/vaiopeople
O18 - Protocol: grooveLocalGWS - (88FED34C-F0CA-4636-A375-3CB6248B04CD) - C: \ PROGRA ~ 1 \ MICROS ~ 3 \ Office12 \ GR99D3 ~ 1. DLL
O23 - Service: Autodesk Licensing Service - Autodesk - C: \ Program Files \ Fichiers communs \ Autodesk Shared \ Service \ AdskScSrv.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C: \ Program Files \ Symantec \ LiveUpdate \ aluschedulersvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C: \ Program Files \ Common Files \ Symantec Shared \ ccEvtMgr. exe
O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - C: \ Program Files \ Norton Internet Security \ ccPwdSvc.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C: \ Program Files \ Common Files \ Symantec Shared \ ccProxy.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C: \ Program Files \ Common Files \ Symantec Shared \ ccSetMgr. exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C: \ Program Files \ Norton Internet Security \ comHost.exe
O23 - Service: Intel (R) PROSet / Wireless Event Log (EvtEng) - Intel Corporation - C: \ Program Files \ Intel \ Wireless \ Bin \ EvtEng.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C: \ Program Files \ Fichiers communs \ InstallShield \ Driver \ 1050 \ Intel 32 \ IDriverT. exe
O23 - Service: Image Converter suivre pour l'enregistrement vidéo VAIO Entertainment - Sony Corporation - C: \ Program Files \ Sony \ Image Converter 2 \ IcVzMon.exe
O23 - Service: LiveUpdate - Symantec Corporation - C: \ PROGRA ~ 1 \ Symantec \ LIVEUP ~ 1 \ LUCOMS ~ 1.EXE
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc - C: \ PROGRA ~ 1 \ McAfee \ MSC \ mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc - c: \ Program Files \ Common Files \ McAfee \ MNA \ mcnasvc. exe
O23 - Service: MSCSPTISRV - Sony Corporation - C: \ Program Files \ Common Files \ Sony Shared \ AVLib \ MSCSPTISRV.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C: \ Program Files \ Norton Internet Security \ Norton AntiVirus \ NAVAPSVC.EXE
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C: \ Program Files \ Common Files \ Symantec Shared \ Security Console \ NSCSRVCE. EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C: \ WINDOWS \ system32 \ nvsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - C: \ Program Files \ Common Files \ Sony Shared \ AVLib \ PACSPTISVR.exe
O23 - Service: Intel (R) PROSet / Wireless Registry Service (RegSrvc) - Intel Corporation - C: \ Program Files \ Intel \ Wireless \ Bin \ RegSrvc. exe
O23 - Service: Intel (R) PROSet / Wireless Service (S24EventMonitor) - Intel Corporation - C: \ Program Files \ Intel \ Wireless \ Bin \ S24EvMon.exe
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C: \ Program Files \ Norton Internet Security \ Norton AntiVirus \ SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C: \ Program Files \ Common Files \ Symantec Shared \ SNDSrvc. exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C: \ Program Files \ Common Files \ Symantec Shared \ SPBBC \ spbbcsvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C: \ Program Files \ Common Files \ Sony Shared \ AVLib \ SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C: \ Program Files \ Common Files \ Sony Shared \ AVLib \ SSScsiSV. exe
O23 - Service: Symantec Core LC - Unknown owner - C: \ Program Files \ Common Files \ Symantec Shared \ DPCC-LC \ symlcsvc.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C: \ Program Files \ Common Files \ Sony Shared \ VAIO Entertainment Platform \ VzCs \ VzHardwareResourceManager \ VzHardwareResourceManager.exe
O23 - Service: VAIO Event Service - Sony Corporation - C: \ Program Files \ Sony \ VAIO Event Service \ VESMgr. exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C: \ Program Files \ Sony \ VAIO Media Integrated Server \ VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C: \ Program Files \ Sony \ VAIO Media Integrated Server \ Platform \ SV_Httpd. exe
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C: \ Program Files \ Sony \ VAIO Media Integrated Server \ Platform \ UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C: \ Program Files \ Sony \ VAIO Media Integrated Server \ Platform \ VmGateway. exe
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C: \ Program Files \ Common Files \ Sony Shared \ VAIO Entertainment Platform \ VCSW \ VCSW.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C: \ Program Files \ Common Files \ Sony Shared \ VAIO Entertainment Platform \ VzCdb \ VzCdbSvc. exe
O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C: \ Program Files \ Common Files \ Sony Shared \ VAIO Entertainment Platform \ VzCdb \ VzFw.exe

--
Fin de fichier - 16,764 octets

Démarrez en mode sans échec (F8 détiennent que l'ordinateur est le démarrage) et fixer les entrées suivantes avec HijackThis:

i ne peut pas ge débarrasser de ce keyloggerand Je reçois piraté .. quelqu'un peut me recommander un bon anti-virus ou d'un scanner que je peux utiliser cela fonctionnera à 100%. Je n'ai vraiment pas envie d'avoir à reformater mon ordinateur portable

Logfile de HijackThis v1.99.1
Scan sauvé à 11:36:23 PM, le 2.15.2008
Plate-forme: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)

Running processes:
C: \ WINDOWS \ System32 \ smss.exe
C: \ WINDOWS \ system32 \ csrss.exe
C: \ WINDOWS \ system32 \ winlogon.exe
C: \ WINDOWS \ system32 \ services.exe
C: \ WINDOWS \ system32 \ lsass.exe
C: \ WINDOWS \ system32 \ svchost.exe
C: \ WINDOWS \ system32 \ svchost.exe
C: \ WINDOWS \ System32 \ svchost. exe
C: \ WINDOWS \ system32 \ svchost.exe
C: \ WINDOWS \ system32 \ svchost.exe
C: \ WINDOWS \ system32 \ LEXBCES.EXE
C: \ WINDOWS \ system32 \ spoolsv.exe
C: \ WINDOWS \ system32 \ LEXPPS.EXE
C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe
C: \ WINDOWS \ system32 \ nvsvc32.exe
C: \ Program Files \ OneStepSearch \ onestep.exe
C: \ WINDOWS \ system32 \ svchost.exe
C: \ Program Files \ Viewpoint \ Common \ ViewpointService.exe
C: \ WINDOWS \ System32 \ alg. exe
C: \ WINDOWS \ Explorer.EXE
C: \ WINDOWS \ system32 \ wscntfy.exe
C: \ Program Files \ OneStepSearch \ onestep.exe
C: \ Program Files \ VIA \ VIAudioi \ SBADeck \ ADeck.exe
C: \ Program Files \ Java \ jre1.6.0_03 \ bin \ jusched.exe
C: \ Program Files \ Fichiers communs \ InstallShield \ UpdateService \ issch.exe
C: \ WINDOWS \ system32 \ rundll32.exe
C: \ WINDOWS \ system32 \ lxsupmon.exe
C: \ Program Files \ MSN Messenger \ msnmsgr.exe
C: \ WINDOWS \ system32 \ ctfmon.exe
C: \ Program Files \ MSN Messenger \ usnsvc. exe
C: \ Program Files \ Lavasoft \ Ad-Aware 2007 \ aawservice.exe
C: \ Program Files \ Mozilla Firefox \ firefox.exe
C: \ Program Files \ Anti Keylogger Elite \ AKE.exe
C: \ Program Files \ Spyware Doctor \ pctsGui.exe
C: \ Program Files \ Spyware Doctor \ pctsAuxs.exe
C: \ Program Files \ Spyware Doctor \ pctsSvc.exe
C: \ Program Files \ Spyware Doctor \ pctsTray.exe
C: \ WINDOWS \ system32 \ Wuauclt.exe
C: \ Program Files \ HijackThis \ HijackThis. exe

R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://www.cox.net/
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main , Window Title = Internet Explorer fourni par Cox High Speed Internet
O2 - BHO: Adobe PDF Reader Link Helper - (06849E9F-C8D7-4D59-B87D-784B7D6BE0B3) - C: \ Program Files \ Fichiers communs \ Adobe \ Acrobat \ ActiveX \ AcroIEHelper.dll
O2 - BHO: SSVHelper Class - (761497BB-D6F0-462C-B6EB-D4DAF1D92D43) - C: \ Program Files \ Java \ jre1.6.0_03 \ bin \ ssv.dll
O2 - BHO: (no name) - (7E853D72-626A-48EC-A868-BA8D5E23E045) - (no file)
O4 - HKLM \ .. \ Run: [NvCplDaemon] RUNDLL32.EXE C: \ WINDOWS \ system32 \ NvCpl. dll, NvStartup
O4 - HKLM \ .. \ Run: [nwiz] nwiz.exe / install
O4 - HKLM \ .. \ Run: [NvMediaCenter] RUNDLL32.EXE C: \ WINDOWS \ system32 \ NvMcTray.dll, NvTaskbarInit
O4 - HKLM \ .. \ Run: [AudioDeck] C: \ Program Files \ VIA \ VIAudioi \ SBADeck \ ADeck.exe 1
O4 - HKLM \ .. \ Run: [SunJavaUpdateSched] "C: \ Program Files \ Java \ jre1.6.0_03 \ bin \ jusched.exe"
O4 - HKLM \ .. \ Run: [ISUSPM Startup] C: \ PROGRA ~ 1 \ Common ~ 1 \ INSTAL ~ 1 \ UPDATE ~ 1 \ isuspm.exe-startup
O4 - HKLM \ .. \ Run: [ISUSScheduler] "C: \ Program Files \ Fichiers communs \ InstallShield \ UpdateService \ issch.exe"-start
O4 - HKLM \ .. \ Run: [QuickTime Task] "C: \ Program Files \ QuickTime \ qttask.exe"-atboottime
O4 - HKLM \ .. \ Run: [LXSUPMON] C: \ WINDOWS \ system32 \ lxsupmon.exe RUN
O4 - HKLM \ .. \ Run: [Adobe Reader Speed Launcher] "C: \ Program Files \ Adobe \ Reader 8.0 \ Reader \ Reader_sl.exe"
O4 - HKLM \ .. \ Run: [Microsoft Windows Automatic Updater] xcopy32.exe
O4 - HKLM \ .. \ Run: [Microsoft Windows Update] C: \ WINDOWS \ ctfmon.exe
O4 - HKLM \ .. \ Run: [ISS_SIP] C: \ Program Files \ Anti Keylogger Elite \ AKE.exe
O4 - HKLM \ .. \ Run: [ISTray] "C: \ Program Files \ Spyware Doctor \ pctsTray.exe"
O4 - HKCU \ .. \ Run: [MsnMsgr] "C: \ Program Files \ MSN Messenger \ msnmsgr.exe" / background
O4 - HKCU \ .. \ Run: [ctfmon.exe] C: \ WINDOWS \ system32 \ ctfmon.exe
O4 - HKCU \ .. \ Run: [WhenUSave] "C: \ Program Files \ Save \ Save.exe"
O4 - HKCU \ .. \ Run: [AAK] C: \ Program Files \ Advanced Anti Keylogger \ aak.exe / silent
O4 - Startup: MP3 Rocket (réduite). Lnk = C: \ Program Files \ MP3 Rocket \ MP3Rocket.exe
O9 - Extra button: (no name) - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_03 \ bin \ ssv.dll
O9 - Extra "Outils" menuitem: Sun Java Console - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_03 \ bin \ ssv. dll
O9 - Extra button: (no name) - (e2e2dd38-d088-4134-82b7-f2ba38496583) -% windir% \ Network Diagnostic \ xpnetdiag.exe (file missing)
O9 - Extra "Outils" menuitem: @ xpsp3res.dll, -20001 - (e2e2dd38-d088-4134-82b7-f2ba38496583) -% windir% \ Network Diagnostic \ xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs. exe
O9 - Extra "Outils" menuitem: Windows Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs. exe
O11 - Options group: [INTERNATIONAL] International *
O16 - DPF: (20A60F0D-9AFA-4515-A0FD-83BD84642501) (Checkers Class) -- http://messenger.zone.msn.com/binary/ms ... b56986.cab
O16 - DPF: (5D6F45B3-9043-443D-A792-115447494D24) (UnoCtrl Class) -- http://messenger.zone.msn.com/EN-US/a-U ... E_UNO1.cab
O16 - DPF: (6E32070A-766D-4EE6-879C-DC1FA91D2FC3) (MUWebControl Class) -- http://www.update.microsoft.com/microso ... 1095007752
O16 - DPF: (C3F79A2B-B9B4-4A66-B012-3EE46475B072) (MessengerStatsClient Class) -- http://messenger.zone.msn.com/binary/Me ... b56907.cab
O16 - DPF: (CD995117-98E5-4169-9920-6C12D4C0B548) -- http://gamedownload.ijjimax.com/gamedow ... in9USA.cab
http://a532.g.akamai.net/f/532/6712/5m/ ... taller.exe
O16 - DPF: (D88C7675-7CEE-4C9A-BDD4-7A43EED7794D) (Logout Class) -- http://www.gamengame.com/KALogoutComponent.cab
O16 - DPF: (F5A7706B-B9C0-4C89-A715-7A0C6B05DD48) (Minesweeper Flags Class) -- http://messenger.zone.msn.com/binary/Mi ... b56986.cab
O17 - HKLM \ System \ CS1 \ Services \ Tcpip \ Parameters: NameServer = 85.255.116.130 85.255.112.107
O17 - HKLM \ System \ CS2 \ Services \ Tcpip \ Parameters: NameServer = 85.255.116.130 85.255.112. 107
O17 - HKLM \ System \ CS3 \ Services \ Tcpip \ Parameters: NameServer = 85.255.116.130 85.255.112.107
O17 - HKLM \ System \ CCS \ Services \ Tcpip \ Parameters: NameServer = 85.255.116.130 85.255.112.107
O18 - Protocol: livecall - (828030A1-22C1-4009-854F-8E305202313F) - C: \ PROGRA ~ 1 \ MSNMES ~ 1 \ MSGRAP ~ 1.DLL
O18 - Protocol: msnim - (828030A1-22C1-4009-854F-8E305202313F) - C: \ PROGRA ~ 1 \ MSNMES ~ 1 \ MSGRAP ~ 1.DLL
O20 - AppInit_DLLs: system32 \ aakah. dll
O20 - Winlogon Notify: WgaLogon - C: \ WINDOWS \ SYSTEM32 \ WgaLogon.dll
O21 - SSODL: WPDShServiceObj - (AAA288BA-9A4C-45B0-95D7-94D524869DB5) - C: \ WINDOWS \ system32 \ WPDShServiceObj.dll
O23 - Service: aaksrv - Spydex, Inc - C: \ WINDOWS \ system32 \ aaksrv.exe
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C: \ Program Files \ Lavasoft \ Ad-Aware 2007 \ aawservice. exe
O23 - Service: Adobe LM Service - Unknown owner - C: \ Program Files \ Fichiers communs \ Adobe Systems Shared \ Service \ Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc - C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc - C: \ WINDOWS \ system32 \ LEXBCES.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C: \ WINDOWS \ system32 \ nvsvc32. exe
O23 - Service: OneStep Search Service - Unknown owner - C: \ Program Files \ OneStepSearch \ onestep.exe "" C: \ Program Files \ OneStepSearch \ onestep.dll "Service (file missing)
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C: \ Program Files \ Spyware Doctor \ pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C: \ Program Files \ Spyware Doctor \ pctsSvc. exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C: \ Program Files \ Viewpoint \ Common \ ViewpointService.exe

Aide s'il vous plaît

Logfile de HijackThis v1.99.1
Scan sauvé à 21:33:15, le 21/02/2008
Plate-forme: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C: \ WINDOWS \ System32 \ smss.exe
C: \ WINDOWS \ system32 \ winlogon.exe
C: \ WINDOWS \ system32 \ services.exe
C: \ WINDOWS \ system32 \ lsass.exe
C: \ WINDOWS \ system32 \ Ati2evxx.exe
C: \ WINDOWS \ system32 \ svchost.exe
C: \ WINDOWS \ System32 \ svchost.exe
C: \ WINDOWS \ system32 \ spoolsv. exe
c: \ program files \ fichiers communs \ logitech \ lvmvfm \ LVPrcSrv.exe
C: \ WINDOWS \ system32 \ Ati2evxx.exe
C: \ WINDOWS \ Explorer.EXE
C: \ Program Files \ CyberLink \ PowerCinema \ pcmservice.exe
C: \ Program Files \ HP \ HP Software Update \ HPwuSchd2.exe
C: \ HP \ KBD \ KBD.EXE
C: \ Program Files \ Kaspersky Lab \ Kaspersky Anti-Virus 7.0 \ avp.exe
C: \ Program Files \ Fichiers communs \ Logitech \ LComMgr \ Communications_Helper.exe
C: \ Program Files \ Kaspersky Lab \ Kaspersky Anti-Virus 7.0 \ avp. exe
C: \ Program Files \ Fichiers communs \ Logitech \ LComMgr \ LVComSX.exe
C: \ Program Files \ CyberLink \ PowerCinema \ Kernel \ TV \ CLCapSvc.exe
C: \ Program Files \ Microsoft Office \ Office12 \ GrooveMonitor.exe
C: \ Program Files \ CyberLink \ PowerCinema \ Kernel \ CLML_NTService \ CLMLServer.exe
C: \ Program Files \ MSN Messenger \ msnmsgr.exe
C: \ Program Files \ Common Files \ LightScribe \ LSSrvc.exe
C: \ Program Files \ HP \ Digital Imaging \ bin \ hpqtra08.exe
C: \ WINDOWS \ System32 \ spool \ DRIVERS \ W32X86 \ 3 \ HPZIPM12. EXE
C: \ WINDOWS \ system32 \ svchost.exe
C: \ Program Files \ CyberLink \ PowerCinema \ Kernel \ TV \ CLSched.exe
C: \ WINDOWS \ ALCXMNTR.EXE
C: \ WINDOWS \ system32 \ ctfmon.exe
c: \ windows \ system \ hpsysdrv.exe
C: \ Program Files \ Java \ jre1.5.0_05 \ bin \ jusched.exe
C: \ Program Files \ Mozilla Firefox \ firefox.exe
C: \ Documents and Settings \ HP_Owner \ Mes documents \ HijackThis. exe

R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://www.skybroadband.com
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://www.skybroadband.com
R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, First Home Page = http://www.skybroadband.com
R1 - HKCU \ Software \ Microsoft \ Internet Connection Wizard, ShellNext = http://update.microsoft.com/microsoftupdate/
R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Window Title = Internet Explorer fourni par Sky Broadband
O2 - BHO: AcroIEHlprObj Class -- (06849E9F-C8D7-4D59-B87D-784B7D6BE0B3) - C: \ Program Files \ Adobe \ Acrobat 7.0 \ ActiveX \ AcroIEHelper.dll
O2 - BHO: Groove GFS Browser Helper - (72853161-30C5-4D22-B7F9-0BBC1D38A37E) - C: \ PROGRA ~ 1 \ MICROS ~ 3 \ Office12 \ GRA8E1 ~ 1.DLL
O2 - BHO: (no name) - (7E853D72-626A-48EC-A868-BA8D5E23E045) - (no file)
O2 - BHO: Google Toolbar Helper - (AA58ED58-01DD-4d91-8333-CF10577473F7) - c: \ program files \ google \ googletoolbar1. dll
O3 - Toolbar: & Google - (2318C2B1-4965-11D4-9B18-009027A5CD4F) - c: \ program files \ google \ googletoolbar1.dll
O4 - HKLM \ .. \ Run: [ftutil2] rundll32.exe ftutil2.dll, SetWriteCacheMode
O4 - HKLM \ .. \ Run: [HPHUPD08] c: \ Program Files \ HP \ Digital Imaging \ (33D6CC28-9F75-4d1b-A11D-98895B3A3729) \ hphupd08.exe
O4 - HKLM \ .. \ Run: [PCMService] "C: \ Program Files \ CyberLink \ PowerCinema \ pcmservice.exe"
O4 - HKLM \ .. \ Run: [Recguard] C: \ WINDOWS \ SMINST \ RECGUARD.EXE
O4 - HKLM \ .. \ Run: [HPBootOp] "C: \ Program Files \ Hewlett-Packard \ HP Boot Optimizer \ HPBootOp.exe" / run
O4 - HKLM \ .. \ Run: [HP Software Update] C: \ Program Files \ HP \ HP Software Update \ HPwuSchd2.exe
O4 - HKLM \ .. \ Run: [KBD] C: \ HP \ KBD \ KBD.EXE
O4 - HKLM \ .. \ Run: [AVP] "C: \ Program Files \ Kaspersky Lab \ Kaspersky Anti-Virus 7.0 \ avp.exe"
O4 - HKLM \ .. \ Run: [LogitechCommunicationsManager] "C: \ Program Files \ Fichiers communs \ Logitech \ LComMgr \ Communications_Helper.exe"
O4 - HKLM \ .. \ Run: [LogitechQuickCamRibbon] "C: \ Program Files \ Logitech \ QuickCam10 \ QuickCam10.exe" / hide
O4 - HKLM \ .. \ Run: [LVCOMSX] "C: \ Program Files \ Fichiers communs \ Logitech \ LComMgr \ LVComSX.exe"
O4 - HKLM \ .. \ Run: [GrooveMonitor] "C: \ Program Files \ Microsoft Office \ Office12 \ GrooveMonitor.exe"
O4 - HKLM \ .. \ Run: [KernelFaultCheck]% systemroot% \ system32 \ dumprep 0-k
O4 - HKCU \ .. \ Run: [MsnMsgr] "C: \ Program Files \ MSN Messenger \ msnmsgr.exe" / background
O4 - HKCU \. . \ Run: [LDM] C: \ Program Files \ Logitech \ Desktop Messenger \ 8876480 \ Program \ LogitechDesktopMessenger.exe
O4 - HKCU \ .. \ Run: [ctfmon.exe] C: \ WINDOWS \ system32 \ ctfmon.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C: \ Program Files \ HP \ Digital Imaging \ bin \ hpqtra08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C: \ Program Files \ Logitech \ Desktop Messenger \ 8876480 \ Program \ LDMConf. exe
O8 - Extra du menu contextuel: & Google Search -- res://C : \ Program Files \ Google \ GoogleToolbar1.dll/cmsearch.html
O8 - Extra du menu contextuel: & Translate English Word -- res://C : \ Program Files \ Google \ GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra du menu contextuel: Backward Links -- res://C : \ Program Files \ Google \ GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra du menu contextuel: Cached Snapshot of Page -- res://C : \ Program Files \ Google \ GoogleToolbar1. dll / cmcache.html
O8 - Extra du menu contextuel: Pages similaires -- res://C : \ Program Files \ Google \ GoogleToolbar1.dll/cmsimilar.html
O8 - Extra du menu contextuel: Traduire la page en anglais -- res://C : \ Program Files \ Google \ GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.5.0_05 \ bin \ npjpi150_05. dll
O9 - Extra "Outils" menuitem: Sun Java Console - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.5.0_05 \ bin \ npjpi150_05.dll
O9 - Extra button: Sky - (08E730A4-FB02-45BD-A900-01E4AD8016F6) -- http://www.skybroadband.com (fichier manquant)
O9 - Extra button: Web Anti-Virus statistics - (1F460357-8A94-4D71-9CA3-AA4ACF32ED8E) - C: \ Program Files \ Kaspersky Lab \ Kaspersky Anti-Virus 7.0 \ SCIEPlgn. dll
O9 - Extra button: Envoyer à OneNote - (2670000A-7350-4f3c-8081-5663EE0C6C49) - C: \ PROGRA ~ 1 \ MICROS ~ 3 \ Office12 \ ONBttnIE.dll
O9 - Extra "Outils" menuitem: S & end à OneNote - (2670000A-7350-4f3c-8081-5663EE0C6C49) - C: \ PROGRA ~ 1 \ MICROS ~ 3 \ Office12 \ ONBttnIE.dll
O9 - Extra button: Research - (92780B25-18CC-41C8-B9BE-3C9C571A8263) - C: \ PROGRA ~ 1 \ MICROS ~ 3 \ Office12 \ REFIEBAR. DLL
O9 - Extra button: Connection Help - (E2D4D26B-0180-43a4-B05F-462D6D54C789) - C: \ WINDOWS \ PCHealth \ HelpCtr \ Vendors \ CN = Hewlett-Packard, L = Cupertino, S = Ca, C = US \ IEButton \ support.htm
O9 - Extra "Outils" menuitem: Connection Help - (E2D4D26B-0180-43a4-B05F-462D6D54C789) - C: \ WINDOWS \ PCHealth \ HelpCtr \ Vendors \ CN = Hewlett-Packard, L = Cupertino, S = Ca, C = US \ IEButton \ support.htm
O9 - Extra button: Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs. exe
O9 - Extra "Outils" menuitem: Windows Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
O16 - DPF: (6414512B-B978-451D-A0D8-FCFDF33E833C) (WUWebControl Class) -- http://www.update.microsoft.com/microso ... 3607723453
O16 - DPF: (6E32070A-766D-4EE6-879C-DC1FA91D2FC3) (MUWebControl Class) -- http://www.update.microsoft.com/microso ... 3607714187
O18 - Protocol: bw +0 - (0D20CF18-C105-4549-86C8-4B96586D5D98) - C: \ Program Files \ Logitech \ Desktop Messenger \ 8876480 \ Program \ BWPlugProtocol-8876480. dll
O18 - Protocol: bw 0 s - (0D20CF18-C105-4549-86C8-4B96586D5D98) - C: \ Program Files \ Logitech \ Desktop Messenger \ 8876480 \ Program \ BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - (0D20CF18-C105-4549-86C8-4B96586D5D98) - C: \ Program Files \ Logitech \ Desktop Messenger \ 8876480 \ Program \ BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - (0D20CF18-C105-4549-86C8-4B96586D5D98) - C: \ Program Files \ Logitech \ Desktop Messenger \ 8876480 \ Program \ BWPlugProtocol-8876480. dll
O18 - Protocol: bw00 - (0D20CF18-C105-4549-86C8-4B96586D5D98) - C: \ Program Files \ Logitech \ Desktop Messenger \ 8876480 \ Program \ BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - (0D20CF18-C105-4549-86C8-4B96586D5D98) - C: \ Program Files \ Logitech \ Desktop Messenger \ 8876480 \ Program \ BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - (0D20CF18-C105-4549-86C8-4B96586D5D98) - C: \ Program Files \ Logitech \ Desktop Messenger \ 8876480 \ Program \ BWPlugProtocol-8876480. dll
O18 - Protocol: bw10s - (0D20CF18-C105-4549-86C8-4B96586D5D98) - C: \ Program Files \ Logitech \ Desktop Messenger \ 8876480 \ Program \ BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - (0D20CF18-C105-4549-86C8-4B96586D5D98) - C: \ Program Files \ Logitech \ Desktop Messenger \ 8876480 \ Program \ BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - (0D20CF18-C105-4549-86C8-4B96586D5D98) - C: \ Program Files \ Logitech \ Desktop Messenger \ 8876480 \ Program \ BWPlugProtocol-8876480. dll
O18 - Protocol: bw30 - (0D20CF18-C105-4549-86C8-4B96586D5D98) - C: \ Program Files \ Logitech \ Desktop Messenger \ 8876480 \ Program \ BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - (0D20CF18-C105-4549-86C8-4B96586D5D98) - C: \ Program Files \ Logitech \ Desktop Messenger \ 8876480 \ Program \ BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - (0D20CF18-C105-4549-86C8-4B96586D5D98) - C: \ Program Files \ Logitech \ Desktop Messenger \ 8876480 \ Program \ BWPlugProtocol-8876480. dll
O18 - Protocol: bw40s - (0D20CF18-C105-4549-86C8-4B96586D5D98) - C: \ Program Files \ Logitech \ Desktop Messenger \ 8876480 \ Program \ BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - (0D20CF18-C105-4549-86C8-4B96586D5D98) - C: \ Program Files \ Logitech \ Desktop Messenger \ 8876480 \ Program \ BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - (0D20CF18-C105-4549-86C8-4B96586D5D98) - C: \ Program Files \ Logitech \ Desktop Messenger \ 8876480 \ Program \ BWPlugProtocol-8876480. dll
O18 - Protocol: bw60 - (0D20CF18-C105-4549-86C8-4B96586D5D98) - C: \ Program Files \ Logitech \ Desktop Messenger \ 8876480 \ Program \ BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - (0D20CF18-C105-4549-86C8-4B96586D5D98) - C: \ Program Files \ Logitech \ Desktop Messenger \ 8876480 \ Program \ BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - (0D20CF18-C105-4549-86C8-4B96586D5D98) - C: \ Program Files \ Logitech \ Desktop Messenger \ 8876480 \ Program \ BWPlugProtocol-8876480. dll
O18 - Protocol: bw70s - (0D20CF18-C105-4549-86C8-4B96586D5D98) - C: \ Program Files \ Logitech \ Desktop Messenger \ 8876480 \ Program \ BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - (0D20CF18-C105-4549-86C8-4B96586D5D98) - C: \ Program Files \ Logitech \ Desktop Messenger \ 8876480 \ Program \ BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - (0D20CF18-C105-4549-86C8-4B96586D5D98) - C: \ Program Files \ Logitech \ Desktop Messenger \ 8876480 \ Program \ BWPlugProtocol-8876480. dll
O18 - Protocol: bw90 - (0D20CF18-C105-4549-86C8-4B96586D5D98) - C: \ Program Files \ Logitech \ Desktop Messenger \ 8876480 \ Program \ BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - (0D20CF18-C105-4549-86C8-4B96586D5D98) - C: \ Program Files \ Logitech \ Desktop Messenger \ 8876480 \ Program \ BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - (0D20CF18-C105-4549-86C8-4B96586D5D98) - C: \ Program Files \ Logitech \ Desktop Messenger \ 8876480 \ Program \ BWPlugProtocol-8876480. dll
O18 - Protocol: bwa0s - (0D20CF18-C105-4549-86C8-4B96586D5D98) - C: \ Program Files \ Logitech \ Desktop Messenger \ 8876480 \ Program \ BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - (0D20CF18-C105-4549-86C8-4B96586D5D98) - C: \ Program Files \ Logitech \ Desktop Messenger \ 8876480 \ Program \ BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - (0D20CF18-C105-4549-86C8-4B96586D5D98) - C: \ Program Files \ Logitech \ Desktop Messenger \ 8876480 \ Program \ BWPlugProtocol-8876480. dll
O18 - Protocol: bwc0 - (0D20CF18-C105-4549-86C8-4B96586D5D98) - C: \ Program Files \ Logitech \ Desktop Messenger \ 8876480 \ Program \ BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - (0D20CF18-C105-4549-86C8-4B96586D5D98) - C: \ Program Files \ Logitech \ Desktop Messenger \ 8876480 \ Program \ BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - (0D20CF18-C105-4549-86C8-4B96586D5D98) - C: \ Program Files \ Logitech \ Desktop Messenger \ 8876480 \ Program \ BWPlugProtocol-8876480. dll
O18 - Protocol: bwd0s - (0D20CF18-C105-4549-86C8-4B96586D5D98) - C: \ Program Files \ Logitech \ Desktop Messenger \ 8876480 \ Program \ BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - (0D20CF18-C105-4549-86C8-4B96586D5D98) - C: \ Program Files \ Logitech \ Desktop Messenger \ 8876480 \ Program \ BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - (0D20CF18-C105-4549-86C8-4B96586D5D98) - C: \ Program Files \ Logitech \ Desktop Messenger \ 8876480 \ Program \ BWPlugProtocol-8876480. dll
O18 - Protocol: bwf0 - (0D20CF18-C105-4549-86C8-4B96586D5D98) - C: \ Program Files \ Logitech \ Desktop Messenger \ 8876480 \ Program \ BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - (0D20CF18-C105-4549-86C8-4B96586D5D98) - C: \ Program Files \ Logitech \ Desktop Messenger \ 8876480 \ Program \ BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - (9462A756-7B47-47BC-8C80-C34B9B80B32B) - C: \ Program Files \ Logitech \ Desktop Messenger \ 8876480 \ Program \ GAPlugProtocol-8876480. dll
O18 - Protocol: bwg0 - (0D20CF18-C105-4549-86C8-4B96586D5D98) - C: \ Program Files \ Logitech \ Desktop Messenger \ 8876480 \ Program \ BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - (0D20CF18-C105-4549-86C8-4B96586D5D98) - C: \ Program Files \ Logitech \ Desktop Messenger \ 8876480 \ Program \ BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - (0D20CF18-C105-4549-86C8-4B96586D5D98) - C: \ Program Files \ Logitech \ Desktop Messenger \ 8876480 \ Program \ BWPlugProtocol-8876480. dll
O18 - Protocol: bwh0s - (0D20CF18-C105-4549-86C8-4B96586D5D98) - C: \ Program Files \ Logitech \ Desktop Messenger \ 8876480 \ Program \ BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - (0D20CF18-C105-4549-86C8-4B96586D5D98) - C: \ Program Files \ Logitech \ Desktop Messenger \ 8876480 \ Program \ BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - (0D20CF18-C105-4549-86C8-4B96586D5D98) - C: \ Program Files \ Logitech \ Desktop Messenger \ 8876480 \ Program \ BWPlugProtocol-8876480. dll
O18 - Protocol: bwj0 - (0D20CF18-C105-4549-86C8-4B96586D5D98) - C: \ Program Files \ Logitech \ Desktop Messenger \ 8876480 \ Program \ BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - (0D20CF18-C105-4549-86C8-4B96586D5D98) - C: \ Program Files \ Logitech \ Desktop Messenger \ 8876480 \ Program \ BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - (0D20CF18-C105-4549-86C8-4B96586D5D98) - C: \ Program Files \ Logitech \ Desktop Messenger \ 8876480 \ Program \ BWPlugProtocol-8876480. dll
O18 - Protocol: bwk0s - (0D20CF18-C105-4549-86C8-4B96586D5D98) - C: \ Program Files \ Logitech \ Desktop Messenger \ 8876480 \ Program \ BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - (0D20CF18-C105-4549-86C8-4B96586D5D98) - C: \ Program Files \ Logitech \ Desktop Messenger \ 8876480 \ Program \ BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - (0D20CF18-C105-4549-86C8-4B96586D5D98) - C: \ Program Files \ Logitech \ Desktop Messenger \ 8876480 \ Program \ BWPlugProtocol-8876480. dll
O18 - Protocol: bwm0 - (0D20CF18-C105-4549-86C8-4B96586D5D98) - C: \ Program Files \ Logitech \ Desktop Messenger \ 8876480 \ Program \ BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - (0D20CF18-C105-4549-86C8-4B96586D5D98) - C: \ Program Files \ Logitech \ Desktop Messenger \ 8876480 \ Program \ BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - (0D20CF18-C105-4549-86C8-4B96586D5D98) - C: \ Program Files \ Logitech \ Desktop Messenger \ 8876480 \ Program \ BWPlugProtocol-8876480. dll
O18 - Protocol: bwn0s - (0D20CF18-C105-4549-86C8-4B96586D5D98) - C: \ Program Files \ Logitech \ Desktop Messenger \ 8876480 \ Program \ BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - (0D20CF18-C105-4549-86C8-4B96586D5D98) - C: \ Program Files \ Logitech \ Desktop Messenger \ 8876480 \ Program \ BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - (0D20CF18-C105-4549-86C8-4B96586D5D98) - C: \ Program Files \ Logitech \ Desktop Messenger \ 8876480 \ Program \ BWPlugProtocol-8876480. dll
O18 - Protocol: bwp0 - (0D20CF18-C105-4549-86C8-4B96586D5D98) - C: \ Program Files \ Logitech \ Desktop Messenger \ 8876480 \ Program \ BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - (0D20CF18-C105-4549-86C8-4B96586D5D98) - C: \ Program Files \ Logitech \ Desktop Messenger \ 8876480 \ Program \ BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - (0D20CF18-C105-4549-86C8-4B96586D5D98) - C: \ Program Files \ Logitech \ Desktop Messenger \ 8876480 \ Program \ BWPlugProtocol-8876480. dll
O18 - Protocol: bwq0s - (0D20CF18-C105-4549-86C8-4B96586D5D98) - C: \ Program Files \ Logitech \ Desktop Messenger \ 8876480 \ Program \ BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - (0D20CF18-C105-4549-86C8-4B96586D5D98) - C: \ Program Files \ Logitech \ Desktop Messenger \ 8876480 \ Program \ BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - (0D20CF18-C105-4549-86C8-4B96586D5D98) - C: \ Program Files \ Logitech \ Desktop Messenger \ 8876480 \ Program \ BWPlugProtocol-8876480. dll
O18 - Protocol: bws0 - (0D20CF18-C105-4549-86C8-4B96586D5D98) - C: \ Program Files \ Logitech \ Desktop Messenger \ 8876480 \ Program \ BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - (0D20CF18-C105-4549-86C8-4B96586D5D98) - C: \ Program Files \ Logitech \ Desktop Messenger \ 8876480 \ Program \ BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - (0D20CF18-C105-4549-86C8-4B96586D5D98) - C: \ Program Files \ Logitech \ Desktop Messenger \ 8876480 \ Program \ BWPlugProtocol-8876480. dll
O18 - Protocol: bwt0s - (0D20CF18-C105-4549-86C8-4B96586D5D98) - C: \ Program Files \ Logitech \ Desktop Messenger \ 8876480 \ Program \ BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - (0D20CF18-C105-4549-86C8-4B96586D5D98) - C: \ Program Files \ Logitech \ Desktop Messenger \ 8876480 \ Program \ BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - (0D20CF18-C105-4549-86C8-4B96586D5D98) - C: \ Program Files \ Logitech \ Desktop Messenger \ 8876480 \ Program \ BWPlugProtocol-8876480. dll
O18 - Protocol: bwv0 - (0D20CF18-C105-4549-86C8-4B96586D5D98) - C: \ Program Files \ Logitech \ Desktop Messenger \ 8876480 \ Program \ BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - (0D20CF18-C105-4549-86C8-4B96586D5D98) - C: \ Program Files \ Logitech \ Desktop Messenger \ 8876480 \ Program \ BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - (0D20CF18-C105-4549-86C8-4B96586D5D98) - C: \ Program Files \ Logitech \ Desktop Messenger \ 8876480 \ Program \ BWPlugProtocol-8876480. dll
O18 - Protocol: bww0s - (0D20CF18-C105-4549-86C8-4B96586D5D98) - C: \ Program Files \ Logitech \ Desktop Messenger \ 8876480 \ Program \ BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - (0D20CF18-C105-4549-86C8-4B96586D5D98) - C: \ Program Files \ Logitech \ Desktop Messenger \ 8876480 \ Program \ BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - (0D20CF18-C105-4549-86C8-4B96586D5D98) - C: \ Program Files \ Logitech \ Desktop Messenger \ 8876480 \ Program \ BWPlugProtocol-8876480. dll
O18 - Protocol: bwy0 - (0D20CF18-C105-4549-86C8-4B96586D5D98) - C: \ Program Files \ Logitech \ Desktop Messenger \ 8876480 \ Program \ BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - (0D20CF18-C105-4549-86C8-4B96586D5D98) - C: \ Program Files \ Logitech \ Desktop Messenger \ 8876480 \ Program \ BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - (0D20CF18-C105-4549-86C8-4B96586D5D98) - C: \ Program Files \ Logitech \ Desktop Messenger \ 8876480 \ Program \ BWPlugProtocol-8876480. dll
O18 - Protocol: bwz0s - (0D20CF18-C105-4549-86C8-4B96586D5D98) - C: \ Program Files \ Logitech \ Desktop Messenger \ 8876480 \ Program \ BWPlugProtocol-8876480.dll
O18 - Protocol: grooveLocalGWS - (88FED34C-F0CA-4636-A375-3CB6248B04CD) - C: \ PROGRA ~ 1 \ MICROS ~ 3 \ Office12 \ GR99D3 ~ 1.DLL
O18 - Protocol: livecall - (828030A1-22C1-4009-854F-8E305202313F) - C: \ PROGRA ~ 1 \ MSNMES ~ 1 \ MSGRAP ~ 1. DLL
O18 - Protocol: ms-help - (314111C7-A502-11D2-BBCA-00C04F8EC294) - C: \ Program Files \ Fichiers communs \ Microsoft Shared \ Help \ hxds.dll
O18 - Protocol: msnim - (828030A1-22C1-4009-854F-8E305202313F) - C: \ PROGRA ~ 1 \ MSNMES ~ 1 \ MSGRAP ~ 1.DLL
O18 - Protocol: offline-8876480 - (0D20CF18-C105-4549-86C8-4B96586D5D98) - C: \ Program Files \ Logitech \ Desktop Messenger \ 8876480 \ Program \ BWPlugProtocol-8876480. dll
O18 - Filter hijack: text / xml - (807563E5-5146-11D5-A672-00B0D022E945) - C: \ PROGRA ~ 1 \ Common ~ 1 \ MICROS ~ 1 \ Office12 \ MSOXMLMF.DLL
O23 - Service: Ati HotKey Poller - ATI Technologies Inc - C: \ WINDOWS \ system32 \ Ati2evxx.exe
O23 - Service: Kaspersky Anti-Virus 7.0 (AVP) - Unknown owner - C: \ Program Files \ Kaspersky Lab \ Kaspersky Anti-Virus 7.0 \ avp. exe "-r (file missing)
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C: \ Program Files \ CyberLink \ PowerCinema \ Kernel \ TV \ CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C: \ Program Files \ CyberLink \ PowerCinema \ Kernel \ TV \ CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C: \ Program Files \ CyberLink \ PowerCinema \ Kernel \ CLML_NTService \ CLMLServer. exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C: \ Program Files \ Fichiers communs \ InstallShield \ Driver \ 1050 \ Intel 32 \ IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C: \ Program Files \ Common Files \ LightScribe \ LSSrvc.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc - c: \ program files \ fichiers communs \ logitech \ lvmvfm \ LVPrcSrv. exe
O23 - Service: LVSrvLauncher - Logitech Inc - C: \ Program Files \ Fichiers communs \ Logitech \ SrvLnch \ SrvLnch.exe
O23 - Service: pml Driver HPZ12 - HP - C: \ WINDOWS \ System32 \ spool \ DRIVERS \ W32X86 \ 3 \ HPZIPM12.EXE





l'un peut m'aider s'il vous plaît? chaque fois que mon antivirus me dit que je avoir un keylogger, mais ne peut pas se débarasser de lui

ok Im de nouveau à ce forum et à la vista quelqu'un peut m'aider here.here est un détournement de ce fichier de log

Logfile de Trend Micro HijackThis v2.0.2
Scan sauvé à 6:35:35 PM, le 25/02/2008
Plate-forme: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16609)
Boot mode: Normal

Running processes:
C: \ Windows \ system32 \ taskeng.exe
C: \ Windows \ Explorer.EXE
C: \ Windows \ system32 \ Dwm.exe
C: \ Program Files \ Windows Defender \ MSASCui. exe
C: \ hp \ support \ hpsysdrv.exe
C: \ Program Files \ Hewlett-Packard \ On-Screen OSD Indicator \ OSD.exe
C: \ WINDOWS \ RtHDVCpl.exe
C: \ Program Files \ HP \ HP Software Update \ hpwuSchd2.exe
C: \ Program Files \ Java \ jre1.6.0_03 \ bin \ jusched.exe
C: \ Program Files \ Logitech \ Video \ LogiTray.exe
C: \ Program Files \ Intel \ Intel Matrix Storage Manager \ IAAnotif.exe
C: \ Program Files \ Rogers \ SelfHealing \ shs.exe
C: \ Program Files \ Yahoo! \ YOP \ Yop. exe
C: \ Program Files \ Common Files \ Symantec Shared \ ccapp.exe
C: \ WINDOWS \ System32 \ hkcmd.exe
C: \ WINDOWS \ System32 \ igfxpers.exe
C: \ Program Files \ Fichiers communs \ InstallShield \ UpdateService \ issch.exe
C: \ Program Files \ Windows Sidebar \ sidebar.exe
C: \ Program Files \ MSN Messenger \ msnmsgr.exe
C: \ WINDOWS \ ehome \ ehtray.exe
C: \ Program Files \ Windows Media Player \ wmpnscfg.exe
C: \ Program Files \ Compaq Connections \ 3572475 \ Program \ Compaq Connections.exe
C: \ Program Files \ Yahoo! \ Yahoo! Music Jukebox \ ymetray.exe
C: \ Windows \ ehome \ ehmsas.exe
C: \ PROGRA ~ 1 \ Yahoo! \ YOP \ SSDK02.exe
C: \ hp \ kbd \ kbd.exe
C: \ Windows \ system32 \ igfxsrvc.exe
C: \ Program Files \ Mozilla Firefox \ firefox.exe
C: \ Windows \ system32 \ searchfilterhost.exe
C: \ Program Files \ Trend Micro \ HijackThis \ HijackThis. exe

R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://runonce.msn.com/?v=msgrv75
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... pf=desktop
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE= ... pf=desktop
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Search, SearchAssistant =
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Search, CustomizeSearch =
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Toolbar, LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar - (EF99BD32-C1FB-11D2-892F-0090271D4F88) - C: \ Program Files \ Yahoo! \ Companion \ Installs \ CPN \ yt.dll
O1 - Hosts::: 1 localhost
O2 - BHO: Yahoo! Toolbar Helper - (02478D38-C3F9-4EFB-9B51-7695ECA05670) - C: \ Program Files \ Yahoo! \ Companion \ Installs \ CPN \ yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - (06849E9F-C8D7-4D59-B87D-784B7D6BE0B3) - C: \ Program Files \ Fichiers communs \ Adobe \ Acrobat \ ActiveX \ AcroIEHelper.dll
O2 - BHO: Yahoo! IE Services Button - (5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897) - C: \ Program Files \ Yahoo! \ Common \ yiesrvc. dll (file missing)
O2 - BHO: SSVHelper Class - (761497BB-D6F0-462C-B6EB-D4DAF1D92D43) - C: \ Program Files \ Java \ jre1.6.0_03 \ bin \ ssv.dll
O2 - BHO: (no name) - (7E853D72-626A-48EC-A868-BA8D5E23E045) - (no file)
O3 - Toolbar: Yahoo! Toolbar - (EF99BD32-C1FB-11D2-892F-0090271D4F88) - C: \ Program Files \ Yahoo! \ Companion \ Installs \ CPN \ yt.dll
O4 - HKLM \ .. \ Run: [Windows Defender]% ProgramFiles% \ Windows Defender \ MSASCui.exe-hide
O4 - HKLM \ .. \ Run: [hpsysdrv] c: \ hp \ support \ hpsysdrv. exe
O4 - HKLM \ .. \ Run: [KBD] C: \ HP \ KBD \ KbdStub.EXE
O4 - HKLM \ .. \ Run: [OsdMaestro] "C: \ Program Files \ Hewlett-Packard \ On-Screen OSD Indicator \ OSD.exe"
O4 - HKLM \ .. \ Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM \ .. \ Run: [CCUTRAYICON] FactoryMode
O4 - HKLM \ .. \ Run: [HP Software Update] C: \ Program Files \ HP \ HP Software Update \ HPWuSchd2.exe
O4 - HKLM \ .. \ Run: [SunJavaUpdateSched] "C: \ Program Files \ Java \ jre1.6.0_03 \ bin \ jusched.exe"
O4 - HKLM \ .. \ Run: [MSConfig] "C: \ Windows \ system32 \ Msconfig.exe" / auto
O4 - HKLM \ .. \ Run: [LogitechVideoRepair] C: \ Program Files \ Logitech \ Video \ ISStart.exe / RegAll
O4 - HKLM \ .. \ Run: [LogitechVideoTray] C: \ Program Files \ Logitech \ Video \ LogiTray.exe
O4 - HKLM \ .. \ Run: [IAAnotif] "C: \ Program Files \ Intel \ Intel Matrix Storage Manager \ Iaanotif.exe"
O4 - HKLM \ .. \ Run: [Rogers SHS] C: \ Program Files \ Rogers \ SelfHealing \ shs.exe
O4 - HKLM \ .. \ Run: [YOP] C: \ PROGRA ~ 1 \ Yahoo! \ YOP \ Yop. exe / autostart
O4 - HKLM \ .. \ Run: [ccApp] "C: \ Program Files \ Common Files \ Symantec Shared \ ccapp.exe"
O4 - HKLM \ .. \ Run: [Symantec PIF AlertEng] "C: \ Program Files \ Common Files \ Symantec Shared \ PIF \ (B8E1DD85-4c61-8582-B58F-2F227FCA9A08) \ PIFSvc.exe" / a / m " C: \ Program Files \ Common Files \ Symantec Shared \ PIF \ (B8E1DD85-8582-4c61-B58F-2F227FCA9A08) \ AlertEng.dll "
O4 - HKLM \ .. \ Run: [IgfxTray] C: \ Windows \ system32 \ igfxtray.exe
O4 - HKLM \ .. \ Run: [HotKeysCmds] C: \ Windows \ system32 \ hkcmd.exe
O4 - HKLM \ .. \ Run: [Persistence] C: \ Windows \ system32 \ igfxpers.exe
O4 - HKLM \ .. \ Run: [ISUSScheduler] "C: \ Program Files \ Fichiers communs \ InstallShield \ UpdateService \ issch.exe"-start
O4 - HKLM \ .. \ Run: [Adobe Reader Speed Launcher] "C: \ Program Files \ Adobe \ Reader 8.0 \ Reader \ Reader_sl.exe"
O4 - HKLM \ .. \ RunOnce: [Launcher]% WINDIR% \ SMINST \ launcher.exe
O4 - HKCU \ .. \ Run: [Sidebar] C: \ Program Files \ Windows Sidebar \ sidebar.exe / autorun
O4 - HKCU \ .. \ Run: [MsnMsgr] "C: \ Program Files \ MSN Messenger \ msnmsgr.exe" / background
O4 - HKCU \ .. \ Run: [ehTray.exe] C: \ Windows \ ehome \ ehTray.exe
O4 - HKCU \ .. \ Run: [LogitechSoftwareUpdate] "C: \ Program Files \ Logitech \ Video \ ManifestEngine.exe" boot
O4 - HKCU \ .. \ Run: [ISUSPM Startup] "C: \ Program Files \ Fichiers communs \ InstallShield \ UpdateService \ ISUSPM.exe"-startup
O4 - HKCU \ .. \ Run: [WMPNSCFG] C: \ Program Files \ Windows Media Player \ wmpnscfg.exe
O4 - HKUS \ S-1-5-19 \ .. \ Run: [Sidebar]% ProgramFiles% \ Windows Sidebar \ Sidebar.exe / detectMem (User LOCAL SERVICE)
O4 - HKUS \ S-1-5-19 \ .. \ Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll, ShowWelcomeCenter (User LOCAL SERVICE)
O4 - HKUS \ S-1-5-20 \ .. \ Run: [Sidebar]% ProgramFiles% \ Windows Sidebar \ Sidebar.exe / detectMem (User service réseau)
O4 - Global Startup: Compaq Connections. lnk = C: \ Program Files \ Compaq Connections \ 3572475 \ Program \ Compaq Connections.exe
O4 - Global Startup: Microsoft Office.lnk = C: \ Program Files \ Microsoft Office \ Office \ OSA9.exe
O4 - Global Startup: ymetray.lnk = C: \ Program Files \ Yahoo! \ Yahoo! Music Jukebox \ ymetray.exe
O8 - Extra du menu contextuel: & Search -? P = ZC
O9 - Extra button: (no name) - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_03 \ bin \ ssv. dll
O9 - Extra "Outils" menuitem: Sun Java Console - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_03 \ bin \ ssv.dll
O9 - Extra button: Yahoo! Services - (5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897) - C: \ Program Files \ Yahoo! \ Common \ yiesrvc.dll (file missing)
O9 - Extra button: AIM - (AC9E2541-2814-11d5-BC6D-00B0D0A1DE45) - C: \ PROGRA ~ 1 \ AIM \ aim.exe
O13 - Gopher Prefix:
O16 - DPF: (30528230-99f7-4bb4-88d8-fa1d4f56a2ab) (Installation Support) - C: \ Program Files \ Yahoo! \ Common \ Yinsthelper.dll
O16 - DPF: (69EF49E5-FE46-4B92-B5FA-2193AB7A6B8A) (GameLauncher Control) -- http://www.acclaim.com/cabs/acclaim_v5.cab
O16 - DPF: (C7E002D6-324B-4500-883D-84B620FD8640) (Installer Bridge) -- http://cdn2.zone.msn.com/Bingame/BRDG/d ... rtbeat.cab
O23 - Service: Intel (R) Alert Service (AlertService) - Intel (R) Corporation - C: \ Program Files \ Intel \ IntelDH \ CCU \ AlertService.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C: \ Program Files \ Symantec \ LiveUpdate \ ALUSchedulerSvc. exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C: \ Program Files \ Common Files \ Symantec Shared \ CCSVCHST.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C: \ Program Files \ Common Files \ Symantec Shared \ CCSVCHST.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C: \ Program Files \ Common Files \ Symantec Shared \ ccSvcHst. exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C: \ Program Files \ Common Files \ Symantec Shared \ VAScanner \ comHost.exe
O23 - Service: DQLWinService - Unknown owner - C: \ Program Files \ Common Files \ Intel \ IntelDH \ NMS \ AdpPlugins \ DQLWinService.exe
O23 - Service: Intel (R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C: \ Program Files \ Intel \ Intel Matrix Storage Manager \ Iaantmon. exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c: \ Program Files \ Fichiers communs \ InstallShield \ Driver \ 1050 \ Intel 32 \ IDriverT.exe
O23 - Service: Intel DH Service (IntelDHSvcConf) - Intel (R) Corporation - C: \ Program Files \ Intel \ IntelDH \ Intel Media Server \ Tools \ IntelDHSvcConf.exe
O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - C: \ PROGRA ~ 1 \ Symantec \ isPwdSvc. exe
O23 - Service: Intel (R) Software Services Manager (ISSM) - Intel (R) Corporation - C: \ Program Files \ Intel \ IntelDH \ Intel Media Server \ Media Server \ bin \ ISSM.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c: \ Program Files \ Common Files \ LightScribe \ LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C: \ PROGRA ~ 1 \ Symantec \ LIVEUP ~ 1 \ LUCOMS ~ 1. EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C: \ Program Files \ Common Files \ Symantec Shared \ CCSVCHST.exe
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C: \ Program Files \ Common Files \ Symantec Shared \ PIF \ (B8E1DD85-8582-4c61-B58F-2F227FCA9A08) \ PIFSvc.exe
O23 - Service: Intel (R) Viiv (TM) Media Server (M1 Server) - Unknown owner - C: \ Program Files \ Intel \ IntelDH \ Intel Media Server \ Media Server \ bin \ MediaServer. exe
O23 - Service: Intel (R) Application Tracker (MCLServiceATL) - Intel (R) Corporation - C: \ Program Files \ Intel \ IntelDH \ Intel Media Server \ Shells \ MCLServiceATL.exe
O23 - Service: My Web Search Service (MyWebSearchService) - MyWebSearch.com - C: \ PROGRA ~ 1 \ MYWEBS ~ 1 \ bar \ 1.bin \ mwssvc.exe
O23 - Service: Intel (R) Remoting Service (Remote UI Service) - Intel (R) Corporation - C: \ Program Files \ Intel \ IntelDH \ Intel Media Server \ Shells \ Remote UI Service. exe
O23 - Service: Service Rogers SHS (RogersSelfHelpService) - Rogers Cable Communications - c: \ program files \ Rogers \ SelfHealing \ RogersSelfHelpService.exe
O23 - Service: Rogers Update Manager (RogersUpdateManager) - Rogers Cable Communications - C: \ Program Files \ Rogers \ Update Manager \ RogersUpdateManager.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - c: \ Program Files \ Common Files \ Roxio Shared \ 9.0 \ SharedCOM \ RoxMediaDB9.exe
O23 - Service: stllssvr - MICROVISION Development, Inc -- c: \ Program Files \ Common Files \ SureThing Shared \ stllssvr.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C: \ Program Files \ Common Files \ Symantec Shared \ DPCC-LC \ symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C: \ Program Files \ Common Files \ Symantec Shared \ AppCore \ AppSvc32.exe
O23 - Service: XAudioService - Conexant Systems, Inc - C: \ Windows \ system32 \ DRIVERS \ xaudio.exe

--
Fin de fichier - 11,203 octets