message à l'ouverture de mon ordi

Question

Bonjour,
J'ai un gros problème. Il apparaît un message à l'ouverture de mon ordi. 
ça se lit comme suit.: Dans l'entête bleu c'est marqué service exe-image incorrect.
Le message dit dllc:/womdows/système32/avgrsstx.dll n'est pas une image windows valide. vérifiex¸`a l'aide de votre disquette d'installation.
Je ne sais pas de quel disqute il s'agit.
Merci de vos commentaires

Regis59 · Answer

Tu as AVG Internet Security?
Sinon c'est probablement une infection.

Carla L · Answer

bonjour regis 59
je suppose que pour voir si j'ai avg internet security je vais voir dans mon panneau de configuration dans ajout/supprim. les programmes. Je suis allée voir avant que tu m'envoies ton message. Et j'ai supprimé un programme qui ressemblait à celà. 
Mais le problème persiste toujours.
Alors je suppose que c'est une infection.
Merci pour votre dévouement.
Que me suggérez-vous pour régler mon problème?

Regis59 · Answer

Oui, on va regarder...

Télécharge le fichier d’installation d’Hijackthis en cliquant sur ce lien

http://www.trendsecure.com/portal/en-US/tools/security_tools­/hijackthis/download

* Enregistre HJTInstall.exe sur ton bureau.

* Double-clique sur HJTInstall.exe pour lancer le programme

* Accepte la license en cliquant sur le bouton "I Accept"
* Choisis l'option "Do a system scan and save a log file"
* Clique sur "Save log" pour enregistrer le rapport qui s'ouvrira avec le bloc-note
* Clique sur "Edition -> Sélectionner tout", puis sur "Edition -> Copier" pour copier tout le contenu du rapport

* Colle le rapport que tu viens de copier dans ce message.

A+

Carla L · Answer

bonjour M'regis 59,
Bonjour m. regis59 
j'ai fait ce que vous m'avez demandé 
Merci quelque soit votre réponse. 

Logfile of Trend Micro HijackThis v2.0.2 
Scan saved at 07:11:59, on 2009-12-28 
Platform: Windows XP SP3 (WinNT 5.01.2600) 
MSIE: Internet Explorer v8.00 (8.00.6001.18702) 
Boot mode: Normal 

Running processes: 
C:\WINDOWS\System32\smss.exe 
C:\WINDOWS\system32\winlogon.exe 
C:\WINDOWS\system32\services.exe 
C:\WINDOWS\system32\lsass.exe 
C:\WINDOWS\system32\svchost.exe 
C:\WINDOWS\System32\svchost.exe 
C:\Program Files\Bell\Services de sécurité Internet de Bell\Fws.exe 
C:\WINDOWS\system32\spoolsv.exe 
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe 
C:\WINDOWS\system32\svchost.exe 
C:\Program Files\Java\jre6\bin\jqs.exe 
C:\Program Files\Common Files\Motive\McciCMService.exe 
C:\WINDOWS\System32\svchost.exe 
C:\Program Files\Raxco\PerfectDisk2008\PD91Agent.exe 
C:\WINDOWS\System32\svchost.exe 
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe 
C:\WINDOWS\system32\svchost.exe 
C:\Program Files\Personal Vault\VaultClientSRV.exe 
C:\Program Files\Personal Vault\VaultClientUpgrade.exe 
C:\WINDOWS\system32\SearchIndexer.exe 
C:\Program Files\Bell\Services de sécurité Internet de Bell\SafeConnect\Bin\SanaAgent.exe 
C:\WINDOWS\Explorer.EXE 
C:\Program Files\Bell\Services de sécurité Internet de Bell\rps.exe 
C:\WINDOWS\system32\igfxtray.exe 
C:\WINDOWS\system32\hkcmd.exe 
C:\WINDOWS\system32\igfxpers.exe 
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe 
C:\Program Files\BellCanada\McciTrayApp.exe 
C:\Program Files\iTunes\iTunesHelper.exe 
C:\Program Files\Java\jre6\bin\jusched.exe 
C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe 
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe 
C:\WINDOWS\system32\ctfmon.exe 
C:\Program Files\Windows Live\Messenger\msnmsgr.exe 
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe­ 
C:\Documents and Settings\Administrateur\Local Settings\Application Data\MétéoMédia\MétéoÉclair\WeatherEye.exe 
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe 
C:\Program Files\Bell\Internet Service Advisor\SSAComHandler.exe 
C:\Program Files\Windows Desktop Search\WindowsSearch.exe 
C:\Program Files\Raxco\PerfectDisk2008\PD91Engine.exe 
C:\Program Files\Bell\Services de sécurité Internet de Bell\RpsSecurityAwareR.exe 
C:\WINDOWS\System32\svchost.exe 
C:\Program Files\iPod\bin\iPodService.exe 
C:\Program Files\OpenOffice.org 2.3\program\soffice.exe 
C:\Program Files\OpenOffice.org 2.3\program\soffice.BIN 
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe 
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe 
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe 
C:\Program Files\Bell\Internet Service Advisor\SSA.exe 
C:\Program Files\Java\jre6\bin\jucheck.exe 
C:\Program Files\Windows Live\Contacts\wlcomm.exe 
C:\Program Files\Windows Live\Mail\wlmail.exe 
C:\Program Files\Internet Explorer\IEXPLORE.EXE 
C:\Program Files\Internet Explorer\IEXPLORE.EXE 
C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_clipbook.exe 
C:\HijackThis.exe 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?redirfallthru=http%3a%2f%2fsympatico.msn.ca%2fdefaultf.aspx%2f%3f 
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp 
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF 
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp 
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = carmella.labrecque@sympatico.ca 
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens 
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll 
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll 
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll 
O2 - BHO: Pop-Up Blocker BHO - {3C060EA2-E6A9-4E49-A530-D4657B8C449A} - C:\Program Files\Bell\Services de sécurité Internet de Bell\pkR.dll 
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing) 
O2 - BHO: Trend Micro Toolbar BHO - {43C6D902-A1C5-45c9-91F6-FD9E90337E18} - C:\Program Files\Trend Micro\TrendSecure\TISProToolbar\TSToolbar.dll (file missing) 
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) 
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll 
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll 
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll 
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll 
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll 
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll 
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll 
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll 
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll 
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll 
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll 
O3 - Toolbar: Trend Micro Toolbar - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\TrendSecure\TISProToolbar\TSToolbar.dll (file missing) 
O3 - Toolbar: Yahoo! Barre d'outils - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll 
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe 
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe 
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe 
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" 
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe 
O4 - HKLM\..\Run: [BellCanada_McciTrayApp] C:\Program Files\BellCanada\McciTrayApp.exe 
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" 
O4 - HKLM\..\Run: [SSA.exe] "C:\Program Files\Bell\Internet Service Advisor\SSA.exe" /AUTORUN 
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime 
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" 
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" 
O4 - HKLM\..\Run: [Google Quick Search Box] "C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe" /autorun 
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe 
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe 
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe 
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background 
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" 
O4 - HKCU\..\Run: [hjdena] "c:\documents and settings\administrateur\local settings\application data\hjdena.exe" hjdena 
O4 - HKCU\..\Run: [WeatherEye] C:\Documents and Settings\Administrateur\Local Settings\Application Data\MétéoMédia\MétéoÉclair\WeatherEye.exe 
O4 - HKCU\..\Run: [RegDokFRT] C:\Program Files\RegistryDoktor 4.1\RegistryDoktor.exe 
O4 - HKCU\..\Run: [RegDokFRScheduler] C:\Program Files\RegistryDoktor 4.1\RegistryDoktor.exe SCHEDULER 
O4 - Startup: OpenOffice.org 2.3.lnk = C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe 
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe 
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe 
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200 
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html 
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll 
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll 
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll 
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll 
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe 
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL 
O9 - Extra button: Sélection intelligente HP - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll 
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe 
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe 
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe 
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe 
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/resources/MSNPUpld.cab 
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/default.aspx 
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/default.aspx 
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab 
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx2.hotmail.com/mail/w4/pr01/photouploadcontrol/MSNPUpld.cab 
O16 - DPF: {F7EDBBEA-1AD2-4EBF-AA07-D453CC29EE65} (Flash Casino Helper Control) - https://plugins.valueactive.eu/flashax/iefax.cab 
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (file missing) 
O18 - Protocol: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\TrendSecure\TISProToolbar\TSToolbar.dll (file missing) 
O20 - AppInit_DLLs: avgrsstx.dll 
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe 
O23 - Service: AVG8 E-mail Scanner (avg8emc) - Unknown owner - C:\PROGRA~1\AVG\AVG8\avgemc.exe (file missing) 
O23 - Service: AVG8 WatchDog (avg8wd) - Unknown owner - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe (file missing) 
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe 
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe 
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe 
O23 - Service: McciCMService - Motive Communications, Inc. - C:\Program Files\Common Files\Motive\McciCMService.exe 
O23 - Service: PD91Agent - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk2008\PD91Agent.exe 
O23 - Service: PD91Engine - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk2008\PD91Engine.exe 
O23 - Service: Services de sécurité Internet de Bell (Radialpoint Security Services) - Bell - C:\Program Files\Bell\Services de sécurité Internet de Bell\RpsSecurityAwareR.exe 
O23 - Service: Services de sécurité Internet de Bell SafeConnectAgent (RadialpointSafeConnectAgent) - Sana Security - C:\Program Files\Bell\Services de sécurité Internet de Bell\SafeConnect\Bin\SanaAgent.exe 
O23 - Service: Services de sécurité Internet de Bell Coupe-feu (RP_FWS) - Bell - C:\Program Files\Bell\Services de sécurité Internet de Bell\Fws.exe 
O23 - Service: Personal Vault Backup Service (VaultClientSRV) - Bell Canada - C:\Program Files\Personal Vault\VaultClientSRV.exe 
O23 - Service: Personal Vault Upgrade Service (VaultClientUpgrade) - Bell Canada - C:\Program Files\Personal Vault\VaultClientUpgrade.exe 

End of file - 13753 bytes
Vous m'aviez demander de copier le résultat et de vous l'envoyer. 
C'était le 28 dec.2009
Alors je retourne le rapport.
Merci si vous trouvez une solution
Merci pour tout
Carla L

Regis59 · Answer

Bonjour Carla L. (dommage que ce ne soit pas Carla B comme Bruni lol)

Télécharge Navilog1 (par IL-MAFIOSO) sur ton bureau

http://perso.orange.fr/il.mafioso/Navifix/Navilog1.exe

Ensuite double clique sur Navilog1.exe pour le démarrer

Laisse-toi guider. Appuie sur une touche quand on te le demande.
Au menu principal, choisis 1 et valide.

< Ne fais pas le choix 2 >

Patiente le temps du scan. Il te sera peut-être demandé de redémarrer ton PC.
Laisse l'outil le faire automatiquement, sinon redémarre ton PC normalement s'il te le demande.

Patiente jusqu'au message "Scan terminé le......"
Appuie sur une touche comme demandé ; le bloc-notes va s'ouvrir.
Copie-colle l'intégralité dans ta réponse. Referme le bloc-notes.

PS : le rapport est, aussi, sauvegardé à la racine du disque dur C:\cleannavi.txt

++

Carla L · Answer

Fix Navipromo version 4.0.6 commencé le 2010-01-17  7:07:52,31

!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!

Outil exécuté depuis C:\Program Files
avilog1

Mise à jour le 03.01.2010 à 11h00 par IL-MAFIOSO

Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free :               Intel(R) Pentium(R) 4 CPU 2.80GHz )
BIOS : Phoenix FirstBios(tm) Desktop Pro Version 2.0 for IBM ThinkCentre.
USER : Administrateur ( Administrator )
BOOT : Normal boot

Antivirus : Services de sécurité Internet de Bell Antivirus 8.0.34 (Activated)
Firewall  : Services de sécurité Internet de Bell Coupe-feu 8.0.34 (Activated)

A:\ (USB)
C:\ (Local Disk) - NTFS - Total:70 Go (Free:51 Go)
D:\ (CD or DVD)
E:\ (Local Disk) - NTFS - Total:78 Go (Free:77 Go)


Recherche executée en mode normal 

Nettoyage exécuté au redémarrage de l'ordinateur


c:\docume~1\admini~1\locals~1\applic~1\hjdena.dat supprimé !
c:\docume~1\admini~1\locals~1\applic~1\hjdena_nav.dat supprimé !
c:\docume~1\admini~1\locals~1\applic~1\hjdena_navps.dat supprimé !


Nettoyage contenu C:\WINDOWS\Temp effectué !
Nettoyage contenu C:\Documents and Settings\Administrateur\locals~1\Temp effectué !


*** Sauvegarde du Registre vers dossier Safebackup ***

sauvegarde du Registre réalisée avec succès !

*** Nettoyage Registre ***

Nettoyage Registre Ok




*** Scan terminé 2010-01-17  7:52:33,23 ***

voilà je retourne la réponse du bloc note comme vous l'avez demandé
Merci

Regis59 · Answer

ok remet un nouvel HijackThis

a+

Carla L · Answer

bonjour M. regis59,
vous avez dit remet un hijack this
voilà c'est ce que ça donné 
Je ne sais pas si c'est correct

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:54:31, on 2010-01-17
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Bell\Services de sécurité Internet de Bell\Fws.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Motive\McciCMService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Raxco\PerfectDisk2008\PD91Agent.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Personal Vault\VaultClientSRV.exe
C:\Program Files\Personal Vault\VaultClientUpgrade.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Bell\Services de sécurité Internet de Bell\SafeConnect\Bin\SanaAgent.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Bell\Services de sécurité Internet de Bell\rps.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\BellCanada\McciTrayApp.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Documents and Settings\Administrateur\Local Settings\Application Data\MétéoMédia\MétéoÉclair\WeatherEye.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\Bell\Internet Service Advisor\SSAComHandler.exe
C:\Program Files\Raxco\PerfectDisk2008\PD91Engine.exe
C:\Program Files\Bell\Services de sécurité Internet de Bell\RpsSecurityAwareR.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Bell\Internet Service Advisor\SSA.exe
C:\Program Files\Windows Live\Mail\wlmail.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?redirfallthru=http%3a%2f%2fsympatico.msn.ca%2fdefaultf.aspx%2f%3f
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = carmella.labrecque@sympatico.ca
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Pop-Up Blocker BHO - {3C060EA2-E6A9-4E49-A530-D4657B8C449A} - C:\Program Files\Bell\Services de sécurité Internet de Bell\pkR.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing)
O2 - BHO: Trend Micro Toolbar BHO - {43C6D902-A1C5-45c9-91F6-FD9E90337E18} - C:\Program Files\Trend Micro\TrendSecure\TISProToolbar\TSToolbar.dll (file missing)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Trend Micro Toolbar - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\TrendSecure\TISProToolbar\TSToolbar.dll (file missing)
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [BellCanada_McciTrayApp] C:\Program Files\BellCanada\McciTrayApp.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SSA.exe] "C:\Program Files\Bell\Internet Service Advisor\SSA.exe" /AUTORUN
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Google Quick Search Box] "C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe"  /autorun
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [WeatherEye] C:\Documents and Settings\Administrateur\Local Settings\Application Data\MétéoMédia\MétéoÉclair\WeatherEye.exe
O4 - HKCU\..\Run: [RegDokFRT] C:\Program Files\RegistryDoktor 4.1\RegistryDoktor.exe
O4 - HKCU\..\Run: [RegDokFRScheduler] C:\Program Files\RegistryDoktor 4.1\RegistryDoktor.exe SCHEDULER
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: Sélection intelligente HP - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/resources/MSNPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx2.hotmail.com/mail/w4/pr01/photouploadcontrol/MSNPUpld.cab
O16 - DPF: {F7EDBBEA-1AD2-4EBF-AA07-D453CC29EE65} (Flash Casino Helper Control) - https://plugins.valueactive.eu/flashax/iefax.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (file missing)
O18 - Protocol: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\TrendSecure\TISProToolbar\TSToolbar.dll (file missing)
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG8 E-mail Scanner (avg8emc) - Unknown owner - C:\PROGRA~1\AVG\AVG8\avgemc.exe (file missing)
O23 - Service: AVG8 WatchDog (avg8wd) - Unknown owner - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe (file missing)
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: McciCMService - Motive Communications, Inc. - C:\Program Files\Common Files\Motive\McciCMService.exe
O23 - Service: PD91Agent - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk2008\PD91Agent.exe
O23 - Service: PD91Engine - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk2008\PD91Engine.exe
O23 - Service: Services de sécurité Internet de Bell (Radialpoint Security Services) - Bell - C:\Program Files\Bell\Services de sécurité Internet de Bell\RpsSecurityAwareR.exe
O23 - Service: Services de sécurité Internet de Bell SafeConnectAgent (RadialpointSafeConnectAgent) - Sana Security - C:\Program Files\Bell\Services de sécurité Internet de Bell\SafeConnect\Bin\SanaAgent.exe
O23 - Service: Services de sécurité Internet de Bell Coupe-feu (RP_FWS) - Bell - C:\Program Files\Bell\Services de sécurité Internet de Bell\Fws.exe
O23 - Service: Personal Vault Backup Service (VaultClientSRV) - Bell Canada - C:\Program Files\Personal Vault\VaultClientSRV.exe
O23 - Service: Personal Vault Upgrade Service (VaultClientUpgrade) - Bell Canada - C:\Program Files\Personal Vault\VaultClientUpgrade.exe

Regis59 · Answer

Re,

Relance HijackThis puis coche ces cases:
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

Ferme HijackThis.

Ensuite, j'ai vu que tu es cannadienne, ton fournisseur d'accès internet doit être bell...il te fournit également une protection antivirus !?
Car en plus de cette protection tu as également AVG8...il ne t'en faut qu'un seul...tu payes la protection BELL?

Enfin Registry Doktor 4.1 est un rogue !
Télécharge Malwarebytes' Anti-Malware (MBAM)
http://www.malwarebytes.org/mbam/program/mbam-setup.exe

* Ferme tes navigateurs.
* Double clique sur le fichier téléchargé pour lancer le processus d'installation.
* Dans l'onglet "Mise à jour", clique sur le bouton "Recherche de mise à jour": si le pare-feu demande l'autorisation à MBAM de se connecter, accepte.
* Une fois la mise à jour terminée, rends-toi dans l'onglet "Recherche".
* Sélectionne "Exécuter un examen rapide"
* Clique sur "Rechercher"
* L'analyse démarre, le scan est relativement long, c'est normal.
* A la fin de l'analyse, un message s'affiche :
L'examen s'est terminé normalement.
Clique sur 'Afficher les résultats' pour afficher tous les objets trouvés.

Clique sur "Ok" pour poursuivre. Si MBAM n'a rien trouvé, il te le dira aussi.

* Si des malwares ont été détectés, clique sur Afficher les résultats.
Sélectionne tout (ou laisse coché) et clique sur Supprimer la sélection, MBAM va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.
* MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Copie-colle ce rapport et poste-le dans ta prochaine réponse.

• tuto: https://www.malekal.com/tutoriel-malwarebyte-anti-malware/


NB : Si MBAM te demande à redémarrer, fais-le.

A+
:-)

Carla L · Answer

Bonjour M. regis59,
Je vous envoie le rapport 
Pour répondre à votre question oui je paie la protection BELL
Mais la protection AVG8 je ne le savais pas.
Mais je ne peux l'enlever je ne sais pas ou elle est.
Alors je vous envoie la copie du bloc note.
J'ai supprimé la sélection et reparti mon ordi.
Mais le problème est toujours là.
En tout cas je vous envoie le rapport.
Merci de votre obligeance.


Malwarebytes' Anti-Malware 1.44
Version de la base de données: 3595
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

2010-01-18 16:02:29
mbam-log-2010-01-18 (16-02-28).txt

Type de recherche: Examen rapide
Eléments examinés: 135302
Temps écoulé: 20 minute(s), 1 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 2
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 6
Fichier(s) infecté(s): 241

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\SystemCertificates\TrustedPublisher\Certificates\93eb9fd3ea40f221e990e3e71343e6d47d3fa0c0 (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\RegistryDoktorFrNE (Rogue.RegistryDoctor) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
C:\Program Files\Angle Interactive\RD Platinum v5.0 (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100 (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\GroupPolicyManifest (Worm.Archive) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\AVP 2009 (Malware.Trace) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
C:\Program Files\Angle Interactive\RD Platinum v5.0\Customer Support.url (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\INSTALL.LOG (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\install.sss (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\User Guide.url (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-1.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-10.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-11.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-12.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-13.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-14.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-15.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-16.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-17.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-18.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-19.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-2.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-20.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-21.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-22.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-23.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-24.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-25.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-26.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-27.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-28.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-29.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-3.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-30.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-31.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-32.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-33.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-34.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-35.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-36.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-37.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-38.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-39.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-4.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-40.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-41.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-42.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-43.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-44.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-45.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-46.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-47.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-48.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-49.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-5.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-50.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-6.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-7.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-8.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\scanner-repair-9.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\repair-bar\Thumbs.db (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-0.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-1.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-10.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-100.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-11.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-12.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-13.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-14.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-15.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-16.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-17.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-18.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-19.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-2.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-20.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-21.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-22.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-23.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-24.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-25.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-26.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-27.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-28.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-29.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-3.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-30.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-31.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-32.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-33.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-34.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-35.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-36.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-37.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-38.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-39.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-4.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-40.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-41.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-42.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-43.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-44.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-45.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-46.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-47.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-48.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-49.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-5.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-50.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-51.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-52.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-53.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-54.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-55.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-56.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-57.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-58.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-59.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-6.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-60.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-61.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-62.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-63.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-64.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-65.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-66.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-67.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-68.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-69.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-7.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-70.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-71.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-72.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-73.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-74.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-75.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-76.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-77.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-78.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-79.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-8.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-80.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-81.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-82.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-83.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-84.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-85.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-86.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-87.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-88.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-89.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-9.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-90.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-91.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-92.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-93.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-94.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-95.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-96.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-97.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-98.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\scanner100-99.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-100\Thumbs.db (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-0.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-1.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-10.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-11.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-12.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-13.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-14.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-15.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-16.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-17.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-18.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-19.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-2.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-20.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-21.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-22.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-23.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-24.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-25.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-26.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-27.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-28.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-29.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-3.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-30.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-31.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-32.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-33.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-34.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-35.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-36.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-37.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-38.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-39.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-4.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-40.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-41.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-42.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-43.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-44.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-45.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-46.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-47.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-48.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-49.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-5.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-50.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-51.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-52.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-53.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-54.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-55.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-56.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-57.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-58.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-59.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-6.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-60.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-61.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-62.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-63.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-64.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-65.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-7.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-8.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\scannerpulse-9.jpg (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\Program Files\Angle Interactive\RD Platinum v5.0\scan-bar-pulse\Thumbs.db (Rogue.RegistryDefender) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\GroupPolicyManifest\14.music.mp3 (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\GroupPolicyManifest\14.music.mp3.kwd (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\GroupPolicyManifest\15.crack.zip (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\GroupPolicyManifest\15.crack.zip.kwd (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\GroupPolicyManifest\16.video.zip (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\GroupPolicyManifest\16.video.zip.kwd (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\GroupPolicyManifest\17.setup.zip (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\GroupPolicyManifest\17.setup.zip.kwd (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\GroupPolicyManifest\18.unpack.zip (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\GroupPolicyManifest\18.unpack.zip.kwd (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\GroupPolicyManifest\19.keygen.zip.kwd (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\GroupPolicyManifest\20.serial.zip (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\GroupPolicyManifest\20.serial.zip.kwd (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\GroupPolicyManifest\22.mpgvideo.mpg (Worm.Archive) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\GroupPolicyManifest\22.mpgvideo.mpg.kwd (Worm.Archive) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\AVP 2009\1.dat (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\GroupPolicy000.dat (Malware.Trace) -> Quarantined and deleted successfully.

Regis59 · Answer

Salut

261 éléments infectieux, wahou !

Pour répondre à votre question oui je paie la protection BELL
Mais la protection AVG8 je ne le savais pas.
Mais je ne peux l'enlever je ne sais pas ou elle est.

Vas dans panneau de configuration < ajout suppression de programmes, y est il?

A+

Carla L · Answer

bonjour M.regis59,
Je n'ai pas trouvé dans le panneau de configuration La protection avg8

J'ai refait ce matin un scan avec malwareBytes antiMalware.php comme je l'ai fait hier. Ce matin on dit que je n'ai rien d'infecté. Mais j'ai toujours le même problème. 
Je ne comprend pas est-ce que j'ai fait quelque chose de pas correct.
Merci d'être aussi patient



Malwarebytes' Anti-Malware 1.44
Version de la base de données: 3598
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

2010-01-19 09:27:29
mbam-log-2010-01-19 (09-27-29).txt

Type de recherche: Examen rapide
Eléments examinés: 133665
Temps écoulé: 16 minute(s), 19 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)

Regis59 · Answer

ok

Regarde dans démarrer < tous les programmes si tu as AVG.
Sinon vas dans démarer < c: < programfiles < avg < et vérifie que tu as un fichier nommé uninstaller.exe

A+

Carla L · Answer

bonjour M. regis59,
J'ai bien trouvé le AVG8 et je l.ai supprimé.
Maintenant mon problème est toujours là.
Lorsque j'ouvre mon ordi le message apparaît toujours.
Si il nY a rien à ajouté, je vous remercie quand même de votre devouement.

Regis59 · Answer

Bonjour Carla,

Peux tu me remettre un nouvel HijackThis suite à la désinstallation d'AVG?
Je voudrais vérifier que cette ligne soit toujours présente:
O20 - AppInit_DLLs: avgrsstx.dll

A tout à l'heure.

Carla L · Answer

Bonjour M. Regis 59,
Je vous envoie tel que demandé le rapport
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:33:03, on 2010-01-20
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Bell\Services de sécurité Internet de Bell\Fws.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Motive\McciCMService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Raxco\PerfectDisk2008\PD91Agent.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Personal Vault\VaultClientSRV.exe
C:\Program Files\Personal Vault\VaultClientUpgrade.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Bell\Services de sécurité Internet de Bell\SafeConnect\Bin\SanaAgent.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Bell\Services de sécurité Internet de Bell\rps.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\BellCanada\McciTrayApp.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Documents and Settings\Administrateur\Local Settings\Application Data\MétéoMédia\MétéoÉclair\WeatherEye.exe
C:\Program Files\Bell\Internet Service Advisor\SSAComHandler.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\Bell\Services de sécurité Internet de Bell\RpsSecurityAwareR.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Raxco\PerfectDisk2008\PD91Engine.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Bell\Internet Service Advisor\SSA.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Java\jre6\bin\jucheck.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?redirfallthru=http%3a%2f%2fsympatico.msn.ca%2fdefaultf.aspx%2f%3f
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = carmella.labrecque@sympatico.ca
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Pop-Up Blocker BHO - {3C060EA2-E6A9-4E49-A530-D4657B8C449A} - C:\Program Files\Bell\Services de sécurité Internet de Bell\pkR.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing)
O2 - BHO: Trend Micro Toolbar BHO - {43C6D902-A1C5-45c9-91F6-FD9E90337E18} - C:\Program Files\Trend Micro\TrendSecure\TISProToolbar\TSToolbar.dll (file missing)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Trend Micro Toolbar - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\TrendSecure\TISProToolbar\TSToolbar.dll (file missing)
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [BellCanada_McciTrayApp] C:\Program Files\BellCanada\McciTrayApp.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SSA.exe] "C:\Program Files\Bell\Internet Service Advisor\SSA.exe" /AUTORUN
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Google Quick Search Box] "C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe"  /autorun
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [WeatherEye] C:\Documents and Settings\Administrateur\Local Settings\Application Data\MétéoMédia\MétéoÉclair\WeatherEye.exe
O4 - HKCU\..\Run: [RegDokFRT] C:\Program Files\RegistryDoktor 4.1\RegistryDoktor.exe
O4 - HKCU\..\Run: [RegDokFRScheduler] C:\Program Files\RegistryDoktor 4.1\RegistryDoktor.exe SCHEDULER
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: Sélection intelligente HP - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/resources/MSNPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx2.hotmail.com/mail/w4/pr01/photouploadcontrol/MSNPUpld.cab
O16 - DPF: {F7EDBBEA-1AD2-4EBF-AA07-D453CC29EE65} (Flash Casino Helper Control) - https://plugins.valueactive.eu/flashax/iefax.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (file missing)
O18 - Protocol: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\TrendSecure\TISProToolbar\TSToolbar.dll (file missing)
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG8 E-mail Scanner (avg8emc) - Unknown owner - C:\PROGRA~1\AVG\AVG8\avgemc.exe (file missing)
O23 - Service: AVG8 WatchDog (avg8wd) - Unknown owner - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe (file missing)
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: McciCMService - Motive Communications, Inc. - C:\Program Files\Common Files\Motive\McciCMService.exe
O23 - Service: PD91Agent - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk2008\PD91Agent.exe
O23 - Service: PD91Engine - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk2008\PD91Engine.exe
O23 - Service: Services de sécurité Internet de Bell (Radialpoint Security Services) - Bell - C:\Program Files\Bell\Services de sécurité Internet de Bell\RpsSecurityAwareR.exe
O23 - Service: Services de sécurité Internet de Bell SafeConnectAgent (RadialpointSafeConnectAgent) - Sana Security - C:\Program Files\Bell\Services de sécurité Internet de Bell\SafeConnect\Bin\SanaAgent.exe
O23 - Service: Services de sécurité Internet de Bell Coupe-feu (RP_FWS) - Bell - C:\Program Files\Bell\Services de sécurité Internet de Bell\Fws.exe
O23 - Service: Personal Vault Backup Service (VaultClientSRV) - Bell Canada - C:\Program Files\Personal Vault\VaultClientSRV.exe
O23 - Service: Personal Vault Upgrade Service (VaultClientUpgrade) - Bell Canada - C:\Program Files\Personal Vault\VaultClientUpgrade.exe

Regis59 · Answer

Tiens...curieux que MBAM n'ai pas supprimé RegistryDoktor 4.1

Dans ajout/suppression de programmes, as tu RegistryDoktor 4.1? Si oui, désinstalle le...

Ensuite, télécharge et exécute ceci:
http://download.avg.com/filedir/util/avg_arm_sup_____.dir/avgremover.exe

Une fois le processus terminé, merci de me remettre un nouvel HijackThis.

A++

Carla L · Answer

Bonjour M. Regis59,
Youpi nous avons réussis.
J'ai fait une recherche pour trouver AVGrsslx et j'ai trouvé et j'ai supprimé.
Là j'ai refermé mon ordi et rééouverte et les messages sont partis.
Mon ordi est n0.1
Mais je n'ai pas trouvé registredoctory4.1
Alors merci beaucoup de votre patience.

Regis59 · Answer

D'accord, mais tout n'est pas clean, on continue?

Carla L · Answer

Bonjour M. Regis59,
Je n'ai pas trouvé de registry Doktor4.1
Et j'ai fait ce que vous m'avez demandé.



Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:13:21, on 2010-01-21
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Bell\Services de sécurité Internet de Bell\Fws.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Motive\McciCMService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Raxco\PerfectDisk2008\PD91Agent.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Personal Vault\VaultClientSRV.exe
C:\Program Files\Personal Vault\VaultClientUpgrade.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Bell\Services de sécurité Internet de Bell\SafeConnect\Bin\SanaAgent.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Bell\Services de sécurité Internet de Bell\rps.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\BellCanada\McciTrayApp.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Documents and Settings\Administrateur\Local Settings\Application Data\MétéoMédia\MétéoÉclair\WeatherEye.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\Bell\Internet Service Advisor\SSAComHandler.exe
C:\Program Files\Bell\Services de sécurité Internet de Bell\RpsSecurityAwareR.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Raxco\PerfectDisk2008\PD91Engine.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files\Bell\Internet Service Advisor\SSA.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_clipbook.exe
C:\Program Files\Windows Live\Mail\wlmail.exe
C:\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://sympatico.msn.ca/defaultf.aspx
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = carmella.labrecque@sympatico.ca
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Pop-Up Blocker BHO - {3C060EA2-E6A9-4E49-A530-D4657B8C449A} - C:\Program Files\Bell\Services de sécurité Internet de Bell\pkR.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
O2 - BHO: Trend Micro Toolbar BHO - {43C6D902-A1C5-45c9-91F6-FD9E90337E18} - C:\Program Files\Trend Micro\TrendSecure\TISProToolbar\TSToolbar.dll (file missing)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Trend Micro Toolbar - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\TrendSecure\TISProToolbar\TSToolbar.dll (file missing)
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [BellCanada_McciTrayApp] C:\Program Files\BellCanada\McciTrayApp.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SSA.exe] "C:\Program Files\Bell\Internet Service Advisor\SSA.exe" /AUTORUN
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Google Quick Search Box] "C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe"  /autorun
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [WeatherEye] C:\Documents and Settings\Administrateur\Local Settings\Application Data\MétéoMédia\MétéoÉclair\WeatherEye.exe
O4 - HKCU\..\Run: [RegDokFRT] C:\Program Files\RegistryDoktor 4.1\RegistryDoktor.exe
O4 - HKCU\..\Run: [RegDokFRScheduler] C:\Program Files\RegistryDoktor 4.1\RegistryDoktor.exe SCHEDULER
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: Sélection intelligente HP - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/resources/MSNPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx2.hotmail.com/mail/w4/pr01/photouploadcontrol/MSNPUpld.cab
O16 - DPF: {F7EDBBEA-1AD2-4EBF-AA07-D453CC29EE65} (Flash Casino Helper Control) - https://plugins.valueactive.eu/flashax/iefax.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file)
O18 - Protocol: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\TrendSecure\TISProToolbar\TSToolbar.dll (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: McciCMService - Motive Communications, Inc. - C:\Program Files\Common Files\Motive\McciCMService.exe
O23 - Service: PD91Agent - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk2008\PD91Agent.exe
O23 - Service: PD91Engine - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk2008\PD91Engine.exe
O23 - Service: Services de sécurité Internet de Bell (Radialpoint Security Services) - Bell - C:\Program Files\Bell\Services de sécurité Internet de Bell\RpsSecurityAwareR.exe
O23 - Service: Services de sécurité Internet de Bell SafeConnectAgent (RadialpointSafeConnectAgent) - Sana Security - C:\Program Files\Bell\Services de sécurité Internet de Bell\SafeConnect\Bin\SanaAgent.exe
O23 - Service: Services de sécurité Internet de Bell Coupe-feu (RP_FWS) - Bell - C:\Program Files\Bell\Services de sécurité Internet de Bell\Fws.exe
O23 - Service: Personal Vault Backup Service (VaultClientSRV) - Bell Canada - C:\Program Files\Personal Vault\VaultClientSRV.exe
O23 - Service: Personal Vault Upgrade Service (VaultClientUpgrade) - Bell Canada - C:\Program Files\Personal Vault\VaultClientUpgrade.exe

Regis59 · Answer

ok il reste RegistryDoktor 4.1

Peux tu aller dans démarer < poste de travail < c: < ProgramFiles < RegistryDoktor 4.1 < et me dire quels fichiers il y a?

Carla L · Answer

bonjour M. Regis59,
Je suis allée voir dans : c:programe files, et je n'ai pas de registryDoctor4.1.
Je l'avais mais j'ai tout enlevé. Maintenant j'ai beau allé voir je ne trouve plus rien de registry
doktor4.1.

Regis59 · Answer

OK

Relance HijackThis, coche ces cases:

O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O4 - HKCU\..\Run: [WeatherEye] C:\Documents and Settings\Administrateur\Local Settings\Application Data\MétéoMédia\MétéoÉclair\WeatherEye.exe
O4 - HKCU\..\Run: [RegDokFRT] C:\Program Files\RegistryDoktor 4.1\RegistryDoktor.exe
O4 - HKCU\..\Run: [RegDokFRScheduler] C:\Program Files\RegistryDoktor 4.1\RegistryDoktor.exe SCHEDULER

Clique sur Fix checked.

As tu un nettoyeur de registre?

A+

Carla L · Answer

Bonjour M.regis59,
J'ai coché les cases que vous avez demandés.
Il est apparue une note qui marquait en anglais.
Hackthis is about to remove a BHO and the corresponding file from your system.
Close all internet explorer windows and all windows Explorer windows before continuing for the best of succes.
 Je ne connais pas bien l.anglais mais je crois qu'il me demandait de refermé mon ordi et c'est ce que j'ai fait.
Bon vous me demandé si j'ai un nettoyeur de régistre.
Je ne crois pas.

Regis59 · Answer

Ok

Télécharge ceci:
https://www.zebulon.fr/telechargements/utilitaires/nettoyeurs/jv16.html

Ouvre JV16 puis Préférences < Language < met French puis OK < OK

Clique sur outil registre, puis sur Chercher.
Coche la case "Sélectionner les éléments trouvés".
Puis Ecris RegistryDoktor 
Clique ensuite sur Supprimer.

Refais pareil avec le mot Registry Doktor.

Une fois cela fait, **clique sur Outil < Nettoyeur de registre < Continuer < Continuer < Démarrer.
Une fois le scan terminé...
Clique sur Sélection < Sélection spéciale < Éléments qui peuvent être supprimés sans risques.
Clique sur Supprimer.
Si le processus de suppression ne se lance pas, ferme le logiciel et recommence depuis le **.

A+

Carla L · Answer

Bonjour M. Regis59,
J'ai fait ce que vous m'avez demandé. Et les suppressions se sont faites.
Ça  marché.

Regis59 · Answer

OK.

Ou en sont tes soucis?

A+

carla L · Answer

Bonjour M. regis59,
Oui j'ai un autre souci c'est que depuis hier j'ai un autre message à l'ouverture de mon ordi. qui dit ceci:
The feature you are trying to use is on a CD-ROM or other remorable disk that is not available insert the thay App'disk and click OK
Il veut s'installer mais il n'y arive pas parce que je crois qu'il veut que je mette un Cd.
Le message reste lèa.

Message à l'ouverture de mon ordi

28 réponses

Votre réponse

Discussions similaires

Newsletters