triangle jaune

[Faty]

Bonjour a tous

 

petit souci : j'ai un petit triangle jaune avec un "!" dedans en bas a droite de mon ecran, quand je clic dessus ca me marque: Warning! your computer is at risk

 

je sais pas comment l'enlever , j'ai essayer avec SpySweeper - Spybot S&D - AdAware etc et il est tjrs la

 

je mets mon log hijack-this au cas ou kelkun saurait m'aider

 

merci

 

StartupList report, 03/03/2005, 16:59:14

StartupList version: 1.52.2

Started from : C:\Documents and Settings\Moumou\Bureau\HijackThis.EXE

Detected: Windows XP (WinNT 5.01.2600)

Detected: Internet Explorer v6.00 SP1 (6.00.2600.0000)

* Using default options

==================================================

 

Running processes:

 

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Trend Micro\PC-cillin 2002\pccguide.exe

C:\Program Files\Trend Micro\PC-cillin 2002\PCCClient.exe

C:\Program Files\Trend Micro\PC-cillin 2002\Pop3trap.exe

C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLACSD.EXE

C:\Program Files\Creative\SBLive\AudioHQ\AHQTB.EXE

C:\WINDOWS\System32\nvsvc32.exe

C:\Program Files\ahead\InCD\InCD.exe

C:\Program Files\Trend Micro\PC-cillin 2002\Tmntsrv.exe

C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe

C:\WINDOWS\System32\RUNDLL32.EXE

C:\PROGRA~1\Softwin\BITDEF~1\bdmcon.exe

C:\Program Files\D-Tools\daemon.exe

C:\PROGRA~1\TECHCI~1\AOLSAV\AOLAgent.exe

C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe

C:\Program Files\QuickTime\qttask.exe

C:\Program Files\Messenger\msmsgs.exe

C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

C:\Program Files\MSI\PC Alert 4\PCAlert4.exe

C:\Program Files\Trend Micro\PC-cillin 2002\WebTrap.EXE

C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe

C:\Program Files\AOL 9.0a\aoltray.exe

C:\Program Files\Trend Micro\PC-cillin 2002\PCCPFW.exe

C:\Program Files\AOL 9.0a\waol.exe

C:\Program Files\AOL 9.0a\shellmon.exe

C:\Program Files\Fichiers communs\Aol\aoltpspd.exe

C:\Program Files\Internet Explorer\IEXPLORE.EXE

C:\Program Files\AOL Compagnon\COMPANION.EXE

C:\Documents and Settings\Moumou\Bureau\HijackThis.exe

 

--------------------------------------------------

 

Listing of startup folders:

 

Shell folders Common Startup:

[C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage]

PC Alert 4.lnk = C:\Program Files\MSI\PC Alert 4\PCAlert4.exe

Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE

Accélérateur de démarrage AutoCAD.lnk = C:\Program Files\Fichiers communs\Autodesk Shared\acstart16.exe

AOL 9.0 Icône AOL.lnk = C:\Program Files\AOL 9.0a\aoltray.exe

 

--------------------------------------------------

 

Checking Windows NT UserInit:

 

[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]

UserInit = C:\WINDOWS\system32\userinit.exe,

 

--------------------------------------------------

 

Autorun entries from Registry:

HKLM\Software\Microsoft\Windows\CurrentVersion\Run

 

pccguide.exe = "C:\Program Files\Trend Micro\PC-cillin 2002\pccguide.exe"

PCCClient.exe = "C:\Program Files\Trend Micro\PC-cillin 2002\PCCClient.exe"

Pop3trap.exe = "C:\Program Files\Trend Micro\PC-cillin 2002\Pop3trap.exe"

AHQInit = C:\Program Files\Creative\SBLive\Program\AHQInit.exe

AudioHQ = C:\Program Files\Creative\SBLive\AudioHQ\AHQTB.EXE

NeroCheck = C:\WINDOWS\system32\NeroCheck.exe

InCD = C:\Program Files\ahead\InCD\InCD.exe

NvCplDaemon = RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup

nwiz = nwiz.exe /install

NvMediaCenter = RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit

BDMCon = C:\PROGRA~1\Softwin\BITDEF~1\bdmcon.exe

BDNewsAgent = C:\Program Files\Softwin\BitDefender Free Edition\bdnagent.exe

DAEMON Tools-1033 = "C:\Program Files\D-Tools\daemon.exe" -lang 1033

 

--------------------------------------------------

 

Autorun entries from Registry:

HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce

 

Srv32 spool service = C:\WINDOWS\System32\spoolsrv32.exe

 

--------------------------------------------------

 

Autorun entries from Registry:

HKCU\Software\Microsoft\Windows\CurrentVersion\Run

 

MSMSGS = "C:\Program Files\Messenger\msmsgs.exe" /background

SpybotSD TeaTimer = C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

 

--------------------------------------------------

 

Autorun entries from Registry:

HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce

 

Srv32 spool service = C:\WINDOWS\System32\spoolsrv32.exe

 

--------------------------------------------------

 

File association entry for .SCR:

HKEY_CLASSES_ROOT\AutoCADScriptFile\shell\open\command

 

(Default) = "C:\WINDOWS\notepad.exe" "%1"

 

--------------------------------------------------

 

Shell & screensaver key from C:\WINDOWS\SYSTEM.INI:

 

Shell=*INI section not found*

SCRNSAVE.EXE=*INI section not found*

drivers=*INI section not found*

 

Shell & screensaver key from Registry:

 

Shell=Explorer.exe

SCRNSAVE.EXE=C:\WINDOWS\System32\logon.scr

drivers=*Registry value not found*

 

Policies Shell key:

 

HKCU\..\Policies: Shell=*Registry key not found*

HKLM\..\Policies: Shell=*Registry value not found*

 

--------------------------------------------------

 

 

Enumerating Browser Helper Objects:

 

(no name) - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}

(no name) - C:\PROGRA~1\SPYBOT~1\SDHelper.dll - {53707962-6F74-2D53-2644-206D7942484F}

(no name) - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A}

 

--------------------------------------------------

 

Enumerating ShellServiceObjectDelayLoad items:

 

PostBootReminder: C:\WINDOWS\system32\SHELL32.dll

CDBurn: C:\WINDOWS\system32\SHELL32.dll

WebCheck: C:\WINDOWS\System32\webcheck.dll

SysTray: C:\WINDOWS\System32\stobject.dll

 

--------------------------------------------------

End of report, 6 435 bytes

Report generated in 0,016 seconds

 

Command line options:

/verbose - to add additional info on each section

/complete - to include empty sections and unsuspicious data

/full - to include several rarely-important sections

/force9x - to include Win9x-only startups even if running on WinNT

/forcent - to include WinNT-only startups even if running on Win9x

/forceall - to include all Win9x and WinNT startups, regardless of platform

/history - to list version history only

[stin07bis]

Autorun entries from Registry:

HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce

 

Srv32 spool service = C:\WINDOWS\System32\spoolsrv32.exe

 

= Trojan-Clicker.Win32.Spyre.b

faire 1 scan en ligne pour ce trojan........

 

à mettre à jour.....(windows update)

 

Detected: Windows XP (WinNT 5.01.2600)

Detected: Internet Explorer v6.00 SP1 (6.00.2600.0000)

 

@+

[Faty]

un scan en ligne ??

 

tu peu expliquer stp , chui pas trop un pro moi

[eikichi]

un scan en ligne ??

 

tu peu expliquer stp , chui pas trop un pro moi 

470754[/snapback]

bonjour pour un scan en ligne(anti virus), tu peux essayer panda:panda ou tu peux tester avec securser: ici.

[Faty]

bon c'etait bien le spoolsrv32.exe, je l'ai virer et plu de triangle

 

merci bcp