bonjour a tous et a toutes!
mon ordi vient de me detecter le trojan kill win bl (j ai l antivirus antivir)je l ai mis en quarantaine que dois je faire apres et que veut dira la quarantaine? suis perdue je n y connais rien merci pour votre aide :-) repare merci

Salut,

Télécharge Hijackthis, puis met le dans un dossier dédié (ou il n'y aura pas d'autre fichier que lui)
Ensuite, lance le, appuie sur Do a system scan a save a logfile, selectionne le contenu du bloc note qui apparait, copie/colle et envoie le sur le forum

tu va me prendre pour une nulle lol mais je ne vois po comment faire

qd j ai voulu telecharge hijackthis mon ordi ma mis warning!since hidja targets browser hija net hads inseads of acual browser hijackers,enties may etc......;;suis aussi nulle en anglais que signifie ceci? merci

Si c'est Hijackthis, accepte.

• Telecharge Hijackthis
• Mets le dans un dossier ou sur ton bureau
• Lance le
• Choisi l'option Do a system scan and save a logfile
• Colle le rapport ici

j ai voulu le telecharger mais je te dis qu il ma mis danger j ai po envie de faire des betises

Qui te dis ca ?
Si c'est une fenetre Windows, accepte !

j ai telecharge hijackthis comme tu ma dis j ai appuyer sur do a systeme scan a save a logfile j ai bien selectionner le contenu du bloc note qui est apparu mais je n arrive pas a le copie coller pour l envoyer sur le forum je l ai donc mis sur mon ordi j ai bo appyer sur copier ca marche pas peut on me donner une adresse e mail,,? merci de toute facon pour l instant ce trojan est en quarantaine je ne risque rien non? merci beaucoup

Ouvre le rapport, le bloc note s'ouvre:
Edition-> Selectionner
Edition-> Copier

Viens sur le forum, clique sur Repondre puis fais:
Ctrl + V

AntiVir PersonalEdition Classic
Report file date: lundi 29 mai 2006 18:03


Jobname: 'Local Drives'

Scanning for 393378 virus strains and unwanted programs.

Licensed to: AntiVir PersonalEdition Classic
Serial number: 0000149996-WURGE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Username: christophe
Computer name: SN302190040003

Version informations:
AVSCAN.EXE : 7.0.0.35 540712 04/05/2006 16:34:46
AVSCAN.DLL : 7.0.0.34 41000 04/05/2006 16:34:46
LUKE.DLL : 7.0.0.34 114728 04/05/2006 16:34:50
LUKERES.DLL : 7.0.0.34 25640 04/05/2006 16:34:50
ANTIVIR0.VDF : 6.32.0.60 4323840 06/12/2005 10:47:34
ANTIVIR1.VDF : 6.34.1.87 2215424 17/05/2006 04:35:07
ANTIVIR2.VDF : 6.34.1.148 146432 27/05/2006 06:25:56
ANTIVIR3.VDF : 6.34.1.152 8192 29/05/2006 06:18:00
AVEWIN32.DLL : 7.0.0.16 1229312 29/05/2006 06:18:00
AVPREF.DLL : 6.34.0.0 38440 18/01/2006 12:06:02
AVREP.DLL : 6.34.1.130 622632 25/05/2006 06:22:28
AVPACK32.DLL : 7.0.0.4 335912 24/04/2006 16:21:21
AVREG.DLL : 6.31.0.90 27688 28/07/2005 10:06:36
NETNT.DLL : 6.32.0.0 6696 27/09/2005 07:56:50
NETNW.DLL : 6.32.0.0 9768 27/09/2005 07:56:50


Start of the scan: lundi 29 mai 2006 18:03


Start scanning boot sectors:

Boot sector 'C:'
[NOTE] No virus was found!
Boot sector 'G:'
[NOTE] In the drive 'G:' no data medium is inserted!
Boot sector 'H:'
[NOTE] In the drive 'H:' no data medium is inserted!
Boot sector 'I:'
[NOTE] In the drive 'I:' no data medium is inserted!
Boot sector 'J:'
[NOTE] In the drive 'J:' no data medium is inserted!

Starting to scan the registry.

The registry was scanned ( 33 files ).


Starting the file scan:

C:\hiberfil.sys
[WARNING] The file could not be opened!
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\Documents and Settings\christophe\NTUSER.DAT
[WARNING] The file could not be opened!
C:\Documents and Settings\christophe\ntuser.dat.LOG
[WARNING] The file could not be opened!
C:\Documents and Settings\christophe\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat
[WARNING] The file could not be opened!
C:\Documents and Settings\christophe\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG
[WARNING] The file could not be opened!
C:\Documents and Settings\LocalService\NTUSER.DAT
[WARNING] The file could not be opened!
C:\Documents and Settings\LocalService\ntuser.dat.LOG
[WARNING] The file could not be opened!
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat
[WARNING] The file could not be opened!
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG
[WARNING] The file could not be opened!
C:\Documents and Settings\NetworkService\NTUSER.DAT
[WARNING] The file could not be opened!
C:\Documents and Settings\NetworkService\ntuser.dat.LOG
[WARNING] The file could not be opened!
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat
[WARNING] The file could not be opened!
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG
[WARNING] The file could not be opened!
C:\System Volume Information\catalog.wci\CiCL0001.000
[WARNING] The file could not be opened!
C:\System Volume Information\catalog.wci\CiP10000.000
[WARNING] The file could not be opened!
C:\System Volume Information\catalog.wci\CiP20000.000
[WARNING] The file could not be opened!
C:\System Volume Information\catalog.wci\CiPT0000.000
[WARNING] The file could not be opened!
C:\System Volume Information\catalog.wci\CiSL0001.000
[WARNING] The file could not be opened!
C:\System Volume Information\catalog.wci\CiSP0000.000
[WARNING] The file could not be opened!
C:\System Volume Information\catalog.wci\CiST0000.000
[WARNING] The file could not be opened!
C:\System Volume Information\catalog.wci\CiVP0000.000
[WARNING] The file could not be opened!
C:\System Volume Information\catalog.wci\INDEX.000
[WARNING] The file could not be opened!


End of the scan: lundi 29 mai 2006 18:38
Used time: 34:56 min

The scan has been canceled!

5264 Scanning directories
78942 Files were scanned
1 viruses and/or unwanted programs was found
0 files were deleted
0 files were repaired
0 files were moved to quarantine
0 files were renamed
529 Archives were scanned
23 Warnings
0 Notes

je te remercie voila j ai trouver comment faire grace a toi!!!!!merci bcp et je fais quoi maintenant? :-D

re

Logfile of HijackThis v1.99.1
Scan saved at 20:16:05, on 29/05/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\WINDOWS\System32\tcpsvcs.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\SAGEM Wi-Fi USB 802.11g\WLANUTL.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\Wanadoo\EspaceWanadoo.exe
C:\Program Files\Wanadoo\ComComp.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\Program Files\Wanadoo\Watch.exe
C:\WINDOWS\System32\LVComsX.exe
C:\Program Files\AntiVir PersonalEdition Classic\avscan.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Documents and Settings\christophe\Local Settings\Temp\HijackThis.exe
C:\Program Files\Internet Explorer\iexplore.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.wanadoo.fr/go/page_recherche/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wanadoo.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = file://C:\APPS\IE\offline\fr.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\PROGRA~1\eoRezo\EoAdv\EOREZO~1.DLL (file missing)
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [eDonkey2000] "C:\Program Files\eDonkey2000\edonkey2000.exe" -t
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe (file missing)
O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe (file missing)
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU)
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm
O16 - DPF: fdjeux - https://www.fdjeux.net/classes/fdjeux.cab
O16 - DPF: Interface Chat Wanadoo - http://chat7.x-echo.com/version6/Applet/wchatsign.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/319545 [...] 601_fr.cab
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) - http://aol.metaboli.fr/components/Metaboli.ocx
O16 - DPF: {981D847D-2C06-4FB7-A09C-4F0A48601B2C} (DiagSetup Class) - http://techcity.aol.fr/download/img/DiagSetup.cab
O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} (Aurigma Image Uploader 3.5 Control) - http://www.girafoto.fr/uploaders/ImageUploader3.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/ [...] loader.cab
O16 - DPF: {FD40EC41-D860-4579-8BA4-52671A45C71C} (AxHtChat Class) - http://images.goa.com/it/Woo2/fr/chat/nPaxChat.cab
O18 - Protocol: bw+0 - {98322A3D-91F1-4367-A654-5BEDA5B3428B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {98322A3D-91F1-4367-A654-5BEDA5B3428B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {98322A3D-91F1-4367-A654-5BEDA5B3428B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {98322A3D-91F1-4367-A654-5BEDA5B3428B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {98322A3D-91F1-4367-A654-5BEDA5B3428B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {98322A3D-91F1-4367-A654-5BEDA5B3428B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {98322A3D-91F1-4367-A654-5BEDA5B3428B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {98322A3D-91F1-4367-A654-5BEDA5B3428B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {98322A3D-91F1-4367-A654-5BEDA5B3428B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {98322A3D-91F1-4367-A654-5BEDA5B3428B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {98322A3D-91F1-4367-A654-5BEDA5B3428B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {98322A3D-91F1-4367-A654-5BEDA5B3428B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {98322A3D-91F1-4367-A654-5BEDA5B3428B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {98322A3D-91F1-4367-A654-5BEDA5B3428B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {98322A3D-91F1-4367-A654-5BEDA5B3428B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {98322A3D-91F1-4367-A654-5BEDA5B3428B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {98322A3D-91F1-4367-A654-5BEDA5B3428B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {98322A3D-91F1-4367-A654-5BEDA5B3428B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {98322A3D-91F1-4367-A654-5BEDA5B3428B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {98322A3D-91F1-4367-A654-5BEDA5B3428B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {98322A3D-91F1-4367-A654-5BEDA5B3428B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {98322A3D-91F1-4367-A654-5BEDA5B3428B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {98322A3D-91F1-4367-A654-5BEDA5B3428B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {98322A3D-91F1-4367-A654-5BEDA5B3428B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {98322A3D-91F1-4367-A654-5BEDA5B3428B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {98322A3D-91F1-4367-A654-5BEDA5B3428B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {98322A3D-91F1-4367-A654-5BEDA5B3428B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {98322A3D-91F1-4367-A654-5BEDA5B3428B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {98322A3D-91F1-4367-A654-5BEDA5B3428B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {98322A3D-91F1-4367-A654-5BEDA5B3428B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {98322A3D-91F1-4367-A654-5BEDA5B3428B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {98322A3D-91F1-4367-A654-5BEDA5B3428B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {98322A3D-91F1-4367-A654-5BEDA5B3428B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {98322A3D-91F1-4367-A654-5BEDA5B3428B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {98322A3D-91F1-4367-A654-5BEDA5B3428B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {98322A3D-91F1-4367-A654-5BEDA5B3428B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {98322A3D-91F1-4367-A654-5BEDA5B3428B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {98322A3D-91F1-4367-A654-5BEDA5B3428B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {98322A3D-91F1-4367-A654-5BEDA5B3428B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program