Pub CID tres embetante [Résolu]

Bonjour

Télécharge ceci
--> http://eric.71.mespages.googlepages.com/LopSD.exe

Double-clic afin de lancer l'installation. Ensuite double-clic sur le raccourci qui se sera ajouté sur ton bureau.
Sléectionne la langue puis choisis l'option 1. Poste ici le rapport qui sera généré. Tu trouveras le rapport à cet endroit : démarrer, Ordinateur, Disque Local C: (lopR.txt )

d'accord je vais faire sa et je vous dit quoi merci beaucoup de votre reponse

--------------------\\ Lop S&D 4.2.4-2 XP/Vista

Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 2
X86-based PC ( Uniprocessor Free : AMD Athlon(tm) 64 Processor 4000+ )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : lulu ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1229 [VPS 080908-0] 4.8.1229 (Activated)

"C:\Lop SD" ( MAJ : 08-09-2008|21:40 )
Option : [1] ( 08/09/2008|21:29 )

--------------------\\ Listing des dossiers dans APPLIC~1

[30/06/2008|20:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[25/06/2008|21:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ATI
[30/06/2008|18:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[01/07/2008|16:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ma-config.com
[25/06/2008|18:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[01/09/2008|16:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Tool Eggs Less City
[25/06/2008|18:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller

[24/06/2008|23:33] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

[24/06/2008|23:33] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[24/07/2008|17:49] C:\DOCUME~1\lulu\APPLIC~1\Adobe
[25/06/2008|21:16] C:\DOCUME~1\lulu\APPLIC~1\ATI
[21/07/2008|11:34] C:\DOCUME~1\lulu\APPLIC~1\DAEMON Tools
[30/08/2008|18:03] C:\DOCUME~1\lulu\APPLIC~1\EoRezo
[01/07/2008|16:38] C:\DOCUME~1\lulu\APPLIC~1\Google
[24/06/2008|23:39] C:\DOCUME~1\lulu\APPLIC~1\Identities
[30/08/2008|18:01] C:\DOCUME~1\lulu\APPLIC~1\ItsLabel
[25/06/2008|18:38] C:\DOCUME~1\lulu\APPLIC~1\Macromedia
[30/08/2008|19:03] C:\DOCUME~1\lulu\APPLIC~1\Microsoft
[25/08/2008|12:12] C:\DOCUME~1\lulu\APPLIC~1\Sun
[25/06/2008|20:10] C:\DOCUME~1\lulu\APPLIC~1\TMP
[01/09/2008|16:10] C:\DOCUME~1\lulu\APPLIC~1\WEB THUNK JUGS
[21/07/2008|11:51] C:\DOCUME~1\lulu\APPLIC~1\WinRAR

[24/06/2008|23:33] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

--------------------\\ Tâches planifiées dans C:\WIN-LNA\tasks

[08/09/2008 19:56][--a------] C:\WIN-LNA\tasks\GoogleUpdateTaskUser.job
[08/09/2008 21:00][--ah-----] C:\WIN-LNA\tasks\AD176F569194E30A.job
[08/09/2008 20:55][--ah-----] C:\WIN-LNA\tasks\SA.DAT
[28/08/2001 12:00][-r-h-----] C:\WIN-LNA\tasks\desktop.ini

( AD176F569194E30A.job )=( c:\docume~1\lulu\applic~1\webthu~1\activebibtest.exe )

--------------------\\ Listing des dossiers dans C:\Program LNA

[30/06/2008|20:31] C:\Program LNA\Adobe
[30/08/2008|17:45] C:\Program LNA\Alwil Software
[01/09/2008|23:17] C:\Program LNA\Antipub
[25/06/2008|21:10] C:\Program LNA\ATI Technologies
[25/08/2008|12:13] C:\Program LNA\Common
[24/06/2008|23:30] C:\Program LNA\ComPlus Applications
[30/08/2008|17:37] C:\Program LNA\DAEMON Tools Toolbar
[30/08/2008|19:52] C:\Program LNA\Dofus
[25/08/2008|17:47] C:\Program LNA\DofusArena2
[01/09/2008|16:39] C:\Program LNA\DofusBeta
[30/08/2008|17:39] C:\Program LNA\EA GAME
[30/08/2008|18:03] C:\Program LNA\EoRezo
[30/06/2008|18:11] C:\Program LNA\Google
[30/08/2008|17:41] C:\Program LNA\Gpotato.eu
[25/06/2008|21:18] C:\Program LNA\InstallShield Installation Information
[24/08/2008|20:08] C:\Program LNA\Internet Explorer
[25/08/2008|12:13] C:\Program LNA\Java
[30/06/2008|18:06] C:\Program LNA\Lexmark 3400 Series
[30/06/2008|18:06] C:\Program LNA\Lexmark Toolbar
[30/08/2008|17:34] C:\Program LNA\lx_cats
[01/07/2008|16:42] C:\Program LNA\ma-config.com
[25/06/2008|20:10] C:\Program LNA\Marvell
[14/08/2008|17:03] C:\Program LNA\Messenger
[03/09/2008|22:01] C:\Program LNA\Metin2_France
[24/06/2008|23:34] C:\Program LNA\microsoft frontpage
[24/06/2008|23:31] C:\Program LNA\Movie Maker
[24/06/2008|23:29] C:\Program LNA\MSN
[24/06/2008|23:30] C:\Program LNA\MSN Gaming Zone
[25/08/2008|14:04] C:\Program LNA\Mu Intensity S3
[24/06/2008|23:31] C:\Program LNA\NetMeeting
[24/06/2008|23:30] C:\Program LNA\Online Services
[25/06/2008|23:58] C:\Program LNA\Outlook Express
[25/06/2008|21:18] C:\Program LNA\Realtek
[24/06/2008|23:32] C:\Program LNA\Services en ligne
[24/06/2008|23:39] C:\Program LNA\Uninstall Information
[01/09/2008|16:09] C:\Program LNA\WEB THUNK JUGS
[30/08/2008|17:38] C:\Program LNA\Windows Live
[25/06/2008|21:42] C:\Program LNA\Windows Media Player
[24/06/2008|23:30] C:\Program LNA\Windows NT
[24/06/2008|23:32] C:\Program LNA\WindowsUpdate
[21/07/2008|11:48] C:\Program LNA\WinRAR
[24/06/2008|23:34] C:\Program LNA\xerox

--------------------\\ Listing des dossiers dans C:\Program LNA\Common

[30/06/2008|20:31] C:\Program LNA\Common\Adobe
[25/06/2008|21:07] C:\Program LNA\Common\InstallShield
[25/08/2008|12:13] C:\Program LNA\Common\Java
[02/07/2008|14:43] C:\Program LNA\Common\logishrd
[25/06/2008|18:38] C:\Program LNA\Common\Microsoft Shared
[24/06/2008|23:31] C:\Program LNA\Common\MSSoap
[24/06/2008|23:24] C:\Program LNA\Common\ODBC
[24/06/2008|23:31] C:\Program LNA\Common\Services
[24/06/2008|23:24] C:\Program LNA\Common\SpeechEngines
[25/06/2008|23:58] C:\Program LNA\Common\System
[25/06/2008|18:38] C:\Program LNA\Common\WindowsLiveInstaller

--------------------\\ Process

( 26 Processes )

iexplore.exe ~ [PID:528]
IEXPLORE.EXE ~ [PID:512]

--------------------\\ Recherche avec S_Lop

C:\DOCUME~1\lulu\LOCALS~1\Temp\bis3.exe

--------------------\\ Recherche de Fichiers / Dossiers Lop

C:\DOCUME~1\ALLUSE~1\APPLIC~1\Tool Eggs Less City
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Tool Eggs Less City\dog meta.exe
C:\DOCUME~1\lulu\APPLIC~1\webthu~1
C:\DOCUME~1\lulu\APPLIC~1\webthu~1\activebibtest.exe
C:\DOCUME~1\lulu\APPLIC~1\webthu~1\close fast.exe
C:\DOCUME~1\lulu\APPLIC~1\webthu~1\NewJunkAnteCopy.exe
C:\DOCUME~1\lulu\APPLIC~1\webthu~1\ucbdvuae.exe
C:\Program LNA\webthu~1
C:\DOCUME~1\lulu\LOCALS~1\Temp\nsc5.tmp
C:\DOCUME~1\lulu\LOCALS~1\Temp\nsd7.tmp
C:\DOCUME~1\lulu\LOCALS~1\Temp\nse8.tmp
C:\DOCUME~1\lulu\Cookies\lulu@adultfriendfinder[1].txt
C:\DOCUME~1\lulu\Cookies\lulu@advertising[2].txt
C:\DOCUME~1\lulu\Cookies\lulu@adin.bigpoint[1].txt
C:\DOCUME~1\lulu\Cookies\lulu@bigpoint[1].txt
C:\DOCUME~1\lulu\Cookies\lulu@fr.thepimps.bigpoint[1].txt
C:\DOCUME~1\lulu\Cookies\lulu@fr1.seafight.bigpoint[2].txt
C:\DOCUME~1\lulu\Cookies\lulu@banner.casinoking[2].txt
C:\DOCUME~1\lulu\Cookies\lulu@casinoking[1].txt
C:\DOCUME~1\lulu\Cookies\lulu@banner.cotedazurpalace[2].txt
C:\DOCUME~1\lulu\Cookies\lulu@cotedazurpalace[1].txt
C:\DOCUME~1\lulu\Cookies\lulu@www.cotedazurpalace[1].txt
C:\DOCUME~1\lulu\Cookies\lulu@adopt.euroclick[1].txt
C:\DOCUME~1\lulu\Cookies\lulu@pacificpoker[1].txt
C:\DOCUME~1\lulu\Cookies\lulu@partypoker[2].txt
C:\DOCUME~1\lulu\Cookies\lulu@fr1.seafight.bigpoint[2].txt
C:\DOCUME~1\lulu\Cookies\lulu@32vegas[1].txt
C:\DOCUME~1\lulu\Cookies\lulu@banner.32vegas[2].txt
C:\DOCUME~1\lulu\Cookies\lulu@888[1].txt
C:\DOCUME~1\lulu\Cookies\lulu@888[2].txt
C:\WIN-LNA\Tasks\AD176F569194E30A.job

--------------------\\ Verification du Registre

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LESS CITY AMEN SETUP"="C:\\Documents and Settings\\All Users\\Application Data\\Tool Eggs Less City\\dog meta.exe"
"Findacid"="C:\\DOCUME~1\\lulu\\APPLIC~1\\WEBTHU~1\\close fast.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE


--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-08 21:30:16
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 1

--------------------\\ Recherche d'autres infections


Aucune autre infection trouvée !

[F:977][D:73]-> C:\DOCUME~1\lulu\LOCALS~1\Temp
[F:321][D:0]-> C:\DOCUME~1\lulu\Cookies
[F:4170][D:8]-> C:\DOCUME~1\lulu\LOCALS~1\TEMPOR~1\content.IE5

1 - "C:\Lop SD\LopR_1.txt" - 08/09/2008|21:30 - Option : [1]

--------------------\\ Fin du rapport a 21:30:51

--------------------\\ Lop S&D 4.2.4-2 XP/Vista

Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 2
X86-based PC ( Uniprocessor Free : AMD Athlon(tm) 64 Processor 4000+ )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : lulu ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1229 [VPS 080908-0] 4.8.1229 (Activated)

"C:\Lop SD" ( MAJ : 08-09-2008|21:40 )
Option : [1] ( 08/09/2008|21:29 )

--------------------\\ Listing des dossiers dans APPLIC~1

[30/06/2008|20:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[25/06/2008|21:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ATI
[30/06/2008|18:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[01/07/2008|16:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ma-config.com
[25/06/2008|18:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[01/09/2008|16:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Tool Eggs Less City
[25/06/2008|18:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller

[24/06/2008|23:33] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

[24/06/2008|23:33] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[24/07/2008|17:49] C:\DOCUME~1\lulu\APPLIC~1\Adobe
[25/06/2008|21:16] C:\DOCUME~1\lulu\APPLIC~1\ATI
[21/07/2008|11:34] C:\DOCUME~1\lulu\APPLIC~1\DAEMON Tools
[30/08/2008|18:03] C:\DOCUME~1\lulu\APPLIC~1\EoRezo
[01/07/2008|16:38] C:\DOCUME~1\lulu\APPLIC~1\Google
[24/06/2008|23:39] C:\DOCUME~1\lulu\APPLIC~1\Identities
[30/08/2008|18:01] C:\DOCUME~1\lulu\APPLIC~1\ItsLabel
[25/06/2008|18:38] C:\DOCUME~1\lulu\APPLIC~1\Macromedia
[30/08/2008|19:03] C:\DOCUME~1\lulu\APPLIC~1\Microsoft
[25/08/2008|12:12] C:\DOCUME~1\lulu\APPLIC~1\Sun
[25/06/2008|20:10] C:\DOCUME~1\lulu\APPLIC~1\TMP
[01/09/2008|16:10] C:\DOCUME~1\lulu\APPLIC~1\WEB THUNK JUGS
[21/07/2008|11:51] C:\DOCUME~1\lulu\APPLIC~1\WinRAR

[24/06/2008|23:33] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

--------------------\\ Tâches planifiées dans C:\WIN-LNA\tasks

[08/09/2008 19:56][--a------] C:\WIN-LNA\tasks\GoogleUpdateTaskUser.job
[08/09/2008 21:00][--ah-----] C:\WIN-LNA\tasks\AD176F569194E30A.job
[08/09/2008 20:55][--ah-----] C:\WIN-LNA\tasks\SA.DAT
[28/08/2001 12:00][-r-h-----] C:\WIN-LNA\tasks\desktop.ini

( AD176F569194E30A.job )=( c:\docume~1\lulu\applic~1\webthu~1\activebibtest.exe )

--------------------\\ Listing des dossiers dans C:\Program LNA

[30/06/2008|20:31] C:\Program LNA\Adobe
[30/08/2008|17:45] C:\Program LNA\Alwil Software
[01/09/2008|23:17] C:\Program LNA\Antipub
[25/06/2008|21:10] C:\Program LNA\ATI Technologies
[25/08/2008|12:13] C:\Program LNA\Common
[24/06/2008|23:30] C:\Program LNA\ComPlus Applications
[30/08/2008|17:37] C:\Program LNA\DAEMON Tools Toolbar
[30/08/2008|19:52] C:\Program LNA\Dofus
[25/08/2008|17:47] C:\Program LNA\DofusArena2
[01/09/2008|16:39] C:\Program LNA\DofusBeta
[30/08/2008|17:39] C:\Program LNA\EA GAME
[30/08/2008|18:03] C:\Program LNA\EoRezo
[30/06/2008|18:11] C:\Program LNA\Google
[30/08/2008|17:41] C:\Program LNA\Gpotato.eu
[25/06/2008|21:18] C:\Program LNA\InstallShield Installation Information
[24/08/2008|20:08] C:\Program LNA\Internet Explorer
[25/08/2008|12:13] C:\Program LNA\Java
[30/06/2008|18:06] C:\Program LNA\Lexmark 3400 Series
[30/06/2008|18:06] C:\Program LNA\Lexmark Toolbar
[30/08/2008|17:34] C:\Program LNA\lx_cats
[01/07/2008|16:42] C:\Program LNA\ma-config.com
[25/06/2008|20:10] C:\Program LNA\Marvell
[14/08/2008|17:03] C:\Program LNA\Messenger
[03/09/2008|22:01] C:\Program LNA\Metin2_France
[24/06/2008|23:34] C:\Program LNA\microsoft frontpage
[24/06/2008|23:31] C:\Program LNA\Movie Maker
[24/06/2008|23:29] C:\Program LNA\MSN
[24/06/2008|23:30] C:\Program LNA\MSN Gaming Zone
[25/08/2008|14:04] C:\Program LNA\Mu Intensity S3
[24/06/2008|23:31] C:\Program LNA\NetMeeting
[24/06/2008|23:30] C:\Program LNA\Online Services
[25/06/2008|23:58] C:\Program LNA\Outlook Express
[25/06/2008|21:18] C:\Program LNA\Realtek
[24/06/2008|23:32] C:\Program LNA\Services en ligne
[24/06/2008|23:39] C:\Program LNA\Uninstall Information
[01/09/2008|16:09] C:\Program LNA\WEB THUNK JUGS
[30/08/2008|17:38] C:\Program LNA\Windows Live
[25/06/2008|21:42] C:\Program LNA\Windows Media Player
[24/06/2008|23:30] C:\Program LNA\Windows NT
[24/06/2008|23:32] C:\Program LNA\WindowsUpdate
[21/07/2008|11:48] C:\Program LNA\WinRAR
[24/06/2008|23:34] C:\Program LNA\xerox

--------------------\\ Listing des dossiers dans C:\Program LNA\Common

[30/06/2008|20:31] C:\Program LNA\Common\Adobe
[25/06/2008|21:07] C:\Program LNA\Common\InstallShield
[25/08/2008|12:13] C:\Program LNA\Common\Java
[02/07/2008|14:43] C:\Program LNA\Common\logishrd
[25/06/2008|18:38] C:\Program LNA\Common\Microsoft Shared
[24/06/2008|23:31] C:\Program LNA\Common\MSSoap
[24/06/2008|23:24] C:\Program LNA\Common\ODBC
[24/06/2008|23:31] C:\Program LNA\Common\Services
[24/06/2008|23:24] C:\Program LNA\Common\SpeechEngines
[25/06/2008|23:58] C:\Program LNA\Common\System
[25/06/2008|18:38] C:\Program LNA\Common\WindowsLiveInstaller

--------------------\\ Process

( 26 Processes )

iexplore.exe ~ [PID:528]
IEXPLORE.EXE ~ [PID:512]

--------------------\\ Recherche avec S_Lop

C:\DOCUME~1\lulu\LOCALS~1\Temp\bis3.exe

--------------------\\ Recherche de Fichiers / Dossiers Lop

C:\DOCUME~1\ALLUSE~1\APPLIC~1\Tool Eggs Less City
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Tool Eggs Less City\dog meta.exe
C:\DOCUME~1\lulu\APPLIC~1\webthu~1
C:\DOCUME~1\lulu\APPLIC~1\webthu~1\activebibtest.exe
C:\DOCUME~1\lulu\APPLIC~1\webthu~1\close fast.exe
C:\DOCUME~1\lulu\APPLIC~1\webthu~1\NewJunkAnteCopy.exe
C:\DOCUME~1\lulu\APPLIC~1\webthu~1\ucbdvuae.exe
C:\Program LNA\webthu~1
C:\DOCUME~1\lulu\LOCALS~1\Temp\nsc5.tmp
C:\DOCUME~1\lulu\LOCALS~1\Temp\nsd7.tmp
C:\DOCUME~1\lulu\LOCALS~1\Temp\nse8.tmp
C:\DOCUME~1\lulu\Cookies\lulu@adultfriendfinder[1].txt
C:\DOCUME~1\lulu\Cookies\lulu@advertising[2].txt
C:\DOCUME~1\lulu\Cookies\lulu@adin.bigpoint[1].txt
C:\DOCUME~1\lulu\Cookies\lulu@bigpoint[1].txt
C:\DOCUME~1\lulu\Cookies\lulu@fr.thepimps.bigpoint[1].txt
C:\DOCUME~1\lulu\Cookies\lulu@fr1.seafight.bigpoint[2].txt
C:\DOCUME~1\lulu\Cookies\lulu@banner.casinoking[2].txt
C:\DOCUME~1\lulu\Cookies\lulu@casinoking[1].txt
C:\DOCUME~1\lulu\Cookies\lulu@banner.cotedazurpalace[2].txt
C:\DOCUME~1\lulu\Cookies\lulu@cotedazurpalace[1].txt
C:\DOCUME~1\lulu\Cookies\lulu@www.cotedazurpalace[1].txt
C:\DOCUME~1\lulu\Cookies\lulu@adopt.euroclick[1].txt
C:\DOCUME~1\lulu\Cookies\lulu@pacificpoker[1].txt
C:\DOCUME~1\lulu\Cookies\lulu@partypoker[2].txt
C:\DOCUME~1\lulu\Cookies\lulu@fr1.seafight.bigpoint[2].txt
C:\DOCUME~1\lulu\Cookies\lulu@32vegas[1].txt
C:\DOCUME~1\lulu\Cookies\lulu@banner.32vegas[2].txt
C:\DOCUME~1\lulu\Cookies\lulu@888[1].txt
C:\DOCUME~1\lulu\Cookies\lulu@888[2].txt
C:\WIN-LNA\Tasks\AD176F569194E30A.job

--------------------\\ Verification du Registre

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LESS CITY AMEN SETUP"="C:\\Documents and Settings\\All Users\\Application Data\\Tool Eggs Less City\\dog meta.exe"
"Findacid"="C:\\DOCUME~1\\lulu\\APPLIC~1\\WEBTHU~1\\close fast.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE


--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-08 21:30:16
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 1

--------------------\\ Recherche d'autres infections


Aucune autre infection trouvée !

[F:977][D:73]-> C:\DOCUME~1\lulu\LOCALS~1\Temp
[F:321][D:0]-> C:\DOCUME~1\lulu\Cookies
[F:4170][D:8]-> C:\DOCUME~1\lulu\LOCALS~1\TEMPOR~1\content.IE5

1 - "C:\Lop SD\LopR_1.txt" - 08/09/2008|21:30 - Option : [1]

--------------------\\ Fin du rapport a 21:30:51

Voila c'est fait...
Et desoler pour le double post petit bug internet ;)
En attente de votre rèponse je vous remerci d'avance de m'aider

Bien, exécute maintenant l'option 2, dès qu'il aura terminé colle à nouveau le rapport ici.
Ton infection vient du fait que tu es installé les sponsors d'MSN Plus.

Par contre ça ne sera pas terminé, tu sembles encore infecté.

--------------------\\ Lop S&D 4.2.4-2 XP/Vista

Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 2
X86-based PC ( Uniprocessor Free : AMD Athlon(tm) 64 Processor 4000+ )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : lulu ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1229 [VPS 080908-0] 4.8.1229 (Activated)

"C:\Lop SD" ( MAJ : 08-09-2008|21:40 )
Option : [2] ( 08/09/2008|21:39 )


\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION

Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Tool Eggs Less City\dog meta.exe
Supprime! - C:\DOCUME~1\lulu\APPLIC~1\webthu~1\activebibtest.exe
Supprime! - C:\DOCUME~1\lulu\APPLIC~1\webthu~1\close fast.exe
Supprime! - C:\DOCUME~1\lulu\APPLIC~1\webthu~1\NewJunkAnteCopy.exe
Supprime! - C:\DOCUME~1\lulu\APPLIC~1\webthu~1\ucbdvuae.exe
Supprime! - C:\DOCUME~1\lulu\LOCALS~1\Temp\nsc5.tmp
Supprime! - C:\DOCUME~1\lulu\LOCALS~1\Temp\nsd7.tmp
Supprime! - C:\DOCUME~1\lulu\LOCALS~1\Temp\nse8.tmp
Supprime! - C:\DOCUME~1\lulu\Cookies\lulu@adultfriendfinder[1].txt
Supprime! - C:\DOCUME~1\lulu\Cookies\lulu@adin.bigpoint[1].txt
Supprime! - C:\DOCUME~1\lulu\Cookies\lulu@bigpoint[1].txt
Supprime! - C:\DOCUME~1\lulu\Cookies\lulu@fr.thepimps.bigpoint[1].txt
Supprime! - C:\DOCUME~1\lulu\Cookies\lulu@fr1.seafight.bigpoint[2].txt
Supprime! - C:\DOCUME~1\lulu\Cookies\lulu@banner.casinoking[2].txt
Supprime! - C:\DOCUME~1\lulu\Cookies\lulu@casinoking[1].txt
Supprime! - C:\DOCUME~1\lulu\Cookies\lulu@banner.cotedazurpalace[2].txt
Supprime! - C:\DOCUME~1\lulu\Cookies\lulu@cotedazurpalace[1].txt
Supprime! - C:\DOCUME~1\lulu\Cookies\lulu@www.cotedazurpalace[1].txt
Supprime! - C:\DOCUME~1\lulu\Cookies\lulu@adopt.euroclick[1].txt
Supprime! - C:\DOCUME~1\lulu\Cookies\lulu@pacificpoker[1].txt
Supprime! - C:\DOCUME~1\lulu\Cookies\lulu@partypoker[2].txt
Supprime! - C:\DOCUME~1\lulu\Cookies\lulu@32vegas[1].txt
Supprime! - C:\DOCUME~1\lulu\Cookies\lulu@banner.32vegas[2].txt
Supprime! - C:\DOCUME~1\lulu\Cookies\lulu@888[1].txt
Supprime! - C:\DOCUME~1\lulu\Cookies\lulu@888[2].txt
Supprime! - C:\WIN-LNA\Tasks\AD176F569194E30A.job
Supprime! - C:\DOCUME~1\lulu\LOCALS~1\Temp\bis3.exe
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Tool Eggs Less City
Supprime! - C:\DOCUME~1\lulu\APPLIC~1\webthu~1
Supprime! - C:\Program LNA\webthu~1

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


--------------------\\ Listing des dossiers dans APPLIC~1

[30/06/2008|20:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[25/06/2008|21:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ATI
[30/06/2008|18:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[01/07/2008|16:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ma-config.com
[25/06/2008|18:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[25/06/2008|18:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller

[24/06/2008|23:33] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

[24/06/2008|23:33] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[24/07/2008|17:49] C:\DOCUME~1\lulu\APPLIC~1\Adobe
[25/06/2008|21:16] C:\DOCUME~1\lulu\APPLIC~1\ATI
[21/07/2008|11:34] C:\DOCUME~1\lulu\APPLIC~1\DAEMON Tools
[30/08/2008|18:03] C:\DOCUME~1\lulu\APPLIC~1\EoRezo
[01/07/2008|16:38] C:\DOCUME~1\lulu\APPLIC~1\Google
[24/06/2008|23:39] C:\DOCUME~1\lulu\APPLIC~1\Identities
[30/08/2008|18:01] C:\DOCUME~1\lulu\APPLIC~1\ItsLabel
[25/06/2008|18:38] C:\DOCUME~1\lulu\APPLIC~1\Macromedia
[30/08/2008|19:03] C:\DOCUME~1\lulu\APPLIC~1\Microsoft
[25/08/2008|12:12] C:\DOCUME~1\lulu\APPLIC~1\Sun
[25/06/2008|20:10] C:\DOCUME~1\lulu\APPLIC~1\TMP
[21/07/2008|11:51] C:\DOCUME~1\lulu\APPLIC~1\WinRAR

[24/06/2008|23:33] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

--------------------\\ Tâches planifiées dans C:\WIN-LNA\tasks

[08/09/2008 19:56][--a------] C:\WIN-LNA\tasks\GoogleUpdateTaskUser.job
[08/09/2008 20:55][--ah-----] C:\WIN-LNA\tasks\SA.DAT
[28/08/2001 12:00][-r-h-----] C:\WIN-LNA\tasks\desktop.ini

--------------------\\ Listing des dossiers dans C:\Program LNA

[30/06/2008|20:31] C:\Program LNA\Adobe
[30/08/2008|17:45] C:\Program LNA\Alwil Software
[01/09/2008|23:17] C:\Program LNA\Antipub
[25/06/2008|21:10] C:\Program LNA\ATI Technologies
[25/08/2008|12:13] C:\Program LNA\Common
[24/06/2008|23:30] C:\Program LNA\ComPlus Applications
[30/08/2008|17:37] C:\Program LNA\DAEMON Tools Toolbar
[30/08/2008|19:52] C:\Program LNA\Dofus
[25/08/2008|17:47] C:\Program LNA\DofusArena2
[01/09/2008|16:39] C:\Program LNA\DofusBeta
[30/08/2008|17:39] C:\Program LNA\EA GAMES
[30/08/2008|18:03] C:\Program LNA\EoRezo
[30/06/2008|18:11] C:\Program LNA\Google
[30/08/2008|17:41] C:\Program LNA\Gpotato.eu
[25/06/2008|21:18] C:\Program LNA\InstallShield Installation Information
[24/08/2008|20:08] C:\Program LNA\Internet Explorer
[25/08/2008|12:13] C:\Program LNA\Java
[30/06/2008|18:06] C:\Program LNA\Lexmark 3400 Series
[30/06/2008|18:06] C:\Program LNA\Lexmark Toolbar
[30/08/2008|17:34] C:\Program LNA\lx_cats
[01/07/2008|16:42] C:\Program LNA\ma-config.com
[25/06/2008|20:10] C:\Program LNA\Marvell
[14/08/2008|17:03] C:\Program LNA\Messenger
[03/09/2008|22:01] C:\Program LNA\Metin2_France
[24/06/2008|23:34] C:\Program LNA\microsoft frontpage
[24/06/2008|23:31] C:\Program LNA\Movie Maker
[24/06/2008|23:29] C:\Program LNA\MSN
[24/06/2008|23:30] C:\Program LNA\MSN Gaming Zone
[25/08/2008|14:04] C:\Program LNA\Mu Intensity S3
[24/06/2008|23:31] C:\Program LNA\NetMeeting
[24/06/2008|23:30] C:\Program LNA\Online Services
[25/06/2008|23:58] C:\Program LNA\Outlook Express
[25/06/2008|21:18] C:\Program LNA\Realtek
[24/06/2008|23:32] C:\Program LNA\Services en ligne
[24/06/2008|23:39] C:\Program LNA\Uninstall Information
[30/08/2008|17:38] C:\Program LNA\Windows Live
[25/06/2008|21:42] C:\Program LNA\Windows Media Player
[24/06/2008|23:30] C:\Program LNA\Windows NT
[24/06/2008|23:32] C:\Program LNA\WindowsUpdate
[21/07/2008|11:48] C:\Program LNA\WinRAR
[24/06/2008|23:34] C:\Program LNA\xerox

--------------------\\ Listing des dossiers dans C:\Program LNA\Common

[30/06/2008|20:31] C:\Program LNA\Common\Adobe
[25/06/2008|21:07] C:\Program LNA\Common\InstallShield
[25/08/2008|12:13] C:\Program LNA\Common\Java
[02/07/2008|14:43] C:\Program LNA\Common\logishrd
[25/06/2008|18:38] C:\Program LNA\Common\Microsoft Shared
[24/06/2008|23:31] C:\Program LNA\Common\MSSoap
[24/06/2008|23:24] C:\Program LNA\Common\ODBC
[24/06/2008|23:31] C:\Program LNA\Common\Services
[24/06/2008|23:24] C:\Program LNA\Common\SpeechEngines
[25/06/2008|23:58] C:\Program LNA\Common\System
[25/06/2008|18:38] C:\Program LNA\Common\WindowsLiveInstaller

--------------------\\ Process

( 25 Processes )

... OK !

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

C:\DOCUME~1\lulu\Cookies\lulu@advertising[1].txt

--------------------\\ Verification du Registre

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE


--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-08 21:40:25
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 1

--------------------\\ Recherche d'autres infections


Aucune autre infection trouvée !

[F:973][D:73]-> C:\DOCUME~1\lulu\LOCALS~1\Temp
[F:304][D:0]-> C:\DOCUME~1\lulu\Cookies
[F:4362][D:8]-> C:\DOCUME~1\lulu\LOCALS~1\TEMPOR~1\content.IE5

1 - "C:\Lop SD\LopR_1.txt" - 08/09/2008|21:30 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 08/09/2008|21:40 - Option : [2]

--------------------\\ Fin du rapport a 21:40:55

C'est ok, tu peux jeter ce programme.

Pour vérifier :

Télécharge HijackThis sur ton Bureau ou dans tes documents:
---> http://www.trendsecure.com/portal/en-US/_download/HiJackThis.exe

Fais un clic droit sur le programme, choisis "Renommer", donne lui un autre nom, exemple : blabla.exe
Ensuite, double-clic sur HijackThis puis en bas de la fenêtre clci sur "I accept"
Clic sur "do a system scan and save logfile"
Puis copie et colle le rapport ici

Si besoin d'aide pour HijackThis.

d'accord merci je le fais de suite

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:50:34, on 08/09/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WIN-LNA\System32\smss.exe
C:\WIN-LNA\system32\winlogon.exe
C:\WIN-LNA\system32\services.exe
C:\WIN-LNA\system32\lsass.exe
C:\WIN-LNA\system32\Ati2evxx.exe
C:\WIN-LNA\system32\svchost.exe
C:\WIN-LNA\System32\svchost.exe
C:\WIN-LNA\system32\Ati2evxx.exe
C:\Program LNA\Alwil Software\Avast4\aswUpdSv.exe
C:\Program LNA\Alwil Software\Avast4\ashServ.exe
C:\WIN-LNA\Explorer.EXE
C:\WIN-LNA\system32\spoolsv.exe
C:\Program LNA\Messenger\msmsgs.exe
C:\Program LNA\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Documents and Settings\lulu\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
C:\WIN-LNA\system32\svchost.exe
C:\Program LNA\Alwil Software\Avast4\ashMaiSv.exe
C:\Program LNA\Alwil Software\Avast4\ashWebSv.exe
C:\Program LNA\Windows Live\Messenger\msnmsgr.exe
C:\Program LNA\Windows Live\Messenger\usnsvc.exe
C:\Documents and Settings\lulu\Bureau\blabla.exe.exe
C:\Program LNA\Internet Explorer\iexplore.exe
C:\Program LNA\Common\Microsoft Shared\Windows Live\WLLoginProxy.exe

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://lo.st
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program LNA\Common\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\Program LNA\EoRezo\EoAdv\EoRezoBHO.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program LNA\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program LNA\Common\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program lna\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program LNA\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program lna\google\googletoolbar1.dll
O4 - HKLM\..\Run: [PopUp Destroy] C:\Program LNA\PopUp Destroy\Popup-Destroy.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program LNA\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program LNA\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program LNA\eChanblard\emule.exe -AutoStart
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\lulu\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nlhr] RunDll32.exe %SystemRoot%\System32\AdvPack.Dll,LaunchINFSection %SystemRoot%\inf\nlite.inf,C (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'Default user')
O4 - Startup: Anti-Pub.lnk = C:\Program LNA\Antipub\antipub.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program LNA\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program LNA\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program LNA\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program LNA\Messenger\msmsgs.exe
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://fichiers.touslesdrivers.com/...
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program LNA\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WIN-LNA\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program LNA\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program LNA\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program LNA\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program LNA\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: lxcy_device - - C:\WIN-LNA\system32\lxcycoms.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program LNA\ma-config.com\maconfservice.exe

* Relance HijackThis, choisis "do a scan only" coche la case devant les lignes ci-dessous et clic en bas sur "fix checked"
- Ferme Internet Explorer avant de cliquer sur Fix checked
- S'il manque des lignes ce n'est pas grave

O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\Program LNA\EoRezo\EoAdv\EoRezoBHO.dll (file missing)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKCU\..\Run: [MSMSGS] "C:\Program LNA\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program LNA\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe


Est-ce toi qui a mis en page de démarrage http://lo.st ou ça s'est inscrusté ?

Clic sur démarrer, poste de travail, Disque Local C:, Program Files (Program LNA), dans ce dossier cherche et supprime : EoRezo (plus utile/saloperie)


Pour le reste c'est ok, il serait bien d'installer un vrai pare-feu, car celui d'XP ne protége de pas grand-chose.
ZoneAlarm ou Sunbelt Personal Firewall sont relativement simples pour les débutants, à toi de voir !

Si autre problème n'hésite pas ++

d'accord merci beaucoup de ton aide.
pour la page http://lo.st non je ne l'ai pas mit elle c'est installer
d'acoord pour le pare-feu je vais faire cela
Merci beaucoup

voila c'est fait je n'est plus que le pare-feu a installer
Es que je peut suprimer Hijackthis ou pas?
En tout cas merci de ton aide et de ta grande rapiditer pour les reponces
bonne soiré a toi ;)

Oui, tu peux supprimer Hijackthis ainsi que le dossier Backups qui a du se créer.
Pour la page intruse http://lo.st essaie ceci :

Clic sur démarrer, panneau de configuration, connexion réseau et Internet, options Internet, dans l'onglet Général, remets une page de démarrage normale du type : http://www.google.fr/ puis clic sur Appliquer puis Ok. Si ça résiste fais-moi signe.

A++

probleme resolu merci

De rien ;-)

Bon surf alors ! ++