Je n arrive pas a instaler mon antivirus

bonjour,
OK je fait sa et je reviens merci

voici le nouveau rapport

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:08:52, on 18/10/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\userinit.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Windows\LSD\LClock\lclock.exe
C:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe
G:\VoipBuster\VoipBuster.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\Program Files\Hewlett-Packard\AiO\hp officejet g series\Bin\hpoavn07.exe
C:\WINDOWS\system32\sistray.exe
C:\WINDOWS\system32\IoctlSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Documents and Settings\Internet\Bureau\HiJackThis.exe
C:\PROGRA~1\HEWLET~1\AiO\Shared\Bin\hpoevm07.exe
C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
C:\Program Files\Hewlett-Packard\AiO\Shared\bin\hpOSTS07.exe
C:\Program Files\Hewlett-Packard\AiO\Shared\bin\hpOFXM07.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =

https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.ovh.co.uk/mail/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =

https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =

https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =

https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up -

{EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program

Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [SiSPower] Rundll32.exe SiSPower.dll,ModeAgent
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader

9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LClock] C:\Windows\LSD\LClock\lclock.exe
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program

Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe"

ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKCU\..\Run: [VoipBuster] "G:\VoipBuster\VoipBuster.exe" -nosplash -minimized
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE

RÉSEAU')
O4 - HKUS\S-1-5-20\..\RunOnce: [WinLSD_SP3] %systemroot%\LSD\end.cmd (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SERVICE

RÉSEAU')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx

nLite.inf,C,,4,N (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [WinLSD_SP3] %systemroot%\LSD\end.cmd (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [WinLSD_SP3] %systemroot%\LSD\end.cmd (User 'Default user')
O4 - Global Startup: HPAiODevice(hp officejet g series) - 1.lnk = C:\Program

Files\Hewlett-Packard\AiO\hp officejet g series\Bin\hpoavn07.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft

Office\Office10\OSA.EXE
O4 - Global Startup: Utility Tray.lnk = C:\WINDOWS\system32\sistray.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program

Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -

C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network

Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} -

C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) -

https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -

http://www.update.microsoft.com/...

8618049437
O20 - AppInit_DLLs: jpfkgj.dll ejwwxu.dll orgzpl.dll vwymmy.dll eorxml.dll zuxnsj.dll
O20 - Winlogon Notify: eseqgt - C:\WINDOWS\
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero

BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers

communs\Nero\Lib\NMIndexingService.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. -

C:\WINDOWS\system32\IoctlSvc.exe

Bonjour,

Veuillez m'excuser si je répond pas de suite je travail donc je ne suit pas toujours sur l ordi

la je fait l'Anti-Malware il est lent car j'ai fait aussi mon disque dur externe

Merci de votre compréhension

Voici le rapport


Malwarebytes' Anti-Malware 1.29
Version de la base de données: 1282
Windows 5.1.2600 Service Pack 3

21/10/2008 11:53:28
mbam-log-2008-10-21 (11-53-28).txt

Type de recherche: Examen complet (C:\|E:\|F:\|G:\|I:\|)
Eléments examinés: 374939
Temps écoulé: 1 hour(s), 59 minute(s), 57 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 2
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Track System (Trojan.Vundo) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)

Voici le rapport

Malwarebytes' Anti-Malware 1.29
Version de la base de données: 1282
Windows 5.1.2600 Service Pack 3

23/10/2008 10:50:08
mbam-log-2008-10-23 (10-50-08).txt

Type de recherche: Examen complet (C:\|E:\|F:\|G:\|I:\|)
Eléments examinés: 374818
Temps écoulé: 53 minute(s), 24 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 2
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Track System (Trojan.Vundo) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)

Voici le rapport

ComboFix 08-10-27.03 - Internet 2008-10-28 10:02:28.1 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.3.1252.1.1036.18.2536 [GMT 1:00]
Lancé depuis: C:\Documents and Settings\Internet\Bureau\ComboFix.exe

[COLOR=RED][B]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/B][/COLOR]
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Antivirus XP 2008
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Antivirus XP 2008.lnk
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Antivirus XP 2008\How to Register Antivirus XP 2008.lnk
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Antivirus XP 2008\License Agreement.lnk
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Antivirus XP 2008\Register Antivirus XP 2008.lnk
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Antivirus XP 2008\Uninstall.lnk
C:\WINDOWS\system32\gMSCJRqr.ini
C:\WINDOWS\system32\gMSCJRqr.ini2
C:\WINDOWS\system32\setup.ini
C:\WINDOWS\system32\sigcbjxp.ini
C:\WINDOWS\system32\xpwnlmxw.ini
C:\WINDOWS\system32\xpwnlmxw.ini2
C:\WINDOWS\system32\xpwnlmxw.tmp
C:\WINDOWS\system32\xsixcqss.ini

.
((((((((((((((((((((((((((((( Fichiers créés du 2008-09-28 au 2008-10-28 ))))))))))))))))))))))))))))))))))))
.

2008-10-21 08:14 . 2008-04-13 08:45 15,104 --a------ C:\WINDOWS\system32\drivers\usbscan.sys
2008-10-21 08:01 . 2008-10-21 08:01 <REP> d-------- C:\Documents and Settings\Internet\Application Data\EPSON
2008-10-20 16:12 . 2008-10-20 16:12 <REP> d-------- C:\Program Files\ArcSoft
2008-10-20 16:12 . 1995-08-01 03:44 212,480 --a------ C:\WINDOWS\PCDLIB32.DLL
2008-10-20 16:12 . 2003-09-19 14:45 21,248 --a------ C:\WINDOWS\system32\drivers\pfc.sys
2008-10-20 15:55 . 2008-10-20 15:55 <REP> d-------- C:\Program Files\NewSoft
2008-10-20 15:55 . 1998-11-13 12:16 308,224 --a------ C:\WINDOWS\IsUninst.exe
2008-10-20 15:55 . 1998-11-13 12:16 308,224 --a------ C:\WINDOWS\IsUn040c.exe
2008-10-20 15:55 . 1999-08-04 13:00 262,144 --a------ C:\WINDOWS\system32\Msexcl35.dll
2008-10-20 15:55 . 1998-06-30 14:13 250,128 --a------ C:\WINDOWS\system32\mspdox35.dll
2008-10-20 15:55 . 1999-08-04 13:00 176,128 --a------ C:\WINDOWS\system32\Mstext35.dll
2008-10-20 15:55 . 1998-06-30 14:13 166,160 --a------ C:\WINDOWS\system32\msltus35.dll
2008-10-20 15:55 . 1998-10-09 12:59 143,872 --a------ C:\WINDOWS\_IsRes.Dll
2008-10-20 15:55 . 2000-08-10 11:40 73,810 --a------ C:\WINDOWS\system32\rapi.dll
2008-10-20 15:55 . 2003-06-18 14:35 49,152 --a------ C:\WINDOWS\StiRegstFre.dll
2008-10-20 15:55 . 2000-08-10 11:41 41,044 --a------ C:\WINDOWS\system32\ceutil.dll
2008-10-20 15:45 . 2008-10-20 15:45 <REP> d-------- C:\Program Files\ABBYY FineReader 6.0 Sprint
2008-10-20 15:23 . 2008-10-20 16:12 <REP> d-------- C:\Program Files\epson
2008-10-20 15:23 . 2005-04-13 23:00 282,624 --a------ C:\WINDOWS\system32\esint52.dll
2008-10-20 15:23 . 2005-04-13 23:00 180,224 --a------ C:\WINDOWS\system32\eswia52.dll
2008-10-20 15:23 . 2005-04-13 23:00 64,000 --a------ C:\WINDOWS\system32\esfw52.bin
2008-10-20 15:23 . 2005-02-08 01:00 5,632 --a------ C:\WINDOWS\system32\escdev.dll
2008-10-20 15:23 . 2008-10-20 15:23 27 --a------ C:\WINDOWS\CDE P34903590EF.ini
2008-10-18 17:59 . 2008-10-18 17:59 <REP> d-------- C:\Program Files\Kaspersky Lab
2008-10-18 17:59 . 2008-10-28 09:34 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2008-10-18 17:59 . 2008-10-28 10:04 1,664,800 --ahs---- C:\WINDOWS\system32\drivers\fidbox.dat
2008-10-18 17:59 . 2008-10-18 18:08 96,976 --a------ C:\WINDOWS\system32\drivers\klin.dat
2008-10-18 17:59 . 2008-10-18 18:08 87,855 --a------ C:\WINDOWS\system32\drivers\klick.dat
2008-10-18 17:59 . 2008-10-28 10:05 81,952 --ahs---- C:\WINDOWS\system32\drivers\fidbox2.dat
2008-10-18 17:59 . 2008-10-28 10:04 24,392 --ahs---- C:\WINDOWS\system32\drivers\fidbox.idx
2008-10-18 17:59 . 2008-10-28 10:04 9,728 --ahs---- C:\WINDOWS\system32\drivers\fidbox2.idx
2008-10-18 10:31 . 2008-10-18 10:31 <REP> d-------- C:\Program Files\Windows Installer Clean Up
2008-10-18 10:31 . 2008-10-18 10:31 <REP> d-------- C:\Program Files\MSECACHE
2008-10-18 09:56 . 2008-10-18 09:56 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-10-18 09:56 . 2008-10-18 09:56 <REP> d-------- C:\Documents and Settings\Internet\Application Data\Malwarebytes
2008-10-18 09:56 . 2008-10-18 09:56 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-10-18 09:56 . 2008-10-16 19:25 38,496 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2008-10-18 09:56 . 2008-10-16 19:25 15,504 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-10-17 18:28 . 2008-10-17 18:28 <REP> d-------- C:\WINDOWS\system32\xircom
2008-10-17 18:28 . 2008-10-17 18:28 <REP> d-------- C:\WINDOWS\srchasst
2008-10-17 18:28 . 2008-10-17 18:28 <REP> d-------- C:\Program Files\microsoft frontpage
2008-10-17 18:03 . 2008-10-17 18:03 579,584 --a------ C:\WINDOWS\system32\dllcache\user32.dll
2008-10-17 17:58 . 2008-10-17 17:58 <REP> d-------- C:\WINDOWS\ERUNT
2008-10-17 16:31 . 2008-10-17 18:31 <REP> d-------- C:\SDFix

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-10-24 08:08 --------- d-----w C:\Program Files\Mozilla Thunderbird
2008-10-20 15:12 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-10-20 14:57 --------- d-----w C:\Program Files\Fichiers communs\InstallShield
2008-10-18 17:08 112,144 ----a-w C:\WINDOWS\system32\drivers\kl1.sys
2008-09-25 15:41 --------- d-----w C:\Documents and Settings\Internet\Application Data\Uniblue
2008-09-23 15:16 --------- d-----w C:\Program Files\Registre de cave
2008-09-19 13:40 --------- d-----w C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files
2008-09-09 16:10 --------- d-----w C:\Documents and Settings\Internet\Application Data\vlc
2008-09-09 16:09 --------- d-----w C:\Program Files\VideoLAN
2008-08-07 16:04 315,392 ----a-w C:\WINDOWS\HideWin.exe
.

------- Sigcheck -------

2008-04-29 05:12 361344 030dc4d48cc2b894fee2f390d8e66ad5 C:\WINDOWS\system32\drivers\tcpip.sys

2008-06-15 22:20 2165760 574412116e1b190b325c390a515c4e3e C:\WINDOWS\system32\ntkrnlpa.exe

2008-06-04 20:57 2287104 4332a55a3b40a1b97aa124e6cd6e5420 C:\WINDOWS\system32\ntoskrnl.exe

2008-06-04 22:18 979968 d1ea0a366973eca3e03f1acbefda8f43 C:\WINDOWS\explorer.exe
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-14 15360]
"LClock"="C:\Windows\LSD\LClock\lclock.exe" [2004-09-19 65536]
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe" [2008-06-24 1840424]
"VoipBuster"="G:\VoipBuster\VoipBuster.exe" [2008-01-17 8811824]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
"NeroFilterCheck"="C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe" [2008-06-19 570664]
"NBKeyScan"="C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2008-06-08 2221352]
"EEventManager"="C:\Program Files\EPSON\Creativity Suite\Event Manager\EEventManager.exe" [2005-04-08 102400]
"AVP"="C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe" [2007-06-28 218376]
"RTHDCPL"="RTHDCPL.EXE" [2007-08-20 C:\WINDOWS\RTHDCPL.exe]
"SkyTel"="SkyTel.EXE" [2007-08-03 C:\WINDOWS\SkyTel.exe]
"SiSPower"="SiSPower.dll" [2007-06-25 C:\WINDOWS\system32\SiSPower.dll]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2008-04-14 15360]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"nltide_2"="shell32" [X]
"WinLSD_SP3"="C:\WINDOWS\LSD\end.cmd" [2008-06-17 9944]
"nltide_3"="advpack.dll" [2008-04-23 C:\WINDOWS\system32\advpack.dll]

C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
HPAiODevice(hp officejet g series) - 1.lnk - C:\Program Files\Hewlett-Packard\AiO\hp officejet g series\Bin\hpoavn07.exe [2002-11-20 151552]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-13 83360]
Utility Tray.lnk - C:\WINDOWS\system32\sistray.exe [2008-08-07 262144]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoSMHelp"= 1 (0x1)
"NoSMBalloonTip"= 0 (0x0)

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoSMHelp"= 1 (0x1)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lor68.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
"DisableUnicastResponsesToMulticastBroadcast"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"G:\\VoipBuster\\VoipBuster.exe"=
"C:\\WINDOWS\\system32\\winver.exe"=

R3 klim5;Kaspersky Anti-Virus NDIS Filter;C:\WINDOWS\system32\DRIVERS\klim5.sys [2007-04-04 24344]
R3 SNXPCARD;SNXPCARD;C:\WINDOWS\system32\DRIVERS\snxpcard.sys [2004-02-26 23040]
R3 SNXPPALX;SNXPPALX;C:\WINDOWS\system32\DRIVERS\snxppalx.sys [2004-02-26 76800]
R3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S0 Lor68;Lor68;C:\WINDOWS\system32\Drivers\Lor68.sys [ ]
S3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]

*Newly Created Service* - HELPSVC
.
- - - - ORPHELINS SUPPRIMES - - - -

HKU-Default-RunOnce-tscuninstall - C:\WINDOWS\system32\tscupgrd.exe
Notify-eseqgt - (no file)


.
------- Examen supplémentaire -------
.
FireFox -: Profile - C:\Documents and Settings\Internet\Application Data\Mozilla\Firefox\Profiles\jmzgulko.default\
FireFox -: prefs.js - STARTUP.HOMEPAGE - google.fr
FF -: plugin - C:\Program Files\Yahoo!\Common\npyaxmpb.dll
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-10-28 10:05:12
Windows 5.1.2600 Service Pack 3 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
------------------------ Autres processus actifs ------------------------
.
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\system32\IoctlSvc.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
C:\WINDOWS\system32\rundll32.exe
C:\PROGRA~1\HEWLET~1\AiO\Shared\Bin\hpoevm07.exe
C:\WINDOWS\system32\hpoipm07.exe
C:\Program Files\Hewlett-Packard\AiO\Shared\Bin\hposts07.exe
C:\Program Files\Hewlett-Packard\AiO\Shared\Bin\hpofxm07.exe
.
**************************************************************************
.
Heure de fin: 2008-10-28 10:06:27 - La machine a redémarré [Internet]
ComboFix-quarantined-files.txt 2008-10-28 09:06:24

Avant-CF: 40,853,180,416 octets libres
Après-CF: 40,807,575,552 octets libres

182

--Bonjour,
Comment je la met à jour
merci

Il n'est pas de joie qui égale celle de se créer de nouvelles amitiés.
Ce n'est pas la volonté qui mène au but, mais le but qui donne la volonté

Voici le rapport

Scan saved at 12:58:23, on 28/10/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\system32\IoctlSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\EPSON\Creativity Suite\Event Manager\EEventManager.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Windows\LSD\LClock\lclock.exe
C:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe
G:\VoipBuster\VoipBuster.exe
C:\Program Files\Hewlett-Packard\AiO\hp officejet g series\Bin\hpoavn07.exe
C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
C:\WINDOWS\system32\sistray.exe
C:\PROGRA~1\HEWLET~1\AiO\Shared\Bin\hpoevm07.exe
C:\Program Files\Hewlett-Packard\AiO\Shared\bin\hpOSTS07.exe
C:\Program Files\Hewlett-Packard\AiO\Shared\bin\hpOFXM07.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
C:\WINDOWS\system32\hpoipm07.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Internet\Bureau\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.ovh.co.uk/mail/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [SiSPower] Rundll32.exe SiSPower.dll,ModeAgent
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [EEventManager] C:\Program Files\EPSON\Creativity Suite\Event Manager\EEventManager.exe
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LClock] C:\Windows\LSD\LClock\lclock.exe
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKCU\..\Run: [VoipBuster] "G:\VoipBuster\VoipBuster.exe" -nosplash -minimized
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [WinLSD_SP3] %systemroot%\LSD\end.cmd (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-20\..\RunOnce: [WinLSD_SP3] %systemroot%\LSD\end.cmd (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [WinLSD_SP3] %systemroot%\LSD\end.cmd (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [WinLSD_SP3] %systemroot%\LSD\end.cmd (User 'Default user')
O4 - Global Startup: HPAiODevice(hp officejet g series) - 1.lnk = C:\Program Files\Hewlett-Packard\AiO\hp officejet g series\Bin\hpoavn07.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Utility Tray.lnk = C:\WINDOWS\system32\sistray.exe
O8 - Extra context menu item: Ajouter à Kaspersky Anti-Bannière - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\ie_banner_deny.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Statistiques d’Anti-Virus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\SCIEPlgn.dll
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O23 - Service: Kaspersky Internet Security 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe

voici le rapport

BitDefender Online Scanner - Rapport virus en temps réel
Généré à: Wed, Oct 29, 2008 - 10:52:56

Info d'analyse

Fichiers scannés

43705

Infectés Fichiers

3

Virus Détectés

Trojan.Vundo.FNJ


2

Trojan.FakeAlert.AFW

1


Ce sommaire du processus d'analyse sera utilisé par les laboratoires Antivirus BitDefender pour créer des statistiques agréguées sur l'activité des virus dans le monde.

voici le rapport de virustotal

voila je crois que je n'ai rien oublier merci encore de ton aide

voici se qu il me dit
Exception
Please report failure as: ErrorTime= "Oct 29 12:13:29"

Voici le rappor de panda
il se conporte bien
j'ete en mode normal

;***********************************************************************************************************************************************************************************
ANALYSIS: 2008-10-29 12:45:06
PROTECTIONS: 1
MALWARE: 42
SUSPECTS: 0
;***********************************************************************************************************************************************************************************
PROTECTIONS
Description Version Active Updated
;===================================================================================================================================================================================
Kaspersky Internet Security 7.0 7.0.0.125 No Yes
;===================================================================================================================================================================================
MALWARE
Id Description Type Active Severity Disinfectable Disinfected Location
;===================================================================================================================================================================================
00040619 Exploit/MSWord Virus/Trojan No 0 Yes No C:\Documents and Settings\Internet\Application Data\Thunderbird\Profiles\5wd6qa27.default\Mail\mail.cellierdespradeaux-1.com\Inbox[Rechnung.zip][Rechnung.doc]
00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Documents and Settings\Internet\Cookies\internet@doubleclick[2].txt
00167704 Cookie/Xiti TrackingCookie No 0 Yes No C:\Documents and Settings\Internet\Cookies\internet@xiti[1].txt
00172449 Cookie/MetriWeb TrackingCookie No 0 Yes No C:\Documents and Settings\Internet\Cookies\internet@metriweb[1].txt
00380633 Bck/Hijack.C Virus/Trojan No 1 Yes No C:\Documents and Settings\Internet\Application Data\Thunderbird\Profiles\5wd6qa27.default\Mail\mail.cellierdespradeaux-1.com\Inbox[start.zip][Start.exe]
00380633 Bck/Hijack.C Virus/Trojan No 1 Yes No C:\Documents and Settings\Internet\Application Data\Thunderbird\Profiles\5wd6qa27.default\Mail\mail.cellierdespradeaux-1.com\Inbox[start.zip][Start.exe]
00380633 Bck/Hijack.C Virus/Trojan No 1 Yes No C:\Documents and Settings\Internet\Application Data\Thunderbird\Profiles\5wd6qa27.default\Mail\mail.cellierdespradeaux-1.com\Inbox[start.zip][Start.exe]
00380633 Bck/Hijack.C Virus/Trojan No 1 Yes No C:\Documents and Settings\Internet\Application Data\Thunderbird\Profiles\5wd6qa27.default\Mail\mail.cellierdespradeaux-1.com\Inbox[start.zip][Start.exe]
00380633 Bck/Hijack.C Virus/Trojan No 1 Yes No C:\Documents and Settings\Internet\Application Data\Thunderbird\Profiles\5wd6qa27.default\Mail\mail.cellierdespradeaux-1.com\Inbox[start.zip][Start.exe]
00383230 Trj/Goldun.TC Virus/Trojan No 1 Yes No C:\Documents and Settings\Internet\Application Data\Thunderbird\Profiles\5wd6qa27.default\Mail\mail.cellierdespradeaux-1.com\Inbox[e-card.zip][e-card.exe]
00383230 Trj/Goldun.TC Virus/Trojan No 1 Yes No C:\Documents and Settings\Internet\Application Data\Thunderbird\Profiles\5wd6qa27.default\Mail\mail.cellierdespradeaux-1.com\Inbox[e-card.zip][e-card.exe]
00383955 Joke/Bluescreen Jokes No 0 Yes No C:\SDFix\backups\backups.zip[backups/blphc7gbj0e33c.scr]
00388532 W32/MailWorm.F.worm Virus/Worm No 0 No No C:\Documents and Settings\Internet\Application Data\Thunderbird\Profiles\5wd6qa27.default\Mail\mail.cellierdespradeaux-1.com\Inbox[tits.rar][tits.exe]
00389017 Trj/Goldun.TE Virus/Trojan No 1 Yes No C:\Documents and Settings\Internet\Application Data\Thunderbird\Profiles\5wd6qa27.default\Mail\mail.cellierdespradeaux-1.com\Inbox[user-EA49943X-activities.zip][user-EA49943X-activities.exe]
00389017 Trj/Goldun.TE Virus/Trojan No 1 Yes No C:\Documents and Settings\Internet\Application Data\Thunderbird\Profiles\5wd6qa27.default\Mail\mail.cellierdespradeaux-1.com\Inbox[ecard.zip][ecard.exe]
00394860 Trj/Goldun.TF Virus/Trojan No 0 Yes No C:\Documents and Settings\Internet\Application Data\Thunderbird\Profiles\5wd6qa27.default\Mail\mail.cellierdespradeaux-1.com\Inbox[user-EA49943X-activities.zip][user-EA49943X-activities.exe]
00394860 Trj/Goldun.TF Virus/Trojan No 0 Yes No C:\Documents and Settings\Internet\Application Data\Thunderbird\Profiles\5wd6qa27.default\Mail\mail.cellierdespradeaux-1.com\Inbox[ecard.zip][ecard.exe]
00395435 Trj/Agent.JXB Virus/Trojan No 1 Yes No C:\Documents and Settings\Internet\Application Data\Thunderbird\Profiles\5wd6qa27.default\Mail\mail.cellierdespradeaux-1.com\Inbox[tits.zip][tits.exe]
00395435 Trj/Agent.JXB Virus/Trojan No 1 Yes No C:\Documents and Settings\Internet\Application Data\Thunderbird\Profiles\5wd6qa27.default\Mail\mail.cellierdespradeaux-1.com\Inbox[tits.zip][tits.exe]
00399882 Trj/Goldun.TI Virus/Trojan No 0 Yes No C:\Documents and Settings\Internet\Application Data\Thunderbird\Profiles\5wd6qa27.default\Mail\mail.cellierdespradeaux-1.com\Inbox[ecard.zip][ecard.exe]
00399882 Trj/Goldun.TI Virus/Trojan No 0 Yes No C:\Documents and Settings\Internet\Application Data\Thunderbird\Profiles\5wd6qa27.default\Mail\mail.cellierdespradeaux-1.com\Inbox[ecard.zip][ecard.exe]
00401287 Spyware/Virtumonde Spyware No 1 Yes No C:\WINDOWS\system32\hvmpctds.dll
00404648 Bck/Agent.JYG Virus/Trojan No 1 Yes No C:\Documents and Settings\Internet\Application Data\Thunderbird\Profiles\5wd6qa27.default\Mail\mail.cellierdespradeaux-1.com\Inbox[pussy.zip][pussy.exe]
00405933 W32/Alcaul.Y.worm Virus/Worm No 0 Yes No C:\Documents and Settings\Internet\Application Data\Thunderbird\Profiles\5wd6qa27.default\Mail\mail.cellierdespradeaux-1.com\Inbox[pussy.zip][pussy.scr]
00406247 Trj/Goldun.TJ Virus/Trojan No 0 Yes No C:\Documents and Settings\Internet\Application Data\Thunderbird\Profiles\5wd6qa27.default\Mail\mail.cellierdespradeaux-1.com\Inbox[video.zip][video.exe]
00412206 Trj/Agent.JZI Virus/Trojan No 1 Yes No C:\Documents and Settings\Internet\Application Data\Thunderbird\Profiles\5wd6qa27.default\Mail\mail.cellierdespradeaux-1.com\Inbox[e-card.zip][e-card.exe]
00413799 Trj/Small.ZN Virus/Trojan No 0 Yes No C:\Documents and Settings\Internet\Application Data\Thunderbird\Profiles\5wd6qa27.default\Mail\mail.cellierdespradeaux-1.com\Inbox[pussy.zip][pussy.scr]
00428203 W32/Nuwar.VP.worm Virus/Worm No 1 Yes No C:\Documents and Settings\Internet\Application Data\Thunderbird\Profiles\5wd6qa27.default\Mail\mail.cellierdespradeaux-1.com\Inbox[card.zip][card.scr]
00428203 W32/Nuwar.VP.worm Virus/Worm No 1 Yes No C:\Documents and Settings\Internet\Application Data\Thunderbird\Profiles\5wd6qa27.default\Mail\mail.cellierdespradeaux-1.com\Inbox[card.zip][card.scr]
00429071 Trj/Sinowal.VVB Virus/Trojan No 0 Yes No C:\Documents and Settings\Internet\Application Data\Thunderbird\Profiles\5wd6qa27.default\Mail\mail.cellierdespradeaux-1.com\Inbox[AIRMAIL#7661224.zip][AIRMAIL#7661224.exe]
00588421 Adware/RogueAntimalware2008 Adware No 0 Yes No C:\Documents and Settings\Internet\Application Data\Thunderbird\Profiles\5wd6qa27.default\Mail\mail.cellierdespradeaux-1.com\Inbox[video.zip][Video.exe]
00588421 Adware/RogueAntimalware2008 Adware No 0 Yes No C:\Documents and Settings\Internet\Application Data\Thunderbird\Profiles\5wd6qa27.default\Mail\mail.cellierdespradeaux-1.com\Inbox[video.zip][Video.exe]
00588421 Adware/RogueAntimalware2008 Adware No 0 Yes No C:\Documents and Settings\Internet\Application Data\Thunderbird\Profiles\5wd6qa27.default\Mail\mail.cellierdespradeaux-1.com\Inbox[video.zip][Video.exe]
01185375 Application/Psexec.A HackTools No 0 Yes No C:\System Volume Information\_restore{44BA4F87-4BBE-4B61-891F-721525415FAA}\RP22\A0001820.EXE
02885963 Rootkit/Booto.C Virus/Worm No 0 Yes No C:\System Volume Information\_restore{44BA4F87-4BBE-4B61-891F-721525415FAA}\RP22\A0001787.sys
02993973 Trj/Agent.IVT Virus/Trojan No 0 Yes No C:\Documents and Settings\Internet\Application Data\Thunderbird\Profiles\5wd6qa27.default\Mail\mail.cellierdespradeaux-1.com\Inbox[xjolie.zip][xjolie.scr]
03466975 Trj/Pushdo.D Virus/Trojan No 0 Yes No C:\Documents and Settings\Internet\Application Data\Thunderbird\Profiles\5wd6qa27.default\Mail\mail.cellierdespradeaux-1.com\Inbox[film.zip][film.scr]
03476623 Adware/WinAntispyware2008 Adware No 0 Yes No C:\Documents and Settings\Internet\Application Data\Thunderbird\Profiles\5wd6qa27.default\Mail\mail.cellierdespradeaux-1.com\Inbox[WWW_99120.zip][WWW_99120.exe]
03476623 Adware/WinAntispyware2008 Adware No 0 Yes No C:\Documents and Settings\Internet\Application Data\Thunderbird\Profiles\5wd6qa27.default\Mail\mail.cellierdespradeaux-1.com\Inbox[WWW_99120.zip][WWW_99120.exe]
03476623 Adware/WinAntispyware2008 Adware No 0 Yes No C:\Documents and Settings\Internet\Application Data\Thunderbird\Profiles\5wd6qa27.default\Mail\mail.cellierdespradeaux-1.com\Inbox[WWW_99120.zip][WWW_99120.exe]
03479072 Trj/Sinowal.VRE Virus/Trojan No 0 Yes No C:\Documents and Settings\Internet\Application Data\Thunderbird\Profiles\5wd6qa27.default\Mail\mail.cellierdespradeaux-1.com\Inbox[WW_671282.zip][WW_671282.exe]
03488985 Adware/XPSecurityCenter Adware No 0 Yes No C:\Documents and Settings\Internet\Application Data\Thunderbird\Profiles\5wd6qa27.default\Mail\mail.cellierdespradeaux-1.com\Inbox[Invoice_x20080801.zip][Invoice_x20080801.exe]
03489600 Trj/Agent.JQV Virus/Trojan No 0 Yes No C:\Documents and Settings\Internet\Application Data\Thunderbird\Profiles\5wd6qa27.default\Mail\mail.cellierdespradeaux-1.com\Inbox[film.zip][film.scr]
03489600 Trj/Agent.JQV Virus/Trojan No 0 Yes No C:\Documents and Settings\Internet\Application Data\Thunderbird\Profiles\5wd6qa27.default\Mail\mail.cellierdespradeaux-1.com\Inbox[film.zip][film.scr]
03500318 Adware/XPSecurityCenter Adware No 0 Yes No C:\Documents and Settings\Internet\Application Data\Thunderbird\Profiles\5wd6qa27.default\Mail\mail.cellierdespradeaux-1.com\Inbox[WD6128922.zip][WD6128922.exe]
03548814 Trj/Spy.VX Virus/Trojan No 0 Yes No C:\Documents and Settings\Internet\Application Data\Thunderbird\Profiles\5wd6qa27.default\Mail\mail.cellierdespradeaux-1.com\Inbox[RN67761263.zip][RN67761263.exe]
03559472 Trj/Agent.JST Virus/Trojan No 0 Yes No C:\Documents and Settings\Internet\Application Data\Thunderbird\Profiles\5wd6qa27.default\Mail\mail.cellierdespradeaux-2.com\Trash[screen.zip][screen.scr]
03559472 Trj/Agent.JST Virus/Trojan No 0 Yes No C:\Documents and Settings\Internet\Application Data\Thunderbird\Profiles\5wd6qa27.default\Mail\mail.cellierdespradeaux-2.com\Inbox[screen.zip][screen.scr]
03559472 Trj/Agent.JST Virus/Trojan No 0 Yes No C:\Documents and Settings\Internet\Application Data\Thunderbird\Profiles\5wd6qa27.default\Mail\mail.cellierdespradeaux-2.com\Inbox[screen.zip][screen.scr]
03559472 Trj/Agent.JST Virus/Trojan No 0 Yes No C:\Documents and Settings\Internet\Application Data\Thunderbird\Profiles\5wd6qa27.default\Mail\mail.cellierdespradeaux-2.com\Trash[screen.zip][screen.scr]
03559472 Trj/Agent.JST Virus/Trojan No 0 Yes No C:\Documents and Settings\Internet\Application Data\Thunderbird\Profiles\5wd6qa27.default\Mail\mail.cellierdespradeaux-1.com\Inbox[screen.zip][screen.scr]
03559472 Trj/Agent.JST Virus/Trojan No 0 Yes No C:\Documents and Settings\Internet\Application Data\Thunderbird\Profiles\5wd6qa27.default\Mail\mail.cellierdespradeaux-1.com\Inbox[screen.zip][screen.scr]
03559472 Trj/Agent.JST Virus/Trojan No 0 Yes No C:\Documents and Settings\Internet\Application Data\Thunderbird\Profiles\5wd6qa27.default\Mail\mail.cellierdespradeaux-1.com\Inbox[screen.zip][screen.scr]
03559472 Trj/Agent.JST Virus/Trojan No 0 Yes No C:\Documents and Settings\Internet\Application Data\Thunderbird\Profiles\5wd6qa27.default\Mail\mail.cellierdespradeaux-1.com\Inbox[screen.zip][screen.scr]
03626337 Adware/RogueAntimalware2008 Adware No 0 Yes No C:\Documents and Settings\Internet\Application Data\Thunderbird\Profiles\5wd6qa27.default\Mail\mail.cellierdespradeaux-1.com\Inbox[click2.zip][Click.Me.exe]
03626337 Adware/RogueAntimalware2008 Adware No 0 Yes No C:\Documents and Settings\Internet\Application Data\Thunderbird\Profiles\5wd6qa27.default\Mail\mail.cellierdespradeaux-1.com\Inbox[click2.zip][Click.Me.exe]
03626337 Adware/RogueAntimalware2008 Adware No 0 Yes No C:\Documents and Settings\Internet\Application Data\Thunderbird\Profiles\5wd6qa27.default\Mail\mail.cellierdespradeaux-1.com\Inbox[click2.zip][Click.Me.exe]
03626337 Adware/RogueAntimalware2008 Adware No 0 Yes No C:\Documents and Settings\Internet\Application Data\Thunderbird\Profiles\5wd6qa27.default\Mail\mail.cellierdespradeaux-1.com\Inbox[click2.zip][Click.Me.exe]
03645020 Adware/RogueAntimalware2008 Adware No 0 Yes No C:\Documents and Settings\Internet\Application Data\Thunderbird\Profiles\5wd6qa27.default\Mail\mail.cellierdespradeaux-1.com\Inbox[Fees_2008-2009.zip][Fees_2008-2009.doc.exe]
03652125 Trj/Sinowal.VTL Virus/Trojan No 0 Yes No C:\Documents and Settings\Internet\Application Data\Thunderbird\Profiles\5wd6qa27.default\Mail\mail.cellierdespradeaux-1.com\Inbox[ups_invoice.zip][ups_invoice.exe]
03665338 Trj/Goldun.TB Virus/Trojan No 1 Yes No C:\Documents and Settings\Internet\Application Data\Thunderbird\Profiles\5wd6qa27.default\Mail\mail.cellierdespradeaux-1.com\Inbox[user-EA49943X-activities.zip][user-EA49943X-activities.exe]
03665338 Trj/Goldun.TB Virus/Trojan No 1 Yes No C:\Documents and Settings\Internet\Application Data\Thunderbird\Profiles\5wd6qa27.default\Mail\mail.cellierdespradeaux-1.com\Inbox[user-EA49943X-activities.zip][user-EA49943X-activities.exe]
03665338 Trj/Goldun.TB Virus/Trojan No 1 Yes No C:\Documents and Settings\Internet\Application Data\Thunderbird\Profiles\5wd6qa27.default\Mail\mail.cellierdespradeaux-1.com\Inbox[user-EA49943X-activities.zip][user-EA49943X-activities.exe]
03665997 Trj/Spammer.AJL Virus/Trojan No 0 Yes No C:\Documents and Settings\Internet\Application Data\Thunderbird\Profiles\5wd6qa27.default\Mail\mail.cellierdespradeaux-1.com\Inbox[jolie.zip][jolie.exe]
03665997 Trj/Spammer.AJL Virus/Trojan No 0 Yes No C:\Documents and Settings\Internet\Application Data\Thunderbird\Profiles\5wd6qa27.default\Mail\mail.cellierdespradeaux-1.com\Inbox[jolie.zip][jolie.exe]
03682905 Generic Malware Virus/Trojan No 0 Yes No C:\Documents and Settings\Internet\Application Data\Thunderbird\Profiles\5wd6qa27.default\Mail\mail.cellierdespradeaux-1.com\Inbox[tube.zip][VideoTube.com.avi.exe]
03682905 Generic Malware Virus/Trojan No 0 Yes No C:\Documents and Settings\Internet\Application Data\Thunderbird\Profiles\5wd6qa27.default\Mail\mail.cellierdespradeaux-1.com\Inbox[tube.zip][VideoTube.com.avi.exe]
03682905 Generic Malware Virus/Trojan No 0 Yes No C:\Documents and Settings\Internet\Application Data\Thunderbird\Profiles\5wd6qa27.default\Mail\mail.cellierdespradeaux-1.com\Inbox[tube.zip][VideoTube.com.avi.exe]
03682905 Generic Malware Virus/Trojan No 0 Yes No C:\Documents and Settings\Internet\Application Data\Thunderbird\Profiles\5wd6qa27.default\Mail\mail.cellierdespradeaux-1.com\Inbox[tube.zip][VideoTube.com.avi.exe]
03682905 Generic Malware Virus/Trojan No 0 Yes No C:\Documents and Settings\Internet\Application Data\Thunderbird\Profiles\5wd6qa27.default\Mail\mail.cellierdespradeaux-1.com\Inbox[tube.zip][VideoTube.com.avi.exe]
03707379 Linux/Hijack.B Virus/Worm No 1 Yes No C:\SDFix\backups\backups.zip[backups/eseqgt.dll]
03722063 Generic Trojan Virus/Trojan No 0 Yes No C:\WINDOWS\system32\qhgqgqel.dll
03722063 Generic Trojan Virus/Trojan No 0 Yes No C:\WINDOWS\system32\fcwdbgis.dll
03738686 Generic Malware Virus/Trojan No 0 No No C:\Documents and Settings\Internet\Bureau\TELECHARGER2\protection ordi\SDFix.exe[C:\Documents and Settings\Internet\Bureau\TELECHARGER2\protection ordi\SDFix.exe][SDFix\apps\Cghtme.exe]
03738686 Generic Malware Virus/Trojan No 0 Yes No C:\SDFix\apps\Cghtme.exe
03738686 Generic Malware Virus/Trojan No 0 Yes No C:\SDFix\catchme.exe
03738686 Generic Malware Virus/Trojan No 0 No No C:\Documents and Settings\Internet\Bureau\TELECHARGER2\protection ordi\SDFix.exe[C:\Documents and Settings\Internet\Bureau\TELECHARGER2\protection ordi\SDFix.exe][SDFix\catchme.exe]
03831710 Generic Trojan Virus/Trojan No 0 Yes No C:\WINDOWS\system32\orgzpl.dll
03831710 Generic Trojan Virus/Trojan No 0 Yes No C:\WINDOWS\system32\rpgdbble.dll
;===================================================================================================================================================================================
SUSPECTS
Sent Location T
;===================================================================================================================================================================================
;===================================================================================================================================================================================
VULNERABILITIES
Id Severity Description T
;===================================================================================================================================================================================
;===================================================================================================================================================================================

je te remerci pour ton aide la je vais devoir m absenter jusqu'a demain encor merci

bonjour voici le rapport en mode sans echec

Malwarebytes' Anti-Malware 1.30
Version de la base de données: 1332
Windows 5.1.2600 Service Pack 3

30/10/2008 10:20:18
mbam-log-2008-10-30 (10-20-18).txt

Type de recherche: Examen complet (C:\|E:\|F:\|G:\|)
Eléments examinés: 81715
Temps écoulé: 6 minute(s), 12 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)

Bonjour,

Je pense que tous est ordre maintenant et que le dernier rapport doit être correct,
je te remercie pour toutes l'aide que tu m'a apporté.

-Bonjour
il est un peut lent
mais sa fonction mieux

voici le rapport

Scan saved at 17:21:12, on 19/11/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\EPSON\Creativity Suite\Event Manager\EEventManager.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
C:\Program Files\Kiwee Toolbar\2.8.167\kwtbaim.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Windows\LSD\LClock\lclock.exe
C:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe
C:\Program Files\VoipBuster.com\VoipBuster\VoipBuster.exe
C:\Program Files\Hewlett-Packard\AiO\hp officejet g series\Bin\hpoavn07.exe
C:\WINDOWS\system32\sistray.exe
C:\Documents and Settings\Internet\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe
C:\Documents and Settings\Internet\Application Data\Microsoft\Live Search\Mise-a-jour-LiveSearch.exe
C:\PROGRA~1\HEWLET~1\AiO\Shared\Bin\hpoevm07.exe
C:\Program Files\Hewlett-Packard\AiO\Shared\bin\hpOSTS07.exe
C:\Program Files\Hewlett-Packard\AiO\Shared\bin\hpOFXM07.exe
C:\Program Files\AGI\common\win32\PythonService.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\system32\IoctlSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\hpoipm07.exe
E:\chronometre\TimeLeft3\TimeLeft.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Internet\Bureau\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?redirfallthru=http%3a%2f%2fwww.msn.fr%2fimg%2ffr%2ffr-fr%2fdivertissement%2fcelebrites%2fgalery%2fwentworth02.jpg%3f
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: AGSearchHook Class - {0BC6E3FA-78EF-4886-842C-5A1258C4455A} - C:\Program Files\AGI\common\agcutils.dll
O2 - BHO: AGSearchHook Class - {0BC6E3FA-78EF-4886-842C-5A1258C4455A} - C:\Program Files\AGI\common\agcutils.dll
O2 - BHO: Kiwee Toolbar - {6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - C:\Program Files\Kiwee Toolbar\2.8.167\KiweeIEToolbar.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Kiwee Toolbar - {6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - C:\Program Files\Kiwee Toolbar\2.8.167\KiweeIEToolbar.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [SiSPower] Rundll32.exe SiSPower.dll,ModeAgent
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [EEventManager] C:\Program Files\EPSON\Creativity Suite\Event Manager\EEventManager.exe
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe"
O4 - HKLM\..\Run: [KiweeHook] "C:\Program Files\Kiwee Toolbar\2.8.167\kwtbaim.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LClock] C:\Windows\LSD\LClock\lclock.exe
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKCU\..\Run: [VoipBuster] "C:\Program Files\VoipBuster.com\VoipBuster\VoipBuster.exe" -nosplash -minimized
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [WinLSD_SP3] %systemroot%\LSD\end.cmd (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-20\..\RunOnce: [WinLSD_SP3] %systemroot%\LSD\end.cmd (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [WinLSD_SP3] %systemroot%\LSD\end.cmd (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [WinLSD_SP3] %systemroot%\LSD\end.cmd (User 'Default user')
O4 - Startup: Outil de notification Live Search.lnk = C:\Documents and Settings\Internet\Application Data\Microsoft\Live Search\Notification-LiveSearch.exe
O4 - Startup: TimeLeft.lnk = E:\chronometre\TimeLeft3\TimeLeft.exe
O4 - Global Startup: HPAiODevice(hp officejet g series) - 1.lnk = C:\Program Files\Hewlett-Packard\AiO\hp officejet g series\Bin\hpoavn07.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Utility Tray.lnk = C:\WINDOWS\system32\sistray.exe
O8 - Extra context menu item: Ajouter à Kaspersky Anti-Bannière - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\ie_banner_deny.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Statistiques d’Anti-Virus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\SCIEPlgn.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O23 - Service: AG Windows Service (AGWinService) - Unknown owner - C:\Program Files\AGI\common\win32\PythonService.exe
O23 - Service: Kaspersky Internet Security 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe

j'ai déjà exécuter cette manœuvre mais toujours la même réponse
merci snoupy59

Merci pour la rapidité
Comment je fait pour supprimer a savoir que je suis novice
merci snoupy589