Sujet Précédent Sujet Suivant

Se débarasser de Antivirus Antispyware 2011

Fermé
emy110891 Messages postés 5 Date d'inscription lundi 4 juillet 2011 Statut Membre Dernière intervention 4 juillet 2011 - 4 juil. 2011 à 15:38
 Utilisateur anonyme - 5 juil. 2011 à 16:05
Bonjour,

Je souhaiterai me débarasser de Antivirus Antispyware 2011 mais je n'y connais absolument rien :-(.
J'ai téléchargé GridinSoft Trojan Killer v.2.0.9.5 afin d'avoir un rapport (voir ci-dessous) mais je ne sais pas vraiment quoi en faire... Et je n'ai apparemment pas que ça comme virus...

Pourriez-vous SVP m'aider.
D'avance merci pour votre aide :-).
Emilie


GridinSoft Trojan Killer v.2.0.9.5
Report file date: 04/07/2011 12:59:35

Scanning for 411051 virus strains and unwanted programs.

Licensed: UNREGISTERED
Windows version: Microsoft Windows XP (version 5.1)
Username: EMILIE
Computer name:

Starting the file scan:

Memory:process 2356 securityhelper.exe (Mal/Fraud!se872-1) - terminated
----- C:\Documents and Settings\ EMILIE\Application Data\AntiVirus AntiSpyware 2011\securityhelper.exe ---- General
Mal/Fraud!se872-1
MD5: E0952E5BDFB2E7E718F9B0EB4DA40112:2842115
RIC: 415D350BB4FC6B9E4DB60E10E3D525F2:21200
EP: 81 EC 10 02 00 00 53 55 56 68 9C 28 00 00 51 68 C3 2C 00 00 E8 9E 1B 00 00 57 8D 44 24 10 50 33 DB 53 81 94 24 D0 F7 FF FF F5 79 00 00 C1 B4 24 00 EF FF FF 0A 50 B8 63 00 00 00 83 F8 00 0F 84 8A
SEC:
.itext:40000040:8E15645DE0BE3F5D069853C4BB5FA45D:512
.text:60000060:77D4AE484F01712834E1FC6D32291313:6656
.data:E0000060:BAE5A6446FF4B8DECA4FB30277E7F864:26112
.rsrc:40000040:E3806AE2717F69D2601517A0601E2A20:2805760
.reloc:42000040:6C5249F475FE43233DBDFE8CD91496C6:2048


Memory:process 2644 securitymanager.exe (Mal/Fraud!se872-1) - terminated
----- C:\Documents and Settings\ EMILIE\Application Data\AntiVirus AntiSpyware 2011\securitymanager.exe ---- General
Mal/Fraud!se872-1
MD5: 1051561E61FFD85BBD226BD3976FB0E2:101888
RIC: D56C4A3CADD96995A5D66341820401DA:1384
EP: 81 EC 10 02 00 00 53 55 56 57 81 9C 24 A0 FD FF FF 18 04 00 00 8D 44 24 10 52 33 D2 81 C2 54 87 00 00 81 C2 74 57 00 00 69 D2 33 4D 00 00 68 05 23 00 00 56 53 E8 FE 34 00 00 81 C2 0C 7A 00 00 C1
SEC:
.itext:40000040:0DC061AD94C5CEFE8A84BE77349F135F:512
.text:60000060:77D4AE484F01712834E1FC6D32291313:6656
.data:E0000060:7DC5C86AEEBA85351F0BFCBBD6345636:24576
.rsrc:40000040:64191E2B45CD594F2E640E13761A3746:67072
.reloc:42000040:6E70A05044602879E36BC48EFA727A48:2048


Memory:process 2636 AntiVirus AntiSpyware.exe (Mal/Fraud!se872-2) - terminated
----- C:\Documents and Settings\ EMILIE\Application Data\AntiVirus AntiSpyware 2011\AntiVirus AntiSpyware.exe ---- General
Mal/Fraud!se872-2
ProdVer: 4, 1, 0, 5
FileVer: 4, 1, 0, 5
Name : AntiVirus AntiSpyware 2011
Company: Tech Software Ltd.
NAC: 722A812037124B4A93696F786FE42D47:44
MD5: A2603E991D5A9876DAD3B6689037A3E8:2623488
RIC: 54E86029A187D877523C5199ECCCB229:124178
EP: 81 EC 10 02 00 00 53 55 56 53 68 FE 25 00 00 53 E8 91 16 00 00 57 8D 44 24 10 50 50 0F BA 35 A8 9B 40 00 0A B8 A7 4B 00 00 81 E0 EC 8E 00 00 C1 C0 01 81 F0 6A 60 00 00 0F BA AC 24 F0 EB FF FF 1F
SEC:
.itext:40000040:65F867600AF6F7DAA97E48D03C1453CE:512
.text:60000060:77D4AE484F01712834E1FC6D32291313:6656
.data:E0000060:A1609CDA5A2C718817CE3BD90FDBC163:25600
.tls:C0000040:B2A3C5ED1BEDFECE5A7D4AE5148A3332:512
.rsrc:40000040:CCB433723E269C466160E0DB043A46D3:2587136
.reloc:42000040:8D736526B6D4D34AC241EC70BA849194:2048


Startup collected
BHO plugins collected
Service collected
ActiveX collected
Files collected
Scanning process...
----- c:\documents and settings\ emilie\application data\antivirus antispyware 2011\antivirus antispyware.exe ---- Startup
Threat
AntiVirus AntiSpyware 2011
MD5: A2603E991D5A9876DAD3B6689037A3E8:2623488
RIC: 54E86029A187D877523C5199ECCCB229:124178
EP: 81 EC 10 02 00 00 53 55 56 53 68 FE 25 00 00 53 E8 91 16 00 00 57 8D 44 24 10 50 50 0F BA 35 A8 9B 40 00 0A B8 A7 4B 00 00 81 E0 EC 8E 00 00 C1 C0 01 81 F0 6A 60 00 00 0F BA AC 24 F0 EB FF FF 1F
SEC:
.itext:40000040:65F867600AF6F7DAA97E48D03C1453CE:512
.text:60000060:77D4AE484F01712834E1FC6D32291313:6656
.data:E0000060:A1609CDA5A2C718817CE3BD90FDBC163:25600
.tls:C0000040:B2A3C5ED1BEDFECE5A7D4AE5148A3332:512
.rsrc:40000040:CCB433723E269C466160E0DB043A46D3:2587136
.reloc:42000040:8D736526B6D4D34AC241EC70BA849194:2048


----- c:\documents and settings\ emilie\application data\antivirus antispyware 2011\securitymanager.exe ---- Startup
Threat
AntiVirus AntiSpyware 2011 Security
MD5: 1051561E61FFD85BBD226BD3976FB0E2:101888
RIC: D56C4A3CADD96995A5D66341820401DA:1384
EP: 81 EC 10 02 00 00 53 55 56 57 81 9C 24 A0 FD FF FF 18 04 00 00 8D 44 24 10 52 33 D2 81 C2 54 87 00 00 81 C2 74 57 00 00 69 D2 33 4D 00 00 68 05 23 00 00 56 53 E8 FE 34 00 00 81 C2 0C 7A 00 00 C1
SEC:
.itext:40000040:0DC061AD94C5CEFE8A84BE77349F135F:512
.text:60000060:77D4AE484F01712834E1FC6D32291313:6656
.data:E0000060:7DC5C86AEEBA85351F0BFCBBD6345636:24576
.rsrc:40000040:64191E2B45CD594F2E640E13761A3746:67072
.reloc:42000040:6E70A05044602879E36BC48EFA727A48:2048


----- c:\windows\system32\klfsvjbv.dll ---- BHO
Threat
Mal/Fraud!se741
MD5: 6C02715E1ADE727E6512C16A74B03583:821248
EP: 83 EC 04 50 53 E8 01 00 00 00 CC 58 89 C3 40 2D 00 40 0B 00 2D 17 18 60 00 05 0C 18 60 00 80 3B CC 75 19 C6 03 00 BB 00 10 00 00 68 B7 55 F1 47 68 8C CD 33 17 53 50 E8 0A 00 00 00 83 C0 00 89 44
SEC:
:E0000040:D684A7B970800E595331B819ADCC9160:77312
.edata:50000040:BF619EAC0CDF3F68D496EA9344137E8B:512
.rsrc:C0000040:C6494E76D56EAF6E6C694638ADD7A044:1536
.idata :C0000040:0D2930F406853AA14FC11429FFA5EB62:512
:E0000040:FCB0F6DEF6FB44116EA2B849CA8F4EE4:512
ezhlnxk:E0000040:D2AD0045B8EA1646F8E509AEB2347401:736256
thezcpw:E0000040:4D4DF326D896C14D4B54820457D2133B:512


----- C:\Documents and Settings\ EMILIE\local settings\temp\kn.a.exe ---- General
Rogue.DesktopSecurity2010
MD5: D8B91C3FD6E334ED39FCDDCDDEE3878A:4096
EP: 00
SEC:
.text:60000020:D2A70550489DE356A2CD6BFC40711204:3072
.rdata:40000040:00000000000000000000000000000000:185856
:C0000040:00000000000000000000000000000000:0
:C0000040:00000000000000000000000000000000:0
:40000040:00000000000000000000000000000000:0


----- HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a078f691-9c07-4af2-bf43-35e79eecf8b7} ---- Registry
Adware.Softomate


----- HKLM\SYSTEM\ControlSet001\Enum\Root\LEGACY_NWCWORKSTATION ---- Registry
Virus.Virut


----- HKLM\SYSTEM\ControlSet001\Services\NWCWorkstation ---- Registry
Virus.Virut


----- HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_NWCWORKSTATION ---- Registry
Virus.Virut


----- HKLM\SYSTEM\CurrentControlSet\Services\NWCWorkstation ---- Registry
Virus.Virut


----- C:\Documents and Settings\ EMILIE\Application Data\antivirus antispyware 2011\securityhelper.exe ---- General
FakeAVs.AAS2011
MD5: E0952E5BDFB2E7E718F9B0EB4DA40112:2842115
RIC: 415D350BB4FC6B9E4DB60E10E3D525F2:21200
EP: 81 EC 10 02 00 00 53 55 56 68 9C 28 00 00 51 68 C3 2C 00 00 E8 9E 1B 00 00 57 8D 44 24 10 50 33 DB 53 81 94 24 D0 F7 FF FF F5 79 00 00 C1 B4 24 00 EF FF FF 0A 50 B8 63 00 00 00 83 F8 00 0F 84 8A
SEC:
.itext:40000040:8E15645DE0BE3F5D069853C4BB5FA45D:512
.text:60000060:77D4AE484F01712834E1FC6D32291313:6656
.data:E0000060:BAE5A6446FF4B8DECA4FB30277E7F864:26112
.rsrc:40000040:E3806AE2717F69D2601517A0601E2A20:2805760
.reloc:42000040:6C5249F475FE43233DBDFE8CD91496C6:2048


----- C:\Documents and Settings\ EMILIE\Application Data\antivirus antispyware 2011\antivirus antispyware.exe ---- General
FakeAVs.AAS2011
ProdVer: 4, 1, 0, 5
FileVer: 4, 1, 0, 5
Name : AntiVirus AntiSpyware 2011
Company: Tech Software Ltd.
NAC: 722A812037124B4A93696F786FE42D47:44
MD5: A2603E991D5A9876DAD3B6689037A3E8:2623488
RIC: 54E86029A187D877523C5199ECCCB229:124178
EP: 81 EC 10 02 00 00 53 55 56 53 68 FE 25 00 00 53 E8 91 16 00 00 57 8D 44 24 10 50 50 0F BA 35 A8 9B 40 00 0A B8 A7 4B 00 00 81 E0 EC 8E 00 00 C1 C0 01 81 F0 6A 60 00 00 0F BA AC 24 F0 EB FF FF 1F
SEC:
.itext:40000040:65F867600AF6F7DAA97E48D03C1453CE:512
.text:60000060:77D4AE484F01712834E1FC6D32291313:6656
.data:E0000060:A1609CDA5A2C718817CE3BD90FDBC163:25600
.tls:C0000040:B2A3C5ED1BEDFECE5A7D4AE5148A3332:512
.rsrc:40000040:CCB433723E269C466160E0DB043A46D3:2587136
.reloc:42000040:8D736526B6D4D34AC241EC70BA849194:2048


----- C:\Documents and Settings\ EMILIE\Application Data\antivirus antispyware 2011\securitymanager.exe ---- General
fakeAVx.AntiVirusAntiSpyware2011
MD5: 1051561E61FFD85BBD226BD3976FB0E2:101888
RIC: D56C4A3CADD96995A5D66341820401DA:1384
EP: 81 EC 10 02 00 00 53 55 56 57 81 9C 24 A0 FD FF FF 18 04 00 00 8D 44 24 10 52 33 D2 81 C2 54 87 00 00 81 C2 74 57 00 00 69 D2 33 4D 00 00 68 05 23 00 00 56 53 E8 FE 34 00 00 81 C2 0C 7A 00 00 C1
SEC:
.itext:40000040:0DC061AD94C5CEFE8A84BE77349F135F:512
.text:60000060:77D4AE484F01712834E1FC6D32291313:6656
.data:E0000060:7DC5C86AEEBA85351F0BFCBBD6345636:24576
.rsrc:40000040:64191E2B45CD594F2E640E13761A3746:67072
.reloc:42000040:6E70A05044602879E36BC48EFA727A48:2048


----- C:\Documents and Settings\ EMILIE\Application Data\microsoft\internet explorer\quick launch\antivirus antispyware 2011.lnk ---- General
FakeAVs.AntiVirusAntiSpyware2011
MD5: 5FFE55BE4B99748CFED65CD2B1675DA2:1997
EP: 00
SEC:


----- C:\Documents and Settings\ EMILIE\Application Data\AntiVirus AntiSpyware 2011\AntiVirus AntiSpyware.exe ---- General
FakeAVs.AntiVirusAntiSpyware2011
ProdVer: 4, 1, 0, 5
FileVer: 4, 1, 0, 5
Name : AntiVirus AntiSpyware 2011
Company: Tech Software Ltd.
NAC: 722A812037124B4A93696F786FE42D47:44
MD5: A2603E991D5A9876DAD3B6689037A3E8:2623488
RIC: 54E86029A187D877523C5199ECCCB229:124178
EP: 81 EC 10 02 00 00 53 55 56 53 68 FE 25 00 00 53 E8 91 16 00 00 57 8D 44 24 10 50 50 0F BA 35 A8 9B 40 00 0A B8 A7 4B 00 00 81 E0 EC 8E 00 00 C1 C0 01 81 F0 6A 60 00 00 0F BA AC 24 F0 EB FF FF 1F
SEC:
.itext:40000040:65F867600AF6F7DAA97E48D03C1453CE:512
.text:60000060:77D4AE484F01712834E1FC6D32291313:6656
.data:E0000060:A1609CDA5A2C718817CE3BD90FDBC163:25600
.tls:C0000040:B2A3C5ED1BEDFECE5A7D4AE5148A3332:512
.rsrc:40000040:CCB433723E269C466160E0DB043A46D3:2587136
.reloc:42000040:8D736526B6D4D34AC241EC70BA849194:2048


----- C:\Documents and Settings\ EMILIE\Application Data\antivirus antispyware 2011\icoactivate.ico ---- General
fakeAVx.AntiVirusAntiSpyware2011
MD5: ED9D69241DF81A3B4AEF12F94BAFC091:894
EP: 00
SEC:


----- C:\Documents and Settings\ EMILIE\Application Data\antivirus antispyware 2011\icohelp.ico ---- General
fakeAVx.AntiVirusAntiSpyware2011
MD5: 12259CDE3AF9398181080A704A735F4C:894
EP: 00
SEC:


----- C:\Documents and Settings\ EMILIE\Application Data\antivirus antispyware 2011\icouninstall.ico ---- General
fakeAVx.AntiVirusAntiSpyware2011
MD5: B1E21AF71FA9721CACF88232D20E17C4:894
EP: 00
SEC:


----- HKCU\Software\AntiVirus AntiSpyware 2011 ---- Registry
fakeAVx.AntiVirusAntiSpyware2011


----- HKCU\Software\Microsoft\Windows\CurrentVersion\Run "AntiVirus AntiSpyware 2011" ---- Registry
fakeAVx.AntiVirusAntiSpyware2011


----- HKCU\Software\Microsoft\Windows\CurrentVersion\Run "AntiVirus AntiSpyware 2011 Security" ---- Registry
fakeAVx.AntiVirusAntiSpyware2011


----- HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\AntiVirus AntiSpyware 2011 ---- Registry
fakeAVx.AntiVirusAntiSpyware2011


----- C:\Documents and Settings\ EMILIE\Application Data\Microsoft\Internet Explorer\Quick Launch\AntiVirus AntiSpyware 2011.lnk ---- General
Mal/Fraud!se872-2
MD5: 5FFE55BE4B99748CFED65CD2B1675DA2:1997
EP: 00
SEC:


----- C:\Documents and Settings\ EMILIE\Local Settings\Temp\02c9c3c35bdx5.exe ---- General
Broken.Executable (Broken PE file - Section 1 starts beyond the end of file (Offset@ A5C00, Total filesize 47104)
MD5: 84F5233352889A981F07ACAED49A7F79:47104
EP: 00
SEC:
.text:60000020:CC86247AB92D6B0EE85994C4CFB86A13:46080
.rdata:40000040:00000000000000000000000000000000:185856
:C0000040:00000000000000000000000000000000:0
:C0000040:00000000000000000000000000000000:0
:40000040:00000000000000000000000000000000:0


----- C:\Documents and Settings\ EMILIE\Local Settings\Temp\17dkf.exe ---- General
Broken.Executable (Broken PE file - Section 1 starts beyond the end of file (Offset@ A5C00, Total filesize 100352)
MD5: 28A9C92FFD74985A0E501034A332D16D:100352
EP: 00
SEC:
.text:60000020:BE31251EFE49245E17464F3973BF0ED0:99328
.rdata:40000040:00000000000000000000000000000000:185856
:C0000040:00000000000000000000000000000000:0
:C0000040:00000000000000000000000000000000:0
:40000040:00000000000000000000000000000000:0


----- C:\Documents and Settings\ EMILIE\Local Settings\Temp\1iowieoo.exe ---- General
Broken.Executable (Broken PE file - Section 1 starts beyond the end of file (Offset@ A5C00, Total filesize 39936)
MD5: 6044B38B4DE04C20CEDCCA650D414314:39936
EP: 00
SEC:
.text:60000020:2774C9725B0329FCD5BD1FFA89DE4088:38912
.rdata:40000040:00000000000000000000000000000000:185856
:C0000040:00000000000000000000000000000000:0
:C0000040:00000000000000000000000000000000:0
:40000040:00000000000000000000000000000000:0


----- C:\Documents and Settings\ EMILIE\Local Settings\Temp\472a10e2ebxd9.exe ---- General
Broken.Executable (Broken PE file - Section 1 starts beyond the end of file (Offset@ A5C00, Total filesize 45056)
MD5: 658D3996D0E641D2FE03F987FC3D0D1A:45056
EP: 00
SEC:
.text:60000020:28F561CEFFD273721303C9C7EE8D7689:44032
.rdata:40000040:00000000000000000000000000000000:185856
:C0000040:00000000000000000000000000000000:0
:C0000040:00000000000000000000000000000000:0
:40000040:00000000000000000000000000000000:0


----- C:\Documents and Settings\ EMILIE\Local Settings\Temp\8gmsed-bd.exe ---- General
Broken.Executable (Broken PE file - Section 1 starts beyond the end of file (Offset@ A5C00, Total filesize 56320)
MD5: F1F1946A0C8F733607599F73525C53FE:56320
EP: 00
SEC:
.text:60000020:66BE9BA6E9D3B455E94B5F984A74C5E9:55296
.rdata:40000040:00000000000000000000000000000000:185856
:C0000040:00000000000000000000000000000000:0
:C0000040:00000000000000000000000000000000:0
:40000040:00000000000000000000000000000000:0


----- C:\Documents and Settings\ EMILIE\Local Settings\Temp\ae0965a7157cd.exe ---- General
Broken.Executable (Broken PE file - Section 1 starts beyond the end of file (Offset@ A5C00, Total filesize 46080)
MD5: 940738C9DD90BFA18B3923EE54F02D94:46080
EP: 00
SEC:
.text:60000020:C0ABDE1E46A3FA91BBEAD39B1D8322D9:45056
.rdata:40000040:00000000000000000000000000000000:185856
:C0000040:00000000000000000000000000000000:0
:C0000040:00000000000000000000000000000000:0
:40000040:00000000000000000000000000000000:0


----- C:\Documents and Settings\ EMILIE\Local Settings\Temp\al3erfa3.exe ---- General
Broken.Executable (Broken PE file - Section 1 starts beyond the end of file (Offset@ A5C00, Total filesize 25600)
MD5: 07085BA606649DF808E9637678E6A512:25600
EP: 00
SEC:
.text:60000020:E8694463B20218D92BFDD94C1884EF99:24576
.rdata:40000040:00000000000000000000000000000000:185856
:C0000040:00000000000000000000000000000000:0
:C0000040:00000000000000000000000000000000:0
:40000040:00000000000000000000000000000000:0


----- C:\Documents and Settings\ EMILIE\Local Settings\Temp\alerfa2.exe ---- General
Broken.Executable (Broken PE file - Section 1 starts beyond the end of file (Offset@ A5C00, Total filesize 24576)
MD5: 837F39B2E0CFB707B3ED840A87092A52:24576
EP: 00
SEC:
.text:60000020:472CF86F28C901EE159B49CB8254D5FD:23552
.rdata:40000040:00000000000000000000000000000000:185856
:C0000040:00000000000000000000000000000000:0
:C0000040:00000000000000000000000000000000:0
:40000040:00000000000000000000000000000000:0


----- C:\Documents and Settings\ EMILIE\Local Settings\Temp\altedf.exe ---- General
Broken.Executable (Broken PE file - Section 1 starts beyond the end of file (Offset@ A5C00, Total filesize 64512)
MD5: 79CC1051FC8840BE498025840A0A1793:64512
EP: 00
SEC:
.text:60000020:44F0E55BD7639E54916F5113DC434629:63488
.rdata:40000040:00000000000000000000000000000000:185856
:C0000040:00000000000000000000000000000000:0
:C0000040:00000000000000000000000000000000:0
:40000040:00000000000000000000000000000000:0


----- C:\Documents and Settings\ EMILIE\Local Settings\Temp\aqfitrlxi2.exe ---- General
Broken.Executable (Broken PE file - Section 1 starts beyond the end of file (Offset@ A5C00, Total filesize 43008)
MD5: 997CD35282DB2AB242939C1B11E369E7:43008
EP: 00
SEC:
.text:60000020:DDB58F2186E9E3DCC7526A903B22EE25:41984
.rdata:40000040:00000000000000000000000000000000:185856
:C0000040:00000000000000000000000000000000:0
:C0000040:00000000000000000000000000000000:0
:40000040:00000000000000000000000000000000:0


----- C:\Documents and Settings\ EMILIE\Local Settings\Temp\brdss.exe ---- General
Broken.Executable (Broken PE file - Section 1 starts beyond the end of file (Offset@ A5C00, Total filesize 70656)
MD5: CE848FC6E2EA9F3BDA4F7CDB180F5EFC:70656
EP: 00
SEC:
.text:60000020:913A44A6830E709739BC1F1455FD0169:69632
.rdata:40000040:00000000000000000000000000000000:185856
:C0000040:00000000000000000000000000000000:0
:C0000040:00000000000000000000000000000000:0
:40000040:00000000000000000000000000000000:0


----- C:\Documents and Settings\ EMILIE\Local Settings\Temp\bzqa43d.exe ---- General
Broken.Executable (Broken PE file - Section 1 starts beyond the end of file (Offset@ A5C00, Total filesize 55296)
MD5: 14B75B80EDE99EF0D2BA44E6E57E0CAB:55296
EP: 00
SEC:
.text:60000020:CF8489C8CE6BB672585FD695A10415E4:54272
.rdata:40000040:00000000000000000000000000000000:185856
:C0000040:00000000000000000000000000000000:0
:C0000040:00000000000000000000000000000000:0
:40000040:00000000000000000000000000000000:0


----- C:\Documents and Settings\ EMILIE\Local Settings\Temp\cffd4.exe ---- General
Broken.Executable (Broken PE file - Section 1 starts beyond the end of file (Offset@ A5C00, Total filesize 91136)
MD5: 4DF248F9665858CA237E6D7E877CA248:91136
EP: 00
SEC:
.text:60000020:03D162735B0C8C8F0547A10033D8718A:90112
.rdata:40000040:00000000000000000000000000000000:185856
:C0000040:00000000000000000000000000000000:0
:C0000040:00000000000000000000000000000000:0
:40000040:00000000000000000000000000000000:0


----- C:\Documents and Settings\ EMILIE\Local Settings\Temp\cocksucker.exe ---- General
Broken.Executable (Broken PE file - Section 1 starts beyond the end of file (Offset@ A5C00, Total filesize 80896)
MD5: 13FD069B7101A08E049D5018DDBA0A29:80896
EP: 00
SEC:
.text:60000020:94CD481AD957C71DD2426B245051DA03:79872
.rdata:40000040:00000000000000000000000000000000:185856
:C0000040:00000000000000000000000000000000:0
:C0000040:00000000000000000000000000000000:0
:40000040:00000000000000000000000000000000:0


----- C:\Documents and Settings\ EMILIE\Local Settings\Temp\cosock.exe ---- General
Broken.Executable (Broken PE file - Section 1 starts beyond the end of file (Offset@ A5C00, Total filesize 73728)
MD5: 3B4B188DC51C4E8EA79B513098D4AF80:73728
EP: 00
SEC:
.text:60000020:C9EEB7D897C7F162EBDF6FCC771143D5:72704
.rdata:40000040:00000000000000000000000000000000:185856
:C0000040:00000000000000000000000000000000:0
:C0000040:00000000000000000000000000000000:0
:40000040:00000000000000000000000000000000:0


----- C:\Documents and Settings\ EMILIE\Local Settings\Temp\cowceb.exe ---- General
Broken.Executable (Broken PE file - Section 1 starts beyond the end of file (Offset@ A5C00, Total filesize 28672)
MD5: 47D6BD9CAB03E5F75B340D0BF3FEF5AC:28672
EP: 00
SEC:
.text:60000020:22E89C1AFBEA8B4D878460C06B4058B9:27648
.rdata:40000040:00000000000000000000000000000000:185856
:C0000040:00000000000000000000000000000000:0
:C0000040:00000000000000000000000000000000:0
:40000040:00000000000000000000000000000000:0


----- C:\Documents and Settings\ EMILIE\Local Settings\Temp\cunifuc.exe ---- General
Broken.Executable (Broken PE file - Section 1 starts beyond the end of file (Offset@ A5C00, Total filesize 37888)
MD5: F983E92E32D0BB136DB7193E7C7F6D91:37888
EP: 00
SEC:
.text:60000020:FFFD91073DF8840D13735FDD38795914:36864
.rdata:40000040:00000000000000000000000000000000:185856
:C0000040:00000000000000000000000000000000:0
:C0000040:00000000000000000000000000000000:0
:40000040:00000000000000000000000000000000:0


----- C:\Documents and Settings\ EMILIE\Local Settings\Temp\d20mes.exe ---- General
Broken.Executable (Broken PE file - Section 1 starts beyond the end of file (Offset@ A5C00, Total filesize 61440)
MD5: 002D5A1AD1313E9613790BEC2A16F037:61440
EP: 00
SEC:
.text:60000020:615771BCC7300619C687756650881EC4:60416
.rdata:40000040:00000000000000000000000000000000:185856
:C0000040:00000000000000000000000000000000:0
:C0000040:00000000000000000000000000000000:0
:40000040:00000000000000000000000000000000:0


----- C:\Documents and Settings\ EMILIE\Local Settings\Temp\dc_3.exe ---- General
Broken.Executable (Broken PE file - Section 1 starts beyond the end of file (Offset@ A5C00, Total filesize 63488)
MD5: A73DFA90D744CC54231DF09697363432:63488
EP: 00
SEC:
.text:60000020:F703042AC2E93D53231C30A5A872C219:62464
.rdata:40000040:00000000000000000000000000000000:185856
:C0000040:00000000000000000000000000000000:0
:C0000040:00000000000000000000000000000000:0
:40000040:00000000000000000000000000000000:0


----- C:\Documents and Settings\ EMILIE\Local Settings\Temp\dd10x10.exe ---- General
Broken.Executable (Broken PE file - Section 1 starts beyond the end of file (Offset@ A5C00, Total filesize 33792)
MD5: 7697B0BC383149C69062C7B89D7FC1CB:33792
EP: 00
SEC:
.text:60000020:AF2BBD7B2CF883AD4E4A7E10C9C454DE:32768
.rdata:40000040:00000000000000000000000000000000:185856
:C0000040:00000000000000000000000000000000:0
:C0000040:00000000000000000000000000000000:0
:40000040:00000000000000000000000000000000:0


----- C:\Documents and Settings\ EMILIE\Local Settings\Temp\ddoll3342.exe ---- General
Broken.Executable (Broken PE file - Section 1 starts beyond the end of file (Offset@ A5C00, Total filesize 40960)
MD5: 1DD23599ADE58CDE940CB6BD9863EF64:40960
EP: 00
SEC:
.text:60000020:EA10394341AF04102B897CA8FD1592C4:39936
.rdata:40000040:00000000000000000000000000000000:185856
:C0000040:00000000000000000000000000000000:0
:C0000040:00000000000000000000000000000000:0
:40000040:00000000000000000000000000000000:0


----- C:\Documents and Settings\ EMILIE\Local Settings\Temp\destroyer.exe ---- General
Broken.Executable (Broken PE file - Section 1 starts beyond the end of file (Offset@ A5C00, Total filesize 95232)
MD5: E416A0A5FE8C1DAA590D73110361B628:95232
EP: 00
SEC:
.text:60000020:76E022BA53E05273E0DC09EBD71EF257:94208
.rdata:40000040:00000000000000000000000000000000:185856
:C0000040:00000000000000000000000000000000:0
:C0000040:00000000000000000000000000000000:0
:40000040:00000000000000000000000000000000:0


----- C:\Documents and Settings\ EMILIE\Local Settings\Temp\dffuck.exe ---- General
Broken.Executable (Broken PE file - Section 1 starts beyond the end of file (Offset@ A5C00, Total filesize 94208)
MD5: 615D22CAE89D74102C613D4348024C01:94208
EP: 00
SEC:
.text:60000020:6F454B7C0C69BA69F45ECDD4E036C739:93184
.rdata:40000040:00000000000000000000000000000000:185856
:C0000040:00000000000000000000000000000000:0
:C0000040:00000000000000000000000000000000:0
:40000040:00000000000000000000000000000000:0


----- C:\Documents and Settings\ EMILIE\Local Settings\Temp\ds7hw.exe ---- General
Broken.Executable (Broken PE file - Section 1 starts beyond the end of file (Offset@ A5C00, Total filesize 26624)
MD5: 174080F52AFD20EEDB2A83A02DDFA513:26624
EP: 00
SEC:
.text:60000020:8D3A8FF41AA63143A429BEF7BAE9294B:25600
.rdata:40000040:00000000000000000000000000000000:185856
:C0000040:00000000000000000000000000000000:0
:C0000040:00000000000000000000000000000000:0
:40000040:00000000000000000000000000000000:0


----- C:\Documents and Settings\ EMILIE\Local Settings\Temp\eelnvd13.exe ---- General
Broken.Executable (Broken PE file - Section 1 starts beyond the end of file (Offset@ A5C00, Total filesize 50176)
MD5: 4EB447BA9EBD5A9C0C522C9A2DCA7DDD:50176
EP: 00
SEC:
.text:60000020:797D1D3948747A520FF20D082FF70B83:49152
.rdata:40000040:00000000000000000000000000000000:185856
:C0000040:00000000000000000000000000000000:0
:C0000040:00000000000000000000000000000000:0
:40000040:00000000000000000000000000000000:0


----- C:\Documents and Settings\ EMILIE\Local Settings\Temp\exppdf_w.exe ---- General
Broken.Executable (Broken PE file - Section 1 starts beyond the end of file (Offset@ A5C00, Total filesize 8192)
MD5: 75F987A9318F09F8A898DCA3DFA55A73:8192
EP: 00
SEC:
.text:60000020:E326B0CC6E566143B42FEEE0F5DD99F9:7168
.rdata:40000040:00000000000000000000000000000000:185856
:C0000040:00000000000000000000000000000000:0
:C0000040:00000000000000000000000000000000:0
:40000040:00000000000000000000000000000000:0


----- C:\Documents and Settings\ EMILIE\Local Settings\Temp\fadz43.exe ---- General
Broken.Executable (Broken PE file - Section 1 starts beyond the end of file (Offset@ A5C00, Total filesize 20480)
MD5: 797D06BC6F30E815C8B74ACA85AE4739:20480
EP: 00
SEC:
.text:60000020:BDF13D41ED40C0ED78FE4F74FB91CA84:19456
.rdata:40000040:00000000000000000000000000000000:185856
:C0000040:00000000000000000000000000000000:0
:C0000040:00000000000000000000000000000000:0
:40000040:00000000000000000000000000000000:0


----- C:\Documents and Settings\ EMILIE\Local Settings\Temp\fe.exe ---- General
Broken.Executable (Broken PE file - Section 1 starts beyond the end of file (Offset@ A5C00, Total filesize 90112)
MD5: 45B04DE9F9E0E70718B6D5312F209DE6:90112
EP: 00
SEC:
.text:60000020:53E38F622DC306065A441A988CD84AC8:89088
.rdata:40000040:00000000000000000000000000000000:185856
:C0000040:00000000000000000000000000000000:0
:C0000040:00000000000000000000000000000000:0
:40000040:00000000000000000000000000000000:0


----- C:\Documents and Settings\ EMILIE\Local Settings\Temp\format.exe ---- General
Broken.Executable (Broken PE file - Section 1 starts beyond the end of file (Offset@ A5C00, Total filesize 97280)
MD5: 0058BF94097A0298B017BE2FD99DBB22:97280
EP: 00
SEC:
.text:60000020:AE6589E5EE7DC76644D9CF4325CA8C9C:96256
.rdata:40000040:00000000000000000000000000000000:185856
:C0000040:00000000000000000000000000000000:0
:C0000040:00000000000000000000000000000000:0
:40000040:00000000000000000000000000000000:0


----- C:\Documents and Settings\ EMILIE\Local Settings\Temp\gpupz2a.exe ---- General
Broken.Executable (Broken PE file - Section 1 starts beyond the end of file (Offset@ A5C00, Total filesize 16384)
MD5: F11F6AA5FBECD385068FE892C236CAA6:16384
EP: 00
SEC:
.text:60000020:C9D57A20A6A4FC110E7A57F6420D1FD2:15360
.rdata:40000040:00000000000000000000000000000000:185856
:C0000040:00000000000000000000000000000000:0
:C0000040:00000000000000000000000000000000:0
:40000040:00000000000000000000000000000000:0


----- C:\Documents and Settings\ EMILIE\Local Settings\Temp\g_dx234.exe ---- General
Broken.Executable (Broken PE file - Section 1 starts beyond the end of file (Offset@ A5C00, Total filesize 10240)
MD5: E8A9B0F745CAB20EDD1070E03BF89C59:10240
EP: 00
SEC:
.text:60000020:69E12D260E239049C4514FC2363ED59B:9216
.rdata:40000040:00000000000000000000000000000000:185856
:C0000040:00000000000000000000000000000000:0
:C0000040:00000000000000000000000000000000:0
:40000040:00000000000000000000000000000000:0


----- C:\Documents and Settings\ EMILIE\Local Settings\Temp\hhbboll_2.exe ---- General
Broken.Executable (Broken PE file - Section 1 starts beyond the end of file (Offset@ A5C00, Total filesize 32768)
MD5: 65EA5FEFB1AF4DFCA4F5990AD5FEA13B:32768
EP: 00
SEC:
.text:60000020:A9243F45F3E7070ED59F4AE32A9DF808:31744
.rdata:40000040:00000000000000000000000000000000:185856
:C0000040:00000000000000000000000000000000:0
:C0000040:00000000000000000000000000000000:0
:40000040:00000000000000000000000000000000:0


----- C:\Documents and Settings\ EMILIE\Local Settings\Temp\hiphop.exe ---- General
Broken.Executable (Broken PE file - Section 1 starts beyond the end of file (Offset@ A5C00, Total filesize 84992)
MD5: AEC8A66DD570593401C36047103C0719:84992
EP: 00
SEC:
.text:60000020:E8ED47E10E5C83661AB75951ADBFBFA0:83968
.rdata:40000040:00000000000000000000000000000000:185856
:C0000040:00000000000000000000000000000000:0
:C0000040:00000000000000000000000000000000:0
:40000040:00000000000000000000000000000000:0


----- C:\Documents and Settings\ EMILIE\Local Settings\Temp\hodeme.exe ---- General
Broken.Executable (Broken PE file - Section 1 starts beyond the end of file (Offset@ A5C00, Total filesize 92160)
MD5: B5BD1C3DDE513CB78E6AFC51FC1A80DF:92160
EP: 00
SEC:
.text:60000020:E6302F8867270E0F056F0CBE03F57D51:91136
.rdata:40000040:00000000000000000000000000000000:185856
:C0000040:00000000000000000000000000000000:0
:C0000040:00000000000000000000000000000000:0
:40000040:00000000000000000000000000000000:0


----- C:\Documents and Settings\ EMILIE\Local Settings\Temp\htfad4.exe ---- General
Broken.Executable (Broken PE file - Section 1 starts beyond the end of file (Offset@ A5C00, Total filesize 29696)
MD5: C379807E1826311F0D3C52BE8291648F:29696
EP: 00
SEC:
.text:60000020:A4131F1E63B932004FF1E417AFA69686:28672
.rdata:40000040:00000000000000000000000000000000:185856
:C0000040:00000000000000000000000000000000:0
:C0000040:00000000000000000000000000000000:0
:40000040:00000000000000000000000000000000:0


----- C:\Documents and Settings\ EMILIE\Local Settings\Temp\hvipws9.exe ---- General
Broken.Executable (Broken PE file - Section 1 starts beyond the end of file (Offset@ A5C00, Total filesize 52224)
MD5: D2F788236F40767BA5E1DAE104D1B1CC:52224
EP: 00
SEC:
.text:60000020:50BFB20FD5CAA6E87EC1B621ACC7E0C5:51200
.rdata:40000040:00000000000000000000000000000000:185856
:C0000040:00000000000000000000000000000000:0
:C0000040:00000000000000000000000000000000:0
:40000040:00000000000000000000000000000000:0


----- C:\Documents and Settings\ EMILIE\Local Settings\Temp\jdhellwo3.exe ---- General
Broken.Executable (Broken PE file - Section 1 starts beyond the end of file (Offset@ A5C00, Total filesize 51200)
MD5: 51B7B73936484441F0D7E93E225C64D7:51200
EP: 00
SEC:
.text:60000020:5E171CE6A62A661AFF0DBCDB7F70DEB6:50176
.rdata:40000040:00000000000000000000000000000000:185856
:C0000040:00000000000000000000000000000000:0
:C0000040:00000000000000000000000000000000:0
:40000040:00000000000000000000000000000000:0


----- C:\Documents and Settings\ EMILIE\Local Settings\Temp\jkfuckfu.exe ---- General
Broken.Executable (Broken PE file - Section 1 starts beyond the end of file (Offset@ A5C00, Total filesize 44032)
MD5: 321057BE22A9D88CAA999A4043E3A690:44032
EP: 00
SEC:
.text:60000020:078B8876465A94EA9DFB0A2F88BED0B1:43008
.rdata:40000040:00000000000000000000000000000000:185856
:C0000040:00000000000000000000000000000000:0
:C0000040:00000000000000000000000000000000:0
:40000040:00000000000000000000000000000000:0


----- C:\Documents and Settings\ EMILIE\Local Settings\Temp\jofcdks.exe ---- General
Broken.Executable (Broken PE file - Section 1 starts beyond the end of file (Offset@ A5C00, Total filesize 34816)
MD5: 13A666617A4B0C432D276002CCB2ED73:34816
EP: 00
SEC:
.text:60000020:BE29C702F45FC59116B1E467F6A62030:33792
.rdata:40000040:00000000000000000000000000000000:185856
:C0000040:00000000000000000000000000000000:0
:C0000040:00000000000000000000000000000000:0
:40000040:00000000000000000000000000000000:0


----- C:\Documents and Settings\ EMILIE\Local Settings\Temp\kjdh_gf_jjdhgd.exe ---- General
Broken.Executable (Broken PE file - Section 1 starts beyond the end of file (Offset@ A5C00, Total filesize 48128)
MD5: 2B7F2F0B9D196470EBA898DAD3ACD29E:48128
EP: 00
SEC:
.text:60000020:D062269E26A84764D2141E9631DEFB6A:47104
.rdata:40000040:00000000000000000000000000000000:185856
:C0000040:00000000000000000000000000000000:0
:C0000040:00000000000000000000000000000000:0
:40000040:00000000000000000000000000000000:0


----- C:\Documents and Settings\ EMILIE\Local Settings\Temp\kjh102k3.exe ---- General
Broken.Executable (Broken PE file - Section 1 starts beyond the end of file (Offset@ A5C00, Total filesize 77824)
MD5: F4A70C8D8DBE450968E229CC80AEA797:77824
EP: 00
SEC:
.text:60000020:C72463594D97E71FC14A4B8FB5FC691B:76800
.rdata:40000040:00000000000000000000000000000000:185856
:C0000040:00000000000000000000000000000000:0
:C0000040:00000000000000000000000000000000:0
:40000040:00000000000000000000000000000000:0


----- C:\Documents and Settings\ EMILIE\Local Settings\Temp\kn.a.exe ---- General
Broken.Executable (Broken PE file - Section 1 starts beyond the end of file (Offset@ A5C00, Total filesize 4096)
MD5: D8B91C3FD6E334ED39FCDDCDDEE3878A:4096
EP: 00
SEC:
.text:60000020:D2A70550489DE356A2CD6BFC40711204:3072
.rdata:40000040:00000000000000000000000000000000:185856
:C0000040:00000000000000000000000000000000:0
:C0000040:00000000000000000000000000000000:0
:40000040:00000000000000000000000000000000:0


----- C:\Documents and Settings\ EMILIE\Local Settings\Temp\kock.exe ---- General
Broken.Executable (Broken PE file - Section 1 starts beyond the end of file (Offset@ A5C00, Total filesize 79872)
MD5: 505C7B93CF45C21170D4FE0464F457BA:79872
EP: 00
SEC:
.text:60000020:6AC332D5E1F2CADE7261B8D85E1893F1:78848
.rdata:40000040:00000000000000000000000000000000:185856
:C0000040:00000000000000000000000000000000:0
:C0000040:00000000000000000000000000000000:0
:40000040:00000000000000000000000000000000:0


----- C:\Documents and Settings\ EMILIE\Local Settings\Temp\ljts-23.exe ---- General
Broken.Executable (Broken PE file - Section 1 starts beyond the end of file (Offset@ A5C00, Total filesize 62464)
MD5: 0CC835D4B20754382F8238DBFF4A5222:62464
EP: 00
SEC:
.text:60000020:E69C56CFABD5F428B18389731FC5CD55:61440
.rdata:40000040:00000000000000000000000000000000:185856
:C0000040:00000000000000000000000000000000:0
:C0000040:00000000000000000000000000000000:0
:40000040:00000000000000000000000000000000:0


----- C:\Documents and Settings\ EMILIE\Local Settings\Temp\lkhgg_ea.exe ---- General
Broken.Executable (Broken PE file - Section 1 starts beyond the end of file (Offset@ A5C00, Total filesize 57344)
MD5: EF7B4EEEA60963DC5F77727DCCEAAD16:57344
EP: 00
SEC:
.text:60000020:622CD1A9CC2ACA8C5C393DCE53FE66D0:56320
.rdata:40000040:00000000000000000000000000000000:185856
:C0000040:00000000000000000000000000000000:0
:C0000040:00000000000000000000000000000000:0
:40000040:00000000000000000000000000000000:0


----- C:\Documents and Settings\ EMILIE\Local Settings\Temp\lols.exe ---- General
Broken.Executable (Broken PE file - Section 1 starts beyond the end of file (Offset@ A5C00, Total filesize 93184)
MD5: 9484CF720E833808B86D9CB62E03EC18:93184
EP: 00
SEC:
.text:60000020:BA9D97F3E89F9EFC332716CA2EDEA6CB:92160
.rdata:40000040:00000000000000000000000000000000:185856
:C0000040:00000000000000000000000000000000:0
:C0000040:00000000000000000000000000000000:0
:40000040:00000000000000000000000000000000:0


----- C:\Documents and Settings\ EMILIE\Local Settings\Temp\ploper.exe ---- General
Broken.Executable (Broken PE file - Section 1 starts beyond the end of file (Offset@ A5C00, Total filesize 78848)
MD5: ECCCBAAC3D4478C4CE440CD1878CAD7B:78848
EP: 00
SEC:
.text:60000020:CF4865D6A8275F92F17A20207084F133:77824
.rdata:40000040:00000000000000000000000000000000:185856
:C0000040:00000000000000000000000000000000:0
:C0000040:00000000000000000000000000000000:0
:40000040:00000000000000000000000000000000:0


----- C:\Documents and Settings\ EMILIE\Local Settings\Temp\poertd.exe ---- General
Broken.Executable (Broken PE file - Section 1 starts beyond the end of file (Offset@ A5C00, Total filesize 89088)
MD5: 8792198462A6674DAD8A0395B729EDE3:89088
EP: 00
SEC:
.text:60000020:D9D254307CFC70B3FB66406A6F32E861:88064
.rdata:40000040:00000000000000000000000000000000:185856
:C0000040:00000000000000000000000000000000:0
:C0000040:00000000000000000000000000000000:0
:40000040:00000000000000000000000000000000:0


----- C:\Documents and Settings\ EMILIE\Local Settings\Temp\protector2.exe ---- General
Broken.Executable (Broken PE file - Section 1 starts beyond the end of file (Offset@ A5C00, Total filesize 88064)
MD5: 39D25FD2FE06FE7095525EA8B7761930:88064
EP: 00
SEC:
.text:60000020:BE189576CCC0B051CC9C2BDC6E91F34F:87040
.rdata:40000040:00000000000000000000000000000000:185856
:C0000040:00000000000000000000000000000000:0
:C0000040:00000000000000000000000000000000:0
:40000040:00000000000000000000000000000000:0


----- C:\Documents and Settings\ EMILIE\Local Settings\Temp\pswwg3c.exe ---- General
Broken.Executable (Broken PE file - Section 1 starts beyond the end of file (Offset@ A5C00, Total filesize 30720)
MD5: F0EEFCAF0DDFF618FDE2B0AAE383F45F:30720
EP: 00
SEC:
.text:60000020:0B080FDC3B9A61C6F2486FC85C41EBF6:29696
.rdata:40000040:00000000000000000000000000000000:185856
:C0000040:00000000000000000000000000000000:0
:C0000040:00000000000000000000000000000000:0
:40000040:00000000000000000000000000000000:0


----- C:\Documents and Settings\ EMILIE\Local Settings\Temp\puzpup.exe ---- General
Broken.Executable (Broken PE file - Section 1 starts beyond the end of file (Offset@ A5C00, Total filesize 53248)
MD5: 4AFF437AA7F2A8FFDCECAFD0737BB300:53248
EP: 00
SEC:
.text:60000020:81670F816C48F87F1F060DF7E49F7BAD:52224
.rdata:40000040:00000000000000000000000000000000:185856
:C0000040:00000000000000000000000000000000:0
:C0000040:00000000000000000000000000000000:0
:40000040:00000000000000000000000000000000:0


----- C:\Documents and Settings\ EMILIE\Local Settings\Temp\qwedvor.exe ---- General
Broken.Executable (Broken PE file - Section 1 starts beyond the end of file (Offset@ A5C00, Total filesize 99328)
MD5: B2B717260A7C23CEF9EC8639A8F0F52A:99328
EP: 00
SEC:
.text:60000020:032651470BFEC4B8366639B23181999D:98304
.rdata:40000040:00000000000000000000000000000000:185856
:C0000040:00000000000000000000000000000000:0
:C0000040:00000000000000000000000000000000:0
:40000040:00000000000000000000000000000000:0


----- C:\Documents and Settings\ EMILIE\Local Settings\Temp\qwklrvjhqlkj.exe ---- General
Broken.Executable (Broken PE file - Section 1 starts beyond the end of file (Offset@ A5C00, Total filesize 22528)
MD5: BE18FF81CA3AA25FDC19DC85FC17423E:22528
EP: 00
SEC:
.text:60000020:A88D9CF33C42A4752078806733FC5703:21504
.rdata:40000040:00000000000000000000000000000000:185856
:C0000040:00000000000000000000000000000000:0
:C0000040:00000000000000000000000000000000:0
:40000040:00000000000000000000000000000000:0


----- C:\Documents and Settings\ EMILIE\Local Settings\Temp\r0life.exe ---- General
Broken.Executable (Broken PE file - Section 1 starts beyond the end of file (Offset@ A5C00, Total filesize 38912)
MD5: FDECC8F28C4C40B48A663AEDBF45F39A:38912
EP: 00
SEC:
.text:60000020:A703A24F2CEC914BB92C03758C885C2D:37888
.rdata:40000040:00000000000000000000000000000000:185856
:C0000040:00000000000000000000000000000000:0
:C0000040:00000000000000000000000000000000:0
:40000040:00000000000000000000000000000000:0


----- C:\Documents and Settings\ EMILIE\Local Settings\Temp\rator.exe ---- General
Broken.Executable (Broken PE file - Section 1 starts beyond the end of file (Offset@ A5C00, Total filesize 67584)
MD5: 1F016506A0557C731641A2424B73E8E8:67584
EP: 00
SEC:
.text:60000020:12D297A94BD8B9C7F816597A082411D8:66560
.rdata:40000040:00000000000000000000000000000000:185856
:C0000040:00000000000000000000000000000000:0
:C0000040:00000000000000000000000000000000:0
:40000040:00000000000000000000000000000000:0


----- C:\Documents and Settings\ EMILIE\Local Settings\Temp\rtfme.exe ---- General
Broken.Executable (Broken PE file - Section 1 starts beyond the end of file (Offset@ A5C00, Total filesize 101376)
MD5: 005E819B33A6A0E12E578A22106495C3:101376
EP: 00
SEC:
.text:60000020:077C6954BF51FE920B89B560661C2DCF:100352
.rdata:40000040:00000000000000000000000000000000:185856
:C0000040:00000000000000000000000000000000:0
:C0000040:00000000000000000000000000000000:0
:40000040:00000000000000000000000000000000:0


----- C:\Documents and Settings\ EMILIE\Local Settings\Temp\safe.exe ---- General
Broken.Executable (Broken PE file - Section 1 starts beyond the end of file (Offset@ A5C00, Total filesize 87040)
MD5: AD5465DFFB13A00950E114A4A1D02A46:87040
EP: 00
SEC:
.text:60000020:DA753E740E277976CD3379C6E0EA2FA2:86016
.rdata:40000040:00000000000000000000000000000000:185856
:C0000040:00000000000000000000000000000000:0
:C0000040:00000000000000000000000000000000:0
:40000040:00000000000000000000000000000000:0


----- C:\Documents and Settings\ EMILIE\Local Settings\Temp\snowif.exe ---- General
Broken.Executable (Broken PE file - Section 1 starts beyond the end of file (Offset@ A5C00, Total filesize 66560)
MD5: 94B8DC642A3E795C31CDC6E4DF05071D:66560
EP: 00
SEC:
.text:60000020:896F5F13443E07AD322708C58A7DB82A:65536
.rdata:40000040:00000000000000000000000000000000:185856
:C0000040:00000000000000000000000000000000:0
:C0000040:00000000000000000000000000000000:0
:40000040:00000000000000000000000000000000:0


----- C:\Documents and Settings\ EMILIE\Local Settings\Temp\sycre.exe ---- General
Broken.Executable (Broken PE file - Section 1 starts beyond the end of file (Offset@ A5C00, Total filesize 65536)
MD5: C59C53B67D5450D65AE67E2AA16F0A28:65536
EP: 00
SEC:
.text:60000020:C595F95E9529E21B4633F74A301663C4:64512
.rdata:40000040:00000000000000000000000000000000:185856
:C0000040:00000000000000000000000000000000:0
:C0000040:00000000000000000000000000000000:0
:40000040:00000000000000000000000000000000:0


----- C:\Documents and Settings\ EMILIE\Local Settings\Temp\timem.exe ---- General
Broken.Executable (Broken PE file - Section 1 starts beyond the end of file (Offset@ A5C00, Total filesize 86016)
MD5: 5D197F92CE47B986376B833474D21C7B:86016
EP: 00
SEC:
.text:60000020:2325EA4EAB0F9CC45D549965CD6349BE:84992
.rdata:40000040:00000000000000000000000000000000:185856
:C0000040:00000000000000000000000000000000:0
:C0000040:00000000000000000000000000000000:0
:40000040:00000000000000000000000000000000:0


----- C:\Documents and Settings\ EMILIE\Local Settings\Temp\tryh-blv.exe ---- General
Broken.Executable (Broken PE file - Section 1 starts beyond the end of file (Offset@ A5C00, Total filesize 54272)
MD5: 316ACD2B4430E0BF0C28C20EE01FC1E6:54272
EP: 00
SEC:
.text:60000020:54D311688F07CF9F5346090272FC0065:53248
.rdata:40000040:00000000000000000000000000000000:185856
:C0000040:00000000000000000000000000000000:0
:C0000040:00000000000000000000000000000000:0
:40000040:00000000000000000000000000000000:0


----- C:\Documents and Settings\ EMILIE\Local Settings\Temp\Update_en_moovidaCore-2.0.2.0-win32k.exe ---- General
Mal/Fraud!se872-1
MD5: E0952E5BDFB2E7E718F9B0EB4DA40112:2842115
RIC: 415D350BB4FC6B9E4DB60E10E3D525F2:21200
EP: 81 EC 10 02 00 00 53 55 56 68 9C 28 00 00 51 68 C3 2C 00 00 E8 9E 1B 00 00 57 8D 44 24 10 50 33 DB 53 81 94 24 D0 F7 FF FF F5 79 00 00 C1 B4 24 00 EF FF FF 0A 50 B8 63 00 00 00 83 F8 00 0F 84 8A
SEC:
.itext:40000040:8E15645DE0BE3F5D069853C4BB5FA45D:512
.text:60000060:77D4AE484F01712834E1FC6D32291313:6656
.data:E0000060:BAE5A6446FF4B8DECA4FB30277E7F864:26112
.rsrc:40000040:E3806AE2717F69D2601517A0601E2A20:2805760
.reloc:42000040:6C5249F475FE43233DBDFE8CD91496C6:2048


----- C:\Documents and Settings\ EMILIE\Local Settings\Temp\w32-reno-c.exe ---- General
Broken.Executable (Broken PE file - Section 1 starts beyond the end of file (Offset@ A5C00, Total filesize 9216)
MD5: 5B8F08B933619A501FE2C37EDA06D236:9216
EP: 00
SEC:
.text:60000020:2426813B9D29A25AA9F3232ED684C175:8192
.rdata:40000040:00000000000000000000000000000000:185856
:C0000040:00000000000000000000000000000000:0
:C0000040:00000000000000000000000000000000:0
:40000040:00000000000000000000000000000000:0


----- C:\Documents and Settings\ EMILIE\Local Settings\Temp\w32rim_mem.exe ---- General
Broken.Executable (Broken PE file - Section 1 starts beyond the end of file (Offset@ A5C00, Total filesize 6144)
MD5: F187A58420B500E088446590634457AD:6144
EP: 00
SEC:
.text:60000020:85B5FC14E26731DE6728CD443E08AA27:5120
.rdata:40000040:00000000000000000000000000000000:185856
:C0000040:00000000000000000000000000000000:0
:C0000040:00000000000000000000000000000000:0
:40000040:00000000000000000000000000000000:0


----- C:\Documents and Settings\ EMILIE\Local Settings\Temp\warsddd_w.exe ---- General
Broken.Executable (Broken PE file - Section 1 starts beyond the end of file (Offset@ A5C00, Total filesize 14336)
MD5: 80385E3626D0120F7DB8AFE6E5113549:14336
EP: 00
SEC:
.text:60000020:74FD6859AC4EB3E5328464D056C6BB55:13312
.rdata:40000040:00000000000000000000000000000000:185856
:C0000040:00000000000000000000000000000000:0
:C0000040:00000000000000000000000000000000:0
:40000040:00000000000000000000000000000000:0


----- C:\Documents and Settings\ EMILIE\Local Settings\Temp\wefgetn_00.exe ---- General
Broken.Executable (Broken PE file - Section 1 starts beyond the end of file (Offset@ A5C00, Total filesize 13312)
MD5: FF039BBDC405FF5ACBFDD106ADCB92E4:13312
EP: 00
SEC:
.text:60000020:68411252DC29C2859D8246442EA36401:12288
.rdata:40000040:00000000000000000000000000000000:185856
:C0000040:00000000000000000000000000000000:0
:C0000040:00000000000000000000000000000000:0
:40000040:00000000000000000000000000000000:0


----- C:\Documents and Settings\ EMILIE\Local Settings\Temp\wined.exe ---- General
Broken.Executable (Broken PE file - Section 1 starts beyond the end of file (Offset@ A5C00, Total filesize 71680)
MD5: 02A3F8042BBF1F6E35BDA76AAEEE04D2:71680
EP: 00
SEC:
.text:60000020:9C16FE2FFD60EC6B63CFBD8DE4D8D003:70656
.rdata:40000040:00000000000000000000000000000000:185856
:C0000040:00000000000000000000000000000000:0
:C0000040:00000000000000000000000000000000:0
:40000040:00000000000000000000000000000000:0


----- C:\Documents and Settings\ EMILIE\Local Settings\Temp\winifi.exe ---- General
Broken.Executable (Broken PE file - Section 1 starts beyond the end of file (Offset@ A5C00, Total filesize 68608)
MD5: 783E00B0FD4862FCFBE02771BFCFF310:68608
EP: 00
SEC:
.text:60000020:845662E8E8F1DA07C6167475DE32615F:67584
.rdata:40000040:00000000000000000000000000000000:185856
:C0000040:00000000000000000000000000000000:0
:C0000040:00000000000000000000000000000000:0
:40000040:00000000000000000000000000000000:0


----- C:\Documents and Settings\ EMILIE\Local Settings\Temp\wrcud12.exe ---- General
Broken.Executable (Broken PE file - Section 1 starts beyond the end of file (Offset@ A5C00, Total filesize 11264)
MD5: 042E272EC8E28F9ABAD6FF93556EFE47:11264
EP: 00
SEC:
.text:60000020:09C8F1E1DFC2608773BA2F90FA2AACE6:10240
.rdata:40000040:00000000000000000000000000000000:185856
:C0000040:00000000000000000000000000000000:0
:C0000040:00000000000000000000000000000000:0
:40000040:00000000000000000000000000000000:0


----- C:\Documents and Settings\ EMILIE\Local Settings\Temp\wrfwe_di.exe ---- General
Broken.Executable (Broken PE file - Section 1 starts beyond the end of file (Offset@ A5C00, Total filesize 58368)
MD5: B95A93EC19E288FD14779E49D28E4B9D:58368
EP: 00
SEC:
.text:60000020:37929F59455E3206164A783C077B0829:57344
.rdata:40000040:00000000000000000000000000000000:185856
:C0000040:00000000000000000000000000000000:0
:C0000040:00000000000000000000000000000000:0
:40000040:00000000000000000000000000000000:0


----- C:\Documents and Settings\ EMILIE\Local Settings\Temp\wwautrsd.exe ---- General
Broken.Executable (Broken PE file - Section 1 starts beyond the end of file (Offset@ A5C00, Total filesize 18432)
MD5: FD4885A16298735FEAC3BEB85C70E830:18432
EP: 00
SEC:
.text:60000020:41FA259371CB407DAF80BF0B9C7B8D9C:17408
.rdata:40000040:00000000000000000000000000000000:185856
:C0000040:00000000000000000000000000000000:0
:C0000040:00000000000000000000000000000000:0
:40000040:00000000000000000000000000000000:0


Scan completed!

Scan result: 90 detected items
Scan completed in: Scan completed in 29 minute(s) 13 sec.
Files were scanned: 13179


A voir également:

8 réponses

Réponse 1 / 8
Utilisateur anonyme
4 juil. 2011 à 17:05
On va essayer, mais on risque de réveiller la bête

Télécharge sur le bureau RogueKiller
* Quitte tous les programmes en cours, c'est important
* Sous Vista/Seven , clic droit -> lancer en tant qu'administrateur
* Sinon lance simplement RogueKiller.exe
* Lorsque demandé, tape 2 et valide
* Un rapport à dû s'ouvrir (RKreport.txt se trouve également à côté de l'exécutable), poste
le contenu
* Si le programme a été bloqué, ne pas hésiter a essayer plusieurs fois. Si vraiment cela ne passe pas (ça peut arriver), le renommer en winlogon.exe

1
Réponse 2 / 8
Utilisateur anonyme
4 juil. 2011 à 16:34
Bonjour
Ton PC est sérieusement infecté y'a ceci qui est inquiétant

----- HKLM\SYSTEM\ControlSet001\Enum\Root\LEGACY_NWCWORKSTATION ---- Registry
Virus.Virut


----- HKLM\SYSTEM\ControlSet001\Services\NWCWorkstation ---- Registry
Virus.Virut


----- HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_NWCWORKSTATION ---- Registry
Virus.Virut


----- HKLM\SYSTEM\CurrentControlSet\Services\NWCWorkstation ---- Registry
Virus.Virut

Alors ça, c'est très mauvais, c'est un virus informatique assez redoutabable

As tu fait une sauvegarde de tes documents ?
0
Réponse 3 / 8
emy110891 Messages postés 5 Date d'inscription lundi 4 juillet 2011 Statut Membre Dernière intervention 4 juillet 2011
4 juil. 2011 à 16:37
je n'ai rien d'important sur mon PC...
0
Réponse 4 / 8
Utilisateur anonyme
4 juil. 2011 à 16:41
Si tu possèdes un CD Windows, vu la tournure que cela prend, il faudrait
formater ton PC
Tu as le rogue AntiVirusAntiSpyware2011
Et puis le virus Virut qui infecte les exécutables
Le problème, si je te fais faire Rogue Killer pour neutraliser le rogue, Virut
va l'infecter
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 8
emy110891 Messages postés 5 Date d'inscription lundi 4 juillet 2011 Statut Membre Dernière intervention 4 juillet 2011
4 juil. 2011 à 16:43
que dois-je faire alors? je n'ai pas de CD Windows :-(
0
Réponse 6 / 8
emy110891 Messages postés 5 Date d'inscription lundi 4 juillet 2011 Statut Membre Dernière intervention 4 juillet 2011
4 juil. 2011 à 23:49
Et voilà!

RogueKiller V5.2.7 [30/06/2011] par Tigzy
contact sur https://www.luanagames.com/index.fr.html
mail: tigzyRK<at>gmail<dot>com
Remontees: https://www.luanagames.com/index.fr.html

Systeme d'exploitation: Windows XP (5.1.2600 Service Pack 2) 32 bits version
Demarrage : Mode normal
Utilisateur: EMILIE [Droits d'admin]
Mode: Suppression -- Date : 04/07/2011 22:47:13

Processus malicieux: 6
[SUSP PATH] hprnvi.dll -- C:\WINDOWS\hprnvi.dll -> UNLOADED
[SUSP PATH] hprnvi.dll -- C:\WINDOWS\hprnvi.dll -> KILLED
[SUSP PATH] AntiVirus AntiSpyware.exe -- c:\documents and settings\ emilie\application data\antivirus antispyware 2011\antivirus antispyware.exe -> KILLED
[SUSP PATH] securitymanager.exe -- c:\documents and settings\ emilie\application data\antivirus antispyware 2011\securitymanager.exe -> KILLED
[SUSP PATH] questscan147.exe -- c:\documents and settings\all users\application data\questscan\questscan147.exe -> KILLED
[SUSP PATH] securityhelper.exe -- c:\documents and settings\ emilie\application data\antivirus antispyware 2011\securityhelper.exe -> KILLED

Entrees de registre: 6
[BLACKLIST DLL] HKCU\[...]\Run : Hniya (rundll32.exe "C:\WINDOWS\hprnvi.dll",Startup) -> DELETED
[SUSP PATH] HKCU\[...]\Run : AntiVirus AntiSpyware 2011 ("C:\Documents and Settings\ EMILIE\Application Data\AntiVirus AntiSpyware 2011\AntiVirus AntiSpyware.exe" /STARTUP) -> DELETED
[SUSP PATH] HKCU\[...]\Run : AntiVirus AntiSpyware 2011 Security (C:\Documents and Settings\ EMILIE\Application Data\AntiVirus AntiSpyware 2011\securitymanager.exe) -> DELETED
[BLACKLIST DLL] HKUS\S-1-5-19[...]\Run : nemoharela (Rundll32.exe "C:\WINDOWS\system32\buraboto.dll",s) -> DELETED
[BLACKLIST DLL] HKUS\S-1-5-20[...]\Run : nemoharela (Rundll32.exe "C:\WINDOWS\system32\buraboto.dll",s) -> DELETED
[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)

Fichier HOSTS:


Termine : << RKreport[1].txt >>
RKreport[1].txt
0
Réponse 7 / 8
emy110891 Messages postés 5 Date d'inscription lundi 4 juillet 2011 Statut Membre Dernière intervention 4 juillet 2011
4 juil. 2011 à 23:53
Merci Jawaryinti!
Dois-je faire autre chose?
0
Réponse 8 / 8
Utilisateur anonyme
5 juil. 2011 à 16:05
Bonjour
On va voir s'il y a Virut

Télécharge Dr Web CureIt sur ton Bureau :

ftp://ftp.drweb.com/pub/drweb/cureit/drweb-cureit.exe

- Double clique drweb-cureit.exe et ensuite clique sur Analyse;

- Clique Ok à l'invite de l'analyse rapide. S'il trouve des processus infectés alors clique le bouton Oui.
Note : une fenêtre s'ouvrira avec options pour "Commander" ou "50% de réduction" : Quitte en cliquant le "X".
- Lorsque le scan rapide est terminé, clique sur le menu Options puis Changer la configuration ; Choisis l'onglet Scanner, et décoche Analyse heuristique. Clique ensuite sur Ok.
- De retour à la fenêtre principale : clique pour activer Analyse complète
- Clique le bouton avec flèche verte sur la droite, et le scan débutera.
- Clique Oui pour tout à l'invite Désinfecter ? lorsqu'un fichier est détecté, et ensuite clique Désinfecter.
- Lorsque le scan sera complété, regarde si tu peux cliquer sur l' icône, adjacente aux fichiers détectés (plusieurs feuilles l'une sur l'autre). Si oui, alors clique dessus et ensuite clique sur l'icône Suivant, au dessous, et choisis Déplacer en quarantaine l'objet indésirable.
- Du menu principal de l'outil, au haut à gauche, clique sur le menu Fichier et choisis Enregistrer le rapport. Sauvegarde le rapport sur ton Bureau. Ce dernier se nommera DrWeb.csv
- Ferme Dr.Web Cureit
- Redémarre ton ordi (important car certains fichiers peuvent être déplacés/réparés au redémarrage).
- Suite au redémarrage, poste (Copie/Colle) le contenu du rapport de Dr.Web dans ta prochaine réponse.
0

Discussions similaires

Google Chrome "  Échec de l'analyse antivirus "
jmpower -
RBmoon -

18 réponses
échec de l'analyse antivirus
StalkerShadows -
ness -

19 réponses
Echec analyse antivirus lors de téléchargement
mathelp_3935 -
Malekal_morte- -

19 réponses