david-andorra
2008-10-01, 10:07
Hello,
When I switch-on the PC, it freeze on the white screen "Windows 2000", then I need to restart it strong by pressing the reset button.
After that, it restarts normally.
Then the first thing I see when Windows is started at his point is a little window I've never seen before "S&D File Scanner" :
http://i36.tinypic.com/2mneyyc.jpg
http://i33.tinypic.com/2igfv54.jpg
Something else, when I switch off the button on the back of the computer (power) then the next day I have a "checksum error" and the day and hour are wrong.
Maybe there is something wrong in the process at the starting of the PC (report below). Please help :sad:
--- Spybot - Search & Destroy version: 1.6.0 (build: 20080729) ---
2008-08-14 blindman.exe (1.0.0.8)
2008-08-14 SDFiles.exe (1.6.0.4)
2008-08-14 SDMain.exe (1.0.0.6)
2008-08-14 SDShred.exe (1.0.2.3)
2008-08-14 SDUpdate.exe (1.6.0.9)
2008-08-14 SDWinSec.exe (1.0.0.12)
2008-07-30 SpybotSD.exe (1.6.0.31)
2008-08-18 TeaTimer.exe (1.6.2.23)
2006-04-02 unins000.exe (51.41.0.0)
2008-09-22 unins001.exe (51.49.0.0)
2008-08-14 Update.exe (1.6.0.7)
2008-08-14 advcheck.dll (1.6.1.12)
2007-04-02 aports.dll (2.1.0.0)
2005-05-31 borlndmm.dll (7.0.4.453)
2005-05-31 delphimm.dll (7.0.4.453)
2008-06-14 DelZip179.dll (1.79.11.1)
2008-08-14 SDHelper.dll (1.6.0.12)
2008-06-19 sqlite3.dll
2008-08-14 Tools.dll (2.1.5.7)
2005-05-31 UnzDll.dll (1.73.1.1)
2005-05-31 ZipDll.dll (1.73.2.0)
2008-09-02 Includes\Adware.sbi
2008-09-09 Includes\AdwareC.sbi
2008-06-03 Includes\Cookies.sbi
2008-09-02 Includes\Dialer.sbi
2008-09-09 Includes\DialerC.sbi
2008-07-23 Includes\HeavyDuty.sbi
2008-09-02 Includes\Hijackers.sbi
2008-09-02 Includes\HijackersC.sbi
2008-09-09 Includes\Keyloggers.sbi
2008-09-23 Includes\KeyloggersC.sbi
2004-11-29 Includes\LSP.sbi
2008-09-09 Includes\Malware.sbi
2008-09-23 Includes\MalwareC.sbi
2008-09-02 Includes\PUPS.sbi
2008-09-11 Includes\PUPSC.sbi
2007-11-07 Includes\Revision.sbi
2008-06-18 Includes\Security.sbi
2008-09-02 Includes\SecurityC.sbi
2008-06-03 Includes\Spybots.sbi
2008-06-03 Includes\SpybotsC.sbi
2008-09-09 Includes\Spyware.sbi
2008-09-23 Includes\SpywareC.sbi
2008-06-03 Includes\Tracks.uti
2008-09-16 Includes\Trojans.sbi
2008-09-23 Includes\TrojansC.sbi
2008-03-04 Plugins\Chai.dll
2008-03-05 Plugins\Fennel.dll
2008-02-26 Plugins\Mate.dll
2007-12-24 Plugins\TCPIPAddress.dll
Located: HK_LM:Run, F-Secure Manager
command: "C:\Program Files\Securitoo\av_fw\Common\FSM32.EXE" /splash
file: C:\Program Files\Securitoo\av_fw\Common\FSM32.EXE
size: 122929
MD5: 855E795383BED05C481575BD0C1C0D37
Located: HK_LM:Run, F-Secure Startup Wizard
command: "C:\Program Files\Securitoo\av_fw\FSGUI\FSSW.EXE" /reboot
file: C:\Program Files\Securitoo\av_fw\FSGUI\FSSW.EXE
size: 372736
MD5: D90838CBC9F7412EE26DCC17617E4D17
Located: HK_LM:Run, F-Secure TNB
command: "C:\Program Files\Securitoo\av_fw\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW
file: C:\Program Files\Securitoo\av_fw\TNB\TNBUtil.exe
size: 700416
MD5: 9153905D790DC0ADC7B992D0C948D247
Located: HK_LM:Run, iTunesHelper
command: "C:\Program Files\iTunes\iTunesHelper.exe"
file: C:\Program Files\iTunes\iTunesHelper.exe
size: 278528
MD5: 8778072A594E1310C0B7D0A93771E8BD
Located: HK_LM:Run, NeroFilterCheck
command: C:\WINNT\system32\NeroCheck.exe
file: C:\WINNT\system32\NeroCheck.exe
size: 155648
MD5: 3E4C03CEFAD8DE135263236B61A49C90
Located: HK_LM:Run, News Service
command: "C:\Program Files\Securitoo\av_fw\FSGUI\ispnews.exe"
file: C:\Program Files\Securitoo\av_fw\FSGUI\ispnews.exe
size: 356352
MD5: 329F9DE88C88917E08F7F3D75704F23B
Located: HK_LM:Run, NvCplDaemon
command: RUNDLL32.EXE C:\WINNT\system32\NvCpl.dll,NvStartup
file: C:\WINNT\system32\NvCpl.dll
size: 7618560
MD5: 4BCC78C649D5B117F664CB83B6A791A2
Located: HK_LM:Run, nwiz
command: nwiz.exe /install
file: C:\WINNT\system32\nwiz.exe
size: 1519616
MD5: 7AC98888346124460CC78860A3C73DF3
Located: HK_LM:Run, QuickTime Task
command: "C:\Program Files\QuickTime\qttask.exe" -atboottime
file: C:\Program Files\QuickTime\qttask.exe
size: 282624
MD5: CAF03357DE72F8F19FA099581A685C1A
Located: HK_LM:Run, SoundMan
command: SOUNDMAN.EXE
file: C:\WINNT\SOUNDMAN.EXE
size: 46592
MD5: 04F314D0C39C32166CDBDE1D20267313
Located: HK_LM:Run, SPAMfighter Agent
command: "C:\Program Files\SPAMfighter\SFAgent.exe" update delay 60
file: C:\Program Files\SPAMfighter\SFAgent.exe
size: 321672
MD5: A7F4488E2A196F5CDC5B9DD5B8F66DE3
Located: HK_LM:Run, Synchronization Manager
command: mobsync.exe /logon
file: C:\WINNT\system32\mobsync.exe
size: 111888
MD5: 25927F36C86159F0D55288F4FED12D93
Located: HK_LM:Run, DSLWizard (DISABLED)
command: C:\Program Files\Conexant\Kit ADSL\Setup.exe -r
file: C:\Program Files\Conexant\Kit ADSL\Setup.exe
size: 6144000
MD5: 7D484011AC17040998726F438AE3D93B
Located: HK_LM:Run, eCarteBleue-LPV-P1 (DISABLED)
command: "C:\Program Files\e-Carte Bleue\LA BANQUE POSTALE\CVD VISA\ECB.exe" /dontopenmycards
file: C:\Program Files\e-Carte Bleue\LA BANQUE POSTALE\CVD VISA\ECB.exe
size: 200704
MD5: 82890D031025F792CBB740FE1C5CA82F
Located: HK_LM:Run, NvMediaCenter (DISABLED)
command: RUNDLL32.EXE C:\WINNT\system32\NvMcTray.dll,NvTaskbarInit
file: C:\WINNT\system32\NvMcTray.dll
size: 86016
MD5: AF6AE431B9B063304F37AD052A5A1E66
Located: HK_LM:Run, QuickTime Task (DISABLED)
command: "C:\Program Files\QuickTime\qttask.exe" -atboottime
file: C:\Program Files\QuickTime\qttask.exe
size: 282624
MD5: CAF03357DE72F8F19FA099581A685C1A
Located: HK_LM:Run, SunJavaUpdateSched (DISABLED)
command: C:\Program Files\Java\jre1.5.0\bin\jusched.exe
file: C:\Program Files\Java\jre1.5.0\bin\jusched.exe
size: 36972
MD5: FFC7A8AA516B0D2A27DADF146EB538CC
Located: HK_LM:Run, TkBellExe (DISABLED)
command: "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
file: C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
size: 185784
MD5: 8A71139A5CD86AC55CF0E4383AB4AE33
Located: HK_LM:Run, ViewMgr (DISABLED)
command: C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
file: C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
size: 111816
MD5: A36E74BA7528A67A51BC4AFF3A50333D
Located: HK_CU:Run, internat.exe
where: .DEFAULT...
command: internat.exe
file: C:\WINNT\system32\internat.exe
size: 20752
MD5: 406B12788886496BD299C3F9E5E310D0
Located: HK_CU:RunOnce, ^SetupICWDesktop
where: .DEFAULT...
command: C:\Program Files\Internet Explorer\Connection Wizard\icwconn1.exe /desktop
file: C:\Program Files\Internet Explorer\Connection Wizard\icwconn1.exe
size: 189712
MD5: C5BF330589172E4585D44FE8CFFBD57A
Located: HK_CU:RunOnce, NeroHomeFirstStart
where: PE_C_ALL USERS...
command: C:\Program Files\Fichiers communs\Ahead\Lib\NMFirstStart.exe
file: C:\Program Files\Fichiers communs\Ahead\Lib\NMFirstStart.exe
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: HK_CU:Run, SpybotSD TeaTimer
where: S-1-5-21-1409082233-1383384898-1343024091-1000...
command: C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
file: C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
size: 1832272
MD5: FFB5BAC9C29303904365640A2E2A6D0C
Located: HK_CU:Run, swg
where: S-1-5-21-1409082233-1383384898-1343024091-1000...
command: C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
file: C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
size: 68856
MD5: E616A6A6E91B0A86F2F6217CDE835FFE
Located: HK_CU:Run, NCLaunch (DISABLED)
where: S-1-5-21-1409082233-1383384898-1343024091-1000...
command: C:\WINNT\NCLAUNCH.EXe
file: C:\WINNT\NCLAUNCH.EXe
size: 40960
MD5: 59CB2A9964E88DF1849003A6CF64F7A4
Located: Démarrage (tous utilisateurs), Securitoo.lnk
where: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage...
command: C:\Program Files\Securitoo\av_fw\backweb\6588780\Program\fspex.exe
file: C:\Program Files\Securitoo\av_fw\backweb\6588780\Program\fspex.exe
size: 32807
MD5: 06A450D9BC976A32DA59CD31C6293143
Located: Démarrage (utilisateur), A Note.lnk
where: C:\Documents and Settings\ARGENCE\Menu Démarrer\Programmes\Démarrage...
command: C:\Program Files\A Note\A Note.exe
file: C:\Program Files\A Note\A Note.exe
size: 622592
MD5: 7C6E33B45786149EA2E9300023694BDE
Located: Démarrage (utilisateur), SAM.lnk
where: C:\Documents and Settings\ARGENCE\Menu Démarrer\Programmes\Démarrage...
command: C:\Program Files\SAM\SAM.exe
file: C:\Program Files\SAM\SAM.exe
size: 1765376
MD5: A3A8B52B4494753A711E20E25F41E4B4
Located: WinLogon, crypt32chain
command: crypt32.dll
file: crypt32.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: WinLogon, cryptnet
command: cryptnet.dll
file: cryptnet.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: WinLogon, cscdll
command: cscdll.dll
file: cscdll.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: WinLogon, nwprovau
command: nwprovau.dll
file: nwprovau.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: WinLogon, sclgntfy
command: sclgntfy.dll
file: sclgntfy.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: WinLogon, SensLogn
command: WlNotify.dll
file: WlNotify.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: WinLogon, wzcnotif
command: wzcdlg.dll
file: wzcdlg.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
When I switch-on the PC, it freeze on the white screen "Windows 2000", then I need to restart it strong by pressing the reset button.
After that, it restarts normally.
Then the first thing I see when Windows is started at his point is a little window I've never seen before "S&D File Scanner" :
http://i36.tinypic.com/2mneyyc.jpg
http://i33.tinypic.com/2igfv54.jpg
Something else, when I switch off the button on the back of the computer (power) then the next day I have a "checksum error" and the day and hour are wrong.
Maybe there is something wrong in the process at the starting of the PC (report below). Please help :sad:
--- Spybot - Search & Destroy version: 1.6.0 (build: 20080729) ---
2008-08-14 blindman.exe (1.0.0.8)
2008-08-14 SDFiles.exe (1.6.0.4)
2008-08-14 SDMain.exe (1.0.0.6)
2008-08-14 SDShred.exe (1.0.2.3)
2008-08-14 SDUpdate.exe (1.6.0.9)
2008-08-14 SDWinSec.exe (1.0.0.12)
2008-07-30 SpybotSD.exe (1.6.0.31)
2008-08-18 TeaTimer.exe (1.6.2.23)
2006-04-02 unins000.exe (51.41.0.0)
2008-09-22 unins001.exe (51.49.0.0)
2008-08-14 Update.exe (1.6.0.7)
2008-08-14 advcheck.dll (1.6.1.12)
2007-04-02 aports.dll (2.1.0.0)
2005-05-31 borlndmm.dll (7.0.4.453)
2005-05-31 delphimm.dll (7.0.4.453)
2008-06-14 DelZip179.dll (1.79.11.1)
2008-08-14 SDHelper.dll (1.6.0.12)
2008-06-19 sqlite3.dll
2008-08-14 Tools.dll (2.1.5.7)
2005-05-31 UnzDll.dll (1.73.1.1)
2005-05-31 ZipDll.dll (1.73.2.0)
2008-09-02 Includes\Adware.sbi
2008-09-09 Includes\AdwareC.sbi
2008-06-03 Includes\Cookies.sbi
2008-09-02 Includes\Dialer.sbi
2008-09-09 Includes\DialerC.sbi
2008-07-23 Includes\HeavyDuty.sbi
2008-09-02 Includes\Hijackers.sbi
2008-09-02 Includes\HijackersC.sbi
2008-09-09 Includes\Keyloggers.sbi
2008-09-23 Includes\KeyloggersC.sbi
2004-11-29 Includes\LSP.sbi
2008-09-09 Includes\Malware.sbi
2008-09-23 Includes\MalwareC.sbi
2008-09-02 Includes\PUPS.sbi
2008-09-11 Includes\PUPSC.sbi
2007-11-07 Includes\Revision.sbi
2008-06-18 Includes\Security.sbi
2008-09-02 Includes\SecurityC.sbi
2008-06-03 Includes\Spybots.sbi
2008-06-03 Includes\SpybotsC.sbi
2008-09-09 Includes\Spyware.sbi
2008-09-23 Includes\SpywareC.sbi
2008-06-03 Includes\Tracks.uti
2008-09-16 Includes\Trojans.sbi
2008-09-23 Includes\TrojansC.sbi
2008-03-04 Plugins\Chai.dll
2008-03-05 Plugins\Fennel.dll
2008-02-26 Plugins\Mate.dll
2007-12-24 Plugins\TCPIPAddress.dll
Located: HK_LM:Run, F-Secure Manager
command: "C:\Program Files\Securitoo\av_fw\Common\FSM32.EXE" /splash
file: C:\Program Files\Securitoo\av_fw\Common\FSM32.EXE
size: 122929
MD5: 855E795383BED05C481575BD0C1C0D37
Located: HK_LM:Run, F-Secure Startup Wizard
command: "C:\Program Files\Securitoo\av_fw\FSGUI\FSSW.EXE" /reboot
file: C:\Program Files\Securitoo\av_fw\FSGUI\FSSW.EXE
size: 372736
MD5: D90838CBC9F7412EE26DCC17617E4D17
Located: HK_LM:Run, F-Secure TNB
command: "C:\Program Files\Securitoo\av_fw\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW
file: C:\Program Files\Securitoo\av_fw\TNB\TNBUtil.exe
size: 700416
MD5: 9153905D790DC0ADC7B992D0C948D247
Located: HK_LM:Run, iTunesHelper
command: "C:\Program Files\iTunes\iTunesHelper.exe"
file: C:\Program Files\iTunes\iTunesHelper.exe
size: 278528
MD5: 8778072A594E1310C0B7D0A93771E8BD
Located: HK_LM:Run, NeroFilterCheck
command: C:\WINNT\system32\NeroCheck.exe
file: C:\WINNT\system32\NeroCheck.exe
size: 155648
MD5: 3E4C03CEFAD8DE135263236B61A49C90
Located: HK_LM:Run, News Service
command: "C:\Program Files\Securitoo\av_fw\FSGUI\ispnews.exe"
file: C:\Program Files\Securitoo\av_fw\FSGUI\ispnews.exe
size: 356352
MD5: 329F9DE88C88917E08F7F3D75704F23B
Located: HK_LM:Run, NvCplDaemon
command: RUNDLL32.EXE C:\WINNT\system32\NvCpl.dll,NvStartup
file: C:\WINNT\system32\NvCpl.dll
size: 7618560
MD5: 4BCC78C649D5B117F664CB83B6A791A2
Located: HK_LM:Run, nwiz
command: nwiz.exe /install
file: C:\WINNT\system32\nwiz.exe
size: 1519616
MD5: 7AC98888346124460CC78860A3C73DF3
Located: HK_LM:Run, QuickTime Task
command: "C:\Program Files\QuickTime\qttask.exe" -atboottime
file: C:\Program Files\QuickTime\qttask.exe
size: 282624
MD5: CAF03357DE72F8F19FA099581A685C1A
Located: HK_LM:Run, SoundMan
command: SOUNDMAN.EXE
file: C:\WINNT\SOUNDMAN.EXE
size: 46592
MD5: 04F314D0C39C32166CDBDE1D20267313
Located: HK_LM:Run, SPAMfighter Agent
command: "C:\Program Files\SPAMfighter\SFAgent.exe" update delay 60
file: C:\Program Files\SPAMfighter\SFAgent.exe
size: 321672
MD5: A7F4488E2A196F5CDC5B9DD5B8F66DE3
Located: HK_LM:Run, Synchronization Manager
command: mobsync.exe /logon
file: C:\WINNT\system32\mobsync.exe
size: 111888
MD5: 25927F36C86159F0D55288F4FED12D93
Located: HK_LM:Run, DSLWizard (DISABLED)
command: C:\Program Files\Conexant\Kit ADSL\Setup.exe -r
file: C:\Program Files\Conexant\Kit ADSL\Setup.exe
size: 6144000
MD5: 7D484011AC17040998726F438AE3D93B
Located: HK_LM:Run, eCarteBleue-LPV-P1 (DISABLED)
command: "C:\Program Files\e-Carte Bleue\LA BANQUE POSTALE\CVD VISA\ECB.exe" /dontopenmycards
file: C:\Program Files\e-Carte Bleue\LA BANQUE POSTALE\CVD VISA\ECB.exe
size: 200704
MD5: 82890D031025F792CBB740FE1C5CA82F
Located: HK_LM:Run, NvMediaCenter (DISABLED)
command: RUNDLL32.EXE C:\WINNT\system32\NvMcTray.dll,NvTaskbarInit
file: C:\WINNT\system32\NvMcTray.dll
size: 86016
MD5: AF6AE431B9B063304F37AD052A5A1E66
Located: HK_LM:Run, QuickTime Task (DISABLED)
command: "C:\Program Files\QuickTime\qttask.exe" -atboottime
file: C:\Program Files\QuickTime\qttask.exe
size: 282624
MD5: CAF03357DE72F8F19FA099581A685C1A
Located: HK_LM:Run, SunJavaUpdateSched (DISABLED)
command: C:\Program Files\Java\jre1.5.0\bin\jusched.exe
file: C:\Program Files\Java\jre1.5.0\bin\jusched.exe
size: 36972
MD5: FFC7A8AA516B0D2A27DADF146EB538CC
Located: HK_LM:Run, TkBellExe (DISABLED)
command: "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
file: C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
size: 185784
MD5: 8A71139A5CD86AC55CF0E4383AB4AE33
Located: HK_LM:Run, ViewMgr (DISABLED)
command: C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
file: C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
size: 111816
MD5: A36E74BA7528A67A51BC4AFF3A50333D
Located: HK_CU:Run, internat.exe
where: .DEFAULT...
command: internat.exe
file: C:\WINNT\system32\internat.exe
size: 20752
MD5: 406B12788886496BD299C3F9E5E310D0
Located: HK_CU:RunOnce, ^SetupICWDesktop
where: .DEFAULT...
command: C:\Program Files\Internet Explorer\Connection Wizard\icwconn1.exe /desktop
file: C:\Program Files\Internet Explorer\Connection Wizard\icwconn1.exe
size: 189712
MD5: C5BF330589172E4585D44FE8CFFBD57A
Located: HK_CU:RunOnce, NeroHomeFirstStart
where: PE_C_ALL USERS...
command: C:\Program Files\Fichiers communs\Ahead\Lib\NMFirstStart.exe
file: C:\Program Files\Fichiers communs\Ahead\Lib\NMFirstStart.exe
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: HK_CU:Run, SpybotSD TeaTimer
where: S-1-5-21-1409082233-1383384898-1343024091-1000...
command: C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
file: C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
size: 1832272
MD5: FFB5BAC9C29303904365640A2E2A6D0C
Located: HK_CU:Run, swg
where: S-1-5-21-1409082233-1383384898-1343024091-1000...
command: C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
file: C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
size: 68856
MD5: E616A6A6E91B0A86F2F6217CDE835FFE
Located: HK_CU:Run, NCLaunch (DISABLED)
where: S-1-5-21-1409082233-1383384898-1343024091-1000...
command: C:\WINNT\NCLAUNCH.EXe
file: C:\WINNT\NCLAUNCH.EXe
size: 40960
MD5: 59CB2A9964E88DF1849003A6CF64F7A4
Located: Démarrage (tous utilisateurs), Securitoo.lnk
where: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage...
command: C:\Program Files\Securitoo\av_fw\backweb\6588780\Program\fspex.exe
file: C:\Program Files\Securitoo\av_fw\backweb\6588780\Program\fspex.exe
size: 32807
MD5: 06A450D9BC976A32DA59CD31C6293143
Located: Démarrage (utilisateur), A Note.lnk
where: C:\Documents and Settings\ARGENCE\Menu Démarrer\Programmes\Démarrage...
command: C:\Program Files\A Note\A Note.exe
file: C:\Program Files\A Note\A Note.exe
size: 622592
MD5: 7C6E33B45786149EA2E9300023694BDE
Located: Démarrage (utilisateur), SAM.lnk
where: C:\Documents and Settings\ARGENCE\Menu Démarrer\Programmes\Démarrage...
command: C:\Program Files\SAM\SAM.exe
file: C:\Program Files\SAM\SAM.exe
size: 1765376
MD5: A3A8B52B4494753A711E20E25F41E4B4
Located: WinLogon, crypt32chain
command: crypt32.dll
file: crypt32.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: WinLogon, cryptnet
command: cryptnet.dll
file: cryptnet.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: WinLogon, cscdll
command: cscdll.dll
file: cscdll.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: WinLogon, nwprovau
command: nwprovau.dll
file: nwprovau.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: WinLogon, sclgntfy
command: sclgntfy.dll
file: sclgntfy.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: WinLogon, SensLogn
command: WlNotify.dll
file: WlNotify.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: WinLogon, wzcnotif
command: wzcdlg.dll
file: wzcdlg.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!