Sujet Précédent Sujet Suivant

Virus et tou se qui suis :s

Résolu
devilserum Messages postés 23 Date d'inscription   Statut Membre Dernière intervention   -  
devilserum Messages postés 23 Date d'inscription   Statut Membre Dernière intervention   -
Bonjour,

Voilà, j'ai reçu un pc chez moi pour le nétoyer (la poussière et en même temp voir les programme a la c**) car il ram a mort,

Après avoir vérifier tout les processus, je me suis rendu compte qu'il-y aver 2 virus minimum, le premier c'est Issas.exe et l'autre c'est csrss.exe, j'ai passé le pc avec "Trojan Remover" et "Fx sasser"(l'antidote) et rien ni fait, ils sont toujour la.. avez-vous une petite idée de comment les suprimer ?

Je vous et préparer un log hjt si sa vous dit ;) et si besoin, je suis près a faire d'autre scan/log et instal des programme convenent au problèmme ;) donc si besoin n'hésiter pas a demander ;)

D'avance merci de consacrer votre temp pour mon problèmme ;)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:33, on 5/01/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\InterVideo\DeviceService\DevSvc.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\mdm.exe
C:\Program Files\Norton Internet Security\Engine\16.2.0.7\ccSvcHst.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Norton Internet Security\Engine\16.2.0.7\ccSvcHst.exe
C:\WINDOWS\Explorer.EXE
C:\Windows\System32\VisualTaskTips.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe
C:\PROGRA~1\MUSICM~1\MUSICM~1\MMDiag.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Musicmatch\Musicmatch Jukebox\mim.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Windows Sidebar\Gadgets\livemessenger.gadget\Connector\CenerTCPMessenger.exe
C:\Documents and Settings\Administrateur\Bureau\testHJT.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.fr/keyword/%s
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.be/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.fr/keyword/%s
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe
O2 - BHO: (no name) - {34F0D3A3-2E47-4F80-B8E7-A8AA4CD8B9AB} - C:\WINDOWS\system32\hgGayxxX.dll (file missing)
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\16.2.0.7\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\16.2.0.7\IPSBHO.DLL
O2 - BHO: (no name) - {6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C} - C:\WINDOWS\system32\ddcCRhEV.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: {1f1e4e0c-1f10-8c6b-4084-ee07cb939fac} - {caf939bc-70ee-4804-b6c8-01f1c0e4e1f1} - C:\WINDOWS\system32\oicvoz.dll
O3 - Toolbar: StylerToolBar - {D2F8F919-690B-4EA2-9FA7-A203D1E04F75} - C:\Program Files\styler\TB\StylerTB.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\16.2.0.7\coIEPlg.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [UberIcon] "C:\Program Files\UberIcon\UberIcon Manager.exe"
O4 - HKLM\..\Run: [VisualTaskTips] C:\Windows\System32\VisualTaskTips.exe
O4 - HKLM\..\Run: [Vistadrv] C:\WINDOWS\system32\Vistadrive\vsdrv.exe
O4 - HKLM\..\Run: [TransBar] C:\Windows\System32\TransBar.exe /s
O4 - HKLM\..\Run: [Styler] C:\Program Files\styler\Styler.exe
O4 - HKLM\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Belgacom] "C:\Program Files\Belgacom\bin\sprtcmd.exe" /P Belgacom
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe"
O4 - HKLM\..\Run: [MimBoot] C:\PROGRA~1\MUSICM~1\MUSICM~1\mimboot.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\K-Lite Codec Pack\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\RunOnce: [WIAWizardMenu] RUNDLL32.EXE C:\WINDOWS\system32\sti_ci.dll,WiaCreateWizardMenu
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - D:\Titan Poker\casino.exe (file missing)
O9 - Extra 'Tools' menuitem: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - D:\Titan Poker\casino.exe (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: (no name) - Cmdmapping - (no file) (HKCU)
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: symres - {AA1061FE-6C41-421F-9344-69640C9732AB} - C:\Program Files\Norton Internet Security\Engine\16.2.0.7\coIEPlg.dll
O20 - AppInit_DLLs: oicvoz.dll
O20 - Winlogon Notify: ddcCRhEV - C:\WINDOWS\SYSTEM32\ddcCRhEV.dll
O23 - Service: Capture Device Service - InterVideo Inc. - C:\Program Files\Fichiers communs\InterVideo\DeviceService\DevSvc.exe
O23 - Service: Indexing Service (CiSvc) - Unknown owner - C:\WINDOWS\system32\cisvc.exe (file missing)
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: Norton Internet Security - Symantec Corporation - C:\Program Files\Norton Internet Security\Engine\16.2.0.7\ccSvcHst.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
A voir également:

18 réponses

Réponse 1 / 18
jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 040
 
slt ok il y a une infection vundo notamment ...

télécharge combofix (par sUBs) ici :

http://download.bleepingcomputer.com/sUBs/ComboFix.exe

et enregistre le sur le bureau.

déconnecte toi d'internet et ferme toutes tes applications.

désactive tes protections (antivirus, parefeu, garde en temps réel de l'antispyware)

double-clique sur combofix.exe et suis les instructions

à la fin, il va produire un rapport C:\ComboFix.txt

réactive ton parefeu, ton antivirus, la garde de ton antispyware

copie/colle le rapport C:\ComboFix.txt dans ta prochaine réponse.

Attention, n'utilise pas ta souris ni ton clavier (ni un autre système de pointage) pendant que le programme tourne. Cela pourrait figer l'ordi.

Tu as un tutoriel complet ici :

https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix

puis remets un rapport hijakchits
0
Réponse 2 / 18
devilserum Messages postés 23 Date d'inscription   Statut Membre Dernière intervention  
 
Salut jlpjlp, merci de ta réponce très rapide ;)

Voila, j'ai scan avec combo fix, je doit bien metre combofix2 ( si c'est bien le log ici ? car j'ai aussi combofix-quarantined-file ?
0
Réponse 3 / 18
jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 040
 
oui colle le rapport
0
Réponse 4 / 18
devilserum Messages postés 23 Date d'inscription   Statut Membre Dernière intervention  
 
ComboFix 08-07-21.2 - Administrateur 2008-07-22 13:27:21.1 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.33.1036.18.638 [GMT 2:00]
Endroit: C:\Documents and Settings\Administrateur\Bureau\ComboFix.exe
* Création d'un nouveau point de restauration

[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\Administrateur\Favoris\Error Cleaner.url
C:\Documents and Settings\Administrateur\Favoris\Privacy Protector.url
C:\Documents and Settings\Administrateur\Favoris\Spyware&Malware Protection.url
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat
C:\WINDOWS\system32\cbXppomj.dll
C:\WINDOWS\system32\jkkIXnoP.dll
C:\WINDOWS\system32\mhjkzl.dll
C:\WINDOWS\system32\mmqjexds.ini
C:\WINDOWS\system32\pmnlkIXp.dll
C:\WINDOWS\system32\PonXIkkj.ini
C:\WINDOWS\system32\PonXIkkj.ini2
C:\WINDOWS\system32\sdxejqmm.dll
C:\WINDOWS\system32\sxiojjgk.dll
C:\WINDOWS\system32\sysdm.exe

----- BITS: Possible sites infect‚s -----

https://genius.belgacom.be
.
((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-06-22 to 2008-07-22 ))))))))))))))))))))))))))))))))))))
.

2008-07-22 10:43 . 2008-07-22 11:13 96,966 --a------ C:\WINDOWS\system32\drivers\klin.dat
2008-07-22 10:43 . 2008-07-22 11:13 88,774 --a------ C:\WINDOWS\system32\drivers\klick.dat
2008-07-22 10:41 . 2008-07-22 10:41 <REP> d-------- C:\Program Files\Kaspersky Lab
2008-07-22 10:41 . 2008-07-22 11:53 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2008-07-22 10:41 . 2008-07-22 13:31 10,784 --ahs---- C:\WINDOWS\system32\drivers\fidbox.dat
2008-07-22 10:41 . 2008-07-22 13:31 1,164 --ahs---- C:\WINDOWS\system32\drivers\fidbox.idx
2008-07-22 10:41 . 2008-07-22 13:31 32 --ahs---- C:\WINDOWS\system32\drivers\fidbox2.idx
2008-07-22 10:41 . 2008-07-22 13:31 32 --ahs---- C:\WINDOWS\system32\drivers\fidbox2.dat
2008-07-22 08:35 . 2008-07-22 08:35 <REP> d-------- C:\WINDOWS\system32\Kaspersky Lab
2008-07-16 12:27 . 2008-07-16 12:27 268 --ah----- C:\sqmdata10.sqm
2008-07-16 12:27 . 2008-07-16 12:27 268 --ah----- C:\sqmdata09.sqm
2008-07-16 12:27 . 2008-07-16 12:27 244 --ah----- C:\sqmnoopt10.sqm
2008-07-16 12:27 . 2008-07-16 12:27 244 --ah----- C:\sqmnoopt09.sqm
2008-07-15 12:16 . 2008-07-15 12:16 268 --ah----- C:\sqmdata08.sqm
2008-07-15 12:16 . 2008-07-15 12:16 244 --ah----- C:\sqmnoopt08.sqm
2008-07-14 21:42 . 2008-07-14 21:42 <REP> d-------- C:\Logs
2008-07-14 21:41 . 2008-07-14 21:41 <REP> d-------- C:\Program Files\Fichiers communs\Blizzard Entertainment

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-06-25 10:30 --------- d-----w C:\Documents and Settings\Administrateur\Application Data\LimeWire
2008-06-09 19:23 --------- d-----w C:\Program Files\Belgacom
2007-06-20 16:05 16,384 --sha-w C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat
2007-06-20 16:05 16,384 --sha-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Historique\History.IE5\index.dat
2007-06-20 16:05 32,768 --sha-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
.

------- Sigcheck -------

2004-08-28 16:00 360576 c7be59b07c6eb74bea6fd67c1b164015 C:\WINDOWS\system32\drivers\tcpip.sys

2004-08-28 16:00 507904 fb66744d525ea5df9a719f1db9b2dff4 C:\WINDOWS\system32\winlogon.exe

2004-08-28 16:00 25088 43836cffabac8d6779e8ee55e308df2c C:\WINDOWS\system32\ctfmon.exe

2004-08-28 16:00 57856 ad3d9d191aea7b5445fe1d82ffbb4788 C:\WINDOWS\system32\spoolsv.exe
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2007-01-10 21:59 1235456]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-28 16:00 25088]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-02-26 08:29 68856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-04-19 13:26 7700480]
"UberIcon"="C:\Program Files\UberIcon\UberIcon Manager.exe" [2005-08-12 20:52 180224]
"VisualTaskTips"="C:\Windows\System32\VisualTaskTips.exe" [2004-08-28 16:00 36864]
"Vistadrv"="C:\WINDOWS\system32\Vistadrive\vsdrv.exe" [2006-07-30 03:37 121089]
"TransBar"="C:\Windows\System32\TransBar.exe" [2004-08-28 16:00 65536]
"Styler"="C:\Program Files\styler\Styler.exe" [2006-05-03 11:48 307200]
"TopDesk"="C:\WINDOWS\system32\topdesk.exe" [2004-08-28 16:00 195584]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2007-01-10 21:59 1235456]
"RemoteControl"="C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" [2006-12-06 18:37 69216]
"LanguageShortcut"="C:\Program Files\CyberLink\PowerDVD\Language\Language.exe" [2006-12-05 22:55 54832]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2007-04-19 13:26 86016]
"Belgacom"="C:\Program Files\Belgacom\bin\sprtcmd.exe" [2006-06-22 09:34 192512]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe" [2007-12-14 04:42 144784]
"MimBoot"="C:\PROGRA~1\MUSICM~1\MUSICM~1\mimboot.exe" [2006-01-19 11:06 11776]
"AVP"="C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe" [2008-04-25 18:21 201992]
"nwiz"="nwiz.exe" [2007-04-19 13:26 1626112 C:\WINDOWS\system32\nwiz.exe]
"RTHDCPL"="RTHDCPL.EXE" [2007-06-13 14:49 16377344 C:\WINDOWS\RTHDCPL.exe]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"WIAWizardMenu"="C:\WINDOWS\system32\sti_ci.dll" [2004-08-28 16:00 678912]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoSMHelp"= 1 (0x1)

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoSMHelp"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.mpegacm"= mpegacm.acm
"msacm.ulmp3acm"= ulmp3acm.acm
"msacm.dvacm"= C:\PROGRA~1\FICHIE~1\ULEADS~1\vio\dvacm.acm

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"C:\\Program Files\\LimeWire\\LimeWire.exe"=
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"C:\\Program Files\\MSN Messenger\\livecall.exe"=

R0 klbg;Kaspersky Lab Boot Guard Driver;C:\WINDOWS\system32\drivers\klbg.sys [2008-01-29 18:29]
R2 {95808DC4-FA4A-4c74-92FE-5B863F82066B};{95808DC4-FA4A-4c74-92FE-5B863F82066B};C:\Program Files\CyberLink\PowerDVD\[u]0[/u]00.fcl [2006-11-02 16:51]
R3 KLFLTDEV;Kaspersky Lab KLFltDev;C:\WINDOWS\system32\DRIVERS\klfltdev.sys [2008-03-13 19:02]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;C:\WINDOWS\system32\DRIVERS\klim5.sys [2008-03-25 20:07]
S3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 22:58]
S3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-12-29 00:58]

*Newly Created Service* - HELPSVC
.
Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es'
"2008-07-22 11:35:14 C:\WINDOWS\Tasks\MP Scheduled Scan.job"
- C:\Program Files\Windows Defender\MpCmdRun.exe
.
- - - - ORPHANS REMOVED - - - -

Toolbar-SaveLinksOrder - (no file)
Toolbar-Locked - (no file)
Toolbar-{3FCAEB7D-F8AE-4A67-AE6C-57EE1416BB6D} - C:\WINDOWS\qndsfmao.dll
Toolbar-ITBarLayout - (no file)
Toolbar-ITBarLayout - (no file)
Toolbar-ITBar7Position - (no file)
HKLM-Run-d887319f - C:\WINDOWS\system32\sdxejqmm.dll

.
------- Supplementary Scan -------
.
R0 -: HKCU-Main,Start Page = hxxp://www.google.fr/
R0 -: HKCU-Main,Default_Search_URL = hxxp://www.google.fr/keyword/%s
R0 -: HKLM-Main,Start Page = hxxp://www.google.fr
R1 -: HKCU-SearchURL,(Default) = hxxp://www.google.fr/keyword/%s
O8 -: Ajouter à Kaspersky Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm
O8 -: E&xporter vers Microsoft Excel - C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000

**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-07-22 13:33:44
Windows 5.1.2600 Service Pack 2 NTFS

Balayage processus cach‚s ...

Balayage cach‚ autostart entries ...

Balayage des fichiers cach‚s ...

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\{95808DC4-FA4A-4c74-92FE-5B863F82066B}]
"ImagePath"="\??\C:\Program Files\CyberLink\PowerDVD\[u]0[/u]00.fcl"
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Windows Defender\MsMpEng.exe
C:\Program Files\Fichiers communs\InterVideo\DeviceService\DevSvc.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\mdm.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Windows Sidebar\Gadgets\livemessenger.gadget\Connector\CenerTCPMessenger.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Musicmatch\Musicmatch Jukebox\mim.exe
C:\PROGRA~1\MUSICM~1\MUSICM~1\MMDiag.exe
.
**************************************************************************
.
Temps d'accomplissement: 2008-07-22 13:42:06 - machine was rebooted
ComboFix-quarantined-files.txt 2008-07-22 11:42:03

Pre-Run: 1,437,360,128 octets libres
Post-Run: 1,525,960,704 octets libres

173 --- E O F --- 2007-09-08 19:46:15
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 18
devilserum Messages postés 23 Date d'inscription   Statut Membre Dernière intervention  
 
Et je te mes le raport hjt :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:21, on 2009-01-05
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\InterVideo\DeviceService\DevSvc.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\mdm.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\UberIcon\UberIcon Manager.exe
C:\Windows\System32\VisualTaskTips.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Belgacom\bin\sprtcmd.exe
C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\PROGRA~1\MUSICM~1\MUSICM~1\MMDiag.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Musicmatch\Musicmatch Jukebox\mim.exe
C:\Program Files\Windows Sidebar\Gadgets\livemessenger.gadget\Connector\CenerTCPMessenger.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Documents and Settings\Administrateur\Bureau\testHJT.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.fr/keyword/%s
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.be/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.fr/keyword/%s
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - {34F0D3A3-2E47-4F80-B8E7-A8AA4CD8B9AB} - C:\WINDOWS\system32\hgGayxxX.dll (file missing)
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\16.2.0.7\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\16.2.0.7\IPSBHO.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: {73aff91d-3b4d-cfb8-4974-4de691a1e9fa} - {af9e1a19-6ed4-4794-8bfc-d4b3d19ffa37} - C:\WINDOWS\system32\csyexi.dll (file missing)
O2 - BHO: (no name) - {EA35218C-4B46-49A5-B532-90DB4EBE5D06} - C:\WINDOWS\system32\iifdbxVN.dll (file missing)
O3 - Toolbar: StylerToolBar - {D2F8F919-690B-4EA2-9FA7-A203D1E04F75} - C:\Program Files\styler\TB\StylerTB.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\16.2.0.7\coIEPlg.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [UberIcon] "C:\Program Files\UberIcon\UberIcon Manager.exe"
O4 - HKLM\..\Run: [VisualTaskTips] C:\Windows\System32\VisualTaskTips.exe
O4 - HKLM\..\Run: [Vistadrv] C:\WINDOWS\system32\Vistadrive\vsdrv.exe
O4 - HKLM\..\Run: [TransBar] C:\Windows\System32\TransBar.exe /s
O4 - HKLM\..\Run: [Styler] C:\Program Files\styler\Styler.exe
O4 - HKLM\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Belgacom] "C:\Program Files\Belgacom\bin\sprtcmd.exe" /P Belgacom
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe"
O4 - HKLM\..\Run: [MimBoot] C:\PROGRA~1\MUSICM~1\MUSICM~1\mimboot.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\K-Lite Codec Pack\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\RunOnce: [WIAWizardMenu] RUNDLL32.EXE C:\WINDOWS\system32\sti_ci.dll,WiaCreateWizardMenu
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - D:\Titan Poker\casino.exe (file missing)
O9 - Extra 'Tools' menuitem: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - D:\Titan Poker\casino.exe (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: (no name) - Cmdmapping - (no file) (HKCU)
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: symres - {AA1061FE-6C41-421F-9344-69640C9732AB} - C:\Program Files\Norton Internet Security\Engine\16.2.0.7\coIEPlg.dll
O23 - Service: Capture Device Service - InterVideo Inc. - C:\Program Files\Fichiers communs\InterVideo\DeviceService\DevSvc.exe
O23 - Service: Indexing Service (CiSvc) - Unknown owner - C:\WINDOWS\system32\cisvc.exe (file missing)
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: Norton Internet Security - Symantec Corporation - C:\Program Files\Norton Internet Security\Engine\16.2.0.7\ccSvcHst.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
0
Réponse 6 / 18
jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 040
 
Relance HijackThis, choisis "do a scan only" coche la case devant les lignes ci-dessous et clic en bas sur "fix checked".

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.fr/keyword/%s
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.fr/keyword/%s
O2 - BHO: (no name) - {34F0D3A3-2E47-4F80-B8E7-A8AA4CD8B9AB} - C:\WINDOWS\system32\hgGayxxX.dll (file missing)
O2 - BHO: {73aff91d-3b4d-cfb8-4974-4de691a1e9fa} - {af9e1a19-6ed4-4794-8bfc-d4b3d19ffa37} - C:\WINDOWS\system32\csyexi.dll (file missing)
O2 - BHO: (no name) - {EA35218C-4B46-49A5-B532-90DB4EBE5D06} - C:\WINDOWS\system32\iifdbxVN.dll (file missing)
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe"
O4 - HKLM\..\Run: [MimBoot] C:\PROGRA~1\MUSICM~1\MUSICM~1\mimboot.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\K-Lite Codec Pack\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O9 - Extra button: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - D:\Titan Poker\casino.exe (file missing)
O9 - Extra 'Tools' menuitem: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - D:\Titan Poker\casino.exe (file missing)
O23 - Service: Indexing Service (CiSvc) - Unknown owner - C:\WINDOWS\system32\cisvc.exe (file missing)

_______________________

tu télécharge Lop S&D.exe sur ton Bureau.https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2

* Double-clique dessus pour lancer l'installation
* Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau
* Séléctionne la langue souhaitée , puis choisis l'option 1 (Recherche)
* Patiente jusqu'à la fin du scan
* Poste le rapport généré (C:\lopR.txt)
0
Réponse 7 / 18
devilserum Messages postés 23 Date d'inscription   Statut Membre Dernière intervention  
 
Salut jlpjlp ;) hier avan d'aller dormir j'ai fait un scan adaware free et il ma trouver Win32.TrojanDownloader.NewMedia je les mi en quarantaine/suprimer sa va peut etre aider a virer encore une autre conneri ;)

voici le raport de loopsd :

--------------------\\ Lop S&D 4.2.5-0 XP/Vista

Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 2
X86-based PC ( Multiprocessor Free : AMD Athlon(tm) 64 X2 Dual Core Processor 5000+ )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : Administrateur ( Administrator )
BOOT : Normal boot
Antivirus : Norton Internet Security Online 16.0.0.125 (Activated)
Firewall : Norton Internet Security Online 16.0.0.125 (Activated)
C:\ (Local Disk) - NTFS - Total:9 Go (Free:0 Go)
D:\ (Local Disk) - NTFS - Total:28 Go (Free:21 Go)
E:\ (CD or DVD)
F:\ (CD or DVD)

"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [1] ( 2009-01-06| 6:49 )

--------------------\\ Listing des dossiers dans APPLIC~1

[2008-08-01|11:53] C:\DOCUME~1\ADMINI~1\APPLIC~1\Adobe
[2007-06-20|20:13] C:\DOCUME~1\ADMINI~1\APPLIC~1\Ahead
[2008-07-31|12:22] C:\DOCUME~1\ADMINI~1\APPLIC~1\Apple Computer
[2007-07-01|15:17] C:\DOCUME~1\ADMINI~1\APPLIC~1\CyberLink
[2007-07-01|15:17] C:\DOCUME~1\ADMINI~1\APPLIC~1\DivX
[2008-07-24|14:36] C:\DOCUME~1\ADMINI~1\APPLIC~1\FileZilla
[2008-02-25|12:55] C:\DOCUME~1\ADMINI~1\APPLIC~1\Google
[2007-06-20|17:12] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities
[2007-08-29|16:49] C:\DOCUME~1\ADMINI~1\APPLIC~1\Lavasoft
[2008-12-26|15:39] C:\DOCUME~1\ADMINI~1\APPLIC~1\LimeWire
[2007-06-20|20:34] C:\DOCUME~1\ADMINI~1\APPLIC~1\Macromedia
[2008-02-15|17:45] C:\DOCUME~1\ADMINI~1\APPLIC~1\Media Player Classic
[2009-01-04|03:03] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
[2008-07-31|23:59] C:\DOCUME~1\ADMINI~1\APPLIC~1\Mozilla
[2008-03-31|19:37] C:\DOCUME~1\ADMINI~1\APPLIC~1\Musicmatch
[2008-01-31|09:48] C:\DOCUME~1\ADMINI~1\APPLIC~1\Real
[2009-01-04|20:58] C:\DOCUME~1\ADMINI~1\APPLIC~1\Simply Super Software
[2007-06-20|17:12] C:\DOCUME~1\ADMINI~1\APPLIC~1\Styler
[2008-02-21|13:17] C:\DOCUME~1\ADMINI~1\APPLIC~1\Sun
[2007-06-20|19:44] C:\DOCUME~1\ADMINI~1\APPLIC~1\Ulead Systems
[2008-11-10|10:21] C:\DOCUME~1\ADMINI~1\APPLIC~1\uTorrent
[2007-06-20|19:42] C:\DOCUME~1\ADMINI~1\APPLIC~1\Xentient

[2008-09-30|18:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
[2008-07-31|12:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[2008-09-30|18:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[2008-02-25|16:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BOONTY
[2008-04-06|07:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CenerTCPMessenger
[2007-06-20|20:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[2008-12-10|14:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\DVD Shrink
[2009-01-05|14:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\EPSON
[2009-01-04|00:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[2007-06-20|17:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InterVideo
[2009-01-05|15:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
[2009-01-04|03:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[2007-06-22|17:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Help
[2008-12-28|14:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Norton
[2008-12-28|14:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NortonInstaller
[2007-06-20|20:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NVIDIA
[2007-06-20|17:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Real
[2007-06-25|19:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Support.com
[2007-06-26|14:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SupportSoft
[2008-12-31|15:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[2009-01-04|21:00] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[2007-06-20|17:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ulead Systems
[2007-06-20|17:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage

[2005-08-23|22:36] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[2007-06-20|17:02] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Real

[2007-06-20|17:11] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[2007-06-20|17:05] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[2009-01-06 06:35][--ah-----] C:\WINDOWS\tasks\MP Scheduled Scan.job
[2009-01-06 06:15][--ah-----] C:\WINDOWS\tasks\SA.DAT
[2004-08-28 15:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

--------------------\\ Listing des dossiers dans C:\Program Files

[2007-08-29|16:50] C:\Program Files\Ad-Aware
[2008-09-30|18:25] C:\Program Files\Apple Software Update
[2008-06-09|20:23] C:\Program Files\Belgacom
[2008-09-30|18:27] C:\Program Files\Bonjour
[2008-02-25|16:08] C:\Program Files\Boonty
[2008-02-25|16:26] C:\Program Files\BoontyGames
[2007-06-20|17:03] C:\Program Files\Cener Development
[2007-06-25|19:21] C:\Program Files\Common Files
[2006-06-14|17:46] C:\Program Files\Compare It!
[2007-06-20|16:50] C:\Program Files\ComPlus Applications
[2007-06-20|20:48] C:\Program Files\CyberLink
[2007-06-20|17:42] C:\Program Files\DivX
[2009-01-05|15:20] C:\Program Files\epson
[2006-10-24|06:44] C:\Program Files\Everest
[2009-01-05|15:03] C:\Program Files\Fichiers communs
[2009-01-04|00:46] C:\Program Files\Google
[2007-06-20|20:29] C:\Program Files\Hercules
[2006-06-14|17:46] C:\Program Files\IE Privacy Keeper
[2008-10-28|20:51] C:\Program Files\InstallShield Installation Information
[2009-01-05|15:18] C:\Program Files\Internet Explorer
[2008-09-30|18:27] C:\Program Files\iPod
[2008-09-30|18:28] C:\Program Files\iTunes
[2008-02-13|19:50] C:\Program Files\Java
[2007-06-20|17:02] C:\Program Files\K-Lite Codec Pack
[2008-02-13|19:53] C:\Program Files\LimeWire
[2007-06-22|17:21] C:\Program Files\Microsoft Office
[2007-06-22|17:21] C:\Program Files\Microsoft Visual Studio
[2007-06-22|17:21] C:\Program Files\Microsoft Works
[2007-06-22|17:20] C:\Program Files\Microsoft.NET
[2007-06-20|16:51] C:\Program Files\Movie Maker
[2008-04-25|05:29] C:\Program Files\MSN Messenger
[2007-06-20|17:01] C:\Program Files\MSXML 4.0
[2007-08-29|20:09] C:\Program Files\MSXML 6.0
[2008-03-31|19:38] C:\Program Files\Musicmatch
[2007-06-20|17:01] C:\Program Files\Nero
[2008-12-28|14:37] C:\Program Files\Norton Internet Security
[2009-01-01|10:08] C:\Program Files\Norton Support
[2008-12-28|14:36] C:\Program Files\NortonInstaller
[2007-06-21|17:02] C:\Program Files\Outlook Express
[2007-06-22|19:00] C:\Program Files\Realtek
[2004-08-04|14:19] C:\Program Files\Soft4Ever
[2007-06-20|17:12] C:\Program Files\Styler
[2007-06-25|19:24] C:\Program Files\SupportSoft
[2008-12-28|14:37] C:\Program Files\Symantec
[2006-07-05|02:20] C:\Program Files\TweakRAM
[2006-06-14|17:46] C:\Program Files\UberIcon
[2007-06-20|17:36] C:\Program Files\Ulead Systems
[2007-06-20|16:49] C:\Program Files\Uninstall Information
[2008-09-11|12:41] C:\Program Files\uTorrent
[2007-01-10|21:21] C:\Program Files\Windows Defender
[2007-06-20|17:03] C:\Program Files\Windows Media Player
[2007-01-10|21:20] C:\Program Files\Windows Sidebar
[2007-06-20|16:52] C:\Program Files\WindowsUpdate
[2007-06-20|17:02] C:\Program Files\Winrar

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

[2007-06-20|17:01] C:\Program Files\Fichiers communs\Ahead
[2008-07-31|12:20] C:\Program Files\Fichiers communs\Apple
[2008-07-14|20:41] C:\Program Files\Fichiers communs\Blizzard Entertainment
[2007-06-22|17:21] C:\Program Files\Fichiers communs\DESIGNER
[2007-06-20|17:42] C:\Program Files\Fichiers communs\InstallShield
[2007-06-20|17:42] C:\Program Files\Fichiers communs\InterVideo
[2008-02-13|19:49] C:\Program Files\Fichiers communs\Java
[2007-06-20|17:41] C:\Program Files\Fichiers communs\LightScribe
[2007-06-22|17:21] C:\Program Files\Fichiers communs\Microsoft Shared
[2007-06-20|16:51] C:\Program Files\Fichiers communs\MSSoap
[2007-06-20|18:44] C:\Program Files\Fichiers communs\ODBC
[2007-06-20|16:51] C:\Program Files\Fichiers communs\Services
[2007-06-25|19:24] C:\Program Files\Fichiers communs\Supportsoft
[2008-12-28|14:42] C:\Program Files\Fichiers communs\Symantec Shared
[2007-06-22|17:17] C:\Program Files\Fichiers communs\System
[2007-06-20|17:38] C:\Program Files\Fichiers communs\Ulead Systems
[2009-01-05|15:03] C:\Program Files\Fichiers communs\Wise Installation Wizard

--------------------\\ Process

( 39 Processes )

... OK !

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

C:\DOCUME~1\ADMINI~1\Cookies\administrateur@game-advertising-online[1].txt

--------------------\\ Verification du Registre

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE

--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-01-06 06:50:42
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 453

--------------------\\ Recherche d'autres infections

Aucune autre infection trouvée !

[F:31][D:1]-> C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp
[F:914][D:0]-> C:\DOCUME~1\ADMINI~1\Cookies
[F:12][D:8]-> C:\DOCUME~1\ADMINI~1\LOCALS~1\TEMPOR~1\content.IE5

1 - "C:\Lop SD\LopR_1.txt" - 2009-01-06| 6:54 - Option : [1]

--------------------\\ Fin du rapport a 6:54:08

--------------------------------------------------------------------------------------------------------------------

Merci a toi de prendre du temp pour moi ;) simpa sa :D
0
Réponse 8 / 18
jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 040
 
scan avec
MalwareByte's Anti-Malware après mise a jour, en mode normal et vire ce qui est trouvé et colle le rapport

https://www.malekal.com/tutoriel-malwarebyte-anti-malware/

____________________

Télécharges AD-Remover ( de Cyrildu17 / C_XX ) sur ton bureau :
http://sd-1.archive-host.com/membres/up/16506160323759868/AD-R.exe

/!\ Déconnectes toi et fermes toutes applications en cours

● Double clique sur le programme d'installation , et installe le dans son emplacement par défaut. ( C:\Program files )
● Double clique sur l'icône Ad-removersituée sur ton bureau
● Au menu principal choisi l'option "A"
● Postes le rapport qui apparait à la fin .

( le rapport est sauvegardé aussi sous C:\Ad-report(date).log )

(CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )

Note :

"Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.
0
Réponse 9 / 18
devilserum Messages postés 23 Date d'inscription   Statut Membre Dernière intervention  
 
salut ;) voici deja un des log, sa fait peur de voir se qui a dedan lol

Malwarebytes' Anti-Malware 1.32
Version de la base de données: 1624
Windows 5.1.2600 Service Pack 2

2009-01-06 15:01:10
mbam-log-2009-01-06 (15-01-10).txt

Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 99734
Temps écoulé: 1 hour(s), 39 minute(s), 55 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 3
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 1
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 28

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\instkey (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\qndsfmao.bvqe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\qndsfmao.toolbar.1 (Trojan.FakeAlert) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoSMHelp (Hijack.Help) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
C:\QooBox\Quarantine\C\WINDOWS\system32\aclzdz.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\awtqqpNg.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\bqsycvck.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\byXRJbBt.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\ddcCRhEV.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\fcccdCTn.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\gltndkam.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\hgGayxxX.dll.vir.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\hpdtdr.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\ivhagy.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\jrpkvn.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\ljJARjiF.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\ljJCSjiI.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\ljJYPigF.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\nnnmjkKA.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\oicvoz.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\pijfajph.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\pmnkKeCT.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\rqRIcdCv.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\rqRLEwxV.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\seiphcgu.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\ssqRHBUm.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\ttlkejqa.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\tuvSlmME.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\urqqpOFY.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\vtUkKaaB.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\yayxwXpp.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\yayxYSih.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.

---------------------------------------------------------------------------------------------------------------------------------------------------------

Maintenent je redemare et je telecharge le programme suivant ;) merci pour tout les lien ;)
0
Réponse 10 / 18
devilserum Messages postés 23 Date d'inscription   Statut Membre Dernière intervention  
 
Voici l raport de ad ;) celui la j'aime bien, va vite lui lol

------- Logfile of AD-Remover 1.0.8.5 by C_XX | ONLY XP/VISTA -------

# START at: 15:34:55 | Mar 06/01/2009 | Microsoft® Windows XP™ SP2 (v5.1.2600)
# BOOT MODE: Normal
# OPTION: Scan | EXECUTED FROM: C:\Program Files\Ad-remover\AD-Remover.bat
# PC: EA42E5004CD7411 | USER: Administrateur ( Current user is an administrator)
# DRIVE(S):
- C:\ (File System: NTFS)
- D:\ (File System: NTFS)
# Internet Explorer v7.0.5730.11

# RUNNING PROCESSES: 35

+-----------------------| Boonty/Boonty Games Elements found :

.
HKCU\SOFTWARE\Boonty
HKLM\Software\Boonty
.
C:\Program Files\Boonty
C:\Program Files\Boonty\Components
C:\Program Files\BoontyGames
C:\Program Files\BoontyGames\Alexandra Ledermann 5
C:\Program Files\BoontyGames\alexandraledermann5{297407}.exe
C:\Program Files\BoontyGames\Components
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Additionals
C:\Program Files\BoontyGames\Alexandra Ledermann 5\AL5_PosterBuilder.exe
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Alex.ico
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Alexandra Ledermann 5.exe
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Alexandra Ledermann 5_g.exe
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Boot.txt
C:\Program Files\BoontyGames\Alexandra Ledermann 5\BootImport.txt
C:\Program Files\BoontyGames\Alexandra Ledermann 5\BuildingBlocks
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Characters
C:\Program Files\BoontyGames\Alexandra Ledermann 5\CK2.dll
C:\Program Files\BoontyGames\Alexandra Ledermann 5\CKZlib.dll
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Config.dll
C:\Program Files\BoontyGames\Alexandra Ledermann 5\desinst.exe
C:\Program Files\BoontyGames\Alexandra Ledermann 5\desinst.ini
C:\Program Files\BoontyGames\Alexandra Ledermann 5\DynElems
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Features
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Fenetre.bmp
C:\Program Files\BoontyGames\Alexandra Ledermann 5\fenetrepop.bmp
C:\Program Files\BoontyGames\Alexandra Ledermann 5\file.1
C:\Program Files\BoontyGames\Alexandra Ledermann 5\FLEXnet Activation Service Installer.dll
C:\Program Files\BoontyGames\Alexandra Ledermann 5\INSTALL.LOG
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Levels
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Log.txt
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Managers
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Manuel.pdf
C:\Program Files\BoontyGames\Alexandra Ledermann 5\mfc71.dll
C:\Program Files\BoontyGames\Alexandra Ledermann 5\mfc71d.dll
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Modules.txt
C:\Program Files\BoontyGames\Alexandra Ledermann 5\msvcp71.dll
C:\Program Files\BoontyGames\Alexandra Ledermann 5\msvcp71d.dll
C:\Program Files\BoontyGames\Alexandra Ledermann 5\msvcr71.dll
C:\Program Files\BoontyGames\Alexandra Ledermann 5\msvcr71d.dll
C:\Program Files\BoontyGames\Alexandra Ledermann 5\nk2.dll
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Plugins
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Project.cmo
C:\Program Files\BoontyGames\Alexandra Ledermann 5\register
C:\Program Files\BoontyGames\Alexandra Ledermann 5\RenderEngines
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Saves
C:\Program Files\BoontyGames\Alexandra Ledermann 5\SHELL_DEFAULT_HTML
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Sounds
C:\Program Files\BoontyGames\Alexandra Ledermann 5\SpMU.lnk
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Sprites
C:\Program Files\BoontyGames\Alexandra Ledermann 5\unins000.dat
C:\Program Files\BoontyGames\Alexandra Ledermann 5\unins000.exe
C:\Program Files\BoontyGames\Alexandra Ledermann 5\uninst.exe
C:\Program Files\BoontyGames\Alexandra Ledermann 5\VCrypt.dll
C:\Program Files\BoontyGames\Alexandra Ledermann 5\VirtoolsView.dll
C:\Program Files\BoontyGames\Alexandra Ledermann 5\vskgxevrevk
C:\Program Files\BoontyGames\Alexandra Ledermann 5\VSLRT.dll
C:\Program Files\BoontyGames\Alexandra Ledermann 5\vsutils.dll
C:\Program Files\BoontyGames\Alexandra Ledermann 5\VxMath.dll
C:\Program Files\BoontyGames\Alexandra Ledermann 5\website.url
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Xtras
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Additionals\HorseBrush.nmo
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Additionals\HorseScrapeDirt.nmo
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Additionals\HorseShadow.nmo
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Additionals\ObstacleIcon.NMO
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Additionals\Textures
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Additionals\Textures\HorseScrapeDirt
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Additionals\Textures\HorseShadow
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Additionals\Textures\HorseScrapeDirt\blanc.jpg
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Additionals\Textures\HorseScrapeDirt\roche01.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Additionals\Textures\HorseScrapeDirt\sabot copy2.jpg
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Additionals\Textures\HorseScrapeDirt\sabot mask.jpg
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Additionals\Textures\HorseShadow\HorseShadow.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Dialogs.txt
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Fonts
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Movies
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Texts.txt
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Fonts\Font1024.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Movies\IntroLexis.mpg
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Movies\IntroUbi.mpg
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\Common
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DBoxInfo
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DCar
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DDia
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DDre
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DFoo
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DFor
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DHCom
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DInv
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DLetterIntro
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DLetterNot
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DPause
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DRan
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DShp
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DYes
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\HiRInteractives
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\MBui
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\MClo
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\MCre
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\MHor
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\MIni
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\MInt
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\MLoad
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\MLst
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\MNam
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\MOpt
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\MTra
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\Poster
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\Common\DBoxReturnArrow.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\Common\DBoxReturnBack.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\Common\DDownArrow.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\Common\DNextArrow.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\Common\DOk.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\Common\DQuit.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\Common\DReturn.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\Common\DUpArrow.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\Common\MBack2.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\Common\MBackBedroom.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\Common\MBackCivil.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\Common\MBackContest.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\Common\MBackCross.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\Common\MBackDressage.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\Common\MBackJump.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\Common\MBackManor.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\Common\MLeftArrow.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\Common\MLittleArrow.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\Common\MLogo.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\Common\MNext.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\Common\MOptApply.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\Common\MRightArrow.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DBoxInfo\DBoxInfo.nmo
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DBoxInfo\DBoxInfoBack.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DCar\DCar.nmo
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DCar\DCarBack.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DCar\DCarCup1.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DCar\DCarCup2.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DCar\DCarCup3.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DCar\DCarCup4.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DCar\DCarCup5.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DCar\DCarFigRoll.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DCar\DCarGauge.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DCar\DCarHeightJump1.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DCar\DCarHeightJump2.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DCar\DCarHeightJump3.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DCar\DCarImprove.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DCar\DCarLearn.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DCar\DCarLengthJump1.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DCar\DCarLengthJump2.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DCar\DCarLengthJump3.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DCar\DCarlevel.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DCar\DCarOk.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DCar\DCarSelect.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DDia\DDia.nmo
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DDia\DDiaBack.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DDre\DDre.nmo
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DDre\DDreABack.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DDre\DDreABigGallop.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DDre\DDreAGallop.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DDre\DDreAGatherGallop.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DDre\DDreAGatherSmallGallop.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DDre\DDreAGatherStep.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DDre\DDreAGatherTrot.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DDre\DDreAHello.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DDre\DDreAHipLeftTrot.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DDre\DDreAHipRightTrot.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DDre\DDreALongGallop.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DDre\DDreALongSmallGallop.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DDre\DDreALongStep.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DDre\DDreALongTrot.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DDre\DDreAPiaffer.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DDre\DDreASalute.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DDre\DDreASmallGallop.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DDre\DDreAStep.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DDre\DDreATrot.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DDre\DDreAWait.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DDre\DDreBorder.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DDre\DDreCBack.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DDre\DDreHighLight.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DFoo\DFoo.nmo
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DFoo\DFooBack.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DFor\DFor.nmo
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DFor\DForBack.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DFor\DForContest1.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DFor\DForContest2.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DFor\DForContest3.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DFor\DForContest4.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DFor\DForContest5.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DFor\DForSubscribe.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DFor\DForSuscribe.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DHCom\DHCom.nmo
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DHCom\DHComGauge.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DHCom\DHComGaugeBack.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DHCom\DHComGaugeMax.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DHCom\DHComXPLevelBack.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DInv\DInv.nmo
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DInv\DInvBack.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DInv\DInvObserve.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DInv\DInvSelect.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DInv\DInvSlotBlank.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DInv\DInvUse.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DLetterIntro\DLetterIntro.nmo
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DLetterIntro\DLetterIntroLogo.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DLetterNot\DLetterNot.nmo
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DLetterNot\DLetterNot.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DPause\DPause.nmo
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DPause\DPauseBack.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DPause\DPauseContinue.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DPause\DPauseQuit.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DPause\DPauseReplay.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DPause\DPauseSave.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DRan\DRan.nmo
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DRan\DRanArrow.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DRan\DRanBack.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DRan\DRanContest1.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DRan\DRanContest2.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DRan\DRanContest3.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DRan\DRanContest4.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DRan\DRanContest5.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DRan\DRanCross.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DRan\DRanCumul.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DRan\DranDressage.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DRan\DRanJump.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DShp\DBackVillage.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DShp\descript.ion
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DShp\DShp.nmo
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DShp\DShpBack.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DShp\DShpBrush01.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DShp\DShpBrush02.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DShp\DShpBrush03.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DShp\DShpBuy.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DShp\DShpCarpet02.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DShp\DShpCarpet03.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DShp\DShpCarpet04.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DShp\DShpCarpet05.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DShp\DShpCarpet06.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DShp\DShpCarpet07.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DShp\DShpCarpet08.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DShp\DShpCarpet09.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DShp\DShpCarpet10.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DShp\DShpCarpet11.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DShp\DShpCarpet12.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DShp\DShpCarpet13.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DShp\DShpCarpet14.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DShp\DShpCarpet15.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DShp\DShpCarpet16.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DShp\DShpCarpet17.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DShp\DShpCarpet18.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DShp\DShpCarrot.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DShp\DShpCereal.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DShp\DShpCredits.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DShp\DShpCro1.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DShp\DShpCro2.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DShp\DShpCro5.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DShp\DShpDre1.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DShp\DShpDre2.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DShp\DShpDre5.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DShp\DShpECi_Shoes02.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DShp\DShpECi_Shoes03.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DShp\DShpECi_Shoes04.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DShp\DShpECi_Shoes05.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DShp\DShpECi_Shoes06.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DShp\DShpECi_Shoes07.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DShp\DShpECi_Shoes08.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DShp\DShpECi_Trousers02.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DShp\DShpECi_Trousers03.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DShp\DShpECi_Trousers04.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DShp\DShpECi_Trousers05.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DShp\DShpECi_Trousers06.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DShp\DShpECi_Trousers07.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DShp\DShpECi_Trousers08.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DShp\DShpECi_TShirt02.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DShp\DShpECi_TShirt03.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DShp\DShpECi_TShirt04.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DShp\DShpECi_TShirt05.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DShp\DShpECi_TShirt06.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DShp\DShpECi_TShirt07.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DShp\DShpECi_TShirt08.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DShp\DShpECr_02.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DShp\DShpECr_03.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DShp\DShpECr_04.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DShp\DShpECr_05.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DShp\DShpECr_06.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DShp\DShpECr_07.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DShp\DShpECr_08.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DShp\DShpECt_02.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DShp\DShpECt_03.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DShp\DShpECt_04.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DShp\DShpECt_05.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DShp\DShpECt_06.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DShp\DShpECt_07.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DShp\DShpECt_08.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DShp\DShpECt_09.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DShp\DShpFaceClothes.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DShp\DShpFaceDress.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DShp\DShpFaceFood.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DShp\DShpFaceImp.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DShp\DShpFaceSaddles.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DShp\DShpGaiter02.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DShp\DShpGaiter03.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DShp\DShpGaiter04.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DShp\DShpGaiter05.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DShp\DShpGaiter06.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DShp\DShpGaiter07.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DShp\DShpGaiter08.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DShp\DShpGranulate.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DShp\DShpHay.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DShp\DShpHMea.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DShp\DShpJum1.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DShp\DShpJum2.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DShp\DShpJum5.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DShp\DShpOats.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DShp\DShpObtain.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DShp\DShpOHCar.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DShp\DShpOHHar.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DShp\DShpOHSit.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DShp\DShpOHSt1.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DShp\DShpOHSt2.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DShp\DShpOHVan1.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DShp\DShpOHVan2.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DShp\DShpOHVan3.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DShp\DShpOHVet.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DShp\DShpRenovate.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DShp\DShpSaddle02.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DShp\DShpSaddle03.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DShp\DShpSaddle04.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DShp\DShpSaddle05.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DShp\DShpSaddle06.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DShp\DShpSaddle07.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DShp\DShpSaddle08.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DShp\DShpSugar.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DYes\DYes.nmo
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DYes\DYesBorder.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DYes\DYesNo.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\DYes\DYesYes.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\HiRInteractives\AFarmersTitle.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\HiRInteractives\HLetter.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\HiRInteractives\HPlantCard1.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\HiRInteractives\HPlantCard2.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\HiRInteractives\HPlantCard3.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\HiRInteractives\HPlantCard4.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\HiRInteractives\HSaddlersCard.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\HiRInteractives\PBrochure.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\HiRInteractives\PLibraryNote.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\HiRInteractives\PPromotersCard.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\HiRInteractives\PPromotersTitle.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\HiRInteractives\VDirectory.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\HiRInteractives\VFarmersCard.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\HiRInteractives\VMap.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\MBui\MBui.nmo
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\MBui\MBuiBack.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\MBui\MBuiBackScreen.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\MBui\MBuiClock1.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\MBui\MBuiClock2.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\MBui\MBuiClock3.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\MBui\MBuiClock4.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\MBui\MBuiClock5.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\MBui\MBuiClock6.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\MBui\MBuiClock7.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\MBui\MBuiClock8.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\MClo\MClo.nmo
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\MClo\MCloBack.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\MClo\MCloCrossHelp.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\MClo\MCloDressageHelp.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\MClo\MCloJumpHelp.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\MClo\MCloNameBack.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\MCre\MCre.nmo
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\MCre\MCreBack.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\MCre\MCrePage1.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\MCre\MCrePage2.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\MCre\MCrePage3.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\MCre\MCrePage4.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\MCre\MCrePage5.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\MCre\MCrePage6.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\MCre\MCrePage7.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\MCre\MCrePage8.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\MCre\MCrePage9.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\MHor\MHor.nmo
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\MHor\MHorNameBack.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\MHor\MHorSelectBack.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\MIni\MBackScreen.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\MIni\MIni.nmo
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\MIni\MIniAdventure.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\MIni\MIniBack.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\MIni\MIniOptions.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\MIni\MIniTraining.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\MInt\MInt.nmo
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\MInt\MIntLexis.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\MInt\MIntUbisoft.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\MLoad\MLoad.nmo
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\MLoad\MLoadBack.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\MLoad\MLoadDelete.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\MLoad\MLoadHelp.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\MLoad\MLoadLaunch.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\MLoad\MLoadLevel.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\MLst\MLst.nmo
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\MLst\MLstBack.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\MLst\MLstLogo.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\MLst\MLstSelect.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\MNam\MNam.nmo
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\MNam\MNamBack.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\MOpt\MBackManor.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\MOpt\MOpt.nmo
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\MOpt\MOptBack.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\MOpt\MOptLogo.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\MOpt\MOptSelect.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\MTra\MTra.nmo
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\MTra\MTraBack.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\MTra\MTraLogo.tga
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Sprites\Poster\logo_AL5_poster.pct
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\ActFarmer02_01.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\ActFarmer02_02.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\ActFarmer02_03.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\ActFarmer02_04.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\ActFarmer02_05.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\ActFarmer02_06.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\ActFarmer02_07.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\ActFarmer02_08.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\ActFarmer02_09.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\ActFarmer02_10.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\ActGoOn01.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\ActGoOn02.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\ActGoOn03.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\ActGoOn04.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\ActGoOn05.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\ActLoose_01.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\ActLoose_02.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\ActLoose_03.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\ActNotary01_01.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\ActNotary01_02.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\ActNotary03_01.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\ActNotary03_02.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\ActNotary03_03.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\ActNotary03_04.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\ActNotary03_05.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\ActNotary03_06.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\ActNotary03_07.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\ActNotary03_08.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\ActWin_01.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\ActWin_02.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\ActWin_03.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\ActWin_04.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\ActWin_05.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\Alt_PayCard06_07.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\Alt_ProMeetEnd.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\AmeEnd01_01.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\AmeEnd01_02.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\AmeInit02_01.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\AmeInit02_02.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\AmeInit02_03.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\AmeInit02_04.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\AmeSaddle01.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\AmeSaddle02_01.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\AmeSaddle02_02.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\AmeSaddle02_03.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\AmeSaddle02_04.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\AmeSaddle02_05.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\AmeSaddle02_06.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\AmeSaddle02_07.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\AmeSaddle02_08.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\AmeSaddle02_09.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\AmeSaddle04_01.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\AmeSaddle04_02.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\AmeSaddle05_01.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\AmeSaddle05_02.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\AmeSaddle05_03.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\AmeSaddle05_04.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\AmeSaddle05_05.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\AmeSaddle06.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\BoxBrush01.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\BoxBrush03.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\BoxBWash01_01.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\BoxBWash01_02.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\BoxBWash02.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\BoxCard_01.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\BoxCard_02.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\BoxCard_03.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\BoxContinue.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\BoxEnd.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\BoxFeed01_01.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\BoxFeed01_02.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\BoxFeed02.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\BoxHWash01.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\BoxHWash02_01.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\BoxHWash02_02.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\BoxHWash02_03.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\BoxHWashBad.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\BoxMeadow_01.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\BoxMeadow_02.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\BoxMenu_01.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\BoxMenu_02.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\BoxMenu_03.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\BoxMenu_04.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\BoxMenu_05.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\BoxMenu_06.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\BoxRide_01.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\BoxRide_02.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\BoxRide_03.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\BoxScrape01.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\BoxScrape02.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\BoxScrape03.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\BoxScrapeBad.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\BoxStable02.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\BoxStable04.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\BoxStable05.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\BoxStable06.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\BuaBuy.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\BuaChoice.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\BuaCross.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\BuaJump.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\BuaNot02_01.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\BuaNot02_02.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\BuaNot04_01.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\BuaNot04_02.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\BuaNot04_03.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\BuaNot04_04.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\BuaNot04_05.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\BubBuy.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\BubCross_01.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\BubJump_01.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\BubNot02_01.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\BubNot02_02.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\BubNot02_03.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\BubNot02_04.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\BucWin02_01.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\BucWin02_02.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\BucWin02_03.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\BucWin02_04.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\BucWin02_05.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\BucWin02_06.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\CamGo01_01.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\CamGo01_02.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\CamGo01_03.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\CamLoose_01.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\CamLoose_02.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\CamLoose_03.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\CamNear_01.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\CamNear_02.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\CamNext02_01.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\CamNext02_02.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\CamNext02_03.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\CamPlay02.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\CamPlay03.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\CamShout01.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\CamShout02.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\CamShout03.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\CamShout04.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\CamShout05.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\CamShout06.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\CamShout07.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\CamShout08.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\CamWin01_01.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\CamWin01_02.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\CamWin01_03.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\CamWin01_04.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\CamWin03_01.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\CamWin03_02.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\CamWin03_03.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\CamWin03_04.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\CamWin03_05.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\CamWin03_06.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\CamWin03_07.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\CamWin03_08.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\CdrCamille01.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\CdrCamille02.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\CdrCamille03.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\CdrHorses.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\CdrJewel02_01.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\CdrJewel02_02.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\CdrJewel02_03.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\CdrNotary02.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\CdrNotary03_01.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\CdrNotary03_02.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\CdrNotary03_03.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\CdrNotary03_04.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\CdrNotary03_05.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\CdrNotary03_06.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\CdrNotary04.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\CloBed02_01.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\CloBed02_02.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\CloBed02_03.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\CloBed02_04.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\CloBed03_01.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\CloBed03_02.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\CloBed03_03.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\CloBed04.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\CloCloset01.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\CloCloset01_02.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\CloCloset02_01.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\CloClosetDoor.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\CloClosetDoor_02.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\CloClosetOpen.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\CloHaras02.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\CloHaras03.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\CloHaras04.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\CloHaras05.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\CloHaras06.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\CntLooseContest1_01.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\CntLooseContest2_01.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\CntLooseContest3_01.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\CntLooseContest4_01.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\CntLooseContest5_01.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\CntLooseEventCro1.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\CntLooseEventCro2.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\CntLooseEventCro3.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\CntLooseEventCro4.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\CntLooseEventCro5.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\CntLooseEventDre1.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\CntLooseEventDre2.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\CntLooseEventDre3.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\CntLooseEventDre4.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\CntLooseEventDre5.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\CntLooseEventJum1.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\CntLooseEventJum2.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\CntLooseEventJum3.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\CntLooseEventJum4.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\CntLooseEventJum5.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\CntShowCro1_01.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\CntShowCro2_01.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\CntShowCro3_01.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\CntShowCro4_01.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\CntShowCro5_01.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\CntShowDre1_01.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\CntShowDre1_02.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\CntShowDre1_03.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\CntShowDre1_04.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\CntShowDre2_01.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\CntShowDre2_02.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\CntShowDre3_01.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\CntShowDre3_02.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\CntShowDre4_01.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\CntShowDre4_02.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\CntShowDre5_01.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\CntShowJum1_01.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\CntShowJum2_01.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\CntShowJum3_01.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\CntShowJum4_01.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\CntShowJum5_01.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\CntWinContest1_01.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\CntWinContest2_01.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\CntWinContest2_02.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\CntWinContest3_01.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\CntWinContest3_02.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\CntWinContest4_01.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\CntWinContest4_02.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\CntWinContest5_01.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\CntWinContest5_02.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\CntWinEventCro1.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\CntWinEventCro2.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\CntWinEventCro3.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\CntWinEventCro4.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\CntWinEventCro5.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\CntWinEventDre1.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\CntWinEventDre2.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\CntWinEventDre3.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\CntWinEventDre4.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\CntWinEventDre5.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\CntWinEventJum1.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\CntWinEventJum2.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\CntWinEventJum3.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\CntWinEventJum4.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\CntWinEventJum5.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\Cro02_01.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\Cro02_02.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\CroGo02.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\CroGo03.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\CroGo04.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\CroGo05.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\CroGo06.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\CroGo07.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\CroGoHelp.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\CroLoose.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\CroWin.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\DooCutters01_01.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\DooCutters01_02.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\DooCutters02.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\DooCutters03_01.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\DooCutters03_02.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\DooCuttersBack.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\DooEntry02.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\DooEntry03_01.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\DooEntry03_02.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\DooEntry04.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\DreBad01.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\DreBad02.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\DreBad03.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\DreBad04.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\DreBad05.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\DreGo02_01.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\DreGo02_02.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\DreGo02_03.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\DreGoAgain.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\DreGood01.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\DreGood02.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\DreGood03.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\DreGood04.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\DreGood05.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\DreLoose.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\DreTry02_01.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\DreTry02_02.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\DreTry02_03.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\DreTry02_04.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\DreTry03_01.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\DreTry03_02.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\DreWin_01.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\DreWin_02.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\DreWin_03.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\DreWin_04.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\DreWin_05.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\DreWin_06.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\DreWin_07.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\EndNotary02.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\EndPlante02.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\EndTraining02_01.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\EndTraining02_02.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\EndTraining02_03.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\EndTraining04_01.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\EndTraining04_02.wav
C:\Program Files\BoontyGames\Alexandra Ledermann 5\Assets\Voices\EndVillage02.wav
C:\Program Files\BoontyGames\Alexandra Leder
0
Réponse 11 / 18
jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 040
 
vire ce qui est en quarantaine dans malwarebyte
puis

vire ce qui est dans le dossier quarantine en allant dans poste de travail puis
C:\QooBox\Quarantine

puis

/!\ Déconnecte-toi et ferme toutes applications en cours /!\

Double-clique sur AD-Remover pour le lancer : au menu principal, choisis l'option B.

Coche à l'écran de sélection :
http://sd-1.archive-host.com/membres/up/16506160323759868/Ca­pturer-ADR.JPG

Suppression Boonty/BoontyGames (Si trouvé)
Suppression Eorezo (Si trouvé)
Suppression Everest Poker (Si trouvé)
Suppression Funwebproduct/MyWay/MyWebsearch (Si trouvé)
Suppression Messenger Skinner (Si trouvé)
Suppression Sweetim (Si trouvé)

Puis choisis S, le programme va travailler.

Poste le rapport qui apparaît à la fin.

(Le rapport est sauvegardé aussi sous C:\Ad-report.log)

/!\ Si le Bureau ne réapparaît pas, presse Ctrl + Alt + Suppr, Onglet "Fichier", "Nouvelle tâche", tape explorer.exe et valide) /!\

Note :

"Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...)
0
Réponse 12 / 18
devilserum Messages postés 23 Date d'inscription   Statut Membre Dernière intervention  
 
salut jlpjlp, désolé du retard, j'ai repri le boulo donc le temp n'est plus ;)

voici le raport une foi suprimer les truc, il n'a pas trouverMessenger skinner par contre ;)

------- Logfile of AD-Remover 1.0.8.5 by C_XX | ONLY XP/VISTA -------

*** Limited to ***

Boonty/BoontyGames
Eorezo
Everest Poker
Funwebproduct/MyWay/MyWebsearch
Sweetim

******************

# START at: 19:30:23 | Mer 07/01/2009 | Microsoft® Windows XP™ SP2 (v5.1.2600)
# BOOT MODE: Normal
# OPTION: Clean | EXECUTED FROM: C:\Program Files\Ad-remover\AD-Remover.bat
# PC: EA42E5004CD7411 | USER: Administrateur ( Current user is an administrator)
# DRIVE(S):
- C:\ (File System: NTFS)
- D:\ (File System: NTFS)
# Internet Explorer v7.0.5730.11

# RUNNING PROCESSES: 35

(!) ---- IE start pages reset

+-----------------------| Boonty/Boonty Games Elements Deleted :

.
HKCU\SOFTWARE\Boonty
HKLM\Software\Boonty
.
C:\Program Files\Boonty
C:\Program Files\BoontyGames
C:\Documents and Settings\All Users\Application Data\BOONTY
C:\Documents and Settings\All Users\MENUDM~1\PROGRA~1\BoontyGames

+-----------------------| Eorezo Elements Deleted :

.
.

+-----------------------| Everest Poker Elements Deleted :

.
.

+-----------------------| FunWebProducts/MyWay/MyWebSearch/MyGlobalSearch Elements Deleted :

.
.

+-----------------------| Sweetim Elements Deleted :

.
.

(!) ---- Temp files deleted.
(!) ---- Recycle bin emptied in all drives.

+-----------------------| ADDED SCAN :

+---------- Scanning prefs.js ... ( # Mozilla User Preferences )

..\k1miotpq.default\prefs.js :

~~~~ Mozilla FireFox version 3.0.1 ~~~~

* Browser Search Selected Engine: "Live Search"
* Browser Startup HomePage: "https://www.msn.com/nl-be?checklang=1"

.

+---------------------------------------------------------------------------+

+--[HKEY_CURRENT_USER\..\Internet Explorer\MAIN]

Start Page : hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome

+--[HKEY_LOCAL_MACHINE\..\Internet Explorer\MAIN]

Start Page : hxxp://fr.msn.com/

+---------------------------------------------------------------------------+

[~2021 bytes] - "C:\AD-report-Clean-20.9-.1-07.log"
[~443425 bytes] - "C:\AD-report-Scan-20.9-.1-06.log"

# END at: 19:32:42 | 2009-01-07 - Time elapsed: 2 minutes, 18 seconds

+---------------------------------------------------------------------------+
+------------------------------- [ E.O.F - 54 lines ]
+---------------------------------------------------------------------------+
0
Réponse 13 / 18
jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 040
 
comment va le pc????

remets un rapport hijakhcits aussi

a plus
0
Réponse 14 / 18
devilserum Messages postés 23 Date d'inscription   Statut Membre Dernière intervention  
 
salut; Il va deja beaucoup mieu, par contre je ram encore mais je croi cause dd trop plain ( il reste 867 mo sur partition c: et 21.2go sur d ( disque 40 partitionner a voir :s ) sinon le reste sa tourne bien ;)

voici le raport hjt

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:20, on 2009-01-07
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\InterVideo\DeviceService\DevSvc.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\mdm.exe
C:\Program Files\Norton Internet Security\Engine\16.2.0.7\ccSvcHst.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Norton Internet Security\Engine\16.2.0.7\ccSvcHst.exe
C:\Program Files\UberIcon\UberIcon Manager.exe
C:\Windows\System32\VisualTaskTips.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Belgacom\bin\sprtcmd.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Documents and Settings\Administrateur\Bureau\testHJT.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\16.2.0.7\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\16.2.0.7\IPSBHO.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: StylerToolBar - {D2F8F919-690B-4EA2-9FA7-A203D1E04F75} - C:\Program Files\styler\TB\StylerTB.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\16.2.0.7\coIEPlg.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [UberIcon] "C:\Program Files\UberIcon\UberIcon Manager.exe"
O4 - HKLM\..\Run: [VisualTaskTips] C:\Windows\System32\VisualTaskTips.exe
O4 - HKLM\..\Run: [Vistadrv] C:\WINDOWS\system32\Vistadrive\vsdrv.exe
O4 - HKLM\..\Run: [TransBar] C:\Windows\System32\TransBar.exe /s
O4 - HKLM\..\Run: [Styler] C:\Program Files\styler\Styler.exe
O4 - HKLM\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Belgacom] "C:\Program Files\Belgacom\bin\sprtcmd.exe" /P Belgacom
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\K-Lite Codec Pack\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\RunOnce: [WIAWizardMenu] RUNDLL32.EXE C:\WINDOWS\system32\sti_ci.dll,WiaCreateWizardMenu
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: (no name) - Cmdmapping - (no file) (HKCU)
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: symres - {AA1061FE-6C41-421F-9344-69640C9732AB} - C:\Program Files\Norton Internet Security\Engine\16.2.0.7\coIEPlg.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - D:\Program Files\aawservice.exe
O23 - Service: Capture Device Service - InterVideo Inc. - C:\Program Files\Fichiers communs\InterVideo\DeviceService\DevSvc.exe
O23 - Service: Indexing Service (CiSvc) - Unknown owner - C:\WINDOWS\system32\cisvc.exe (file missing)
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: Norton Internet Security - Symantec Corporation - C:\Program Files\Norton Internet Security\Engine\16.2.0.7\ccSvcHst.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
0
Réponse 15 / 18
jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 040
 
ok vire ad aware et windows defender qui consomment de la ressource car tu as déjà notorn qui recherche les espions et qui fait ramer aussi...

mets en complément en antiespion malwarebyte gratuit qui ne consomme pas de ressource en permanence contrairement à ad aware et windows (et de plus bien meilleur!) pour chercher regulièrement des espions

________________

pour virer ce qui a été utilisé :

Télécharge ToolsCleaner sur ton bureau.
--> http://www.commentcamarche.net/telecharger/telecharger 34055291 toolscleaner
# Clique sur Recherche et laisse le scan agir ...
# Clique sur Suppression pour finaliser.
# Tu peux, si tu le souhaites, te servir des Options facultatives.
# Clique sur Quitter pour obtenir le rapport.
# Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\).

___________________

pour verifier qu'il reste rien:

colle le rapport d'un scan en ligne
avec un des suivants:

bitdefender en ligne :
http://www.bitdefender.fr/scan_fr/scan8/ie.html

Panda en ligne :
http://pandasoftware.fr

Kaspersky en ligne
https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
0
Réponse 16 / 18
devilserum Messages postés 23 Date d'inscription   Statut Membre Dernière intervention  
 
salut jlpjlp, Merci encore une foi pour tesreponce ;)

voici les 2 raports demander :

[ Rapport ToolsCleaner version 2.3.0 (par A.Rothstein & dj QUIOU) ]

-->- Recherche:

C:\lopR.txt: trouvé !
C:\Combofix: trouvé !
C:\Lop SD: trouvé !
C:\Qoobox: trouvé !
C:\ComboFix\Combofix.txt: trouvé !
C:\Documents and Settings\Administrateur\Bureau\LopSD.exe: trouvé !
C:\Documents and Settings\Administrateur\Bureau\ComboFix.exe: trouvé !
C:\Documents and Settings\Administrateur\Bureau\hijackthis.log: trouvé !
C:\Documents and Settings\Administrateur\Recent\MSNFix.lnk: trouvé !
C:\WINDOWS\msnfix.txt: trouvé !

---------------------------------
-->- Suppression:

C:\Documents and Settings\Administrateur\Bureau\LopSD.exe: supprimé !
C:\Documents and Settings\Administrateur\Bureau\ComboFix.exe: ERREUR DE SUPPRESSION !!
C:\Documents and Settings\Administrateur\Recent\MSNFix.lnk: supprimé !
C:\lopR.txt: supprimé !
C:\ComboFix\Combofix.txt: supprimé !
C:\Documents and Settings\Administrateur\Bureau\hijackthis.log: supprimé !
C:\WINDOWS\msnfix.txt: supprimé !
C:\Combofix: supprimé !
C:\Lop SD: supprimé !
C:\Qoobox: supprimé !

et en ligne :

BitDefender Online Scanner - Rapport virus en temps réel

Généré à: Fri, Jan 09, 2009 - 11:42:58

--------------------------------------------------------------------------------

Info d'analyse

Fichiers scannés
63869

Infectés Fichiers
0

Virus Détectés

Aucun virus trouvé.

--------------------------------------------------------------------------------

Ce sommaire du processus d'analyse sera utilisé par les laboratoires Antivirus BitDefender pour créer des statistiques agréguées sur l'activité des virus dans le monde.

Voila ;)

Ps encore une fois desoler du retard ;)
0
Réponse 17 / 18
jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 040
 
ok parfait c'est finit!
0
Réponse 18 / 18
devilserum Messages postés 23 Date d'inscription   Statut Membre Dernière intervention  
 
Salut jlpjlp.

Un tres tres grand merci a toi ;) super simpa a toi d'avoir pris le temp de voir tout ces raport ;)

Sinon le pc tourne nikel ;) ram leger cause du dd mais sinon plus de page web qui s'ouvre a tout va etc ... ;)

Aller une bonne continuation, et Bonne année a toi ( au retard ;) mais bon ;) )

Et encore merci ;)
0

Discussions similaires

Softonic,est-ce un virus ?
techmel1 -
techmel1 -

6 réponses
virus Artemis!
mabiche37 -
Malekal_morte- -

14 réponses
Désinstaller Softonic
Diguimette -
lilidurhone -

5 réponses
Message Apple virus !!
Souclik67 -
MPMP10 -

3 réponses