B.exe

Résolu
Riana_BXL -  
 gen-hackman -
Bonjour,

Depuis quelques jours je reçois le message "b.exe a cessé de fonctionner...". Je n'y connais rien en pc mais je crois que c'est un virus... J'ai aussi remarqué que internet marche très très trèèèèès lentement depuis un certain temps tandis que ça marchait très bien avant. Je ne sais pas si ça a un rapport, mais en tout cas j'aimerais avant tout me défaire de ce "b.exe".

Quelqu'un veut bien m'aider????
Ce serait super gentil!
Configuration: Windows Vista
Firefox 3.0.11

60 réponses

  • 1
  • 2
  • 3
Résumé de la discussion

Le problème central est un message b.exe a cessé de fonctionner et des lenteurs Internet sur Windows Vista, avec une suspicion de virus et le souhait d'éliminer b.exe. Des mesures préconisées consistent à lancer UsbFix en mode administrateur, choisir l’option Recherche et partager le rapport pour désinfecter les processus infectieux et lever les éléments de démarrage suspects. D'autres interventions recommandent d'utiliser OTL et des outils similaires pour un diagnostic plus poussé, tout en précisant que certains composants comme Process.exe peuvent être signalés par les antivirus sans être malveillants. En dernier élément utile, des rapports détaillés sur les éléments autorun et les processus actifs ont été partagés pour orienter la désinfection et vérifier l’état des postes après les interventions.

Généré automatiquement par IA
sur la base des meilleures réponses
  1. plopus Messages postés 49 Date d'inscription   Statut Contributeur sécurité Dernière intervention   293
     
    lu

    je plussoie GEN
    2
  2. gen-hackman
     
    salut :

    Désactive le contrôle des comptes utilisateurs (tu le réactiveras après ta désinfection):

    - Vas dans "Démarrer" puis Panneau de configuration.
    - Double Clique sur l'icône Comptes d'utilisateurs et sur Activer ou désactiver le contrôle des comptes d'utilisateurs.
    - Clique sur Continuer.
    - Décoche la case Utiliser le contrôle des comptes d'utilisateurs pour vous aider à protéger votre ordinateur.
    - Valide par OK et redémarre.

    Tuto

    ensuite :

    ####### | Install & recherche | #########

    Telecharge et install UsbFix de C_XX & Chiquitine29

    Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) susceptibles d avoir été infectés sans les ouvrir

    # Fais un clic droit sur le raccourci UsbFix présent sur ton bureau et choisi éxécuter en tant qu'administrateur .

    # Choisi l option 1 ( Recherche )

    # Laisse travailler l outil.

    # Ensuite post le rapport UsbFix.txt qui apparaitra.

    # Note : Le rapport UsbFix.txt est sauvegardé a la racine du disque. ( C:\UsbFix.txt )

    ( CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )

    # Note : "Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
    Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
    Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.
    1
    1. qwerty- Messages postés 17655 Date d'inscription   Statut Contributeur Dernière intervention   1 451
       
      pfff,

      ta réponse a quand même plus de gueule que la mienne...
      ^^
      0
  3. kevin05 Messages postés 3814 Date d'inscription   Statut Contributeur sécurité Dernière intervention   147
     
    Avast est egalement nul

    Pourtant tu l'as :)
    1
  4. plopus Messages postés 49 Date d'inscription   Statut Contributeur sécurité Dernière intervention   293
     
    salut ici

    pour avancer GEN et comme sa je suis le sujet ;)

    RIANA une fois USBfix telecharger tu dois faire ceci :

    Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) susceptibles d avoir été infectés sans les ouvrir

    # Fais un clic droit sur le raccourci UsbFix présent sur ton bureau et choisi éxécuter en tant qu'administrateur .

    # Choisi l option 1 ( Recherche )

    # Laisse travailler l outil.

    # Ensuite post le rapport UsbFix.txt qui apparaitra.

    # Note : Le rapport UsbFix.txt est sauvegardé a la racine du disque. ( C:\UsbFix.txt )

    ( CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )

    # Note : "Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
    Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
    Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.

    comme indiquer par GEN au poste 2

    @+
    1
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. Riana_BXL Messages postés 29 Statut Membre 1
     
    Voilà le rapport:

    ############################## | UsbFix V3.034 |

    # User : Princesse Riana (Administrateurs) # PC-DE-PRINCESSE
    # Update on 29/06/09 by Chiquitine29 & C_XX
    # Start at: 20:09:25 | 29/06/2009
    # Website : http://pagesperso-orange.fr/NosTools/usbfix.html

    # Intel(R) Core(TM)2 Duo CPU T6400 @ 2.00GHz
    # Microsoft® Windows Vista™ Édition Familiale Premium (6.0.6001 32-bit) # Service Pack 1
    # Internet Explorer 7.0.6001.18000
    # Windows Firewall Status : Disabled

    # C:\ # Disque fixe local # 222,75 Go (85,69 Go free) [OS] # NTFS
    # D:\ # Disque fixe local # 10 Go (4,77 Go free) [RECOVERY] # NTFS
    # E:\ # Disque CD-ROM
    # F:\ # Disque CD-ROM
    # G:\ # Disque amovible
    # H:\ # Disque amovible # 241,79 Mo (164,54 Mo free) [MARINERS] # FAT32

    ############################## | Processus actifs |

    C:\Windows\System32\smss.exe
    C:\Windows\system32\csrss.exe
    C:\Windows\system32\wininit.exe
    C:\Windows\system32\csrss.exe
    C:\Windows\system32\services.exe
    C:\Windows\system32\lsass.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\winlogon.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\system32\Ati2evxx.exe
    C:\Windows\System32\svchost.exe
    C:\Windows\System32\svchost.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f091b975\STacSV.exe
    C:\Windows\system32\SLsvc.exe
    C:\Windows\system32\svchost.exe
    C:\Program Files\Dell\DellDock\DockLogin.exe
    C:\Windows\system32\Ati2evxx.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\System32\WLTRYSVC.EXE
    C:\Windows\System32\bcmwltry.exe
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f091b975\aestsrv.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
    C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
    C:\Windows\system32\Dwm.exe
    C:\Program Files\Dell\DellDock\DellDock.exe
    C:\Program Files\McAfee\MPF\MPFSrv.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\Explorer.EXE
    C:\Windows\msb.exe
    C:\Program Files\McAfee\MSK\MskSrver.exe
    C:\Program Files\DellTPad\Apoint.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\svchost.exe
    C:\Program Files\IDT\WDM\sttray.exe
    C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
    C:\Windows\system32\conime.exe
    C:\Windows\system32\svchost.exe
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
    C:\Windows\System32\WLTRAY.EXE
    C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
    C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell.exe
    C:\Program Files\McAfee.com\Agent\mcagent.exe
    C:\Program Files\Dell DataSafe Online\DataSafeOnline.exe
    C:\Program Files\Dell\MediaDirect\PCMService.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\Windows\WindowsMobile\wmdSync.exe
    C:\Program Files\infallsoft\Screen Capture\iCaptureSE.exe
    C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
    C:\Program Files\D-Link\D-Link Wireless G DWA-110\AirGCFG.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\Skype\Phone\Skype.exe
    C:\Program Files\Windows Media Player\wmpnscfg.exe
    C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe
    C:\Program Files\Alliance MCA\SafeFax\faxtray.exe
    C:\Program Files\Dell\QuickSet\quickset.exe
    C:\Program Files\TechSmith\Snagit 9\Snagit32.exe
    C:\Program Files\DellTPad\ApMsgFwd.exe
    C:\Windows\System32\svchost.exe
    C:\Program Files\DellTPad\HidFind.exe
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
    C:\Program Files\DellTPad\Apntex.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Windows\system32\WUDFHost.exe
    C:\Program Files\DNA\btdna.exe
    C:\Program Files\TechSmith\Snagit 9\TSCHelp.exe
    C:\Program Files\TechSmith\Snagit 9\SnagPriv.exe
    C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
    C:\Windows\system32\svchost.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Program Files\TechSmith\Snagit 9\snagiteditor.exe
    C:\Windows\system32\wbem\unsecapp.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
    c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
    C:\Program Files\Dell Support Center\bin\sprtsvc.exe
    c:\PROGRA~1\mcafee\msc\mcuimgr.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\system32\wuauclt.exe
    C:\Users\PRINCE~1\AppData\Local\Temp\b.exe
    C:\Windows\system32\ctfmon.exe
    C:\Windows\system32\rundll32.exe
    C:\Program Files\DAEMON Tools Pro\DTProShellHlp.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\system32\SearchFilterHost.exe

    ################## | Registre Startup |

    HKCU_Main: "Local Page"="C:\\Windows\\system32\\blank.htm"
    HKCU_Main: "Search Page"="https://www.google.com/?gws_rd=ssl"
    HKCU_Main: "Start Page"="https://www.ask.com/?o=101764&l=dis"
    HKCU_Main: "Window Title"="Internet Explorer fourni par Dell"
    HKLM_logon: "Userinit"="C:\\Windows\\system32\\userinit.exe,"
    HKLM_logon: "LegalNoticeCaption"=""
    HKLM_logon: "LegalNoticeText"=""
    HKLM_Run: Windows Defender=%ProgramFiles%\Windows Defender\MSASCui.exe -hide
    HKLM_Run: Apoint=C:\Program Files\DellTPad\Apoint.exe
    HKLM_Run: SysTrayApp=%ProgramFiles%\IDT\WDM\sttray.exe
    HKLM_Run: StartCCC="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
    HKLM_Run: Broadcom Wireless Manager UI=C:\Windows\system32\WLTRAY.exe
    HKLM_Run: Adobe Reader Speed Launcher="c:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    HKLM_Run: Google Desktop Search="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
    HKLM_Run: Dell Webcam Central="C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell.exe" /mode2
    HKLM_Run: mcagent_exe=C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
    HKLM_Run: Dell DataSafe Online="C:\Program Files\Dell DataSafe Online\DataSafeOnline.exe" /m
    HKLM_Run: PCMService="C:\Program Files\Dell\MediaDirect\PCMService.exe"
    HKLM_Run: dellsupportcenter="C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P dellsupportcenter
    HKLM_Run: SunJavaUpdateSched="C:\Program Files\Java\jre6\bin\jusched.exe"
    HKLM_Run: Windows Mobile-based device management=%windir%\WindowsMobile\wmdSync.exe
    HKLM_Run: infallsoft Screen Capture=C:\Program Files\infallsoft\Screen Capture\iCaptureSE.exe
    HKLM_Run: ANIWZCS2Service=C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
    HKLM_Run: D-Link D-Link Wireless G DWA-110=C:\Program Files\D-Link\D-Link Wireless G DWA-110\AirGCFG.exe
    HKLM_Run: HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents=
    HKCU_Run: swg=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    HKCU_Run: BitTorrent DNA="C:\Program Files\DNA\btdna.exe"
    HKCU_Run: Skype="C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
    HKCU_Run: WMPNSCFG=C:\Program Files\Windows Media Player\WMPNSCFG.exe
    HKCU_Run: DAEMON Tools Pro Agent="C:\Program Files\DAEMON Tools Pro\DTProAgent.exe" -autorun
    HKCU_Run: VeohPlugin="C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe"
    HKCU_Run: Cognac=C:\Users\PRINCE~1\AppData\Local\Temp\b.exe
    HKCU_Run: HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run\AdobeUpdater=

    ################## | Fichiers # Dossiers infectieux |

    C:\autorun.inf # -> fichier appelé : "C:\"RECYCLER\S-9-2-62-100018835-100031731-100003232-5265.com c:\"" ( Absent ! )
    Présent ! C:\autorun.inf
    Présent ! C:\recycler\S-9-2-62-100018835-100031731-100003232-5265.com
    D:\autorun.inf # -> fichier appelé : "D:\"RECYCLER\S-9-2-62-100018835-100031731-100003232-5265.com d:\"" ( Absent ! )
    Présent ! D:\autorun.inf
    Présent ! D:\recycler\S-9-2-62-100018835-100031731-100003232-5265.com
    H:\autorun.inf # -> fichier appelé : "H:\pook.com" ( Présent ! )
    Présent ! H:\copy.exe
    Présent ! H:\MS32DLL.dll.vbs
    Présent ! H:\pook.com
    Présent ! H:\resycled\boot.com
    Présent ! H:\autorun.inf
    Présent ! H:\copy.exe
    Présent ! H:\host.exe
    Présent ! "H:\resycled"

    ################## | Registre # Clés Run infectieuses |

    Présent ! HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "Cognac"
    Présent ! HKU\S-1-5-21-3666027173-358810256-2811008047-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "Cognac"

    ################## | Registre # Mountpoints2 |

    HKCU\...\Explorer\MountPoints2\{0cc6a951-3e24-11de-bd4d-002219d91a42}\Shell\AutoRun\Command
    HKCU\...\Explorer\MountPoints2\{0cc6a951-3e24-11de-bd4d-002219d91a42}\Shell\install\Command
    HKCU\...\Explorer\MountPoints2\{bf873a16-4229-11de-a2da-002219d91a42}\Shell\AutoRun\Command
    HKCU\...\Explorer\MountPoints2\{bf873a16-4229-11de-a2da-002219d91a42}\Shell\open\Command
    HKCU\...\Explorer\MountPoints2\{e3b64848-4926-11de-97b5-002219d91a42}\Shell\AutoRun\Command
    HKCU\...\Explorer\MountPoints2\{e3b64848-4926-11de-97b5-002219d91a42}\Shell\open\Command

    ################## | Etat / Services / Informations |

    # Affichage des fichiers cachés : OK

    # Mode sans echec : OK

    # (!) Uac = 0x0

    # Ndisuio -> Start = 3 ( Good = 3 | Bad = 4 )
    # EapHost -> Start = 3 ( Good = 2 | Bad = 4 )
    # Wlansvc -> Start = 2 ( Good = 2 | Bad = 4 )
    # (!) SharedAccess -> Start = 4 ( Good = 2 | Bad = 4 )
    # windefend -> Start = 2 ( Good = 2 | Bad = 4 )
    # wuauserv -> Start = 2 ( Good = 2 | Bad = 4 )
    # wscsvc -> Start = 2 ( Good = 2 | Bad = 4 )

    ################## | Cracks / Keygens / Serials |

    "C:\Users\Princesse Riana\Desktop\CrackPhotoshopCS3\Photoshop.exe"
    21/07/2008 08:49 |Size 44814336 |Crc32 87941229 |Md5 8bbffd6536ef589fc2d2820f6e377abd

    "C:\Users\Princesse Riana\Downloads\Sudoku! Deluxe + crack\Sudoku! Deluxe + crack\sudokudownload.exe"
    23/10/2007 19:27 |Size 5292552 |Crc32 fc880756 |Md5 16c0a5a0d54eb72fd847c8e3738c5b63

    "C:\Users\Princesse Riana\Downloads\Sudoku! Deluxe + crack\Sudoku! Deluxe + crack\crack\sudoku.exe"
    23/10/2007 19:08 |Size 341504 |Crc32 d9a0e340 |Md5 a26e658054f125a999e2f8a629cb368c

    "C:\ProgramData\SupportSoft\DellSupportCenter\SYSTEM\exec\DSCPatch_2_2_08298_2.2.exe"
    28/10/2008 04:51 |Size 474641 |Crc32 0341b39f |Md5 b1ed1133bd164463610e7f5fdba6336e

    "C:\ProgramData\SupportSoft\DellSupportCenter\SYSTEM\exec\DSCPatch_2_2_08335_2.2.exe"
    22/01/2009 01:23 |Size 148525 |Crc32 8c23ea54 |Md5 b344c3eae6a31bb186b577d19a36f0f0

    ################## | ! Fin du rapport # UsbFix V3.034 ! |

    Merci pour ton aide!
    1
  7. qwerty- Messages postés 17655 Date d'inscription   Statut Contributeur Dernière intervention   1 451
     
    salut,

    quel antivirus as tu ?
    0
    1. Riana_BXL
       
      Mc Afee
      0
  8. qwerty- Messages postés 17655 Date d'inscription   Statut Contributeur Dernière intervention   1 451
     
    Mac cafee c'est nul, je te conseille de changer...
    0
  9. gen-hackman
     
    ##### | Suppression | ######

    Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) susceptibles d avoir été infectés sans les ouvrir

    # Fais un clic droit sur le raccourci UsbFix présent sur ton bureau et choisi éxécuter en tant qu'administrateur .

    # choisi l option 2 ( Suppression )

    # Ton bureau disparaitra et le pc redémarrera .

    # Au redémarrage , UsbFix scannera ton pc , laisse travailler l outil.

    # Ensuite post le rapport UsbFix.txt qui apparaitra avec le bureau .

    # Note : Le rapport UsbFix.txt est sauvegardé a la racine du disque.( C:\UsbFix.txt )

    ( CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )

    ######### | Désinstallation | #########

    # Fais un clic droit sur le raccourci UsbFix présent sur ton bureau et choisi éxécuter en tant qu'administrateur .

    # Choisi l option Désinstaller ....
    0
  10. Riana_BXL Messages postés 29 Statut Membre 1
     
    ############################## | UsbFix V3.034 |

    # User : Princesse Riana (Administrateurs) # PC-DE-PRINCESSE
    # Update on 29/06/09 by Chiquitine29 & C_XX
    # Start at: 20:24:20 | 29/06/2009
    # Website : http://pagesperso-orange.fr/NosTools/usbfix.html

    # Intel(R) Core(TM)2 Duo CPU T6400 @ 2.00GHz
    # Microsoft® Windows Vista™ Édition Familiale Premium (6.0.6001 32-bit) # Service Pack 1
    # Internet Explorer 7.0.6001.18000
    # Windows Firewall Status : Disabled

    # C:\ # Disque fixe local # 222,75 Go (85,71 Go free) [OS] # NTFS
    # D:\ # Disque fixe local # 10 Go (4,77 Go free) [RECOVERY] # NTFS
    # E:\ # Disque CD-ROM
    # F:\ # Disque CD-ROM
    # G:\ # Disque amovible
    # H:\ # Disque amovible # 241,79 Mo (164,54 Mo free) [MARINERS] # FAT32

    ############################## | Processus actifs |

    C:\Windows\System32\smss.exe
    C:\Windows\system32\csrss.exe
    C:\Windows\system32\wininit.exe
    C:\Windows\system32\csrss.exe
    C:\Windows\system32\services.exe
    C:\Windows\system32\lsass.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\winlogon.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\system32\Ati2evxx.exe
    C:\Windows\System32\svchost.exe
    C:\Windows\System32\svchost.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f091b975\STacSV.exe
    C:\Windows\system32\SLsvc.exe
    C:\Windows\system32\svchost.exe
    C:\Program Files\Dell\DellDock\DockLogin.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\System32\WLTRYSVC.EXE
    C:\Windows\system32\Ati2evxx.exe
    C:\Windows\System32\bcmwltry.exe
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f091b975\aestsrv.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
    C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
    C:\Program Files\McAfee\MPF\MPFSrv.exe
    C:\Program Files\McAfee\MSK\MskSrver.exe
    C:\Windows\system32\svchost.exe
    C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Windows\system32\runonce.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\System32\svchost.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Program Files\Dell\DellDock\DellDock.exe
    C:\Windows\msb.exe
    C:\Users\PRINCE~1\AppData\Local\Temp\b.exe
    C:\Windows\system32\WUDFHost.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\system32\PresentationSettings.exe
    C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
    c:\PROGRA~1\mcafee.com\agent\mcagent.exe

    ################## | Fichiers # Dossiers infectieux |

    Supprimé ! C:\Windows\Prefetch\WINUPGRO.EXE-E1FE41E5.pf
    C:\autorun.inf # -> fichier appelé : "C:\"RECYCLER\S-9-2-62-100018835-100031731-100003232-5265.com c:\"" ( Absent ! )
    Supprimé ! C:\autorun.inf
    Supprimé ! C:\recycler\S-9-2-62-100018835-100031731-100003232-5265.com
    D:\autorun.inf # -> fichier appelé : "D:\"RECYCLER\S-9-2-62-100018835-100031731-100003232-5265.com d:\"" ( Absent ! )
    Supprimé ! D:\autorun.inf
    Supprimé ! D:\recycler\S-9-2-62-100018835-100031731-100003232-5265.com
    H:\autorun.inf # -> fichier appelé : "H:\pook.com" ( Présent ! )
    Supprimé ! -> H:\pook.com
    Supprimé ! H:\copy.exe
    Supprimé ! H:\MS32DLL.dll.vbs
    Supprimé ! H:\resycled\boot.com
    Supprimé ! H:\autorun.inf
    Supprimé ! H:\host.exe
    Supprimé ! "H:\resycled"

    ################## | Autres ... |

    ################## | Registre # Clés Run infectieuses |

    Supprimé ! HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "Cognac"

    ################## | Registre # Mountpoints2 |

    Supprimé ! HKCU\...\Explorer\MountPoints2\{0cc6a951-3e24-11de-bd4d-002219d91a42}\Shell\AutoRun\Command
    Supprimé ! HKCU\...\Explorer\MountPoints2\{bf873a16-4229-11de-a2da-002219d91a42}\Shell\AutoRun\Command
    Supprimé ! HKCU\...\Explorer\MountPoints2\{e3b64848-4926-11de-97b5-002219d91a42}\Shell\AutoRun\Command

    ################## | Listing des fichiers présent |

    [18/09/2006 23:43|--a------|24] - C:\autoexec.bat
    [21/01/2008 04:24|-rahs----|333203] - C:\bootmgr
    [18/09/2006 23:43|--a------|10] - C:\config.sys
    [10/01/2009 19:12|-rah-----|4442] - C:\dell.sdr
    [?|?|?] - C:\hiberfil.sys
    [?|?|?] - C:\pagefile.sys
    [29/06/2009 20:36|--a------|4333] - C:\UsbFix.txt
    [09/01/2008 17:12|--ah-----|512] - G:\NIKON001.DSC
    [10/06/2009 04:39|--a------|3230] - G:\BOOTEX.LOG
    [29/10/2008 12:09|--a------|1612672] - G:\IOS16-64-v257-prod.wad
    [18/09/2008 15:52|--a------|4641568] - H:\R126542.EXE
    [18/09/2008 15:52|--a------|4056088] - H:\R98241.EXE
    [18/09/2008 14:20|--a------|5838611] - H:\wlg-1500-1.1.zip
    [16/10/2008 11:52|--a------|387904] - H:\Ryanair - Copie.jpg
    [19/12/2008 10:59|---hs----|14336] - H:\Thumbs.db
    [27/11/2008 20:59|--a------|3856] - H:\projet M2.rtf
    [29/06/2009 20:23|--a------|3244] - H:\BOOTEX.LOG
    [19/12/2008 17:12|--a------|41472] - H:\Le livre.doc
    [22/01/2009 19:00|--a------|846446] - H:\100plus_intel_network.zip
    [22/01/2009 19:09|--a------|3815119] - H:\WMP54GS_EU_wizard_dr%2C0.zip
    [09/03/2005 00:48|--a------|4311301] - H:\setup-2.3.0.1.exe
    [03/02/2009 01:14|--a------|48261] - H:\CV riana.pdf
    [24/11/2008 18:30|--a------|283648] - H:\MEMOIRE RIANA RABEONY.doc
    [21/05/2009 12:33|--a------|12104] - H:\FRBoardingPassDisplay.aspx.htm
    [02/10/2008 12:13|--a------|40517] - H:\RR2394.pdf
    [15/10/2008 14:58|--a------|4176] - H:\notif.htm
    [16/10/2008 11:52|--a------|387904] - H:\Ryanair.mdi
    [25/05/2009 15:48|--a------|176154] - H:\marinefinalA4.jpg
    [11/06/2009 22:36|--a------|10060427] - H:\DWA-110-V1.30-WW.zip
    [11/06/2009 23:25|--a------|204710] - H:\Pilote_USB_2.0_Windows_XP_1.0.exe
    [11/06/2009 23:38|--a------|4179293] - H:\everest_everest_2.20_francais_12281.exe

    ################## | Vaccination |

    # C:\autorun.inf ( # Not infected ) -> Folder created by UsbFix.
    # D:\autorun.inf ( # Not infected ) -> Folder created by UsbFix.
    # G:\autorun.inf ( # Not infected ) -> Folder created by UsbFix.
    # H:\autorun.inf ( # Not infected ) -> Folder created by UsbFix.

    ################## | Etat / Services / Informations |

    # Mode sans echec : OK

    # Affichage des fichiers cachés : OK

    # Uac : OK

    # Ndisuio -> Start = 3 ( Good = 3 | Bad = 4 )
    # EapHost -> Start = 2 ( Good = 2 | Bad = 4 )
    # Wlansvc -> Start = 2 ( Good = 2 | Bad = 4 )
    # SharedAccess -> Start = 2 ( Good = 2 | Bad = 4 )
    # windefend -> Start = 2 ( Good = 2 | Bad = 4 )
    # wuauserv -> Start = 2 ( Good = 2 | Bad = 4 )
    # wscsvc -> Start = 2 ( Good = 2 | Bad = 4 )

    ################## | PEH ... |

    ################## | Cracks / Keygens / Serials |

    "C:\Users\Princesse Riana\Desktop\CrackPhotoshopCS3\Photoshop.exe"
    21/07/2008 08:49 |Size 44814336 |Crc32 87941229 |Md5 8bbffd6536ef589fc2d2820f6e377abd

    "C:\Users\Princesse Riana\Downloads\Sudoku! Deluxe + crack\Sudoku! Deluxe + crack\sudokudownload.exe"
    23/10/2007 19:27 |Size 5292552 |Crc32 fc880756 |Md5 16c0a5a0d54eb72fd847c8e3738c5b63

    "C:\Users\Princesse Riana\Downloads\Sudoku! Deluxe + crack\Sudoku! Deluxe + crack\crack\sudoku.exe"
    23/10/2007 19:08 |Size 341504 |Crc32 d9a0e340 |Md5 a26e658054f125a999e2f8a629cb368c

    "C:\ProgramData\SupportSoft\DellSupportCenter\SYSTEM\exec\DSCPatch_2_2_08298_2.2.exe"
    28/10/2008 04:51 |Size 474641 |Crc32 0341b39f |Md5 b1ed1133bd164463610e7f5fdba6336e

    "C:\ProgramData\SupportSoft\DellSupportCenter\SYSTEM\exec\DSCPatch_2_2_08335_2.2.exe"
    22/01/2009 01:23 |Size 148525 |Crc32 8c23ea54 |Md5 b344c3eae6a31bb186b577d19a36f0f0

    ################## | ! Fin du rapport # UsbFix V3.034 ! |
    0
  11. gen-hackman
     
    H:\R126542.EXE
    H:\R98241.EXE

    ce sont des pilotes à toi ?
    0
    1. Riana_BXL Messages postés 29 Statut Membre 1
       
      Franchement je sais pas du tout ce que c'est...
      0
  12. Riana_BXL Messages postés 29 Statut Membre 1
     
    Et là normalement c'est fini???
    0
  13. gen-hackman
     
    non tu as encore des processus infectieux et j'ai besoin d'un diagnostic plus poussé :

    Télécharge OTL de OLDTimer

    et enregistre le sur ton Bureau.

    Double clic sur OTL.exe pour le lancer.

    Coche les 2 cases Lop et Purity

    Coche la case devant scan all users

    Clic sur Run Scan.

    A la fin du scan, le Bloc-Notes va s'ouvrir avec le rapport (OTL.txt).

    Ce fichier est sur ton Bureau (en général C:\Documents and settings\le_nom_de_ta_session\OTL.txt)

    NE LE POSTE PAS SUR LE FORUM

    Pour me le transmettre clique sur ce lien : http://www.cijoint.fr/

    Clique sur Parcourir et cherche le fichier ci-dessus.

    Clique sur Ouvrir.

    Clique sur "Cliquez ici pour déposer le fichier".

    Un lien de cette forme :

    http://www.cijoint.fr/cjlink.php?file=cjge368/cijSKAP5fU.txt

    est ajouté dans la page.

    Copie ce lien dans ta réponse.

    Tu feras la meme chose avec le "Extra.txt" s'il t'est demandé
    0
  14. Riana_BXL Messages postés 29 Statut Membre 1
     
    lien OTL :http://www.cijoint.fr/cjlink.php?file=cj200906/cijlIOJ8Uf.txt

    lien extras : http://www.cijoint.fr/cjlink.php?file=cj200906/cijr3WXuib.txt
    0
  15. gen-hackman
     

    /!\ ATTENTION SUIVRE SCRUPULEUSEMENT A LA LETTRE CES INDICATIONS/!\

    _________________________________________________________________
    >Ce logiciel n'est à utiliser que prescrit par un helper qualifié et formé à l'outil.<
    >>>>>>>Ne pas utiliser en dehors de ce cas de figure : dangereux!<<<<<<<<
    =====================================================


    On va utiliser ComboFix.exe. Rends toi sur cette page web pour obtenir les liens de téléchargement, ainsi que des instructions pour exécuter l'outil:

    https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix

    Avant d'utiliser ComboFix :
    ______________________________________________________________________
    >> referme les fenêtres de tous les programmes en cours.
    >> Désactive provisoirement et seulement le temps de l'utilisation de ComboFix,
    >>la protection en temps réel de ton Antivirus et de tes Antispywares,
    >>qui peuvent gêner fortement la procédure de recherche et de nettoyage de l'outil.

    °°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°


    !!!!!NE TOUCHE A RIEN PENDANT LE TRAVAIL DE COMBOFIX (SOURIS/CLAVIER.....)!!!!!

    n'oublie pas de reactiver la garde de ton Antivirus et de tes Antispywares, avant de te reconnecter à internet.

    >> Reviens sur le forum, et

    copie et colle la totalité du contenu de C:\Combofix.txt dans ton prochain message.

    0
  16. Riana_BXL Messages postés 29 Statut Membre 1
     
    Après une longue attente, voici le compte rendu combofix:

    ComboFix 09-06-29.01 - Princesse Riana 29/06/2009 22:25.2 - NTFSx86
    Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6001.1.1252.33.1036.18.3066.2020 [GMT 2:00]
    Lancé depuis: c:\users\Princesse Riana\Desktop\ComboFix.exe
    SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
    .

    ((((((((((((((((((((((((((((( Fichiers créés du 2009-05-28 au 2009-06-29 ))))))))))))))))))))))))))))))))))))
    .

    2009-06-29 17:55 . 2009-06-29 18:41 -------- d-----w- C:\UsbFix
    2009-06-27 00:36 . 2009-06-25 11:19 117764 ----a-w- c:\windows\msb.exe
    2009-06-12 20:22 . 2007-12-11 13:36 245760 ----a-w- c:\windows\system32\WlanApp.dll
    2009-06-12 20:22 . 2007-11-21 16:36 217088 ----a-w- c:\windows\system32\aIPH.dll
    2009-06-12 20:22 . 2007-10-08 17:13 262144 ----a-w- c:\windows\system32\wnicapi.dll
    2009-06-12 20:22 . 2005-10-27 06:55 49152 ----a-w- c:\windows\system32\JJAKEn.dll
    2009-06-12 20:22 . 2005-10-19 16:19 1327189 ----a-w- c:\windows\system32\odSupp_M.dll
    2009-06-12 20:22 . 2008-01-23 08:19 692224 ----a-w- c:\windows\system32\ANIWZCS2.dll
    2009-06-12 20:22 . 2006-09-26 11:49 45115 ----a-w- c:\windows\system32\ANICtl.dll
    2009-06-12 20:22 . 2005-10-19 16:19 49152 ----a-w- c:\windows\system32\AQCKGen.dll
    2009-06-12 20:22 . 2009-06-12 20:22 -------- d-----w- c:\program files\ANI
    2009-06-12 20:20 . 2008-01-16 08:18 489984 ----a-w- c:\windows\system32\drivers\Dr71WU.sys
    2009-06-12 20:20 . 2009-06-12 20:20 -------- d-----w- c:\program files\D-Link
    2009-06-12 20:20 . 2009-06-12 20:20 -------- d-----w- c:\users\Princesse Riana\AppData\Roaming\InstallShield
    2009-06-10 11:15 . 2009-04-24 16:02 78336 ----a-w- c:\windows\system32\ieencode.dll
    2009-06-07 18:55 . 2009-06-07 18:55 -------- d-----w- c:\program files\Pvm
    2009-06-05 11:34 . 2009-06-05 11:34 -------- d-----w- c:\program files\Veoh Networks

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2009-06-29 20:28 . 2009-03-26 17:00 -------- d-----w- c:\users\Princesse Riana\AppData\Roaming\DNA
    2009-06-29 20:24 . 2009-04-17 16:29 -------- d-----w- c:\users\Princesse Riana\AppData\Roaming\Skype
    2009-06-29 20:08 . 2009-03-28 20:43 1356 ----a-w- c:\users\Princesse Riana\AppData\Local\d3d9caps.dat
    2009-06-29 18:39 . 2009-03-26 17:00 -------- d-----w- c:\program files\DNA
    2009-06-29 18:10 . 2008-01-21 08:40 669566 ----a-w- c:\windows\system32\perfh00C.dat
    2009-06-29 18:10 . 2008-01-21 08:40 123556 ----a-w- c:\windows\system32\perfc00C.dat
    2009-06-21 16:13 . 2009-01-14 15:23 14972 ----a-w- c:\users\Princesse Riana\AppData\Roaming\wklnhst.dat
    2009-06-18 19:25 . 2009-02-01 00:12 -------- d-----w- c:\users\Princesse Riana\AppData\Roaming\dvdcss
    2009-06-14 15:25 . 2009-03-26 17:01 -------- d-----w- c:\users\Princesse Riana\AppData\Roaming\BitTorrent
    2009-06-12 20:22 . 2009-01-10 08:35 -------- d--h--w- c:\program files\InstallShield Installation Information
    2009-06-11 01:07 . 2009-01-10 08:45 -------- d-----w- c:\program files\Microsoft Works
    2009-06-07 21:49 . 2009-01-14 13:47 83560 ----a-w- c:\users\Princesse Riana\AppData\Local\GDIPFONTCACHEV1.DAT
    2009-05-13 12:26 . 2009-05-13 12:11 -------- d-----w- c:\programdata\InternetFax
    2009-05-13 12:13 . 2009-05-13 12:11 -------- d-----w- c:\programdata\tpfmon
    2009-05-13 12:11 . 2009-05-13 12:11 -------- d-----w- c:\program files\InternetFax
    2009-05-13 12:11 . 2009-05-13 12:11 -------- d-----w- c:\program files\Alliance MCA
    2009-05-13 09:05 . 2009-05-13 09:05 -------- d-----w- c:\programdata\WindowsSearch
    2009-05-12 09:30 . 2009-05-12 09:30 -------- d-----w- c:\program files\Microsoft Office Outlook Connector
    2009-05-12 09:29 . 2009-05-12 09:29 -------- d-----w- c:\program files\MSECache
    2009-05-11 12:42 . 2009-05-11 12:02 -------- d-----w- c:\users\Princesse Riana\AppData\Roaming\DAEMON Tools Pro
    2009-05-11 12:41 . 2009-05-11 12:36 -------- d-----w- c:\program files\DAEMON Tools Pro
    2009-05-11 12:36 . 2009-05-11 12:36 -------- d-----w- c:\programdata\DAEMON Tools Pro
    2009-05-11 12:03 . 2009-03-08 13:46 721904 ----a-w- c:\windows\system32\drivers\sptd.sys
    2009-05-10 18:26 . 2009-01-15 11:32 -------- d-----w- c:\program files\PokerStars
    2009-05-03 12:05 . 2009-05-03 12:05 -------- d-----w- c:\programdata\TechSmith
    2009-05-03 12:05 . 2009-05-03 12:05 -------- d-----w- c:\program files\TechSmith
    2009-05-03 11:41 . 2009-05-03 11:41 -------- d-----w- c:\program files\infallsoft
    2009-04-24 16:05 . 2009-06-10 11:16 827904 ----a-w- c:\windows\system32\wininet.dll
    2009-04-24 13:44 . 2009-06-10 11:16 26624 ----a-w- c:\windows\system32\ieUnatt.exe
    2009-04-23 12:43 . 2009-06-10 11:16 784896 ----a-w- c:\windows\system32\rpcrt4.dll
    2009-04-23 12:42 . 2009-06-10 11:16 636928 ----a-w- c:\windows\system32\localspl.dll
    2009-04-21 11:55 . 2009-06-10 11:16 2033152 ----a-w- c:\windows\system32\win32k.sys
    2009-01-10 08:43 . 2009-01-14 14:03 122880 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
    2009-01-10 08:47 . 2009-01-10 08:47 75 --sh--r- c:\windows\CT4CET.bin
    2009-01-10 16:56 . 2009-01-10 16:54 8192 --sha-w- c:\windows\Users\Default\NTUSER.DAT
    .

    ((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
    REGEDIT4

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
    2008-09-29 16:24 325000 ----a-w- c:\program files\AskBarDis\bar\bin\askBar.dll

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-01-10 39408]
    "BitTorrent DNA"="c:\users\Princesse Riana\Program Files\DNA\btdna.exe" [2009-03-28 321344]
    "Skype"="c:\program files\Skype\Phone\Skype.exe" [2009-03-27 24103720]
    "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]
    "DAEMON Tools Pro Agent"="c:\program files\DAEMON Tools Pro\DTProAgent.exe" [2009-04-09 228808]
    "VeohPlugin"="c:\program files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe" [2009-05-19 3561720]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Apoint"="c:\program files\DellTPad\Apoint.exe" [2008-07-17 196608]
    "SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2008-07-17 442433]
    "StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 61440]
    "Broadcom Wireless Manager UI"="c:\windows\system32\WLTRAY.exe" [2008-11-20 3563520]
    "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
    "Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2009-01-10 30192]
    "Dell Webcam Central"="c:\program files\Dell Webcam\Dell Webcam Central\WebcamDell.exe" [2008-06-03 446635]
    "mcagent_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2007-08-03 582992]
    "Dell DataSafe Online"="c:\program files\Dell DataSafe Online\DataSafeOnline.exe" [2008-11-03 1745648]
    "PCMService"="c:\program files\Dell\MediaDirect\PCMService.exe" [2008-07-04 132392]
    "dellsupportcenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2008-10-04 206064]
    "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-03-31 148888]
    "Windows Mobile-based device management"="c:\windows\WindowsMobile\wmdSync.exe" [2008-01-21 215552]
    "infallsoft Screen Capture"="c:\program files\infallsoft\Screen Capture\iCaptureSE.exe" [2009-02-24 4208128]
    "ANIWZCS2Service"="c:\program files\ANI\ANIWZCS2 Service\WZCSLDR2.exe" [2007-01-19 49152]
    "D-Link D-Link Wireless G DWA-110"="c:\program files\D-Link\D-Link Wireless G DWA-110\AirGCFG.exe" [2008-04-15 1675264]

    c:\users\Princesse Riana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
    Dell Dock.lnk - c:\program files\Dell\DellDock\DellDock.exe [2008-9-23 1295656]

    c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
    Lancement Application Fax.lnk - c:\program files\Alliance MCA\SafeFax\faxtray.exe [2009-5-13 823296]
    QuickSet.lnk - c:\program files\Dell\QuickSet\quickset.exe [2008-7-9 1616976]
    Snagit 9.lnk - c:\program files\TechSmith\Snagit 9\Snagit32.exe [2009-4-17 7226184]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "EnableUIADesktopToggle"= 0 (0x0)
    "DisableRegedit"= 0 (0x0)
    "UacDisableNotify"= 0 (0x0)

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\GoToAssist]
    2009-01-10 08:54 10536 ----a-w- c:\program files\Citrix\GoToAssist\514\g2awinlogon.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
    "AppInit_DLLs"=c:\progra~1\Google\GOOGLE~3\GoogleDesktopNetwork3.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
    "mixer"=wdmaud.drv

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
    @=""

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
    @=""

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
    @="Driver"

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
    @="Service"

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
    "DisableMonitoring"=dword:00000001

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile]
    "EnableFirewall"= 0 (0x0)

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
    "{8FD6ED5F-AD65-4040-A8FF-8518CFDD4D10}"= UDP:c:\program files\Dell Video Chat\DellVideoChat.exe:Dell Video Chat
    "{38227C38-54F4-4CBD-94EA-F95F4C6D9822}"= TCP:c:\program files\Dell Video Chat\DellVideoChat.exe:Dell Video Chat
    "{6AC5E7AA-83F0-42ED-8C9F-85C4CB0B1D17}"= Profile=Private|Profile=Public|c:\program files\Common Files\Mcafee\MNA\McNaSvc.exe:McAfee Network Agent
    "{1AB34DEA-8864-42E0-BF83-6499DEC65008}"= c:\program files\Dell\MediaDirect\MediaDirect.exe:Dell MediaDirect
    "{433133E1-FB27-4007-9EA5-CB55A661DCDE}"= c:\program files\Dell\MediaDirect\PCMService.exe:CyberLink PowerCinema Resident Program
    "{668CF844-6B1F-4C68-A8BB-4921DFDFC511}"= c:\program files\Dell\MediaDirect\Kernel\DMP\CLBrowserEngine.exe:Cyberlink Media Server Browser Engine
    "{2C3584E9-6C41-445B-858B-B1A88654261D}"= c:\program files\Dell\MediaDirect\Kernel\DMS\CLMSService.exe:CyberLink Media Server
    "{8E71BBE4-0B95-4DA2-ABCB-EABBEF1B2B8F}"= UDP:990:LocalSubnet:LocalSubnet|IF={11478F7A-CEEB-4EB1-808E-8454A147DADA}|%SystemRoot%\system32\svchost.exe|Svc=rapimgr:@%systemroot%\WindowsMobile\wmdSync.exe,-4001
    "{AC6EFE4D-1883-4D7C-9C1D-493C262C5877}"= UDP:990:LocalSubnet:LocalSubnet|IF={30BA61C5-75FC-43C6-8C16-F7DB1DDFE53C}|%SystemRoot%\system32\svchost.exe|Svc=rapimgr:@%systemroot%\WindowsMobile\wmdSync.exe,-4001
    "{369B2384-6B06-4C2B-B99F-251435A6EAB8}"= c:\program files\Skype\Phone\Skype.exe:Skype
    "{90DF608C-287A-492D-82CC-12A342715718}"= UDP:c:\program files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe:Veoh Web Player
    "{A1F557F9-8D19-47AA-87AF-964BB2CFA4E4}"= TCP:c:\program files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe:Veoh Web Player
    "{BC5508F8-7683-4315-AA6E-FAFAFC5B4836}"= UDP:c:\program files\DNA\btdna.exe:DNA (TCP-In)
    "{8B895AEC-89FD-445B-8B65-E324E4E953D7}"= TCP:c:\program files\DNA\btdna.exe:DNA (UDP-In)

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
    "EnableFirewall"= 0 (0x0)

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]
    "EnableFirewall"= 0 (0x0)

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List]
    "c:\\Program Files\\BitTorrent\\bittorrent.exe"= c:\program files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent

    R2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_f091b975\AEstSrv.exe [10/01/2009 19:11 73728]
    R2 CAMTHWDM;WebcamMax, WDM Video Capture;c:\windows\System32\drivers\CAMTHWDM.sys [20/02/2009 21:28 941784]
    R2 DockLoginService;Dock Login Service;c:\program files\Dell\DellDock\DockLogin.exe [23/09/2008 23:09 155648]
    R3 itecir;ITECIR Infrared Receiver;c:\windows\System32\drivers\itecir.sys [10/01/2009 19:11 54784]
    R3 k57nd60x;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\System32\drivers\k57nd60x.sys [10/01/2009 19:11 203264]
    R3 OA001Ufd;Creative Camera OA001 Upper Filter Driver;c:\windows\System32\drivers\OA001Ufd.sys [10/01/2009 19:11 144672]
    R3 OA001Vid;Creative Camera OA001 Function Driver;c:\windows\System32\drivers\OA001Vid.sys [10/01/2009 19:11 277440]
    S3 GoogleDesktopManager-092308-165331;Google Desktop Manager 5.8.809.23506;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [10/01/2009 10:43 30192]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
    WindowsMobile REG_MULTI_SZ wcescomm rapimgr
    LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr
    .
    Contenu du dossier 'Tâches planifiées'

    2009-06-14 c:\windows\Tasks\McDefragTask.job
    - c:\progra~1\mcafee\mqc\QcConsol.exe [2009-01-14 12:32]

    2009-05-31 c:\windows\Tasks\McQcTask.job
    - c:\progra~1\mcafee\mqc\QcConsol.exe [2009-01-14 12:32]
    .
    .
    ------- Examen supplémentaire -------
    .
    uStart Page = hxxp://www.ask.com/?o=101764&l=dis
    uInternet Settings,ProxyOverride = *.local
    uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s
    IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
    TCP: {4F0D5C6C-C138-4C0F-AFEF-7F248EEE8CC3} = 192.168.1.1
    FF - ProfilePath - c:\users\Princesse Riana\AppData\Roaming\Mozilla\Firefox\Profiles\yt4714c8.default\
    FF - prefs.js: browser.search.selectedEngine - Google
    FF - prefs.js: browser.startup.homepage - hxxp://fr.start2.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:fr:official
    FF - prefs.js: keyword.URL - hxxp://toolbar.ask.com/toolbarv/askRedirect?o=101761&gct=&gc=1&q=
    FF - component: c:\program files\Mozilla Firefox\components\GoogleDesktopMozilla.dll
    FF - component: c:\program files\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\components\NPComponent.dll
    FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
    FF - plugin: c:\program files\Mozilla Firefox\plugins\npbittorrent.dll
    FF - plugin: c:\program files\Veoh Networks\VeohWebPlayer\NPVeohTVPlugin.dll
    FF - plugin: c:\program files\Veoh Networks\VeohWebPlayer\npWebPlayerVideoPluginATL.dll
    FF - plugin: c:\users\Princesse Riana\Program Files\DNA\plugins\npbtdna.dll

    ---- PARAMETRES FIREFOX ----

    pref(dom.disable_open_during_load, false);.

    **************************************************************************

    catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2009-06-29 22:28
    Windows 6.0.6001 Service Pack 1 NTFS

    Recherche de processus cachés ...

    Recherche d'éléments en démarrage automatique cachés ...

    Recherche de fichiers cachés ...

    c:\users\Princesse Riana\AppData\Roaming\Microsoft\Windows\Cookies\princesse_riana@ad.yieldmanager[2].txt 967 bytes

    Scan terminé avec succès
    Fichiers cachés: 1

    **************************************************************************
    .
    Heure de fin: 2009-06-29 22:29
    ComboFix-quarantined-files.txt 2009-06-29 20:29
    ComboFix2.txt 2009-06-29 20:20

    Avant-CF: 104 522 878 976 octets libres
    Après-CF: 104 488 488 960 octets libres

    200 --- E O F --- 2009-06-11 01:08
    0
  17. gen-hackman
     
    alors-là je suis scié...!!!!

    on va le faire quand même ^^

    ♦ Désactivez le contrôle des comptes utilisateurs avant utilisation de cet outil:

    ♦ Allez dans "Démarrer" puis Panneau de configuration.
    ♦ Double Cliquez sur l'icône Comptes d'utilisateurs et sur "Activer ou désactiver le contrôle des comptes d'utilisateurs".
    ♦ Décochez la case Utiliser le contrôle des comptes d'utilisateurs pour vous aider à protéger votre ordinateur.
    ♦ Validez par OK et redémarrez .

    Aides en images ( Uac )

    ensuite

    ♦ Télécharge Ad-remover ( de C_XX ) sur ton bureau :

    ♦ Déconnecte toi et ferme toutes applications en cours !

    ♦ clic droit sur "Ad-R.exe" en tant qu'administrateur pour lancer l'installation et laisse les paramètres d'installation par défaut .

    ♦ clic droit sur le raccourci Ad-remover en tant qu'administrateur qui est sur ton bureau pour lancer l'outil .

    ♦ Au menu principal choisis l'option "L" et tape sur [entrée] .

    ♦ Laisse travailler l'outil et ne touche à rien ...

    ♦ Poste le rapport qui apparait à la fin , sur le forum ...

    ( Le rapport est sauvegardé aussi sous C:\Ad-report.log )
    ( CTRL+A Pour tout sélectionner , CTRL+C pour copier et CTRL+V pour coller )

    ♦ Note : "Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
    Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
    Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.

    Aides en images (Installation)
    Aides en images (Recherche)

    ensuite :

    télécharge LOP S&D sur ton Bureau.

    *cliquedroit "executer en tant qu'administrateur" pour lancer l'installation
    * cliquedroit "executer en tant qu'administrateur" sur le raccourci Lop S&D présent sur ton Bureau
    * Séléctionne la langue souhaitée , puis choisis l'option 1 (Recherche)
    * Patiente jusqu'à la fin du scan

    * Poste le rapport généré (C:\lopR.txt)
    0
  18. Riana_BXL Messages postés 29 Statut Membre 1
     
    Pourquoi tu es scié??? Mon ordi va mal à ce point??? En tout cas merci de me consacrer autant de temps!
    Voilà le rapport Ad-remover et je me lance dans LOP S&D:

    .
    ======= RAPPORT D'AD-REMOVER 1.1.4.5_O | UNIQUEMENT XP/VISTA/SEVEN =======
    .
    Mit à jour par C_XX le 24/06/2009 à 7:10 PM
    Contact: AdRemover.contact@gmail.com
    Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html
    .
    Lancé à: 23:00:00, 29/06/2009 | Mode Normal | Option: CLEAN
    Exécuté de: C:\Program Files\Ad-remover\
    Système d'exploitation: Microsoft® Windows Vista™ Home Premium Service Pack 1 v6.0.6001
    Nom du PC: PC-DE-PRINCESSE | Utilisateur actuel: Princesse Riana
    .
    Administrateur: Administrateur *Desactive*
    N'est pas administrateur: Invité *Desactive*
    Administrateur: Princesse Riana
    .
    ============== ÉLÉMENT(S) NEUTRALISÉ(S) ==============
    .
    .
    HKCR\CLSID\{201f27d4-3704-41d6-89c1-aa35e39143ed}
    HKCR\CLSID\{9afb8248-617f-460d-9366-d71cdeda3179}
    HKCU\Software\Poker 770
    HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}
    HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Poker 770
    HKLM\Software\Poker 770
    HKLM\Software\Microsoft\Internet Explorer\Toolbar\\{3041d03e-fd4b-44e0-b742-2d9b88305f98}
    HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{3041d03e-fd4b-44e0-b742-2d9b88305f98}
    HKCR\CLSID\{0702a2b6-13aa-4090-9e01-bcdc85dd933f}
    HKCR\CLSID\{3041d03e-fd4b-44e0-b742-2d9b88305f98}
    HKCR\CLSID\{b0de3308-5d5a-470d-81b9-634fc078393b}
    .
    C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Poker 770\Poker 770.lnk
    C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Poker 770\Uninstall Poker 770.lnk
    C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Poker 770
    C:\Users\PRINCE~1\AppData\Roaming\Mozilla\Firefox\Profiles\yt4714c8.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}\chrome
    C:\Users\PRINCE~1\AppData\Roaming\Mozilla\Firefox\Profiles\yt4714c8.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}\chrome.manifest
    C:\Users\PRINCE~1\AppData\Roaming\Mozilla\Firefox\Profiles\yt4714c8.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}\chrome.manifest.dev
    C:\Users\PRINCE~1\AppData\Roaming\Mozilla\Firefox\Profiles\yt4714c8.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}\defaults
    C:\Users\PRINCE~1\AppData\Roaming\Mozilla\Firefox\Profiles\yt4714c8.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}\install.rdf
    C:\Users\PRINCE~1\AppData\Roaming\Mozilla\Firefox\Profiles\yt4714c8.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}\install.rdf.bak
    C:\Users\PRINCE~1\AppData\Roaming\Mozilla\Firefox\Profiles\yt4714c8.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}\META-INF
    C:\Users\PRINCE~1\AppData\Roaming\Mozilla\Firefox\Profiles\yt4714c8.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}\chrome\ajtoolbar.jar
    C:\Users\PRINCE~1\AppData\Roaming\Mozilla\Firefox\Profiles\yt4714c8.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}\defaults\preferences
    C:\Users\PRINCE~1\AppData\Roaming\Mozilla\Firefox\Profiles\yt4714c8.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}\defaults\preferences\ask.gif
    C:\Users\PRINCE~1\AppData\Roaming\Mozilla\Firefox\Profiles\yt4714c8.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}\defaults\preferences\ask.src
    C:\Users\PRINCE~1\AppData\Roaming\Mozilla\Firefox\Profiles\yt4714c8.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}\defaults\preferences\config.dat
    C:\Users\PRINCE~1\AppData\Roaming\Mozilla\Firefox\Profiles\yt4714c8.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}\defaults\preferences\config.dat.bak
    C:\Users\PRINCE~1\AppData\Roaming\Mozilla\Firefox\Profiles\yt4714c8.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}\defaults\preferences\contents.rdf
    C:\Users\PRINCE~1\AppData\Roaming\Mozilla\Firefox\Profiles\yt4714c8.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}\defaults\preferences\snipit.js
    C:\Users\PRINCE~1\AppData\Roaming\Mozilla\Firefox\Profiles\yt4714c8.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}\META-INF\manifest.mf
    C:\Users\PRINCE~1\AppData\Roaming\Mozilla\Firefox\Profiles\yt4714c8.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}\META-INF\zigbert.rsa
    C:\Users\PRINCE~1\AppData\Roaming\Mozilla\Firefox\Profiles\yt4714c8.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}\META-INF\zigbert.sf
    C:\Users\PRINCE~1\AppData\Roaming\Mozilla\Firefox\Profiles\yt4714c8.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}
    C:\Program Files\AskBarDis\bar
    C:\Program Files\AskBarDis\unins000.dat
    C:\Program Files\AskBarDis\unins000.exe
    C:\Program Files\AskBarDis\bar\bin
    C:\Program Files\AskBarDis\bar\Settings
    C:\Program Files\AskBarDis\bar\bin\askBar.dll
    C:\Program Files\AskBarDis\bar\bin\askPopStp.dll
    C:\Program Files\AskBarDis\bar\bin\psvince.dll
    C:\Program Files\AskBarDis\bar\Settings\config.dat
    C:\Program Files\AskBarDis\bar\Settings\config.dat.bak
    C:\Program Files\AskBarDis
    C:\Poker\Poker 770\cactivex.dll
    C:\Poker\Poker 770\casino.cli
    C:\Poker\Poker 770\casino.exe
    C:\Poker\Poker 770\casino.hlp
    C:\Poker\Poker 770\casino.ico
    C:\Poker\Poker 770\data
    C:\Poker\Poker 770\directsounddriver.dll
    C:\Poker\Poker 770\fileinfo.dat
    C:\Poker\Poker 770\fileinfo2.dat
    C:\Poker\Poker 770\fileinfo2r.dat
    C:\Poker\Poker 770\gdigraphdriver.dll
    C:\Poker\Poker 770\labitedupoks.pbn
    C:\Poker\Poker 770\ptsetup.lang
    C:\Poker\Poker 770\ptsetup.log
    C:\Poker\Poker 770\replace.exe
    C:\Poker\Poker 770\unicows.dll
    C:\Poker\Poker 770\_SetupCasino(2).exe
    C:\Poker\Poker 770\data\blackjack
    C:\Poker\Poker 770\data\blackjack.dll
    C:\Poker\Poker 770\data\blackjack.gam
    C:\Poker\Poker 770\data\cashier.dll
    C:\Poker\Poker 770\data\cashier.gam
    C:\Poker\Poker 770\data\casinowar
    C:\Poker\Poker 770\data\casinowar.dll
    C:\Poker\Poker 770\data\casinowar.gam
    C:\Poker\Poker 770\data\common.dll
    C:\Poker\Poker 770\data\common.gam
    C:\Poker\Poker 770\data\craps
    C:\Poker\Poker 770\data\craps.dll
    C:\Poker\Poker 770\data\craps.gam
    C:\Poker\Poker 770\data\keno
    C:\Poker\Poker 770\data\keno.dll
    C:\Poker\Poker 770\data\keno.gam
    C:\Poker\Poker 770\data\loader.dll
    C:\Poker\Poker 770\data\loader.gam
    C:\Poker\Poker 770\data\lobby
    C:\Poker\Poker 770\data\pokergames.dll
    C:\Poker\Poker 770\data\poker_caribbean
    C:\Poker\Poker 770\data\poker_caribbean.gam
    C:\Poker\Poker 770\data\poker_common.dll
    C:\Poker\Poker 770\data\poker_common.gam
    C:\Poker\Poker 770\data\poker_holdem
    C:\Poker\Poker 770\data\poker_holdem.gam
    C:\Poker\Poker 770\data\poker_lobby.dll
    C:\Poker\Poker 770\data\poker_lobby.gam
    C:\Poker\Poker 770\data\poker_table.dll
    C:\Poker\Poker 770\data\roulette
    C:\Poker\Poker 770\data\roulette.dll
    C:\Poker\Poker 770\data\roulette.gam
    C:\Poker\Poker 770\data\shared
    C:\Poker\Poker 770\data\slotmachines.dll
    C:\Poker\Poker 770\data\slots_bonusbears25line
    C:\Poker\Poker 770\data\slots_bonusbears25line.gam
    C:\Poker\Poker 770\data\slots_cinerama5reel
    C:\Poker\Poker 770\data\slots_cinerama5reel.gam
    C:\Poker\Poker 770\data\slots_desert20line
    C:\Poker\Poker 770\data\slots_desert20line.gam
    C:\Poker\Poker 770\data\slots_forestofwonders25line
    C:\Poker\Poker 770\data\slots_forestofwonders25line.gam
    C:\Poker\Poker 770\data\slots_gold8line
    C:\Poker\Poker 770\data\slots_gold8line.gam
    C:\Poker\Poker 770\data\slots_lotto20line
    C:\Poker\Poker 770\data\slots_lotto20line.gam
    C:\Poker\Poker 770\data\slots_lovemore20line
    C:\Poker\Poker 770\data\slots_lovemore20line.gam
    C:\Poker\Poker 770\data\slots_silentsamurai9line
    C:\Poker\Poker 770\data\slots_silentsamurai9line.gam
    C:\Poker\Poker 770\data\slots_wildspirit20line
    C:\Poker\Poker 770\data\slots_wildspirit20line.gam
    C:\Poker\Poker 770\data\smallview.gam
    C:\Poker\Poker 770\data\table
    C:\Poker\Poker 770\data\topview.gam
    C:\Poker\Poker 770\data\videopokers.dll
    C:\Poker\Poker 770\data\videopoker_4aces
    C:\Poker\Poker 770\data\videopoker_4aces.gam
    C:\Poker\Poker 770\data\videopoker_4jacks
    C:\Poker\Poker 770\data\videopoker_4jacks.gam
    C:\Poker\Poker 770\data\videopoker_jacks
    C:\Poker\Poker 770\data\videopoker_jacks.gam
    C:\Poker\Poker 770\data\videopoker_joker
    C:\Poker\Poker 770\data\videopoker_joker.gam
    C:\Poker\Poker 770\data\blackjack\blackjack_winsign.jpg
    C:\Poker\Poker 770\data\blackjack\texture.jpg
    C:\Poker\Poker 770\data\casinowar\casinowar.lws
    C:\Poker\Poker 770\data\casinowar\texture.jpg
    C:\Poker\Poker 770\data\craps\3d
    C:\Poker\Poker 770\data\craps\back.jpg
    C:\Poker\Poker 770\data\craps\coins.png
    C:\Poker\Poker 770\data\craps\3d\back.z
    C:\Poker\Poker 770\data\craps\3d\dice.lwo
    C:\Poker\Poker 770\data\craps\3d\dice.lws
    C:\Poker\Poker 770\data\craps\3d\dice.png
    C:\Poker\Poker 770\data\keno\3d
    C:\Poker\Poker 770\data\keno\back.jpg
    C:\Poker\Poker 770\data\keno\buttons
    C:\Poker\Poker 770\data\keno\selected.png
    C:\Poker\Poker 770\data\keno\sounds
    C:\Poker\Poker 770\data\keno\star-alpha.jpg
    C:\Poker\Poker 770\data\keno\star.jpg
    C:\Poker\Poker 770\data\keno\wheel_empty.jpg
    C:\Poker\Poker 770\data\keno\wheel_full.jpg
    C:\Poker\Poker 770\data\keno\3d\bet.sl2
    C:\Poker\Poker 770\data\keno\buttons\buttons-alpha.jpg
    C:\Poker\Poker 770\data\keno\buttons\buttons.jpg
    C:\Poker\Poker 770\data\keno\sounds\hitone.mp3
    C:\Poker\Poker 770\data\keno\sounds\selectsound.mp3
    C:\Poker\Poker 770\data\keno\sounds\wheel.mp3
    C:\Poker\Poker 770\data\lobby\asian_view_stakes_back.png
    C:\Poker\Poker 770\data\lobby\back.jpg
    C:\Poker\Poker 770\data\lobby\buttons
    C:\Poker\Poker 770\data\lobby\dialogs
    C:\Poker\Poker 770\data\lobby\filtering_tab-alpha.jpg
    C:\Poker\Poker 770\data\lobby\filtering_tab.jpg
    C:\Poker\Poker 770\data\lobby\filter_text.png
    C:\Poker\Poker 770\data\lobby\info_headers.png
    C:\Poker\Poker 770\data\lobby\key.png
    C:\Poker\Poker 770\data\lobby\loading_info.jpg
    C:\Poker\Poker 770\data\lobby\login
    C:\Poker\Poker 770\data\lobby\mc_text.jpg
    C:\Poker\Poker 770\data\lobby\padlock.png
    C:\Poker\Poker 770\data\lobby\quick_search_back.jpg
    C:\Poker\Poker 770\data\lobby\quick_search_buttons-alpha.jpg
    C:\Poker\Poker 770\data\lobby\quick_search_buttons.jpg
    C:\Poker\Poker 770\data\lobby\quick_search_close.jpg
    C:\Poker\Poker 770\data\lobby\sidegames
    C:\Poker\Poker 770\data\lobby\tables
    C:\Poker\Poker 770\data\lobby\treeview_down.bmp
    C:\Poker\Poker 770\data\lobby\treeview_minus.bmp
    C:\Poker\Poker 770\data\lobby\treeview_plus.bmp
    C:\Poker\Poker 770\data\lobby\treeview_right.bmp
    C:\Poker\Poker 770\data\lobby\waitinglist
    C:\Poker\Poker 770\data\lobby\buttons\cashier_buttons-alpha.jpg
    C:\Poker\Poker 770\data\lobby\buttons\cashier_buttons.jpg
    C:\Poker\Poker 770\data\lobby\buttons\contactus-alpha.jpg
    C:\Poker\Poker 770\data\lobby\buttons\contactus.jpg
    C:\Poker\Poker 770\data\lobby\buttons\goto_buttons-alpha.jpg
    C:\Poker\Poker 770\data\lobby\buttons\goto_buttons.jpg
    C:\Poker\Poker 770\data\lobby\buttons\goto_tournament-alpha.jpg
    C:\Poker\Poker 770\data\lobby\buttons\goto_tournament.jpg
    C:\Poker\Poker 770\data\lobby\buttons\jointable-alpha.jpg
    C:\Poker\Poker 770\data\lobby\buttons\jointable.jpg
    C:\Poker\Poker 770\data\lobby\buttons\players_waiting.jpg
    C:\Poker\Poker 770\data\lobby\buttons\search-alpha.jpg
    C:\Poker\Poker 770\data\lobby\buttons\search.jpg
    C:\Poker\Poker 770\data\lobby\buttons\treeview_menu.jpg
    C:\Poker\Poker 770\data\lobby\buttons\waitinglist_buttons-alpha.jpg
    C:\Poker\Poker 770\data\lobby\buttons\waitinglist_buttons.jpg
    C:\Poker\Poker 770\data\lobby\dialogs\clock-alpha.jpg
    C:\Poker\Poker 770\data\lobby\dialogs\clock.jpg
    C:\Poker\Poker 770\data\lobby\dialogs\close.jpg
    C:\Poker\Poker 770\data\lobby\dialogs\dialog_back.jpg
    C:\Poker\Poker 770\data\lobby\dialogs\dialog_back3.jpg
    C:\Poker\Poker 770\data\lobby\dialogs\dialog_headers.jpg
    C:\Poker\Poker 770\data\lobby\dialogs\dialog_headers_button.jpg
    C:\Poker\Poker 770\data\lobby\dialogs\nickname.jpg
    C:\Poker\Poker 770\data\lobby\dialogs\nickname2.jpg
    C:\Poker\Poker 770\data\lobby\dialogs\player_bulb.png
    C:\Poker\Poker 770\data\lobby\dialogs\tournament_registration.jpg
    C:\Poker\Poker 770\data\lobby\login\back.jpg
    C:\Poker\Poker 770\data\lobby\login\checkbox.png
    C:\Poker\Poker 770\data\lobby\login\checkboxes.jpg
    C:\Poker\Poker 770\data\lobby\login\createaccount-alpha.jpg
    C:\Poker\Poker 770\data\lobby\login\createaccount.jpg
    C:\Poker\Poker 770\data\lobby\login\dont_have_an_account.jpg
    C:\Poker\Poker 770\data\lobby\login\login-alpha.jpg
    C:\Poker\Poker 770\data\lobby\login\login.jpg
    C:\Poker\Poker 770\data\lobby\login\logininfo.jpg
    C:\Poker\Poker 770\data\lobby\login\nickname.png
    C:\Poker\Poker 770\data\lobby\sidegames\sidegames-alpha.jpg
    C:\Poker\Poker 770\data\lobby\sidegames\sidegames.jpg
    C:\Poker\Poker 770\data\lobby\tables\hide_finished.jpg
    C:\Poker\Poker 770\data\lobby\tables\lobby_table_rows.jpg
    C:\Poker\Poker 770\data\lobby\tables\scrollbuttons-alpha.jpg
    C:\Poker\Poker 770\data\lobby\tables\scrollbuttons.jpg
    C:\Poker\Poker 770\data\lobby\tables\scrollbuttons_h.jpg
    C:\Poker\Poker 770\data\lobby\tables\scroll_indicator.jpg
    C:\Poker\Poker 770\data\lobby\tables\scroll_indicator_h.jpg
    C:\Poker\Poker 770\data\lobby\tables\searchtop.jpg
    C:\Poker\Poker 770\data\lobby\tables\tables_back-alpha.jpg
    C:\Poker\Poker 770\data\lobby\tables\tables_back.jpg
    C:\Poker\Poker 770\data\lobby\tables\top.jpg
    C:\Poker\Poker 770\data\lobby\waitinglist\num_chooser.jpg
    C:\Poker\Poker 770\data\poker_caribbean\texture.jpg
    C:\Poker\Poker 770\data\poker_holdem\arrows.png
    C:\Poker\Poker 770\data\poker_holdem\back.jpg
    C:\Poker\Poker 770\data\roulette\3d
    C:\Poker\Poker 770\data\roulette\back.jpg
    C:\Poker\Poker 770\data\roulette\ball.png
    C:\Poker\Poker 770\data\roulette\buttons
    C:\Poker\Poker 770\data\roulette\marker.png
    C:\Poker\Poker 770\data\roulette\sounds
    C:\Poker\Poker 770\data\roulette\zoom
    C:\Poker\Poker 770\data\roulette\3d\back.z
    C:\Poker\Poker 770\data\roulette\3d\ball.bmp
    C:\Poker\Poker 770\data\roulette\3d\ball.lwo
    C:\Poker\Poker 770\data\roulette\3d\disc.lwo
    C:\Poker\Poker 770\data\roulette\3d\disk.jpg
    C:\Poker\Poker 770\data\roulette\3d\roulette.lws
    C:\Poker\Poker 770\data\roulette\3d\turret.cfs
    C:\Poker\Poker 770\data\roulette\buttons\allcoins1_selected.png
    C:\Poker\Poker 770\data\roulette\sounds\roulettespin.mp3
    C:\Poker\Poker 770\data\roulette\sounds\roulettestop.mp3
    C:\Poker\Poker 770\data\roulette\zoom\zoomanim.jpg
    C:\Poker\Poker 770\data\roulette\zoom\zoomstill.jpg
    C:\Poker\Poker 770\data\shared\3d
    C:\Poker\Poker 770\data\shared\9line
    C:\Poker\Poker 770\data\shared\arrow_3d_down.png
    C:\Poker\Poker 770\data\shared\black100x100.png
    C:\Poker\Poker 770\data\shared\blackjack
    C:\Poker\Poker 770\data\shared\bubble.png
    C:\Poker\Poker 770\data\shared\bubble_lobby-alpha.jpg
    C:\Poker\Poker 770\data\shared\bubble_lobby.jpg
    C:\Poker\Poker 770\data\shared\buttons
    C:\Poker\Poker 770\data\shared\cards
    C:\Poker\Poker 770\data\shared\coins
    C:\Poker\Poker 770\data\shared\dollarball
    C:\Poker\Poker 770\data\shared\doublescreen
    C:\Poker\Poker 770\data\shared\fonts
    C:\Poker\Poker 770\data\shared\history
    C:\Poker\Poker 770\data\shared\html
    C:\Poker\Poker 770\data\shared\interface
    C:\Poker\Poker 770\data\shared\jackpot-alpha.jpg
    C:\Poker\Poker 770\data\shared\jackpot.jpg
    C:\Poker\Poker 770\data\shared\jackpot_anim-alpha.jpg
    C:\Poker\Poker 770\data\shared\jackpot_anim.jpg
    C:\Poker\Poker 770\data\shared\jackpot_txt-alpha.jpg
    C:\Poker\Poker 770\data\shared\jackpot_txt.jpg
    C:\Poker\Poker 770\data\shared\loading.png
    C:\Poker\Poker 770\data\shared\loading_anim.png
    C:\Poker\Poker 770\data\shared\mobile_anim.png
    C:\Poker\Poker 770\data\shared\nametag.jpg
    C:\Poker\Poker 770\data\shared\nametag_long.jpg
    C:\Poker\Poker 770\data\shared\options
    C:\Poker\Poker 770\data\shared\progcover.png
    C:\Poker\Poker 770\data\shared\sides.jpg
    C:\Poker\Poker 770\data\shared\slots
    C:\Poker\Poker 770\data\shared\sounds
    C:\Poker\Poker 770\data\shared\tablegames
    C:\Poker\Poker 770\data\shared\tablesigns
    C:\Poker\Poker 770\data\shared\ui
    C:\Poker\Poker 770\data\shared\videopoker_4line
    C:\Poker\Poker 770\data\shared\videopoker_jacks
    C:\Poker\Poker 770\data\shared\3d\chrome.png
    C:\Poker\Poker 770\data\shared\9line\buttons-alpha.jpg
    C:\Poker\Poker 770\data\shared\9line\buttons.jpg
    C:\Poker\Poker 770\data\shared\9line\payline123.png
    C:\Poker\Poker 770\data\shared\9line\payline456789.png
    C:\Poker\Poker 770\data\shared\blackjack\blackjack.lws
    C:\Poker\Poker 770\data\shared\buttons\allbuttons-alpha.jpg
    C:\Poker\Poker 770\data\shared\buttons\allbuttons-over.jpg
    C:\Poker\Poker 770\data\shared\buttons\allbuttons.jpg
    C:\Poker\Poker 770\data\shared\buttons\buttons-alpha.jpg
    C:\Poker\Poker 770\data\shared\buttons\buttons.jpg
    C:\Poker\Poker 770\data\shared\buttons\info_button-alpha.jpg
    C:\Poker\Poker 770\data\shared\buttons\info_button.jpg
    C:\Poker\Poker 770\data\shared\cards\back.z
    C:\Poker\Poker 770\data\shared\cards\cardhq.lwo
    C:\Poker\Poker 770\data\shared\cards\cardlq.lwo
    C:\Poker\Poker 770\data\shared\cards\cards.lws
    C:\Poker\Poker 770\data\shared\cards\cards_small-alpha.jpg
    C:\Poker\Poker 770\data\shared\cards\cards_small.jpg
    C:\Poker\Poker 770\data\shared\cards\card_doubleup-alpha.jpg
    C:\Poker\Poker 770\data\shared\cards\card_doubleup.jpg
    C:\Poker\Poker 770\data\shared\cards\poker
    C:\Poker\Poker 770\data\shared\cards\textures
    C:\Poker\Poker 770\data\shared\cards\poker\allcards-alpha.jpg
    C:\Poker\Poker 770\data\shared\cards\poker\allcards.jpg
    C:\Poker\Poker 770\data\shared\cards\poker\back.bmp
    C:\Poker\Poker 770\data\shared\cards\poker\joker.jpg
    C:\Poker\Poker 770\data\shared\cards\textures\allcards.jpg
    C:\Poker\Poker 770\data\shared\cards\textures\allcards_xl.jpg
    C:\Poker\Poker 770\data\shared\cards\textures\back.bmp
    C:\Poker\Poker 770\data\shared\cards\textures\joker.png
    C:\Poker\Poker 770\data\shared\coins\tablecoins
    C:\Poker\Poker 770\data\shared\coins\tablecoins\allcoins1_coins-alpha.jpg
    C:\Poker\Poker 770\data\shared\coins\tablecoins\allcoins1_coins.jpg
    C:\Poker\Poker 770\data\shared\coins\tablecoins\allcoins1_selected.png
    C:\Poker\Poker 770\data\shared\coins\tablecoins\allcoins2_coins-alpha.jpg
    C:\Poker\Poker 770\data\shared\coins\tablecoins\allcoins2_coins.jpg
    C:\Poker\Poker 770\data\shared\coins\tablecoins\allcoins2_selected.png
    C:\Poker\Poker 770\data\shared\coins\tablecoins\allcoins4_coins.jpg
    C:\Poker\Poker 770\data\shared\dollarball\activate.jpg
    C:\Poker\Poker 770\data\shared\dollarball\ball.png
    C:\Poker\Poker 770\data\shared\dollarball\button_disable-alpha.jpg
    C:\Poker\Poker 770\data\shared\dollarball\button_disable.jpg
    C:\Poker\Poker 770\data\shared\dollarball\button_enable-alpha.jpg
    C:\Poker\Poker 770\data\shared\dollarball\button_enable.jpg
    C:\Poker\Poker 770\data\shared\dollarball\button_enable_mid-alpha.jpg
    C:\Poker\Poker 770\data\shared\dollarball\button_enable_mid.jpg
    C:\Poker\Poker 770\data\shared\dollarball\dollar_ball.png
    C:\Poker\Poker 770\data\shared\dollarball\dollar_ball_big.png
    C:\Poker\Poker 770\data\shared\dollarball\dollar_ball_big_disabled.png
    C:\Poker\Poker 770\data\shared\dollarball\dollar_ball_disabled.png
    C:\Poker\Poker 770\data\shared\dollarball\dollar_ball_mid.png
    C:\Poker\Poker 770\data\shared\dollarball\dollar_ball_mid_disabled.png
    C:\Poker\Poker 770\data\shared\dollarball\enable_big_button-alpha.jpg
    C:\Poker\Poker 770\data\shared\dollarball\enable_big_button.jpg
    C:\Poker\Poker 770\data\shared\dollarball\random_pick1-alpha.jpg
    C:\Poker\Poker 770\data\shared\dollarball\random_pick1.jpg
    C:\Poker\Poker 770\data\shared\dollarball\result_win.png
    C:\Poker\Poker 770\data\shared\dollarball\result_win_disabled.png
    C:\Poker\Poker 770\data\shared\dollarball\selected_box.jpg
    C:\Poker\Poker 770\data\shared\dollarball\selection_win.png
    C:\Poker\Poker 770\data\shared\dollarball\sidebet_button-alpha.jpg
    C:\Poker\Poker 770\data\shared\dollarball\sidebet_button.jpg
    C:\Poker\Poker 770\data\shared\dollarball\sounds
    C:\Poker\Poker 770\data\shared\dollarball\win-over.jpg
    C:\Poker\Poker 770\data\shared\dollarball\sounds\reelstop_sidebet.mp3
    C:\Poker\Poker 770\data\shared\doublescreen\back.png
    C:\Poker\Poker 770\data\shared\doublescreen\buttons_screen-alpha.jpg
    C:\Poker\Poker 770\data\shared\doublescreen\buttons_screen.jpg
    C:\Poker\Poker 770\data\shared\fonts\arial10.fon
    C:\Poker\Poker 770\data\shared\fonts\blackchancery90.fon
    C:\Poker\Poker 770\data\shared\fonts\boink_let_23.fon
    C:\Poker\Poker 770\data\shared\fonts\boink_let_32.fon
    C:\Poker\Poker 770\data\shared\fonts\futurabdcnbt_24.fon
    C:\Poker\Poker 770\data\shared\fonts\helveticaneueboldcond_60.fon
    C:\Poker\Poker 770\data\shared\fonts\helvetica_nbc18.fon
    C:\Poker\Poker 770\data\shared\fonts\impact_19.fon
    C:\Poker\Poker 770\data\shared\fonts\kabelbd.fon
    C:\Poker\Poker 770\data\shared\fonts\kabelultbt.fon
    C:\Poker\Poker 770\data\shared\fonts\lcd2_17.fon
    C:\Poker\Poker 770\data\shared\fonts\serifabdcnbt.fon
    C:\Poker\Poker 770\data\shared\fonts\square721bdexbt.fon
    C:\Poker\Poker 770\data\shared\fonts\swis721cnbt.fon
    C:\Poker\Poker 770\data\shared\fonts\swis721cnbt16.fon
    C:\Poker\Poker 770\data\shared\fonts\swis721cnbt49.fon
    C:\Poker\Poker 770\data\shared\fonts\swis721mdbt25.fon
    C:\Poker\Poker 770\data\shared\fonts\swiss911xcmbt.fon
    C:\Poker\Poker 770\data\shared\fonts\tahoma10b.fon
    C:\Poker\Poker 770\data\shared\fonts\tahoma7.fon
    C:\Poker\Poker 770\data\shared\fonts\tahoma8.fon
    C:\Poker\Poker 770\data\shared\fonts\tahoma8b.fon
    C:\Poker\Poker 770\data\shared\fonts\tahoma8_.fon
    C:\Poker\Poker 770\data\shared\fonts\tahoma_ap.fon
    C:\Poker\Poker 770\data\shared\fonts\times32.fon
    C:\Poker\Poker 770\data\shared\history\cards
    C:\Poker\Poker 770\data\shared\history\cards\allcards.jpg
    C:\Poker\Poker 770\data\shared\history\cards\allcards7stud-alpha.jpg
    C:\Poker\Poker 770\data\shared\history\cards\allcards7stud.jpg
    C:\Poker\Poker 770\data\shared\history\cards\card-alpha.jpg
    C:\Poker\Poker 770\data\shared\history\cards\card7stud-alpha.jpg
    C:\Poker\Poker 770\data\shared\history\cards\joker.jpg
    C:\Poker\Poker 770\data\shared\history\cards\joker7stud.jpg
    C:\Poker\Poker 770\data\shared\html\bg.jpg
    C:\Poker\Poker 770\data\shared\html\button_left.gif
    C:\Poker\Poker 770\data\shared\html\button_middle.gif
    C:\Poker\Poker 770\data\shared\html\button_right.gif
    C:\Poker\Poker 770\data\shared\html\cashier_offline.css
    C:\Poker\Poker 770\data\shared\html\cashier_offline.js
    C:\Poker\Poker 770\data\shared\html\cashier_offline_functions.js
    C:\Poker\Poker 770\data\shared\html\cashier_offline_poker.html
    C:\Poker\Poker 770\data\shared\html\chat
    C:\Poker\Poker 770\data\shared\html\details_desc_back.jpg
    C:\Poker\Poker 770\data\shared\html\details_desc_back2.jpg
    C:\Poker\Poker 770\data\shared\html\icon_comps.gif
    C:\Poker\Poker 770\data\shared\html\icon_transactionhistory.gif
    C:\Poker\Poker 770\data\shared\html\icon_withdraw.gif
    C:\Poker\Poker 770\data\shared\html\key.gif
    C:\Poker\Poker 770\data\shared\html\logo_offline_cashier.gif
    C:\Poker\Poker 770\data\shared\html\spacer.gif
    C:\Poker\Poker 770\data\shared\html\chat\chat.html
    C:\Poker\Poker 770\data\shared\html\chat\colors.html
    C:\Poker\Poker 770\data\shared\html\chat\edit.html
    C:\Poker\Poker 770\data\shared\html\chat\emoticons
    C:\Poker\Poker 770\data\shared\html\chat\emoticons.html
    C:\Poker\Poker 770\data\shared\html\chat\emoticons\01.gif
    C:\Poker\Poker 770\data\shared\html\chat\emoticons\02.gif
    C:\Poker\Poker 770\data\shared\html\chat\emoticons\03.gif
    C:\Poker\Poker 770\data\shared\html\chat\emoticons\04.gif
    C:\Poker\Poker 770\data\shared\html\chat\emoticons\05.gif
    C:\Poker\Poker 770\data\shared\html\chat\emoticons\06.gif
    C:\Poker\Poker 770\data\shared\html\chat\emoticons\07.gif
    C:\Poker\Poker 770\data\shared\html\chat\emoticons\08.gif
    C:\Poker\Poker 770\data\shared\html\chat\emoticons\09.gif
    C:\Poker\Poker 770\data\shared\html\chat\emoticons\10.gif
    C:\Poker\Poker 770\data\shared\html\chat\emoticons\11.gif
    C:\Poker\Poker 770\data\shared\html\chat\emoticons\12.gif
    C:\Poker\Poker 770\data\shared\html\chat\emoticons\13.gif
    C:\Poker\Poker 770\data\shared\html\chat\emoticons\14.gif
    C:\Poker\Poker 770\data\shared\interface\aplay_advanced.jpg
    C:\Poker\Poker 770\data\shared\interface\aplay_arrow-alpha.jpg
    C:\Poker\Poker 770\data\shared\interface\aplay_arrow.jpg
    C:\Poker\Poker 770\data\shared\interface\aplay_buttons.jpg
    C:\Poker\Poker 770\data\shared\interface\aplay_check-alpha.jpg
    C:\Poker\Poker 770\data\shared\interface\aplay_check.jpg
    C:\Poker\Poker 770\data\shared\interface\aplay_delay.jpg
    C:\Poker\Poker 770\data\shared\interface\aplay_mode.jpg
    C:\Poker\Poker 770\data\shared\interface\aplay_ribbon.jpg
    C:\Poker\Poker 770\data\shared\interface\aplay_simple.jpg
    C:\Poker\Poker 770\data\shared\interface\bottom_ribbon-alpha.jpg
    C:\Poker\Poker 770\data\shared\interface\bottom_ribbon.jpg
    C:\Poker\Poker 770\data\shared\interface\chat
    C:\Poker\Poker 770\data\shared\interface\chat-alpha.jpg
    C:\Poker\Poker 770\data\shared\interface\chat.jpg
    C:\Poker\Poker 770\data\shared\interface\empty-alpha.jpg
    C:\Poker\Poker 770\data\shared\interface\empty.jpg
    C:\Poker\Poker 770\data\shared\interface\ipoker-alpha.jpg
    C:\Poker\Poker 770\data\shared\interface\ipoker.jpg
    C:\Poker\Poker 770\data\shared\interface\logo-alpha.jpg
    C:\Poker\Poker 770\data\shared\interface\logo.jpg
    C:\Poker\Poker 770\data\shared\interface\logo_cover.jpg
    C:\Poker\Poker 770\data\shared\interface\menu-alpha.jpg
    C:\Poker\Poker 770\data\shared\interface\menu.jpg
    C:\Poker\Poker 770\data\shared\interface\mobile_back-alpha.jpg
    C:\Poker\Poker 770\data\shared\interface\mobile_back.jpg
    C:\Poker\Poker 770\data\shared\interface\mobile_book.png
    C:\Poker\Poker 770\data\shared\interface\mobile_check.jpg
    C:\Poker\Poker 770\data\shared\interface\mobile_close.jpg
    C:\Poker\Poker 770\data\shared\interface\mobile_txt-alpha.jpg
    C:\Poker\Poker 770\data\shared\interface\mobile_txt.jpg
    C:\Poker\Poker 770\data\shared\interface\onlinestatus.jpg
    C:\Poker\Poker 770\data\shared\interface\playtech-alpha.jpg
    C:\Poker\Poker 770\data\shared\interface\playtech.jpg
    C:\Poker\Poker 770\data\shared\interface\select_buttons-alpha.jpg
    C:\Poker\Poker 770\data\shared\interface\select_buttons.jpg
    C:\Poker\Poker 770\data\shared\interface\timeout-alpha.jpg
    C:\Poker\Poker 770\data\shared\interface\timeout.jpg
    C:\Poker\Poker 770\data\shared\interface\waiting_for_other_players.jpg
    C:\Poker\Poker 770\data\shared\interface\chat\chat_window.png
    C:\Poker\Poker 770\data\shared\interface\chat\close.png
    C:\Poker\Poker 770\data\shared\interface\chat\font.png
    C:\Poker\Poker 770\data\shared\interface\chat\send.png
    C:\Poker\Poker 770\data\shared\options\arrows.png
    C:\Poker\Poker 770\data\shared\options\avatars-alpha.jpg
    C:\Poker\Poker 770\data\shared\options\avatars.jpg
    C:\Poker\Poker 770\data\shared\options\check.png
    C:\Poker\Poker 770\data\shared\options\disconnect_text.png
    C:\Poker\Poker 770\data\shared\options\options-back.jpg
    C:\Poker\Poker 770\data\shared\options\options_adjust-alpha.jpg
    C:\Poker\Poker 770\data\shared\options\options_adjust.jpg
    C:\Poker\Poker 770\data\shared\options\slider.jpg
    C:\Poker\Poker 770\data\shared\slots\lines
    C:\Poker\Poker 770\data\shared\slots\lines\20line-alpha.jpg
    C:\Poker\Poker 770\data\shared\slots\lines\20line.jpg
    C:\Poker\Poker 770\data\shared\slots\lines\9line-alpha.jpg
    C:\Poker\Poker 770\data\shared\slots\lines\9line.jpg
    C:\Poker\Poker 770\data\shared\slots\lines\linewin-alpha.jpg
    C:\Poker\Poker 770\data\shared\slots\lines\linewin.jpg
    C:\Poker\Poker 770\data\shared\slots\lines\linewin_frame-alpha.jpg
    C:\Poker\Poker 770\data\shared\slots\lines\linewin_frame.jpg
    C:\Poker\Poker 770\data\shared\slots\lines\symbol_anim-alpha.jpg
    C:\Poker\Poker 770\data\shared\sounds\02.mp3
    C:\Poker\Poker 770\data\shared\sounds\02s.mp3
    C:\Poker\Poker 770\data\shared\sounds\03.mp3
    C:\Poker\Poker 770\data\shared\sounds\03s.mp3
    C:\Poker\Poker 770\data\shared\sounds\04.mp3
    C:\Poker\Poker 770\data\shared\sounds\04s.mp3
    C:\Poker\Poker 770\data\shared\sounds\05.mp3
    C:\Poker\Poker 770\data\shared\sounds\05s.mp3
    C:\Poker\Poker 770\data\shared\sounds\06.mp3
    C:\Poker\Poker 770\data\shared\sounds\06s.mp3
    C:\Poker\Poker 770\data\shared\sounds\07.mp3
    C:\Poker\Poker 770\data\shared\sounds\07s.mp3
    C:\Poker\Poker 770\data\shared\sounds\08.mp3
    C:\Poker\Poker 770\data\shared\sounds\08s.mp3
    C:\Poker\Poker 770\data\shared\sounds\09.mp3
    C:\Poker\Poker 770\data\shared\sounds\09s.mp3
    C:\Poker\Poker 770\data\shared\sounds\10.mp3
    C:\Poker\Poker 770\data\shared\sounds\10s.mp3
    C:\Poker\Poker 770\data\shared\sounds\ace.mp3
    C:\Poker\Poker 770\data\shared\sounds\aces.mp3
    C:\Poker\Poker 770\data\shared\sounds\and.mp3
    C:\Poker\Poker 770\data\shared\sounds\bigwin.mp3
    C:\Poker\Poker 770\data\shared\sounds\buzzer.mp3
    C:\Poker\Poker 770\data\shared\sounds\card.mp3
    C:\Poker\Poker 770\data\shared\sounds\card.wav
    C:\Poker\Poker 770\data\shared\sounds\cardturn.mp3
    C:\Poker\Poker 770\data\shared\sounds\chip.mp3
    C:\Poker\Poker 770\data\shared\sounds\click.mp3
    C:\Poker\Poker 770\data\shared\sounds\clubs.mp3
    C:\Poker\Poker 770\data\shared\sounds\coin.mp3
    C:\Poker\Poker 770\data\shared\sounds\dealervoices
    C:\Poker\Poker 770\data\shared\sounds\dealflop.mp3
    C:\Poker\Poker 770\data\shared\sounds\dealriver.mp3
    C:\Poker\Poker 770\data\shared\sounds\dealturn.mp3
    C:\Poker\Poker 770\data\shared\sounds\diamonds.mp3
    C:\Poker\Poker 770\data\shared\sounds\dicerolling1.mp3
    C:\Poker\Poker 770\data\shared\sounds\dicerolling2.mp3
    C:\Poker\Poker 770\data\shared\sounds\empty.mp3
    C:\Poker\Poker 770\data\shared\sounds\flush.mp3
    C:\Poker\Poker 770\data\shared\sounds\fourofakind.mp3
    C:\Poker\Poker 770\data\shared\sounds\fullhouse.mp3
    C:\Poker\Poker 770\data\shared\sounds\fullof.mp3
    C:\Poker\Poker 770\data\shared\sounds\goodluck.mp3
    C:\Poker\Poker 770\data\shared\sounds\hearts.mp3
    C:\Poker\Poker 770\data\shared\sounds\high.mp3
    C:\Poker\Poker 770\data\shared\sounds\highcard.mp3
    C:\Poker\Poker 770\data\shared\sounds\itsyourbet.mp3
    C:\Poker\Poker 770\data\shared\sounds\jack.mp3
    C:\Poker\Poker 770\data\shared\sounds\jackpotwin.mp3
    C:\Poker\Poker 770\data\shared\sounds\jacks.mp3
    C:\Poker\Poker 770\data\shared\sounds\kicker.mp3
    C:\Poker\Poker 770\data\shared\sounds\king.mp3
    C:\Poker\Poker 770\data\shared\sounds\kings.mp3
    C:\Poker\Poker 770\data\shared\sounds\lineselect.mp3
    C:\Poker\Poker 770\data\shared\sounds\mess5.mp3
    C:\Poker\Poker 770\data\shared\sounds\message.mp3
    C:\Poker\Poker 770\data\shared\sounds\newplayer.mp3
    C:\Poker\Poker 770\data\shared\sounds\onepair.mp3
    C:\Poker\Poker 770\data\shared\sounds\onlinesupport.mp3
    C:\Poker\Poker 770\data\shared\sounds\placeyourbets.mp3
    C:\Poker\Poker 770\data\shared\sounds\playerin.mp3
    C:\Poker\Poker 770\data\shared\sounds\playersounds
    C:\Poker\Poker 770\data\shared\sounds\pokercard.mp3
    C:\Poker\Poker 770\data\shared\sounds\possible_win_icon.mp3
    C:\Poker\Poker 770\data\shared\sounds\queen.mp3
    C:\Poker\Poker 770\data\shared\sounds\queens.mp3
    C:\Poker\Poker 770\data\shared\sounds\royalflush.mp3
    C:\Poker\Poker 770\data\shared\sounds\slots_doubleup_shuffle.mp3
    C:\Poker\Poker 770\data\shared\sounds\slots_number_counting.mp3
    C:\Poker\Poker 770\data\shared\sounds\smallwin.mp3
    C:\Poker\Poker 770\data\shared\sounds\sound cue1.mp3
    C:\Poker\Poker 770\data\shared\sounds\sound cue2.mp3
    C:\Poker\Poker 770\data\shared\sounds\sound cue3.mp3
    C:\Poker\Poker 770\data\shared\sounds\sound cue4.mp3
    C:\Poker\Poker 770\data\shared\sounds\sound cue5.mp3
    C:\Poker\Poker 770\data\shared\sounds\sound cue6.mp3
    C:\Poker\Poker 770\data\shared\sounds\sound cue7.mp3
    C:\Poker\Poker 770\data\shared\sounds\spades.mp3
    C:\Poker\Poker 770\data\shared\sounds\starting.mp3
    C:\Poker\Poker 770\data\shared\sounds\straight.mp3
    C:\Poker\Poker 770\data\shared\sounds\straightflush.mp3
    C:\Poker\Poker 770\data\shared\sounds\threekind.mp3
    C:\Poker\Poker 770\data\shared\sounds\twopair.mp3
    C:\Poker\Poker 770\data\shared\sounds\youwin.mp3
    C:\Poker\Poker 770\data\shared\sounds\dealervoices\anteplease_male1.mp3
    C:\Poker\Poker 770\data\shared\sounds\dealervoices\betsplease_male1.mp3
    C:\Poker\Poker 770\data\shared\sounds\dealervoices\blackjack_male1.mp3
    C:\Poker\Poker 770\data\shared\sounds\dealervoices\black_male1.mp3
    C:\Poker\Poker 770\data\shared\sounds\dealervoices\bust_male1.mp3
    C:\Poker\Poker 770\data\shared\sounds\dealervoices\comingout_male1.mp3
    C:\Poker\Poker 770\data\shared\sounds\dealervoices\dealerdnq_male1.mp3
    C:\Poker\Poker 770\data\shared\sounds\dealervoices\dealerwins_male1.mp3
    C:\Poker\Poker 770\data\shared\sounds\dealervoices\insurance_male1.mp3
    C:\Poker\Poker 770\data\shared\sounds\dealervoices\numbers
    C:\Poker\Poker 770\data\shared\sounds\dealervoices\playerwins_male1.mp3
    C:\Poker\Poker 770\data\shared\sounds\dealervoices\push_male1.mp3
    C:\Poker\Poker 770\data\shared\sounds\dealervoices\red_male1.mp3
    C:\Poker\Poker 770\data\shared\sounds\dealervoices\youwin_male1.mp3
    C:\Poker\Poker 770\data\shared\sounds\dealervoices\numbers\0_male1.mp3
    C:\Poker\Poker 770\data\shared\sounds\dealervoices\numbers\10_male1.mp3
    C:\Poker\Poker 770\data\shared\sounds\dealervoices\numbers\11_male1.mp3
    C:\Poker\Poker 770\data\shared\sounds\dealervoices\numbers\12_male1.mp3
    C:\Poker\Poker 770\data\shared\sounds\dealervoices\numbers\13_male1.mp3
    C:\Poker\Poker 770\data\shared\sounds\dealervoices\numbers\14_male1.mp3
    C:\Poker\Poker 770\data\shared\sounds\dealervoices\numbers\15_male1.mp3
    C:\Poker\Poker 770\data\shared\sounds\dealervoices\numbers\16_male1.mp3
    C:\Poker\Poker 770\data\shared\sounds\dealervoices\numbers\17_male1.mp3
    C:\Poker\Poker 770\data\shared\sounds\dealervoices\numbers\18_male1.mp3
    C:\Poker\Poker 770\data\shared\sounds\dealervoices\numbers\19_male1.mp3
    C:\Poker\Poker 770\data\shared\sounds\dealervoices\numbers\1_male1.mp3
    C:\Poker\Poker 770\data\shared\sounds\dealervoices\numbers\20_male1.mp3
    C:\Poker\Poker 770\data\shared\sounds\dealervoices\numbers\21_male1.mp3
    C:\Poker\Poker 770\data\shared\sounds\dealervoices\numbers\22_male1.mp3
    C:\Poker\Poker 770\data\shared\sounds\dealervoices\numbers\23_male1.mp3
    C:\Poker\Poker 770\data\shared\sounds\dealervoices\numbers\24_male1.mp3
    C:\Poker\Poker 770\data\shared\sounds\dealervoices\numbers\25_male1.mp3
    C:\Poker\Poker 770\data\shared\sounds\dealervoices\numbers\26_male1.mp3
    C:\Poker\Poker 770\data\shared\sounds\dealervoices\numbers\27_male1.mp3
    C:\Poker\Poker 770\data\shared\sounds\dealervoices\numbers\28_male1.mp3
    C:\Poker\Poker 770\data\shared\sounds\dealervoices\numbers\29_male1.mp3
    C:\Poker\Poker 770\data\shared\sounds\dealervoices\numbers\2_male1.mp3
    C:\Poker\Poker 770\data\shared\sounds\dealervoices\numbers\30_male1.mp3
    C:\Poker\Poker 770\data\shared\sounds\dealervoices\numbers\31_male1.mp3
    C:\Poker\Poker 770\data\shared\sounds\dealervoices\numbers\32_male1.mp3
    C:\Poker\Poker 770\data\shared\sounds\dealervoices\numbers\33_male1.mp3
    C:\Poker\Poker 770\data\shared\sounds\dealervoices\numbers\34_male1.mp3
    C:\Poker\Poker 770\data\shared\sounds\dealervoices\numbers\35_male1.mp3
    C:\Poker\Poker 770\data\shared\sounds\dealervoices\numbers\36_male1.mp3
    C:\Poker\Poker 770\data\shared\sounds\dealervoices\numbers\3_male1.mp3
    C:\Poker\Poker 770\data\shared\sounds\dealervoices\numbers\4_male1.mp3
    C:\Poker\Poker 770\data\shared\sounds\dealervoices\numbers\5_male1.mp3
    C:\Poker\Poker 770\data\shared\sounds\dealervoices\numbers\6_male1.mp3
    C:\Poker\Poker 770\data\shared\sounds\dealervoices\numbers\7_male1.mp3
    C:\Poker\Poker 770\data\shared\sounds\dealervoices\numbers\8_male1.mp3
    C:\Poker\Poker 770\data\shared\sounds\dealervoices\numbers\9_male1.mp3
    C:\Poker\Poker 770\data\shared\sounds\playersounds\baseballer
    C:\Poker\Poker 770\data\shared\sounds\playersounds\blackdude
    C:\Poker\Poker 770\data\shared\sounds\playersounds\bond
    C:\Poker\Poker 770\data\shared\sounds\playersounds\cowboy
    C:\Poker\Poker 770\data\shared\sounds\playersounds\frenchgirl
    C:\Poker\Poker 770\data\shared\sounds\playersounds\frenchman
    C:\Poker\Poker 770\data\shared\sounds\playersounds\mafiaguy
    C:\Poker\Poker 770\data\shared\sounds\playersounds\olderbusinesswoman
    C:\Poker\Poker 770\data\shared\sounds\playersounds\oldtourist
    C:\Poker\Poker 770\data\shared\sounds\playersounds\valleygirl
    C:\Poker\Poker 770\data\shared\sounds\playersounds\baseballer\allin.mp3
    C:\Poker\Poker 770\data\shared\sounds\playersounds\baseballer\bet.mp3
    C:\Poker\Poker 770\data\shared\sounds\playersounds\baseballer\call.mp3
    C:\Poker\Poker 770\data\shared\sounds\playersounds\baseballer\check.mp3
    C:\Poker\Poker 770\data\shared\sounds\playersounds\baseballer\fold.mp3
    C:\Poker\Poker 770\data\shared\sounds\playersounds\baseballer\raise.mp3
    C:\Poker\Poker 770\data\shared\sounds\playersounds\baseballer\reraise.mp3
    C:\Poker\Poker 770\data\shared\sounds\playersounds\blackdude\allin.mp3
    C:\Poker\Poker 770\data\shared\sounds\playersounds\blackdude\bet.mp3
    C:\Poker\Poker 770\data\shared\sounds\playersounds\blackdude\call.mp3
    C:\Poker\Poker 770\data\shared\sounds\playersounds\blackdude\check.mp3
    C:\Poker\Poker 770\data\shared\sounds\playersounds\blackdude\fold.mp3
    C:\Poker\Poker 770\data\shared\sounds\playersounds\blackdude\raise.mp3
    C:\Poker\Poker 770\data\shared\sounds\playersounds\blackdude\reraise.mp3
    C:\Poker\Poker 770\data\shared\sounds\playersounds\bond\allin.mp3
    C:\Poker\Poker 770\data\shared\sounds\playersounds\bond\bet.mp3
    C:\Poker\Poker 770\data\shared\sounds\playersounds\bond\call.mp3
    C:\Poker\Poker 770\data\shared\sounds\playersounds\bond\check.mp3
    C:\Poker\Poker 770\data\shared\sounds\playersounds\bond\fold.mp3
    C:\Poker\Poker 770\data\shared\sounds\playersounds\bond\raise.mp3
    C:\Poker\Poker 770\data\shared\sounds\playersounds\bond\reraise.mp3
    C:\Poker\Poker 770\data\shared\sounds\playersounds\cowboy\allin.mp3
    C:\Poker\Poker 770\data\shared\sounds\playersounds\cowboy\bet.mp3
    C:\Poker\Poker 770\data\shared\sounds\playersounds\cowboy\call.mp3
    C:\Poker\Poker 770\data\shared\sounds\playersounds\cowboy\check.mp3
    C:\Poker\Poker 770\data\shared\sounds\playersounds\cowboy\fold.mp3
    C:\Poker\Poker 770\data\shared\sounds\playersounds\cowboy\raise.mp3
    C:\Poker\Poker 770\data\shared\sounds\playersounds\cowboy\reraise.mp3
    C:\Poker\Poker 770\data\shared\sounds\playersounds\frenchgirl\allin.mp3
    C:\Poker\Poker 770\data\shared\sounds\playersounds\frenchgirl\bet.mp3
    C:\Poker\Poker 770\data\shared\sounds\playersounds\frenchgirl\call.mp3
    C:\Poker\Poker 770\data\shared\sounds\playersounds\frenchgirl\check.mp3
    C:\Poker\Poker 770\data\shared\sounds\playersounds\frenchgirl\fold.mp3
    C:\Poker\Poker 770\data\shared\sounds\playersounds\frenchgirl\raise.mp3
    C:\Poker\Poker 770\data\shared\sounds\playersounds\frenchgirl\reraise.mp3
    C:\Poker\Poker 770\data\shared\sounds\playersounds\frenchman\allin.mp3
    C:\Poker\Poker 770\data\shared\sounds\playersounds\frenchman\bet.mp3
    C:\Poker\Poker 770\data\shared\sounds\playersounds\frenchman\call.mp3
    C:\Poker\Poker 770\data\shared\sounds\playersounds\frenchman\check.mp3
    C:\Poker\Poker 770\data\shared\sounds\playersounds\frenchman\fold.mp3
    C:\Poker\Poker 770\data\shared\sounds\playersounds\frenchman\raise.mp3
    C:\Poker\Poker 770\data\shared\sounds\playersounds\frenchman\reraise.mp3
    C:\Poker\Poker 770\data\shared\sounds\playersounds\mafiaguy\allin.mp3
    C:\Poker\Poker 770\data\shared\sounds\playersounds\mafiaguy\bet.mp3
    C:\Poker\Poker 770\data\shared\sounds\playersounds\mafiaguy\call.mp3
    C:\Poker\Poker 770\data\shared\sounds\playersounds\mafiaguy\check.mp3
    C:\Poker\Poker 770\data\shared\sounds\playersounds\mafiaguy\fold.mp3
    C:\Poker\Poker 770\data\shared\sounds\playersounds\mafiaguy\raise.mp3
    C:\Poker\Poker 770\data\shared\sounds\playersounds\mafiaguy\reraise.mp3
    C:\Poker\Poker 770\data\shared\sounds\playersounds\olderbusinesswoman\allin.mp3
    C:\Poker\Poker 770\data\shared\sounds\playersounds\olderbusinesswoman\bet.mp3
    C:\Poker\Poker 770\data\shared\sounds\playersounds\olderbusinesswoman\call.mp3
    C:\Poker\Poker 770\data\shared\sounds\playersounds\olderbusinesswoman\check.mp3
    C:\Poker\Poker 770\data\shared\sounds\playersounds\olderbusinesswoman\fold.mp3
    C:\Poker\Poker 770\data\shared\sounds\playersounds\olderbusinesswoman\raise.mp3
    C:\Poker\Poker 770\data\shared\sounds\playersounds\olderbusinesswoman\reraise.mp3
    C:\Poker\Poker 770\data\shared\sounds\playersounds\oldtourist\allin.mp3
    C:\Poker\Poker 770\data\shared\sounds\playersounds\oldtourist\bet.mp3
    C:\Poker\Poker 770\data\shared\sounds\playersounds\oldtourist\call.mp3
    C:\Poker\Poker 770\data\shared\sounds\playersounds\oldtourist\check.mp3
    C:\Poker\Poker 770\data\shared\sounds\playersounds\oldtourist\fold.mp3
    C:\Poker\Poker 770\data\shared\sounds\playersounds\oldtourist\raise.mp3
    C:\Poker\Poker 770\data\shared\sounds\playersounds\oldtourist\reraise.mp3
    C:\Poker\Poker 770\data\shared\sounds\playersounds\valleygirl\allin.mp3
    C:\Poker\Poker 770\data\shared\sounds\playersounds\valleygirl\bet.mp3
    C:\Poker\Poker 770\data\shared\sounds\playersounds\valleygirl\call.mp3
    C:\Poker\Poker 770\data\shared\sounds\playersounds\valleygirl\check.mp3
    C:\Poker\Poker 770\data\shared\sounds\playersounds\valleygirl\fold.mp3
    C:\Poker\Poker 770\data\shared\sounds\playersounds\valleygirl\raise.mp3
    C:\Poker\Poker 770\data\shared\sounds\playersounds\valleygirl\reraise.mp3
    C:\Poker\Poker 770\data\shared\tablegames\back2-alpha.jpg
    C:\Poker\Poker 770\data\shared\tablegames\back2.jpg
    C:\Poker\Poker 770\data\shared\tablegames\gold_dark
    C:\Poker\Poker 770\data\shared\tablegames\progressive_txt.jpg
    C:\Poker\Poker 770\data\shared\tablegames\gold_dark\coinhole.png
    C:\Poker\Poker 770\data\shared\tablegames\gold_dark\progressive_back.png
    C:\Poker\Poker 770\data\shared\tablesigns\tablesign_ace_king.jpg
    C:\Poker\Poker 770\data\shared\tablesigns\tablesign_dealer_does_not_qualify.jpg
    C:\Poker\Poker 770\data\shared\tablesigns\tablesign_flush.jpg
    C:\Poker\Poker 770\data\shared\tablesigns\tablesign_four_of_a_kind.jpg
    C:\Poker\Poker 770\data\shared\tablesigns\tablesign_full_house.jpg
    C:\Poker\Poker 770\data\shared\tablesigns\tablesign_no_hand.jpg
    C:\Poker\Poker 770\data\shared\tablesigns\tablesign_one_pair.jpg
    C:\Poker\Poker 770\data\shared\tablesigns\tablesign_royal_flush.jpg
    C:\Poker\Poker 770\data\shared\tablesigns\tablesign_straight.jpg
    C:\Poker\Poker 770\data\shared\tablesigns\tablesign_straight_flush.jpg
    C:\Poker\Poker 770\data\shared\tablesigns\tablesign_three_of_a_kind.jpg
    C:\Poker\Poker 770\data\shared\tablesigns\tablesign_two_pair.jpg
    C:\Poker\Poker 770\data\shared\ui\sysmenu.jpg
    C:\Poker\Poker 770\data\shared\ui\ui-alpha.jpg
    C:\Poker\Poker 770\data\shared\ui\ui.jpg
    C:\Poker\Poker 770\data\shared\videopoker_4line\allwild.jpg
    C:\Poker\Poker 770\data\shared\videopoker_4line\bet.sl2
    C:\Poker\Poker 770\data\shared\videopoker_4line\buttons
    C:\Poker\Poker 770\data\shared\videopoker_4line\cardback.jpg
    C:\Poker\Poker 770\data\shared\videopoker_4line\cards-alpha.jpg
    C:\Poker\Poker 770\data\shared\videopoker_4line\cards.jpg
    C:\Poker\Poker 770\data\shared\videopoker_4line\or_double_half_to.jpg
    C:\Poker\Poker 770\data\shared\videopoker_4line\screen.jpg
    C:\Poker\Poker 770\data\shared\videopoker_4line\screen_alpha.jpg
    C:\Poker\Poker 770\data\shared\videopoker_4line\winflags-alpha.jpg
    C:\Poker\Poker 770\data\shared\videopoker_4line\winflags.jpg
    C:\Poker\Poker 770\data\shared\videopoker_4line\wintablescreen-alpha.jpg
    C:\Poker\Poker 770\data\shared\videopoker_4line\you_can_double_to.jpg
    C:\Poker\Poker 770\data\shared\videopoker_4line\you_won.jpg
    C:\Poker\Poker 770\data\shared\videopoker_4line\buttons\buttons-alpha.jpg
    C:\Poker\Poker 770\data\shared\videopoker_4line\buttons\buttons.jpg
    C:\Poker\Poker 770\data\shared\videopoker_4line\buttons\buttons_screen-alpha.jpg
    C:\Poker\Poker 770\data\shared\videopoker_4line\buttons\buttons_screen.jpg
    C:\Poker\Poker 770\data\shared\videopoker_4line\buttons\hold-alpha.jpg
    C:\Poker\Poker 770\data\shared\videopoker_4line\buttons\hold.jpg
    C:\Poker\Poker 770\data\shared\videopoker_4line\buttons\incdecr-alpha.jpg
    C:\Poker\Poker 770\data\shared\videopoker_4line\buttons\incdecr.jpg
    C:\Poker\Poker 770\data\shared\videopoker_jacks\back2.jpg
    C:\Poker\Poker 770\data\shared\videopoker_jacks\bet.sl2
    C:\Poker\Poker 770\data\shared\videopoker_jacks\buttons-alpha.jpg
    C:\Poker\Poker 770\data\shared\videopoker_jacks\buttons.jpg
    C:\Poker\Poker 770\data\shared\videopoker_jacks\hold.jpg
    C:\Poker\Poker 770\data\shared\videopoker_jacks\screen-alpha.jpg
    C:\Poker\Poker 770\data\slots_bonusbears25line\back.jpg
    C:\Poker\Poker 770\data\slots_bonusbears25line\buttons-alpha.jpg
    C:\Poker\Poker 770\data\slots_bonusbears25line\buttons.jpg
    C:\Poker\Poker 770\data\slots_bonusbears25line\climb_me.png
    C:\Poker\Poker 770\data\slots_bonusbears25line\display.jpg
    C:\Poker\Poker 770\data\slots_bonusbears25line\free_spin.png
    C:\Poker\Poker 770\data\slots_bonusbears25line\free_spin_bonus.png
    C:\Poker\Poker 770\data\slots_bonusbears25line\instruction_summary-alpha.jpg
    C:\Poker\Poker 770\data\slots_bonusbears25line\instruction_summary.jpg
    C:\Poker\Poker 770\data\slots_bonusbears25line\lines.png
    C:\Poker\Poker 770\data\slots_bonusbears25line\plokk-alpha.jpg
    C:\Poker\Poker 770\data\slots_bonusbears25line\plokk.jpg
    C:\Poker\Poker 770\data\slots_bonusbears25line\plokk2-alpha.jpg
    C:\Poker\Poker 770\data\slots_bonusbears25line\plokk2.jpg
    C:\Poker\Poker 770\data\slots_bonusbears25line\sounds
    C:\Poker\Poker 770\data\slots_bonusbears25line\sounds\bigwin.mp3
    C:\Poker\Poker 770\data\slots_bonusbears25line\sounds\bonus_ambient.mp3
    C:\Poker\Poker 770\data\slots_bonusbears25line\sounds\bonus_finish.mp3
    C:\Poker\Poker 770\data\slots_bonusbears25line\sounds\bonus_gameover.mp3
    C:\Poker\Poker 770\data\slots_bonusbears25line\sounds\bonus_pick.mp3
    C:\Poker\Poker 770\data\slots_bonusbears25line\sounds\bonus_prebonus.mp3
    C:\Poker\Poker 770\data\slots_bonusbears25line\sounds\bonus_stop.mp3
    C:\Poker\Poker 770\data\slots_bonusbears25line\sounds\click.mp3
    C:\Poker\Poker 770\data\slots_bonusbears25line\sounds\freespin_ambient.mp3
    C:\Poker\Poker 770\data\slots_bonusbears25line\sounds\reelspin.mp3
    C:\Poker\Poker 770\data\slots_bonusbears25line\sounds\reelstop.mp3
    C:\Poker\Poker 770\data\slots_bonusbears25line\sounds\reelstop1.mp3
    C:\Poker\Poker 770\data\slots_bonusbears25line\sounds\reelstop2.mp3
    C:\Poker\Poker 770\data\slots_bonusbears25line\sounds\reelstop3.mp3
    C:\Poker\Poker 770\data\slots_bonusbears25line\sounds\reelstop4.mp3
    C:\Poker\Poker 770\data\slots_bonusbears25line\sounds\reelstop5.mp3
    C:\Poker\Poker 770\data\slots_bonusbears25line\sounds\reels_ambient.mp3
    C:\Poker\Poker 770\data\slots_bonusbears25line\sounds\smallwin.mp3
    C:\Poker\Poker 770\data\slots_bonusbears25line\sounds\symbol1.mp3
    C:\Poker\Poker 770\data\slots_bonusbears25line\sounds\symbol12.mp3
    C:\Poker\Poker 770\data\slots_cinerama5reel\anim-alpha.jpg
    C:\Poker\Poker 770\data\slots_cinerama5reel\anim.jpg
    C:\Poker\Poker 770\data\slots_cinerama5reel\back.jpg
    C:\Poker\Poker 770\data\slots_cinerama5reel\bonus
    C:\Poker\Poker 770\data\slots_cinerama5reel\bonus2
    C:\Poker\Poker 770\data\slots_cinerama5reel\sounds
    C:\Poker\Poker 770\data\slots_cinerama5reel\wintable
    C:\Poker\Poker 770\data\slots_cinerama5reel\bonus\back.jpg
    C:\Poker\Poker 770\data\slots_cinerama5reel\bonus\buttonback-over-alpha.jpg
    C:\Poker\Poker 770\data\slots_cinerama5reel\bonus\buttonback-over.jpg
    C:\Poker\Poker 770\data\slots_cinerama5reel\bonus\person04.jpg
    C:\Poker\Poker 770\data\slots_cinerama5reel\bonus\person05.jpg
    C:\Poker\Poker 770\data\slots_cinerama5reel\bonus\select
    C:\Poker\Poker 770\data\slots_cinerama5reel\bonus\youwon-alpha.jpg
    C:\Poker\Poker 770\data\slots_cinerama5reel\bonus\youwon.jpg
    C:\Poker\Poker 770\data\slots_cinerama5reel\bonus\select\back-alpha.jpg
    C:\Poker\Poker 770\data\slots_cinerama5reel\bonus\select\back.jpg
    C:\Poker\Poker 770\data\slots_cinerama5reel\bonus\select\person01-alpha.jpg
    C:\Poker\Poker 770\data\slots_cinerama5reel\bonus\select\person01.jpg
    C:\Poker\Poker 770\data\slots_cinerama5reel\bonus\select\person02-alpha.jpg
    C:\Poker\Poker 770\data\slots_cinerama5reel\bonus\select\person02.jpg
    C:\Poker\Poker 770\data\slots_cinerama5reel\bonus\select\person03-alpha.jpg
    C:\Poker\Poker 770\data\slots_cinerama5reel\bonus\select\person03.jpg
    C:\Poker\Poker 770\data\slots_cinerama5reel\bonus\select\person04-alpha.jpg
    C:\Poker\Poker 770\data\slots_cinerama5reel\bonus\select\person04.jpg
    C:\Poker\Poker 770\data\slots_cinerama5reel\bonus\select\person05-alpha.jpg
    C:\Poker\Poker 770\data\slots_cinerama5reel\bonus\select\person05.jpg
    C:\Poker\Poker 770\data\slots_cinerama5reel\bonus\select\person06-alpha.jpg
    C:\Poker\Poker 770\data\slots_cinerama5reel\bonus\select\person06.jpg
    C:\Poker\Poker 770\data\slots_cinerama5reel\bonus\select\person07-alpha.jpg
    C:\Poker\Poker 770\data\slots_cinerama5reel\bonus\select\person07.jpg
    C:\Poker\Poker 770\data\slots_cinerama5reel\bonus\select\person08-alpha.jpg
    C:\Poker\Poker 770\data\slots_cinerama5reel\bonus\select\person08.jpg
    C:\Poker\Poker 770\data\slots_cinerama5reel\bonus\select\person09-alpha.jpg
    C:\Poker\Poker 770\data\slots_cinerama5reel\bonus\select\person09.jpg
    C:\Poker\Poker 770\data\slots_cinerama5reel\bonus\select\person10-alpha.jpg
    C:\Poker\Poker 770\data\slots_cinerama5reel\bonus\select\person10.jpg
    C:\Poker\Poker 770\data\slots_cinerama5reel\bonus\select\person11-alpha.jpg
    C:\Poker\Poker 770\data\slots_cinerama5reel\bonus\select\person11.jpg
    C:\Poker\Poker 770\data\slots_cinerama5reel\bonus\select\person12-alpha.jpg
    C:\Poker\Poker 770\data\slots_cinerama5reel\bonus\select\person12.jpg
    C:\Poker\Poker 770\data\slots_cinerama5reel\bonus\select\screen1.jpg
    C:\Poker\Poker 770\data\slots_cinerama5reel\bonus\select\screen2.jpg
    C:\Poker\Poker 770\data\slots_cinerama5reel\bonus2\back.jpg
    C:\Poker\Poker 770\data\slots_cinerama5reel\bonus2\paper-alpha.jpg
    C:\Poker\Poker 770\data\slots_cinerama5reel\bonus2\paper.jpg
    C:\Poker\Poker 770\data\slots_cinerama5reel\bonus2\select
    C:\Poker\Poker 770\data\slots_cinerama5reel\bonus2\select\back.jpg
    C:\Poker\Poker 770\data\slots_cinerama5reel\sounds\bigwin.mp3
    C:\Poker\Poker 770\data\slots_cinerama5reel\sounds\bonusgame_choice.mp3
    C:\Poker\Poker 770\data\slots_cinerama5reel\sounds\bonusgame_envelope_choice.mp3
    C:\Poker\Poker 770\data\slots_cinerama5reel\sounds\bonusgame_envelope_gameover.mp3
    C:\Poker\Poker 770\data\slots_cinerama5reel\sounds\bonusgame_envelope_intro.mp3
    C:\Poker\Poker 770\data\slots_cinerama5reel\sounds\bonusgame_gameover.mp3
    C:\Poker\Poker 770\data\slots_cinerama5reel\sounds\button.mp3
    C:\Poker\Poker 770\data\slots_cinerama5reel\sounds\credit.mp3
    C:\Poker\Poker 770\data\slots_cinerama5reel\sounds\lever.mp3
    C:\Poker\Poker 770\data\slots_cinerama5reel\sounds\reel.mp3
    C:\Poker\Poker 770\data\slots_cinerama5reel\sounds\reelstop.mp3
    C:\Poker\Poker 770\data\slots_cinerama5reel\sounds\smallwin.mp3
    C:\Poker\Poker 770\data\slots_cinerama5reel\wintable\wintableback-alpha.jpg
    C:\Poker\Poker 770\data\slots_cinerama5reel\wintable\wintableback.jpg
    C:\Poker\Poker 770\data\slots_desert20line\anim-alpha.jpg
    C:\Poker\Poker 770\data\slots_desert20line\anim.jpg
    C:\Poker\Poker 770\data\slots_desert20line\back.jpg
    C:\Poker\Poker 770\data\slots_desert20line\bonusgame
    C:\Poker\Poker 770\data\slots_desert20line\buttons.jpg
    C:\Poker\Poker 770\data\slots_desert20line\freespin.png
    C:\Poker\Poker 770\data\slots_desert20line\logo.png
    C:\Poker\Poker 770\data\slots_desert20line\sounds
    C:\Poker\Poker 770\data\slots_desert20line\wild.jpg
    C:\Poker\Poker 770\data\slots_desert20line\win-alpha.jpg
    C:\Poker\Poker 770\data\slots_desert20line\win-txt-alpha.jpg
    C:\Poker\Poker 770\data\slots_desert20line\win-txt.jpg
    C:\Poker\Poker 770\data\slots_desert20line\win.jpg
    C:\Poker\Poker 770\data\slots_desert20line\wintable
    C:\Poker\Poker 770\data\slots_desert20line\bonusgame\continue-alpha.jpg
    C:\Poker\Poker 770\data\slots_desert20line\bonusgame\continue.jpg
    C:\Poker\Poker 770\data\slots_desert20line\bonusgame\speech-alpha.jpg
    C:\Poker\Poker 770\data\slots_desert20line\bonusgame\speech.jpg
    C:\Poker\Poker 770\data\slots_desert20line\bonusgame\win-alpha.jpg
    C:\Poker\Poker 770\data\slots_desert20line\bonusgame\win.jpg
    C:\Poker\Poker 770\data\slots_desert20line\sounds\ambient.mp3
    C:\Poker\Poker 770\data\slots_desert20line\sounds\bonusintro.mp3
    C:\Poker\Poker 770\data\slots_desert20line\sounds\bonuspick.mp3
    C:\Poker\Poker 770\data\slots_desert20line\sounds\button.mp3
    C:\Poker\Poker 770\data\slots_desert20line\sounds\freespin_ambient.mp3
    C:\Poker\Poker 770\data\slots_desert20line\sounds\reel.mp3
    C:\Poker\Poker 770\data\slots_desert20line\sounds\reelstop.mp3
    C:\Poker\Poker 770\data\slots_desert20line\sounds\symbol10.mp3
    C:\Poker\Poker 770\data\slots_desert20line\sounds\symbol11.mp3
    C:\Poker\Poker 770\data\slots_desert20line\sounds\symbol6.mp3
    C:\Poker\Poker 770\data\slots_desert20line\sounds\symbol7.mp3
    C:\Poker\Poker 770\data\slots_desert20line\sounds\symbol8.mp3
    C:\Poker\Poker 770\data\slots_desert20line\sounds\symbol9.mp3
    C:\Poker\Poker 770\data\slots_desert20line\sounds\win.mp3
    C:\Poker\Poker 770\data\slots_desert20line\wintable\back.jpg
    C:\Poker\Poker 770\data\slots_desert20line\wintable\sidebet_window-alpha.jpg
    C:\Poker\Poker 770\data\slots_desert20line\wintable\sidebet_window.jpg
    C:\Poker\Poker 770\data\slots_forestofwonders25line\10-cover.png
    C:\Poker\Poker 770\data\slots_forestofwonders25line\bonus
    C:\Poker\Poker 770\data\slots_forestofwonders25line\buttons-alpha.jpg
    C:\Poker\Poker 770\data\slots_forestofwonders25line\buttons.jpg
    C:\Poker\Poker 770\data\slots_forestofwonders25line\display.png
    C:\Poker\Poker 770\data\slots_forestofwonders25line\free_spin.png
    C:\Poker\Poker 770\data\slots_forestofwonders25line\free_spin_bonus.png
    C:\Poker\Poker 770\data\slots_forestofwonders25line\plokk-alpha.jpg
    C:\Poker\Poker 770\data\slots_forestofwonders25line\plokk.jpg
    C:\Poker\Poker 770\data\slots_forestofwonders25line\sounds
    C:\Poker\Poker 770\data\slots_forestofwonders25line\splash_txt.png
    C:\Poker\Poker 770\data\slots_forestofwonders25line\wheel0.jpg
    C:\Poker\Poker 770\data\slots_forestofwonders25line\wheel1.jpg
    C:\Poker\Poker 770\data\slots_forestofwonders25line\wheel2.jpg
    C:\Poker\Poker 770\data\slots_forestofwonders25line\wheel3.jpg
    C:\Poker\Poker 770\data\slots_forestofwonders25line\wheel4.jpg
    C:\Poker\Poker 770\data\slots_forestofwonders25line\wintable
    C:\Poker\Poker 770\data\slots_forestofwonders25line\bonus\bonus_buttons-alpha.jpg
    C:\Poker\Poker 770\data\slots_forestofwonders25line\bonus\bonus_buttons.jpg
    C:\Poker\Poker 770\data\slots_forestofwonders25line\bonus\bonus_info.png
    C:\Poker\Poker 770\data\slots_forestofwonders25line\bonus\bonus_text.jpg
    C:\Poker\Poker 770\data\slots_forestofwonders25line\bonus\message_txt.png
    C:\Poker\Poker 770\data\slots_forestofwonders25line\sounds\bigwin.mp3
    C:\Poker\Poker 770\data\slots_forestofwonders25line\sounds\bonus_ambient.mp3
    C:\Poker\Poker 770\data\slots_forestofwonders25line\sounds\bonus_intro.mp3
    C:\Poker\Poker 770\data\slots_forestofwonders25line\sounds\bonus_pick.mp3
    C:\Poker\Poker 770\data\slots_forestofwonders25line\sounds\button.mp3
    C:\Poker\Poker 770\data\slots_forestofwonders25line\sounds\freespin.mp3
    C:\Poker\Poker 770\data\slots_forestofwonders25line\sounds\game_ambient.mp3
    C:\Poker\Poker 770\data\slots_forestofwonders25line\sounds\game_intro.mp3
    C:\Poker\Poker 770\data\slots_forestofwonders25line\sounds\reel.mp3
    C:\Poker\Poker 770\data\slots_forestofwonders25line\sounds\reelstop.mp3
    C:\Poker\Poker 770\data\slots_forestofwonders25line\sounds\scatter_intro.mp3
    C:\Poker\Poker 770\data\slots_forestofwonders25line\sounds\select_scatter.mp3
    C:\Poker\Poker 770\data\slots_forestofwonders25line\sounds\smallwin.mp3
    C:\Poker\Poker 770\data\slots_forestofwonders25line\wintable\back1.jpg
    C:\Poker\Poker 770\data\slots_forestofwonders25line\wintable\wintable1_bonus.png
    C:\Poker\Poker 770\data\slots_forestofwonders25line\wintable\wintable1_dollarball.png
    C:\Poker\Poker 770\data\slots_gold8line\anim-alpha.jpg
    C:\Poker\Poker 770\data\slots_gold8line\anim.jpg
    C:\Poker\Poker 770\data\slots_gold8line\back.jpg
    C:\Poker\Poker 770\data\slots_gold8line\bonus
    C:\Poker\Poker 770\data\slots_gold8line\fonts
    C:\Poker\Poker 770\data\slots_gold8line\sounds
    C:\Poker\Poker 770\data\slots_gold8line\wintable
    C:\Poker\Poker 770\data\slots_gold8line\bonus\continue-over.jpg
    C:\Poker\Poker 770\data\slots_gold8line\bonus\continue.jpg
    C:\Poker\Poker 770\data\slots_gold8line\bonus\screen
    C:\Poker\Poker 770\data\slots_gold8line\bonus\youwin.jpg
    C:\Poker\Poker 770\data\slots_gold8line\bonus\screen\back.jpg
    C:\Poker\Poker 770\data\slots_gold8line\fonts\garamond.fon
    C:\Poker\Poker 770\data\slots_gold8line\sounds\ambient.mp3
    C:\Poker\Poker 770\data\slots_gold8line\sounds\bonuswin.mp3
    C:\Poker\Poker 770\data\slots_gold8line\sounds\click.mp3
    C:\Poker\Poker 770\data\slots_gold8line\sounds\intro.mp3
    C:\Poker\Poker 770\data\slots_gold8line\sounds\lever.mp3
    C:\Poker\Poker 770\data\slots_gold8line\sounds\reel.mp3
    C:\Poker\Poker 770\data\slots_gold8line\sounds\reelstop.mp3
    C:\Poker\Poker 770\data\slots_gold8line\sounds\select.mp3
    C:\Poker\Poker 770\data\slots_gold8line\sounds\smallwin.mp3
    C:\Poker\Poker 770\data\slots_gold8line\wintable\back-alpha.jpg
    C:\Poker\Poker 770\data\slots_gold8line\wintable\back.jpg
    C:\Poker\Poker 770\data\slots_gold8line\wintable\backbutton-over.jpg
    C:\Poker\Poker 770\data\slots_gold8line\wintable\backbutton.jpg
    C:\Poker\Poker 770\data\slots_gold8line\wintable\nextbutton-over.jpg
    C:\Poker\Poker 770\data\slots_gold8line\wintable\nextbutton.jpg
    C:\Poker\Poker 770\data\slots_gold8line\wintable\wintable01.jpg
    C:\Poker\Poker 770\data\slots_gold8line\wintable\wintable02.jpg
    C:\Poker\Poker 770\data\slots_lotto20line\adjust.jpg
    C:\Poker\Poker 770\data\slots_lotto20line\animation
    C:\Poker\Poker 770\data\slots_lotto20line\back.jpg
    C:\Poker\Poker 770\data\slots_lotto20line\bet_window-alpha.jpg
    C:\Poker\Poker 770\data\slots_lotto20line\bet_window.jpg
    C:\Poker\Poker 770\data\slots_lotto20line\bonusgame
    C:
    0
  19. Riana_BXL Messages postés 29 Statut Membre 1
     
    Rapport LOP S&D:

    --------------------\\ Lop S&D 4.2.5-0 XP/Vista

    Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6001 ) Service Pack 1
    X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 Duo CPU T6400 @ 2.00GHz )
    BIOS : Ver 1.00 BIOS A07 PARTTBL"
    USER : Princesse Riana ( Administrator )
    BOOT : Normal boot
    C:\ (Local Disk) - NTFS - Total:222 Go (Free:97 Go)
    D:\ (Local Disk) - NTFS - Total:9 Go (Free:4 Go)
    E:\ (CD or DVD)
    F:\ (CD or DVD)
    G:\ (USB)
    H:\ (USB) - FAT32 - Total:241 Mo (Free:0 Go)

    "C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
    Option : [1] ( 29/06/2009|23:29 )

    [ UAC => 0 ]

    --------------------\\ Listing des dossiers dans Local

    [09/03/2009|04:08] C:\Users\PRINCE~1\AppData\Local\Adobe
    [14/01/2009|15:47] C:\Users\PRINCE~1\AppData\Local\Application Data
    [14/01/2009|15:51] C:\Users\PRINCE~1\AppData\Local\ATI
    [29/06/2009|22:08] C:\Users\PRINCE~1\AppData\Local\d3d9caps.dat
    [14/01/2009|15:51] C:\Users\PRINCE~1\AppData\Local\DataSafeOnline
    [02/03/2009|20:24] C:\Users\PRINCE~1\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [26/03/2009|19:00] C:\Users\PRINCE~1\AppData\Local\DNA
    [15/01/2009|13:30] C:\Users\PRINCE~1\AppData\Local\FullTiltPoker
    [07/06/2009|23:49] C:\Users\PRINCE~1\AppData\Local\GDIPFONTCACHEV1.DAT
    [26/06/2009|01:52] C:\Users\PRINCE~1\AppData\Local\Google
    [14/01/2009|15:47] C:\Users\PRINCE~1\AppData\Local\Historique
    [29/06/2009|22:50] C:\Users\PRINCE~1\AppData\Local\IconCache.db
    [03/05/2009|13:41] C:\Users\PRINCE~1\AppData\Local\infallsoft
    [15/01/2009|13:12] C:\Users\PRINCE~1\AppData\Local\MediaDirect
    [29/06/2009|22:19] C:\Users\PRINCE~1\AppData\Local\Microsoft
    [24/06/2009|20:05] C:\Users\PRINCE~1\AppData\Local\Microsoft Games
    [14/01/2009|16:01] C:\Users\PRINCE~1\AppData\Local\Mozilla
    [16/06/2009|00:14] C:\Users\PRINCE~1\AppData\Local\PokerStars
    [30/01/2009|22:47] C:\Users\PRINCE~1\AppData\Local\Powercinema
    [14/01/2009|16:04] C:\Users\PRINCE~1\AppData\Local\Stardock_Corporation
    [15/01/2009|13:12] C:\Users\PRINCE~1\AppData\Local\SupportSoft
    [03/05/2009|14:05] C:\Users\PRINCE~1\AppData\Local\TechSmith
    [29/06/2009|23:28] C:\Users\PRINCE~1\AppData\Local\Temp
    [14/01/2009|15:47] C:\Users\PRINCE~1\AppData\Local\Temporary Internet Files
    [12/06/2009|22:40] C:\Users\PRINCE~1\AppData\Local\VirtualStore
    [09/04/2009|02:55] C:\Users\PRINCE~1\AppData\Local\Zylom Games

    --------------------\\ Tâches planifiées dans C:\Windows\tasks

    [29/06/2009 23:00][--ah-----] C:\Windows\tasks\{5B57CF47-0BFA-43c6-ACF9-3B3653DCADBA}.job
    [15/06/2009 00:59][--a------] C:\Windows\tasks\McDefragTask.job
    [01/06/2009 01:00][--a------] C:\Windows\tasks\McQcTask.job
    [29/06/2009 22:51][--ah-----] C:\Windows\tasks\SA.DAT
    [29/06/2009 22:50][--a------] C:\Windows\tasks\SCHEDLGU.TXT

    --------------------\\ Listing des dossiers dans C:\ProgramData

    [18/01/2009|14:17] C:\ProgramData\Adobe
    [14/01/2009|15:46] C:\ProgramData\Application Data
    [14/01/2009|15:51] C:\ProgramData\ATI
    [14/01/2009|15:46] C:\ProgramData\Bureau
    [18/02/2009|23:13] C:\ProgramData\Creative
    [15/01/2009|12:41] C:\ProgramData\CyberLink
    [11/05/2009|14:36] C:\ProgramData\DAEMON Tools Pro
    [15/01/2009|12:54] C:\ProgramData\Dell
    [14/01/2009|15:46] C:\ProgramData\Documents
    [14/01/2009|15:46] C:\ProgramData\Favoris
    [17/01/2009|19:42] C:\ProgramData\FLEXnet
    [10/01/2009|10:42] C:\ProgramData\Google
    [10/01/2009|10:48] C:\ProgramData\InstallShield
    [13/05/2009|14:26] C:\ProgramData\InternetFax
    [10/01/2009|10:54] C:\ProgramData\McAfee
    [14/01/2009|15:46] C:\ProgramData\Menu D‚marrer
    [08/03/2009|16:28] C:\ProgramData\Microsoft
    [14/01/2009|15:46] C:\ProgramData\ModŠles
    [10/01/2009|10:59] C:\ProgramData\PC-Doctor
    [10/01/2009|10:59] C:\ProgramData\PCDr
    [17/04/2009|18:29] C:\ProgramData\Skype
    [10/01/2009|10:50] C:\ProgramData\Sonic
    [10/01/2009|10:59] C:\ProgramData\SupportSoft
    [03/05/2009|14:05] C:\ProgramData\TechSmith
    [13/05/2009|14:13] C:\ProgramData\tpfmon
    [10/01/2009|10:51] C:\ProgramData\Uninstall
    [20/02/2009|21:30] C:\ProgramData\WebcamMax
    [13/05/2009|11:05] C:\ProgramData\WindowsSearch

    --------------------\\ Listing des dossiers dans C:\Program Files

    [17/01/2009|19:25] C:\Program Files\Adobe
    [30/03/2009|17:10] C:\Program Files\Adolix
    [29/06/2009|23:22] C:\Program Files\Ad-remover
    [08/03/2009|15:49] C:\Program Files\Alcohol Soft
    [13/05/2009|14:11] C:\Program Files\Alliance MCA
    [12/06/2009|22:22] C:\Program Files\ANI
    [10/01/2009|10:39] C:\Program Files\ATI Technologies
    [26/03/2009|19:00] C:\Program Files\BitTorrent
    [17/01/2009|19:24] C:\Program Files\Bonjour
    [10/01/2009|10:41] C:\Program Files\Cisco
    [10/01/2009|10:54] C:\Program Files\Citrix
    [29/06/2009|22:26] C:\Program Files\Common Files
    [10/01/2009|10:46] C:\Program Files\Creative
    [10/01/2009|10:46] C:\Program Files\Creative Live! Cam
    [10/01/2009|10:58] C:\Program Files\CyberLink
    [11/05/2009|14:41] C:\Program Files\DAEMON Tools Pro
    [11/03/2009|13:36] C:\Program Files\DecodingHQ
    [10/01/2009|11:01] C:\Program Files\Dell
    [10/01/2009|10:58] C:\Program Files\Dell DataSafe Online
    [10/01/2009|10:59] C:\Program Files\Dell Support Center
    [10/01/2009|10:48] C:\Program Files\Dell Video Chat
    [10/01/2009|10:46] C:\Program Files\Dell Webcam
    [10/01/2009|19:11] C:\Program Files\DellTPad
    [15/02/2009|01:34] C:\Program Files\DivX
    [12/06/2009|22:20] C:\Program Files\D-Link
    [29/06/2009|22:52] C:\Program Files\DNA
    [14/01/2009|15:46] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
    [26/03/2009|02:31] C:\Program Files\Full Tilt Poker
    [10/01/2009|10:43] C:\Program Files\Google
    [31/03/2009|16:54] C:\Program Files\GPLGS
    [10/01/2009|11:18] C:\Program Files\IDT
    [03/05/2009|13:41] C:\Program Files\infallsoft
    [12/06/2009|22:22] C:\Program Files\InstallShield Installation Information
    [11/06/2009|07:28] C:\Program Files\Internet Explorer
    [13/05/2009|14:11] C:\Program Files\InternetFax
    [31/03/2009|17:13] C:\Program Files\Java
    [29/06/2009|22:52] C:\Program Files\McAfee
    [10/01/2009|10:51] C:\Program Files\McAfee.com
    [14/01/2009|16:10] C:\Program Files\Microsoft
    [02/11/2006|14:37] C:\Program Files\Microsoft Games
    [08/03/2009|16:32] C:\Program Files\Microsoft Office
    [12/05/2009|11:30] C:\Program Files\Microsoft Office Outlook Connector
    [11/06/2009|03:07] C:\Program Files\Microsoft Works
    [08/03/2009|16:28] C:\Program Files\Microsoft.NET
    [21/01/2008|04:35] C:\Program Files\Movie Maker
    [29/06/2009|23:22] C:\Program Files\Mozilla Firefox
    [02/11/2006|14:37] C:\Program Files\MSBuild
    [12/05/2009|11:29] C:\Program Files\MSECache
    [10/05/2009|20:26] C:\Program Files\PokerStars
    [07/06/2009|20:55] C:\Program Files\Pvm
    [02/11/2006|14:37] C:\Program Files\Reference Assemblies
    [10/01/2009|10:51] C:\Program Files\Roxio
    [22/01/2009|16:40] C:\Program Files\RozetUtil
    [17/04/2009|18:29] C:\Program Files\Skype
    [03/05/2009|14:05] C:\Program Files\TechSmith
    [22/02/2009|18:09] C:\Program Files\TVAnts
    [02/11/2006|15:01] C:\Program Files\Uninstall Information
    [05/06/2009|13:34] C:\Program Files\Veoh Networks
    [01/02/2009|02:11] C:\Program Files\VideoLAN
    [20/02/2009|21:29] C:\Program Files\WebcamMax
    [21/01/2008|04:35] C:\Program Files\Windows Calendar
    [21/01/2008|04:35] C:\Program Files\Windows Collaboration
    [21/01/2008|04:35] C:\Program Files\Windows Defender
    [21/01/2008|04:35] C:\Program Files\Windows Journal
    [14/01/2009|16:10] C:\Program Files\Windows Live
    [14/01/2009|16:10] C:\Program Files\Windows Live SkyDrive
    [10/01/2009|19:03] C:\Program Files\Windows Mail
    [12/03/2009|08:06] C:\Program Files\Windows Media Player
    [14/01/2009|15:46] C:\Program Files\Windows NT
    [21/01/2008|04:35] C:\Program Files\Windows Photo Gallery
    [21/01/2008|04:35] C:\Program Files\Windows Sidebar
    [15/01/2009|15:54] C:\Program Files\WinRAR

    --------------------\\ Listing des dossiers dans C:\Program Files\Common Files

    [17/01/2009|19:24] C:\Program Files\Common Files\Adobe
    [22/01/2009|16:40] C:\Program Files\Common Files\Borland Shared
    [08/03/2009|16:32] C:\Program Files\Common Files\DESIGNER
    [10/01/2009|10:48] C:\Program Files\Common Files\InstallShield
    [10/01/2009|10:35] C:\Program Files\Common Files\Java
    [17/01/2009|19:14] C:\Program Files\Common Files\Macrovision Shared
    [10/01/2009|10:52] C:\Program Files\Common Files\McAfee
    [09/03/2009|04:02] C:\Program Files\Common Files\microsoft shared
    [10/01/2009|10:49] C:\Program Files\Common Files\PX Storage Engine
    [10/01/2009|10:46] C:\Program Files\Common Files\Reallusion
    [10/01/2009|10:50] C:\Program Files\Common Files\Roxio Shared
    [02/11/2006|13:18] C:\Program Files\Common Files\Services
    [10/01/2009|10:50] C:\Program Files\Common Files\Sonic Shared
    [02/11/2006|13:18] C:\Program Files\Common Files\SpeechEngines
    [10/01/2009|10:59] C:\Program Files\Common Files\supportsoft
    [10/01/2009|10:51] C:\Program Files\Common Files\SureThing Shared
    [12/05/2009|11:30] C:\Program Files\Common Files\System
    [14/01/2009|16:06] C:\Program Files\Common Files\Windows Live

    --------------------\\ Process

    ( 95 Processes )

    ... OK !

    --------------------\\ Recherche avec S_Lop

    Aucun fichier / dossier Lop trouvé !

    --------------------\\ Recherche de Fichiers / Dossiers Lop

    Aucun fichier / dossier Lop trouvé !

    --------------------\\ Verification du Registre

    ..... OK !

    --------------------\\ Verification du fichier Hosts

    Fichier Hosts PROPRE

    --------------------\\ Recherche de fichiers avec Catchme

    catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2009-06-29 23:29:53
    Windows 6.0.6001 Service Pack 1 NTFS
    scanning hidden processes ...
    scanning hidden files ...
    C:\Users\PRINCE~1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2PNBL913\st[2] 4385 bytes
    C:\Users\PRINCE~1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PIGTAH2H\iframe3[1].htm 856 bytes
    scan completed successfully
    hidden processes: 0
    hidden files: 2

    --------------------\\ Recherche d'autres infections

    --------------------\\ Cracks & Keygens ..

    C:\Users\PRINCE~1\Desktop\CrackPhotoshopCS3
    C:\Users\PRINCE~1\Desktop\CrackPhotoshopCS3 - Raccourci.lnk
    C:\Users\PRINCE~1\Desktop\CrackPhotoshopCS3\FRItinerary.aspx.htm
    C:\Users\PRINCE~1\Desktop\CrackPhotoshopCS3\FRItinerary.aspx_fichiers
    C:\Users\PRINCE~1\Desktop\CrackPhotoshopCS3\Photoshop.exe
    C:\Users\PRINCE~1\Desktop\CrackPhotoshopCS3\READMEPHOTOSHOPCRACK.txt
    C:\Users\PRINCE~1\Desktop\CrackPhotoshopCS3\FRItinerary.aspx_fichiers\cpbuttons.htm
    C:\Users\PRINCE~1\Desktop\CrackPhotoshopCS3\FRItinerary.aspx_fichiers\cpbuttons_data
    C:\Users\PRINCE~1\Desktop\CrackPhotoshopCS3\FRItinerary.aspx_fichiers\datePicker.css
    C:\Users\PRINCE~1\Desktop\CrackPhotoshopCS3\FRItinerary.aspx_fichiers\general.htm
    C:\Users\PRINCE~1\Desktop\CrackPhotoshopCS3\FRItinerary.aspx_fichiers\general_data
    C:\Users\PRINCE~1\Desktop\CrackPhotoshopCS3\FRItinerary.aspx_fichiers\hertz2.htm
    C:\Users\PRINCE~1\Desktop\CrackPhotoshopCS3\FRItinerary.aspx_fichiers\hit.gif
    C:\Users\PRINCE~1\Desktop\CrackPhotoshopCS3\FRItinerary.aspx_fichiers\logoyelbg.gif
    C:\Users\PRINCE~1\Desktop\CrackPhotoshopCS3\FRItinerary.aspx_fichiers\ryanairdynamictext.htm
    C:\Users\PRINCE~1\Desktop\CrackPhotoshopCS3\FRItinerary.aspx_fichiers\ryanairdynamictext_data
    C:\Users\PRINCE~1\Desktop\CrackPhotoshopCS3\FRItinerary.aspx_fichiers\shuttle.gif
    C:\Users\PRINCE~1\Desktop\CrackPhotoshopCS3\FRItinerary.aspx_fichiers\SkySales_695740ABF825CC09D79B45E3498BA96D.js
    C:\Users\PRINCE~1\Desktop\CrackPhotoshopCS3\FRItinerary.aspx_fichiers\Standard.css
    C:\Users\PRINCE~1\Desktop\CrackPhotoshopCS3\FRItinerary.aspx_fichiers\xtcore.js
    C:\Users\PRINCE~1\Desktop\CrackPhotoshopCS3\FRItinerary.aspx_fichiers\cpbuttons_data\banner.jpg
    C:\Users\PRINCE~1\Desktop\CrackPhotoshopCS3\FRItinerary.aspx_fichiers\cpbuttons_data\bcp_EN.gif
    C:\Users\PRINCE~1\Desktop\CrackPhotoshopCS3\FRItinerary.aspx_fichiers\cpbuttons_data\creditcard_EN.gif
    C:\Users\PRINCE~1\Desktop\CrackPhotoshopCS3\FRItinerary.aspx_fichiers\cpbuttons_data\express_EN.gif
    C:\Users\PRINCE~1\Desktop\CrackPhotoshopCS3\FRItinerary.aspx_fichiers\cpbuttons_data\fbd_EN.gif
    C:\Users\PRINCE~1\Desktop\CrackPhotoshopCS3\FRItinerary.aspx_fichiers\cpbuttons_data\insurance_EN.gif
    C:\Users\PRINCE~1\Desktop\CrackPhotoshopCS3\FRItinerary.aspx_fichiers\cpbuttons_data\mcube_EN.gif
    C:\Users\PRINCE~1\Desktop\CrackPhotoshopCS3\FRItinerary.aspx_fichiers\cpbuttons_data\miceanddice_EN.gif
    C:\Users\PRINCE~1\Desktop\CrackPhotoshopCS3\FRItinerary.aspx_fichiers\cpbuttons_data\money_EN.gif
    C:\Users\PRINCE~1\Desktop\CrackPhotoshopCS3\FRItinerary.aspx_fichiers\cpbuttons_data\transfer_EN.gif
    C:\Users\PRINCE~1\Desktop\CrackPhotoshopCS3\FRItinerary.aspx_fichiers\cpbuttons_data\travelguides_EN.gif
    C:\Users\PRINCE~1\Desktop\CrackPhotoshopCS3\FRItinerary.aspx_fichiers\cpbuttons_data\villas_EN.gif
    C:\Users\PRINCE~1\Desktop\CrackPhotoshopCS3\FRItinerary.aspx_fichiers\cpbuttons_data\vouchers_EN.gif
    C:\Users\PRINCE~1\Desktop\CrackPhotoshopCS3\FRItinerary.aspx_fichiers\general_data\4sterren4.png
    C:\Users\PRINCE~1\Desktop\CrackPhotoshopCS3\FRItinerary.aspx_fichiers\general_data\559295.gif
    C:\Users\PRINCE~1\Desktop\CrackPhotoshopCS3\FRItinerary.aspx_fichiers\general_data\boxbgcorner.jpg
    C:\Users\PRINCE~1\Desktop\CrackPhotoshopCS3\FRItinerary.aspx_fichiers\general_data\ga.js
    C:\Users\PRINCE~1\Desktop\CrackPhotoshopCS3\FRItinerary.aspx_fichiers\general_data\info.png
    C:\Users\PRINCE~1\Desktop\CrackPhotoshopCS3\FRItinerary.aspx_fichiers\general_data\jquery_tooltip.js
    C:\Users\PRINCE~1\Desktop\CrackPhotoshopCS3\FRItinerary.aspx_fichiers\general_data\main.css
    C:\Users\PRINCE~1\Desktop\CrackPhotoshopCS3\FRItinerary.aspx_fichiers\general_data\main.js
    C:\Users\PRINCE~1\Desktop\CrackPhotoshopCS3\FRItinerary.aspx_fichiers\general_data\maxPersonsSingle.png
    C:\Users\PRINCE~1\Desktop\CrackPhotoshopCS3\FRItinerary.aspx_fichiers\general_data\resultsoverwrite.css
    C:\Users\PRINCE~1\Desktop\CrackPhotoshopCS3\FRItinerary.aspx_fichiers\general_data\reviewBar.png
    C:\Users\PRINCE~1\Desktop\CrackPhotoshopCS3\FRItinerary.aspx_fichiers\general_data\searchresults.css
    C:\Users\PRINCE~1\Desktop\CrackPhotoshopCS3\FRItinerary.aspx_fichiers\general_data\thumbyellow.png
    C:\Users\PRINCE~1\Desktop\CrackPhotoshopCS3\FRItinerary.aspx_fichiers\general_data\transparent.png
    C:\Users\PRINCE~1\Desktop\CrackPhotoshopCS3\FRItinerary.aspx_fichiers\ryanairdynamictext_data\ryanairhwconfirmationimage8.gif
    C:\Users\PRINCE~1\Downloads\Sudoku! Deluxe + crack
    C:\Users\PRINCE~1\Downloads\Sudoku! Deluxe + crack.rar
    C:\Users\PRINCE~1\Downloads\Sudoku! Deluxe + crack\Sudoku! Deluxe + crack
    C:\Users\PRINCE~1\Downloads\Sudoku! Deluxe + crack\Sudoku! Deluxe + crack\134.jpg
    C:\Users\PRINCE~1\Downloads\Sudoku! Deluxe + crack\Sudoku! Deluxe + crack\A lire lecoyote666
    C:\Users\PRINCE~1\Downloads\Sudoku! Deluxe + crack\Sudoku! Deluxe + crack\crack
    C:\Users\PRINCE~1\Downloads\Sudoku! Deluxe + crack\Sudoku! Deluxe + crack\sudokudownload.exe
    C:\Users\PRINCE~1\Downloads\Sudoku! Deluxe + crack\Sudoku! Deluxe + crack\Thumbs.db
    C:\Users\PRINCE~1\Downloads\Sudoku! Deluxe + crack\Sudoku! Deluxe + crack\A lire lecoyote666\A lire lecoyote666.txt
    C:\Users\PRINCE~1\Downloads\Sudoku! Deluxe + crack\Sudoku! Deluxe + crack\A lire lecoyote666\Forum Lecoyote666.url
    C:\Users\PRINCE~1\Downloads\Sudoku! Deluxe + crack\Sudoku! Deluxe + crack\A lire lecoyote666\Lecoyote666.nfo
    C:\Users\PRINCE~1\Downloads\Sudoku! Deluxe + crack\Sudoku! Deluxe + crack\A lire lecoyote666\Site Lecoyote666.url
    C:\Users\PRINCE~1\Downloads\Sudoku! Deluxe + crack\Sudoku! Deluxe + crack\crack\sudoku.exe

    [F:11][D:12]-> C:\Users\PRINCE~1\AppData\Local\Temp
    [F:22][D:1]-> C:\Users\PRINCE~1\AppData\Roaming\MICROS~1\Windows\Cookies
    [F:540][D:8]-> C:\Users\PRINCE~1\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
    [F:1][D:1]-> C:\$Recycle.Bin

    1 - "C:\Lop SD\LopR_1.txt" - 29/06/2009|23:31 - Option : [1]

    --------------------\\ Fin du rapport a 23:31:40
    [ UAC => 1 ]
    0
  • 1
  • 2
  • 3