Se connecter / S'enregistrer
Votre question

Pc qui rame! Rapport Hijackthis posté

Tags :
  • Hijackthis
  • Sécurité
Dernière réponse : dans Sécurité et virus
15 Mars 2008 08:11:56

bonjour a toutes et a tous,
j'ai de gros problemes mons pc rame enormement il met 10 min a s'allumer et qand je me connecte a internet des pages intempestives (pub) s'ouvrent automatiquement. J'ai scanné avec avg mais rien n'y fait.
Voila mon rapport hijackthis:
Merci d'avance

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 07:54:08, on 15/03/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\WINDOWS\system32\SysMonitor.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\WINDOWS\vsnp2uvc.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\Rundll32.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe
C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\WINDOWS\eHome\ehSched.exe

Autres pages sur : rame rapport hijackthis posta

15 Mars 2008 09:08:31


Bonjour ,

Poste le rapport entier , ici il n'y à que les processus

15 Mars 2008 09:14:46

Desolé j'avais pas fais attention.
Nouveau rapport:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 09:12:57, on 15/03/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\WINDOWS\system32\SysMonitor.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\WINDOWS\vsnp2uvc.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\Rundll32.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe
C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Fichiers communs\NMSAccessU.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\dllhost.exe
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Java\jre1.5.0_06\bin\jucheck.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.fr.acer.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.fr.acer.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://shell.windows.com/fileassoc/fileassoc.asp?LangID...
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: (no name) - {6AE9E242-45EC-453C-B6C2-9D0F8F51C630} - (no file)
O2 - BHO: (no name) - {6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: (no name) - {CC82DA0E-1161-4258-9EDA-FA7C40A67A55} - (no file)
O2 - BHO: {7472d5d5-0e15-b0a9-7514-04746650f08d} - {d80f0566-4740-4157-9a0b-51e05d5d2747} - C:\WINDOWS\system32\trwopolm.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [ntiMUI] c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] C:\WINDOWS\system32\SysMonitor.exe
O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe 1
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe /idle
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [snp2uvc] C:\WINDOWS\vsnp2uvc.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [e86feb6d] rundll32.exe "C:\WINDOWS\system32\ljgfmbsx.dll",b
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [BMeb5cd8f1] Rundll32.exe "C:\WINDOWS\system32\pcadjwhu.dll",s
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\CCleaner.exe" /AUTO
O4 - HKCU\..\Run: [EPSON Stylus DX8400 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICEE.EXE /FU "C:\WINDOWS\TEMP\E_S1D6.tmp" /EF "HKCU"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: TribalWeb.lnk = C:\Program Files\TribalWeb\tribalweb.exe
O4 - Global Startup: Acer Empowering Technology.lnk = ?
O4 - Global Startup: Acer WLAN 11g USB Dongle.lnk = C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?a240d4a1b4284367824bfa25149b11e7
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?a240d4a1b4284367824bfa25149b11e7
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown....
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.ca...
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab57213....
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL
O20 - Winlogon Notify: wvurrrq - wvurrrq.dll (file missing)
O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: Google Desktop Manager 5.1.709.19590 (GoogleDesktopManager-091907-194040) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\Fichiers communs\NMSAccessU.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SPBBCSvc - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe

--
End of file - 12534 bytes
Contenus similaires
15 Mars 2008 09:32:04


Tu es bien infecté ...

Désactive tes protections résidentes ( Antivirus , ... ) tu les réactivera après le scan

Télécharge ComboFix [:eric_71] < ici

Enregistre le sur ton Bureau et pas ailleurs !
Double clique combofix.exe ( le .exe peut ne pas apparaitre )
Pour démarrer , tape [1] puis valide , attend la fin du scan
il peut y avoir un Redémarrage du PC !

Copie / Colle le rapport généré ( C:\Combofix.txt )

15 Mars 2008 11:54:06

Merci de ta reponse voila le rapport:
ComboFix 08-03-14.4 - Caroline FORGET 2008-03-15 9:36:15.1 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.347 [GMT 1:00]
Endroit: C:\Documents and Settings\Caroline FORGET\Bureau\ComboFix.exe
* Création d'un nouveau point de restauration

AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\WebMediaPlayer
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\WebMediaPlayer\Conditions générales.url
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\WebMediaPlayer\Confidentialité.url
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\WebMediaPlayer\Désinstaller.lnk
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\WebMediaPlayer\WebMediaPlayer.lnk
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\WebMediaPlayer\Website.url
c:\Documents and Settings\Caroline FORGET\Local Settings\Application Data\gxqqb.dat
c:\documents and settings\caroline forget\local settings\application data\gxqqb.exe
c:\Documents and Settings\Caroline FORGET\Local Settings\Application Data\gxqqb_nav.dat
c:\Documents and Settings\Caroline FORGET\Local Settings\Application Data\gxqqb_navps.dat
C:\Program Files\webmediaplayer
C:\Program Files\webmediaplayer\resources\languages_v2.xml
C:\Program Files\webmediaplayer\resources\webmedias
C:\Program Files\webmediaplayer\skins\classic.skn
C:\Program Files\webmediaplayer\sqlite3.dll
C:\Program Files\webmediaplayer\uninst.exe
C:\Program Files\webmediaplayer\WebMediaPlayer.exe
C:\WINDOWS\BMeb5cd8f1.xml
C:\WINDOWS\cookies.ini
C:\WINDOWS\pskt.ini
C:\WINDOWS\system32\alhefwcc.dll
C:\WINDOWS\system32\awtsr.dll
C:\WINDOWS\system32\baapjjgu.dll
C:\WINDOWS\system32\cgimdivw.dll
C:\WINDOWS\system32\ddayy.dll
C:\WINDOWS\system32\dgqetdnp.dll
C:\WINDOWS\system32\ekrretfi.dll
C:\WINDOWS\system32\etrvcmdq.dll
C:\WINDOWS\system32\fmryfndl.dll
C:\WINDOWS\system32\gebca.dll
C:\WINDOWS\system32\geeda.dll
C:\WINDOWS\system32\ggfvrfut.ini
C:\WINDOWS\system32\hokgukxw.dll
C:\WINDOWS\system32\jkkjj.dll
C:\WINDOWS\system32\kudsdnjr.dll
C:\WINDOWS\system32\lfcwobdc.dll
C:\WINDOWS\system32\ljgfmbsx.dll
C:\WINDOWS\system32\lwftwsvy.dll
C:\WINDOWS\system32\maimlbkm.dll
C:\WINDOWS\system32\mcrh.tmp
C:\WINDOWS\system32\mfimoyqo.dll
C:\WINDOWS\system32\mkblmiam.ini
C:\WINDOWS\system32\mljjg.dll
C:\WINDOWS\system32\mljjk.dll
C:\WINDOWS\system32\nvs2.inf
C:\WINDOWS\system32\oqtwa.ini
C:\WINDOWS\system32\oqtwa.ini2
C:\WINDOWS\system32\osqvnokd.dll
C:\WINDOWS\system32\pcadjwhu.dll
C:\WINDOWS\system32\pclcavfp.dll
C:\WINDOWS\system32\pcrwcmes.dll
C:\WINDOWS\system32\pmkhf.dll
C:\WINDOWS\system32\raccvkuw.dll
C:\WINDOWS\system32\rbycaswu.dll
C:\WINDOWS\system32\rrteebdt.dll
C:\WINDOWS\system32\ssqpq.dll
C:\WINDOWS\system32\ssqro.dll
C:\WINDOWS\system32\tkhohqcc.dll
C:\WINDOWS\system32\trwopolm.dll
C:\WINDOWS\system32\tufrvfgg.dll
C:\WINDOWS\system32\ugjjpaab.ini
C:\WINDOWS\system32\vtsqp.dll
C:\WINDOWS\system32\vtutq.dll
C:\WINDOWS\system32\wqyidxyq.dll
C:\WINDOWS\system32\xbeeg.ini
C:\WINDOWS\system32\xbeeg.ini2
C:\WINDOWS\system32\xsbmfgjl.ini
C:\WINDOWS\system32\yllehqxv.dll

.
((((((((((((((((((((((((((((( Fichiers créés 2008-02-15 to 2008-03-15 ))))))))))))))))))))))))))))))))))))
.

2008-03-15 00:10 . 2008-03-15 00:10 <REP> d-------- C:\Program Files\Trend Micro
2008-03-14 23:52 . 2008-03-14 23:52 <REP> d-------- C:\Documents and Settings\Caroline FORGET\Application Data\Talkback
2008-03-14 23:52 . 2008-03-14 23:52 0 --a------ C:\WINDOWS\nsreg.dat
2008-03-14 23:47 . 2008-03-14 23:47 <REP> d-------- C:\Documents and Settings\Caroline FORGET\Application Data\Grisoft
2008-03-14 23:46 . 2007-05-30 13:10 10,872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2008-03-11 22:56 . 2008-03-13 01:01 1,320,095 ---hs---- C:\WINDOWS\system32\mflnytqg.ini
2008-03-10 21:37 . 2008-03-10 21:37 40,960 --a------ C:\WINDOWS\system32\HTGD0003.exe
2008-03-10 21:37 . 2008-03-10 21:37 36,864 --a------ C:\WINDOWS\system32\HTGD0005.exe
2008-03-10 21:37 . 2008-03-10 21:37 33,732 --a------ C:\WINDOWS\system32\HTGD0002.bmp
2008-03-10 21:37 . 2008-03-10 21:37 50 --a------ C:\WINDOWS\system32\HTGD0006.ini
2008-03-10 21:10 . 2008-03-10 22:04 1,318,703 ---hs---- C:\WINDOWS\system32\gqnddjms.ini
2008-03-09 12:18 . 2008-03-10 21:09 1,318,223 ---hs---- C:\WINDOWS\system32\vtiwmrcq.ini
2008-03-09 02:36 . 2008-03-09 02:36 <REP> d--h----- C:\WINDOWS\PIF
2008-03-08 18:00 . 2008-03-08 18:00 <REP> d-------- C:\Program Files\uTorrent
2008-03-08 17:59 . 2008-03-15 07:56 <REP> d-------- C:\Documents and Settings\Caroline FORGET\Application Data\uTorrent
2008-03-07 22:43 . 2008-03-07 22:43 29 --a------ C:\WINDOWS\DEBUGSM.INI
2008-03-07 12:17 . 2008-03-08 12:17 1,308,821 ---hs---- C:\WINDOWS\system32\lnixjiji.ini
2008-03-06 12:18 . 2008-03-07 10:59 1,307,627 ---hs---- C:\WINDOWS\system32\pdfatqhr.ini
2008-03-04 12:17 . 2008-03-05 11:12 1,302,210 ---hs---- C:\WINDOWS\system32\jilbbjfk.ini
2008-03-04 11:48 . 2008-03-04 11:48 <REP> d-------- C:\Documents and Settings\Caroline FORGET\Application Data\NettoyeurDePC
2008-03-04 11:43 . 2008-03-15 00:49 <REP> d-------- C:\Program Files\Fichiers communs\NettoyeurDePC
2008-03-04 11:43 . 2008-03-04 11:43 <REP> dr------- C:\Documents and Settings\All Users\Application Data\SalesMon
2008-03-04 11:43 . 2008-03-04 11:43 <REP> d-------- C:\Documents and Settings\All Users\Application Data\NettoyeurDePC
2008-03-03 12:14 . 2008-03-04 12:14 1,301,772 ---hs---- C:\WINDOWS\system32\oahvpcml.ini
2008-03-02 20:48 . 2008-03-02 20:48 <REP> d-------- C:\Poker
2008-02-28 17:42 . 2008-02-28 17:42 268 --ah----- C:\sqmdata19.sqm
2008-02-28 17:42 . 2008-02-28 17:42 244 --ah----- C:\sqmnoopt19.sqm
2008-02-28 14:58 . 2008-02-28 14:58 268 --ah----- C:\sqmdata18.sqm
2008-02-28 14:58 . 2008-02-28 14:58 244 --ah----- C:\sqmnoopt18.sqm
2008-02-26 18:58 . 2008-02-28 02:48 <REP> d-------- C:\Documents and Settings\Caroline FORGET\Application Data\Calendrier Xtra
2008-02-24 17:13 . 2008-02-24 17:13 <REP> d-------- C:\Documents and Settings\Caroline FORGET\Application Data\gtk-2.0
2008-02-24 17:12 . 2008-02-24 17:12 <REP> d-------- C:\Documents and Settings\Caroline FORGET\.thumbnails
2008-02-24 17:03 . 2008-02-24 23:59 <REP> d-------- C:\Documents and Settings\Caroline FORGET\.gimp-2.4
2008-02-23 18:55 . 2008-02-23 18:57 <REP> d-------- C:\Documents and Settings\Caroline FORGET\Application Data\Hemera
2008-02-23 18:54 . 2008-02-23 18:54 40,960 --a------ C:\HTGD0003.exe
2008-02-23 18:11 . 2008-02-23 18:11 <REP> d-------- C:\Program Files\Fichiers communs\Micro Application Shared
2008-02-22 18:22 . 2008-02-22 18:22 <REP> d-------- C:\Documents and Settings\Caroline FORGET\Application Data\EPSON
2008-02-22 17:38 . 2008-02-22 17:38 <REP> d-------- C:\Documents and Settings\All Users\Application Data\UDL
2008-02-22 17:30 . 2008-02-22 17:36 <REP> d-------- C:\Program Files\epson
2008-02-22 17:29 . 2008-02-22 17:29 <REP> d-------- C:\Documents and Settings\All Users\Application Data\EPSON
2008-02-22 17:29 . 2006-12-08 03:04 76,800 --a------ C:\WINDOWS\system32\E_FLBCEE.DLL
2008-02-22 17:29 . 2006-04-19 03:00 62,976 --a------ C:\WINDOWS\system32\E_FD4BCEE.DLL
2008-02-22 17:29 . 2004-09-10 21:12 49,152 --a------ C:\WINDOWS\system32\E_DCINST.DLL
2008-02-22 17:29 . 2008-02-22 17:29 25 --a------ C:\WINDOWS\CDE DX8400DEFGIPS.ini
2008-02-22 17:26 . 2004-08-03 23:01 25,856 --a------ C:\WINDOWS\system32\drivers\usbprint.sys
2008-02-22 17:26 . 2004-08-03 23:01 25,856 --a--c--- C:\WINDOWS\system32\dllcache\usbprint.sys
2008-02-22 17:25 . 2007-04-18 00:00 67,072 --a------ C:\WINDOWS\system32\escwiad.dll
2008-02-22 17:25 . 2004-08-03 22:58 15,104 --a------ C:\WINDOWS\system32\drivers\usbscan.sys
2008-02-22 17:25 . 2004-08-03 22:58 15,104 --a--c--- C:\WINDOWS\system32\dllcache\usbscan.sys
2008-02-17 13:20 . 2008-02-28 02:52 <REP> d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
2008-02-17 13:18 . 2008-02-17 13:18 <REP> d-------- C:\Program Files\Picasa2
2008-02-17 13:18 . 2006-10-05 03:42 2,560 --------- C:\WINDOWS\system32\drivers\cdralw2k.sys
2008-02-17 13:18 . 2006-10-05 03:42 2,432 --------- C:\WINDOWS\system32\drivers\cdr4_xp.sys

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-03-15 02:06 --------- d-----w C:\Documents and Settings\All Users\Application Data\Google Updater
2008-03-11 18:34 --------- d-----w C:\Program Files\Everest Poker
2008-03-10 20:38 --------- d-----w C:\Program Files\Micro Application
2008-03-06 21:21 --------- d-----w C:\Program Files\Fichiers communs\Adobe
2008-02-28 05:58 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-02-28 01:50 --------- d-----w C:\Program Files\Google
2008-02-22 16:41 --------- d-----w C:\Program Files\Fichiers communs\InstallShield
2008-01-24 20:02 --------- d-----w C:\Program Files\MSN Messenger
2008-01-24 20:02 --------- d-----w C:\Program Files\Messenger Plus! Live
2007-01-25 02:52 65,536 ----a-w C:\Program Files\Fichiers communs\NMSAccessU.exe
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-10 21:00 15360]
"MessengerPlus3"="C:\Program Files\MessengerPlus! 3\MsgPlus.exe" [2007-12-13 20:45 190024]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 17:24 1694208]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-12-15 14:59 68856]
"msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" [2007-01-19 12:55 5674352]
"ccleaner"="C:\Program Files\CCleaner\CCleaner.exe" [2007-11-22 17:10 787696]
"EPSON Stylus DX8400 Series"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICEE.exe" [2007-04-12 07:00 182272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray"="C:\WINDOWS\ehome\ehtray.exe" [2005-09-29 14:01 67584]
"LaunchApp"="Alaunch" []
"RTHDCPL"="RTHDCPL.EXE" [2006-06-01 17:48 16208384 C:\WINDOWS\RTHDCPL.exe]
"SkyTel"="SkyTel.EXE" [2006-05-16 19:04 2879488 C:\WINDOWS\SkyTel.exe]
"ntiMUI"="c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe" [2005-05-11 16:15 45056]
"IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe" [2004-08-10 21:00 208952]
"IMEKRMIG6.1"="C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE" [2004-08-10 21:00 44032]
"MSPY2002"="C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-10 21:00 59392]
"PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-10 21:00 455168]
"PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-10 21:00 455168]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-04-27 10:47 7573504]
"nwiz"="nwiz.exe" [2006-04-27 10:47 1519616 C:\WINDOWS\system32\nwiz.exe]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2006-04-27 10:47 86016]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe" [2005-11-10 13:03 36975]
"Acer Empowering Technology Monitor"="C:\WINDOWS\system32\SysMonitor.exe" [2006-04-18 19:54 49152]
"eRecoveryService"="C:\Acer\Empowering Technology\eRecovery\eRAgent.exe" [2006-06-01 14:40 413696]
"eDataSecurity Loader"="C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe" [2006-03-17 15:00 345088]
"ccApp"="C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" [2005-09-17 13:27 52848]
"WarReg_PopUp"="C:\Acer\WR_PopUp\WarReg_PopUp.exe" [2006-09-23 13:08 61440]
"Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [2007-12-15 16:49 1840128]
"snp2uvc"="C:\WINDOWS\vsnp2uvc.exe" [2007-06-22 18:19 569344]
"Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe" [ ]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 14:00 79224]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2004-08-10 21:00 110592 C:\WINDOWS\system32\bthprops.cpl]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 10:25 6731312]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-10 21:00 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"InstallVisualStyle"= C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"= C:\WINDOWS\Resources\Themes\Royale.theme

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableRegistryTools"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\wvurrrq]
wvurrrq.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"FirewallOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"C:\\Program Files\\MSN Messenger\\livecall.exe"=
"C:\\Program Files\\TribalWeb\\tribalweb.exe"=
"C:\\Program Files\\uTorrent\\uTorrent.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"12348:TCP"= 12348:TCP:NortonAV
"13790:TCP"= 13790:TCP:NortonAV
"17593:TCP"= 17593:TCP:NortonAV
"18019:TCP"= 18019:TCP:NortonAV
"17925:TCP"= 17925:TCP:NortonAV
"16595:TCP"= 16595:TCP:NortonAV
"15856:TCP"= 15856:TCP:NortonAV
"14436:TCP"= 14436:TCP:NortonAV
"16788:TCP"= 16788:TCP:NortonAV
"16864:TCP"= 16864:TCP:NortonAV

R2 NMSAccessU;NMSAccessU;C:\Program Files\Fichiers communs\NMSAccessU.exe [2007-01-25 03:52]
R3 int15.sys;int15.sys;C:\Acer\Empowering Technology\eRecovery\int15.sys [2005-01-13 14:46]
R3 psdfilter;psdfilter;C:\WINDOWS\system32\Drivers\psdfilter.sys [2006-04-07 20:17]
R3 psdvdisk;psdvdisk;C:\WINDOWS\system32\Drivers\psdvdisk.sys [2006-03-08 17:10]
S3 Boonty Games;Boonty Games;"C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe" [2008-01-14 18:30]
S3 camfilt2;camfilt2;C:\WINDOWS\system32\DRIVERS\camfilt2.sys [2007-06-13 15:43]
S3 GoogleDesktopManager-091907-194040;Google Desktop Manager 5.1.709.19590;"C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [2007-12-15 16:49]
S3 ZD1211BU(ZyDAS);ZyDAS ZD1211B IEEE 802.11 b+g Wireless LAN Driver (USB)(ZyDAS);C:\WINDOWS\system32\DRIVERS\zd1211Bu.sys [2005-10-28 10:38]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\J]
\Shell\Auto\command - J:\AdobeR.exe e
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL AdobeR.exe e

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\K]
\Shell\Auto\command - K:\AdobeR.exe e
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL AdobeR.exe e

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\L]
\Shell\Auto\command - L:\AdobeR.exe e
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL AdobeR.exe e

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{83444242-b66e-11dc-8913-001921507dd6}]
\Shell\AutoRun\command - K:\setup.exe

.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2008-03-14 14:00:01 C:\WINDOWS\Tasks\Norton Security Scan.job"
- C:\Program Files\Norton Security Scan\Nss.exe
.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-03-15 09:40:55
Windows 5.1.2600 Service Pack 2 NTFS

Balayage processus cachés ...

Balayage caché autostart entries ...

Balayage des fichiers cachés ...

Scan terminé avec succès
Les fichiers cachés: 0

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe
C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\TribalWeb\tribalweb.exe
C:\WINDOWS\ehome\mcrdsvc.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\dllhost.exe
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
C:\WINDOWS\eHome\ehmsas.exe
.
**************************************************************************
.
Temps d'accomplissement: 2008-03-15 9:44:14 - machine was rebooted
ComboFix-quarantined-files.txt 2008-03-15 08:44:09
.
2008-03-13 02:03:47 --- E O F ---
e ta reponse. Rapport combofix:
15 Mars 2008 12:54:44

Re ,

Séléctionne l'encadré ci dessous en entier , puis clique droit , choisis Copier

http://www.infos-du-net.com/forum/278040-11-rame-rapport-hijackthis-poste#t290829

Driver::
Boonty Games

Collect::[4]
C:\WINDOWS\system32\mflnytqg.ini
C:\WINDOWS\system32\gqnddjms.ini
C:\WINDOWS\system32\vtiwmrcq.ini
C:\WINDOWS\system32\lnixjiji.ini
C:\WINDOWS\system32\pdfatqhr.ini
C:\WINDOWS\system32\jilbbjfk.ini
C:\WINDOWS\system32\oahvpcml.ini

DirLook::
C:\Poker

Folder::
C:\Program Files\Fichiers communs\BOONTY Shared
C:\Program Files\Everest Poker

Registry::
[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\wvurrrq]

Colle le dans le Bloc-Notes
Enregistre le sur ton Bureau et nomme le CFScript ( type fichier texte )
Fait glisser le fichier CFScript sur le fichier ComboFix.exe comme ceci :



Un menu va apparaitre , tape 1 puis valide
Laisse faire le scan

Des nouveaux fichiers vont être crées sur ton bureau ( [4]-Submit_Date_Time.zip et CF-Submit.htm )
Et une fenêtre va s'ouvrir clique sur [OK]
Une deuxième fenêtre va s'ouvrir te demandant de placer le chemin jusqu'au fichier [4]-Submit_Date_Time.zip
Fais le puis clique sur [send file]

poste le rapport généré ( C:\ComboFix.txt )
15 Mars 2008 14:10:45

la procedure ne s'est pas passée comme tu me la décris mais il m'a quand meme generé un rapport le voila:

ComboFix 08-03-14.4 - Caroline FORGET 2008-03-15 14:05:12.3 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.312 [GMT 1:00]
Endroit: C:\Documents and Settings\Caroline FORGET\Bureau\ComboFix.exe
Command switches used :: C:\Documents and Settings\Caroline FORGET\Bureau\CFScript.txt
* Création d'un nouveau point de restauration

AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Previous Run -------
.
C:\Documents and Settings\Caroline FORGET\Local Settings\Application Data\ezmipmdai.dat
C:\Documents and Settings\Caroline FORGET\Local Settings\Application Data\ezmipmdai.exe
C:\Documents and Settings\Caroline FORGET\Local Settings\Application Data\ezmipmdai_nav.dat
C:\Documents and Settings\Caroline FORGET\Local Settings\Application Data\ezmipmdai_navps.dat
C:\Documents and Settings\Caroline FORGET\ravmonlog
C:\Program Files\Everest Poker
C:\Program Files\Everest Poker\casino.exe
C:\Program Files\Everest Poker\cstart-tmp.exe
C:\Program Files\Everest Poker\cstart.exe
C:\Program Files\Everest Poker\data\fonts\kgp-en.ttf
C:\Program Files\Everest Poker\data\mp-lobby\fr.gvt
C:\Program Files\Everest Poker\data\mp-lobby\shared.gvt
C:\Program Files\Everest Poker\data\mp-poker\background\contemp.gvt
C:\Program Files\Everest Poker\data\mp-poker\background\default.gvt
C:\Program Files\Everest Poker\data\mp-poker\background\med.gvt
C:\Program Files\Everest Poker\data\mp-poker\background\medieval.gvt
C:\Program Files\Everest Poker\data\mp-poker\background\woods.gvt
C:\Program Files\Everest Poker\data\mp-poker\fr\bitmaps.gvt
C:\Program Files\Everest Poker\data\mp-poker\fr\mp-poker_strings.txt
C:\Program Files\Everest Poker\data\mp-poker\fr\mp-poker_tutorial.txt
C:\Program Files\Everest Poker\data\mp-poker\shared.gvt
C:\Program Files\Everest Poker\data\shared\fr\country.txt
C:\Program Files\Everest Poker\data\shared\fr\language.txt
C:\Program Files\Everest Poker\data\shared\fr\ordinal.txt
C:\Program Files\Everest Poker\data\shared\shared\bitmaps\btn_scroll.gvt
C:\Program Files\Everest Poker\data\shared\shared\bitmaps\check.art
C:\Program Files\Everest Poker\data\shared\shared\bitmaps\chips.art
C:\Program Files\Everest Poker\data\shared\shared\sounds\button.ogg
C:\Program Files\Everest Poker\data\shared\shared\sounds\carddeal.ogg
C:\Program Files\Everest Poker\data\shared\shared\sounds\cardflip.ogg
C:\Program Files\Everest Poker\data\shared\shared\sounds\chipclick.ogg
C:\Program Files\Everest Poker\data\startup\en\startup_strings.txt
C:\Program Files\Everest Poker\data\startup\fr\cstart.txt
C:\Program Files\Everest Poker\data\startup\fr\startup_strings.txt
C:\Program Files\Everest Poker\data\startup\shared\bitmaps\splash_poker.art
C:\Program Files\Everest Poker\data\startup\shared\icons\ep.ico
C:\Program Files\Everest Poker\data\startup\shared\sounds\alert.ogg
C:\Program Files\Everest Poker\Everest Poker.exe
C:\Program Files\Everest Poker\gvbase.dll
C:\Program Files\Everest Poker\gvcrt.dll
C:\Program Files\Everest Poker\gvgfx-dib.dll
C:\Program Files\Everest Poker\gvgfx.dll
C:\Program Files\Everest Poker\gvmain.dll
C:\Program Files\Everest Poker\gvmain.exe
C:\Program Files\Everest Poker\gvnetwork.dll
C:\Program Files\Everest Poker\gvsound.dll
C:\Program Files\Everest Poker\init.ini
C:\Program Files\Everest Poker\log.dat
C:\Program Files\Everest Poker\settings.ini
C:\Program Files\Everest Poker\toc_fr.ini
C:\Program Files\Everest Poker\var\content-fr.dat
C:\Program Files\Fichiers communs\BOONTY Shared
C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
C:\WINDOWS\system32\gqnddjms.ini
C:\WINDOWS\system32\jilbbjfk.ini
C:\WINDOWS\system32\lnixjiji.ini
C:\WINDOWS\system32\mflnytqg.ini
C:\WINDOWS\system32\oahvpcml.ini
C:\WINDOWS\system32\pdfatqhr.ini
C:\WINDOWS\system32\vtiwmrcq.ini

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\LEGACY_BOONTY_GAMES
-------\Boonty Games


((((((((((((((((((((((((((((( Fichiers créés 2008-02-15 to 2008-03-15 ))))))))))))))))))))))))))))))))))))
.

2008-03-15 00:10 . 2008-03-15 00:10 <REP> d-------- C:\Program Files\Trend Micro
2008-03-14 23:52 . 2008-03-14 23:52 <REP> d-------- C:\Documents and Settings\Caroline FORGET\Application Data\Talkback
2008-03-14 23:52 . 2008-03-14 23:52 0 --a------ C:\WINDOWS\nsreg.dat
2008-03-14 23:47 . 2008-03-14 23:47 <REP> d-------- C:\Documents and Settings\Caroline FORGET\Application Data\Grisoft
2008-03-14 23:46 . 2007-05-30 13:10 10,872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2008-03-10 21:37 . 2008-03-10 21:37 40,960 --a------ C:\WINDOWS\system32\HTGD0003.exe
2008-03-10 21:37 . 2008-03-10 21:37 36,864 --a------ C:\WINDOWS\system32\HTGD0005.exe
2008-03-10 21:37 . 2008-03-10 21:37 33,732 --a------ C:\WINDOWS\system32\HTGD0002.bmp
2008-03-10 21:37 . 2008-03-10 21:37 50 --a------ C:\WINDOWS\system32\HTGD0006.ini
2008-03-09 02:36 . 2008-03-09 02:36 <REP> d--h----- C:\WINDOWS\PIF
2008-03-08 18:00 . 2008-03-08 18:00 <REP> d-------- C:\Program Files\uTorrent
2008-03-08 17:59 . 2008-03-15 07:56 <REP> d-------- C:\Documents and Settings\Caroline FORGET\Application Data\uTorrent
2008-03-07 22:43 . 2008-03-07 22:43 29 --a------ C:\WINDOWS\DEBUGSM.INI
2008-03-04 11:48 . 2008-03-04 11:48 <REP> d-------- C:\Documents and Settings\Caroline FORGET\Application Data\NettoyeurDePC
2008-03-04 11:43 . 2008-03-15 00:49 <REP> d-------- C:\Program Files\Fichiers communs\NettoyeurDePC
2008-03-04 11:43 . 2008-03-04 11:43 <REP> dr------- C:\Documents and Settings\All Users\Application Data\SalesMon
2008-03-04 11:43 . 2008-03-04 11:43 <REP> d-------- C:\Documents and Settings\All Users\Application Data\NettoyeurDePC
2008-03-02 20:48 . 2008-03-02 20:48 <REP> d-------- C:\Poker
2008-02-28 17:42 . 2008-02-28 17:42 268 --ah----- C:\sqmdata19.sqm
2008-02-28 17:42 . 2008-02-28 17:42 244 --ah----- C:\sqmnoopt19.sqm
2008-02-28 14:58 . 2008-02-28 14:58 268 --ah----- C:\sqmdata18.sqm
2008-02-28 14:58 . 2008-02-28 14:58 244 --ah----- C:\sqmnoopt18.sqm
2008-02-26 18:58 . 2008-02-28 02:48 <REP> d-------- C:\Documents and Settings\Caroline FORGET\Application Data\Calendrier Xtra
2008-02-24 17:13 . 2008-02-24 17:13 <REP> d-------- C:\Documents and Settings\Caroline FORGET\Application Data\gtk-2.0
2008-02-24 17:12 . 2008-02-24 17:12 <REP> d-------- C:\Documents and Settings\Caroline FORGET\.thumbnails
2008-02-24 17:03 . 2008-02-24 23:59 <REP> d-------- C:\Documents and Settings\Caroline FORGET\.gimp-2.4
2008-02-23 18:55 . 2008-02-23 18:57 <REP> d-------- C:\Documents and Settings\Caroline FORGET\Application Data\Hemera
2008-02-23 18:54 . 2008-02-23 18:54 40,960 --a------ C:\HTGD0003.exe
2008-02-23 18:11 . 2008-02-23 18:11 <REP> d-------- C:\Program Files\Fichiers communs\Micro Application Shared
2008-02-22 18:22 . 2008-02-22 18:22 <REP> d-------- C:\Documents and Settings\Caroline FORGET\Application Data\EPSON
2008-02-22 17:38 . 2008-02-22 17:38 <REP> d-------- C:\Documents and Settings\All Users\Application Data\UDL
2008-02-22 17:30 . 2008-02-22 17:36 <REP> d-------- C:\Program Files\epson
2008-02-22 17:29 . 2008-02-22 17:29 <REP> d-------- C:\Documents and Settings\All Users\Application Data\EPSON
2008-02-22 17:29 . 2006-12-08 03:04 76,800 --a------ C:\WINDOWS\system32\E_FLBCEE.DLL
2008-02-22 17:29 . 2006-04-19 03:00 62,976 --a------ C:\WINDOWS\system32\E_FD4BCEE.DLL
2008-02-22 17:29 . 2004-09-10 21:12 49,152 --a------ C:\WINDOWS\system32\E_DCINST.DLL
2008-02-22 17:29 . 2008-02-22 17:29 25 --a------ C:\WINDOWS\CDE DX8400DEFGIPS.ini
2008-02-22 17:26 . 2004-08-03 23:01 25,856 --a------ C:\WINDOWS\system32\drivers\usbprint.sys
2008-02-22 17:26 . 2004-08-03 23:01 25,856 --a--c--- C:\WINDOWS\system32\dllcache\usbprint.sys
2008-02-22 17:25 . 2007-04-18 00:00 67,072 --a------ C:\WINDOWS\system32\escwiad.dll
2008-02-22 17:25 . 2004-08-03 22:58 15,104 --a------ C:\WINDOWS\system32\drivers\usbscan.sys
2008-02-22 17:25 . 2004-08-03 22:58 15,104 --a--c--- C:\WINDOWS\system32\dllcache\usbscan.sys
2008-02-17 13:20 . 2008-02-28 02:52 <REP> d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
2008-02-17 13:18 . 2008-02-17 13:18 <REP> d-------- C:\Program Files\Picasa2
2008-02-17 13:18 . 2006-10-05 03:42 2,560 --------- C:\WINDOWS\system32\drivers\cdralw2k.sys
2008-02-17 13:18 . 2006-10-05 03:42 2,432 --------- C:\WINDOWS\system32\drivers\cdr4_xp.sys

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-03-15 02:06 --------- d-----w C:\Documents and Settings\All Users\Application Data\Google Updater
2008-03-10 20:38 --------- d-----w C:\Program Files\Micro Application
2008-03-06 21:21 --------- d-----w C:\Program Files\Fichiers communs\Adobe
2008-02-28 05:58 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-02-28 01:50 --------- d-----w C:\Program Files\Google
2008-02-22 16:41 --------- d-----w C:\Program Files\Fichiers communs\InstallShield
2008-01-24 20:02 --------- d-----w C:\Program Files\MSN Messenger
2008-01-24 20:02 --------- d-----w C:\Program Files\Messenger Plus! Live
2007-12-23 20:28 60,800 ----a-w C:\WINDOWS\system32\S32EVNT1.DLL
2007-01-25 02:52 65,536 ----a-w C:\Program Files\Fichiers communs\NMSAccessU.exe
.

(((((((((((((((((((((((((((((((((((((((((((( Look )))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.

---- Directory of C:\Poker ----

2008-03-02 20:53 39117 --a------ C:\Poker\Poker 770\fileinfo2.dat
2008-03-02 20:51 99669 --a------ C:\Poker\Poker 770\data\slots_lotto20line\bonusgame\bonus_back.jpg
2008-03-02 20:51 9799 --a------ C:\Poker\Poker 770\data\slots_lotto20line\wintable\win-over-alpha.jpg
2008-03-02 20:51 9722 --a------ C:\Poker\Poker 770\data\slots_lotto20line\sounds\symbol9.mp3
2008-03-02 20:51 9624 --a------ C:\Poker\Poker 770\data\table\smallview\buttons\button_short2.jpg
2008-03-02 20:51 961 --a------ C:\Poker\Poker 770\data\videopoker_joker\animation\02-alpha.jpg
2008-03-02 20:51 960 --a------ C:\Poker\Poker 770\data\videopoker_joker\animation\07-alpha.jpg
2008-03-02 20:51 9592 --a------ C:\Poker\Poker 770\data\slots_lovemore20line\win-txt.jpg
2008-03-02 20:51 9578 --a------ C:\Poker\Poker 770\data\slots_lotto20line\bonusgame\wheel-alpha.jpg
2008-03-02 20:51 948 --a------ C:\Poker\Poker 770\data\table\smallview\buttons\bj-alpha.jpg
2008-03-02 20:51 9408 --a------ C:\Poker\Poker 770\data\slots_lotto20line\sounds\reelstop.mp3
2008-03-02 20:51 9279 --a------ C:\Poker\Poker 770\data\slots_lovemore20line\dollarball\result_win.png
2008-03-02 20:51 925 --a------ C:\Poker\Poker 770\data\videopoker_joker\animation\03-alpha.jpg
2008-03-02 20:51 92081 --a------ C:\Poker\Poker 770\data\slots_lotto20line\bonusgame\win_screen.jpg
2008-03-02 20:51 9128 --a------ C:\Poker\Poker 770\data\slots_lotto20line\spin_info.jpg
2008-03-02 20:51 90287 --a------ C:\Poker\Poker 770\data\videopoker_4jacks\back.jpg
2008-03-02 20:51 87308 --a------ C:\Poker\Poker 770\data\slots_lovemore20line\back.jpg
2008-03-02 20:51 865 --a------ C:\Poker\Poker 770\data\videopoker_joker\animation\10-alpha.jpg
2008-03-02 20:51 85754 --a------ C:\Poker\Poker 770\data\table\smallview\back2.jpg
2008-03-02 20:51 857 --a------ C:\Poker\Poker 770\data\videopoker_joker\animation\09-alpha.jpg
2008-03-02 20:51 8256 --a------ C:\Poker\Poker 770\data\slots_lotto20line\free_spin-alpha.jpg
2008-03-02 20:51 818 --a------ C:\Poker\Poker 770\data\videopoker_joker\animation\08-alpha.jpg
2008-03-02 20:51 816311 --a------ C:\Poker\Poker 770\data\slots_lovemore20line\anim.jpg
2008-03-02 20:51 80846 --a------ C:\Poker\Poker 770\data\slots_lotto20line\symbols.jpg
2008-03-02 20:51 8069 --a------ C:\Poker\Poker 770\data\slots_lotto20line\bonusgame\spin_screen-alpha.jpg
2008-03-02 20:51 768 --a------ C:\Poker\Poker 770\data\table\smallview\buttons\checkbox.jpg
2008-03-02 20:51 75210 --a------ C:\Poker\Poker 770\data\slots_gold8line\wintable\wintable01.jpg
2008-03-02 20:51 747 --a------ C:\Poker\Poker 770\data\table\smallview\buttons\seat_select-alpha.jpg
2008-03-02 20:51 74204 --a------ C:\Poker\Poker 770\data\slots_gold8line\wintable\wintable02.jpg
2008-03-02 20:51 74022 --a------ C:\Poker\Poker 770\data\slots_lotto20line\buttons.jpg
2008-03-02 20:51 726 --a------ C:\Poker\Poker 770\data\table\timer-alpha.jpg
2008-03-02 20:51 68678 --a------ C:\Poker\Poker 770\data\slots_lovemore20line\wild.jpg
2008-03-02 20:51 6861 --a------ C:\Poker\Poker 770\data\slots_lovemore20line\win-txt-alpha.jpg
2008-03-02 20:51 6469 --a------ C:\Poker\Poker 770\data\slots_lovemore20line\buttons-alpha.jpg
2008-03-02 20:51 6439 --a------ C:\Poker\Poker 770\data\slots_lovemore20line\win-alpha.jpg
2008-03-02 20:51 641 --a------ C:\Poker\Poker 770\data\videopoker_jacks\anim1-alpha.jpg
2008-03-02 20:51 6298 --a------ C:\Poker\Poker 770\data\table\smallview\coins\dealer.jpg
2008-03-02 20:51 62417 --a------ C:\Poker\Poker 770\data\slots_lotto20line\bonusgame\wheel_lights.jpg
2008-03-02 20:51 622 --a------ C:\Poker\Poker 770\data\table\smallview\pinscreen-alpha.jpg
2008-03-02 20:51 62134 --a------ C:\Poker\Poker 770\data\slots_lovemore20line\buttons.jpg
2008-03-02 20:51 6056 --a------ C:\Poker\Poker 770\data\table\smallview\coins\dealer-alpha.jpg
2008-03-02 20:51 601 --a------ C:\Poker\Poker 770\data\slots_lotto20line\bet_window-alpha.jpg
2008-03-02 20:51 57593 --a------ C:\Poker\Poker 770\data\slots_lotto20line\animation\wild.jpg
2008-03-02 20:51 57421 --a------ C:\Poker\Poker 770\data\slots_lovemore20line\sounds\freespin_ambient.mp3
2008-03-02 20:51 57183 --a------ C:\Poker\Poker 770\data\table\smallview\buttons\button_short.jpg
2008-03-02 20:51 57055 --a------ C:\Poker\Poker 770\data\slots_lotto20line\bonusgame\spin_screen.jpg
2008-03-02 20:51 570460 --a------ C:\Poker\Poker 770\data\smallview.gam
2008-03-02 20:51 5647 --a------ C:\Poker\Poker 770\data\slots_lotto20line\bonusgame\spin_over.jpg
2008-03-02 20:51 5598 --a------ C:\Poker\Poker 770\data\table\smallview\chat\chat_bottom\chat_menu.jpg
2008-03-02 20:51 55307 --a------ C:\Poker\Poker 770\data\slots_lotto20line\linebuttons_over.png
2008-03-02 20:51 5484 --a------ C:\Poker\Poker 770\data\slots_lotto20line\adjust.jpg
2008-03-02 20:51 54678 --a------ C:\Poker\Poker 770\data\slots_lotto20line\animation\scatter.jpg
2008-03-02 20:51 5444 --a------ C:\Poker\Poker 770\data\table\smallview\break.jpg
2008-03-02 20:51 514 --a------ C:\Poker\Poker 770\data\table\smallview\buttons\select_money_button.jpg
2008-03-02 20:51 51100 --a------ C:\Poker\Poker 770\data\slots_lovemore20line\sounds\ambient.mp3
2008-03-02 20:51 508 --a------ C:\Poker\Poker 770\data\table\smallview\nametag-alpha.jpg
2008-03-02 20:51 50674 --a------ C:\Poker\Poker 770\data\videopoker_jacks\screen.jpg
2008-03-02 20:51 487424 --a------ C:\Poker\Poker 770\data\videopokers.dll
2008-03-02 20:51 4843 --a------ C:\Poker\Poker 770\data\slots_lotto20line\bonusgame\lock1.jpg
2008-03-02 20:51 46711 --a------ C:\Poker\Poker 770\data\slots_lotto20line\sounds\freespin_ambient.mp3
2008-03-02 20:51 46711 --a------ C:\Poker\Poker 770\data\slots_lotto20line\sounds\bonus_wheelspin.mp3
2008-03-02 20:51 463791 --a------ C:\Poker\Poker 770\data\slots_lovemore20line\anim-alpha.jpg
2008-03-02 20:51 4576 --a------ C:\Poker\Poker 770\data\table\smallview\buttons\smallbutton_back.jpg
2008-03-02 20:51 45727 --a------ C:\Poker\Poker 770\data\videopoker_4jacks.gam
2008-03-02 20:51 44517 --a------ C:\Poker\Poker 770\data\slots_lotto20line\sounds\bigwin.mp3
2008-03-02 20:51 4423 --a------ C:\Poker\Poker 770\data\slots_lotto20line\bonusgame\continue-over.jpg
2008-03-02 20:51 43892 --a------ C:\Poker\Poker 770\data\table\smallview\buttons\checkboxes.jpg
2008-03-02 20:51 42728 --a------ C:\Poker\Poker 770\data\videopoker_joker.gam
2008-03-02 20:51 42452 --a------ C:\Poker\Poker 770\data\slots_lotto20line\free_spin.jpg
2008-03-02 20:51 42045 --a------ C:\Poker\Poker 770\data\slots_lotto20line\animation\happy_face.jpg
2008-03-02 20:51 4108 --a------ C:\Poker\Poker 770\data\table\smallview\buttons\seat_select.jpg
2008-03-02 20:51 3995 --a------ C:\Poker\Poker 770\data\table\smallview\buttons\bj.jpg
2008-03-02 20:51 39937 --a------ C:\Poker\Poker 770\data\videopoker_jacks.gam
2008-03-02 20:51 3951 --a------ C:\Poker\Poker 770\data\slots_lotto20line\wintable\sidebet_button_back.png
2008-03-02 20:51 394945 --a------ C:\Poker\Poker 770\data\slots_lotto20line\bonusgame\logo_animation.jpg
2008-03-02 20:51 39353 --a------ C:\Poker\Poker 770\data\slots_lotto20line\animation\bonus.jpg
2008-03-02 20:51 3909 --a------ C:\Poker\Poker 770\data\slots_gold8line\wintable\nextbutton-over.jpg
2008-03-02 20:51 38874 --a------ C:\Poker\Poker 770\data\slots_lotto20line\sounds\bonus_intro.mp3
2008-03-02 20:51 385 --a------ C:\Poker\Poker 770\data\table\smallview\buttons\select_money_button-alpha.jpg
2008-03-02 20:51 382 --a------ C:\Poker\Poker 770\data\table\smallview\counter.png
2008-03-02 20:51 37721 --a------ C:\Poker\Poker 770\data\slots_lovemore20line\logo.jpg
2008-03-02 20:51 37511 --a------ C:\Poker\Poker 770\data\table\smallview\buttons\button_long.jpg
2008-03-02 20:51 3694 --a------ C:\Poker\Poker 770\data\table\smallview\chat\chat_bottom\chat_options.jpg
2008-03-02 20:51 3630 --a------ C:\Poker\Poker 770\data\table\smallview\coins\coins.bmp
2008-03-02 20:51 34744 --a------ C:\Poker\Poker 770\data\slots_lotto20line\logo.jpg
2008-03-02 20:51 3375 --a------ C:\Poker\Poker 770\data\table\smallview\break-alpha.jpg
2008-03-02 20:51 33232 --a------ C:\Poker\Poker 770\data\slots_lotto20line\sounds\reel.mp3
2008-03-02 20:51 33020 --a------ C:\Poker\Poker 770\data\slots_lotto20line\animation\money.jpg
2008-03-02 20:51 3233 --a------ C:\Poker\Poker 770\data\slots_lotto20line\bonusgame\lock1-alpha.jpg
2008-03-02 20:51 31974 --a------ C:\Poker\Poker 770\data\slots_lotto20line\bonusgame\wheel_back-alpha.jpg
2008-03-02 20:51 316 --a------ C:\Poker\Poker 770\data\table\smallview\buttons\rebuy-alpha.jpg
2008-03-02 20:51 3154 --a------ C:\Poker\Poker 770\data\slots_gold8line\wintable\nextbutton.jpg
2008-03-02 20:51 3139 --a------ C:\Poker\Poker 770\data\slots_lovemore20line\sounds\reelstop.mp3
2008-03-02 20:51 3139 --a------ C:\Poker\Poker 770\data\slots_lotto20line\sounds\button.mp3
2008-03-02 20:51 3137 --a------ C:\Poker\Poker 770\data\videopoker_joker\win_marks-alpha.jpg
2008-03-02 20:51 31216 --a------ C:\Poker\Poker 770\data\table\timer.jpg
2008-03-02 20:51 3104 --a------ C:\Poker\Poker 770\data\table\smallview\buttons\rebuy.jpg
2008-03-02 20:51 30755 --a------ C:\Poker\Poker 770\data\videopoker_joker\win_marks.jpg
2008-03-02 20:51 30485 --a------ C:\Poker\Poker 770\data\videopoker_joker\bet.jpg
2008-03-02 20:51 3036 --a------ C:\Poker\Poker 770\data\videopoker_joker\bet-alpha.jpg
2008-03-02 20:51 295544 --a------ C:\Poker\Poker 770\data\slots_lotto20line\wintable\back.jpg
2008-03-02 20:51 2935 --a------ C:\Poker\Poker 770\data\table\smallview\buttons\select_money_slider.jpg
2008-03-02 20:51 29157 --a------ C:\Poker\Poker 770\data\slots_lovemore20line\sounds\symbol6.mp3
2008-03-02 20:51 2849 --a------ C:\Poker\Poker 770\data\slots_lovemore20line\wintable\sidebet_window-alpha.jpg
2008-03-02 20:51 2838 --a------ C:\Poker\Poker 770\data\videopoker_joker\animation\01.jpg
2008-03-02 20:51 28216 --a------ C:\Poker\Poker 770\data\slots_lovemore20line\sounds\symbol7.mp3
2008-03-02 20:51 28166 --a------ C:\Poker\Poker 770\data\videopoker_jacks\anim1.jpg
2008-03-02 20:51 265610 --a------ C:\Poker\Poker 770\data\table\3d\smallview.lws
2008-03-02 20:51 26176 --a------ C:\Poker\Poker 770\data\slots_lotto20line\animation\shampus.jpg
2008-03-02 20:51 2605 --a------ C:\Poker\Poker 770\data\slots_lotto20line\spin_info-alpha.jpg
2008-03-02 20:51 25713 --a------ C:\Poker\Poker 770\data\slots_lotto20line\animation\wheel1.jpg
2008-03-02 20:51 2555 --a------ C:\Poker\Poker 770\data\videopoker_joker\animation\03.jpg
2008-03-02 20:51 2548 --a------ C:\Poker\Poker 770\data\videopoker_joker\animation\06.jpg
2008-03-02 20:51 2505 --a------ C:\Poker\Poker 770\data\videopoker_joker\animation\04.jpg
2008-03-02 20:51 2468 --a------ C:\Poker\Poker 770\data\videopoker_joker\animation\02.jpg
2008-03-02 20:51 24451 --a------ C:\Poker\Poker 770\data\videopoker_4jacks\bet.jpg
2008-03-02 20:51 240618 --a------ C:\Poker\Poker 770\data\slots_lovemore20line.gam
2008-03-02 20:51 2406 --a------ C:\Poker\Poker 770\data\table\smallview\nametag.jpg
2008-03-02 20:51 23514 --a------ C:\Poker\Poker 770\data\slots_lotto20line\sounds\bonus_win.mp3
2008-03-02 20:51 231664 --a------ C:\Poker\Poker 770\data\slots_lotto20line.gam
2008-03-02 20:51 22893 --a------ C:\Poker\Poker 770\data\table\smallview\buttons\menu.jpg
2008-03-02 20:51 2283 --a------ C:\Poker\Poker 770\data\slots_lovemore20line\dollarball\selection_win.png
2008-03-02 20:51 22574 --a------ C:\Poker\Poker 770\data\slots_lotto20line\sounds\symbol10.mp3
2008-03-02 20:51 22260 --a------ C:\Poker\Poker 770\data\slots_lotto20line\sounds\smallwin.mp3
2008-03-02 20:51 2211 --a------ C:\Poker\Poker 770\data\slots_lotto20line\bonusgame\lock2.jpg
2008-03-02 20:51 2194 --a------ C:\Poker\Poker 770\data\videopoker_4jacks\bet-alpha.jpg
2008-03-02 20:51 2169 --a------ C:\Poker\Poker 770\data\videopoker_joker\animation\05.jpg
2008-03-02 20:51 216366 --a------ C:\Poker\Poker 770\data\slots_lovemore20line\wintable\back.jpg
2008-03-02 20:51 2113 --a------ C:\Poker\Poker 770\data\table\smallview\pinscreen.jpg
2008-03-02 20:51 210253 --a------ C:\Poker\Poker 770\data\slots_lotto20line\bonusgame\wheel.jpg
2008-03-02 20:51 2083 --a------ C:\Poker\Poker 770\data\table\smallview\nametag_me.jpg
2008-03-02 20:51 20380 --a------ C:\Poker\Poker 770\data\slots_lovemore20line\sounds\symbol9.mp3
2008-03-02 20:51 2015 --a------ C:\Poker\Poker 770\data\videopoker_joker\animation\10.jpg
2008-03-02 20:51 2000 --a------ C:\Poker\Poker 770\data\videopoker_jacks\win_marks-alpha.jpg
2008-03-02 20:51 1966 --a------ C:\Poker\Poker 770\data\videopoker_joker\animation\07.jpg
2008-03-02 20:51 1961 --a------ C:\Poker\Poker 770\data\slots_lovemore20line\sounds\button.mp3
2008-03-02 20:51 19439 --a------ C:\Poker\Poker 770\data\slots_lovemore20line\sounds\symbol8.mp3
2008-03-02 20:51 19439 --a------ C:\Poker\Poker 770\data\slots_lovemore20line\sounds\symbol12.mp3
2008-03-02 20:51 18974 --a------ C:\Poker\Poker 770\data\slots_lovemore20line\logo-alpha.jpg
2008-03-02 20:51 1885 --a------ C:\Poker\Poker 770\data\slots_lovemore20line\sounds\reel.mp3
2008-03-02 20:51 1883 --a------ C:\Poker\Poker 770\data\videopoker_joker\animation\08.jpg
2008-03-02 20:51 18534 --a------ C:\Poker\Poker 770\data\slots_lotto20line\wintable\sidebet_window.jpg
2008-03-02 20:51 1827 --a------ C:\Poker\Poker 770\data\videopoker_joker\animation\09.jpg
2008-03-02 20:51 18210 --a------ C:\Poker\Poker 770\data\videopoker_jacks\bet.jpg
2008-03-02 20:51 181 --a------ C:\Poker\Poker 770\data\table\smallview\buttons\menu_bottom.png
2008-03-02 20:51 1805 --a------ C:\Poker\Poker 770\data\videopoker_4jacks\win_marks-alpha.jpg
2008-03-02 20:51 17890 --a------ C:\Poker\Poker 770\data\slots_lovemore20line\win.jpg
2008-03-02 20:51 1785 --a------ C:\Poker\Poker 770\data\slots_lotto20line\bet_window.jpg
2008-03-02 20:51 17533 --a------ C:\Poker\Poker 770\data\table\smallview\anim\wontext.jpg
2008-03-02 20:51 17467 --a------ C:\Poker\Poker 770\data\videopoker_4jacks\win_marks.jpg
2008-03-02 20:51 17245 --a------ C:\Poker\Poker 770\data\slots_lotto20line\sounds\symbol11.mp3
2008-03-02 20:51 17230 --a------ C:\Poker\Poker 770\data\videopoker_jacks\win_marks.jpg
2008-03-02 20:51 17055 --a------ C:\Poker\Poker 770\data\slots_lotto20line\bonusgame\wheel_lights-alpha.jpg
2008-03-02 20:51 17048 --a------ C:\Poker\Poker 770\data\slots_lovemore20line\wintable\sidebet_window.jpg
2008-03-02 20:51 1660 --a------ C:\Poker\Poker 770\data\table\smallview\chat\chat_bottom\chat_area.jpg
2008-03-02 20:51 16505 --a------ C:\Poker\Poker 770\data\slots_lotto20line\fonts\verdana16.fon
2008-03-02 20:51 164497 --a------ C:\Poker\Poker 770\data\videopoker_jacks\back.jpg
2008-03-02 20:51 16406 --a------ C:\Poker\Poker 770\data\slots_lovemore20line\freespin.png
2008-03-02 20:51 160062 --a------ C:\Poker\Poker 770\data\slots_lotto20line\paylines.jpg
2008-03-02 20:51 1523 --a------ C:\Poker\Poker 770\data\table\smallview\buttons\button_fold_to_any.png
2008-03-02 20:51 146 --a------ C:\Poker\Poker 770\data\table\smallview\buttons\menu_top.png
2008-03-02 20:51 142853 --a------ C:\Poker\Poker 770\data\videopoker_joker\back.jpg
2008-03-02 20:51 1404 --a------ C:\Poker\Poker 770\data\table\smallview\buttons\menu_button-over.jpg
2008-03-02 20:51 139830 --a------ C:\Poker\Poker 770\data\slots_lotto20line\wintable\win-over.jpg
2008-03-02 20:51 13456 --a------ C:\Poker\Poker 770\data\slots_lotto20line\wintable\sidebet_button.jpg
2008-03-02 20:51 133910 --a------ C:\Poker\Poker 770\data\slots_lotto20line\paylines-alpha.jpg
2008-03-02 20:51 1322 --a------ C:\Poker\Poker 770\data\videopoker_jacks\bet-alpha.jpg
2008-03-02 20:51 129655 --a------ C:\Poker\Poker 770\data\slots_lotto20line\bonusgame\wheel_back.jpg
2008-03-02 20:51 1292 --a------ C:\Poker\Poker 770\data\table\smallview\coins\coins-alpha.bmp
2008-03-02 20:51 129195 --a------ C:\Poker\Poker 770\data\slots_lotto20line\back.jpg
2008-03-02 20:51 12913 --a------ C:\Poker\Poker 770\data\slots_lotto20line\logo-alpha.jpg
2008-03-02 20:51 12856 --a------ C:\Poker\Poker 770\data\slots_lovemore20line\sounds\symbol10.mp3
2008-03-02 20:51 125462 --a------ C:\Poker\Poker 770\data\slots_lotto20line\bonusgame\logo_animation-alpha.jpg
2008-03-02 20:51 1251 --a------ C:\Poker\Poker 770\data\videopoker_joker\animation\06-alpha.jpg
2008-03-02 20:51 12426 --a------ C:\Poker\Poker 770\data\videopoker_joker\back-alpha.jpg
2008-03-02 20:51 12229 --a------ C:\Poker\Poker 770\data\slots_lovemore20line\sounds\win.mp3
2008-03-02 20:51 1206 --a------ C:\Poker\Poker 770\data\slots_lovemore20line\wild-alpha.jpg
2008-03-02 20:51 1196 --a------ C:\Poker\Poker 770\data\videopoker_joker\animation\05-alpha.jpg
2008-03-02 20:51 1191 --a------ C:\Poker\Poker 770\data\slots_lotto20line\bonusgame\lock2-alpha.jpg
2008-03-02 20:51 11643 --a------ C:\Poker\Poker 770\data\slots_lovemore20line\wintable\wild-over.jpg
2008-03-02 20:51 1153 --a------ C:\Poker\Poker 770\data\slots_lotto20line\buttons-alpha.jpg
2008-03-02 20:51 1120 --a------ C:\Poker\Poker 770\data\table\smallview\rake_cover.jpg
2008-03-02 20:51 1093 --a------ C:\Poker\Poker 770\data\videopoker_joker\animation\01-alpha.jpg
2008-03-02 20:51 1059 --a------ C:\Poker\Poker 770\data\table\smallview\buttons\autopost-disabled.jpg
2008-03-02 20:51 1043 --a------ C:\Poker\Poker 770\data\videopoker_joker\animation\04-alpha.jpg
2008-03-02 20:51 10183 --a------ C:\Poker\Poker 770\data\table\smallview\anim\wontext-alpha.jpg
2008-03-02 20:51 100432 --a------ C:\Poker\Poker 770\data\videopoker_4jacks\wintablescreen.jpg
2008-03-02 20:50 9428 --a------ C:\Poker\Poker 770\data\slots_desert20line\freespin.png
2008-03-02 20:50 89865 --a------ C:\Poker\Poker 770\data\slots_gold8line\sounds\intro.mp3
2008-03-02 20:50 8538 --a------ C:\Poker\Poker 770\data\slots_desert20line\sounds\reelstop.mp3
2008-03-02 20:50 82408 --a------ C:\Poker\Poker 770\data\slots_desert20line\wild.jpg
2008-03-02 20:50 8068 --a------ C:\Poker\Poker 770\data\slots_desert20line\sounds\reel.mp3
2008-03-02 20:50 7945 --a------ C:\Poker\Poker 770\data\slots_gold8line\sounds\reelstop.mp3
2008-03-02 20:50 79382 --a------ C:\Poker\Poker 770\data\slots_desert20line\sounds\bonusintro.mp3
2008-03-02 20:50 78645 --a------ C:\Poker\Poker 770\data\slots_cinerama5reel\bonus2\back.jpg
2008-03-02 20:50 76324 --a------ C:\Poker\Poker 770\data\shared\videopoker_jacks\bet.sl2
2008-03-02 20:50 75350 --a------ C:\Poker\Poker 770\data\slots_cinerama5reel\bonus\back.jpg
2008-03-02 20:50 75016 --a------ C:\Poker\Poker 770\data\slots_gold8line.gam
2008-03-02 20:50 749568 --a------ C:\Poker\Poker 770\data\slotmachines.dll
2008-03-02 20:50 7161 --a------ C:\Poker\Poker 770\data\slots_cinerama5reel\wintable\wintableback-alpha.jpg
2008-03-02 20:50 7079 --a------ C:\Poker\Poker 770\data\slots_desert20line\win-txt-alpha.jpg
2008-03-02 20:50 70098 --a------ C:\Poker\Poker 770\data\slots_cinerama5reel\bonus\select\screen2.jpg
2008-03-02 20:50 66569 --a------ C:\Poker\Poker 770\data\slots_cinerama5reel\bonus\select\screen1.jpg
2008-03-02 20:50 66480 --a------ C:\Poker\Poker 770\data\slots_desert20line\buttons.jpg
2008-03-02 20:50 6317 --a------ C:\Poker\Poker 770\data\slots_cinerama5reel\bonus2\paper-alpha.jpg
2008-03-02 20:50 6221 --a------ C:\Poker\Poker 770\data\slots_cinerama5reel\sounds\bonusgame_choice.mp3
2008-03-02 20:50 61645 --a------ C:\Poker\Poker 770\data\slots_desert20line\sounds\freespin_ambient.mp3
2008-03-02 20:50 59976 --a------ C:\Poker\Poker 770\data\slots_cinerama5reel\bonus\select\person07.jpg
2008-03-02 20:50 5991 --a------ C:\Poker\Poker 770\data\shared\videopoker_jacks\screen-alpha.jpg
2008-03-02 20:50 574021 --a------ C:\Poker\Poker 770\data\slots_cinerama5reel\anim.jpg
2008-03-02 20:50 5619 --a------ C:\Poker\Poker 770\data\shared\videopoker_4line\wintablescreen-alpha.jpg
2008-03-02 20:50 543 --a------ C:\Poker\Poker 770\data\slots_cinerama5reel\bonus\buttonback-over-alpha.jpg
2008-03-02 20:50 5404 --a------ C:\Poker\Poker 770\data\slots_desert20line\sounds\button.mp3
2008-03-02 20:50 5377 --a------ C:\Poker\Poker 770\data\slots_gold8line\bonus\continue-over.jpg
2008-03-02 20:50 53468 --a------ C:\Poker\Poker 770\data\slots_cinerama5reel\bonus\select\back.jpg
2008-03-02 20:50 5220 --a------ C:\Poker\Poker 770\data\slots_desert20line\bonusgame\continue.jpg
2008-03-02 20:50 51100 --a------ C:\Poker\Poker 770\data\slots_desert20line\sounds\symbol9.mp3
2008-03-02 20:50 50655 --a------ C:\Poker\Poker 770\data\slots_cinerama5reel\sounds\bonusgame_gameover.mp3
2008-03-02 20:50 50055 --a------ C:\Poker\Poker 770\data\slots_cinerama5reel\bonus\select\person09.jpg
2008-03-02 20:50 4860 --a------ C:\Poker\Poker 770\data\slots_desert20line\bonusgame\win-alpha.jpg
2008-03-02 20:50 47926 --a------ C:\Poker\Poker 770\data\slots_cinerama5reel\bonus\select\person04.jpg
2008-03-02 20:50 4743 --a------ C:\Poker\Poker 770\disconnection.dat
2008-03-02 20:50 4670 --a------ C:\Poker\Poker 770\data\slots_desert20line\win-alpha.jpg
2008-03-02 20:50 4602 --a------ C:\Poker\Poker 770\data\slots_gold8line\sounds\click.mp3
2008-03-02 20:50 4567 --a------ C:\Poker\Poker 770\data\slots_gold8line\bonus\continue.jpg
2008-03-02 20:50 45601 --a------ C:\Poker\Poker 770\data\slots_cinerama5reel\bonus\select\person10.jpg
2008-03-02 20:50 45534 --a------ C:\Poker\Poker 770\data\slots_cinerama5reel\bonus\select\person11.jpg
2008-03-02 20:50 4540 --a------ C:\Poker\Poker 770\data\slots_gold8line\wintable\backbutton-over.jpg
2008-03-02 20:50 44203 --a------ C:\Poker\Poker 770\data\slots_desert20line\sounds\symbol8.mp3
2008-03-02 20:50 43838 --a------ C:\Poker\Poker 770\data\shared\videopoker_jacks\buttons.jpg
2008-03-02 20:50 43715 --a------ C:\Poker\Poker 770\data\slots_cinerama5reel\bonus\select\person01.jpg
2008-03-02 20:50 43707 --a------ C:\Poker\Poker 770\data\slots_cinerama5reel\sounds\bigwin.mp3
2008-03-02 20:50 42528 --a------ C:\Poker\Poker 770\data\slots_cinerama5reel\bonus\select\person05.jpg
2008-03-02 20:50 4226 --a------ C:\Poker\Poker 770\data\slots_gold8line\wintable\back-alpha.jpg
2008-03-02 20:50 4226 --a------ C:\Poker\Poker 770\data\slots_cinerama5reel\bonus\select\back-alpha.jpg
2008-03-02 20:50 4146 --a------ C:\Poker\Poker 770\data\slots_cinerama5reel\bonus\buttonback-over.jpg
2008-03-02 20:50 41249 --a------ C:\Poker\Poker 770\data\slots_cinerama5reel\bonus\select\person02.jpg
2008-03-02 20:50 4038 --a------ C:\Poker\Poker 770\data\slots_gold8line\wintable\backbutton.jpg
2008-03-02 20:50 39501 --a------ C:\Poker\Poker 770\data\slots_desert20line\sounds\symbol11.mp3
2008-03-02 20:50 38035 --a------ C:\Poker\Poker 770\data\slots_cinerama5reel\bonus\select\person12.jpg
2008-03-02 20:50 37390 --a------ C:\Poker\Poker 770\data\slots_cinerama5reel\bonus\select\person03.jpg
2008-03-02 20:50 37286 --a------ C:\Poker\Poker 770\data\slots_cinerama5reel\bonus\select\person08.jpg
2008-03-02 20:50 355241 --a------ C:\Poker\Poker 770\data\slots_gold8line\anim.jpg
2008-03-02 20:50 35120 --a------ C:\Poker\Poker 770\data\slots_cinerama5reel\bonus\select\person07-alpha.jpg
2008-03-02 20:50 3478 --a------ C:\Poker\Poker 770\data\slots_cinerama5reel\sounds\reelstop.mp3
2008-03-02 20:50 3478 --a------ C:\Poker\Poker 770\data\slots_cinerama5reel\sounds\lever.mp3
2008-03-02 20:50 33898 --a------ C:\Poker\Poker 770\data\slots_gold8line\anim-alpha.jpg
2008-03-02 20:50 33175 --a------ C:\Poker\Poker 770\data\slots_cinerama5reel\bonus\select\person06.jpg
2008-03-02 20:50 3220 --a------ C:\Poker\Poker 770\data\shared\videopoker_4line\you_can_double_to.jpg
2008-03-02 20:50 31304 --a------ C:\Poker\Poker 770\data\shared\videopoker_4line\winflags.jpg
2008-03-02 20:50 3113 --a------ C:\Poker\Poker 770\data\slots_cinerama5reel\sounds\bonusgame_envelope_choice.mp3
2008-03-02 20:50 294344 --a------ C:\Poker\Poker 770\data\slots_desert20line.gam
2008-03-02 20:50 2909 --a------ C:\Poker\Poker 770\data\slots_cinerama5reel\bonus\youwon-alpha.jpg
2008-03-02 20:50 28772 --a------ C:\Poker\Poker 770\data\slots_gold8line\bonus\youwin.jpg
2008-03-02 20:50 28713 --a------ C:\Poker\Poker 770\data\slots_cinerama5reel\sounds\bonusgame_envelope_intro.mp3
2008-03-02 20:50 286505 --a------ C:\Poker\Poker 770\data\slots_desert20line\wintable\back.jpg
2008-03-02 20:50 28071 --a------ C:\Poker\Poker 770\data\slots_cinerama5reel\bonus\select\person09-alpha.jpg
2008-03-02 20:50 2767 --a------ C:\Poker\Poker 770\data\slots_cinerama5reel\bonus\person05.jpg
2008-03-02 20:50 26869 --a------ C:\Poker\Poker 770\data\slots_desert20line\wintable\sidebet_window.jpg
2008-03-02 20:50 26302 --a------ C:\Poker\Poker 770\data\slots_cinerama5reel\bonus\select\person10-alpha.jpg
2008-03-02 20:50 26022 --a------ C:\Poker\Poker 770\data\slots_desert20line\sounds\symbol10.mp3
2008-03-02 20:50 2563 --a------ C:\Poker\Poker 770\data\slots_gold8line\sounds\select.mp3
2008-03-02 20:50 25279 --a------ C:\Poker\Poker 770\data\slots_cinerama5reel\bonus\select\person11-alpha.jpg
2008-03-02 20:50 25082 --a------ C:\Poker\Poker 770\data\slots_gold8line\sounds\smallwin.mp3
2008-03-02 20:50 24360 --a------ C:\Poker\Poker 770\data\slots_cinerama5reel\bonus\select\person02-alpha.jpg
2008-03-02 20:50 23935 --a------ C:\Poker\Poker 770\data\slots_cinerama5reel\bonus\select\person05-alpha.jpg
2008-03-02 20:50 23514 --a------ C:\Poker\Poker 770\data\slots_desert20line\sounds\symbol6.mp3
2008-03-02 20:50 23382 --a------ C:\Poker\Poker 770\data\slots_cinerama5reel\bonus\select\person04-alpha.jpg
2008-03-02 20:50 21783 --a------ C:\Poker\Poker 770\data\slots_cinerama5reel\bonus\select\person08-alpha.jpg
2008-03-02 20:50 2170 --a------ C:\Poker\Poker 770\data\shared\videopoker_jacks\hold.jpg
2008-03-02 20:50 21451 --a------ C:\Poker\Poker 770\data\slots_cinerama5reel\bonus\select\person06-alpha.jpg
2008-03-02 20:50 21398 --a------ C:\Poker\Poker 770\data\slots_cinerama5reel\sounds\smallwin.mp3
2008-03-02 20:50 21320 --a------ C:\Poker\Poker 770\data\slots_desert20line\sounds\symbol7.mp3
2008-03-02 20:50 21220 --a------ C:\Poker\Poker 770\data\slots_cinerama5reel\bonus\select\person01-alpha.jpg
2008-03-02 20:50 208029 --a------ C:\Poker\Poker 770\data\slots_cinerama5reel\bonus2\paper.jpg
2008-03-02 20:50 20543 --a------ C:\Poker\Poker 770\data\slots_cinerama5reel\bonus\select\person03-alpha.jpg
2008-03-02 20:50 20410 --a------ C:\Poker\Poker 770\data\slots_cinerama5reel\bonus\select\person12-alpha.jpg
2008-03-02 20:50 1975 --a------ C:\Poker\Poker 770\data\slots_desert20line\wintable\sidebet_window-alpha.jpg
2008-03-02 20:50 196131 --a------ C:\Poker\Poker 770\data\slots_desert20line\anim-alpha.jpg
2008-03-02 20:50 190100 --a------ C:\Poker\Poker 770\data\slots_gold8line\back.jpg
2008-03-02 20:50 189977 --a------ C:\Poker\Poker 770\data\slots_gold8line\fonts\garamond.fon
2008-03-02 20:50 17872 --a------ C:\Poker\Poker 770\data\slots_desert20line\sounds\bonuspick.mp3
2008-03-02 20:50 1780 --a------ C:\Poker\Poker 770\data\shared\videopoker_4line\you_won.jpg
2008-03-02 20:50 17758 --a------ C:\Poker\Poker 770\data\shared\videopoker_jacks\buttons-alpha.jpg
2008-03-02 20:50 17375 --a------ C:\Poker\Poker 770\data\slots_cinerama5reel\sounds\bonusgame_envelope_gameover.mp3
2008-03-02 20:50 1650 --a------ C:\Poker\Poker 770\data\slots_cinerama5reel\sounds\button.mp3
2008-03-02 20:50 1648 --a------ C:\Poker\Poker 770\data\slots_cinerama5reel\sounds\credit.mp3
2008-03-02 20:50 16165 --a------ C:\Poker\Poker 770\data\slots_desert20line\bonusgame\speech.jpg
2008-03-02 20:50 1598 --a------ C:\Poker\Poker 770\data\slots_desert20line\bonusgame\continue-alpha.jpg
2008-03-02 20:50 159753 --a------ C:\Poker\Poker 770\data\slots_cinerama5reel.gam
2008-03-02 20:50 15645 --a------ C:\Poker\Poker 770\data\slots_desert20line\logo.png
2008-03-02 20:50 15381 --a------ C:\Poker\Poker 770\data\slots_desert20line\bonusgame\win.jpg
2008-03-02 20:50 14997 --a------ C:\Poker\Poker 770\data\slots_gold8line\sounds\reel.mp3
2008-03-02 20:50 149501 --a------ C:\Poker\Poker 770\data\slots_gold8line\bonus\screen\back.jpg
2008-03-02 20:50 14814 --a------ C:\Poker\Poker 770\data\slots_cinerama5reel\sounds\reel.mp3
2008-03-02 20:50 147740 --a------ C:\Poker\Poker 770\data\shared\videopoker_jacks\back2.jpg
2008-03-02 20:50 14607 --a------ C:\Poker\Poker 770\data\slots_desert20line\win.jpg
2008-03-02 20:50 14353 --a------ C:\Poker\Poker 770\data\slots_cinerama5reel\bonus\person04.jpg
2008-03-02 20:50 138744 --a------ C:\Poker\Poker 770\data\slots_cinerama5reel\wintable\wintableback.jpg
2008-03-02 20:50 126357 --a------ C:\Poker\Poker 770\data\slots_cinerama5reel\back.jpg
2008-03-02 20:50 125706 --a------ C:\Poker\Poker 770\data\slots_cinerama5reel\bonus2\select\back.jpg
2008-03-02 20:50 123385 --a------ C:\Poker\Poker 770\data\slots_gold8line\wintable\back.jpg
2008-03-02 20:50 123302 --a------ C:\Poker\Poker 770\data\slots_gold8line\sounds\bonuswin.mp3
2008-03-02 20:50 12228 --a------ C:\Poker\Poker 770\data\slots_desert20line\bonusgame\speech-alpha.jpg
2008-03-02 20:50 1213054 --a------ C:\Poker\Poker 770\data\slots_desert20line\anim.jpg
2008-03-02 20:50 11916 --a------ C:\Poker\Poker 770\data\slots_desert20line\sounds\win.mp3
2008-03-02 20:50 117949 --a------ C:\Poker\Poker 770\data\slots_cinerama5reel\anim-alpha.jpg
2008-03-02 20:50 11707 --a------ C:\Poker\Poker 770\data\slots_gold8line\sounds\lever.mp3
2008-03-02 20:50 11137 --a------ C:\Poker\Poker 770\data\slots_cinerama5reel\bonus\youwon.jpg
2008-03-02 20:50 107081 --a------ C:\Poker\Poker 770\data\slots_desert20line\back.jpg
2008-03-02 20:50 106897 --a------ C:\Poker\Poker 770\data\slots_desert20line\sounds\ambient.mp3
2008-03-02 20:50 104598 --a------ C:\Poker\Poker 770\data\slots_gold8line\sounds\ambient.mp3
2008-03-02 20:50 10393 --a------ C:\Poker\Poker 770\data\slots_desert20line\win-txt.jpg
2008-03-02 20:49 98279 --a------ C:\Poker\Poker 770\data\shared\buttons\allbuttons.jpg
2008-03-02 20:49 978 --a------ C:\Poker\Poker 770\data\shared\dollarball\ball.png
2008-03-02 20:49 96245 --a------ C:\Poker\Poker 770\data\poker_holdem.gam
2008-03-02 20:49 9328 --a------ C:\Poker\Poker 770\data\roulette\sounds\roulettespin.mp3
2008-03-02 20:49 906 --a------ C:\Poker\Poker 770\data\shared\nametag.jpg
2008-03-02 20:49 9050 --a------ C:\Poker\Poker 770\data\shared\videopoker_4line\buttons\buttons_screen.jpg
2008-03-02 20:49 8953 --a------ C:\Poker\Poker 770\data\shared\tablegames\gold_dark\coinhole.png
2008-03-02 20:49 894 --a------ C:\Poker\Poker 770\data\shared\videopoker_4line\cards-alpha.jpg
2008-03-02 20:49 880 --a------ C:\Poker\Poker 770\data\shared\coins\tablecoins\allcoins1_selected.png
2008-03-02 20:49 862 --a------ C:\Poker\Poker 770\data\roulette\buttons\allcoins1_selected.png
2008-03-02 20:49 850 --a------ C:\Poker\Poker 770\data\shared\videopoker_4line\buttons\hold-alpha.jpg
2008-03-02 20:49 84974 --a------ C:\Poker\Poker 770\data\poker_caribbean.gam
2008-03-02 20:49 8493 --a------ C:\Poker\Poker 770\data\shared\dollarball\result_win.png
2008-03-02 20:49 8415 --a------ C:\Poker\Poker 770\data\shared\sounds\dealervoices\playerwins_male1.mp3
2008-03-02 20:49 8284 --a------ C:\Poker\Poker 770\data\shared\cards\poker\back.bmp
2008-03-02 20:49 8214 --a------ C:\Poker\Poker 770\data\shared\videopoker_4line\screen.jpg
2008-03-02 20:49 8170 --a------ C:\Poker\Poker 770\data\shared\interface\waiting_for_other_players.jpg
2008-03-02 20:49 81620 --a------ C:\Poker\Poker 770\data\roulette\3d\back.z
2008-03-02 20:49 742 --a------ C:\Poker\Poker 770\data\roulette\ball.png
2008-03-02 20:49 74 --a------ C:\Poker\Poker 770\data\roulette\3d\ball.bmp
2008-03-02 20:49 71950 --a------ C:\Poker\Poker 770\data\roulette\zoom\zoomstill.jpg
2008-03-02 20:49 7090 --a------ C:\Poker\Poker 770\data\shared\dollarball\enable_big_button.jpg
2008-03-02 20:49 6953 --a------ C:\Poker\Poker 770\data\shared\sounds\dealervoices\numbers\35_male1.mp3
2008-03-02 20:49 6953 --a------ C:\Poker\Poker 770\data\shared\sounds\dealervoices\numbers\26_male1.mp3
2008-03-02 20:49 6844 --a------ C:\Poker\Poker 770\data\shared\cards\textures\back.bmp
2008-03-02 20:49 681 --a------ C:\Poker\Poker 770\data\shared\interface\aplay_arrow-alpha.jpg
2008-03-02 20:49 6770 --a------ C:\Poker\Poker 770\data\shared\sounds\dealervoices\numbers\28_male1.mp3
2008-03-02 20:49 6770 --a------ C:\Poker\Poker 770\data\shared\sounds\dealervoices\numbers\27_male1.mp3
2008-03-02 20:49 67153 --a------ C:\Poker\Poker 770\data\roulette.gam
2008-03-02 20:49 669 --a------ C:\Poker\Poker 770\data\shared\cards\poker\allcards-alpha.jpg
2008-03-02 20:49 6587 --a------ C:\Poker\Poker 770\data\shared\sounds\dealervoices\numbers\34_male1.mp3
2008-03-02 20:49 6587 --a------ C:\Poker\Poker 770\data\shared\sounds\dealervoices\comingout_male1.mp3
2008-03-02 20:49 6404 --a------ C:\Poker\Poker 770\data\shared\sounds\dealervoices\numbers\36_male1.mp3
2008-03-02 20:49 622592 --a------ C:\Poker\Poker 770\data\pokergames.dll
2008-03-02 20:49 6221 --a------ C:\Poker\Poker 770\data\shared\sounds\dealervoices\numbers\29_male1.mp3
2008-03-02 20:49 6221 --a------ C:\Poker\Poker 770\data\shared\sounds\dealervoices\numbers\25_male1.mp3
2008-03-02 20:49 6221 --a------ C:\Poker\Poker 770\data\shared\sounds\dealervoices\blackjack_male1.mp3
2008-03-02 20:49 620 --a------ C:\Poker\Poker 770\data\shared\dollarball\enable_big_button-alpha.jpg
2008-03-02 20:49 60482 --a------ C:\Poker\Poker 770\data\shared\blackjack\blackjack.lws
2008-03-02 20:49 6038 --a------ C:\Poker\Poker 770\data\shared\sounds\dealervoices\numbers\24_male1.mp3
2008-03-02 20:49 6038 --a------ C:\Poker\Poker 770\data\shared\sounds\dealervoices\numbers\23_male1.mp3
2008-03-02 20:49 6038 --a------ C:\Poker\Poker 770\data\shared\sounds\dealervoices\insurance_male1.mp3
2008-03-02 20:49 6038 --a------ C:\Poker\Poker 770\data\shared\sounds\dealervoices\betsplease_male1.mp3
2008-03-02 20:49 6031 --a------ C:\Poker\Poker 770\data\shared\bubble.png
2008-03-02 20:49 5982 --a------ C:\Poker\Poker 770\data\shared\videopoker_4line\screen_alpha.jpg
2008-03-02 20:49 5855 --a------ C:\Poker\Poker 770\data\shared\sounds\dealervoices\youwin_male1.mp3
2008-03-02 20:49 580 --a------ C:\Poker\Poker 770\data\shared\interface\aplay_check-alpha.jpg
2008-03-02 20:49 578 --a------ C:\Poker\Poker 770\data\shared\interface\timeout-alpha.jpg
2008-03-02 20:49 57511 --a------ C:\Poker\Poker 770\data\shared\9line\payline456789.png
2008-03-02 20:49 5712 --a------ C:\Poker\Poker 770\data\shared\dollarball\activate.jpg
2008-03-02 20:49 5673 --a------ C:\Poker\Poker 770\data\shared\sounds\dealervoices\numbers\17_male1.mp3
2008-03-02 20:49 5673 --a------ C:\Poker\Poker 770\data\shared\sounds\dealervoices\numbers\14_male1.mp3
2008-03-02 20:49 566 --a------ C:\Poker\Poker 770\data\shared\dollarball\win-over.jpg
2008-03-02 20:49 5490 --a------ C:\Poker\Poker 770\data\shared\sounds\dealervoices\numbers\33_male1.mp3
2008-03-02 20:49 537 --a------ C:\Poker\Poker 770\data\shared\dollarball\button_enable-alpha.jpg
2008-03-02 20:49 537 --a------ C:\Poker\Poker 770\data\shared\dollarball\button_disable-alpha.jpg
2008-03-02 20:49 5307 --a------ C:\Poker\Poker 770\data\shared\sounds\dealervoices\red_male1.mp3
2008-03-02 20:49 5307 --a------ C:\Poker\Poker 770\data\shared\sounds\dealervoices\push_male1.mp3
2008-03-02 20:49 5307 --a------ C:\Poker\Poker 770\data\shared\sounds\dealervoices\numbers\21_male1.mp3
2008-03-02 20:49 5307 --a------ C:\Poker\Poker 770\data\shared\sounds\dealervoices\numbers\19_male1.mp3
2008-03-02 20:49 5307 --a------ C:\Poker\Poker 770\data\shared\sounds\dealervoices\numbers\18_male1.mp3
2008-03-02 20:49 5239 --a------ C:\Poker\Poker 770\data\shared\interface\aplay_mode.jpg
2008-03-02 20:49 5202 --a------ C:\Poker\Poker 770\data\shared\tablegames\gold_dark\progressive_back.png
2008-03-02 20:49 51868 --a------ C:\Poker\Poker 770\data\shared\videopoker_4line\bet.sl2
2008-03-02 20:49 5156 --a------ C:\Poker\Poker 770\data\shared\dollarball\dollar_ball_big_disabled.png
2008-03-02 20:49 5124 --a------ C:\Poker\Poker 770\data\shared\sounds\dealervoices\numbers\31_male1.mp3
2008-03-02 20:49 5124 --a------ C:\Poker\Poker 770\data\shared\sounds\dealervoices\numbers\22_male1.mp3
2008-03-02 20:49 5124 --a------ C:\Poker\Poker 770\data\shared\sounds\dealervoices\numbers\13_male1.mp3
2008-03-02 20:49 5123 --a------ C:\Poker\Poker 770\data\shared\dollarball\random_pick1.jpg
2008-03-02 20:49 5078 --a------ C:\Poker\Poker 770\data\shared\cards\cardhq.lwo
2008-03-02 20:49 4982 --a------ C:\Poker\Poker 770\data\shared\cards\poker\joker.jpg
2008-03-02 20:49 4978 --a------ C:\Poker\Poker 770\data\shared\dollarball\button_disable.jpg
2008-03-02 20:49 49660 --a------ C:\Poker\Poker 770\data\shared\sounds\bigwin.mp3
2008-03-02 20:49 4941 --a------ C:\Poker\Poker 770\data\shared\sounds\dealervoices\numbers\6_male1.mp3
2008-03-02 20:49 4941 --a------ C:\Poker\Poker 770\data\shared\sounds\dealervoices\numbers\16_male1.mp3
2008-03-02 20:49 4941 --a------ C:\Poker\Poker 770\data\shared\sounds\dealervoices\numbers\15_male1.mp3
2008-03-02 20:49 4941 --a------ C:\Poker\Poker 770\data\shared\sounds\dealervoices\numbers\12_male1.mp3
2008-03-02 20:49 4941 --a------ C:\Poker\Poker 770\data\shared\sounds\dealervoices\numbers\10_male1.mp3
2008-03-02 20:49 493 --a------ C:\Poker\Poker 770\data\shared\history\cards\card-alpha.jpg
2008-03-02 20:49 4925 --a------ C:\Poker\Poker 770\data\shared\jackpot_anim-alpha.jpg
2008-03-02 20:49 4925 --a------ C:\Poker\Poker 770\data\shared\jackpot-alpha.jpg
2008-03-02 20:49 49185 --a------ C:\Poker\Poker 770\data\shared\buttons\allbuttons-alpha.jpg
2008-03-02 20:49 483 --a------ C:\Poker\Poker 770\data\shared\dollarball\random_pick1-alpha.jpg
2008-03-02 20:49 47814 --a------ C:\Poker\Poker 770\data\roulette\zoom\zoomanim.jpg
2008-03-02 20:49 4758 --a------ C:\Poker\Poker 770\data\shared\sounds\dealervoices\numbers\8_male1.mp3
2008-03-02 20:49 4758 --a------ C:\Poker\Poker 770\data\shared\sounds\dealervoices\numbers\32_male1.mp3
2008-03-02 20:49 4758 --a------ C:\Poker\Poker 770\data\shared\sounds\dealervoices\numbers\30_male1.mp3
2008-03-02 20:49 4758 --a------ C:\Poker\Poker 770\data\shared\sounds\dealervoices\numbers\0_male1.mp3
2008-03-02 20:49 4758 --a------ C:\Poker\Poker 770\data\shared\sounds\dealervoices\black_male1.mp3
2008-03-02 20:49 4683 --a------ C:\Poker\Poker 770\data\shared\dollarball\button_enable.jpg
2008-03-02 20:49 458752 --a------ C:\Poker\Poker 770\data\roulette.dll
2008-03-02 20:49 4575 --a------ C:\Poker\Poker 770\data\shared\sounds\dealervoices\numbers\7_male1.mp3
2008-03-02 20:49 4575 --a------ C:\Poker\Poker 770\data\shared\sounds\dealervoices\numbers\5_male1.mp3
2008-03-02 20:49 4575 --a------ C:\Poker\Poker 770\data\shared\sounds\dealervoices\numbers\11_male1.mp3
2008-03-02 20:49 4570 --a------ C:\Poker\Poker 770\data\shared\coins\tablecoins\allcoins2_coins-alpha.jpg
2008-03-02 20:49 4310 --a------ C:\Poker\Poker 770\data\shared\sounds\dealervoices\anteplease_male1.mp3
2008-03-02 20:49 4210 --a------ C:\Poker\Poker 770\data\shared\sounds\dealervoices\numbers\3_male1.mp3
2008-03-02 20:49 4196 --a------ C:\Poker\Poker 770\data\shared\interface\aplay_buttons.jpg
2008-03-02 20:49 4107 --a------ C:\Poker\Poker 770\data\shared\arrow_3d_down.png
2008-03-02 20:49 4027 --a------ C:\Poker\Poker 770\data\shared\sounds\dealervoices\numbers\4_male1.mp3
2008-03-02 20:49 3900 --a------ C:\Poker\Poker 770\data\shared\cards\textures\joker.png
2008-03-02 20:49 38917 --a------ C:\Poker\Poker 770\data\shared\interface\aplay_advanced.jpg
2008-03-02 20:49 3844 --a------ C:\Poker\Poker 770\data\shared\sounds\dealervoices\numbers\9_male1.mp3
2008-03-02 20:49 3661 --a------ C:\Poker\Poker 770\data\shared\sounds\dealervoices\numbers\2_male1.mp3
2008-03-02 20:49 3644 --a------ C:\Poker\Poker 770\data\shared\sounds\dealervoices\bust_male1.mp3
2008-03-02 20:49 3560 --a------ C:\Poker\Poker 770\data\shared\coins\tablecoins\allcoins1_coins-alpha.jpg
2008-03-02 20:49 3523 --a------ C:\Poker\Poker 770\data\shared\sounds\coin.mp3
2008-03-02 20:49 34790 --a------ C:\Poker\Poker 770\data\shared\jackpot.jpg
2008-03-02 20:49 3301 --a------ C:\Poker\Poker 770\data\shared\interface\aplay_simple.jpg
2008-03-02 20:49 328335 --a------ C:\Poker\Poker 770\data\shared\coins\tablecoins\allcoins2_coins.jpg
2008-03-02 20:49 3268 --a------ C:\Poker\Poker 770\data\roulette\3d\disc.lwo
2008-03-02 20:49 3177705 --a------ C:\Poker\Poker 770\data\shared\fonts\square721bdexbt.fon
2008-03-02 20:49 3163 --a------ C:\Poker\Poker 770\data\shared\videopoker_4line\or_double_half_to.jpg
2008-03-02 20:49 314 --a------ C:\Poker\Poker 770\data\shared\dollarball\selected_box.jpg
2008-03-02 20:49 3113 --a------ C:\Poker\Poker 770\data\shared\sounds\dealervoices\numbers\1_male1.mp3
2008-03-02 20:49 3081 --a------ C:\Poker\Poker 770\data\keno\star.jpg
2008-03-02 20:49 30808 --a------ C:\Poker\Poker 770\data\shared\fonts\swis721cnbt49.fon
2008-03-02 20:49 30439 --a------ C:\Poker\Poker 770\data\shared\videopoker_4line\buttons\buttons.jpg
2008-03-02 20:49 304101 --a------ C:\Poker\Poker 770\data\shared\fonts\blackchancery90.fon
2008-03-02 20:49 29912 --a------ C:\Poker\Poker 770\data\shared\sounds\dicerolling1.mp3
2008-03-02 20:49 298003 --a------ C:\Poker\Poker 770\data\roulette\back.jpg
2008-03-02 20:49 29759 --a------ C:\Poker\Poker 770\data\shared\jackpot_txt-alpha.jpg
2008-03-02 20:49 28576 --a------ C:\Poker\Poker 770\data\shared\sides.jpg
2008-03-02 20:49 2825 --a------ C:\Poker\Poker 770\data\shared\sounds\pokercard.mp3
2008-03-02 20:49 277776 --a------ C:\Poker\Poker 770\data\shared\coins\tablecoins\allcoins1_coins.jpg
2008-03-02 20:49 2747 --a------ C:\Poker\Poker 770\data\shared\sounds\dealervoices\numbers\20_male1.mp3
2008-03-02 20:49 27404 --a------ C:\Poker\Poker 770\data\shared\sounds\dicerolling2.mp3
2008-03-02 20:49 2717 --a------ C:\Poker\Poker 770\data\shared\videopoker_4line\buttons\incdecr.jpg
2008-03-02 20:49 27153 --a------ C:\Poker\Poker 770\data\shared\9line\buttons.jpg
2008-03-02 20:49 2701 --a------ C:\Poker\Poker 770\data\shared\tablesigns\tablesign_dealer_does_not_qualify.jpg
2008-03-02 20:49 2630 --a------ C:\Poker\Poker 770\data\shared\interface\aplay_ribbon.jpg
2008-03-02 20:49 25904 --a------ C:\Poker\Poker 770\data\shared\tablegames\back2-alpha.jpg
2008-03-02 20:49 2582 --a------ C:\Poker\Poker 770\data\shared\sounds\cardturn.mp3
2008-03-02 20:49 2508 --a------ C:\Poker\Poker 770\data\shared\interface\timeout.jpg
2008-03-02 20:49 2488 --a------ C:\Poker\Poker 770\data\shared\3d\chrome.png
2008-03-02 20:49 24020 --a------ C:\Poker\Poker 770\data\shared\cards\back.z
2008-03-02 20:49 23676 --a------ C:\Poker\Poker 770\data\shared\fonts\kabelultbt.fon
2008-03-02 20:49 2324 --a------ C:\Poker\Poker 770\data\shared\tablegames\progressive_txt.jpg
2008-03-02 20:49 2304 --a------ C:\Poker\Poker 770\data\shared\dollarball\selection_win.png
2008-03-02 20:49 2301 --a------ C:\Poker\Poker 770\data\shared\videopoker_4line\cardback.jpg
2008-03-02 20:49 22448 --a------ C:\Poker\Poker 770\data\shared\fonts\boink_let_32.fon
2008-03-02 20:49 221518 --a------ C:\Poker\Poker 770\data\roulette\3d\turret.cfs
2008-03-02 20:49 2198 --a------ C:\Poker\Poker 770\data\shared\sounds\lineselect.mp3
2008-03-02 20:49 219079 --a------ C:\Poker\Poker 770\data\shared\coins\tablecoins\allcoins4_coins.jpg
2008-03-02 20:49 21782 --a------ C:\Poker\Poker 770\data\shared\sounds\jackpotwin.mp3
2008-03-02 20:49 2167 --a------ C:\Poker\Poker 770\data\shared\interface\aplay_delay.jpg
2008-03-02 20:49 21371 --a------ C:\Poker\Poker 770\data\shared\fonts\times32.fon
2008-03-02 20:49 209439 --a------ C:\Poker\Poker 770\data\keno\wheel_full.jpg
2008-03-02 20:49 20908 --a------ C:\Poker\Poker 770\data\shared\cards\cards.lws
2008-03-02 20:49 207943 --a------ C:\Poker\Poker 770\data\shared\cards\textures\allcards_xl.jpg
2008-03-02 20:49 20593 --a------ C:\Poker\Poker 770\data\shared\fonts\swis721mdbt25.fon
2008-03-02 20:49 1978 --a------ C:\Poker\Poker 770\data\shared\9line\payline123.png
2008-03-02 20:49 197585 --a------ C:\Poker\Poker 770\data\poker_holdem\back.jpg
2008-03-02 20:49 1965 --a------ C:\Poker\Poker 770\data\poker_holdem\arrows.png
2008-03-02 20:49 1957 --a------ C:\Poker\Poker 770\data\shared\tablesigns\tablesign_royal_flush.jpg
2008-03-02 20:49 19567 --a------ C:\Poker\Poker 770\data\shared\sounds\smallwin.mp3
2008-03-02 20:49 1903 --a------ C:\Poker\Poker 770\data\shared\dollarball\dollar_ball_disabled.png
2008-03-02 20:49 1860 --a------ C:\Poker\Poker 770\data\keno\star-alpha.jpg
2008-03-02 20:49 180734 --a------ C:\Poker\Poker 770\data\shared\jackpot_anim.jpg
2008-03-02 20:49 18052 --a------ C:\Poker\Poker 770\data\shared\dollarball\dollar_ball_big.png
2008-03-02 20:49 179879 --a------ C:\Poker\Poker 770\data\shared\tablegames\back2.jpg
2008-03-02 20:49 17894 --a------ C:\Poker\Poker 770\data\shared\fonts\boink_let_23.fon
2008-03-02 20:49 17828 --a------ C:\Poker\Poker 770\data\shared\fonts\swis721cnbt.fon
2008-03-02 20:49 1755 --a------ C:\Poker\Poker 770\data\shared\nametag_long.jpg
2008-03-02 20:49 17360 --a------ C:\Poker\Poker 770\data\roulette\3d\disk.jpg
2008-03-02 20:49 16950 --a------ C:\Poker\Poker 770\data\shared\fonts\helvetica_nbc18.fon
2008-03-02 20:49 1693 --a------ C:\Poker\Poker 770\data\shared\doublescreen\buttons_screen-alpha.jpg
2008-03-02 20:49 164640 --a------ C:\Poker\Poker 770\data\shared\videopoker_4line\cards.jpg
2008-03-02 20:49 1631 --a------ C:\Poker\Poker 770\data\shared\tablesigns\tablesign_straight_flush.jpg
2008-03-02 20:49 1608 --a------ C:\Poker\Poker 770\data\roulette\3d\ball.lwo
2008-03-02 20:49 1592 --a------ C:\Poker\Poker 770\data\shared\tablesigns\tablesign_two_pair.jpg
2008-03-02 20:49 1582 --a------ C:\Poker\Poker 770\data\roulette\marker.jpg
2008-03-02 20:49 15513 --a------ C:\Poker\Poker 770\data\roulette\3d\roulette.lws
2008-03-02 20:49 15383 --a------ C:\Poker\Poker 770\data\shared\videopoker_4line\winflags-alpha.jpg
2008-03-02 20:49 15176 --a------ C:\Poker\Poker 770\data\shared\fonts\swis721cnbt16.fon
2008-03-02 20:49 1482 --a------ C:\Poker\Poker 770\data\shared\tablesigns\tablesign_one_pair.jpg
2008-03-02 20:49 1466 --a------ C:\Poker\Poker 770\data\shared\tablesigns\tablesign_flush.jpg
2008-03-02 20:49 1451 --a------ C:\Poker\Poker 770\data\shared\tablesigns\tablesign_no_hand.jpg
2008-03-02 20:49 1436 --a------ C:\Poker\Poker 770\data\shared\tablesigns\tablesign_four_of_a_kind.jpg
2008-03-02 20:49 14031 --a------ C:\Poker\Poker 770\data\shared\doublescreen\buttons_screen.jpg
2008-03-02 20:49 14013 --a------ C:\Poker\Poker 770\data\shared\dollarball\sidebet_button.jpg
2008-03-02 20:49 1393 --a------ C:\Poker\Poker 770\data\shared\tablesigns\tablesign_ace_king.jpg
2008-03-02 20:49 138 --a------ C:\Poker\Poker 770\data\shared\progcover.png
2008-03-02 20:49 13787 --a------ C:\Poker\Poker 770\data\shared\videopoker_4line\allwild.jpg
2008-03-02 20:49 1375 --a------ C:\Poker\Poker 770\data\shared\tablesigns\tablesign_three_of_a_kind.jpg
2008-03-02 20:49 1372 --a------ C:\Poker\Poker 770\data\shared\tablesigns\tablesign_straight.jpg
2008-03-02 20:49 1365 --a------ C:\Poker\Poker 770\data\shared\videopoker_4line\buttons\incdecr-alpha.jpg
2008-03-02 20:49 135724 --a------ C:\Poker\Poker 770\data\shared\cards\textures\allcards.jpg
2008-03-02 20:49 1346 --a------ C:\Poker\Poker 770\data\shared\cards\cardlq.lwo
2008-03-02 20:49 1344 --a------ C:\Poker\Poker 770\data\shared\dollarball\sidebet_button-alpha.jpg
2008-03-02 20:49 1329 --a------ C:\Poker\Poker 770\data\shared\interface\aplay_check.jpg
2008-03-02 20:49 131981 --a------ C:\Poker\Poker 770\data\poker_caribbean\texture.jpg
2008-03-02 20:49 13170 --a------ C:\Poker\Poker 770\data\shared\dollarball\sounds\reelstop_sidebet.mp3
2008-03-02 20:49 127680 --a------ C:\Poker\Poker 770\data\shared\cards\poker\allcards.jpg
2008-03-02 20:49 1276 --a------ C:\Poker\Poker 770\data\shared\interface\aplay_arrow.jpg
2008-03-02 20:49 12620 --a------ C:\Poker\Poker 770\data\roulette\sounds\roulettestop.mp3
2008-03-02 20:49 1258 --a------ C:\Poker\Poker 770\data\shared\tablesigns\tablesign_full_house.jpg
2008-03-02 20:49 1250 --a------ C:\Poker\Poker 770\data\shared\sounds\card.mp3
2008-03-02 20:49 1235 --a------ C:\Poker\Poker 770\data\roulette\marker-alpha.jpg
2008-03-02 20:49 1201 --a------ C:\Poker\Poker 770\data\shared\doublescreen\back.png
2008-03-02 20:49 11979 --a------ C:\Poker\Poker 770\data\shared\9line\buttons-alpha.jpg
2008-03-02 20:49 11622 --a------ C:\Poker\Poker 770\data\shared\fonts\tahoma_ap.fon
2008-03-02 20:49 11328 --a------ C:\Poker\Poker 770\data\shared\videopoker_4line\buttons\hold.jpg
2008-03-02 20:49 10994 --a------ C:\Poker\Poker 770\data\shared\sounds\dealervoices\dealerwins_male1.mp3
2008-03-02 20:49 10926 --a------ C:\Poker\Poker 770\data\shared\videopoker_4line\buttons\buttons-alpha.jpg
2008-03-02 20:49 1076 --a------ C:\Poker\Poker 770\data\shared\coins\tablecoins\allcoins2_selected.png
2008-03-02 20:49 107287 --a------ C:\Poker\Poker 770\data\shared\buttons\allbuttons-over.jpg
2008-03-02 20:49 1066 --a------ C:\Poker\Poker 770\data\shared\videopoker_4line\buttons\buttons_screen-alpha.jpg
2008-03-02 20:49 10651 --a------ C:\Poker\Poker 770\data\shared\dollarball\dollar_ball.png
2008-03-02 20:49 104727 --a------ C:\Poker\Poker 770\data\shared\jackpot_txt.jpg
2008-03-02 20:49 10378 --a------ C:\Poker\Poker 770\data\shared\sounds\dealervoices\dealerdnq_male1.mp3
2008-03-02 20:49 1020 --a------ C:\Poker\Poker 770\data\shared\dollarball\result_win_disabled.png
2008-03-02 20:49 101959 --a------ C:\Poker\Poker 770\data\keno\wheel_empty.jpg
2008-03-02 20:48 9984 --a------ C:\Poker\Poker 770\data\lobby\dialogs\dialog_back3.jpg
2008-03-02 20:48 9907 --a------ C:\Poker\Poker 770\data\shared\interface\chat\chat_window.png
2008-03-02 20:48 986 --a------ C:\Poker\Poker 770\data\table\topview\counter-alpha.jpg
2008-03-02 20:48 9700 --a------ C:\Poker\Poker 770\data\lobby\quick_search_buttons.jpg
2008-03-02 20:48 9497 --a------ C:\Poker\Poker 770\data\lobby\login\login.jpg
2008-03-02 20:48 9412 --a------ C:\Poker\Poker 770\data\shared\history\cards\allcards7stud-alpha.jpg
2008-03-02 20:48 936 --a------ C:\Poker\Poker 770\data\lobby\quick_search_close.jpg
2008-03-02 20:48 935 --a------ C:\Poker\Poker 770\data\shared\options\slider.jpg
2008-03-02 20:48 928 --a------ C:\Poker\Poker 770\data\shared\options\check.png
2008-03-02 20:48 927 --a------ C:\Poker\Poker 770\data\lobby\dialogs\close.jpg
2008-03-02 20:48 924 --a------ C:\Poker\Poker 770\data\table\topview\bubble-alpha.jpg
2008-03-02 20:48 922 --a------ C:\Poker\Poker 770\data\shared\history\cards\card7stud-alpha.jpg
2008-03-02 20:48 914 --a------ C:\Poker\Poker 770\data\table\topview\nametag-alpha.jpg
2008-03-02 20:48 913 --a------ C:\Poker\Poker 770\data\table\topview\chat\chat_side\bottom_left.jpg
2008-03-02 20:48 91183 --a------ C:\Poker\Poker 770\data\table\topview\buttons\checkboxes.jpg
2008-03-02 20:48 911 --a------ C:\Poker\Poker 770\data\lobby\buttons\jointable-alpha.jpg
2008-03-02 20:48 911 --a------ C:\Poker\Poker 770\data\lobby\buttons\goto_tournament-alpha.jpg
2008-03-02 20:48 9096 --a------ C:\Poker\Poker 770\data\lobby\login\createaccount.jpg
2008-03-02 20:48 90112 --a------ C:\Poker\Poker 770\replace.exe
2008-03-02 20:48 8780 --a------ C:\Poker\Poker 770\data\keno\sounds\wheel.mp3
2008-03-02 20:48 878 --a------ C:\Poker\Poker 770\data\table\topview\blink.jpg
2008-03-02 20:48 874 --a------ C:\Poker\Poker 770\data\shared\black100x100.png
2008-03-02 20:48 872 --a------ C:\Poker\Poker 770\data\lobby\buttons\search-alpha.jpg
2008-03-02 20:48 86025 --a------ C:\Poker\Poker 770\data\table\topview\buttons\button_short.jpg
2008-03-02 20:48 86016 --a------ C:\Poker\Poker 770\directsounddriver.dll
2008-03-02 20:48 859 --a------ C:\Poker\Poker 770\data\shared\options\options_adjust-alpha.jpg
2008-03-02 20:48 8517 --a------ C:\Poker\Poker 770\data\table\topview\antibot_back.jpg
2008-03-02 20:48 84748 --a------ C:\Poker\Poker 770\data\table\topview\buttons\button_long.jpg
2008-03-02 20:48 831 --a------ C:\Poker\Poker 770\data\lobby\login\login-alpha.jpg
2008-03-02 20:48 830 --a------ C:\Poker\Poker 770\data\table\topview\antibot_back-alpha.jpg
2008-03-02 20:48 819 --a------ C:\Poker\Poker 770\data\lobby\buttons\waitinglist_buttons-alpha.jpg
2008-03-02 20:48 8168 --a------ C:\Poker\Poker 770\data\lobby\login\dont_have_an_account.jpg
2008-03-02 20:48 811 --a------ C:\Poker\Poker 770\data\table\topview\buttons\petpot_alpha.jpg
2008-03-02 20:48 80968 --a------ C:\Poker\Poker 770\data\shared\history\cards\allcards7stud.jpg
2008-03-02 20:48 80737 --a------ C:\Poker\Poker 770\data\shared\history\cards\allcards.jpg
2008-03-02 20:48 8033 --a------ C:\Poker\Poker 770\data\lobby\dialogs\gotothenexttournament.jpg
2008-03-02 20:48 803 --a------ C:\Poker\Poker 770\data\table\topview\chat\chat_side\bottom_right.jpg
2008-03-02 20:48 80288 --a------ C:\Poker\Poker 770\data\casinowar.gam
2008-03-02 20:48 7943 --a------ C:\Poker\Poker 770\data\table\topview\break.jpg
2008-03-02 20:48 79166 --a------ C:\Poker\Poker 770\data\lobby\back.jpg
2008-03-02 20:48 791 --a------ C:\Poker\Poker 770\data\lobby\waitinglist\num_chooser.jpg
2008-03-02 20:48 787 --a------ C:\Poker\Poker 770\data\shared\interface\chat-alpha.jpg
2008-03-02 20:48 7864 --a------ C:\Poker\Poker 770\data\shared\options\arrows.png
2008-03-02 20:48 7817 --a------ C:\Poker\Poker 770\data\shared\interface\logo.jpg
2008-03-02 20:48 779 --a------ C:\Poker\Poker 770\data\shared\history\cards\joker7stud.jpg
2008-03-02 20:48 7718 --a------ C:\Poker\Poker 770\data\table\topview\coins\coins.bmp
2008-03-02 20:48 767 --a------ C:\Poker\Poker 770\data\lobby\login\createaccount-alpha.jpg
2008-03-02 20:48 7615 --a------ C:\Poker\Poker 770\data\keno\buttons\buttons-alpha.jpg
2008-03-02 20:48 749 --a------ C:\Poker\Poker 770\data\table\topview\chat\send-alpha.jpg
2008-03-02 20:48 7457 --a------ C:\Poker\Poker 770\data\shared\interface\bottom_ribbon.jpg
2008-03-02 20:48 740 --a------ C:\Poker\Poker 770\data\lobby\quick_search_buttons-alpha.jpg
2008-03-02 20:48 726 --a------ C:\Poker\Poker 770\data\table\topview\timer-alpha.jpg
2008-03-02 20:48 7182 --a------ C:\Poker\Poker 770\data\shared\interface\chat\send.png
2008-03-02 20:48 71697 --a------ C:\Poker\Poker 770\data\shared\options\avatars.jpg
2008-03-02 20:48 7117 --a------ C:\Poker\Poker 770\data\lobby\quick_search_back.jpg
2008-03-02 20:48 699 --a------ C:\Poker\Poker 770\data\table\topview\buttons_cover.jpg
2008-03-02 20:48 6988 --a------ C:\Poker\Poker 770\data\craps\coins.png
2008-03-02 20:48 691 --a------ C:\Poker\Poker 770\data\lobby\login\checkbox.png
2008-03-02 20:48 6840
15 Mars 2008 17:51:30

Ok ,

il y avait encore un rootkit ... j'aimerais vérifier quelque chose

Télécharge Navilog1 [:eric_71:16] < ici

enregistre le sur ton Bureau
double clic sur Navilog1.exe ( le .exe peut ne pas apparaitre )
Il s%u2019éxécutera automatiquement
(Si ce n'est pas le cas, double clique sur le raccourci présent sur le Bureau)
suis les invites et choisis l'option 1 puis valide

n'utilise pas les options 2,3 ou 4
attend jusqu'a " analyse terminé le ........... "
appuie sur une touche comme demandé

Copie / Colle le rapport généré ( C:\fixnavi.txt )
15 Mars 2008 21:13:09

ok voila le nouveau rapport:

Search Navipromo version 3.5.0 commencé le 15/03/2008 à 20:38:37,15

!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!
!!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!!

Outil exécuté depuis C:\Program Files\navilog1
Mise à jour le 04.03.2008 à 17h00 par IL-MAFIOSO


Microsoft Windows XP [version 5.1.2600]
Internet Explorer : 6.0.2900.2180
Système de fichiers : NTFS

Executé en mode normal

*** Recherche Programmes installés ***




*** Recherche dossiers dans C:\WINDOWS ***



*** Recherche dossiers dans C:\Program Files ***



*** Recherche dossiers dans C:\DOCUME~1\ALLUSE~1\APPLIC~1 ***




*** Recherche dossiers dans "C:\Documents and Settings\Caroline FORGET\applic~1" ***



*** Recherche dossiers dans "C:\Documents and Settings\Caroline FORGET\locals~1\applic~1" ***



*** Recherche dossiers dans "C:\Documents and Settings\Caroline FORGET\menudm~1\progra~1" ***


*** Recherche dossiers dans C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1 ***


*** Recherche avec Catchme-rootkit/stealth malware detector par gmer ***
pour + d'infos : http://www.gmer.net

Aucun Fichier trouvé



*** Recherche avec GenericNaviSearch ***
!!! Tous ces résultats peuvent révéler des fichiers légitimes !!!
!!! A vérifier impérativement avant toute suppression manuelle !!!

* Recherche dans C:\WINDOWS\system32 *

* Recherche dans "C:\Documents and Settings\Caroline FORGET\locals~1\applic~1" *



*** Recherche fichiers ***




*** Recherche clés spécifiques dans le Registre ***


*** Module de Recherche complémentaire ***
(Recherche fichiers spécifiques)

1)Recherche nouveaux fichiers Instant Access :


2)Recherche Heuristique :

* Dans C:\WINDOWS\system32 :


* Dans "C:\Documents and Settings\Caroline FORGET\locals~1\applic~1" :


3)Recherche Certificats :

Certificat Egroup absent !
Certificat Electronic-Group trouvé !
Certificat OOO-Favorit trouvé !

4)Recherche fichiers connus :



*** Analyse terminée le 15/03/2008 à 20:41:30,31 ***
15 Mars 2008 23:41:26

Humm .. il y à les certificats


Double clique sur le raccourci Navilog1
Choisis cette fois ci l'option 2 et valide
Il va t’informer qu’il va Redémarrer l’ordinateur

Ferme toutes les fenêtres !
si tu as des documents personnels ouverts , Enregistre les !

Appuie sur une touche comme demandé
( s’il ne redémarre pas automatiquement , redémarre manuellement )

attend jusqu'à ce message :
" Nettoyage Terminé le ..... "

Sauvegarde le rapport sur ton Bureau
ton bureau va réapparaître
( si ce n’est pas le cas , appuie sur Ctrl+Alt+Suppr , dans l’onglet Processus , clique sur Fichier , choisis Executer et tape explorer puis valide )

poste le rapport sauvegardé ( C:\cleannavi.txt )
et un nouveau rapport Hijackthis

16 Mars 2008 03:01:08

voila les 2 rapports:

Clean Navipromo version 3.5.0 commencé le 16/03/2008 à 2:14:32,51

Outil exécuté depuis C:\Program Files\navilog1
Mise à jour le 04.03.2008 à 17h00 par IL-MAFIOSO


Microsoft Windows XP [version 5.1.2600]
Internet Explorer : 6.0.2900.2180
Système de fichiers : NTFS

Mode suppression automatique
avec prise en charge résultats Catchme et GNS



*** fsbl1.txt non trouvé ***
(Assurez-vous que Catchme n'avait rien trouvé lors de la recherche)


*** Suppression avec sauvegardes résultats GenericNaviSearch ***

* Suppression dans C:\WINDOWS\System32 *


* Suppression dans "C:\Documents and Settings\Caroline FORGET\locals~1\applic~1" *



*** Suppression dossiers dans C:\WINDOWS ***


*** Suppression dossiers dans C:\Program Files ***


*** Suppression dossiers dans C:\DOCUME~1\ALLUSE~1\APPLIC~1 ***


*** Suppression dossiers dans "C:\Documents and Settings\Caroline FORGET\applic~1" ***


*** Suppression dossiers dans "C:\Documents and Settings\Caroline FORGET\locals~1\applic~1" ***


*** Suppression dossiers dans "C:\Documents and Settings\Caroline FORGET\menudm~1\progra~1" ***


*** Suppression dossiers dans C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1 ***



*** Suppression fichiers ***


*** Suppression fichiers temporaires ***

Nettoyage contenu C:\WINDOWS\Temp effectué !
Nettoyage contenu C:\Documents and Settings\Caroline FORGET\locals~1\Temp effectué !

*** Traitement Recherche complémentaire ***
(Recherche fichiers spécifiques)

1)Suppression avec sauvegardes nouveaux fichiers Instant Access :

2)Recherche, création sauvegardes et suppression Heuristique :


* Dans C:\WINDOWS\system32 *


* Dans "C:\Documents and Settings\Caroline FORGET\locals~1\applic~1" *


*** Sauvegarde du Registre vers dossier Backupnavi ***

sauvegarde du Registre réalisée avec succès !

*** Nettoyage Registre ***

Nettoyage Registre Ok


*** Certificats ***

Certificat Egroup absent !
Certificat Electronic-Group supprimé !
Certificat OOO-Favorit supprimé !

*** Nettoyage terminé le 16/03/2008 à 2:18:08,73 ***







rapport hijackthis:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 03:00:09, on 16/03/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Fichiers communs\NMSAccessU.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\WINDOWS\system32\SysMonitor.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\WINDOWS\vsnp2uvc.exe
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe
C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\TribalWeb\tribalweb.exe
C:\Program Files\Java\jre1.5.0_06\bin\jucheck.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.fr.acer.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://shell.windows.com/fileassoc/fileassoc.asp?LangID...
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [ntiMUI] c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] C:\WINDOWS\system32\SysMonitor.exe
O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe 1
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe /idle
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [snp2uvc] C:\WINDOWS\vsnp2uvc.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\CCleaner.exe" /AUTO
O4 - HKCU\..\Run: [EPSON Stylus DX8400 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICEE.EXE /FU "C:\WINDOWS\TEMP\E_S1D6.tmp" /EF "HKCU"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: TribalWeb.lnk = C:\Program Files\TribalWeb\tribalweb.exe
O4 - Global Startup: Acer Empowering Technology.lnk = ?
O4 - Global Startup: Acer WLAN 11g USB Dongle.lnk = C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?a240d4a1b4284367824bfa25149b11e7
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?a240d4a1b4284367824bfa25149b11e7
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown....
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.ca...
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab57213....
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL
O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: Google Desktop Manager 5.1.709.19590 (GoogleDesktopManager-091907-194040) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\Fichiers communs\NMSAccessU.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SPBBCSvc - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe

--
End of file - 11884 bytes

16 Mars 2008 19:00:26

Bien ,

Fais un scan en ligne Kaspersky [:eric_71:19] < ici avec Internet Explorer !

Clique sur Demarrer Online-Scanner ( en bas à droite )
Clique sur J'accepte , si necessaire valide l'installation des ActiveX
laisse installer les Mises à jour , choisis l'analyse du Poste de travail

à la fin de l'analyse , Sauvegarde le rapport puis colle le dans ta réponse

Si tu vois ce message : La licence de Kaspersky On-line Scanner est périmée
vas dans Ajout / Suppression de programmes et désinstalle On-Line Scanner
retourne sur le site et retente le scan

Tom's guide dans le monde
  • Allemagne
  • Italie
  • Irlande
  • Royaume Uni
  • Etats Unis
Suivre Tom's Guide
Inscrivez-vous à la Newsletter
  • ajouter à twitter
  • ajouter à facebook
  • ajouter un flux RSS