virus

Bonjour,

[#ff0000]! Désactive tes protections résidentes (antivirus, Spybot-S&D, etc.) ![/#f]

Télécharge ComboFix ([#ff0000]sUBs[/#f]) sur ton Bureau.

Double clique sur ComboFix.exe (le .exe n'est pas forcément visible) afin de le lancer.

Lorsque la recherche sera terminée, un rapport apparaîtra. Poste ce rapport (C:\combofix.txt*) dans ta prochaine réponse.

AIDE : Un guide et un tutoriel sur l'utilisation de ComboFix
* le nom de la partition peut changer

bonjour
j'ai dowloader combo fix il apparrait un petit rectangle beige quand il as fini ça disparait et rien ne se passe
merci

Tu as essayé en mode sans échec ?

ayoye non je sais pas comment faire ça désolé
je n'ai jamais fait ça

Redémarrer en mode sans échec
 

j'ai réussi a redémarrer sans echec ,ça ne fonctionne pas plus il avait un message disant un périphérique au systeme ne fonctionne pas correctement .
madol
J'avais fait un print screen pour te le montrer mais je ne suis pas capable de le coller ici

Pas grave. Retente une dernière fois le scan Combofix.

bonjour
J'ai réussi à ouvrir combofix je suis sur la page bleu avec le message
merci de patienter combofix s'apprête à démarrer.
Mais ça fait une demi heure que j'attends es-ce normal dois-je attendre encore.là je suis avec mon portable et j'attends mais il ne se passe pus rien.
merci
Madol

On va faire autrement.

Télécharge MalwareByte's Anti-Malware sur ton Bureau.
Installe-le en double-cliquant sur le fichier Download_mbam-setup.exe.

Une fois l'installation et la mise à jour effectuées, redémarre en mode sans échec.
AIDE : Redémarrer en mode sans échec

Exécute maintenant MalwareByte's Anti-Malware. Si cela n'est pas déjà fait, sélectionne "Exécuter un examen complet".

Afin de lancer la recherche, clic sur"Rechercher".

Une fois le scan terminé, une fenêtre s'ouvre, clic sur OK. Deux possibilités s'offrent à toi :
-- si le programme n'a rien trouvé, appuie sur OK. Un rapport va apparaître, ferme-le.
-- si des infections sont présentes, clic sur "Afficher les résultats" puis sur "Supprimer la sélection". Enregistre le rapport sur ton Bureau afin de le poster dans ta prochaine réponse.
[#ff0000]REMARQUE : Si MalwareByte's Anti-Malware a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok.[/#f]

AIDE : Tuto en images sur MBAM

bonjour voici mon rapport malware

Malwarebytes' Anti-Malware 1.29
Version de la base de données: 1279
Windows 5.1.2600 Service Pack 3

2008-10-17 15:29:54
mbam-log-2008-10-17 (15-29-54).txt

Type de recherche: Examen complet (C:\|D:\|E:\|F:\|)
Eléments examinés: 102435
Temps écoulé: 1 hour(s), 6 minute(s), 22 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 2
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{9e91ef7b-6846-45c3-a8ab-67cf7c900783} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\bimakaline (Trojan.Agent) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)

Reposte un rapport Hijackthis.

bonjour
voici mon rapport

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 07:31, on 2008-10-18
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\PROGRA~1\Druide\Antidote\Antidote\Gestionnaire Antidote.exe
C:\Program Files\Fichiers communs\Nero\Lib\NMBgMonitor.exe
C:\Program Files\MétéoMédia\MétéoÉclair\WeatherEye.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.j-aide.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {995B2882-98D8-48DB-8EE7-745947B48454} - C:\WINDOWS\system32\ssqOHyaX.dll (file missing)
O2 - BHO: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - (no file)
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll
O2 - BHO: (no name) - {c3b5c157-a75a-4c93-b2f7-f5786157e3c6} - C:\WINDOWS\system32\diwevari.dll (file missing)
O2 - BHO: (no name) - {CBB14C0E-EBA6-46BC-98BF-D1E02353284C} - (no file)
O3 - Toolbar: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - (no file)
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [bimakaline] Rundll32.exe "C:\WINDOWS\system32\dusatalo.dll",s
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Gestionnaire Antidote.exe] C:\PROGRA~1\Druide\Antidote\Antidote\Gestionnaire Antidote.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Nero\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [WeatherEye] C:\Program Files\MétéoMédia\MétéoÉclair\WeatherEye.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [bimakaline] Rundll32.exe "C:\WINDOWS\system32\dusatalo.dll",s (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Correcteur - {F7C8E5F6-B6D1-45db-8D91-2BCFA5DF11A9} - C:\PROGRA~1\Druide\Antidote\Antidote\Internet Explorer\6\Antidote K - IE 6.htm (HKCU)
O9 - Extra button: Dictionnaire - {FB4AE6A3-EE20-442c-9189-251885352358} - C:\PROGRA~1\Druide\Antidote\Antidote\Internet Explorer\6\Antidote D - IE 6.htm (HKCU)
O9 - Extra button: Synonymes - {FDD637F8-2693-49ce-817E-1AD59574900C} - C:\PROGRA~1\Druide\Antidote\Antidote\Internet Explorer\6\Antidote S - IE 6.htm (HKCU)
O9 - Extra button: Conjugueur - {FF229BEC-9E1F-48c1-99A6-AF34ABEFAB0A} - C:\PROGRA~1\Druide\Antidote\Antidote\Internet Explorer\6\Antidote C - IE 6.htm (HKCU)
O9 - Extra button: Grammaire - {FFB5EE7F-726F-423e-83C2-572FE7CEB3F0} - C:\PROGRA~1\Druide\Antidote\Antidote\Internet Explorer\6\Antidote G - IE 6.htm (HKCU)
O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - http://catalog.update.microsoft.com/v7/site/ClientContr...
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8....
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Cont...
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111401/housecall...
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe.com/products/acrob...
O20 - AppInit_DLLs: yiubeg.dll,plmjof.dll,koxpfg.dll,C:\WINDOWS\system32\hisozega.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe

--
End of file - 9340 bytes

Re,

Télécharge Random's System Information Tool (RSIT) par (random/random[/#f]) et sauvegarde-le sur le Bureau.

Double-clique sur RSIT.exe afin de lancer le programme.

Clique Continue à l'écran Disclaimer.

Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.

Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt [#ff0000](affiché)

ainsi que de info.txt (réduit dans la Barre des Tâches).

Veille bien à poster l'intégralité des rapports. Vérifie qu'ils soient complets une fois que tu les as postés.

NB : Les rapports sont sauvegardés dans le dossier C:\rsit

bonjour voici ce que tu m'as demandé j'espere que c'est correct
info.txt logfile of random's system information tool 1.04 2008-10-18 14:35:42

======Uninstall list======

-->C:\Program Files\Nero\Nero8\\nero\uninstall\UNNERO.exe /UNINSTALL
-->C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL
-->C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL
-->C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL
-->C:\WINDOWS\UNNeroVision.exe /UNINSTALL
-->C:\WINDOWS\UNRecode.exe /UNINSTALL
-->MsiExec.exe /I{403EF592-953B-4794-BCEF-ECAB835C2095}
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Adobe Flash Player ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Antidote Prisme ver6-->MsiExec.exe /I{6BDE74FF-B859-4C54-A592-39718A7CEC59}
Apple Mobile Device Support-->MsiExec.exe /I{44734179-8A79-4DEE-BB08-73037F065543}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
avast! Antivirus-->C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup
Bonjour-->MsiExec.exe /I{47BF1BD6-DCAC-468F-A0AD-E5DECC2211C3}
Canon MP Drivers 7.0-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D335AC77-6F59-46D6-9082-F74A9F7E0FC3}\Setup.exe" -l0x40c -Uninstall
Canon ScanGear Starter-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{18A5DFF2-8A95-49F3-873F-743CB5549F3D}\setup.exe" -l0x40c anything
Canon Utilities Easy-PhotoPrint-->C:\Program Files\Canon\Easy-PhotoPrint\uninst.exe uninst.ini
Compatibility Pack for the 2007 Office system-->MsiExec.exe /X{90120000-0020-040C-0000-0000000FF1CE}
Correctif pour Lecteur Windows Media 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
DVD Shrink 3.2-->"C:\Program Files\DVD Shrink\unins000.exe"
getPlus(R) for Adobe-->"C:\Program Files\NOS\bin\getPlus_HelperSvc.exe" /UninstallGet1
Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
Hoyle Casino-->MsiExec.exe /X{3F99D180-34C3-4151-8C6C-86FC5D7BDFBD}
Intel(R) Graphics Media Accelerator Driver-->C:\WINDOWS\system32\igxpun.exe -uninstall
Intel(R) PRO Network Connections 12.1.12.0-->MsiExec.exe /i{777CA40C-0206-4EF6-A0FC-618BF06BF8D0} ARPREMOVE=1
Intel(R) TV Wizard-->C:\WINDOWS\system32\TVWizudlg.exe -uninstall
iTunes-->MsiExec.exe /I{585776BC-4BD6-4BD2-A19A-1D6CB44A403B}
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
LimeWire 4.18.8-->"C:\Program Files\LimeWire\uninstall.exe"
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Office Professional Edition 2003-->MsiExec.exe /I{9011040C-6000-11D3-8CFE-0150048383C9}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923789)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf
Mise à jour de sécurité pour Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB953838)-->"C:\WINDOWS\$NtUninstallKB953838$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956390)-->"C:\WINDOWS\$NtUninstallKB956390$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
Nero 8-->MsiExec.exe /X{1E598659-6503-419E-8FB0-0C1EABF11036}
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
Outil de mise à jour Google-->"C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall
QuickTime-->MsiExec.exe /I{1838C5A2-AB32-4145-85C1-BB9B8DFA24CD}
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\setup.exe" -l0xc0c -removeonly
VCRedistSetup-->MsiExec.exe /I{3921A67A-5AB1-4E48-9444-C71814CF3027}
Windows Live installer-->MsiExec.exe /X{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390}
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
WinZip 11.1-->MsiExec.exe /X{CD95F661-A5C4-44F5-A6AA-ECDD91C240B5}

======Hosts File======

127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com

======Security center information======

AV: avast! antivirus 4.8.1229 [VPS 081017-1]

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%systemroot%\system32;%systemroot%;%systemroot%\system32\wbem;C:\Program Files\Intel\DMIX;C:\Program Files\QuickTime\QTSystem
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 13, GenuineIntel
"PROCESSOR_REVISION"=0f0d
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"CLASSPATH"=.;C:\Program Files\QuickTime\QTSystem\QTJava.zip
"QTJAVA"=C:\Program Files\QuickTime\QTSystem\QTJava.zip

-----------------EOF-----------------
Logfile of random's system information tool 1.04 (written by random/random)
Run by Famille Allard at 2008-10-18 14:48:53
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 261 GB (88%) free of 295 GB
Total RAM: 2037 MB (77% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:48, on 2008-10-18
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\PROGRA~1\Druide\Antidote\Antidote\Gestionnaire Antidote.exe
C:\Program Files\Fichiers communs\Nero\Lib\NMBgMonitor.exe
C:\Program Files\MétéoMédia\MétéoÉclair\WeatherEye.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Famille Allard\Bureau\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Famille Allard.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.j-aide.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {995B2882-98D8-48DB-8EE7-745947B48454} - C:\WINDOWS\system32\ssqOHyaX.dll (file missing)
O2 - BHO: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - (no file)
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll
O2 - BHO: (no name) - {c3b5c157-a75a-4c93-b2f7-f5786157e3c6} - C:\WINDOWS\system32\diwevari.dll (file missing)
O2 - BHO: (no name) - {CBB14C0E-EBA6-46BC-98BF-D1E02353284C} - (no file)
O3 - Toolbar: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - (no file)
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [bimakaline] Rundll32.exe "C:\WINDOWS\system32\dusatalo.dll",s
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Gestionnaire Antidote.exe] C:\PROGRA~1\Druide\Antidote\Antidote\Gestionnaire Antidote.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Nero\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [WeatherEye] C:\Program Files\MétéoMédia\MétéoÉclair\WeatherEye.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [bimakaline] Rundll32.exe "C:\WINDOWS\system32\dusatalo.dll",s (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Correcteur - {F7C8E5F6-B6D1-45db-8D91-2BCFA5DF11A9} - C:\PROGRA~1\Druide\Antidote\Antidote\Internet Explorer\6\Antidote K - IE 6.htm (HKCU)
O9 - Extra button: Dictionnaire - {FB4AE6A3-EE20-442c-9189-251885352358} - C:\PROGRA~1\Druide\Antidote\Antidote\Internet Explorer\6\Antidote D - IE 6.htm (HKCU)
O9 - Extra button: Synonymes - {FDD637F8-2693-49ce-817E-1AD59574900C} - C:\PROGRA~1\Druide\Antidote\Antidote\Internet Explorer\6\Antidote S - IE 6.htm (HKCU)
O9 - Extra button: Conjugueur - {FF229BEC-9E1F-48c1-99A6-AF34ABEFAB0A} - C:\PROGRA~1\Druide\Antidote\Antidote\Internet Explorer\6\Antidote C - IE 6.htm (HKCU)
O9 - Extra button: Grammaire - {FFB5EE7F-726F-423e-83C2-572FE7CEB3F0} - C:\PROGRA~1\Druide\Antidote\Antidote\Internet Explorer\6\Antidote G - IE 6.htm (HKCU)
O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - http://catalog.update.microsoft.com/v7/site/ClientContr...
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8....
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Cont...
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111401/housecall...
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe.com/products/acrob...
O20 - AppInit_DLLs: yiubeg.dll,plmjof.dll,koxpfg.dll,C:\WINDOWS\system32\hisozega.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe

--
End of file - 9188 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\coweroec.job
C:\WINDOWS\tasks\ekhcyssn.job
C:\WINDOWS\tasks\snhnftjh.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{995B2882-98D8-48DB-8EE7-745947B48454}]
C:\WINDOWS\system32\ssqOHyaX.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A057A204-BACC-4D26-9990-79A187E2698E}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll [2008-10-10 652784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c3b5c157-a75a-4c93-b2f7-f5786157e3c6}]
C:\WINDOWS\system32\diwevari.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CBB14C0E-EBA6-46BC-98BF-D1E02353284C}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{A057A204-BACC-4D26-9990-79A187E2698E}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2007-04-16 142104]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2007-04-16 162584]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2007-04-16 138008]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2007-04-26 16132608]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2008-03-28 413696]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2008-03-30 267048]
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]
"NeroFilterCheck"=C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe [2007-03-01 153136]
"NBKeyScan"=C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [2007-09-20 1836328]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2008-07-19 78008]
"bimakaline"=C:\WINDOWS\system32\dusatalo.dll []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-13 1695232]
"Gestionnaire Antidote.exe"=C:\PROGRA~1\Druide\Antidote\Antidote\Gestionnaire Antidote.exe [2005-06-22 386752]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Fichiers communs\Nero\Lib\NMBgMonitor.exe [2007-10-23 202024]
"WeatherEye"=C:\Program Files\MétéoMédia\MétéoÉclair\WeatherEye.exe [2008-09-04 4501912]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2008-10-10 39408]

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
WinZip Quick Pick.lnk - C:\Program Files\WinZip\WZQKPICK.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="yiubeg.dll,plmjof.dll,koxpfg.dll,C:\WINDOWS\system32\hisozega.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2007-04-16 204800]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2008-09-05 267304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages"=msv1_0
C:\WINDOWS\system32\ssqOHyaX
"notification packages"=scecli
C:\WINDOWS\system32\hisozega.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSEXESVC]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PSEXESVC]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\WINDOWS\system32\sessmgr.exe"="C:\WINDOWS\system32\sessmgr.exe:* isabled:@xpsp2res.dll,-22019"
"C:\Program Files\AVG\AVG8\avgupd.exe"="C:\Program Files\AVG\AVG8\avgupd.exe:* isabled:avgupd.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:* isabled:Bonjour"
"C:\WINDOWS\Network Diagnostic\xpnetdiag.exe"="C:\WINDOWS\Network Diagnostic\xpnetdiag.exe:* isabled:@xpsp3res.dll,-20000"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:* isabled:iTunes"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:* isabled:Windows Messenger"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e4965ce4-869c-11dd-b166-001aa0981f5e}]
shell\AutoRun\command - F:\setupSNK.exe


======List of files/folders created in the last 1 months======

2008-10-18 14:35:32 ----D---- C:\rsit
2008-10-17 17:45:50 ----A---- C:\WINDOWS\system32\MRT.exe
2008-10-17 13:41:51 ----D---- C:\ComboFix
2008-10-17 13:41:50 ----A---- C:\WINDOWS\system32\CF10019.exe
2008-10-17 13:38:37 ----A---- C:\WINDOWS\system32\CF9386.exe
2008-10-17 13:15:02 ----A---- C:\WINDOWS\system32\CF4765.exe
2008-10-17 13:05:32 ----A---- C:\WINDOWS\system32\CF2904.exe
2008-10-17 13:01:22 ----A---- C:\WINDOWS\system32\CF2087.exe
2008-10-17 12:49:56 ----A---- C:\WINDOWS\zip.exe
2008-10-17 12:49:56 ----A---- C:\WINDOWS\VFIND.exe
2008-10-17 12:49:56 ----A---- C:\WINDOWS\SWXCACLS.exe
2008-10-17 12:49:56 ----A---- C:\WINDOWS\SWSC.exe
2008-10-17 12:49:56 ----A---- C:\WINDOWS\SWREG.exe
2008-10-17 12:49:56 ----A---- C:\WINDOWS\sed.exe
2008-10-17 12:49:56 ----A---- C:\WINDOWS\NIRCMD.exe
2008-10-17 12:49:56 ----A---- C:\WINDOWS\grep.exe
2008-10-17 12:49:56 ----A---- C:\WINDOWS\fdsv.exe
2008-10-17 12:49:54 ----A---- C:\WINDOWS\system32\CF32609.exe
2008-10-17 12:39:51 ----A---- C:\WINDOWS\system32\CF30643.exe
2008-10-17 12:38:47 ----A---- C:\WINDOWS\system32\CF30434.exe
2008-10-17 12:24:48 ----D---- C:\WINDOWS\ERDNT
2008-10-17 12:24:48 ----D---- C:\Qoobox
2008-10-17 12:24:48 ----A---- C:\WINDOWS\system32\CF27694.exe
2008-10-17 08:53:49 ----D---- C:\Documents and Settings\Famille Allard\Application Data\Canon
2008-10-16 15:23:49 ----A---- C:\WINDOWS\ntbtlog.txt
2008-10-16 13:18:22 ----A---- C:\WINDOWS\system32\CF18191.exe
2008-10-16 13:17:07 ----A---- C:\WINDOWS\system32\CF17939.exe
2008-10-15 20:35:20 ----D---- C:\Program Files\Trend Micro
2008-10-15 17:18:42 ----HDC---- C:\WINDOWS\$NtUninstallKB956390$
2008-10-15 17:18:32 ----HDC---- C:\WINDOWS\$NtUninstallKB957095$
2008-10-15 17:18:20 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$
2008-10-15 17:18:09 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2008-10-15 17:18:01 ----HDC---- C:\WINDOWS\$NtUninstallKB956391$
2008-10-15 17:17:51 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$
2008-10-15 12:31:52 ----A---- C:\WINDOWS\system32\aswBoot.exe
2008-10-15 09:12:31 ----A---- C:\WINDOWS\system32\CF15551.exe
2008-10-15 09:11:53 ----A---- C:\WINDOWS\system32\CF15420.exe
2008-10-15 08:34:30 ----D---- C:\Documents and Settings\Famille Allard\Application Data\Malwarebytes
2008-10-15 08:34:25 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-10-15 08:34:24 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2008-10-13 23:38:25 ----SH---- C:\WINDOWS\system32\flrnpdof.ini
2008-10-13 13:59:36 ----D---- C:\Program Files\Spybot - Search & Destroy
2008-10-12 23:38:33 ----SH---- C:\WINDOWS\system32\jbqshaau.ini
2008-10-12 16:07:19 ----D---- C:\Program Files\a-squared Anti-Malware
2008-10-12 07:04:29 ----SH---- C:\WINDOWS\system32\mywospor.ini
2008-10-11 22:29:38 ----D---- C:\Documents and Settings\Famille Allard\Application Data\Thinstall
2008-10-11 16:24:08 ----D---- C:\Documents and Settings\All Users\Application Data\Fighters
2008-10-11 16:24:07 ----D---- C:\Program Files\Fighters
2008-10-11 16:23:23 ----A---- C:\Documents and Settings\Famille Allard\Application Data\install.txt
2008-10-11 16:22:17 ----D---- C:\WINDOWS\system32\appmgmt
2008-10-11 15:41:19 ----D---- C:\VundoFix Backups
2008-10-11 15:41:19 ----A---- C:\VundoFix.txt
2008-10-11 12:44:11 ----D---- C:\Documents and Settings\All Users\Application Data\avg8
2008-10-11 07:04:53 ----SH---- C:\WINDOWS\system32\qobxuayl.ini
2008-10-10 14:30:43 ----D---- C:\Documents and Settings\All Users\Application Data\Google Updater
2008-10-10 14:24:02 ----A---- C:\WINDOWS\IE4 Error Log.txt
2008-10-10 13:44:37 ----D---- C:\WINDOWS\report
2008-10-10 13:40:43 ----D---- C:\WINDOWS\AU_Backup
2008-10-10 13:40:42 ----A---- C:\WINDOWS\vsapi32.dll
2008-10-10 13:40:42 ----A---- C:\WINDOWS\tsc.ini
2008-10-10 13:40:42 ----A---- C:\WINDOWS\TSC.exe
2008-10-10 13:40:42 ----A---- C:\WINDOWS\hcextoutput.dll
2008-10-10 13:40:42 ----A---- C:\WINDOWS\BPMNT.dll
2008-10-10 13:37:36 ----A---- C:\WINDOWS\GetServer.ini
2008-10-10 13:37:35 ----D---- C:\WINDOWS\AU_Temp
2008-10-10 13:37:35 ----D---- C:\WINDOWS\AU_Log
2008-10-10 13:37:33 ----A---- C:\xscan.txt
2008-10-10 13:37:28 ----A---- C:\WINDOWS\UNZIP.DLL
2008-10-10 13:37:28 ----A---- C:\WINDOWS\TMUPDATE.DLL
2008-10-10 13:37:27 ----A---- C:\WINDOWS\PATCH.EXE
2008-10-10 12:32:12 ----D---- C:\WINDOWS\BDOSCAN8
2008-10-10 09:02:07 ----D---- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2008-10-10 09:01:43 ----D---- C:\Program Files\SUPERAntiSpyware
2008-10-10 09:01:43 ----D---- C:\Documents and Settings\Famille Allard\Application Data\SUPERAntiSpyware.com
2008-10-10 08:32:33 ----A---- C:\WINDOWS\wininit.ini
2008-10-10 08:06:43 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-10-10 07:02:09 ----SH---- C:\WINDOWS\system32\fqamqnuy.ini
2008-10-09 22:22:15 ----SH---- C:\WINDOWS\system32\pbcbltwt.ini
2008-10-09 22:21:43 ----A---- C:\WINDOWS\system32\1f800eac-.txt
2008-10-09 22:21:11 ----ASH---- C:\WINDOWS\system32\XayHOqss.ini2
2008-10-09 22:21:10 ----ASH---- C:\WINDOWS\system32\XayHOqss.ini
2008-10-09 22:11:14 ----D---- C:\WINDOWS\system32\EV19
2008-10-09 22:11:14 ----D---- C:\Temp
2008-10-03 21:19:58 ----D---- C:\Documents and Settings\All Users\Application Data\PopCap
2008-09-30 23:09:30 ----SH---- C:\WINDOWS\system32\vjsldshi.ini
2008-09-26 17:23:20 ----D---- C:\Program Files\MSECache
2008-09-21 00:23:00 ----D---- C:\Program Files\MSXML 4.0
2008-09-20 20:54:09 ----D---- C:\WINDOWS\Sun
2008-09-20 20:54:09 ----D---- C:\Documents and Settings\Famille Allard\Application Data\Sun
2008-09-20 20:08:53 ----A---- C:\WINDOWS\NeroDigital.ini
2008-09-20 10:39:24 ----D---- C:\Documents and Settings\Famille Allard\Application Data\Google
2008-09-20 10:39:07 ----D---- C:\Program Files\Google
2008-09-20 10:39:07 ----D---- C:\Documents and Settings\All Users\Application Data\Google
2008-09-20 06:24:13 ----D---- C:\TP_SAISON4
2008-09-19 22:48:33 ----D---- C:\Program Files\MétéoMédia
2008-09-19 22:12:50 ----D---- C:\Documents and Settings\Famille Allard\Application Data\LimeWire
2008-09-19 22:12:38 ----D---- C:\Program Files\LimeWire
2008-09-19 19:18:05 ----D---- C:\Documents and Settings\Famille Allard\Application Data\Hoyle FaceCreator
2008-09-19 19:18:05 ----D---- C:\Documents and Settings\Famille Allard\Application Data\Hoyle Casino
2008-09-19 19:14:57 ----D---- C:\Program Files\NOS
2008-09-19 19:14:57 ----D---- C:\Documents and Settings\All Users\Application Data\NOS
2008-09-19 19:13:02 ----D---- C:\Program Files\Encore
2008-09-19 19:01:18 ----D---- C:\Documents and Settings\Famille Allard\Application Data\Nero
2008-09-19 19:01:07 ----A---- C:\WINDOWS\system32\MsiExec.exe.log
2008-09-19 18:57:39 ----D---- C:\Program Files\Nero
2008-09-19 18:57:39 ----D---- C:\Program Files\Fichiers communs\Nero
2008-09-19 18:57:39 ----D---- C:\Documents and Settings\All Users\Application Data\Nero
2008-09-19 18:55:32 ----A---- C:\WINDOWS\system32\d3dx9_30.dll
2008-09-19 18:55:31 ----A---- C:\WINDOWS\system32\d3dx9_28.dll
2008-09-19 18:48:47 ----HD---- C:\BJPrinter
2008-09-19 18:48:45 ----A---- C:\WINDOWS\system32\CNMVS6s.DLL
2008-09-19 18:48:44 ----A---- C:\WINDOWS\system32\CNMLM6s.DLL
2008-09-19 18:47:42 ----D---- C:\Program Files\Canon
2008-09-19 18:47:35 ----A---- C:\WINDOWS\system32\UCS32P.DLL
2008-09-19 18:47:35 ----A---- C:\WINDOWS\system32\CNCL130.DLL
2008-09-19 18:47:35 ----A---- C:\WINDOWS\system32\cncisco.dll
2008-09-19 18:47:35 ----A---- C:\WINDOWS\system32\CNCI130.DLL
2008-09-19 18:47:35 ----A---- C:\WINDOWS\system32\CNCC130.DLL
2008-09-19 18:47:34 ----HD---- C:\CanonMP

======List of files/folders modified in the last 1 months======

2008-10-18 14:35:40 ----D---- C:\WINDOWS\Prefetch
2008-10-18 14:29:26 ----D---- C:\WINDOWS\Temp
2008-10-18 14:28:50 ----D---- C:\WINDOWS
2008-10-18 08:25:33 ----A---- C:\WINDOWS\SchedLgU.Txt
2008-10-18 05:49:10 ----D---- C:\WINDOWS\system32
2008-10-17 23:45:50 ----D---- C:\WINDOWS\system32\CatRoot2
2008-10-17 18:35:04 ----D---- C:\Documents and Settings\All Users\Application Data\DVD Shrink
2008-10-17 17:42:33 ----SHD---- C:\WINDOWS\Installer
2008-10-17 17:42:12 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2008-10-17 14:15:52 ----D---- C:\WINDOWS\system32\drivers
2008-10-17 07:05:57 ----D---- C:\Program Files\Windows Media Connect 2
2008-10-17 07:05:57 ----D---- C:\Program Files\Messenger
2008-10-17 07:05:10 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2008-10-15 20:35:20 ----RD---- C:\Program Files
2008-10-15 17:45:37 ----D---- C:\WINDOWS\system32\wbem
2008-10-15 17:45:37 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2008-10-15 17:18:52 ----HD---- C:\WINDOWS\inf
2008-10-15 17:18:48 ----RSHDC---- C:\WINDOWS\system32\dllcache
2008-10-15 17:18:36 ----A---- C:\WINDOWS\imsins.BAK
2008-10-15 17:18:31 ----HD---- C:\WINDOWS\$hf_mig$
2008-10-15 17:16:20 ----A---- C:\WINDOWS\win.ini
2008-10-13 15:05:22 ----SD---- C:\WINDOWS\Tasks
2008-10-13 06:39:45 ----D---- C:\WINDOWS\Help
2008-10-12 22:41:39 ----D---- C:\Program Files\Bonjour
2008-10-12 21:24:34 ----SD---- C:\WINDOWS\Downloaded Program Files
2008-10-12 15:22:25 ----A---- C:\WINDOWS\Antidote.ini
2008-10-12 10:03:55 ----SHD---- C:\System Volume Information
2008-10-12 10:03:55 ----D---- C:\WINDOWS\system32\Restore
2008-10-11 16:22:17 ----D---- C:\Program Files\Fichiers communs
2008-10-11 12:43:52 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared
2008-10-10 13:44:37 ----D---- C:\WINDOWS\Debug
2008-10-09 22:04:30 ----D---- C:\WINDOWS\Registration
2008-09-26 19:20:15 ----SD---- C:\Documents and Settings\Famille Allard\Application Data\Microsoft
2008-09-26 17:23:37 ----RSD---- C:\WINDOWS\Fonts
2008-09-26 17:23:33 ----D---- C:\Program Files\Microsoft Office
2008-09-21 00:23:01 ----D---- C:\WINDOWS\WinSxS
2008-09-20 18:25:34 ----D---- C:\WINDOWS\network diagnostic
2008-09-19 18:57:37 ----D---- C:\WINDOWS\Cursors
2008-09-19 18:55:32 ----D---- C:\WINDOWS\system32\DirectX
2008-09-19 18:48:27 ----D---- C:\WINDOWS\twain_32
2008-09-19 18:48:27 ----D---- C:\WINDOWS\Media
2008-09-19 18:47:46 ----HD---- C:\Program Files\InstallShield Installation Information
2008-09-19 18:47:30 ----D---- C:\Program Files\Fichiers communs\InstallShield

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2008-07-19 26944]
R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2008-07-19 78416]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2008-07-19 42912]
R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 40576]
R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14720]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-07-19 20560]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2008-07-19 94416]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2008-07-19 23152]
R3 e1express;Intel(R) PRO/1000 PCI Express Network Connection Driver; C:\WINDOWS\system32\DRIVERS\e1e5132.sys [2007-04-13 254872]
R3 GEARAspiWDM;GEARAspiWDM; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2008-01-29 16168]
R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2007-04-16 5760096]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-05-02 4403712]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2002-09-06 12288]
R3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
R3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-02-18 110592]
R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2008-07-19 16056]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2008-07-19 147640]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2007-07-24 229376]
R2 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-10-10 168432]
R2 MDM;Machine Debug Manager; C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-20 322120]
R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [2007-09-20 853288]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2008-07-19 250040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2008-07-23 348344]
R3 iPod Service;Service de l'iPod; C:\Program Files\iPod\bin\iPodService.exe [2008-03-30 504104]
R3 NMIndexingService;NMIndexingService; C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe [2007-10-23 382248]
S3 getPlus(R) Helper;getPlus(R) Helper; C:\Program Files\NOS\bin\getPlus_HelperSvc.exe [2008-08-29 33752]
S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]

-----------------EOF-----------------

Re,

Analyse le fichier suivant sur VirusTotal puis poste le rapport :
C:\WINDOWS\system32\hisozega.dll

&

Télécharge R-Hosts.exe (de S!ri)
Lance R-Hosts puis clique sur "Restaurer".
Valide la modification en appuyant sur OK.

&

Télécharge OTMoveIt3 (OldTimer). Sauvegarde-le sur ton Bureau.
Copie (Ctrl+C) le texte se situant dans le cadre ci-dessous :



Double clique sur OTMoveIt3.exe afin de le lancer.
Colle (ou Ctrl+V) le texte précédemment copié dans le cadre Paste Instructions for Items to be Moved.
Clique maintenant sur le bouton [#ff0000]MoveIt![/#f] puis ferme OTMoveIt3.

[#ff0000]Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
Accepte en cliquant sur YES.[/#f]

Poste le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\
Le nom du rapport correspond au moment de sa création : date_heure.log

&

Désinstalle correctement Avast! pour le remplacer par AntiVir.
Pourquoi changer ? Avast! vs AntiVir

Fais un scan complet puis poste le rapport en fin d'analyse.
AIDE : Tutorial sur l'antivirus AntiVir Personal Edition Classic

bonjour
j'ai fait les rapports demandé otmoveit avait un message
system 32 est un dossier windows nécessaire a l'exécution de windows .Il ne doit pas être déplacé

Virus total

0 bytes size received / Se ha recibido un archivo vacio


========== FILES ==========
C:\WINDOWS\tasks\coweroec.job moved successfully.
C:\WINDOWS\tasks\ekhcyssn.job moved successfully.
C:\WINDOWS\tasks\snhnftjh.job moved successfully.
File/Folder C:\WINDOWS\system32\dusatalo.dll not found.
File/Folder C:\WINDOWS\system32\ssqOHyaX.dll not found.
File/Folder C:\WINDOWS\system32\diwevari.dll not found.
Folder move failed. C:\WINDOWS\system32\xircom scheduled to be moved on reboot.
C:\WINDOWS\system32\wins moved successfully.
Folder move failed. C:\WINDOWS\system32\wbem\xml scheduled to be moved on reboot.
Folder move failed. C:\WINDOWS\system32\wbem\snmp scheduled to be moved on reboot.
Folder move failed. C:\WINDOWS\system32\wbem\Repository\FS scheduled to be moved on reboot.
Folder move failed. C:\WINDOWS\system32\wbem\Repository scheduled to be moved on reboot.
C:\WINDOWS\system32\wbem\Performance moved successfully.
C:\WINDOWS\system32\wbem\mof\good moved successfully.
C:\WINDOWS\system32\wbem\mof\bad moved successfully.
C:\WINDOWS\system32\wbem\mof moved successfully.
C:\WINDOWS\system32\wbem\Logs moved successfully.
C:\WINDOWS\system32\wbem\AutoRecover moved successfully.
Folder move failed. C:\WINDOWS\system32\wbem scheduled to be moved on reboot.
Folder move failed. C:\WINDOWS\system32\usmt scheduled to be moved on reboot.
C:\WINDOWS\system32\spool\prtprocs\w32x86 moved successfully.
C:\WINDOWS\system32\spool\prtprocs moved successfully.
Folder move failed. C:\WINDOWS\system32\spool\PRINTERS scheduled to be moved on reboot.
C:\WINDOWS\system32\spool\drivers\w32x86\canonmp130423f moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3\temp moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86\3 moved successfully.
C:\WINDOWS\system32\spool\drivers\w32x86 moved successfully.
Folder move failed. C:\WINDOWS\system32\spool\drivers\color scheduled to be moved on reboot.
Folder move failed. C:\WINDOWS\system32\spool\drivers scheduled to be moved on reboot.
Folder move failed. C:\WINDOWS\system32\spool scheduled to be moved on reboot.
C:\WINDOWS\system32\SoftwareDistribution\Setup\ServiceStartup\wups2.dll\7.2.6001.784 moved successfully.
C:\WINDOWS\system32\SoftwareDistribution\Setup\ServiceStartup\wups2.dll moved successfully.
C:\WINDOWS\system32\SoftwareDistribution\Setup\ServiceStartup\wups.dll\7.2.6001.784 moved successfully.
C:\WINDOWS\system32\SoftwareDistribution\Setup\ServiceStartup\wups.dll\7.0.6000.381 moved successfully.
C:\WINDOWS\system32\SoftwareDistribution\Setup\ServiceStartup\wups.dll moved successfully.
C:\WINDOWS\system32\SoftwareDistribution\Setup\ServiceStartup\wuapi.dll\7.0.6000.381 moved successfully.
C:\WINDOWS\system32\SoftwareDistribution\Setup\ServiceStartup\wuapi.dll moved successfully.
C:\WINDOWS\system32\SoftwareDistribution\Setup\ServiceStartup moved successfully.
C:\WINDOWS\system32\SoftwareDistribution\Setup moved successfully.
C:\WINDOWS\system32\SoftwareDistribution moved successfully.
C:\WINDOWS\system32\ShellExt moved successfully.
Folder move failed. C:\WINDOWS\system32\Setup scheduled to be moved on reboot.
C:\WINDOWS\system32\RTCOM moved successfully.
Folder move failed. C:\WINDOWS\system32\Restore scheduled to be moved on reboot.
C:\WINDOWS\system32\ReinstallBackups\0014\DriverFiles moved successfully.
C:\WINDOWS\system32\ReinstallBackups\0014 moved successfully.
C:\WINDOWS\system32\ReinstallBackups\0013\DriverFiles\i386 moved successfully.
C:\WINDOWS\system32\ReinstallBackups\0013\DriverFiles moved successfully.
C:\WINDOWS\system32\ReinstallBackups\0013 moved successfully.
C:\WINDOWS\system32\ReinstallBackups\0012\DriverFiles\i386 moved successfully.
C:\WINDOWS\system32\ReinstallBackups\0012\DriverFiles moved successfully.
C:\WINDOWS\system32\ReinstallBackups\0012 moved successfully.
C:\WINDOWS\system32\ReinstallBackups\0011\DriverFiles\i386 moved successfully.
C:\WINDOWS\system32\ReinstallBackups\0011\DriverFiles moved successfully.
C:\WINDOWS\system32\ReinstallBackups\0011 moved successfully.
C:\WINDOWS\system32\ReinstallBackups\0010\DriverFiles\i386 moved successfully.
C:\WINDOWS\system32\ReinstallBackups\0010\DriverFiles moved successfully.
C:\WINDOWS\system32\ReinstallBackups\0010 moved successfully.
C:\WINDOWS\system32\ReinstallBackups\0009\DriverFiles\i386 moved successfully.
C:\WINDOWS\system32\ReinstallBackups\0009\DriverFiles moved successfully.
C:\WINDOWS\system32\ReinstallBackups\0009 moved successfully.
C:\WINDOWS\system32\ReinstallBackups\0008\DriverFiles\i386 moved successfully.
C:\WINDOWS\system32\ReinstallBackups\0008\DriverFiles moved successfully.
C:\WINDOWS\system32\ReinstallBackups\0008 moved successfully.
C:\WINDOWS\system32\ReinstallBackups\0007\DriverFiles\i386 moved successfully.
C:\WINDOWS\system32\ReinstallBackups\0007\DriverFiles moved successfully.
C:\WINDOWS\system32\ReinstallBackups\0007 moved successfully.
C:\WINDOWS\system32\ReinstallBackups\0006\DriverFiles\i386 moved successfully.
C:\WINDOWS\system32\ReinstallBackups\0006\DriverFiles moved successfully.
C:\WINDOWS\system32\ReinstallBackups\0006 moved successfully.
C:\WINDOWS\system32\ReinstallBackups\0005\DriverFiles\i386 moved successfully.
C:\WINDOWS\system32\ReinstallBackups\0005\DriverFiles moved successfully.
C:\WINDOWS\system32\ReinstallBackups\0005 moved successfully.
C:\WINDOWS\system32\ReinstallBackups\0004\DriverFiles\i386 moved successfully.
C:\WINDOWS\system32\ReinstallBackups\0004\DriverFiles moved successfully.
C:\WINDOWS\system32\ReinstallBackups\0004 moved successfully.
C:\WINDOWS\system32\ReinstallBackups\0003\DriverFiles\i386 moved successfully.
C:\WINDOWS\system32\ReinstallBackups\0003\DriverFiles moved successfully.
C:\WINDOWS\system32\ReinstallBackups\0003 moved successfully.
C:\WINDOWS\system32\ReinstallBackups\0002\DriverFiles\i386 moved successfully.
C:\WINDOWS\system32\ReinstallBackups\0002\DriverFiles moved successfully.
C:\WINDOWS\system32\ReinstallBackups\0002 moved successfully.
C:\WINDOWS\system32\ReinstallBackups\0001\DriverFiles\i386 moved successfully.
C:\WINDOWS\system32\ReinstallBackups\0001\DriverFiles moved successfully.
C:\WINDOWS\system32\ReinstallBackups\0001 moved successfully.
C:\WINDOWS\system32\ReinstallBackups\0000\DriverFiles moved successfully.
C:\WINDOWS\system32\ReinstallBackups\0000 moved successfully.
C:\WINDOWS\system32\ReinstallBackups moved successfully.
C:\WINDOWS\system32\ras moved successfully.
C:\WINDOWS\system32\PreInstall\WinSE\wxp_x86_040C_v1 moved successfully.
C:\WINDOWS\system32\PreInstall\WinSE moved successfully.
C:\WINDOWS\system32\PreInstall moved successfully.
C:\WINDOWS\system32\oobe\setup moved successfully.
C:\WINDOWS\system32\oobe\sample moved successfully.
C:\WINDOWS\system32\oobe\regerror moved successfully.
C:\WINDOWS\system32\oobe\isperror moved successfully.
C:\WINDOWS\system32\oobe\images moved successfully.
C:\WINDOWS\system32\oobe\icserror moved successfully.
C:\WINDOWS\system32\oobe\html\sconnect moved successfully.
C:\WINDOWS\system32\oobe\html\oemreg moved successfully.
C:\WINDOWS\system32\oobe\html\oemhw moved successfully.
C:\WINDOWS\system32\oobe\html\oemcust moved successfully.
C:\WINDOWS\system32\oobe\html\mouse\images moved successfully.
C:\WINDOWS\system32\oobe\html\mouse moved successfully.
C:\WINDOWS\system32\oobe\html\isptype moved successfully.
C:\WINDOWS\system32\oobe\html\ispsgnup moved successfully.
C:\WINDOWS\system32\oobe\html\iconnect moved successfully.
C:\WINDOWS\system32\oobe\html\dslmain moved successfully.
C:\WINDOWS\system32\oobe\html moved successfully.
C:\WINDOWS\system32\oobe\error moved successfully.
C:\WINDOWS\system32\oobe\actsetup moved successfully.
Folder move failed. C:\WINDOWS\system32\oobe scheduled to be moved on reboot.
Folder move failed. C:\WINDOWS\system32\npp scheduled to be moved on reboot.
C:\WINDOWS\system32\mui\dispspec moved successfully.
Folder move failed. C:\WINDOWS\system32\mui\000C scheduled to be moved on reboot.
Folder move failed. C:\WINDOWS\system32\mui scheduled to be moved on reboot.
C:\WINDOWS\system32\MsDtc\Trace moved successfully.
C:\WINDOWS\system32\MsDtc moved successfully.
C:\WINDOWS\system32\Microsoft\Protect\S-1-5-18\User moved successfully.
C:\WINDOWS\system32\Microsoft\Protect\S-1-5-18 moved successfully.
C:\WINDOWS\system32\Microsoft\Protect moved successfully.
C:\WINDOWS\system32\Microsoft moved successfully.
Folder move failed. C:\WINDOWS\system32\Macromed\Flash scheduled to be moved on reboot.
Folder move failed. C:\WINDOWS\system32\Macromed scheduled to be moved on reboot.
C:\WINDOWS\system32\LogFiles\WUDF moved successfully.
C:\WINDOWS\system32\LogFiles moved successfully.
C:\WINDOWS\system32\Lang\TvWizard\TRK moved successfully.
C:\WINDOWS\system32\Lang\TvWizard\THA moved successfully.
C:\WINDOWS\system32\Lang\TvWizard\SVE moved successfully.
C:\WINDOWS\system32\Lang\TvWizard\SLV moved successfully.
C:\WINDOWS\system32\Lang\TvWizard\SKY moved successfully.
C:\WINDOWS\system32\Lang\TvWizard\RUS moved successfully.
C:\WINDOWS\system32\Lang\TvWizard\PTG moved successfully.
C:\WINDOWS\system32\Lang\TvWizard\PTB moved successfully.
C:\WINDOWS\system32\Lang\TvWizard\PLK moved successfully.
C:\WINDOWS\system32\Lang\TvWizard\NOR moved successfully.
C:\WINDOWS\system32\Lang\TvWizard\NLD moved successfully.
C:\WINDOWS\system32\Lang\TvWizard\KOR moved successfully.
C:\WINDOWS\system32\Lang\TvWizard\JPN moved successfully.
C:\WINDOWS\system32\Lang\TvWizard\ITA moved successfully.
C:\WINDOWS\system32\Lang\TvWizard\HUN moved successfully.
C:\WINDOWS\system32\Lang\TvWizard\HEB moved successfully.
C:\WINDOWS\system32\Lang\TvWizard\FRA moved successfully.
C:\WINDOWS\system32\Lang\TvWizard\FIN moved successfully.
C:\WINDOWS\system32\Lang\TvWizard\ESP moved successfully.
C:\WINDOWS\system32\Lang\TvWizard\EN moved successfully.
C:\WINDOWS\system32\Lang\TvWizard\ELL moved successfully.
C:\WINDOWS\system32\Lang\TvWizard\DEU moved successfully.
C:\WINDOWS\system32\Lang\TvWizard\DAN moved successfully.
C:\WINDOWS\system32\Lang\TvWizard\CSY moved successfully.
C:\WINDOWS\system32\Lang\TvWizard\CHT moved successfully.
C:\WINDOWS\system32\Lang\TvWizard\CHS moved successfully.
C:\WINDOWS\system32\Lang\TvWizard\ARA moved successfully.
C:\WINDOWS\system32\Lang\TvWizard moved successfully.
C:\WINDOWS\system32\Lang\HDMI\FRA moved successfully.
C:\WINDOWS\system32\Lang\HDMI moved successfully.
C:\WINDOWS\system32\Lang moved successfully.
Folder move failed. C:\WINDOWS\system32\inetsrv scheduled to be moved on reboot.
Folder move failed. C:\WINDOWS\system32\IME\TINTLGNT scheduled to be moved on reboot.
Folder move failed. C:\WINDOWS\system32\IME\PINTLGNT scheduled to be moved on reboot.
Folder move failed. C:\WINDOWS\system32\IME\CINTLGNT scheduled to be moved on reboot.
Folder move failed. C:\WINDOWS\system32\IME scheduled to be moved on reboot.
C:\WINDOWS\system32\icsxml moved successfully.
C:\WINDOWS\system32\ias moved successfully.
C:\WINDOWS\system32\fr-fr moved successfully.
C:\WINDOWS\system32\fr moved successfully.
C:\WINDOWS\system32\export moved successfully.
C:\WINDOWS\system32\EV19 moved successfully.
C:\WINDOWS\system32\DRVSTORE\usbaapl_4351B7DAFF62FD33510D77DFAE3CF8CC82517571 moved successfully.
C:\WINDOWS\system32\DRVSTORE\igxp32_CF474BABC293283E105737EFDA95B6E650D32DDA moved successfully.
C:\WINDOWS\system32\DRVSTORE\ich9usb_CEE2CC2FBC09C3D667D38F6C8FE075B85619D389 moved successfully.
C:\WINDOWS\system32\DRVSTORE\ich9smb_80305DE1EE35D1C99432F00817B22742DE71933A moved successfully.
C:\WINDOWS\system32\DRVSTORE\ich9ide_A5BF58BBA71235B27EA26DC36CF8C77284CA0F00 moved successfully.
C:\WINDOWS\system32\DRVSTORE\g33q35_2AE1E942408F2771205E27E9FA002267E13B7FC7 moved successfully.
C:\WINDOWS\system32\DRVSTORE moved successfully.
C:\WINDOWS\system32\drivers\UMDF moved successfully.
C:\WINDOWS\system32\drivers\etc moved successfully.
Folder move failed. C:\WINDOWS\system32\drivers\disdn scheduled to be moved on reboot.
Folder move failed. C:\WINDOWS\system32\drivers scheduled to be moved on reboot.
Folder move failed. C:\WINDOWS\system32\dllcache scheduled to be moved on reboot.
C:\WINDOWS\system32\DirectX\Dinput moved successfully.
C:\WINDOWS\system32\DirectX moved successfully.
C:\WINDOWS\system32\dhcp moved successfully.
C:\WINDOWS\system32\config\systemprofile\Voisinage réseau moved successfully.
C:\WINDOWS\system32\config\systemprofile\Voisinage d'impression moved successfully.
C:\WINDOWS\system32\config\systemprofile\SendTo moved successfully.
C:\WINDOWS\system32\config\systemprofile\Recent moved successfully.
C:\WINDOWS\system32\config\systemprofile\Modèles moved successfully.
C:\WINDOWS\system32\config\systemprofile\Mes documents moved successfully.
C:\WINDOWS\system32\config\systemprofile\Menu Démarrer\Programmes\Démarrage moved successfully.
C:\WINDOWS\system32\config\systemprofile\Menu Démarrer\Programmes\Accessoires\Divertissement moved successfully.
C:\WINDOWS\system32\config\systemprofile\Menu Démarrer\Programmes\Accessoires\Accessibilité moved successfully.
C:\WINDOWS\system32\config\systemprofile\Menu Démarrer\Programmes\Accessoires moved successfully.
C:\WINDOWS\system32\config\systemprofile\Menu Démarrer\Programmes moved successfully.
C:\WINDOWS\system32\config\systemprofile\Menu Démarrer moved successfully.
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\FVECV8LY moved successfully.
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\ERSZ6JWU moved successfully.
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\D2FJZXYZ moved successfully.
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\0DBFSHFY moved successfully.
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5 moved successfully.
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files moved successfully.
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp moved successfully.
C:\WINDOWS\system32\config\systemprofile\Local Settings\Historique\History.IE5\MSHist012008101120081012 moved successfully.
C:\WINDOWS\system32\config\systemprofile\Local Settings\Historique\History.IE5 moved successfully.
C:\WINDOWS\system32\config\systemprofile\Local Settings\Historique moved successfully.
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Windows Media\9.0 moved successfully.
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Windows Media moved successfully.
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Microsoft\OFFICE moved successfully.
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Media Player moved successfully.
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Microsoft moved successfully.
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Google\Custom Buttons\Overrides moved successfully.
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Google\Custom Buttons\Enterprise moved successfully.
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Google\Custom Buttons moved successfully.
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Google moved successfully.
C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data moved successfully.
C:\WINDOWS\system32\config\systemprofile\Local Settings moved successfully.
C:\WINDOWS\system32\config\systemprofile\Favoris\Liens moved successfully.
C:\WINDOWS\system32\config\systemprofile\Favoris moved successfully.
C:\WINDOWS\system32\config\systemprofile\Cookies moved successfully.
C:\WINDOWS\system32\config\systemprofile\Bureau moved successfully.
C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\SystemCertificates\My\CTLs moved successfully.
C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\SystemCertificates\My\CRLs moved successfully.
C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\SystemCertificates\My\Certificates moved successfully.
C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\SystemCertificates\My moved successfully.
C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\SystemCertificates moved successfully.
C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\Media Player moved successfully.
C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\Internet Explorer moved successfully.
C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\MetaData moved successfully.
C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\Content moved successfully.
C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache moved successfully.
C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft moved successfully.
C:\WINDOWS\system32\config\systemprofile\Application Data\Google moved successfully.
C:\WINDOWS\system32\config\systemprofile\Application Data\AVGTOOLBAR\NewCfg moved successfully.
C:\WINDOWS\system32\config\systemprofile\Application Data\AVGTOOLBAR moved successfully.
C:\WINDOWS\system32\config\systemprofile\Application Data moved successfully.
C:\WINDOWS\system32\config\systemprofile moved successfully.
Folder move failed. C:\WINDOWS\system32\config scheduled to be moved on reboot.
Folder move failed. C:\WINDOWS\system32\Com scheduled to be moved on reboot.
Folder move failed. C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE} scheduled to be moved on reboot.
C:\WINDOWS\system32\CatRoot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE} moved successfully.
Folder move failed. C:\WINDOWS\system32\CatRoot2 scheduled to be moved on reboot.
C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE} moved successfully.
C:\WINDOWS\system32\CatRoot\{127D0A1D-4EF2-11D1-8608-00C04FC295EE} moved successfully.
C:\WINDOWS\system32\CatRoot moved successfully.
C:\WINDOWS\system32\bits moved successfully.
C:\WINDOWS\system32\appmgmt\S-1-5-21-583907252-1604221776-839522115-1003 moved successfully.
C:\WINDOWS\system32\appmgmt\MACHINE moved successfully.
C:\WINDOWS\system32\appmgmt moved successfully.
C:\WINDOWS\system32\3com_dmi moved successfully.
C:\WINDOWS\system32\3076 moved successfully.
C:\WINDOWS\system32\2052 moved successfully.
C:\WINDOWS\system32\1054 moved successfully.
C:\WINDOWS\system32\1042 moved successfully.
C:\WINDOWS\system32\1041 moved successfully.
C:\WINDOWS\system32\1037 moved successfully.
Folder move failed. C:\WINDOWS\system32\1036 scheduled to be moved on reboot.
Folder move failed. C:\WINDOWS\system32\1033 scheduled to be moved on reboot.
C:\WINDOWS\system32\1031 moved successfully.
C:\WINDOWS\system32\1028 moved successfully.
C:\WINDOWS\system32\1025 moved successfully.
C:\WINDOWS\system32 moved successfully.

OTMoveIt3 by OldTimer - Version 1.0.5.0 log created on 10192008_071518

Files moved on Reboot...
Folder move failed. C:\WINDOWS\system32\xircom scheduled to be moved on reboot.
Folder move failed. C:\WINDOWS\system32\wbem\xml scheduled to be moved on reboot.
Folder move failed. C:\WINDOWS\system32\wbem\snmp scheduled to be moved on reboot.
Folder move failed. C:\WINDOWS\system32\wbem\Repository\FS scheduled to be moved on reboot.
Folder move failed. C:\WINDOWS\system32\wbem\Repository\FS scheduled to be moved on reboot.
Folder move failed. C:\WINDOWS\system32\wbem\Repository scheduled to be moved on reboot.
Folder move failed. C:\WINDOWS\system32\wbem\xml scheduled to be moved on reboot.
Folder move failed. C:\WINDOWS\system32\wbem\snmp scheduled to be moved on reboot.
Folder move failed. C:\WINDOWS\system32\wbem\Repository\FS scheduled to be moved on reboot.
Folder move failed. C:\WINDOWS\system32\wbem\Repository scheduled to be moved on reboot.
C:\WINDOWS\system32\wbem\mof\good moved successfully.
C:\WINDOWS\system32\wbem\mof\bad moved successfully.
C:\WINDOWS\system32\wbem\mof moved successfully.
C:\WINDOWS\system32\wbem\Logs moved successfully.
C:\WINDOWS\system32\wbem\AutoRecover moved successfully.
Folder move failed. C:\WINDOWS\system32\wbem scheduled to be moved on reboot.
C:\WINDOWS\system32\usmt moved successfully.
C:\WINDOWS\system32\spool\PRINTERS moved successfully.
C:\WINDOWS\system32\spool\drivers\color moved successfully.
C:\WINDOWS\system32\spool\drivers moved successfully.
C:\WINDOWS\system32\spool moved successfully.
C:\WINDOWS\system32\Setup moved successfully.
C:\WINDOWS\system32\Restore moved successfully.
C:\WINDOWS\system32\oobe moved successfully.
C:\WINDOWS\system32\npp moved successfully.
C:\WINDOWS\system32\mui\000C moved successfully.
C:\WINDOWS\system32\mui moved successfully.
C:\WINDOWS\system32\Macromed\Flash moved successfully.
C:\WINDOWS\system32\Macromed moved successfully.
C:\WINDOWS\system32\inetsrv moved successfully.
C:\WINDOWS\system32\IME\TINTLGNT moved successfully.
C:\WINDOWS\system32\IME\PINTLGNT moved successfully.
C:\WINDOWS\system32\IME\CINTLGNT moved successfully.
C:\WINDOWS\system32\IME moved successfully.
C:\WINDOWS\system32\drivers\disdn moved successfully.
Folder move failed. C:\WINDOWS\system32\drivers scheduled to be moved on reboot.
C:\WINDOWS\system32\dllcache moved successfully.
C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\SystemCertificates moved successfully.
C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft moved successfully.
C:\WINDOWS\system32\config\systemprofile\Application Data moved successfully.
C:\WINDOWS\system32\config\systemprofile moved successfully.
Folder move failed. C:\WINDOWS\system32\config scheduled to be moved on reboot.
C:\WINDOWS\system32\Com moved successfully.
Folder move failed. C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE} scheduled to be moved on reboot.
Folder move failed. C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE} scheduled to be moved on reboot.
Folder move failed. C:\WINDOWS\system32\CatRoot2 scheduled to be moved on reboot.
C:\WINDOWS\system32\1036 moved successfully.
C:\WINDOWS\system32\1033 moved successfully.

Avira AntiVir Personal
Report file date: 2008-10-19 07:57

Scanning for 1692263 virus strains and unwanted programs.

Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 3) [5.1.2600]
Boot mode: Normally booted
Username: SYSTEM
Computer name: PCALLARD

Version information:
BUILD.DAT : 8.1.0.331 16934 Bytes 2008-08-12 11:46:00
AVSCAN.EXE : 8.1.4.7 315649 Bytes 2008-06-26 14:57:53
AVSCAN.DLL : 8.1.4.0 40705 Bytes 2008-05-26 13:56:40
LUKE.DLL : 8.1.4.5 164097 Bytes 2008-06-12 18:44:19
LUKERES.DLL : 8.1.4.0 12033 Bytes 2008-05-26 13:58:52
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 2007-07-18 16:33:34
ANTIVIR1.VDF : 7.0.5.1 8182784 Bytes 2008-06-24 19:54:15
ANTIVIR2.VDF : 7.0.7.12 4066816 Bytes 2008-10-08 11:53:10
ANTIVIR3.VDF : 7.0.7.58 315904 Bytes 2008-10-17 11:53:12
Engineversion : 8.2.0.5
AEVDF.DLL : 8.1.0.6 102772 Bytes 2008-10-19 11:53:29
AESCRIPT.DLL : 8.1.1.9 319867 Bytes 2008-10-19 11:53:27
AESCN.DLL : 8.1.1.3 123252 Bytes 2008-10-19 11:53:26
AERDL.DLL : 8.1.1.2 438644 Bytes 2008-10-19 11:53:25
AEPACK.DLL : 8.1.2.4 369014 Bytes 2008-10-19 11:53:24
AEOFFICE.DLL : 8.1.0.28 196987 Bytes 2008-10-19 11:53:23
AEHEUR.DLL : 8.1.0.59 1438071 Bytes 2008-10-19 11:53:22
AEHELP.DLL : 8.1.1.2 115062 Bytes 2008-10-19 11:53:19
AEGEN.DLL : 8.1.0.41 319861 Bytes 2008-10-19 11:53:18
AEEMU.DLL : 8.1.0.9 393588 Bytes 2008-10-19 11:53:17
AECORE.DLL : 8.1.2.6 172406 Bytes 2008-10-19 11:53:16
AEBB.DLL : 8.1.0.3 53618 Bytes 2008-10-19 11:53:14
AVWINLL.DLL : 1.0.0.12 15105 Bytes 2008-07-09 14:40:05
AVPREF.DLL : 8.0.2.0 38657 Bytes 2008-05-16 15:28:01
AVREP.DLL : 8.0.0.2 98344 Bytes 2008-10-19 11:53:13
AVREG.DLL : 8.0.0.1 33537 Bytes 2008-05-09 17:26:40
AVARKT.DLL : 1.0.0.23 307457 Bytes 2008-02-12 14:29:23
AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 2008-06-12 18:27:49
SQLITE3.DLL : 3.3.17.1 339968 Bytes 2008-01-22 23:28:02
SMTPLIB.DLL : 1.2.0.23 28929 Bytes 2008-06-12 18:49:40
NETNT.DLL : 8.0.0.1 7937 Bytes 2008-01-25 18:05:10
RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 2008-06-12 19:48:07
RCTEXT.DLL : 8.0.52.0 86273 Bytes 2008-06-27 19:34:37

Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:, D:, F:,
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium

Start of the scan: 2008-10-19 07:57

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'iexplore.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'wuauclt.exe' - '1' Module(s) have been scanned
Scan process 'iPodService.exe' - '1' Module(s) have been scanned
Scan process 'WZQKPICK.EXE' - '1' Module(s) have been scanned
Scan process 'NMIndexStoreSvr.exe' - '1' Module(s) have been scanned
Scan process 'GoogleToolbarNotifier.exe' - '1' Module(s) have been scanned
Scan process 'NMIndexingService.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'WeatherEye.exe' - '1' Module(s) have been scanned
Scan process 'NMBgMonitor.exe' - '1' Module(s) have been scanned
Scan process 'Gestionnaire Antidote.exe' - '1' Module(s) have been scanned
Scan process 'igfxsrvc.exe' - '1' Module(s) have been scanned
Scan process 'jusched.exe' - '1' Module(s) have been scanned
Scan process 'iTunesHelper.exe' - '1' Module(s) have been scanned
Scan process 'RTHDCPL.exe' - '1' Module(s) have been scanned
Scan process 'igfxpers.exe' - '1' Module(s) have been scanned
Scan process 'hkcmd.exe' - '1' Module(s) have been scanned
Scan process 'igfxtray.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'NBService.exe' - '1' Module(s) have been scanned
Scan process 'MDM.EXE' - '1' Module(s) have been scanned
Scan process 'GoogleUpdaterService.exe' - '1' Module(s) have been scanned
Scan process 'mDNSResponder.exe' - '1' Module(s) have been scanned
Scan process 'AppleMobileDeviceService.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
41 processes with 41 modules were scanned

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Master boot sector HD1
[INFO] No virus was found!
Master boot sector HD2
[INFO] No virus was found!
[WARNING] System error [1117]: Impossible de satisfaire à la demande en raison d'une erreur de périphérique d'E/S.

Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Boot sector 'D:\'
[INFO] No virus was found!
Boot sector 'F:\'
[INFO] No virus was found!

Starting to scan the registry.
The registry was scanned ( '55' files ).


Starting the file scan:

Begin scan in 'C:\'
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{AD0814C6-D6D4-4593-814D-1FB6CA51E8D8}\RP14\A0003735.dll
[DETECTION] Is the TR/Trash.Gen Trojan
[NOTE] The file was moved to '492b23dd.qua'!
Begin scan in 'D:\' <RECOVERY>
Begin scan in 'F:\' <WD Passport>


End of the scan: 2008-10-19 08:19
Used time: 22:48 Minute(s)

The scan has been done completely.

7593 Scanning directories
276173 Files were scanned
1 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
1 files were moved to quarantine
0 files were renamed
1 Files cannot be scanned
276171 Files not concerned
1889 Archives were scanned
2 Warnings
1 Notes

Tu as bien collé ce que j'ai dit ? Ô_o

OTMoveit > Restore > dans le dossier OTMoveIt, ouvre le fichier 10192008_071518.res > Sélectionne tous les fichiers > RestoreIt

bonjour j,espere que c'est ça
To:C:\WINDOWS\tasks\coweroec.job;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\tasks\coweroec.job
To:C:\WINDOWS\tasks\ekhcyssn.job;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\tasks\ekhcyssn.job
To:C:\WINDOWS\tasks\snhnftjh.job;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\tasks\snhnftjh.job
To:C:\WINDOWS\system32\xircom;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\xircom
To:C:\WINDOWS\system32\wins;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\wins
To:C:\WINDOWS\system32\wbem\xml;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\wbem\xml
To:C:\WINDOWS\system32\wbem\snmp;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\wbem\snmp
To:C:\WINDOWS\system32\wbem\Repository\FS;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\wbem\Repository\FS
To:C:\WINDOWS\system32\wbem\Repository;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\wbem\Repository
To:C:\WINDOWS\system32\wbem\Performance;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\wbem\Performance
To:C:\WINDOWS\system32\wbem\mof\good;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\wbem\mof\good
To:C:\WINDOWS\system32\wbem\mof\bad;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\wbem\mof\bad
To:C:\WINDOWS\system32\wbem\mof;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\wbem\mof
To:C:\WINDOWS\system32\wbem\Logs;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\wbem\Logs
To:C:\WINDOWS\system32\wbem\AutoRecover;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\wbem\AutoRecover
To:C:\WINDOWS\system32\wbem;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\wbem
To:C:\WINDOWS\system32\usmt;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\usmt
To:C:\WINDOWS\system32\spool\prtprocs\w32x86;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\spool\prtprocs\w32x86
To:C:\WINDOWS\system32\spool\prtprocs;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\spool\prtprocs
To:C:\WINDOWS\system32\spool\PRINTERS;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\spool\PRINTERS
To:C:\WINDOWS\system32\spool\drivers\w32x86\canonmp130423f;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\spool\drivers\w32x86\canonmp130423f
To:C:\WINDOWS\system32\spool\drivers\w32x86\3\temp;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\spool\drivers\w32x86\3\temp
To:C:\WINDOWS\system32\spool\drivers\w32x86\3;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\spool\drivers\w32x86\3
To:C:\WINDOWS\system32\spool\drivers\w32x86;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\spool\drivers\w32x86
To:C:\WINDOWS\system32\spool\drivers\color;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\spool\drivers\color
To:C:\WINDOWS\system32\spool\drivers;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\spool\drivers
To:C:\WINDOWS\system32\spool;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\spool
To:C:\WINDOWS\system32\SoftwareDistribution\Setup\ServiceStartup\wups2.dll\7.2.6001.784;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\SoftwareDistribution\Setup\ServiceStartup\wups2.dll\7.2.6001.784
To:C:\WINDOWS\system32\SoftwareDistribution\Setup\ServiceStartup\wups2.dll;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\SoftwareDistribution\Setup\ServiceStartup\wups2.dll
To:C:\WINDOWS\system32\SoftwareDistribution\Setup\ServiceStartup\wups.dll\7.2.6001.784;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\SoftwareDistribution\Setup\ServiceStartup\wups.dll\7.2.6001.784
To:C:\WINDOWS\system32\SoftwareDistribution\Setup\ServiceStartup\wups.dll\7.0.6000.381;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\SoftwareDistribution\Setup\ServiceStartup\wups.dll\7.0.6000.381
To:C:\WINDOWS\system32\SoftwareDistribution\Setup\ServiceStartup\wups.dll;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\SoftwareDistribution\Setup\ServiceStartup\wups.dll
To:C:\WINDOWS\system32\SoftwareDistribution\Setup\ServiceStartup\wuapi.dll\7.0.6000.381;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\SoftwareDistribution\Setup\ServiceStartup\wuapi.dll\7.0.6000.381
To:C:\WINDOWS\system32\SoftwareDistribution\Setup\ServiceStartup\wuapi.dll;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\SoftwareDistribution\Setup\ServiceStartup\wuapi.dll
To:C:\WINDOWS\system32\SoftwareDistribution\Setup\ServiceStartup;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\SoftwareDistribution\Setup\ServiceStartup
To:C:\WINDOWS\system32\SoftwareDistribution\Setup;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\SoftwareDistribution\Setup
To:C:\WINDOWS\system32\SoftwareDistribution;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\SoftwareDistribution
To:C:\WINDOWS\system32\ShellExt;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\ShellExt
To:C:\WINDOWS\system32\Setup;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\Setup
To:C:\WINDOWS\system32\RTCOM;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\RTCOM
To:C:\WINDOWS\system32\Restore;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\Restore
To:C:\WINDOWS\system32\ReinstallBackups\0014\DriverFiles;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\ReinstallBackups\0014\DriverFiles
To:C:\WINDOWS\system32\ReinstallBackups\0014;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\ReinstallBackups\0014
To:C:\WINDOWS\system32\ReinstallBackups\0013\DriverFiles\i386;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\ReinstallBackups\0013\DriverFiles\i386
To:C:\WINDOWS\system32\ReinstallBackups\0013\DriverFiles;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\ReinstallBackups\0013\DriverFiles
To:C:\WINDOWS\system32\ReinstallBackups\0013;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\ReinstallBackups\0013
To:C:\WINDOWS\system32\ReinstallBackups\0012\DriverFiles\i386;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\ReinstallBackups\0012\DriverFiles\i386
To:C:\WINDOWS\system32\ReinstallBackups\0012\DriverFiles;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\ReinstallBackups\0012\DriverFiles
To:C:\WINDOWS\system32\ReinstallBackups\0012;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\ReinstallBackups\0012
To:C:\WINDOWS\system32\ReinstallBackups\0011\DriverFiles\i386;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\ReinstallBackups\0011\DriverFiles\i386
To:C:\WINDOWS\system32\ReinstallBackups\0011\DriverFiles;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\ReinstallBackups\0011\DriverFiles
To:C:\WINDOWS\system32\ReinstallBackups\0011;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\ReinstallBackups\0011
To:C:\WINDOWS\system32\ReinstallBackups\0010\DriverFiles\i386;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\ReinstallBackups\0010\DriverFiles\i386
To:C:\WINDOWS\system32\ReinstallBackups\0010\DriverFiles;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\ReinstallBackups\0010\DriverFiles
To:C:\WINDOWS\system32\ReinstallBackups\0010;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\ReinstallBackups\0010
To:C:\WINDOWS\system32\ReinstallBackups\0009\DriverFiles\i386;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\ReinstallBackups\0009\DriverFiles\i386
To:C:\WINDOWS\system32\ReinstallBackups\0009\DriverFiles;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\ReinstallBackups\0009\DriverFiles
To:C:\WINDOWS\system32\ReinstallBackups\0009;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\ReinstallBackups\0009
To:C:\WINDOWS\system32\ReinstallBackups\0008\DriverFiles\i386;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\ReinstallBackups\0008\DriverFiles\i386
To:C:\WINDOWS\system32\ReinstallBackups\0008\DriverFiles;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\ReinstallBackups\0008\DriverFiles
To:C:\WINDOWS\system32\ReinstallBackups\0008;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\ReinstallBackups\0008
To:C:\WINDOWS\system32\ReinstallBackups\0007\DriverFiles\i386;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\ReinstallBackups\0007\DriverFiles\i386
To:C:\WINDOWS\system32\ReinstallBackups\0007\DriverFiles;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\ReinstallBackups\0007\DriverFiles
To:C:\WINDOWS\system32\ReinstallBackups\0007;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\ReinstallBackups\0007
To:C:\WINDOWS\system32\ReinstallBackups\0006\DriverFiles\i386;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\ReinstallBackups\0006\DriverFiles\i386
To:C:\WINDOWS\system32\ReinstallBackups\0006\DriverFiles;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\ReinstallBackups\0006\DriverFiles
To:C:\WINDOWS\system32\ReinstallBackups\0006;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\ReinstallBackups\0006
To:C:\WINDOWS\system32\ReinstallBackups\0005\DriverFiles\i386;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\ReinstallBackups\0005\DriverFiles\i386
To:C:\WINDOWS\system32\ReinstallBackups\0005\DriverFiles;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\ReinstallBackups\0005\DriverFiles
To:C:\WINDOWS\system32\ReinstallBackups\0005;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\ReinstallBackups\0005
To:C:\WINDOWS\system32\ReinstallBackups\0004\DriverFiles\i386;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\ReinstallBackups\0004\DriverFiles\i386
To:C:\WINDOWS\system32\ReinstallBackups\0004\DriverFiles;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\ReinstallBackups\0004\DriverFiles
To:C:\WINDOWS\system32\ReinstallBackups\0004;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\ReinstallBackups\0004
To:C:\WINDOWS\system32\ReinstallBackups\0003\DriverFiles\i386;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\ReinstallBackups\0003\DriverFiles\i386
To:C:\WINDOWS\system32\ReinstallBackups\0003\DriverFiles;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\ReinstallBackups\0003\DriverFiles
To:C:\WINDOWS\system32\ReinstallBackups\0003;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\ReinstallBackups\0003
To:C:\WINDOWS\system32\ReinstallBackups\0002\DriverFiles\i386;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\ReinstallBackups\0002\DriverFiles\i386
To:C:\WINDOWS\system32\ReinstallBackups\0002\DriverFiles;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\ReinstallBackups\0002\DriverFiles
To:C:\WINDOWS\system32\ReinstallBackups\0002;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\ReinstallBackups\0002
To:C:\WINDOWS\system32\ReinstallBackups\0001\DriverFiles\i386;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\ReinstallBackups\0001\DriverFiles\i386
To:C:\WINDOWS\system32\ReinstallBackups\0001\DriverFiles;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\ReinstallBackups\0001\DriverFiles
To:C:\WINDOWS\system32\ReinstallBackups\0001;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\ReinstallBackups\0001
To:C:\WINDOWS\system32\ReinstallBackups\0000\DriverFiles;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\ReinstallBackups\0000\DriverFiles
To:C:\WINDOWS\system32\ReinstallBackups\0000;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\ReinstallBackups\0000
To:C:\WINDOWS\system32\ReinstallBackups;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\ReinstallBackups
To:C:\WINDOWS\system32\ras;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\ras
To:C:\WINDOWS\system32\PreInstall\WinSE\wxp_x86_040C_v1;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\PreInstall\WinSE\wxp_x86_040C_v1
To:C:\WINDOWS\system32\PreInstall\WinSE;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\PreInstall\WinSE
To:C:\WINDOWS\system32\PreInstall;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\PreInstall
To:C:\WINDOWS\system32\oobe\setup;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\oobe\setup
To:C:\WINDOWS\system32\oobe\sample;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\oobe\sample
To:C:\WINDOWS\system32\oobe\regerror;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\oobe\regerror
To:C:\WINDOWS\system32\oobe\isperror;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\oobe\isperror
To:C:\WINDOWS\system32\oobe\images;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\oobe\images
To:C:\WINDOWS\system32\oobe\icserror;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\oobe\icserror
To:C:\WINDOWS\system32\oobe\html\sconnect;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\oobe\html\sconnect
To:C:\WINDOWS\system32\oobe\html\oemreg;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\oobe\html\oemreg
To:C:\WINDOWS\system32\oobe\html\oemhw;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\oobe\html\oemhw
To:C:\WINDOWS\system32\oobe\html\oemcust;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\oobe\html\oemcust
To:C:\WINDOWS\system32\oobe\html\mouse\images;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\oobe\html\mouse\images
To:C:\WINDOWS\system32\oobe\html\mouse;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\oobe\html\mouse
To:C:\WINDOWS\system32\oobe\html\isptype;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\oobe\html\isptype
To:C:\WINDOWS\system32\oobe\html\ispsgnup;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\oobe\html\ispsgnup
To:C:\WINDOWS\system32\oobe\html\iconnect;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\oobe\html\iconnect
To:C:\WINDOWS\system32\oobe\html\dslmain;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\oobe\html\dslmain
To:C:\WINDOWS\system32\oobe\html;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\oobe\html
To:C:\WINDOWS\system32\oobe\error;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\oobe\error
To:C:\WINDOWS\system32\oobe\actsetup;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\oobe\actsetup
To:C:\WINDOWS\system32\oobe;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\oobe
To:C:\WINDOWS\system32\npp;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\npp
To:C:\WINDOWS\system32\mui\dispspec;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\mui\dispspec
To:C:\WINDOWS\system32\mui\000C;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\mui\000C
To:C:\WINDOWS\system32\mui;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\mui
To:C:\WINDOWS\system32\MsDtc\Trace;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\MsDtc\Trace
To:C:\WINDOWS\system32\MsDtc;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\MsDtc
To:C:\WINDOWS\system32\Microsoft\Protect\S-1-5-18\User;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\Microsoft\Protect\S-1-5-18\User
To:C:\WINDOWS\system32\Microsoft\Protect\S-1-5-18;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\Microsoft\Protect\S-1-5-18
To:C:\WINDOWS\system32\Microsoft\Protect;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\Microsoft\Protect
To:C:\WINDOWS\system32\Microsoft;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\Microsoft
To:C:\WINDOWS\system32\Macromed\Flash;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\Macromed\Flash
To:C:\WINDOWS\system32\Macromed;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\Macromed
To:C:\WINDOWS\system32\LogFiles\WUDF;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\LogFiles\WUDF
To:C:\WINDOWS\system32\LogFiles;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\LogFiles
To:C:\WINDOWS\system32\Lang\TvWizard\TRK;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\Lang\TvWizard\TRK
To:C:\WINDOWS\system32\Lang\TvWizard\THA;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\Lang\TvWizard\THA
To:C:\WINDOWS\system32\Lang\TvWizard\SVE;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\Lang\TvWizard\SVE
To:C:\WINDOWS\system32\Lang\TvWizard\SLV;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\Lang\TvWizard\SLV
To:C:\WINDOWS\system32\Lang\TvWizard\SKY;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\Lang\TvWizard\SKY
To:C:\WINDOWS\system32\Lang\TvWizard\RUS;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\Lang\TvWizard\RUS
To:C:\WINDOWS\system32\Lang\TvWizard\PTG;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\Lang\TvWizard\PTG
To:C:\WINDOWS\system32\Lang\TvWizard\PTB;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\Lang\TvWizard\PTB
To:C:\WINDOWS\system32\Lang\TvWizard\PLK;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\Lang\TvWizard\PLK
To:C:\WINDOWS\system32\Lang\TvWizard\NOR;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\Lang\TvWizard\NOR
To:C:\WINDOWS\system32\Lang\TvWizard\NLD;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\Lang\TvWizard\NLD
To:C:\WINDOWS\system32\Lang\TvWizard\KOR;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\Lang\TvWizard\KOR
To:C:\WINDOWS\system32\Lang\TvWizard\JPN;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\Lang\TvWizard\JPN
To:C:\WINDOWS\system32\Lang\TvWizard\ITA;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\Lang\TvWizard\ITA
To:C:\WINDOWS\system32\Lang\TvWizard\HUN;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\Lang\TvWizard\HUN
To:C:\WINDOWS\system32\Lang\TvWizard\HEB;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\Lang\TvWizard\HEB
To:C:\WINDOWS\system32\Lang\TvWizard\FRA;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\Lang\TvWizard\FRA
To:C:\WINDOWS\system32\Lang\TvWizard\FIN;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\Lang\TvWizard\FIN
To:C:\WINDOWS\system32\Lang\TvWizard\ESP;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\Lang\TvWizard\ESP
To:C:\WINDOWS\system32\Lang\TvWizard\EN;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\Lang\TvWizard\EN
To:C:\WINDOWS\system32\Lang\TvWizard\ELL;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\Lang\TvWizard\ELL
To:C:\WINDOWS\system32\Lang\TvWizard\DEU;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\Lang\TvWizard\DEU
To:C:\WINDOWS\system32\Lang\TvWizard\DAN;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\Lang\TvWizard\DAN
To:C:\WINDOWS\system32\Lang\TvWizard\CSY;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\Lang\TvWizard\CSY
To:C:\WINDOWS\system32\Lang\TvWizard\CHT;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\Lang\TvWizard\CHT
To:C:\WINDOWS\system32\Lang\TvWizard\CHS;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\Lang\TvWizard\CHS
To:C:\WINDOWS\system32\Lang\TvWizard\ARA;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\Lang\TvWizard\ARA
To:C:\WINDOWS\system32\Lang\TvWizard;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\Lang\TvWizard
To:C:\WINDOWS\system32\Lang\HDMI\FRA;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\Lang\HDMI\FRA
To:C:\WINDOWS\system32\Lang\HDMI;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\Lang\HDMI
To:C:\WINDOWS\system32\Lang;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\Lang
To:C:\WINDOWS\system32\inetsrv;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\inetsrv
To:C:\WINDOWS\system32\IME\TINTLGNT;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\IME\TINTLGNT
To:C:\WINDOWS\system32\IME\PINTLGNT;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\IME\PINTLGNT
To:C:\WINDOWS\system32\IME\CINTLGNT;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\IME\CINTLGNT
To:C:\WINDOWS\system32\IME;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\IME
To:C:\WINDOWS\system32\icsxml;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\icsxml
To:C:\WINDOWS\system32\ias;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\ias
To:C:\WINDOWS\system32\fr-fr;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\fr-fr
To:C:\WINDOWS\system32\fr;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\fr
To:C:\WINDOWS\system32\export;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\export
To:C:\WINDOWS\system32\EV19;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\EV19
To:C:\WINDOWS\system32\DRVSTORE\usbaapl_4351B7DAFF62FD33510D77DFAE3CF8CC82517571;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\DRVSTORE\usbaapl_4351B7DAFF62FD33510D77DFAE3CF8CC82517571
To:C:\WINDOWS\system32\DRVSTORE\igxp32_CF474BABC293283E105737EFDA95B6E650D32DDA;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\DRVSTORE\igxp32_CF474BABC293283E105737EFDA95B6E650D32DDA
To:C:\WINDOWS\system32\DRVSTORE\ich9usb_CEE2CC2FBC09C3D667D38F6C8FE075B85619D389;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\DRVSTORE\ich9usb_CEE2CC2FBC09C3D667D38F6C8FE075B85619D389
To:C:\WINDOWS\system32\DRVSTORE\ich9smb_80305DE1EE35D1C99432F00817B22742DE71933A;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\DRVSTORE\ich9smb_80305DE1EE35D1C99432F00817B22742DE71933A
To:C:\WINDOWS\system32\DRVSTORE\ich9ide_A5BF58BBA71235B27EA26DC36CF8C77284CA0F00;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\DRVSTORE\ich9ide_A5BF58BBA71235B27EA26DC36CF8C77284CA0F00
To:C:\WINDOWS\system32\DRVSTORE\g33q35_2AE1E942408F2771205E27E9FA002267E13B7FC7;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\DRVSTORE\g33q35_2AE1E942408F2771205E27E9FA002267E13B7FC7
To:C:\WINDOWS\system32\DRVSTORE;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\DRVSTORE
To:C:\WINDOWS\system32\drivers\UMDF;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\drivers\UMDF
To:C:\WINDOWS\system32\drivers\etc;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\drivers\etc
To:C:\WINDOWS\system32\drivers\disdn;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\drivers\disdn
To:C:\WINDOWS\system32\drivers;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\drivers
To:C:\WINDOWS\system32\dllcache;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\dllcache
To:C:\WINDOWS\system32\DirectX\Dinput;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\DirectX\Dinput
To:C:\WINDOWS\system32\DirectX;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\DirectX
To:C:\WINDOWS\system32\dhcp;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\dhcp
To:C:\WINDOWS\system32\config\systemprofile\Voisinage réseau;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config\systemprofile\Voisinage réseau
To:C:\WINDOWS\system32\config\systemprofile\Voisinage d'impression;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config\systemprofile\Voisinage d'impression
To:C:\WINDOWS\system32\config\systemprofile\SendTo;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config\systemprofile\SendTo
To:C:\WINDOWS\system32\config\systemprofile\Recent;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config\systemprofile\Recent
To:C:\WINDOWS\system32\config\systemprofile\Modèles;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config\systemprofile\Modèles
To:C:\WINDOWS\system32\config\systemprofile\Mes documents;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config\systemprofile\Mes documents
To:C:\WINDOWS\system32\config\systemprofile\Menu Démarrer\Programmes\Démarrage;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config\systemprofile\Menu Démarrer\Programmes\Démarrage
To:C:\WINDOWS\system32\config\systemprofile\Menu Démarrer\Programmes\Accessoires\Divertissement;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config\systemprofile\Menu Démarrer\Programmes\Accessoires\Divertissement
To:C:\WINDOWS\system32\config\systemprofile\Menu Démarrer\Programmes\Accessoires\Accessibilité;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config\systemprofile\Menu Démarrer\Programmes\Accessoires\Accessibilité
To:C:\WINDOWS\system32\config\systemprofile\Menu Démarrer\Programmes\Accessoires;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config\systemprofile\Menu Démarrer\Programmes\Accessoires
To:C:\WINDOWS\system32\config\systemprofile\Menu Démarrer\Programmes;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config\systemprofile\Menu Démarrer\Programmes
To:C:\WINDOWS\system32\config\systemprofile\Menu Démarrer;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config\systemprofile\Menu Démarrer
To:C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\FVECV8LY;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\FVECV8LY
To:C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\ERSZ6JWU;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\ERSZ6JWU
To:C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\D2FJZXYZ;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\D2FJZXYZ
To:C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\0DBFSHFY;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\0DBFSHFY
To:C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5
To:C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files
To:C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config\systemprofile\Local Settings\Temp
To:C:\WINDOWS\system32\config\systemprofile\Local Settings\Historique\History.IE5\MSHist012008101120081012;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config\systemprofile\Local Settings\Historique\History.IE5\MSHist012008101120081012
To:C:\WINDOWS\system32\config\systemprofile\Local Settings\Historique\History.IE5;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config\systemprofile\Local Settings\Historique\History.IE5
To:C:\WINDOWS\system32\config\systemprofile\Local Settings\Historique;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config\systemprofile\Local Settings\Historique
To:C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Windows Media\9.0;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Windows Media\9.0
To:C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Windows Media;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Windows Media
To:C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Microsoft\OFFICE;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Microsoft\OFFICE
To:C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Media Player;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Media Player
To:C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Microsoft;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Microsoft
To:C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Google\Custom Buttons\Overrides;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Google\Custom Buttons\Overrides
To:C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Google\Custom Buttons\Enterprise;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Google\Custom Buttons\Enterprise
To:C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Google\Custom Buttons;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Google\Custom Buttons
To:C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Google;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Google
To:C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config\systemprofile\Local Settings\Application Data
To:C:\WINDOWS\system32\config\systemprofile\Local Settings;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config\systemprofile\Local Settings
To:C:\WINDOWS\system32\config\systemprofile\Favoris\Liens;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config\systemprofile\Favoris\Liens
To:C:\WINDOWS\system32\config\systemprofile\Favoris;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config\systemprofile\Favoris
To:C:\WINDOWS\system32\config\systemprofile\Cookies;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config\systemprofile\Cookies
To:C:\WINDOWS\system32\config\systemprofile\Bureau;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config\systemprofile\Bureau
To:C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\SystemCertificates\My\CTLs;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\SystemCertificates\My\CTLs
To:C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\SystemCertificates\My\CRLs;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\SystemCertificates\My\CRLs
To:C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\SystemCertificates\My\Certificates;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\SystemCertificates\My\Certificates
To:C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\SystemCertificates\My;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\SystemCertificates\My
To:C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\SystemCertificates;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\SystemCertificates
To:C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\Media Player;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\Media Player
To:C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\Internet Explorer;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\Internet Explorer
To:C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\MetaData;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\MetaData
To:C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\Content;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\Content
To:C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache
To:C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config\systemprofile\Application Data\Microsoft
To:C:\WINDOWS\system32\config\systemprofile\Application Data\Google;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config\systemprofile\Application Data\Google
To:C:\WINDOWS\system32\config\systemprofile\Application Data\AVGTOOLBAR\NewCfg;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config\systemprofile\Application Data\AVGTOOLBAR\NewCfg
To:C:\WINDOWS\system32\config\systemprofile\Application Data\AVGTOOLBAR;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config\systemprofile\Application Data\AVGTOOLBAR
To:C:\WINDOWS\system32\config\systemprofile\Application Data;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config\systemprofile\Application Data
To:C:\WINDOWS\system32\config\systemprofile;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config\systemprofile
To:C:\WINDOWS\system32\config;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config
To:C:\WINDOWS\system32\Com;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\Com
To:C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE};From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}
To:C:\WINDOWS\system32\CatRoot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE};From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\CatRoot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}
To:C:\WINDOWS\system32\CatRoot2;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\CatRoot2
To:C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE};From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}
To:C:\WINDOWS\system32\CatRoot\{127D0A1D-4EF2-11D1-8608-00C04FC295EE};From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\CatRoot\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}
To:C:\WINDOWS\system32\CatRoot;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\CatRoot
To:C:\WINDOWS\system32\bits;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\bits
To:C:\WINDOWS\system32\appmgmt\S-1-5-21-583907252-1604221776-839522115-1003;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\appmgmt\S-1-5-21-583907252-1604221776-839522115-1003
To:C:\WINDOWS\system32\appmgmt\MACHINE;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\appmgmt\MACHINE
To:C:\WINDOWS\system32\appmgmt;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\appmgmt
To:C:\WINDOWS\system32\3com_dmi;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\3com_dmi
To:C:\WINDOWS\system32\3076;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\3076
To:C:\WINDOWS\system32\2052;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\2052
To:C:\WINDOWS\system32\1054;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\1054
To:C:\WINDOWS\system32\1042;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\1042
To:C:\WINDOWS\system32\1041;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\1041
To:C:\WINDOWS\system32\1037;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\1037
To:C:\WINDOWS\system32\1036;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\1036
To:C:\WINDOWS\system32\1033;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\1033
To:C:\WINDOWS\system32\1031;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\1031
To:C:\WINDOWS\system32\1028;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\1028
To:C:\WINDOWS\system32\1025;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\1025
To:C:\WINDOWS\system32;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32

Tu avais combien de fichier .res ?

bonjour dans le dossier otmoveit j,ai 1019228-071518.log document texte
10192008-071518.res

bonjour
j'ai restauré avec otmoveit

Recommence l'étape avec OTMoveIt en collant exactement ce que je demande !

bonjour j,ai refait otmoveit je t'envoie le dossier
j'espere que c,est correct

To:C:\WINDOWS\tasks\coweroec.job;From:C:\_OTMoveIt\MovedFiles\10192008_111433\WINDOWS\tasks\coweroec.job
To:C:\WINDOWS\tasks\ekhcyssn.job;From:C:\_OTMoveIt\MovedFiles\10192008_111433\WINDOWS\tasks\ekhcyssn.job
To:C:\WINDOWS\tasks\snhnftjh.job;From:C:\_OTMoveIt\MovedFiles\10192008_111433\WINDOWS\tasks\snhnftjh.job
To:C:\WINDOWS\system32\flrnpdof.ini;From:C:\_OTMoveIt\MovedFiles\10192008_111433\WINDOWS\system32\flrnpdof.ini
To:C:\WINDOWS\system32\jbqshaau.ini;From:C:\_OTMoveIt\MovedFiles\10192008_111433\WINDOWS\system32\jbqshaau.ini
To:C:\WINDOWS\system32\mywospor.ini;From:C:\_OTMoveIt\MovedFiles\10192008_111433\WINDOWS\system32\mywospor.ini
To:C:\WINDOWS\system32\qobxuayl.ini;From:C:\_OTMoveIt\MovedFiles\10192008_111433\WINDOWS\system32\qobxuayl.ini
To:C:\WINDOWS\system32\fqamqnuy.ini;From:C:\_OTMoveIt\MovedFiles\10192008_111433\WINDOWS\system32\fqamqnuy.ini
To:C:\WINDOWS\system32\pbcbltwt.ini;From:C:\_OTMoveIt\MovedFiles\10192008_111433\WINDOWS\system32\pbcbltwt.ini
To:C:\WINDOWS\system32\XayHOqss.ini2;From:C:\_OTMoveIt\MovedFiles\10192008_111433\WINDOWS\system32\XayHOqss.ini2
To:C:\WINDOWS\system32\XayHOqss.ini;From:C:\_OTMoveIt\MovedFiles\10192008_111433\WINDOWS\system32\XayHOqss.ini
To:C:\WINDOWS\system32\vjsldshi.ini;From:C:\_OTMoveIt\MovedFiles\10192008_111433\WINDOWS\system32\vjsldshi.ini
To:C:\WINDOWS\system32\CF10019.exe;From:C:\_OTMoveIt\MovedFiles\10192008_111433\WINDOWS\system32\CF10019.exe
To:C:\WINDOWS\system32\CF15420.exe;From:C:\_OTMoveIt\MovedFiles\10192008_111433\WINDOWS\system32\CF15420.exe
To:C:\WINDOWS\system32\CF15551.exe;From:C:\_OTMoveIt\MovedFiles\10192008_111433\WINDOWS\system32\CF15551.exe
To:C:\WINDOWS\system32\CF17939.exe;From:C:\_OTMoveIt\MovedFiles\10192008_111433\WINDOWS\system32\CF17939.exe
To:C:\WINDOWS\system32\CF18191.exe;From:C:\_OTMoveIt\MovedFiles\10192008_111433\WINDOWS\system32\CF18191.exe
To:C:\WINDOWS\system32\CF2087.exe;From:C:\_OTMoveIt\MovedFiles\10192008_111433\WINDOWS\system32\CF2087.exe
To:C:\WINDOWS\system32\CF27694.exe;From:C:\_OTMoveIt\MovedFiles\10192008_111433\WINDOWS\system32\CF27694.exe
To:C:\WINDOWS\system32\CF2904.exe;From:C:\_OTMoveIt\MovedFiles\10192008_111433\WINDOWS\system32\CF2904.exe
To:C:\WINDOWS\system32\CF30434.exe;From:C:\_OTMoveIt\MovedFiles\10192008_111433\WINDOWS\system32\CF30434.exe
To:C:\WINDOWS\system32\CF30643.exe;From:C:\_OTMoveIt\MovedFiles\10192008_111433\WINDOWS\system32\CF30643.exe
To:C:\WINDOWS\system32\CF32609.exe;From:C:\_OTMoveIt\MovedFiles\10192008_111433\WINDOWS\system32\CF32609.exe
To:C:\WINDOWS\system32\CF4765.exe;From:C:\_OTMoveIt\MovedFiles\10192008_111433\WINDOWS\system32\CF4765.exe
To:C:\WINDOWS\system32\CF9386.exe;From:C:\_OTMoveIt\MovedFiles\10192008_111433\WINDOWS\system32\CF9386.exe

Nan, tu refais ça :



Et sans restaurer.

allo
ben là j,espere que c'est ça
tu dois être découragé, mais j'ai cherché pis c'est ça que j'ai.
madol

To:C:\WINDOWS\tasks\coweroec.job;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\tasks\coweroec.job
To:C:\WINDOWS\tasks\ekhcyssn.job;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\tasks\ekhcyssn.job
To:C:\WINDOWS\tasks\snhnftjh.job;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\tasks\snhnftjh.job
To:C:\WINDOWS\system32\xircom;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\xircom
To:C:\WINDOWS\system32\wins;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\wins
To:C:\WINDOWS\system32\wbem\xml;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\wbem\xml
To:C:\WINDOWS\system32\wbem\snmp;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\wbem\snmp
To:C:\WINDOWS\system32\wbem\Repository\FS;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\wbem\Repository\FS
To:C:\WINDOWS\system32\wbem\Repository;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\wbem\Repository
To:C:\WINDOWS\system32\wbem\Performance;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\wbem\Performance
To:C:\WINDOWS\system32\wbem\mof\good;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\wbem\mof\good
To:C:\WINDOWS\system32\wbem\mof\bad;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\wbem\mof\bad
To:C:\WINDOWS\system32\wbem\mof;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\wbem\mof
To:C:\WINDOWS\system32\wbem\Logs;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\wbem\Logs
To:C:\WINDOWS\system32\wbem\AutoRecover;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\wbem\AutoRecover
To:C:\WINDOWS\system32\wbem;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\wbem
To:C:\WINDOWS\system32\usmt;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\usmt
To:C:\WINDOWS\system32\spool\prtprocs\w32x86;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\spool\prtprocs\w32x86
To:C:\WINDOWS\system32\spool\prtprocs;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\spool\prtprocs
To:C:\WINDOWS\system32\spool\PRINTERS;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\spool\PRINTERS
To:C:\WINDOWS\system32\spool\drivers\w32x86\canonmp130423f;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\spool\drivers\w32x86\canonmp130423f
To:C:\WINDOWS\system32\spool\drivers\w32x86\3\temp;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\spool\drivers\w32x86\3\temp
To:C:\WINDOWS\system32\spool\drivers\w32x86\3;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\spool\drivers\w32x86\3
To:C:\WINDOWS\system32\spool\drivers\w32x86;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\spool\drivers\w32x86
To:C:\WINDOWS\system32\spool\drivers\color;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\spool\drivers\color
To:C:\WINDOWS\system32\spool\drivers;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\spool\drivers
To:C:\WINDOWS\system32\spool;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\spool
To:C:\WINDOWS\system32\SoftwareDistribution\Setup\ServiceStartup\wups2.dll\7.2.6001.784;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\SoftwareDistribution\Setup\ServiceStartup\wups2.dll\7.2.6001.784
To:C:\WINDOWS\system32\SoftwareDistribution\Setup\ServiceStartup\wups2.dll;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\SoftwareDistribution\Setup\ServiceStartup\wups2.dll
To:C:\WINDOWS\system32\SoftwareDistribution\Setup\ServiceStartup\wups.dll\7.2.6001.784;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\SoftwareDistribution\Setup\ServiceStartup\wups.dll\7.2.6001.784
To:C:\WINDOWS\system32\SoftwareDistribution\Setup\ServiceStartup\wups.dll\7.0.6000.381;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\SoftwareDistribution\Setup\ServiceStartup\wups.dll\7.0.6000.381
To:C:\WINDOWS\system32\SoftwareDistribution\Setup\ServiceStartup\wups.dll;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\SoftwareDistribution\Setup\ServiceStartup\wups.dll
To:C:\WINDOWS\system32\SoftwareDistribution\Setup\ServiceStartup\wuapi.dll\7.0.6000.381;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\SoftwareDistribution\Setup\ServiceStartup\wuapi.dll\7.0.6000.381
To:C:\WINDOWS\system32\SoftwareDistribution\Setup\ServiceStartup\wuapi.dll;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\SoftwareDistribution\Setup\ServiceStartup\wuapi.dll
To:C:\WINDOWS\system32\SoftwareDistribution\Setup\ServiceStartup;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\SoftwareDistribution\Setup\ServiceStartup
To:C:\WINDOWS\system32\SoftwareDistribution\Setup;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\SoftwareDistribution\Setup
To:C:\WINDOWS\system32\SoftwareDistribution;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\SoftwareDistribution
To:C:\WINDOWS\system32\ShellExt;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\ShellExt
To:C:\WINDOWS\system32\Setup;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\Setup
To:C:\WINDOWS\system32\RTCOM;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\RTCOM
To:C:\WINDOWS\system32\Restore;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\Restore
To:C:\WINDOWS\system32\ReinstallBackups\0014\DriverFiles;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\ReinstallBackups\0014\DriverFiles
To:C:\WINDOWS\system32\ReinstallBackups\0014;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\ReinstallBackups\0014
To:C:\WINDOWS\system32\ReinstallBackups\0013\DriverFiles\i386;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\ReinstallBackups\0013\DriverFiles\i386
To:C:\WINDOWS\system32\ReinstallBackups\0013\DriverFiles;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\ReinstallBackups\0013\DriverFiles
To:C:\WINDOWS\system32\ReinstallBackups\0013;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\ReinstallBackups\0013
To:C:\WINDOWS\system32\ReinstallBackups\0012\DriverFiles\i386;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\ReinstallBackups\0012\DriverFiles\i386
To:C:\WINDOWS\system32\ReinstallBackups\0012\DriverFiles;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\ReinstallBackups\0012\DriverFiles
To:C:\WINDOWS\system32\ReinstallBackups\0012;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\ReinstallBackups\0012
To:C:\WINDOWS\system32\ReinstallBackups\0011\DriverFiles\i386;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\ReinstallBackups\0011\DriverFiles\i386
To:C:\WINDOWS\system32\ReinstallBackups\0011\DriverFiles;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\ReinstallBackups\0011\DriverFiles
To:C:\WINDOWS\system32\ReinstallBackups\0011;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\ReinstallBackups\0011
To:C:\WINDOWS\system32\ReinstallBackups\0010\DriverFiles\i386;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\ReinstallBackups\0010\DriverFiles\i386
To:C:\WINDOWS\system32\ReinstallBackups\0010\DriverFiles;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\ReinstallBackups\0010\DriverFiles
To:C:\WINDOWS\system32\ReinstallBackups\0010;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\ReinstallBackups\0010
To:C:\WINDOWS\system32\ReinstallBackups\0009\DriverFiles\i386;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\ReinstallBackups\0009\DriverFiles\i386
To:C:\WINDOWS\system32\ReinstallBackups\0009\DriverFiles;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\ReinstallBackups\0009\DriverFiles
To:C:\WINDOWS\system32\ReinstallBackups\0009;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\ReinstallBackups\0009
To:C:\WINDOWS\system32\ReinstallBackups\0008\DriverFiles\i386;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\ReinstallBackups\0008\DriverFiles\i386
To:C:\WINDOWS\system32\ReinstallBackups\0008\DriverFiles;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\ReinstallBackups\0008\DriverFiles
To:C:\WINDOWS\system32\ReinstallBackups\0008;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\ReinstallBackups\0008
To:C:\WINDOWS\system32\ReinstallBackups\0007\DriverFiles\i386;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\ReinstallBackups\0007\DriverFiles\i386
To:C:\WINDOWS\system32\ReinstallBackups\0007\DriverFiles;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\ReinstallBackups\0007\DriverFiles
To:C:\WINDOWS\system32\ReinstallBackups\0007;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\ReinstallBackups\0007
To:C:\WINDOWS\system32\ReinstallBackups\0006\DriverFiles\i386;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\ReinstallBackups\0006\DriverFiles\i386
To:C:\WINDOWS\system32\ReinstallBackups\0006\DriverFiles;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\ReinstallBackups\0006\DriverFiles
To:C:\WINDOWS\system32\ReinstallBackups\0006;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\ReinstallBackups\0006
To:C:\WINDOWS\system32\ReinstallBackups\0005\DriverFiles\i386;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\ReinstallBackups\0005\DriverFiles\i386
To:C:\WINDOWS\system32\ReinstallBackups\0005\DriverFiles;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\ReinstallBackups\0005\DriverFiles
To:C:\WINDOWS\system32\ReinstallBackups\0005;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\ReinstallBackups\0005
To:C:\WINDOWS\system32\ReinstallBackups\0004\DriverFiles\i386;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\ReinstallBackups\0004\DriverFiles\i386
To:C:\WINDOWS\system32\ReinstallBackups\0004\DriverFiles;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\ReinstallBackups\0004\DriverFiles
To:C:\WINDOWS\system32\ReinstallBackups\0004;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\ReinstallBackups\0004
To:C:\WINDOWS\system32\ReinstallBackups\0003\DriverFiles\i386;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\ReinstallBackups\0003\DriverFiles\i386
To:C:\WINDOWS\system32\ReinstallBackups\0003\DriverFiles;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\ReinstallBackups\0003\DriverFiles
To:C:\WINDOWS\system32\ReinstallBackups\0003;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\ReinstallBackups\0003
To:C:\WINDOWS\system32\ReinstallBackups\0002\DriverFiles\i386;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\ReinstallBackups\0002\DriverFiles\i386
To:C:\WINDOWS\system32\ReinstallBackups\0002\DriverFiles;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\ReinstallBackups\0002\DriverFiles
To:C:\WINDOWS\system32\ReinstallBackups\0002;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\ReinstallBackups\0002
To:C:\WINDOWS\system32\ReinstallBackups\0001\DriverFiles\i386;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\ReinstallBackups\0001\DriverFiles\i386
To:C:\WINDOWS\system32\ReinstallBackups\0001\DriverFiles;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\ReinstallBackups\0001\DriverFiles
To:C:\WINDOWS\system32\ReinstallBackups\0001;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\ReinstallBackups\0001
To:C:\WINDOWS\system32\ReinstallBackups\0000\DriverFiles;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\ReinstallBackups\0000\DriverFiles
To:C:\WINDOWS\system32\ReinstallBackups\0000;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\ReinstallBackups\0000
To:C:\WINDOWS\system32\ReinstallBackups;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\ReinstallBackups
To:C:\WINDOWS\system32\ras;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\ras
To:C:\WINDOWS\system32\PreInstall\WinSE\wxp_x86_040C_v1;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\PreInstall\WinSE\wxp_x86_040C_v1
To:C:\WINDOWS\system32\PreInstall\WinSE;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\PreInstall\WinSE
To:C:\WINDOWS\system32\PreInstall;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\PreInstall
To:C:\WINDOWS\system32\oobe\setup;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\oobe\setup
To:C:\WINDOWS\system32\oobe\sample;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\oobe\sample
To:C:\WINDOWS\system32\oobe\regerror;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\oobe\regerror
To:C:\WINDOWS\system32\oobe\isperror;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\oobe\isperror
To:C:\WINDOWS\system32\oobe\images;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\oobe\images
To:C:\WINDOWS\system32\oobe\icserror;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\oobe\icserror
To:C:\WINDOWS\system32\oobe\html\sconnect;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\oobe\html\sconnect
To:C:\WINDOWS\system32\oobe\html\oemreg;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\oobe\html\oemreg
To:C:\WINDOWS\system32\oobe\html\oemhw;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\oobe\html\oemhw
To:C:\WINDOWS\system32\oobe\html\oemcust;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\oobe\html\oemcust
To:C:\WINDOWS\system32\oobe\html\mouse\images;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\oobe\html\mouse\images
To:C:\WINDOWS\system32\oobe\html\mouse;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\oobe\html\mouse
To:C:\WINDOWS\system32\oobe\html\isptype;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\oobe\html\isptype
To:C:\WINDOWS\system32\oobe\html\ispsgnup;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\oobe\html\ispsgnup
To:C:\WINDOWS\system32\oobe\html\iconnect;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\oobe\html\iconnect
To:C:\WINDOWS\system32\oobe\html\dslmain;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\oobe\html\dslmain
To:C:\WINDOWS\system32\oobe\html;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\oobe\html
To:C:\WINDOWS\system32\oobe\error;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\oobe\error
To:C:\WINDOWS\system32\oobe\actsetup;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\oobe\actsetup
To:C:\WINDOWS\system32\oobe;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\oobe
To:C:\WINDOWS\system32\npp;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\npp
To:C:\WINDOWS\system32\mui\dispspec;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\mui\dispspec
To:C:\WINDOWS\system32\mui\000C;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\mui\000C
To:C:\WINDOWS\system32\mui;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\mui
To:C:\WINDOWS\system32\MsDtc\Trace;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\MsDtc\Trace
To:C:\WINDOWS\system32\MsDtc;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\MsDtc
To:C:\WINDOWS\system32\Microsoft\Protect\S-1-5-18\User;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\Microsoft\Protect\S-1-5-18\User
To:C:\WINDOWS\system32\Microsoft\Protect\S-1-5-18;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\Microsoft\Protect\S-1-5-18
To:C:\WINDOWS\system32\Microsoft\Protect;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\Microsoft\Protect
To:C:\WINDOWS\system32\Microsoft;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\Microsoft
To:C:\WINDOWS\system32\Macromed\Flash;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\Macromed\Flash
To:C:\WINDOWS\system32\Macromed;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\Macromed
To:C:\WINDOWS\system32\LogFiles\WUDF;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\LogFiles\WUDF
To:C:\WINDOWS\system32\LogFiles;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\LogFiles
To:C:\WINDOWS\system32\Lang\TvWizard\TRK;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\Lang\TvWizard\TRK
To:C:\WINDOWS\system32\Lang\TvWizard\THA;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\Lang\TvWizard\THA
To:C:\WINDOWS\system32\Lang\TvWizard\SVE;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\Lang\TvWizard\SVE
To:C:\WINDOWS\system32\Lang\TvWizard\SLV;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\Lang\TvWizard\SLV
To:C:\WINDOWS\system32\Lang\TvWizard\SKY;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\Lang\TvWizard\SKY
To:C:\WINDOWS\system32\Lang\TvWizard\RUS;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\Lang\TvWizard\RUS
To:C:\WINDOWS\system32\Lang\TvWizard\PTG;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\Lang\TvWizard\PTG
To:C:\WINDOWS\system32\Lang\TvWizard\PTB;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\Lang\TvWizard\PTB
To:C:\WINDOWS\system32\Lang\TvWizard\PLK;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\Lang\TvWizard\PLK
To:C:\WINDOWS\system32\Lang\TvWizard\NOR;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\Lang\TvWizard\NOR
To:C:\WINDOWS\system32\Lang\TvWizard\NLD;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\Lang\TvWizard\NLD
To:C:\WINDOWS\system32\Lang\TvWizard\KOR;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\Lang\TvWizard\KOR
To:C:\WINDOWS\system32\Lang\TvWizard\JPN;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\Lang\TvWizard\JPN
To:C:\WINDOWS\system32\Lang\TvWizard\ITA;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\Lang\TvWizard\ITA
To:C:\WINDOWS\system32\Lang\TvWizard\HUN;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\Lang\TvWizard\HUN
To:C:\WINDOWS\system32\Lang\TvWizard\HEB;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\Lang\TvWizard\HEB
To:C:\WINDOWS\system32\Lang\TvWizard\FRA;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\Lang\TvWizard\FRA
To:C:\WINDOWS\system32\Lang\TvWizard\FIN;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\Lang\TvWizard\FIN
To:C:\WINDOWS\system32\Lang\TvWizard\ESP;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\Lang\TvWizard\ESP
To:C:\WINDOWS\system32\Lang\TvWizard\EN;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\Lang\TvWizard\EN
To:C:\WINDOWS\system32\Lang\TvWizard\ELL;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\Lang\TvWizard\ELL
To:C:\WINDOWS\system32\Lang\TvWizard\DEU;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\Lang\TvWizard\DEU
To:C:\WINDOWS\system32\Lang\TvWizard\DAN;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\Lang\TvWizard\DAN
To:C:\WINDOWS\system32\Lang\TvWizard\CSY;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\Lang\TvWizard\CSY
To:C:\WINDOWS\system32\Lang\TvWizard\CHT;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\Lang\TvWizard\CHT
To:C:\WINDOWS\system32\Lang\TvWizard\CHS;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\Lang\TvWizard\CHS
To:C:\WINDOWS\system32\Lang\TvWizard\ARA;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\Lang\TvWizard\ARA
To:C:\WINDOWS\system32\Lang\TvWizard;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\Lang\TvWizard
To:C:\WINDOWS\system32\Lang\HDMI\FRA;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\Lang\HDMI\FRA
To:C:\WINDOWS\system32\Lang\HDMI;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\Lang\HDMI
To:C:\WINDOWS\system32\Lang;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\Lang
To:C:\WINDOWS\system32\inetsrv;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\inetsrv
To:C:\WINDOWS\system32\IME\TINTLGNT;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\IME\TINTLGNT
To:C:\WINDOWS\system32\IME\PINTLGNT;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\IME\PINTLGNT
To:C:\WINDOWS\system32\IME\CINTLGNT;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\IME\CINTLGNT
To:C:\WINDOWS\system32\IME;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\IME
To:C:\WINDOWS\system32\icsxml;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\icsxml
To:C:\WINDOWS\system32\ias;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\ias
To:C:\WINDOWS\system32\fr-fr;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\fr-fr
To:C:\WINDOWS\system32\fr;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\fr
To:C:\WINDOWS\system32\export;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\export
To:C:\WINDOWS\system32\EV19;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\EV19
To:C:\WINDOWS\system32\DRVSTORE\usbaapl_4351B7DAFF62FD33510D77DFAE3CF8CC82517571;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\DRVSTORE\usbaapl_4351B7DAFF62FD33510D77DFAE3CF8CC82517571
To:C:\WINDOWS\system32\DRVSTORE\igxp32_CF474BABC293283E105737EFDA95B6E650D32DDA;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\DRVSTORE\igxp32_CF474BABC293283E105737EFDA95B6E650D32DDA
To:C:\WINDOWS\system32\DRVSTORE\ich9usb_CEE2CC2FBC09C3D667D38F6C8FE075B85619D389;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\DRVSTORE\ich9usb_CEE2CC2FBC09C3D667D38F6C8FE075B85619D389
To:C:\WINDOWS\system32\DRVSTORE\ich9smb_80305DE1EE35D1C99432F00817B22742DE71933A;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\DRVSTORE\ich9smb_80305DE1EE35D1C99432F00817B22742DE71933A
To:C:\WINDOWS\system32\DRVSTORE\ich9ide_A5BF58BBA71235B27EA26DC36CF8C77284CA0F00;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\DRVSTORE\ich9ide_A5BF58BBA71235B27EA26DC36CF8C77284CA0F00
To:C:\WINDOWS\system32\DRVSTORE\g33q35_2AE1E942408F2771205E27E9FA002267E13B7FC7;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\DRVSTORE\g33q35_2AE1E942408F2771205E27E9FA002267E13B7FC7
To:C:\WINDOWS\system32\DRVSTORE;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\DRVSTORE
To:C:\WINDOWS\system32\drivers\UMDF;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\drivers\UMDF
To:C:\WINDOWS\system32\drivers\etc;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\drivers\etc
To:C:\WINDOWS\system32\drivers\disdn;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\drivers\disdn
To:C:\WINDOWS\system32\drivers;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\drivers
To:C:\WINDOWS\system32\dllcache;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\dllcache
To:C:\WINDOWS\system32\DirectX\Dinput;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\DirectX\Dinput
To:C:\WINDOWS\system32\DirectX;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\DirectX
To:C:\WINDOWS\system32\dhcp;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\dhcp
To:C:\WINDOWS\system32\config\systemprofile\Voisinage réseau;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config\systemprofile\Voisinage réseau
To:C:\WINDOWS\system32\config\systemprofile\Voisinage d'impression;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config\systemprofile\Voisinage d'impression
To:C:\WINDOWS\system32\config\systemprofile\SendTo;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config\systemprofile\SendTo
To:C:\WINDOWS\system32\config\systemprofile\Recent;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config\systemprofile\Recent
To:C:\WINDOWS\system32\config\systemprofile\Modèles;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config\systemprofile\Modèles
To:C:\WINDOWS\system32\config\systemprofile\Mes documents;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config\systemprofile\Mes documents
To:C:\WINDOWS\system32\config\systemprofile\Menu Démarrer\Programmes\Démarrage;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config\systemprofile\Menu Démarrer\Programmes\Démarrage
To:C:\WINDOWS\system32\config\systemprofile\Menu Démarrer\Programmes\Accessoires\Divertissement;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config\systemprofile\Menu Démarrer\Programmes\Accessoires\Divertissement
To:C:\WINDOWS\system32\config\systemprofile\Menu Démarrer\Programmes\Accessoires\Accessibilité;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config\systemprofile\Menu Démarrer\Programmes\Accessoires\Accessibilité
To:C:\WINDOWS\system32\config\systemprofile\Menu Démarrer\Programmes\Accessoires;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config\systemprofile\Menu Démarrer\Programmes\Accessoires
To:C:\WINDOWS\system32\config\systemprofile\Menu Démarrer\Programmes;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config\systemprofile\Menu Démarrer\Programmes
To:C:\WINDOWS\system32\config\systemprofile\Menu Démarrer;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config\systemprofile\Menu Démarrer
To:C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\FVECV8LY;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\FVECV8LY
To:C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\ERSZ6JWU;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\ERSZ6JWU
To:C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\D2FJZXYZ;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\D2FJZXYZ
To:C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\0DBFSHFY;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\0DBFSHFY
To:C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5
To:C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files
To:C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config\systemprofile\Local Settings\Temp
To:C:\WINDOWS\system32\config\systemprofile\Local Settings\Historique\History.IE5\MSHist012008101120081012;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config\systemprofile\Local Settings\Historique\History.IE5\MSHist012008101120081012
To:C:\WINDOWS\system32\config\systemprofile\Local Settings\Historique\History.IE5;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config\systemprofile\Local Settings\Historique\History.IE5
To:C:\WINDOWS\system32\config\systemprofile\Local Settings\Historique;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config\systemprofile\Local Settings\Historique
To:C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Windows Media\9.0;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Windows Media\9.0
To:C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Windows Media;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Windows Media
To:C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Microsoft\OFFICE;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Microsoft\OFFICE
To:C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Media Player;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Media Player
To:C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Microsoft;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Microsoft
To:C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Google\Custom Buttons\Overrides;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Google\Custom Buttons\Overrides
To:C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Google\Custom Buttons\Enterprise;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Google\Custom Buttons\Enterprise
To:C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Google\Custom Buttons;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Google\Custom Buttons
To:C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Google;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Google
To:C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config\systemprofile\Local Settings\Application Data
To:C:\WINDOWS\system32\config\systemprofile\Local Settings;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config\systemprofile\Local Settings
To:C:\WINDOWS\system32\config\systemprofile\Favoris\Liens;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config\systemprofile\Favoris\Liens
To:C:\WINDOWS\system32\config\systemprofile\Favoris;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config\systemprofile\Favoris
To:C:\WINDOWS\system32\config\systemprofile\Cookies;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config\systemprofile\Cookies
To:C:\WINDOWS\system32\config\systemprofile\Bureau;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config\systemprofile\Bureau
To:C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\SystemCertificates\My\CTLs;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\SystemCertificates\My\CTLs
To:C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\SystemCertificates\My\CRLs;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\SystemCertificates\My\CRLs
To:C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\SystemCertificates\My\Certificates;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\SystemCertificates\My\Certificates
To:C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\SystemCertificates\My;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\SystemCertificates\My
To:C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\SystemCertificates;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\SystemCertificates
To:C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\Media Player;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\Media Player
To:C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\Internet Explorer;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\Internet Explorer
To:C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\MetaData;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\MetaData
To:C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\Content;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\Content
To:C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache
To:C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config\systemprofile\Application Data\Microsoft
To:C:\WINDOWS\system32\config\systemprofile\Application Data\Google;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config\systemprofile\Application Data\Google
To:C:\WINDOWS\system32\config\systemprofile\Application Data\AVGTOOLBAR\NewCfg;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config\systemprofile\Application Data\AVGTOOLBAR\NewCfg
To:C:\WINDOWS\system32\config\systemprofile\Application Data\AVGTOOLBAR;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config\systemprofile\Application Data\AVGTOOLBAR
To:C:\WINDOWS\system32\config\systemprofile\Application Data;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config\systemprofile\Application Data
To:C:\WINDOWS\system32\config\systemprofile;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config\systemprofile
To:C:\WINDOWS\system32\config;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config
To:C:\WINDOWS\system32\Com;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\Com
To:C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE};From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}
To:C:\WINDOWS\system32\CatRoot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE};From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\CatRoot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}
To:C:\WINDOWS\system32\CatRoot2;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\CatRoot2
To:C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE};From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}
To:C:\WINDOWS\system32\CatRoot\{127D0A1D-4EF2-11D1-8608-00C04FC295EE};From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\CatRoot\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}
To:C:\WINDOWS\system32\CatRoot;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\CatRoot
To:C:\WINDOWS\system32\bits;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\bits
To:C:\WINDOWS\system32\appmgmt\S-1-5-21-583907252-1604221776-839522115-1003;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\appmgmt\S-1-5-21-583907252-1604221776-839522115-1003
To:C:\WINDOWS\system32\appmgmt\MACHINE;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\appmgmt\MACHINE
To:C:\WINDOWS\system32\appmgmt;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\appmgmt
To:C:\WINDOWS\system32\3com_dmi;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\3com_dmi
To:C:\WINDOWS\system32\3076;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\3076
To:C:\WINDOWS\system32\2052;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\2052
To:C:\WINDOWS\system32\1054;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\1054
To:C:\WINDOWS\system32\1042;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\1042
To:C:\WINDOWS\system32\1041;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\1041
To:C:\WINDOWS\system32\1037;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\1037
To:C:\WINDOWS\system32\1036;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\1036
To:C:\WINDOWS\system32\1033;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\1033
To:C:\WINDOWS\system32\1031;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\1031
To:C:\WINDOWS\system32\1028;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\1028
To:C:\WINDOWS\system32\1025;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\1025
To:C:\WINDOWS\system32;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32

Tu postes bien le rapport correspondant au moment où tu fais la manip ?

allo
je viens de refaire mais dans le dossier (nouveau là)ben il y as rien c'est marqué 1 ko pour le fichiers res je l'ouvre pis il y as rien c'est pour ça que je t'envoie l'autre avec 72 ko c'est le seule qu'un rapport apparait
je sais plus quoi faire de plus ?
madol

Bon, supprime OTMoveIt et le dossier C:\_OTMoveIt\
Refais ce que j'ai dit :

allo j'ai suprimmé otemovit là j,essaie de supprimer les fichiers et un message apparait

impossible de supprimer flash9f.ocx acces refusé
verifier que le disque n'est pas plein ou protégé en ecriture etque le fichier n'est pas utilisé actuellement

Même en mode sans échec ?

allo
oui je viens de l'essayer il y as juste 1dossier que je ne suis pas capable de supprimer 10192008-071518 madol

allo là je viens de refaire restaure et là l,heure est là


C:\WINDOWS\system32\1042 restored successfully.
17:23 2008-10-19


To:C:\WINDOWS\tasks\coweroec.job;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\tasks\coweroec.job
To:C:\WINDOWS\tasks\ekhcyssn.job;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\tasks\ekhcyssn.job
To:C:\WINDOWS\tasks\snhnftjh.job;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\tasks\snhnftjh.job
To:C:\WINDOWS\system32\xircom;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\xircom
To:C:\WINDOWS\system32\wins;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\wins
To:C:\WINDOWS\system32\wbem\xml;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\wbem\xml
To:C:\WINDOWS\system32\wbem\snmp;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\wbem\snmp
To:C:\WINDOWS\system32\wbem\Repository\FS;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\wbem\Repository\FS
To:C:\WINDOWS\system32\wbem\Repository;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\wbem\Repository
To:C:\WINDOWS\system32\wbem\Performance;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\wbem\Performance
To:C:\WINDOWS\system32\wbem\mof\good;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\wbem\mof\good
To:C:\WINDOWS\system32\wbem\mof\bad;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\wbem\mof\bad
To:C:\WINDOWS\system32\wbem\mof;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\wbem\mof
To:C:\WINDOWS\system32\wbem\Logs;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\wbem\Logs
To:C:\WINDOWS\system32\wbem\AutoRecover;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\wbem\AutoRecover
To:C:\WINDOWS\system32\wbem;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\wbem
To:C:\WINDOWS\system32\usmt;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\usmt
To:C:\WINDOWS\system32\spool\prtprocs\w32x86;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\spool\prtprocs\w32x86
To:C:\WINDOWS\system32\spool\prtprocs;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\spool\prtprocs
To:C:\WINDOWS\system32\spool\PRINTERS;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\spool\PRINTERS
To:C:\WINDOWS\system32\spool\drivers\w32x86\canonmp130423f;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\spool\drivers\w32x86\canonmp130423f
To:C:\WINDOWS\system32\spool\drivers\w32x86\3\temp;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\spool\drivers\w32x86\3\temp
To:C:\WINDOWS\system32\spool\drivers\w32x86\3;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\spool\drivers\w32x86\3
To:C:\WINDOWS\system32\spool\drivers\w32x86;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\spool\drivers\w32x86
To:C:\WINDOWS\system32\spool\drivers\color;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\spool\drivers\color
To:C:\WINDOWS\system32\spool\drivers;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\spool\drivers
To:C:\WINDOWS\system32\spool;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\spool
To:C:\WINDOWS\system32\SoftwareDistribution\Setup\ServiceStartup\wups2.dll\7.2.6001.784;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\SoftwareDistribution\Setup\ServiceStartup\wups2.dll\7.2.6001.784
To:C:\WINDOWS\system32\SoftwareDistribution\Setup\ServiceStartup\wups2.dll;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\SoftwareDistribution\Setup\ServiceStartup\wups2.dll
To:C:\WINDOWS\system32\SoftwareDistribution\Setup\ServiceStartup\wups.dll\7.2.6001.784;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\SoftwareDistribution\Setup\ServiceStartup\wups.dll\7.2.6001.784
To:C:\WINDOWS\system32\SoftwareDistribution\Setup\ServiceStartup\wups.dll\7.0.6000.381;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\SoftwareDistribution\Setup\ServiceStartup\wups.dll\7.0.6000.381
To:C:\WINDOWS\system32\SoftwareDistribution\Setup\ServiceStartup\wups.dll;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\SoftwareDistribution\Setup\ServiceStartup\wups.dll
To:C:\WINDOWS\system32\SoftwareDistribution\Setup\ServiceStartup\wuapi.dll\7.0.6000.381;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\SoftwareDistribution\Setup\ServiceStartup\wuapi.dll\7.0.6000.381
To:C:\WINDOWS\system32\SoftwareDistribution\Setup\ServiceStartup\wuapi.dll;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\SoftwareDistribution\Setup\ServiceStartup\wuapi.dll
To:C:\WINDOWS\system32\SoftwareDistribution\Setup\ServiceStartup;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\SoftwareDistribution\Setup\ServiceStartup
To:C:\WINDOWS\system32\SoftwareDistribution\Setup;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\SoftwareDistribution\Setup
To:C:\WINDOWS\system32\SoftwareDistribution;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\SoftwareDistribution
To:C:\WINDOWS\system32\ShellExt;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\ShellExt
To:C:\WINDOWS\system32\Setup;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\Setup
To:C:\WINDOWS\system32\RTCOM;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\RTCOM
To:C:\WINDOWS\system32\Restore;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\Restore
To:C:\WINDOWS\system32\ReinstallBackups\0014\DriverFiles;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\ReinstallBackups\0014\DriverFiles
To:C:\WINDOWS\system32\ReinstallBackups\0014;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\ReinstallBackups\0014
To:C:\WINDOWS\system32\ReinstallBackups\0013\DriverFiles\i386;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\ReinstallBackups\0013\DriverFiles\i386
To:C:\WINDOWS\system32\ReinstallBackups\0013\DriverFiles;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\ReinstallBackups\0013\DriverFiles
To:C:\WINDOWS\system32\ReinstallBackups\0013;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\ReinstallBackups\0013
To:C:\WINDOWS\system32\ReinstallBackups\0012\DriverFiles\i386;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\ReinstallBackups\0012\DriverFiles\i386
To:C:\WINDOWS\system32\ReinstallBackups\0012\DriverFiles;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\ReinstallBackups\0012\DriverFiles
To:C:\WINDOWS\system32\ReinstallBackups\0012;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\ReinstallBackups\0012
To:C:\WINDOWS\system32\ReinstallBackups\0011\DriverFiles\i386;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\ReinstallBackups\0011\DriverFiles\i386
To:C:\WINDOWS\system32\ReinstallBackups\0011\DriverFiles;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\ReinstallBackups\0011\DriverFiles
To:C:\WINDOWS\system32\ReinstallBackups\0011;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\ReinstallBackups\0011
To:C:\WINDOWS\system32\ReinstallBackups\0010\DriverFiles\i386;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\ReinstallBackups\0010\DriverFiles\i386
To:C:\WINDOWS\system32\ReinstallBackups\0010\DriverFiles;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\ReinstallBackups\0010\DriverFiles
To:C:\WINDOWS\system32\ReinstallBackups\0010;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\ReinstallBackups\0010
To:C:\WINDOWS\system32\ReinstallBackups\0009\DriverFiles\i386;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\ReinstallBackups\0009\DriverFiles\i386
To:C:\WINDOWS\system32\ReinstallBackups\0009\DriverFiles;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\ReinstallBackups\0009\DriverFiles
To:C:\WINDOWS\system32\ReinstallBackups\0009;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\ReinstallBackups\0009
To:C:\WINDOWS\system32\ReinstallBackups\0008\DriverFiles\i386;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\ReinstallBackups\0008\DriverFiles\i386
To:C:\WINDOWS\system32\ReinstallBackups\0008\DriverFiles;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\ReinstallBackups\0008\DriverFiles
To:C:\WINDOWS\system32\ReinstallBackups\0008;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\ReinstallBackups\0008
To:C:\WINDOWS\system32\ReinstallBackups\0007\DriverFiles\i386;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\ReinstallBackups\0007\DriverFiles\i386
To:C:\WINDOWS\system32\ReinstallBackups\0007\DriverFiles;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\ReinstallBackups\0007\DriverFiles
To:C:\WINDOWS\system32\ReinstallBackups\0007;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\ReinstallBackups\0007
To:C:\WINDOWS\system32\ReinstallBackups\0006\DriverFiles\i386;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\ReinstallBackups\0006\DriverFiles\i386
To:C:\WINDOWS\system32\ReinstallBackups\0006\DriverFiles;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\ReinstallBackups\0006\DriverFiles
To:C:\WINDOWS\system32\ReinstallBackups\0006;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\ReinstallBackups\0006
To:C:\WINDOWS\system32\ReinstallBackups\0005\DriverFiles\i386;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\ReinstallBackups\0005\DriverFiles\i386
To:C:\WINDOWS\system32\ReinstallBackups\0005\DriverFiles;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\ReinstallBackups\0005\DriverFiles
To:C:\WINDOWS\system32\ReinstallBackups\0005;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\ReinstallBackups\0005
To:C:\WINDOWS\system32\ReinstallBackups\0004\DriverFiles\i386;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\ReinstallBackups\0004\DriverFiles\i386
To:C:\WINDOWS\system32\ReinstallBackups\0004\DriverFiles;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\ReinstallBackups\0004\DriverFiles
To:C:\WINDOWS\system32\ReinstallBackups\0004;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\ReinstallBackups\0004
To:C:\WINDOWS\system32\ReinstallBackups\0003\DriverFiles\i386;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\ReinstallBackups\0003\DriverFiles\i386
To:C:\WINDOWS\system32\ReinstallBackups\0003\DriverFiles;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\ReinstallBackups\0003\DriverFiles
To:C:\WINDOWS\system32\ReinstallBackups\0003;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\ReinstallBackups\0003
To:C:\WINDOWS\system32\ReinstallBackups\0002\DriverFiles\i386;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\ReinstallBackups\0002\DriverFiles\i386
To:C:\WINDOWS\system32\ReinstallBackups\0002\DriverFiles;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\ReinstallBackups\0002\DriverFiles
To:C:\WINDOWS\system32\ReinstallBackups\0002;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\ReinstallBackups\0002
To:C:\WINDOWS\system32\ReinstallBackups\0001\DriverFiles\i386;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\ReinstallBackups\0001\DriverFiles\i386
To:C:\WINDOWS\system32\ReinstallBackups\0001\DriverFiles;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\ReinstallBackups\0001\DriverFiles
To:C:\WINDOWS\system32\ReinstallBackups\0001;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\ReinstallBackups\0001
To:C:\WINDOWS\system32\ReinstallBackups\0000\DriverFiles;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\ReinstallBackups\0000\DriverFiles
To:C:\WINDOWS\system32\ReinstallBackups\0000;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\ReinstallBackups\0000
To:C:\WINDOWS\system32\ReinstallBackups;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\ReinstallBackups
To:C:\WINDOWS\system32\ras;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\ras
To:C:\WINDOWS\system32\PreInstall\WinSE\wxp_x86_040C_v1;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\PreInstall\WinSE\wxp_x86_040C_v1
To:C:\WINDOWS\system32\PreInstall\WinSE;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\PreInstall\WinSE
To:C:\WINDOWS\system32\PreInstall;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\PreInstall
To:C:\WINDOWS\system32\oobe\setup;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\oobe\setup
To:C:\WINDOWS\system32\oobe\sample;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\oobe\sample
To:C:\WINDOWS\system32\oobe\regerror;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\oobe\regerror
To:C:\WINDOWS\system32\oobe\isperror;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\oobe\isperror
To:C:\WINDOWS\system32\oobe\images;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\oobe\images
To:C:\WINDOWS\system32\oobe\icserror;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\oobe\icserror
To:C:\WINDOWS\system32\oobe\html\sconnect;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\oobe\html\sconnect
To:C:\WINDOWS\system32\oobe\html\oemreg;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\oobe\html\oemreg
To:C:\WINDOWS\system32\oobe\html\oemhw;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\oobe\html\oemhw
To:C:\WINDOWS\system32\oobe\html\oemcust;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\oobe\html\oemcust
To:C:\WINDOWS\system32\oobe\html\mouse\images;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\oobe\html\mouse\images
To:C:\WINDOWS\system32\oobe\html\mouse;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\oobe\html\mouse
To:C:\WINDOWS\system32\oobe\html\isptype;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\oobe\html\isptype
To:C:\WINDOWS\system32\oobe\html\ispsgnup;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\oobe\html\ispsgnup
To:C:\WINDOWS\system32\oobe\html\iconnect;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\oobe\html\iconnect
To:C:\WINDOWS\system32\oobe\html\dslmain;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\oobe\html\dslmain
To:C:\WINDOWS\system32\oobe\html;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\oobe\html
To:C:\WINDOWS\system32\oobe\error;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\oobe\error
To:C:\WINDOWS\system32\oobe\actsetup;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\oobe\actsetup
To:C:\WINDOWS\system32\oobe;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\oobe
To:C:\WINDOWS\system32\npp;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\npp
To:C:\WINDOWS\system32\mui\dispspec;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\mui\dispspec
To:C:\WINDOWS\system32\mui\000C;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\mui\000C
To:C:\WINDOWS\system32\mui;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\mui
To:C:\WINDOWS\system32\MsDtc\Trace;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\MsDtc\Trace
To:C:\WINDOWS\system32\MsDtc;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\MsDtc
To:C:\WINDOWS\system32\Microsoft\Protect\S-1-5-18\User;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\Microsoft\Protect\S-1-5-18\User
To:C:\WINDOWS\system32\Microsoft\Protect\S-1-5-18;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\Microsoft\Protect\S-1-5-18
To:C:\WINDOWS\system32\Microsoft\Protect;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\Microsoft\Protect
To:C:\WINDOWS\system32\Microsoft;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\Microsoft
To:C:\WINDOWS\system32\Macromed\Flash;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\Macromed\Flash
To:C:\WINDOWS\system32\Macromed;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\Macromed
To:C:\WINDOWS\system32\LogFiles\WUDF;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\LogFiles\WUDF
To:C:\WINDOWS\system32\LogFiles;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\LogFiles
To:C:\WINDOWS\system32\Lang\TvWizard\TRK;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\Lang\TvWizard\TRK
To:C:\WINDOWS\system32\Lang\TvWizard\THA;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\Lang\TvWizard\THA
To:C:\WINDOWS\system32\Lang\TvWizard\SVE;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\Lang\TvWizard\SVE
To:C:\WINDOWS\system32\Lang\TvWizard\SLV;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\Lang\TvWizard\SLV
To:C:\WINDOWS\system32\Lang\TvWizard\SKY;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\Lang\TvWizard\SKY
To:C:\WINDOWS\system32\Lang\TvWizard\RUS;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\Lang\TvWizard\RUS
To:C:\WINDOWS\system32\Lang\TvWizard\PTG;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\Lang\TvWizard\PTG
To:C:\WINDOWS\system32\Lang\TvWizard\PTB;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\Lang\TvWizard\PTB
To:C:\WINDOWS\system32\Lang\TvWizard\PLK;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\Lang\TvWizard\PLK
To:C:\WINDOWS\system32\Lang\TvWizard\NOR;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\Lang\TvWizard\NOR
To:C:\WINDOWS\system32\Lang\TvWizard\NLD;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\Lang\TvWizard\NLD
To:C:\WINDOWS\system32\Lang\TvWizard\KOR;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\Lang\TvWizard\KOR
To:C:\WINDOWS\system32\Lang\TvWizard\JPN;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\Lang\TvWizard\JPN
To:C:\WINDOWS\system32\Lang\TvWizard\ITA;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\Lang\TvWizard\ITA
To:C:\WINDOWS\system32\Lang\TvWizard\HUN;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\Lang\TvWizard\HUN
To:C:\WINDOWS\system32\Lang\TvWizard\HEB;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\Lang\TvWizard\HEB
To:C:\WINDOWS\system32\Lang\TvWizard\FRA;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\Lang\TvWizard\FRA
To:C:\WINDOWS\system32\Lang\TvWizard\FIN;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\Lang\TvWizard\FIN
To:C:\WINDOWS\system32\Lang\TvWizard\ESP;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\Lang\TvWizard\ESP
To:C:\WINDOWS\system32\Lang\TvWizard\EN;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\Lang\TvWizard\EN
To:C:\WINDOWS\system32\Lang\TvWizard\ELL;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\Lang\TvWizard\ELL
To:C:\WINDOWS\system32\Lang\TvWizard\DEU;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\Lang\TvWizard\DEU
To:C:\WINDOWS\system32\Lang\TvWizard\DAN;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\Lang\TvWizard\DAN
To:C:\WINDOWS\system32\Lang\TvWizard\CSY;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\Lang\TvWizard\CSY
To:C:\WINDOWS\system32\Lang\TvWizard\CHT;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\Lang\TvWizard\CHT
To:C:\WINDOWS\system32\Lang\TvWizard\CHS;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\Lang\TvWizard\CHS
To:C:\WINDOWS\system32\Lang\TvWizard\ARA;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\Lang\TvWizard\ARA
To:C:\WINDOWS\system32\Lang\TvWizard;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\Lang\TvWizard
To:C:\WINDOWS\system32\Lang\HDMI\FRA;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\Lang\HDMI\FRA
To:C:\WINDOWS\system32\Lang\HDMI;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\Lang\HDMI
To:C:\WINDOWS\system32\Lang;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\Lang
To:C:\WINDOWS\system32\inetsrv;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\inetsrv
To:C:\WINDOWS\system32\IME\TINTLGNT;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\IME\TINTLGNT
To:C:\WINDOWS\system32\IME\PINTLGNT;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\IME\PINTLGNT
To:C:\WINDOWS\system32\IME\CINTLGNT;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\IME\CINTLGNT
To:C:\WINDOWS\system32\IME;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\IME
To:C:\WINDOWS\system32\icsxml;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\icsxml
To:C:\WINDOWS\system32\ias;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\ias
To:C:\WINDOWS\system32\fr-fr;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\fr-fr
To:C:\WINDOWS\system32\fr;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\fr
To:C:\WINDOWS\system32\export;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\export
To:C:\WINDOWS\system32\EV19;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\EV19
To:C:\WINDOWS\system32\DRVSTORE\usbaapl_4351B7DAFF62FD33510D77DFAE3CF8CC82517571;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\DRVSTORE\usbaapl_4351B7DAFF62FD33510D77DFAE3CF8CC82517571
To:C:\WINDOWS\system32\DRVSTORE\igxp32_CF474BABC293283E105737EFDA95B6E650D32DDA;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\DRVSTORE\igxp32_CF474BABC293283E105737EFDA95B6E650D32DDA
To:C:\WINDOWS\system32\DRVSTORE\ich9usb_CEE2CC2FBC09C3D667D38F6C8FE075B85619D389;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\DRVSTORE\ich9usb_CEE2CC2FBC09C3D667D38F6C8FE075B85619D389
To:C:\WINDOWS\system32\DRVSTORE\ich9smb_80305DE1EE35D1C99432F00817B22742DE71933A;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\DRVSTORE\ich9smb_80305DE1EE35D1C99432F00817B22742DE71933A
To:C:\WINDOWS\system32\DRVSTORE\ich9ide_A5BF58BBA71235B27EA26DC36CF8C77284CA0F00;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\DRVSTORE\ich9ide_A5BF58BBA71235B27EA26DC36CF8C77284CA0F00
To:C:\WINDOWS\system32\DRVSTORE\g33q35_2AE1E942408F2771205E27E9FA002267E13B7FC7;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\DRVSTORE\g33q35_2AE1E942408F2771205E27E9FA002267E13B7FC7
To:C:\WINDOWS\system32\DRVSTORE;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\DRVSTORE
To:C:\WINDOWS\system32\drivers\UMDF;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\drivers\UMDF
To:C:\WINDOWS\system32\drivers\etc;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\drivers\etc
To:C:\WINDOWS\system32\drivers\disdn;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\drivers\disdn
To:C:\WINDOWS\system32\drivers;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\drivers
To:C:\WINDOWS\system32\dllcache;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\dllcache
To:C:\WINDOWS\system32\DirectX\Dinput;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\DirectX\Dinput
To:C:\WINDOWS\system32\DirectX;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\DirectX
To:C:\WINDOWS\system32\dhcp;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\dhcp
To:C:\WINDOWS\system32\config\systemprofile\Voisinage réseau;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config\systemprofile\Voisinage réseau
To:C:\WINDOWS\system32\config\systemprofile\Voisinage d'impression;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config\systemprofile\Voisinage d'impression
To:C:\WINDOWS\system32\config\systemprofile\SendTo;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config\systemprofile\SendTo
To:C:\WINDOWS\system32\config\systemprofile\Recent;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config\systemprofile\Recent
To:C:\WINDOWS\system32\config\systemprofile\Modèles;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config\systemprofile\Modèles
To:C:\WINDOWS\system32\config\systemprofile\Mes documents;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config\systemprofile\Mes documents
To:C:\WINDOWS\system32\config\systemprofile\Menu Démarrer\Programmes\Démarrage;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config\systemprofile\Menu Démarrer\Programmes\Démarrage
To:C:\WINDOWS\system32\config\systemprofile\Menu Démarrer\Programmes\Accessoires\Divertissement;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config\systemprofile\Menu Démarrer\Programmes\Accessoires\Divertissement
To:C:\WINDOWS\system32\config\systemprofile\Menu Démarrer\Programmes\Accessoires\Accessibilité;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config\systemprofile\Menu Démarrer\Programmes\Accessoires\Accessibilité
To:C:\WINDOWS\system32\config\systemprofile\Menu Démarrer\Programmes\Accessoires;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config\systemprofile\Menu Démarrer\Programmes\Accessoires
To:C:\WINDOWS\system32\config\systemprofile\Menu Démarrer\Programmes;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config\systemprofile\Menu Démarrer\Programmes
To:C:\WINDOWS\system32\config\systemprofile\Menu Démarrer;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config\systemprofile\Menu Démarrer
To:C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\FVECV8LY;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\FVECV8LY
To:C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\ERSZ6JWU;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\ERSZ6JWU
To:C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\D2FJZXYZ;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\D2FJZXYZ
To:C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\0DBFSHFY;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\0DBFSHFY
To:C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5
To:C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files
To:C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config\systemprofile\Local Settings\Temp
To:C:\WINDOWS\system32\config\systemprofile\Local Settings\Historique\History.IE5\MSHist012008101120081012;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config\systemprofile\Local Settings\Historique\History.IE5\MSHist012008101120081012
To:C:\WINDOWS\system32\config\systemprofile\Local Settings\Historique\History.IE5;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config\systemprofile\Local Settings\Historique\History.IE5
To:C:\WINDOWS\system32\config\systemprofile\Local Settings\Historique;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config\systemprofile\Local Settings\Historique
To:C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Windows Media\9.0;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Windows Media\9.0
To:C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Windows Media;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Windows Media
To:C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Microsoft\OFFICE;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Microsoft\OFFICE
To:C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Media Player;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Media Player
To:C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Microsoft;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Microsoft
To:C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Google\Custom Buttons\Overrides;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Google\Custom Buttons\Overrides
To:C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Google\Custom Buttons\Enterprise;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Google\Custom Buttons\Enterprise
To:C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Google\Custom Buttons;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Google\Custom Buttons
To:C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Google;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Google
To:C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config\systemprofile\Local Settings\Application Data
To:C:\WINDOWS\system32\config\systemprofile\Local Settings;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config\systemprofile\Local Settings
To:C:\WINDOWS\system32\config\systemprofile\Favoris\Liens;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config\systemprofile\Favoris\Liens
To:C:\WINDOWS\system32\config\systemprofile\Favoris;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config\systemprofile\Favoris
To:C:\WINDOWS\system32\config\systemprofile\Cookies;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config\systemprofile\Cookies
To:C:\WINDOWS\system32\config\systemprofile\Bureau;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config\systemprofile\Bureau
To:C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\SystemCertificates\My\CTLs;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\SystemCertificates\My\CTLs
To:C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\SystemCertificates\My\CRLs;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\SystemCertificates\My\CRLs
To:C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\SystemCertificates\My\Certificates;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\SystemCertificates\My\Certificates
To:C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\SystemCertificates\My;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\SystemCertificates\My
To:C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\SystemCertificates;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\SystemCertificates
To:C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\Media Player;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\Media Player
To:C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\Internet Explorer;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\Internet Explorer
To:C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\MetaData;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\MetaData
To:C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\Content;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\Content
To:C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache
To:C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config\systemprofile\Application Data\Microsoft
To:C:\WINDOWS\system32\config\systemprofile\Application Data\Google;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config\systemprofile\Application Data\Google
To:C:\WINDOWS\system32\config\systemprofile\Application Data\AVGTOOLBAR\NewCfg;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config\systemprofile\Application Data\AVGTOOLBAR\NewCfg
To:C:\WINDOWS\system32\config\systemprofile\Application Data\AVGTOOLBAR;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config\systemprofile\Application Data\AVGTOOLBAR
To:C:\WINDOWS\system32\config\systemprofile\Application Data;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config\systemprofile\Application Data
To:C:\WINDOWS\system32\config\systemprofile;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config\systemprofile
To:C:\WINDOWS\system32\config;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\config
To:C:\WINDOWS\system32\Com;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\Com
To:C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE};From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}
To:C:\WINDOWS\system32\CatRoot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE};From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\CatRoot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}
To:C:\WINDOWS\system32\CatRoot2;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\CatRoot2
To:C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE};From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}
To:C:\WINDOWS\system32\CatRoot\{127D0A1D-4EF2-11D1-8608-00C04FC295EE};From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\CatRoot\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}
To:C:\WINDOWS\system32\CatRoot;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\CatRoot
To:C:\WINDOWS\system32\bits;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\bits
To:C:\WINDOWS\system32\appmgmt\S-1-5-21-583907252-1604221776-839522115-1003;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\appmgmt\S-1-5-21-583907252-1604221776-839522115-1003
To:C:\WINDOWS\system32\appmgmt\MACHINE;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\appmgmt\MACHINE
To:C:\WINDOWS\system32\appmgmt;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\appmgmt
To:C:\WINDOWS\system32\3com_dmi;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\3com_dmi
To:C:\WINDOWS\system32\3076;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\3076
To:C:\WINDOWS\system32\2052;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\2052
To:C:\WINDOWS\system32\1054;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\1054
To:C:\WINDOWS\system32\1042;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\1042
To:C:\WINDOWS\system32\1041;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\1041
To:C:\WINDOWS\system32\1037;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\1037
To:C:\WINDOWS\system32\1036;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\1036
To:C:\WINDOWS\system32\1033;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\1033
To:C:\WINDOWS\system32\1031;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\1031
To:C:\WINDOWS\system32\1028;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\1028
To:C:\WINDOWS\system32\1025;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32\1025
To:C:\WINDOWS\system32;From:C:\_OTMoveIt\MovedFiles\10192008_071518\WINDOWS\system32

Mais je ne te demande pas de restaurer, juste de supprimer...

allo
mais je l'avais restaurer et
quand je le refait bien il y as rien dans le dossier res
juste dans texte es-ce que je le refait et je t,envoie ça ?

je viens de le refaire dans le dossier 10202008-114631.res c'est ça que ça me donne

To:C:\WINDOWS\tasks\coweroec.job;From:C:\_OTMoveIt\MovedFiles\10202008_114631\WINDOWS\tasks\coweroec.job
To:C:\WINDOWS\tasks\ekhcyssn.job;From:C:\_OTMoveIt\MovedFiles\10202008_114631\WINDOWS\tasks\ekhcyssn.job
To:C:\WINDOWS\tasks\snhnftjh.job;From:C:\_OTMoveIt\MovedFiles\10202008_114631\WINDOWS\tasks\snhnftjh.job

et dans 10202008-114631 texte j'ai

========== FILES ==========
C:\WINDOWS\tasks\coweroec.job moved successfully.
C:\WINDOWS\tasks\ekhcyssn.job moved successfully.
C:\WINDOWS\tasks\snhnftjh.job moved successfully.
File/Folder C:\WINDOWS\system32\dusatalo.dll not found.
File/Folder C:\WINDOWS\system32\ssqOHyaX.dll not found.
File/Folder C:\WINDOWS\system32\diwevari.dll not found.
File/Folder C:\WINDOWS\system32\flrnpdof.ini not found.
File/Folder C:\WINDOWS\system32\jbqshaau.ini not found.
File/Folder C:\WINDOWS\system32\mywospor.ini not found.
File/Folder C:\WINDOWS\system32\qobxuayl.ini not found.
File/Folder C:\WINDOWS\system32\fqamqnuy.ini not found.
File/Folder C:\WINDOWS\system32\pbcbltwt.ini not found.
File/Folder C:\WINDOWS\system32\XayHOqss.ini2 not found.
File/Folder C:\WINDOWS\system32\XayHOqss.ini not found.
File/Folder C:\WINDOWS\system32\vjsldshi.ini not found.
File/Folder C:\WINDOWS\system32\CF*.exe not found.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{995B2882-98D8-48DB-8EE7-745947B48454}\\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A057A204-BACC-4D26-9990-79A187E2698E}\\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c3b5c157-a75a-4c93-b2f7-f5786157e3c6}\\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CBB14C0E-EBA6-46BC-98BF-D1E02353284C}\\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{A057A204-BACC-4D26-9990-79A187E2698E} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A057A204-BACC-4D26-9990-79A187E2698E}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\bimakaline not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\"AppInit_DLLS"|"" /E : value set successfully!

OTMoveIt3 by OldTimer - Version 1.0.5.0 log created on 10202008_114631

Refais un scan RSTI.

bonjour
j'ai essayé de faire le scan et j'avait un message

autolt error
line 1
error incorrect number of parametres in function call

Supprime RSTI puis retente.

allo
ça ne fonctonne pas plus toujours le même message

Reposte un rapport Hijackthis.

excuse pour les fautes dans mon post d'avant
voici le rapport







Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:48, on 2008-10-20
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\PROGRA~1\Druide\Antidote\Antidote\Gestionnaire Antidote.exe
C:\Program Files\Fichiers communs\Nero\Lib\NMBgMonitor.exe
C:\Program Files\MétéoMédia\MétéoÉclair\WeatherEye.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.j-aide.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Gestionnaire Antidote.exe] C:\PROGRA~1\Druide\Antidote\Antidote\Gestionnaire Antidote.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Nero\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [WeatherEye] C:\Program Files\MétéoMédia\MétéoÉclair\WeatherEye.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\S-1-5-19\..\Run: [bimakaline] Rundll32.exe "C:\WINDOWS\system32\dusatalo.dll",s (User '?')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\S-1-5-21-583907252-1604221776-839522115-1003\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background (User '?')
O4 - HKUS\S-1-5-21-583907252-1604221776-839522115-1003\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User '?')
O4 - HKUS\S-1-5-21-583907252-1604221776-839522115-1003\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (User '?')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Correcteur - {F7C8E5F6-B6D1-45db-8D91-2BCFA5DF11A9} - C:\PROGRA~1\Druide\Antidote\Antidote\Internet Explorer\6\Antidote K - IE 6.htm (HKCU)
O9 - Extra button: Dictionnaire - {FB4AE6A3-EE20-442c-9189-251885352358} - C:\PROGRA~1\Druide\Antidote\Antidote\Internet Explorer\6\Antidote D - IE 6.htm (HKCU)
O9 - Extra button: Synonymes - {FDD637F8-2693-49ce-817E-1AD59574900C} - C:\PROGRA~1\Druide\Antidote\Antidote\Internet Explorer\6\Antidote S - IE 6.htm (HKCU)
O9 - Extra button: Conjugueur - {FF229BEC-9E1F-48c1-99A6-AF34ABEFAB0A} - C:\PROGRA~1\Druide\Antidote\Antidote\Internet Explorer\6\Antidote C - IE 6.htm (HKCU)
O9 - Extra button: Grammaire - {FFB5EE7F-726F-423e-83C2-572FE7CEB3F0} - C:\PROGRA~1\Druide\Antidote\Antidote\Internet Explorer\6\Antidote G - IE 6.htm (HKCU)
O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - http://catalog.update.microsoft.com/v7/site/ClientContr...
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8....
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Cont...
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111401/housecall...
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe.com/products/acrob...
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe (file missing)

--
End of file - 9068 bytes

Tu as encore des soucis ?

allo
tout as l'air de bien fonctionné
mais mon imprimante ne fonctionne pas
c'est marqué qu'elle n'est plus connecté à un serveur .
es-ce que je dois recommencer l'installation?

Tu devrais du côté Hardware pour l'imprimante, ce n'est pas lié à une infcetion.

allo
o.k. je vais aller voir ça.

je tiens à te dire un immense merci pour ton aide ,vraiment sans toi je sais pas se que j'aurais fait

J,ai appris de ceci

1: faire encore plus attention sur le net

2:comment démarrer en mode sans échec (lol) je suis presqu'une pro maintenant (lol)

3:et surtout de voir que de pur inconnu nous aide et nous guide pour réparer notre ordi ,vraiment tu as été mon ange (moi j'enlèverais le dark à ton pseudo ).car tu es un ange tout cour .

madol xxx

Bon surf