¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Pre_Scan | g3n-h@ckm@n | 05.05.03.2 ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ ¤¤¤¤¤ XP | Vista | 7 | 8 - 32/64 bits ¤¤¤¤¤ - Start 19:52:49 Updated 03/05/2015 | 19.35 by g3n-h@ckm@n Contact : http://www.sosvirus.net/ Pre_scan Feedbacks : http://www.sosvirus.net/feedback-t74962.html [Oktay (Administrator)] - [OKTAY-PC] SID = S-1-5-21-2800659702-1170970260-1294028968-1000 Boot: Normal boot System : Windows 7 Home Premium (64 bits) HomePremium Service Pack 1 ProcessorNameString : Intel(R) Core(TM) i5-4440 CPU @ 3.10GHz Identifier : Intel64 Family 6 Model 60 Stepping 3 Memory RAM = Total (MB) : 8260 | Free (MB) : 6865 Pagefile = Total (MB) : 16519 | Free (MB) : 15105 Virtual = Total (MB) : 4194 | Free (MB) : 4023 ¤¤¤¤¤¤¤¤¤¤ # Components of starting up ¤¤¤¤¤¤¤¤¤¤¤ # Drives C:\-> [Fixed] | [] | Total : 114370 Mo | Free : 64750 Mo -> NTFS D:\-> [Fixed] | [Disque Dur] | Total : 953870 Mo | Free : 397420 Mo -> NTFS ¤¤¤¤¤¤¤¤¤¤ # Windows updates Last detection : 2015-05-04 10:58:11 Downloaded last ones : 2015-04-15 12:59:25 Installed last ones : 2015-04-15 13:08:55 Next search : 2015-05-05 07:51:59 Microsoft : + ¤¤¤¤¤¤¤¤¤¤ # Sessions C:\Windows\system32\config\systemprofile C:\Windows\ServiceProfiles\LocalService C:\Windows\ServiceProfiles\NetworkService C:\Users\Oktay Registry saved , to restore : Shortcut on the desktop 'Pre_Scan_Restore' Restore the register (C:\Pre_Scan\Save\Registry [04.05.2015 @ 19_52_18]) To restore File or Folder : Shortcut on the desktop 'Pre_Scan_Restore' , select 'restore File - Folder' , select an Item and click on Restore ¤¤¤¤¤¤¤¤¤¤ # Browsers IE : 11.0.9600.17728 (© Microsoft Corporation.) GC : 39.0.2171.95 (Copyright 2012 Google Inc.) ¤¤¤¤¤¤¤¤¤¤ # FlashPlayer Plugin : 17.0.0.169 ?????????? # Security AV : Microsoft Security Essentials Disabled AS : Windows Defender Disabled FW : WMI : OK WU: Windows Update Service [Auto(2)] = stopped AS: Windows Defender [Manual(3)] = stopped FW: Windows FireWall Service [Auto(2)] = stopped ¤¤¤¤¤¤¤¤¤¤ # Stopped processes 960 | [Owner : |Parent : 720] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 350.12.) - (8.17.13.5012) = C:\Windows\System32\nvvsvc.exe 984 | [Owner : |Parent : 720] - (.NVIDIA Corporation - Stereo Vision Control Panel API Server.) - (7.17.13.5012) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe 1308 | [Owner : Système |Parent : 720] - (.Intel Corporation - igfxCUIService Module.) - (6.15.10.4170) = C:\Windows\System32\igfxCUIService.exe 1488 | [Owner : Système |Parent : 960] - (.NVIDIA Corporation - NVIDIA User Experience Driver Component.) - (8.17.13.5012) = C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe 1496 | [Owner : Système |Parent : 960] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 350.12.) - (8.17.13.5012) = C:\Windows\System32\nvvsvc.exe 1576 | [Owner : Système |Parent : 720] - (.Microsoft Corporation - Application sous-système spouleur.) - (6.1.7601.17777) = C:\Windows\System32\spoolsv.exe 1752 | [Owner : Système |Parent : 720] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - (1.802.11.4130) = C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 1836 | [Owner : Oktay |Parent : 720] - (.Microsoft Corporation - Processus hôte pour Tâches Windows.) - (6.1.7601.18010) = C:\Windows\System32\taskhost.exe 1900 | [Owner : Système |Parent : 1100] - (.Microsoft Corporation - Moteur du Planificateur de tâches.) - (6.1.7601.17514) = C:\Windows\System32\taskeng.exe 1908 | [Owner : Système |Parent : 720] - (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) - (4.0.0.0) = C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE 1948 | [Owner : Système |Parent : 720] - (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) - (4.0.2.0) = C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE 2004 | [Owner : Système |Parent : 720] - (.Micro-Star Int'l Co., Ltd. - GamingApp_Service.) - (1.0.0.2) = C:\Program Files (x86)\MSI\MSI Gaming APP\GamingApp_Service.exe 1088 | [Owner : Oktay |Parent : 1968] - (.Microsoft Corporation - Explorateur Windows.) - (6.1.7601.17567) = C:\Windows\explorer.exe 1892 | [Owner : Système |Parent : 1900] - (.Google Inc. - Programme d'installation de Google.) - (1.3.25.11) = C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 2156 | [Owner : Système |Parent : 720] - (.NVIDIA Corporation - NVIDIA GeForce ExperienceService.) - (2.4.1.21) = C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe 2236 | [Owner : Système |Parent : 720] - (.CybelSoft - Service de détection matériel.) - (7.1.6.1) = C:\Program Files\ma-config.com\MaConfigAgent.exe 2488 | [Owner : Système |Parent : 720] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - (3.1.2.0) = D:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe 2748 | [Owner : Oktay |Parent : 2632] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - (1.0.2.929) = D:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe 2784 | [Owner : Système |Parent : 720] - (.NVIDIA Corporation - NVIDIA Network Service.) - (2.3.4.58) = C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe 2956 | [Owner : Système |Parent : 720] - (.NVIDIA Corporation - NVIDIA Streamer Service.) - (4.1.1944.2762) = C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe 3000 | [Owner : Système |Parent : 720] - (. - .) - (0.0.0.0) = C:\Windows\SysWOW64\PnkBstrA.exe 3056 | [Owner : Système |Parent : 720] - (.DEVGURU Co., LTD. - MSS CS Connectivity Service.) - (2.5.5.0) = D:\Program Files (x86)\USB Drivers\25_escape\conn\ss_conn_service.exe 2152 | [Owner : Système |Parent : 720] - (.LogMeIn Inc. - Hamachi Client Tunneling Engine.) - (2.2.0.328) = D:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe 2764 | [Owner : Système |Parent : 2152] - (.LogMeIn, Inc. - LMIGuardianSvc.) - (10.1.0.1726) = D:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe 3284 | [Owner : SERVICE RÉSEAU |Parent : 2956] - (.NVIDIA Corporation - NVIDIA Network Stream Service.) - (4.1.1943.6202) = C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe 3300 | [Owner : Système |Parent : 2956] - (.NVIDIA Corporation - NVIDIA Streamer Service.) - (4.1.1944.2762) = C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe 3332 | [Owner : Oktay |Parent : 2152] - (.LogMeIn Inc. - Hamachi Client Application.) - (2.2.0.328) = D:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe 3488 | [Owner : SERVICE LOCAL |Parent : 720] - (.Microsoft Corporation - PresentationFontCache.exe.) - (3.0.6920.5011) = C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe 3556 | [Owner : Oktay |Parent : 3332] - (.LogMeIn, Inc. - LMIGuardianSvc.) - (10.1.0.1726) = D:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe 3564 | [Owner : Oktay |Parent : 892] - (.Microsoft Corporation - Processus hôte Windows (Rundll32).) - (6.1.7600.16385) = C:\Windows\System32\rundll32.exe 2868 | [Owner : Oktay |Parent : 4064] - (.Intel Corporation - igfxEM Module.) - (6.15.10.4170) = C:\Windows\System32\igfxEM.exe 4136 | [Owner : Oktay |Parent : 2604] - (.NVIDIA Corporation - NVIDIA Backend.) - (18.4.1.0) = C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe 4560 | [Owner : Oktay |Parent : 1488] - (.NVIDIA Corporation - NVIDIA Settings.) - (7.17.13.5012) = C:\Program Files\NVIDIA Corporation\Display\nvtray.exe 596 | [Owner : Oktay |Parent : 1088] - (.Pixart Imaging Inc - pximouse.) - (1.0.0.2) = C:\Windows\System32\TiltWheelMouse.exe 3660 | [Owner : Oktay |Parent : 1088] - (.Microsoft Corporation - Microsoft Security Client User Interface.) - (4.7.205.0) = C:\Program Files\Microsoft Security Client\msseces.exe 1080 | [Owner : Oktay |Parent : 1088] - (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) - (1.0.469.1) = C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe 3648 | [Owner : Oktay |Parent : 4348] - (.Piriform Ltd - CCleaner.) - (5.1.0.5075) = C:\Program Files\CCleaner\CCleaner64.exe 2592 | [Owner : Oktay |Parent : 1088] - (.Spotify Ltd - SpotifyWebHelper.) - (1.0.4.90) = C:\Users\Oktay\AppData\Roaming\Spotify\SpotifyWebHelper.exe 1764 | [Owner : Oktay |Parent : 892] - (.NVIDIA Corporation - NVIDIA Capture Server.) - (2.4.1.21) = C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe 236 | [Owner : Système |Parent : 720] - (.Microsoft Corporation - Indexeur Microsoft Windows Search.) - (7.0.7601.17610) = C:\Windows\System32\SearchIndexer.exe 4348 | [Owner : Oktay |Parent : 1088] - (.Spotify Ltd - Spotify.) - (1.0.4.90) = C:\Users\Oktay\AppData\Roaming\Spotify\Spotify.exe 5496 | [Owner : SERVICE RÉSEAU |Parent : 720] - (.Microsoft Corporation - Service Partage réseau du Lecteur Windows Media.) - (12.0.7601.17514) = C:\Program Files\Windows Media Player\wmpnetwk.exe 5504 | [Owner : Oktay |Parent : 4348] - (.Spotify Ltd - SpotifyCrashService.) - (1.0.4.90) = C:\Users\Oktay\AppData\Roaming\Spotify\SpotifyCrashService.exe 6116 | [Owner : Oktay |Parent : 4348] - (.Spotify Ltd - Spotify.) - (1.0.4.90) = C:\Users\Oktay\AppData\Roaming\Spotify\Spotify.exe 5736 | [Owner : Oktay |Parent : 4348] - (.Spotify Ltd - Spotify.) - (1.0.4.90) = C:\Users\Oktay\AppData\Roaming\Spotify\Spotify.exe 5936 | [Owner : Système |Parent : 720] - (.Intel Corporation - IAStorDataSvc.) - (13.5.2.1000) = D:\Programmes\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe 5712 | [Owner : Système |Parent : 720] - (.Intel Corporation - Intel(R) Dynamic Application Loader Host Interface.) - (10.0.30.1054) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe 5540 | [Owner : Système |Parent : 720] - (.Intel Corporation - Intel(R) Local Management Service.) - (10.0.30.1054) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe 4572 | [Owner : Oktay |Parent : 1088] - (.BitTorrent, Inc. - µTorrent.) - (2.2.1.25130) = D:\Program Files (x86)\uTorrent\uTorrent.exe 2100 | [Owner : Oktay |Parent : 1088] - (. - .) - (0.0.0.0) = C:\Users\Oktay\AppData\Roaming\AceWebExtension\updater\ace_web_extension.exe 6236 | [Owner : Oktay |Parent : 2604] - (. - Mouse Start Program.) - (4.0.0.950) = C:\Advanced Wheel Mouse\wh_exec.exe 6352 | [Owner : Oktay |Parent : 2604] - (.Intel Corporation - iusb3mon.) - (3.0.4.65) = C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe 6396 | [Owner : Oktay |Parent : 2604] - (.Oracle Corporation - Java Update Scheduler.) - (2.8.31.13) = C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe 6816 | [Owner : Oktay |Parent : 1088] - (. - .) - (0.0.0.0) = C:\ProgramData\{49ee844a-c154-f185-49ee-e844ac15112b}\grand.theft.auto.v.fix.for.missions.crashes.exe 7104 | [Owner : Oktay |Parent : 1088] - (.Valve Corporation - Steam Client Bootstrapper.) - (2.70.82.9) = D:\Program Files (x86)\Steam\Steam.exe 6608 | [Owner : Oktay |Parent : 7104] - (.Valve Corporation - Steam Client WebHelper.) - (2.70.82.9) = D:\Program Files (x86)\Steam\bin\steamwebhelper.exe 7024 | [Owner : Système |Parent : 720] - (.Valve Corporation - Steam Client Service.) - (2.70.82.9) = C:\Program Files (x86)\Common Files\Steam\SteamService.exe 6404 | [Owner : Oktay |Parent : 6608] - (.Valve Corporation - Steam Client WebHelper.) - (2.70.82.9) = D:\Program Files (x86)\Steam\bin\steamwebhelper.exe 3536 | [Owner : Oktay |Parent : 3460] - (.Intel Corporation - IAStorIcon.) - (13.5.2.1000) = D:\Programmes\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe 6340 | [Owner : Oktay |Parent : 6608] - (.Valve Corporation - Steam Client WebHelper.) - (2.70.82.9) = D:\Program Files (x86)\Steam\bin\steamwebhelper.exe 5748 | [Owner : Oktay |Parent : 4556] - (.Nota Inc. - Gyazo Station.) - (2.2.0.0) = C:\Program Files (x86)\Gyazo\GyStation.exe 7768 | [Owner : Oktay |Parent : 1088] - (.Adobe Systems Incorporated - Adobe Reader .) - (11.0.10.32) = C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe 7808 | [Owner : Oktay |Parent : 7768] - (.Adobe Systems Incorporated - Adobe Reader .) - (11.0.10.32) = C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe 7256 | [Owner : Oktay |Parent : 1088] - (.Microsoft Corporation - Microsoft Word.) - (15.0.4711.1001) = D:\Programmes\Microsoft Office\Office15\WINWORD.EXE 7624 | [Owner : Oktay |Parent : 1088] - (.Skype Technologies S.A. - Skype .) - (7.4.0.102) = C:\Program Files (x86)\Skype\Phone\Skype.exe 8112 | [Owner : Oktay |Parent : 1088] - (.Mozilla Corporation - Firefox.) - (37.0.2.5583) = D:\Program Files (x86)\mozilla firefox\firefox.exe 3948 | [Owner : Oktay |Parent : 8112] - (.Mozilla Corporation - Plugin Container for Firefox.) - (37.0.2.5583) = D:\Program Files (x86)\mozilla firefox\plugin-container.exe 7752 | [Owner : SERVICE RÉSEAU |Parent : 720] - (.Microsoft Corporation - Microsoft Office Software Protection Platform Service.) - (15.0.169.500) = C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE 8112 | [Owner : Oktay |Parent : 1088] - (.Mozilla Corporation - Firefox.) - (37.0.2.5583) = D:\Program Files (x86)\mozilla firefox\firefox.exe 3948 | [Owner : Oktay |Parent : 8112] - (.Mozilla Corporation - Plugin Container for Firefox.) - (37.0.2.5583) = D:\Program Files (x86)\mozilla firefox\plugin-container.exe 6636 | [Owner : SERVICE LOCAL |Parent : 720] - (.Microsoft Corporation - PresentationFontCache.exe.) - (3.0.6920.5011) = C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe 4536 | [Owner : Système |Parent : 720] - (.CybelSoft - Service de détection matériel.) - (7.1.6.1) = C:\Program Files\ma-config.com\MaConfigAgent.exe 7972 | [Owner : SERVICE RÉSEAU |Parent : 720] - (.Microsoft Corporation - Service Partage réseau du Lecteur Windows Media.) - (12.0.7601.17514) = C:\Program Files\Windows Media Player\wmpnetwk.exe 4260 | [Owner : Système |Parent : 720] - (.Microsoft Corporation - Indexeur Microsoft Windows Search.) - (7.0.7601.17610) = C:\Windows\System32\SearchIndexer.exe 7828 | [Owner : Oktay |Parent : 768] - (.Microsoft Corporation - Gestionnaire des tâches de Windows.) - (6.1.7601.17514) = C:\Windows\System32\taskmgr.exe 4608 | [Owner : Oktay |Parent : 7828] - (.Microsoft Corporation - Explorateur Windows.) - (6.1.7601.17567) = C:\Windows\explorer.exe 6196 | [Owner : Oktay |Parent : 4608] - (.Valve Corporation - Steam Client Bootstrapper.) - (2.70.82.9) = D:\Program Files (x86)\Steam\Steam.exe 6224 | [Owner : Oktay |Parent : 6196] - (.Valve Corporation - Steam Client WebHelper.) - (2.70.82.9) = D:\Program Files (x86)\Steam\bin\steamwebhelper.exe 6636 | [Owner : Système |Parent : 720] - (.Valve Corporation - Steam Client Service.) - (2.70.82.9) = C:\Program Files (x86)\Common Files\Steam\SteamService.exe 6604 | [Owner : Système |Parent : 720] - (.Microsoft Corporation - Application sous-système spouleur.) - (6.1.7601.17777) = C:\Windows\System32\spoolsv.exe 2584 | [Owner : Oktay |Parent : 6224] - (.Valve Corporation - Steam Client WebHelper.) - (2.70.82.9) = D:\Program Files (x86)\Steam\bin\steamwebhelper.exe 1752 | [Owner : Oktay |Parent : 6224] - (.Valve Corporation - Steam Client WebHelper.) - (2.70.82.9) = D:\Program Files (x86)\Steam\bin\steamwebhelper.exe 7136 | [Owner : Oktay |Parent : 4608] - (.Mozilla Corporation - Firefox.) - (37.0.2.5583) = D:\Program Files (x86)\mozilla firefox\firefox.exe 3488 | [Owner : Oktay |Parent : 7136] - (.Mozilla Corporation - Plugin Container for Firefox.) - (37.0.2.5583) = D:\Program Files (x86)\mozilla firefox\plugin-container.exe 7576 | [Owner : Oktay |Parent : 4608] - (.Microsoft Corporation - Microsoft Security Client User Interface.) - (4.7.205.0) = C:\Program Files\Microsoft Security Client\msseces.exe 7136 | [Owner : Oktay |Parent : 4608] - (.Mozilla Corporation - Firefox.) - (37.0.2.5583) = D:\Program Files (x86)\mozilla firefox\firefox.exe ¤¤¤¤¤¤¤¤¤¤ # Winlogon user ¤¤¤¤¤¤¤¤¤¤ # Winlogon machine Repaired : [HKLM | Winlogon]|[userinit] : userinit.exe, -> C:\Windows\Syswow64\userinit.exe, ¤¤¤¤¤¤¤¤¤¤ # SafeBoot Safeboot Keys are O.K Alternate shell is OK ! ? Safeboot Minimal Subkeys : O.K ! ? Safeboot Network Subkeys : O.K ! ¤¤¤¤¤¤¤¤¤¤ # IFEO ¤¤¤¤¤¤¤¤¤¤ # Mountpoints2 ¤¤¤¤¤¤¤¤¤¤ # Windows [HKLM64\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\system.ini\Boot]|[Shell] : SYS:Microsoft\Windows NT\CurrentVersion\Winlogon [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\system.ini\Boot]|[Shell] : SYS:Microsoft\Windows NT\CurrentVersion\Winlogon [HKLM64\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\win.ini]|[winlogon] : SYS:Microsoft\Windows NT\CurrentVersion\Winlogon ¤¤¤¤¤¤¤¤¤¤ # Security center Repaired : [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]|[EnableFirewall] : 1 -> 0 Repaired : [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]|[EnableFirewall] : 1 -> 0 ¤¤¤¤¤¤¤¤¤¤ # Services Repaired : [Compbatt] : 3 -> 0 Repaired : [srService] : -> 2 Repaired : [Parvdm] : -> 2 Repaired : [NIHardwareService] : -> 2 Repaired : [agp440] : 3 -> 2 Repaired : [ERSvc] : -> 2 Repaired : [EapHost] : 3 -> 2 Repaired : [Wlansvc] : 3 -> 2 Repaired : [SharedAccess] : 4 -> 2 Repaired : [windefend] : 3 -> 2 Repaired : [wudfsvc] : 3 -> 2 Repaired : [WerSvc] : 3 -> 2 ¤¤¤¤¤¤¤¤¤¤ # Internet Explorer ¤¤¤¤¤¤¤¤¤¤ # reparsepoint ¤¤¤¤¤¤¤¤¤¤ # Offsets ¤¤¤¤¤¤¤¤¤¤ # Files | Folders | Registry Will be moved in quarantine at reboot : D:\msdownld.tmp ¤¤¤¤¤¤¤¤¤¤ # ADS Deleted : @C:\ProgramData\Temp:4FC01C57 Prefetch -> cleaned D:\ : Vaccinated (Vaccin created by Pre_Scan) ?????????? | Hidden files ~ [Drive D:] : Hidden : 65 | Restored : 64 ~ [Drive C:] : Hidden : 1 | Restored : 1 ~ [Program Files] : Hidden : 17 | Restored : 17 ~ [Users] : Hidden : 2 | Restored : 2 ~ [Searches] : Hidden : 2 | Restored : 2 ~ [Windows] : Hidden : 59 | Restored : 59 ~ [Start Menu | Programs | Startup] : Hidden : 1 | Restored : 1 ~ [Libraries] : Hidden : 34 | Restored : 34 ¤¤¤¤¤¤¤¤¤¤ # Drives Disk: 0 Size=114G Pos MBRndx Type/Name Size Active Hide Start Sector Sectors --- ------ ---------- ---- ------ ---- ------------ ------------ 0 0 07-NTFS 100M Yes No 2,048 204,800 1 1 07-NTFS 114G No No 206,848 234,231,808 ¤¤¤¤¤¤¤¤¤¤ [HKLM64 | Winlogon] | AutoRestartShell : 0 -> 1 End : 20:00:04 ¤¤¤¤¤¤¤¤¤¤( EOF )¤¤¤¤¤¤¤¤¤¤ - 263