¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Pre_Scan | g3n-h@ckm@n | 6_20.05.2016.1 ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ ¤¤¤¤¤ XP | Vista | 7 | 8 - 32/64 bits ¤¤¤¤¤ - Start 07:14:33 Updated 20/05/2016 | 01.15 by g3n-h@ckm@n Contact : http://www.sosvirus.net/ Pre_scan Feedbacks : http://www.sosvirus.net/feedback-t74962.html [Jean-Marie (Administrator)] - [LFS_ULTRA_FINAL] SID = S-1-5-21-828033166-96225416-522722582-1001 Boot: Normal boot System : Windows 10 Home (64 bits) Core ProcessorNameString : AMD E1-1200 APU with Radeon(tm) HD Graphics Identifier : AMD64 Family 20 Model 2 Stepping 0 CoreTemp : -1 Celsius - Max : Celsius Memory RAM = Total (MB) : 3748 | Free (MB) : 2612 Pagefile = Total (MB) : 4157 | Free (MB) : 3 Virtual = Total (MB) : 4194 | Free (MB) : 3968 ¤¤¤¤¤¤¤¤¤¤ # Components of starting up ¤¤¤¤¤¤¤¤¤¤¤ # Drives F:\-> [Removable] | [kenny kruge] | Total : 476.7 Go | Free : 7.38 Go -> exFAT [USB] E:\-> [Fixed] | [my disk] | Total : 931.48 Go | Free : 11.94 Go -> NTFS [USB] D:\-> [Fixed] | [Recovery Image] | Total : 13.06 Go | Free : 1.57 Go -> NTFS [SATA] C:\-> [Fixed] | [OS] | Total : 916.54 Go | Free : 862.22 Go -> NTFS [SATA] ¤¤¤¤¤¤¤¤¤¤ # Windows updates No detected update !!! Microsoft : + ¤¤¤¤¤¤¤¤¤¤ # Sessions C:\WINDOWS\system32\config\systemprofile C:\Windows\ServiceProfiles\LocalService C:\Windows\ServiceProfiles\NetworkService C:\Users\Jean-Marie Registry saved , to restore : Shortcut on the desktop 'Pre_Scan_Restore' Restore the register (C:\Pre_Scan\Save\Registry [26.05.2016 @ 06_56_08]) To restore File or Folder : Shortcut on the desktop 'Pre_Scan_Restore' , select 'restore File - Folder' , select an Item and click on Restore ¤¤¤¤¤¤¤¤¤¤ # Browsers IE : 11.0.10240.16384 (© Microsoft Corporation.) ¤¤¤¤¤¤¤¤¤¤ # FlashPlayer ActiveX : 18.0.0.203 ���������� # Security AV : Ad-Aware Antivirus Disabled AS : Windows Defender Enabled FW : Ad-Aware Firewall Disabled WMI : OK WU: Windows Update Service [Manual(3)] = Running AS: Windows Defender [Auto(2)] = Running FW: Windows FireWall Service [Auto(2)] = Running ¤¤¤¤¤¤¤¤¤¤ # Stopped processes 1308 | [Owner : |Parent : 836] - (.AMD - AMD External Events Service Module.) - (6.14.11.1199) = C:\Windows\System32\atiesrxx.exe 1468 | [Owner : |Parent : 1308] - (.AMD - AMD External Events Client Module.) - (6.14.11.1199) = C:\Windows\System32\atieclxx.exe 1776 | [Owner : |Parent : 836] - (.SurfRight B.V. - HitmanPro Scheduler.) - (3.7.0.5) = C:\Program Files\HitmanPro\hmpsched.exe 1896 | [Owner : |Parent : 836] - (.Microsoft Corporation - Application sous-système spouleur.) - (10.0.10240.16384) = C:\Windows\System32\spoolsv.exe 2208 | [Owner : Système |Parent : 836] - (.COMODO Security Solutions - COMODO COSService.) - (1.0.0.1846) = C:\Program Files\COMODO\COMMON\COSService.exe 2216 | [Owner : Système |Parent : 836] - (.Microsoft Corp. - Bing Desktop updating service.) - (1.4.167.0) = C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe 2284 | [Owner : Système |Parent : 836] - (.Advanced Micro Devices, Inc. - Service Fusion Utility.) - (1.0.0.0) = C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe 2384 | [Owner : Système |Parent : 836] - (.AVG Technologies CZ, s.r.o. - AVG Service Process.) - (1.82.2.9461) = C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe 2412 | [Owner : Système |Parent : 836] - (.COMODO Security Solutions - COMODO SynchronizationService.) - (1.0.0.1846) = C:\Program Files\COMODO\COMMON\SynchronizationService.exe 2436 | [Owner : Système |Parent : 836] - (. - Reason Core Security Bundle Protection.) - (0.4.3.0) = C:\Program Files\Reason\Security\Protection\rscp\bin\rscp_svc.exe 2444 | [Owner : Système |Parent : 836] - (.Reason Software Company Inc. - Reason Core Security Engine Service.) - (1.1.2.0) = C:\Program Files\Reason\Security\rsEngineSvc.exe 2576 | [Owner : Système |Parent : 836] - (.Sony Corporation - Device Information Provider.) - (9.3.0.4171) = C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe 2760 | [Owner : Système |Parent : 836] - (.AVG Technologies CZ, s.r.o. - AVG PC TuneUp Service.) - (16.32.2.3320) = C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe 2832 | [Owner : SERVICE LOCAL |Parent : 1032] - (.Microsoft Corporation - Device Association Framework Provider Host.) - (10.0.10240.16384) = C:\Windows\System32\dasHost.exe 1784 | [Owner : Système |Parent : 836] - (.CyberLink - CyberLink RichVideo Module.) - (2.0.0.9525) = C:\Program Files\CyberLink\Shared files\RichVideo64.exe 2432 | [Owner : LogonSessionId_0_471525 |Parent : 836] - (.Microsoft Corporation - Indexeur Microsoft Windows Search.) - (7.0.10240.16384) = C:\Windows\System32\SearchIndexer.exe 3576 | [Owner : LogonSessionId_0_482858 |Parent : 836] - (.Microsoft Corporation - Service Partage réseau du Lecteur Windows Media.) - (12.0.10240.16384) = C:\Program Files\Windows Media Player\wmpnetwk.exe 2648 | [Owner : Jean-Marie |Parent : 820] - (.Microsoft Corporation - Shell Infrastructure Host.) - (10.0.10240.16384) = C:\Windows\System32\sihost.exe 564 | [Owner : Jean-Marie |Parent : 936] - (.Microsoft Corporation - Processus hôte Windows (Rundll32).) - (10.0.10240.16384) = C:\Windows\System32\rundll32.exe 3608 | [Owner : Jean-Marie |Parent : 820] - (.Microsoft Corporation - Processus hôte pour Tâches Windows.) - (10.0.10240.16384) = C:\Windows\System32\taskhostw.exe 2192 | [Owner : Jean-Marie |Parent : 5100] - (.Microsoft Corporation - Explorateur Windows.) - (10.0.10240.16384) = C:\Windows\explorer.exe 5860 | [Owner : Jean-Marie |Parent : 936] - (.Microsoft Corporation - Windows Shell Experience Host.) - (10.0.10240.16384) = C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe 6044 | [Owner : Jean-Marie |Parent : 936] - (.Microsoft Corporation - Search and Cortana application.) - (10.0.10240.16384) = C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe 6052 | [Owner : Jean-Marie |Parent : 936] - (.Microsoft Corporation - Runtime Broker.) - (10.0.10240.16384) = C:\Windows\System32\RuntimeBroker.exe 540 | [Owner : Jean-Marie |Parent : 936] - (.Microsoft Corporation - Host Process for Setting Synchronization.) - (10.0.10240.16384) = C:\Windows\System32\SettingSyncHost.exe 6168 | [Owner : Jean-Marie |Parent : 1076] - (.AVG Technologies CZ, s.r.o. - AVG User Interface.) - (1.82.2.9461) = C:\Program Files (x86)\AVG\Framework\Common\avguix.exe 6176 | [Owner : Jean-Marie |Parent : 5388] - (.Sony Corporation - Media Check Tool.) - (9.3.0.4171) = C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe 6184 | [Owner : Jean-Marie |Parent : 936] - (.Microsoft Corporation - Explorateur Windows.) - (10.0.10240.16384) = C:\Windows\explorer.exe 6316 | [Owner : Jean-Marie |Parent : 6184] - (.Disc Soft Ltd - DAEMON Tools Shell Extensions Helper.) - (7.1.0.595) = C:\Program Files\DAEMON Tools Pro\DTShellHlp.exe 6616 | [Owner : Système |Parent : 836] - (.Disc Soft Ltd - Disc Soft Bus Service.) - (7.1.0.595) = C:\Program Files\DAEMON Tools Pro\DiscSoftBusService.exe 6744 | [Owner : Jean-Marie |Parent : 836] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.10240.16384) = C:\Windows\System32\svchost.exe 7076 | [Owner : Jean-Marie |Parent : 5692] - (.ultracopier.first-world.info - Ultracopier under GPL3.) - (1.2.3.0) = C:\Program Files\Ultracopier\ultracopier.exe 916 | [Owner : Jean-Marie |Parent : 936] - (.Microsoft Corporation - Application Frame Host.) - (10.0.10240.16384) = C:\Windows\System32\ApplicationFrameHost.exe 5280 | [Owner : Jean-Marie |Parent : 936] - (.Microsoft Corporation - Microsoft Edge.) - (11.0.10240.16384) = C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe 6784 | [Owner : Jean-Marie |Parent : 936] - (.Microsoft Corporation - Browser_Broker.) - (11.0.10240.16384) = C:\Windows\System32\browser_broker.exe 6288 | [Owner : Jean-Marie |Parent : 6052] - (.Microsoft Corporation - Microsoft Edge Content Process.) - (11.0.10240.16384) = C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe 6156 | [Owner : Jean-Marie |Parent : 6784] - (.Crawler Group - Spyware Terminator 2015 Setup .) - (3.0.1.107) = C:\Users\Jean-Marie\Downloads\SpywareTerminatorSetup.exe 6148 | [Owner : Jean-Marie |Parent : 6156] - (. - Setup/Uninstall.) - (51.51.0.0) = C:\Users\JEAN-M~1\AppData\Local\Temp\is-7TQ2E.tmp\SpywareTerminatorSetup.tmp 6164 | [Owner : Jean-Marie |Parent : 6148] - (.Crawler Group - Spyware Terminator 2015 Setup .) - (3.0.1.107) = C:\Users\Jean-Marie\Downloads\SpywareTerminatorSetup.exe 5912 | [Owner : Jean-Marie |Parent : 6164] - (. - Setup/Uninstall.) - (51.51.0.0) = C:\Users\JEAN-M~1\AppData\Local\Temp\is-9PPTO.tmp\SpywareTerminatorSetup.tmp 5504 | [Owner : Jean-Marie |Parent : 5912] - (.Crawler Group, LLC - Spyware Terminator 2015.) - (3.0.1.107) = C:\Program Files (x86)\Spyware Terminator\SpywareTerminator.exe 3712 | [Owner : Système |Parent : 836] - (.Crawler Group, LLC - Spyware Terminator 2015 Realtime Shield Service.) - (3.0.1.105) = C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe 5160 | [Owner : Jean-Marie |Parent : 6784] - (.Crawler Group - Classic Start 8 Setup .) - (1.0.0.16) = C:\Users\Jean-Marie\Downloads\ClassicStart8Setup.exe 6340 | [Owner : Jean-Marie |Parent : 5160] - (. - Setup/Uninstall.) - (51.51.0.0) = C:\Users\JEAN-M~1\AppData\Local\Temp\is-A439C.tmp\ClassicStart8Setup.tmp 6300 | [Owner : Jean-Marie |Parent : 6340] - (.Crawler Group - Classic Start 8 Setup .) - (1.0.0.16) = C:\Users\Jean-Marie\Downloads\ClassicStart8Setup.exe 6928 | [Owner : Jean-Marie |Parent : 936] - (.Adobe Systems Incorporated - Adobe® Flash® Player Utility.) - (18.0.0.203) = C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe 2656 | [Owner : Jean-Marie |Parent : 5700] - (.PortableApps.com - PortableApps.com Platform.) - (14.1.0.0) = F:\PortableApps\PortableApps.com\PortableAppsPlatform.exe 5764 | [Owner : Jean-Marie |Parent : 6184] - (.BiniSoft.org - Windows Firewall Control - Setup.) - (4.7.2.0) = C:\Users\Jean-Marie\Desktop\dvd de sauvegarde bijoutier parisien 3 -~-~ binisoft\wfc4setup.exe 5220 | [Owner : Système |Parent : 836] - (.BiniSoft.org - Windows Firewall Control Service.) - (4.7.2.0) = C:\Program Files\Windows Firewall Control\wfcs.exe 208 | [Owner : Jean-Marie |Parent : 6184] - (.BiniSoft.org - USB Flash Drives Control - Setup.) - (4.0.0.0) = C:\Users\Jean-Marie\Desktop\dvd de sauvegarde bijoutier parisien 3 -~-~ binisoft\usbc4setup.exe 3000 | [Owner : Système |Parent : 836] - (.BiniSoft.org - USB Flash Drives Control Service.) - (4.0.0.0) = C:\Program Files\USB Flash Drives Control\usbcs.exe 5316 | [Owner : Jean-Marie |Parent : 936] - (.Microsoft Corporation - Store.) - (11602.1.26.0) = C:\Program Files\WindowsApps\Microsoft.WindowsStore_11602.1.26.0_x64__8wekyb3d8bbwe\WinStore.Mobile.exe 7040 | [Owner : Jean-Marie |Parent : 4288] - (.iFunSoft - Format Package.) - (3.0.2.2134) = C:\Program Files (x86)\iFunSoft\Format Package\FormatPackage.exe 5476 | [Owner : Système |Parent : 836] - (.iFunSoft - Product Updater.) - (2.1.5.1962) = C:\Program Files (x86)\iFunSoft\iFunSoft Updater\iFunSoftUpdater.exe 5640 | [Owner : Jean-Marie |Parent : 6052] - (.Microsoft Corporation - Microsoft Edge Content Process.) - (11.0.10240.16384) = C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe 2996 | [Owner : Jean-Marie |Parent : 7040] - (.iFunSoft - Format Package.) - (3.0.2.2134) = C:\Program Files (x86)\iFunSoft\Format Package\FormatPackage.exe 5508 | [Owner : Jean-Marie |Parent : 2656] - (.PortableApps.com - PortableApps.com Updater.) - (14.1.0.0) = F:\PortableApps\PortableApps.com\PortableAppsUpdater.exe 6444 | [Owner : Jean-Marie |Parent : 6184] - (.Microsoft Corporation - Bloc-notes.) - (10.0.10240.16384) = C:\Windows\System32\notepad.exe 7912 | [Owner : Jean-Marie |Parent : 2192] - (. - .) - (11.10.767.8917) = C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareDesktop.exe 7936 | [Owner : Jean-Marie |Parent : 7912] - (. - .) - (11.10.767.8917) = C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareTray.exe 7492 | [Owner : Système |Parent : 772] - (.Microsoft Corporation - Usermode Font Driver Host.) - (10.0.10240.16384) = C:\Windows\System32\fontdrvhost.exe 8812 | [Owner : |Parent : 836] - (.Microsoft Corporation - Antimalware Service Executable.) - (4.8.10240.16384) = C:\Program Files\Windows Defender\MsMpEng.exe 9188 | [Owner : |Parent : 836] - (.Microsoft Corporation - Microsoft Network Realtime Inspection Service.) - (4.8.10240.16384) = C:\Program Files\Windows Defender\NisSrv.exe 8960 | [Owner : SERVICE RÉSEAU |Parent : 8860] - (.Microsoft Corporation - Microsoft Malware Protection Command Line Utility.) - (4.8.10240.16384) = C:\Program Files\Windows Defender\MpCmdRun.exe 4632 | [Owner : Jean-Marie |Parent : 936] - (.Microsoft Corporation - Background Task Host.) - (10.0.10240.16384) = C:\Windows\System32\backgroundTaskHost.exe ¤¤¤¤¤¤¤¤¤¤ # Winlogon user ¤¤¤¤¤¤¤¤¤¤ # Winlogon machine Repaired : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon]~[userinit] : -> C:\WINDOWS\SYSWOW64\userinit.exe, ¤¤¤¤¤¤¤¤¤¤ # SafeBoot Safeboot Keys are O.K Alternate shell is OK ! � ¤¤¤¤¤¤¤¤¤¤ # IFEO ¤¤¤¤¤¤¤¤¤¤ # Mountpoints2 Content of F:\Autorun.inf : [autorun] OPEN=browsercall.exe readme.html ¤¤¤¤¤¤¤¤¤¤ # Windows [HKLM\Software\Microsoft\Windows NT\CurrentVersion\IniFileMapping\system.ini\Boot]~[Shell] : SYS:Microsoft\Windows NT\CurrentVersion\Winlogon [HKLM\Software\Microsoft\Windows NT\CurrentVersion\IniFileMapping\win.ini]~[winlogon] : SYS:Microsoft\Windows NT\CurrentVersion\Winlogon [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\IniFileMapping\system.ini\Boot]~[Shell] : SYS:Microsoft\Windows NT\CurrentVersion\Winlogon ¤¤¤¤¤¤¤¤¤¤ # Security center ¤¤¤¤¤¤¤¤¤¤ # Services Repaired : [HKLM\SYSTEM\CurrentControlSet\Services\Compbatt]~[Start] : -> 0 Repaired : [HKLM\SYSTEM\CurrentControlSet\Services\srService]~[Start] : -> 2 Repaired : [HKLM\SYSTEM\CurrentControlSet\Services\PlugPlay]~[Start] : 3 -> 2 Repaired : [HKLM\SYSTEM\CurrentControlSet\Services\Parvdm]~[Start] : -> 2 Repaired : [HKLM\SYSTEM\CurrentControlSet\Services\NVSvc]~[Start] : -> 2 Repaired : [HKLM\SYSTEM\CurrentControlSet\Services\NIHardwareService]~[Start] : -> 2 Repaired : [HKLM\SYSTEM\CurrentControlSet\Services\IAStorDataMgrsvc]~[Start] : -> 2 Repaired : [HKLM\SYSTEM\CurrentControlSet\Services\lmhosts]~[Start] : 3 -> 2 Repaired : [HKLM\SYSTEM\CurrentControlSet\Services\agp440]~[Start] : 0 -> 2 Repaired : [HKLM\SYSTEM\CurrentControlSet\Services\ERSvc]~[Start] : -> 2 Repaired : [HKLM\SYSTEM\CurrentControlSet\Services\EapHost]~[Start] : 3 -> 2 Repaired : [HKLM\SYSTEM\CurrentControlSet\Services\Wlansvc]~[Start] : 3 -> 2 Repaired : [HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess]~[Start] : 4 -> 2 Repaired : [HKLM\SYSTEM\CurrentControlSet\Services\wuauserv]~[Start] : 3 -> 2 Repaired : [HKLM\SYSTEM\CurrentControlSet\Services\wudfsvc]~[Start] : 3 -> 2 Repaired : [HKLM\SYSTEM\CurrentControlSet\Services\WerSvc]~[Start] : 3 -> 2 ¤¤¤¤¤¤¤¤¤¤ # Internet Explorer ¤¤¤¤¤¤¤¤¤¤ # reparsepoint ¤¤¤¤¤¤¤¤¤¤ # Offsets ¤¤¤¤¤¤¤¤¤¤ # Files | Folders | Registry Deleted service : SP_RSDRV2 Deleted : [HKU\S-1-5-21-828033166-96225416-522722582-1001\Software\Microsoft\Windows\CurrentVersion\Run]~[DAEMON Tools Pro Agent] : "C:\Program Files\DAEMON Tools Pro\DTAgent.exe" -autorun Deleted : [HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]~[iSkysoft Helper Compact.exe] : C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe Deleted : [HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]~[Wondershare Helper Compact.exe] : C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe Moved to quarantine successfully : F:\Setup.exe Moved to quarantine successfully : F:\LikeNEWPCSetup.exe Moved to quarantine successfully : F:\Start Commandline Scanner.exe Moved to quarantine successfully : F:\Start Emergency Kit Scanner.exe Moved to quarantine successfully : F:\Start.exe Moved to quarantine successfully : F:\StartHere.exe Moved to quarantine successfully : F:\USB-to-Cloud.exe Moved to quarantine successfully : F:\installboost.exe Moved to quarantine successfully : F:\smart-defrag-setup.exe Moved to quarantine successfully : F:\AVG_Performance_709.exe Moved to quarantine successfully : F:\setup_11.0.3.8.x01_2014_12_13_09_36.exe Moved to quarantine successfully : F:\smart-defrag-setup-beta.exe Moved to quarantine successfully : F:\startuplite-setup-1.07.exe Moved to quarantine successfully : F:\tdsskiller.exe Moved to quarantine successfully : F:\Wise_Care_365_v3.43.exe Moved to quarantine successfully : F:\60Second_en_us.exe Moved to quarantine successfully : F:\60Second_x64.exe Moved to quarantine successfully : F:\BDPUARLauncher_FR.exe Moved to quarantine successfully : F:\BDUSBImmunizerLauncher.exe Moved to quarantine successfully : F:\imfv3-setup.exe Moved to quarantine successfully : F:\MKV.exe Moved to quarantine successfully : F:\Maelstrom(2).exe Moved to quarantine successfully : F:\Maelstrom.exe Moved to quarantine successfully : F:\60Second.exe Moved to quarantine successfully : F:\BDPUARLauncher_FR(1).exe Moved to quarantine successfully : F:\BootkitRemoval_x64.exe Moved to quarantine successfully : F:\browsercall.exe Moved to quarantine successfully : F:\autorun.exe Moved to quarantine successfully : F:\StartMenuX_Setup_5_85.exe Moved to quarantine successfully : F:\Adaware_Installer.exe Moved to quarantine successfully : F:\MBARW_Setup.exe Moved to quarantine successfully : E:\ADD12_trial_fr-FR.exe Moved to quarantine successfully : E:\AVG_Performance_709.exe Moved to quarantine successfully : E:\delfix_1.013.exe Moved to quarantine successfully : E:\dfinstall.exe Moved to quarantine successfully : E:\DTTarget2.1.0.0072.exe Moved to quarantine successfully : E:\installboost.exe Moved to quarantine successfully : E:\LikeNEWPCSetup.exe Moved to quarantine successfully : E:\pre-scan_6_27.04.2016.1 (1).exe Moved to quarantine successfully : E:\smart-defrag-setup.exe Moved to quarantine successfully : E:\wvdsetup.exe Moved to quarantine successfully : E:\x-youtube-to-mp3-converter5-fr.exe Moved to quarantine successfully : C:\bootsqm.dat Moved to quarantine successfully : D:\bootsqm.dat Moved to quarantine successfully : F:\µTorrent.lnk Moved to quarantine successfully : F:\RegSeeker.lnk Moved to quarantine successfully : F:\TeraCopy.lnk Moved to quarantine successfully : F:\bd.ico ¤¤¤¤¤¤¤¤¤¤ # ADS Prefetch -> cleaned D:\ : Vaccinated (Vaccin created by Pre_Scan) E:\ : Vaccinated (Vaccin created by Pre_Scan) F:\AutoRun.inf : Deleted F:\ : Vaccinated (Vaccin created by Pre_Scan) ���������� | Hidden files ~ [Drive D:] : Hidden : 8 | Restored : 8 ~ [Drive E:] : Hidden : 14 | Restored : 14 ~ [Drive F:] : Hidden : 17 | Restored : 17 ~ [Drive C:] : Hidden : 3 | Restored : 3 ~ [Program Files] : Hidden : 9 | Restored : 9 ~ [Users] : Hidden : 2 | Restored : 2 ~ [Documents] : Hidden : 9 | Restored : 9 ~ [Searches] : Hidden : 2 | Restored : 2 ~ [Windows] : Hidden : 43 | Restored : 40 ~ [Start Menu | Programs | Startup] : Hidden : 1 | Restored : 1 ~ [AppData] : Hidden : 11 | Restored : 11 ¤¤¤¤¤¤¤¤¤¤ # Drives Disk: 0 Size=954G Pos MBRndx Type/Name Size Active Hide Start Sector Sectors --- ------ ---------- ---- ------ ---- ------------ ------------ 0 0 EE-UNKNWN 21.0T No No 1 294,967,295 ¤¤¤¤¤¤¤¤¤¤ Repaired : [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]~[AutoRestartShell] : 0 -> 1 Repaired : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon]~[AutoRestartShell] : -> 1 End : 10:37:35 ¤¤¤¤¤¤¤¤¤¤( EOF )¤¤¤¤¤¤¤¤¤¤ - 299