¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Pre_Scan | g3n-h@ckm@n | 6_30.09.2016.1 ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ ¤¤¤¤¤ XP | Vista | 7 | 8 - 32/64 bits ¤¤¤¤¤ - Start 09:45:38 10/13/2016 Updated 30/09/2016 | 16.50 by g3n-h@ckm@n Contact : http://www.sosvirus.net/ Pre_scan Feedbacks : http://www.sosvirus.net/feedback-t74962.html [jean- (Administrator)] - [DESKTOP-37KC94K] SID = S-1-5-21-4265624635-2019933758-61733912-1001 Boot: Normal boot System : Windows 10 Home (64 bits) Core ProcessorNameString : AMD E1-1200 APU with Radeon(tm) HD Graphics Identifier : AMD64 Family 20 Model 2 Stepping 0 CoreTemp : -1 Celsius - Max : Celsius Memory RAM = Total (MB) : 3748 | Free (MB) : 1730 Pagefile = Total (MB) : 7680 | Free (MB) : 5452 Virtual = Total (MB) : 4194 | Free (MB) : 3905 ¤¤¤¤¤¤¤¤¤¤ # Components of starting up C:\WINDOWS\Setup\Scripts\setupcomplete.cmd ¤¤¤¤¤¤¤¤¤¤¤ # Drives P:\-> [Removable] | [ExtremePRO] | Total : 476.65 Go | Free : 372.73 Go -> FAT32 [USB] N:\-> [Removable] | [COMPANION] | Total : 30.02 Go | Free : 2.11 Go -> FAT32 [USB] L:\-> [Fixed] | [WD My Passport 3To] | Total : 2794.49 Go | Free : 222.74 Go -> NTFS [USB] F:\-> [CDROM] | [Nouveau] | Total : 0.11 Go | Free : 0 Go -> CDFS [SATA] D:\-> [Removable] | [PARTED MAGI] | Total : 57.89 Go | Free : 57.43 Go -> FAT32 [USB] C:\-> [Fixed] | [OS] | Total : 930.26 Go | Free : 866.93 Go -> NTFS [SATA] ¤¤¤¤¤¤¤¤¤¤ # Windows updates Microsoft : + ¤¤¤¤¤¤¤¤¤¤ # Sessions C:\WINDOWS\system32\config\systemprofile C:\WINDOWS\ServiceProfiles\LocalService C:\WINDOWS\ServiceProfiles\NetworkService C:\Users\jean- C:\Users\MSSQL$ADK Registry saved , to restore : Shortcut on the desktop 'Pre_Scan_Restore' Restore the register (C:\Pre_Scan\Save\Registry [13.10.2016 @ 09_31_56]) To restore File or Folder : Shortcut on the desktop 'Pre_Scan_Restore' , select 'restore File - Folder' , select an Item and click on Restore ¤¤¤¤¤¤¤¤¤¤ # Browsers IE : 11.0.14393.0 (© Microsoft Corporation.) FF : 49.0.1.6109 (©Firefox and Mozilla Developers; available under the MPL 2 license.) ¤¤¤¤¤¤¤¤¤¤ # FlashPlayer ActiveX : 23.0.0.162 ���������� # Security AV : Ad-Aware Antivirus Disabled AS : Windows Defender Enabled FW : Ad-Aware Firewall Disabled WMI : OK WU: Windows Update Service [Manual(3)] = Running AS: Windows Defender [Auto(2)] = Running FW: Windows FireWall Service [Auto(2)] = Running ¤¤¤¤¤¤¤¤¤¤ # Stopped processes 1900 | [Owner : |Parent : 936] - (.Realtek Semiconductor - Realtek Audio Service.) - (1.0.0.68) = C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe 2016 | [Owner : |Parent : 1900] - (.Realtek Semiconductor - HD Audio Background Process.) - (1.0.0.227) = C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe 2272 | [Owner : |Parent : 936] - (.Microsoft Corporation - Application sous-système spouleur.) - (10.0.14393.206) = C:\Windows\System32\spoolsv.exe 2452 | [Owner : Système |Parent : 936] - (.Advanced Micro Devices, Inc. - Service Fusion Utility.) - (1.0.0.0) = C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe 2460 | [Owner : Système |Parent : 936] - (.COMODO Security Solutions - COMODO COSService.) - (1.0.0.1846) = C:\Program Files\COMODO\COMMON\COSService.exe 2484 | [Owner : Système |Parent : 936] - (.Seiko Epson Corporation - Epson Scanner Service (64bit).) - (1.1.0.1) = C:\Windows\System32\escsvc64.exe 2492 | [Owner : Système |Parent : 936] - (.COMODO - Internet Security Essentials.) - (1.1.7388.29) = C:\Program Files (x86)\COMODO\Internet Security Essentials\isesrv.exe 2500 | [Owner : Système |Parent : 936] - (.CHENGDU YIWO Tech Development Co., Ltd - EaseUS Todo Backup Agent Application.) - (5.0.0.1) = C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe 2508 | [Owner : Système |Parent : 936] - (.COMODO - COMODO Cloud Antivirus.) - (1.6.7441.347) = C:\Program Files (x86)\COMODO\COMODO Cloud Antivirus\ccavsrv.exe 2592 | [Owner : Système |Parent : 936] - (.Nero AG - .) - (16.0.2.302) = C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe 2604 | [Owner : Système |Parent : 936] - (.Rebit, Inc. - Rebit Pro Backup Service.) - (5.1.3001.14505) = C:\Program Files\Rebit\Rebit Pro\Rebit-Pro-Svc.exe 2620 | [Owner : Système |Parent : 936] - (.Plays.tv, LLC - Plays.tv Service.) - (1.0.0.0) = C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe 2628 | [Owner : Système |Parent : 936] - (. - Reason Core Security Bundle Protection.) - (1.0.1.0) = C:\Program Files (x86)\Reason\Security\Protection\rscp\bin\rscp_svc.exe 2644 | [Owner : Système |Parent : 936] - (.Reason Software Company Inc. - Reason Core Security Engine Service.) - (1.1.1.0) = C:\Program Files (x86)\Reason\Security\rsEngineSvc.exe 2664 | [Owner : LogonSessionId_0_176123 |Parent : 936] - (.Microsoft Corporation - SQL Server VSS Writer - 64 Bit.) - (2011.110.5058.0) = C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe 2672 | [Owner : Système |Parent : 936] - (.COMODO Security Solutions - COMODO SynchronizationService.) - (1.0.0.1846) = C:\Program Files\COMODO\COMMON\SynchronizationService.exe 2756 | [Owner : LogonSessionId_0_177966 |Parent : 936] - (.Microsoft Corporation - Service de cliché instantané de volumes Microsoft®.) - (10.0.14393.0) = C:\Windows\System32\VSSVC.exe 2832 | [Owner : |Parent : 936] - (.Microsoft Corporation - Antimalware Service Executable.) - (4.10.14393.0) = C:\Program Files\Windows Defender\MsMpEng.exe 2856 | [Owner : Système |Parent : 936] - (.Zemana Ltd. - ZAM.) - (0.0.0.0) = C:\Program Files (x86)\Zemana AntiLogger\ZAM.exe 2948 | [Owner : SERVICE LOCAL |Parent : 1180] - (.Microsoft Corporation - Device Association Framework Provider Host.) - (10.0.14393.82) = C:\Windows\System32\dasHost.exe 4748 | [Owner : LogonSessionId_0_265003 |Parent : 936] - (.Microsoft Corporation - Service de disque virtuel.) - (10.0.14393.0) = C:\Windows\System32\vds.exe 4896 | [Owner : Système |Parent : 2500] - (. - .) - (0.0.0.0) = C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe 3992 | [Owner : LogonSessionId_0_173517 |Parent : 936] - (.Microsoft Corporation - SQL Server Windows NT.) - (2011.110.5343.0) = C:\Program Files (x86)\Microsoft SQL Server\MSSQL11.ADK\MSSQL\Binn\sqlservr.exe 5156 | [Owner : jean- |Parent : 1076] - (.Microsoft Corporation - Shell Infrastructure Host.) - (10.0.14393.0) = C:\Windows\System32\sihost.exe 5908 | [Owner : jean- |Parent : 936] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.14393.0) = C:\Windows\System32\svchost.exe 5940 | [Owner : |Parent : 936] - (.Microsoft Corporation - Microsoft Network Realtime Inspection Service.) - (4.10.14393.0) = C:\Program Files\Windows Defender\NisSrv.exe 2988 | [Owner : jean- |Parent : 1076] - (.Microsoft Corporation - Processus hôte pour Tâches Windows.) - (10.0.14393.0) = C:\Windows\System32\taskhostw.exe 4968 | [Owner : jean- |Parent : 1076] - (.Glarysoft Ltd - Glary SoftwareUpdatePro.) - (5.39.0.33) = C:\Program Files (x86)\Glarysoft\Software Update Pro\SoftwareUpdatePro.exe 5688 | [Owner : jean- |Parent : 1076] - (.Reason Software Company Inc. - Should I Remove It?.) - (1.0.4.36591) = C:\Program Files (x86)\Reason\Should I Remove It\ShouldIRemoveIt.exe 6536 | [Owner : jean- |Parent : 1076] - (.Driver-Soft Inc. - Driver Genius.) - (16.0.0.245) = C:\Program Files (x86)\Driver-Soft\DriverGenius\DriverGenius.exe 6620 | [Owner : jean- |Parent : 6300] - (.Microsoft Corporation - Explorateur Windows.) - (10.0.14393.206) = C:\Windows\explorer.exe 6340 | [Owner : jean- |Parent : 2592] - (.Nero AG - Nero BackItUp.) - (16.0.2.302) = C:\Program Files (x86)\Nero\Nero BackItUp\BackItUp.exe 6476 | [Owner : jean- |Parent : 68] - (.Microsoft Corporation - Windows Shell Experience Host.) - (10.0.14393.187) = C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe 6556 | [Owner : jean- |Parent : 6620] - (. - .) - (0.0.0.0) = C:\Program Files (x86)\EaseUS\EaseUS EverySync\bin\EaseUSEverySyncCache.exe 6100 | [Owner : jean- |Parent : 68] - (.Microsoft Corporation - SmartScreen.) - (10.0.14393.0) = C:\Windows\System32\smartscreen.exe 6632 | [Owner : jean- |Parent : 68] - (.Microsoft Corporation - Search and Cortana application.) - (10.0.14393.206) = C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe 7308 | [Owner : jean- |Parent : 68] - (.Microsoft Corporation - Runtime Broker.) - (10.0.14393.0) = C:\Windows\System32\RuntimeBroker.exe 7460 | [Owner : jean- |Parent : 68] - (.Microsoft Corporation - Reminders WinRT OOP Server.) - (10.0.14393.206) = C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe 8176 | [Owner : Système |Parent : 1076] - (.Microsoft Corporation - Windows Problem Reporting.) - (10.0.14393.0) = C:\Windows\System32\wermgr.exe 8252 | [Owner : jean- |Parent : 6620] - (. - .) - (11.12.945.9202) = C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\AdAwareTray.exe 8580 | [Owner : jean- |Parent : 6620] - (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) - (1.0.0.986) = C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe 8620 | [Owner : jean- |Parent : 6620] - (.Microsoft Corporation - Windows Defender notification icon.) - (4.10.14393.187) = C:\Program Files\Windows Defender\MSASCuiL.exe 8724 | [Owner : jean- |Parent : 6620] - (.Microsoft Corporation - Microsoft OneDrive.) - (17.3.6517.809) = C:\Users\jean-\AppData\Local\Microsoft\OneDrive\OneDrive.exe 8304 | [Owner : jean- |Parent : 6620] - (.CyberLink Corp. - Power2Go Desktop Burning Gadget.) - (10.0.2522.0) = C:\Program Files (x86)\CyberLink\Power2Go10\Power2GoExpress10.exe 8468 | [Owner : jean- |Parent : 6620] - (.Avanquest Software - Avanquest Message.) - (2.0.0.0) = C:\Users\jean-\AppData\Local\Avanquest\Avanquest Message\AQNotif.exe 5404 | [Owner : jean- |Parent : 68] - (.Microsoft Corporation - Host Process for Setting Synchronization.) - (10.0.14393.187) = C:\Windows\System32\SettingSyncHost.exe 8604 | [Owner : jean- |Parent : 6620] - (.CHENGDU Yiwo Tech Development Co., Ltd. - .) - (2.0.0.0) = C:\Program Files (x86)\EaseUS\EaseUS EverySync\bin\EverySync.exe 6048 | [Owner : Système |Parent : 812] - (.Microsoft Corporation - Usermode Font Driver Host.) - (10.0.14393.0) = C:\Windows\System32\fontdrvhost.exe 9192 | [Owner : jean- |Parent : 8508] - (.CyberLink - CyberLink MediaLibray Service.) - (10.0.0.1725) = C:\Program Files (x86)\CyberLink\Power2Go10\CLMLSvc_P2G10.exe 7392 | [Owner : jean- |Parent : 8508] - (.iSkySoft - iSkySoft Studio.) - (2.3.5.0) = C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe 7652 | [Owner : jean- |Parent : 1720] - (.Advanced Micro Devices Inc. - Catalyst Control Center: Monitoring program.) - (4.5.0.0) = C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe 7856 | [Owner : jean- |Parent : 8508] - (.COMODO - Internet Security Essentials.) - (1.1.7388.29) = C:\Program Files (x86)\COMODO\Internet Security Essentials\vkise.exe 8860 | [Owner : jean- |Parent : 8508] - (.Avanquest USA - AutoSave Essentials.) - (1.0.0.1) = C:\Program Files (x86)\Avanquest\AutoSaveEssentials\AutoSave Essentials.exe 8612 | [Owner : jean- |Parent : 8508] - (.COMODO - COMODO Cloud Antivirus.) - (1.6.7441.347) = C:\Program Files (x86)\COMODO\COMODO Cloud Antivirus\ccavsrv.exe 5980 | [Owner : jean- |Parent : 7652] - (.Advanced Micro Devices Inc. - Catalyst Control Center: Host application.) - (4.5.0.0) = C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe 9944 | [Owner : Système |Parent : 1076] - (.Microsoft Corporation - UsoClient.) - (10.0.14393.0) = C:\Windows\System32\UsoClient.exe 10140 | [Owner : Système |Parent : 9944] - (.Microsoft Corporation - Console Window Host.) - (10.0.14393.0) = C:\Windows\System32\conhost.exe 9252 | [Owner : jean- |Parent : 10000] - (.Raptr, Inc - Raptr Desktop App.) - (5.2.7.0) = C:\PROGRA~2\Raptr Inc\Raptr\raptr.exe 9148 | [Owner : jean- |Parent : 68] - (.Microsoft Corporation - Background Task Host.) - (10.0.14393.0) = C:\Windows\System32\backgroundTaskHost.exe 8112 | [Owner : jean- |Parent : 68] - (.Microsoft Corporation - Background Task Host.) - (10.0.14393.0) = C:\Windows\System32\backgroundTaskHost.exe 832 | [Owner : jean- |Parent : 9252] - (.Raptr, Inc - Raptr Desktop App.) - (5.2.7.0) = C:\PROGRA~2\Raptr Inc\Raptr\raptr_im.exe 10036 | [Owner : jean- |Parent : 9252] - (.Raptr Inc. - Elevation Proxy.) - (1.0.0.1) = C:\PROGRA~2\Raptr Inc\Raptr\raptr_ep64.exe 8188 | [Owner : jean- |Parent : 9252] - (.Raptr Inc. - Elevation Proxy.) - (1.0.0.1) = C:\PROGRA~2\Raptr Inc\Raptr\raptr_ep64.exe 8640 | [Owner : LogonSessionId_0_2450929 |Parent : 936] - (.Nero AG - NeroUpdate.) - (17.0.0.3) = C:\Program Files (x86)\Nero\Update\NASvc.exe 9144 | [Owner : SERVICE RÉSEAU |Parent : 7608] - (.Microsoft Corporation - Microsoft Malware Protection Command Line Utility.) - (4.10.14393.0) = C:\Program Files\Windows Defender\MpCmdRun.exe 3760 | [Owner : Système |Parent : 7156] - (.Microsoft Corporation - Console Window Host.) - (10.0.14393.0) = C:\Windows\System32\conhost.exe 6736 | [Owner : jean- |Parent : 9252] - (.Raptr Inc. - Elevation Proxy.) - (1.0.0.1) = C:\PROGRA~2\Raptr Inc\Raptr\raptr_ep64.exe 7572 | [Owner : jean- |Parent : 9252] - (.Raptr Inc. - Elevation Proxy.) - (1.0.0.1) = C:\PROGRA~2\Raptr Inc\Raptr\raptr_ep64.exe 7216 | [Owner : jean- |Parent : 9252] - (.Raptr Inc. - Elevation Proxy.) - (1.0.0.1) = C:\PROGRA~2\Raptr Inc\Raptr\raptr_ep64.exe 9764 | [Owner : Système |Parent : 2644] - (.Reason Software Company Inc. - Reason Security Engine Helper.) - (1.1.1.0) = C:\Program Files (x86)\Reason\Security\rsEngineHelper.exe 8440 | [Owner : Système |Parent : 9764] - (.Microsoft Corporation - Console Window Host.) - (10.0.14393.0) = C:\Windows\System32\conhost.exe 7324 | [Owner : jean- |Parent : 9252] - (.Raptr Inc. - Elevation Proxy.) - (1.0.0.1) = C:\PROGRA~2\Raptr Inc\Raptr\raptr_ep64.exe 8156 | [Owner : jean- |Parent : 9252] - (.Plays.tv, LLC - Plays.tv Video Recorder by Raptr.) - (1.14.1.0) = C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv_launcher.exe 8716 | [Owner : Système |Parent : 1076] - (.Microsoft Corporation - Interface utilisateur de consentement pour des applications administratives.) - (10.0.14393.0) = C:\Windows\System32\consent.exe 212 | [Owner : Système |Parent : 2644] - (.Reason Software Company Inc. - Reason Security Engine Helper.) - (1.1.1.0) = C:\Program Files (x86)\Reason\Security\rsEngineHelper.exe 3888 | [Owner : Système |Parent : 212] - (.Microsoft Corporation - Console Window Host.) - (10.0.14393.0) = C:\Windows\System32\conhost.exe ¤¤¤¤¤¤¤¤¤¤ # Winlogon user ¤¤¤¤¤¤¤¤¤¤ # Winlogon machine Repaired : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon]~[userinit] : -> C:\WINDOWS\SYSWOW64\userinit.exe, ¤¤¤¤¤¤¤¤¤¤ # SafeBoot Safeboot Keys are O.K Alternate shell is OK ! � ¤¤¤¤¤¤¤¤¤¤ # IFEO ¤¤¤¤¤¤¤¤¤¤ # Mountpoints2 Content of D:\autorun.inf : ; Created by Rufus 2.11.995 ; http://rufus.akeo.ie [autorun] icon = autorun.ico label = Parted Magic 2016_07_12 ¤¤¤¤¤¤¤¤¤¤ # Windows [HKLM\Software\Microsoft\Windows NT\CurrentVersion\IniFileMapping\system.ini\Boot]~[Shell] : SYS:Microsoft\Windows NT\CurrentVersion\Winlogon [HKLM\Software\Microsoft\Windows NT\CurrentVersion\IniFileMapping\win.ini]~[winlogon] : SYS:Microsoft\Windows NT\CurrentVersion\Winlogon [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\IniFileMapping\system.ini\Boot]~[Shell] : SYS:Microsoft\Windows NT\CurrentVersion\Winlogon ¤¤¤¤¤¤¤¤¤¤ # Security center Repaired : [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellServiceObjects\{F56F6FDD-AA9D-4618-A949-C1B91AF43B1A}]~[Autostart] : -> C:\WINDOWS\System32\ActionCenter.dll Repaired : [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]~[EnableFirewall] : 0 -> 1 Repaired : [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]~[EnableFirewall] : 0 -> 1 Repaired : [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]~[EnableFirewall] : 0 -> 1 ¤¤¤¤¤¤¤¤¤¤ # Services Repaired : [HKLM\SYSTEM\CurrentControlSet\Services\Compbatt]~[Start] : -> 0 Repaired : [HKLM\SYSTEM\CurrentControlSet\Services\srService]~[Start] : -> 2 Repaired : [HKLM\SYSTEM\CurrentControlSet\Services\PlugPlay]~[Start] : 3 -> 2 Repaired : [HKLM\SYSTEM\CurrentControlSet\Services\Parvdm]~[Start] : -> 2 Repaired : [HKLM\SYSTEM\CurrentControlSet\Services\NVSvc]~[Start] : -> 2 Repaired : [HKLM\SYSTEM\CurrentControlSet\Services\NIHardwareService]~[Start] : -> 2 Repaired : [HKLM\SYSTEM\CurrentControlSet\Services\Iphlpsvc]~[Start] : 3 -> 2 Repaired : [HKLM\SYSTEM\CurrentControlSet\Services\IAStorDataMgrsvc]~[Start] : -> 2 Repaired : [HKLM\SYSTEM\CurrentControlSet\Services\lmhosts]~[Start] : 3 -> 2 Repaired : [HKLM\SYSTEM\CurrentControlSet\Services\agp440]~[Start] : -> 2 Repaired : [HKLM\SYSTEM\CurrentControlSet\Services\ERSvc]~[Start] : -> 2 Repaired : [HKLM\SYSTEM\CurrentControlSet\Services\Bits]~[Start] : 3 -> 2 Repaired : [HKLM\SYSTEM\CurrentControlSet\Services\EapHost]~[Start] : 3 -> 2 Repaired : [HKLM\SYSTEM\CurrentControlSet\Services\Wlansvc]~[Start] : 4 -> 2 Repaired : [HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess]~[Start] : 3 -> 2 Repaired : [HKLM\SYSTEM\CurrentControlSet\Services\wuauserv]~[Start] : 3 -> 2 Repaired : [HKLM\SYSTEM\CurrentControlSet\Services\wudfsvc]~[Start] : 3 -> 2 ¤¤¤¤¤¤¤¤¤¤ # Internet Explorer ¤¤¤¤¤¤¤¤¤¤ # reparsepoint ¤¤¤¤¤¤¤¤¤¤ # Offsets ¤¤¤¤¤¤¤¤¤¤ # Files | Folders | Registry Deleted : HKLM\Software\WOW6432Node\simplitec Moved to quarantine successfully : L:\OneKeyPro.exe Moved to quarantine successfully : L:\Start.exe Moved to quarantine successfully : L:\tb_free.exe Moved to quarantine successfully : C:\OkBootConfig.dat Moved to quarantine successfully : D:\autorun.ico ¤¤¤¤¤¤¤¤¤¤ # ADS Prefetch -> cleaned D:\AutoRun.inf : Deleted D:\ : Vaccinated (Vaccin created by Pre_Scan) L:\ : Vaccinated (Vaccin created by Pre_Scan) N:\ : Vaccinated (Vaccin created by Pre_Scan) P:\ : Vaccinated (Vaccin created by Pre_Scan) ���������� | Hidden files ~ [Drive D:] : Hidden : 1 | Restored : 1 ~ [Drive L:] : Hidden : 209 | Restored : 209 ~ [Drive N:] : Hidden : 2 | Restored : 2 ~ [Drive P:] : Hidden : 10 | Restored : 10 ~ [Drive C:] : Hidden : 4 | Restored : 4 ~ [Program Files] : Hidden : 19 | Restored : 19 ~ [Users] : Hidden : 2 | Restored : 2 ~ [Documents] : Hidden : 5 | Restored : 5 ~ [Desktop] : Hidden : 1 | Restored : 1 ~ [Searches] : Hidden : 2 | Restored : 2 ~ [Windows] : Hidden : 52 | Restored : 50 ~ [Start Menu | Programs | Startup] : Hidden : 1 | Restored : 1 ~ [AppData] : Hidden : 9 | Restored : 9 ¤¤¤¤¤¤¤¤¤¤ # Drives Disk: 0 Size=954G Pos MBRndx Type/Name Size Active Hide Start Sector Sectors --- ------ ---------- ---- ------ ---- ------------ ------------ 0 0 EE-UNKNWN 21.0T No No 1 294,967,295 End : 21:46:59 ¤¤¤¤¤¤¤¤¤¤( EOF )¤¤¤¤¤¤¤¤¤¤ - 274