Â¤Â¤Â¤Â¤Â¤Â¤Â¤Â¤Â¤Â¤Â¤Â¤Â¤Â¤Â¤ Pre_Scan | g3n-h@ckm@n | V7_16.10.17.1 Â¤Â¤Â¤Â¤Â¤Â¤Â¤Â¤Â¤Â¤Â¤Â¤Â¤Â¤Â¤

Â¤Â¤Â¤Â¤Â¤ XP | Vista | 7 | 8 - 32/64 bits Â¤Â¤Â¤Â¤Â¤ - Start 15:17:17 02/05/2023

Updated 16/10/2017 | 14.45 by g3n-h@ckm@n
Contact : http://www.sosvirus.net/
Pre_scan Feedbacks : http://www.sosvirus.net/feedback-t74962.html

[EFM LFS Hyper UEFM (Administrator)] - [DESKTOP-H7BEC55]
SID = S-1-5-21-662962405-169162653-1899843541-1001

Boot: Normal boot
System : Windows 10 Enterprise (64 bits) Enterprise 
ProcessorNameString : AMD E1-1200 APU with Radeon(tm) HD Graphics
Identifier : AMD64 Family 20 Model 2 Stepping 0
CoreTemp : -1 Celsius - Max :  Celsius

Memory RAM = Total (MB) : 3748 | Free (MB) : 2691
Pagefile = Total (MB) : 4662 | Free (MB) : 3663
Virtual = Total (MB) : 4194 | Free (MB) : 3942

Â¤Â¤Â¤Â¤Â¤Â¤Â¤Â¤Â¤Â¤ # Components of starting up


Â¤Â¤Â¤Â¤Â¤Â¤Â¤Â¤Â¤Â¤Â¤ # Drives

I:\-> [CDROM] | [WINDOWS 11] | Total : 4.18 Go | Free : 0 Go -> UDF [SATA]
F:\-> [Removable] | [uef] | Total : 59.49 Go | Free : 0.05 Go -> exFAT [USB]
E:\-> [Removable] | [justine lÃ©a lynnlo torres] | Total : 0.01 Go | Free : 0 Go -> NTFS [USB]
C:\-> [Fixed] | [windows2go workspace] | Total : 57.6 Go | Free : 0.45 Go -> NTFS (SSD) [USB]

Â¤Â¤Â¤Â¤Â¤Â¤Â¤Â¤Â¤Â¤ # Windows updates


Possible Fixed Windows

Â¤Â¤Â¤Â¤Â¤Â¤Â¤Â¤Â¤Â¤ # Sessions

C:\Windows\system32\config\systemprofile
C:\Windows\ServiceProfiles\LocalService
C:\Windows\ServiceProfiles\NetworkService
C:\Users\EFM LFS Hyper UEFM
C:\Users\_ashbackup_

Registry saved , to restore :  Shortcut on the desktop 'Pre_Scan_Restore' Restore the register (C:\Pre_Scan\Save\Registry [05.02.2023 @ 15_02_37])
To restore File or Folder : Shortcut on the desktop 'Pre_Scan_Restore' , select 'restore File - Folder' , select an Item and click on Restore

Â¤Â¤Â¤Â¤Â¤Â¤Â¤Â¤Â¤Â¤ # Browsers

IE : 11.0.17134.1     (Â© Microsoft Corporation.)
GC : 76.0.3809.100     (Copyright 2019 Google LLC.)

Â¤Â¤Â¤Â¤Â¤Â¤Â¤Â¤Â¤Â¤ # FlashPlayer

ActiveX : 32.0.0.207

ï¿½ï¿½ï¿½ï¿½ï¿½ï¿½ï¿½ï¿½ï¿½ï¿½ # Security

AV : Windows Defender Enabled
AS : Windows Defender Enabled
FW : 
WMI : OK
WU: Windows Update Service [Auto(2)] = stopped
AS: Windows Defender [Auto(2)] = Running
FW: Windows FireWall Service [Auto(2)] = stopped

Â¤Â¤Â¤Â¤Â¤Â¤Â¤Â¤Â¤Â¤ # Stopped processes

1480 | [Owner :  |Parent : 692] - (.AMD - AMD External Events Service Module.) - (6.14.11.1199) = C:\Windows\System32\atiesrxx.exe
1616 | [Owner :  |Parent : 1480] - (.AMD - AMD External Events Client Module.) - (6.14.11.1199) = C:\Windows\System32\atieclxx.exe
1344 | [Owner :  |Parent : 692] - (.Realtek Semiconductor - Realtek Audio Service.) - (1.0.0.86) = C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
2144 | [Owner :  |Parent : 1344] - (.Realtek Semiconductor - HD Audio Background Process.) - (1.0.0.290) = C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
2508 | [Owner :  |Parent : 692] - (.Advanced Micro Devices, Inc. - Service Fusion Utility.) - (1.0.0.0) = C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
2524 | [Owner :  |Parent : 692] - (.Microsoft Corp. - Bing Desktop updating service.) - (1.4.167.0) = C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe
2540 | [Owner :  |Parent : 692] - (.gdipp Project - gdipp Service.) - (0.9.1.0) = C:\Program Files (x86)\UX Pack\gdipp\gdipp_svc_32.exe
2548 | [Owner :  |Parent : 692] - (.gdipp Project - gdipp Service.) - (0.9.1.0) = C:\Program Files (x86)\UX Pack\gdipp\gdipp_svc_64.exe
2696 | [Owner :  |Parent : 692] - (.Microsoft Corporation - Windows Security Health Service.) - (4.13.17134.191) = C:\Windows\System32\SecurityHealthService.exe
2784 | [Owner : SystÃ¨me |Parent : 692] - (.Reason Software Company Inc. - Unchecky Service.) - (1.2.0.0) = C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe
2912 | [Owner :  |Parent : 692] - (.Microsoft Corporation - Antimalware Service Executable.) - (4.18.1907.4) = C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1907.4-0\MsMpEng.exe
2156 | [Owner : SERVICE LOCAL |Parent : 2488] - (.Microsoft Corporation - Device Association Framework Provider Host.) - (10.0.17134.1) = C:\Windows\System32\dasHost.exe
3340 | [Owner : SERVICE RÃSEAU |Parent : 3276] - (.Microsoft Corporation - Microsoft Malware Protection Command Line Utility.) - (4.18.1907.4) = C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1907.4-0\MpCmdRun.exe
3424 | [Owner :  |Parent : 692] - (.Microsoft Corporation - Microsoft Network Realtime Inspection Service.) - (4.18.1907.4) = C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1907.4-0\NisSrv.exe
3896 | [Owner : SystÃ¨me |Parent : 1168] - (.Microsoft Corporation - Microsoft Compatibility Telemetry.) - (10.0.18362.1013) = C:\Windows\System32\CompatTelRunner.exe
4016 | [Owner : SystÃ¨me |Parent : 3896] - (.Microsoft Corporation - HÃ´te de la fenÃªtre de la console.) - (10.0.17134.1) = C:\Windows\System32\conhost.exe
1372 | [Owner : Aucun |Parent : 2540] - (.gdipp Project - gdipp Hook.) - (0.9.1.0) = C:\Program Files (x86)\UX Pack\gdipp\gdipp_hook_32.exe
3652 | [Owner : Aucun |Parent : 2548] - (.gdipp Project - gdipp Hook.) - (0.9.1.0) = C:\Program Files (x86)\UX Pack\gdipp\gdipp_hook_64.exe
464 | [Owner : EFM LFS Hyper UEFM |Parent : 692] - (.Microsoft Corporation - Processus hÃ´te pour les services Windows.) - (10.0.17134.556) = C:\Windows\System32\svchost.exe
3020 | [Owner : EFM LFS Hyper UEFM |Parent : 1392] - (.Microsoft Corporation - Shell Infrastructure Host.) - (10.0.17134.1) = C:\Windows\System32\sihost.exe
596 | [Owner : EFM LFS Hyper UEFM |Parent : 692] - (.Microsoft Corporation - Processus hÃ´te pour les services Windows.) - (10.0.17134.556) = C:\Windows\System32\svchost.exe
3944 | [Owner : EFM LFS Hyper UEFM |Parent : 1168] - (.Microsoft Corporation - Processus hÃ´te pour TÃ¢ches Windows.) - (10.0.17134.619) = C:\Windows\System32\taskhostw.exe
3968 | [Owner : EFM LFS Hyper UEFM |Parent : 2816] - (.Microsoft Corporation - Chargeur CTF.) - (10.0.17134.1) = C:\Windows\System32\ctfmon.exe
3964 | [Owner : EFM LFS Hyper UEFM |Parent : 4028] - (.Microsoft Corporation - Explorateur Windows.) - (10.0.17134.858) = C:\Windows\explorer.exe
2068 | [Owner : EFM LFS Hyper UEFM |Parent : 864] - (.Microsoft Corporation - Windows Shell Experience Host.) - (10.0.17134.753) = C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
4720 | [Owner : SystÃ¨me |Parent : 692] - (.Microsoft Corporation - Windows Problem Reporting.) - (10.0.17134.885) = C:\Windows\System32\wermgr.exe
4728 | [Owner : SystÃ¨me |Parent : 692] - (.Microsoft Corporation - Windows Problem Reporting.) - (10.0.17134.885) = C:\Windows\System32\wermgr.exe
4736 | [Owner : SystÃ¨me |Parent : 692] - (.Microsoft Corporation - Windows Problem Reporting.) - (10.0.17134.885) = C:\Windows\System32\wermgr.exe
4752 | [Owner : SystÃ¨me |Parent : 692] - (.Microsoft Corporation - Windows Problem Reporting.) - (10.0.17134.885) = C:\Windows\System32\wermgr.exe
5060 | [Owner : EFM LFS Hyper UEFM |Parent : 3964] - (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) - (1.0.0.1126) = C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
4544 | [Owner : SystÃ¨me |Parent : 736] - (.Google Inc. - Programme d'installation de Google.) - (1.3.33.23) = C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
4584 | [Owner :  |Parent : 692] - (.Microsoft Corporation - Service Broker du moniteur d'exÃ©cution System Guard.) - (10.0.17134.1) = C:\Windows\System32\SgrmBroker.exe
4824 | [Owner : EFM LFS Hyper UEFM |Parent : 692] - (.Microsoft Corporation - Processus hÃ´te pour les services Windows.) - (10.0.17134.556) = C:\Windows\System32\svchost.exe
5220 | [Owner : EFM LFS Hyper UEFM |Parent : 5192] - (.Advanced Micro Devices Inc. - Catalyst Control Center: Monitoring program.) - (4.5.0.0) = C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
5312 | [Owner : EFM LFS Hyper UEFM |Parent : 5220] - (.Advanced Micro Devices Inc. - Catalyst Control Center: Host application.) - (4.5.0.0) = C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
6036 | [Owner : SystÃ¨me |Parent : 1168] - (.Microsoft Corporation - Windows Problem Reporting.) - (10.0.17134.885) = C:\Windows\System32\wermgr.exe
3756 | [Owner : SystÃ¨me |Parent : 692] - (.Microsoft Corporation - Windows Problem Reporting.) - (10.0.17134.885) = C:\Windows\System32\wermgr.exe
6032 | [Owner : SystÃ¨me |Parent : 692] - (.Microsoft Corporation - Windows Problem Reporting.) - (10.0.17134.885) = C:\Windows\System32\wermgr.exe
3560 | [Owner : EFM LFS Hyper UEFM |Parent : 864] - (.Microsoft Corporation - Host Process for Setting Synchronization.) - (10.0.17134.885) = C:\Windows\System32\SettingSyncHost.exe
5964 | [Owner : SystÃ¨me |Parent : 692] - (.Microsoft Corporation - Windows Problem Reporting.) - (10.0.17134.885) = C:\Windows\System32\wermgr.exe
5548 | [Owner : SystÃ¨me |Parent : 692] - (.Microsoft Corporation - Windows Problem Reporting.) - (10.0.17134.885) = C:\Windows\System32\wermgr.exe
5956 | [Owner : SystÃ¨me |Parent : 692] - (.Microsoft Corporation - Windows Problem Reporting.) - (10.0.17134.885) = C:\Windows\System32\wermgr.exe
5788 | [Owner : SystÃ¨me |Parent : 692] - (.Microsoft Corporation - Windows Problem Reporting.) - (10.0.17134.885) = C:\Windows\System32\wermgr.exe
5792 | [Owner : SystÃ¨me |Parent : 692] - (.Microsoft Corporation - Windows Problem Reporting.) - (10.0.17134.885) = C:\Windows\System32\wermgr.exe
5932 | [Owner : SystÃ¨me |Parent : 692] - (.Microsoft Corporation - Windows Problem Reporting.) - (10.0.17134.885) = C:\Windows\System32\wermgr.exe
4372 | [Owner : SystÃ¨me |Parent : 692] - (.Microsoft Corporation - Windows Problem Reporting.) - (10.0.17134.885) = C:\Windows\System32\wermgr.exe
4976 | [Owner : SystÃ¨me |Parent : 692] - (.Microsoft Corporation - Windows Problem Reporting.) - (10.0.17134.885) = C:\Windows\System32\wermgr.exe
3148 | [Owner : SystÃ¨me |Parent : 692] - (.Microsoft Corporation - Windows Problem Reporting.) - (10.0.17134.885) = C:\Windows\System32\wermgr.exe
5624 | [Owner : SystÃ¨me |Parent : 692] - (.Microsoft Corporation - Windows Problem Reporting.) - (10.0.17134.885) = C:\Windows\System32\wermgr.exe
6064 | [Owner : SystÃ¨me |Parent : 692] - (.Microsoft Corporation - Windows Problem Reporting.) - (10.0.17134.885) = C:\Windows\System32\wermgr.exe
5700 | [Owner : SystÃ¨me |Parent : 692] - (.Microsoft Corporation - Windows Problem Reporting.) - (10.0.17134.885) = C:\Windows\System32\wermgr.exe
6100 | [Owner : SystÃ¨me |Parent : 1168] - (.Microsoft Corporation - Processus hÃ´te pour TÃ¢ches Windows.) - (10.0.17134.619) = C:\Windows\System32\taskhostw.exe
3624 | [Owner : SystÃ¨me |Parent : 692] - (.Microsoft Corporation - Windows Problem Reporting.) - (10.0.17134.885) = C:\Windows\System32\wermgr.exe
5448 | [Owner : SystÃ¨me |Parent : 692] - (.Microsoft Corporation - Windows Problem Reporting.) - (10.0.17134.885) = C:\Windows\System32\wermgr.exe
2572 | [Owner : SystÃ¨me |Parent : 692] - (.Microsoft Corporation - Windows Problem Reporting.) - (10.0.17134.885) = C:\Windows\System32\wermgr.exe
200 | [Owner : EFM LFS Hyper UEFM |Parent : 1168] - (.Microsoft Corporation - UsoClient.) - (10.0.17134.915) = C:\Windows\System32\UsoClient.exe
2832 | [Owner : SystÃ¨me |Parent : 692] - (.Microsoft Corporation - Windows Problem Reporting.) - (10.0.17134.885) = C:\Windows\System32\wermgr.exe
256 | [Owner : SystÃ¨me |Parent : 692] - (.Microsoft Corporation - Windows Problem Reporting.) - (10.0.17134.885) = C:\Windows\System32\wermgr.exe
4308 | [Owner : SystÃ¨me |Parent : 692] - (.Microsoft Corporation - Windows Problem Reporting.) - (10.0.17134.885) = C:\Windows\System32\wermgr.exe
5984 | [Owner : SystÃ¨me |Parent : 692] - (.Microsoft Corporation - Windows Problem Reporting.) - (10.0.17134.885) = C:\Windows\System32\wermgr.exe
3916 | [Owner : SystÃ¨me |Parent : 692] - (.Microsoft Corporation - Windows Problem Reporting.) - (10.0.17134.885) = C:\Windows\System32\wermgr.exe
5812 | [Owner : SystÃ¨me |Parent : 692] - (.Microsoft Corporation - Windows Problem Reporting.) - (10.0.17134.885) = C:\Windows\System32\wermgr.exe
2944 | [Owner : SystÃ¨me |Parent : 692] - (.Microsoft Corporation - Windows Problem Reporting.) - (10.0.17134.885) = C:\Windows\System32\wermgr.exe
5648 | [Owner : SystÃ¨me |Parent : 692] - (.Microsoft Corporation - Windows Problem Reporting.) - (10.0.17134.885) = C:\Windows\System32\wermgr.exe
4668 | [Owner : SystÃ¨me |Parent : 692] - (.Microsoft Corporation - Windows Problem Reporting.) - (10.0.17134.885) = C:\Windows\System32\wermgr.exe
5616 | [Owner : SystÃ¨me |Parent : 692] - (.Microsoft Corporation - Windows Problem Reporting.) - (10.0.17134.885) = C:\Windows\System32\wermgr.exe
4800 | [Owner : SystÃ¨me |Parent : 692] - (.Microsoft Corporation - Windows Problem Reporting.) - (10.0.17134.885) = C:\Windows\System32\wermgr.exe
5008 | [Owner : SystÃ¨me |Parent : 692] - (.Microsoft Corporation - Windows Problem Reporting.) - (10.0.17134.885) = C:\Windows\System32\wermgr.exe
2272 | [Owner : SystÃ¨me |Parent : 692] - (.Microsoft Corporation - Windows Problem Reporting.) - (10.0.17134.885) = C:\Windows\System32\wermgr.exe
6112 | [Owner : SystÃ¨me |Parent : 692] - (.Microsoft Corporation - Windows Problem Reporting.) - (10.0.17134.885) = C:\Windows\System32\wermgr.exe
2232 | [Owner : SystÃ¨me |Parent : 692] - (.Microsoft Corporation - Windows Problem Reporting.) - (10.0.17134.885) = C:\Windows\System32\wermgr.exe
5692 | [Owner : SystÃ¨me |Parent : 692] - (.Microsoft Corporation - Windows Problem Reporting.) - (10.0.17134.885) = C:\Windows\System32\wermgr.exe
2984 | [Owner : SystÃ¨me |Parent : 692] - (.Microsoft Corporation - Windows Problem Reporting.) - (10.0.17134.885) = C:\Windows\System32\wermgr.exe
272 | [Owner : SystÃ¨me |Parent : 692] - (.Microsoft Corporation - Windows Problem Reporting.) - (10.0.17134.885) = C:\Windows\System32\wermgr.exe
188 | [Owner : SystÃ¨me |Parent : 692] - (.Microsoft Corporation - Windows Problem Reporting.) - (10.0.17134.885) = C:\Windows\System32\wermgr.exe
4176 | [Owner : SystÃ¨me |Parent : 692] - (.Microsoft Corporation - Windows Problem Reporting.) - (10.0.17134.885) = C:\Windows\System32\wermgr.exe
4232 | [Owner : SystÃ¨me |Parent : 692] - (.Microsoft Corporation - Windows Problem Reporting.) - (10.0.17134.885) = C:\Windows\System32\wermgr.exe
4408 | [Owner : SystÃ¨me |Parent : 692] - (.Microsoft Corporation - Windows Problem Reporting.) - (10.0.17134.885) = C:\Windows\System32\wermgr.exe
4664 | [Owner : SystÃ¨me |Parent : 692] - (.Microsoft Corporation - Windows Problem Reporting.) - (10.0.17134.885) = C:\Windows\System32\wermgr.exe
3416 | [Owner : SystÃ¨me |Parent : 692] - (.Microsoft Corporation - Windows Problem Reporting.) - (10.0.17134.885) = C:\Windows\System32\wermgr.exe
3212 | [Owner : SystÃ¨me |Parent : 692] - (.Microsoft Corporation - Windows Problem Reporting.) - (10.0.17134.885) = C:\Windows\System32\wermgr.exe
6080 | [Owner : SystÃ¨me |Parent : 692] - (.Microsoft Corporation - Windows Problem Reporting.) - (10.0.17134.885) = C:\Windows\System32\wermgr.exe
3556 | [Owner : SystÃ¨me |Parent : 692] - (.Microsoft Corporation - Windows Problem Reporting.) - (10.0.17134.885) = C:\Windows\System32\wermgr.exe
1572 | [Owner : SystÃ¨me |Parent : 692] - (.Microsoft Corporation - Windows Problem Reporting.) - (10.0.17134.885) = C:\Windows\System32\wermgr.exe
2888 | [Owner : SystÃ¨me |Parent : 692] - (.Microsoft Corporation - Windows Problem Reporting.) - (10.0.17134.885) = C:\Windows\System32\wermgr.exe
3216 | [Owner : Aucun |Parent : 2096] - (.Avanquest Software - Smart Privacy Cleaner.) - (2.0.0.0) = C:\Program Files (x86)\Smart Privacy Cleaner\SmartPrivacyCleaner.exe
1872 | [Owner : SystÃ¨me |Parent : 692] - (.Microsoft Corporation - Windows Problem Reporting.) - (10.0.17134.885) = C:\Windows\System32\wermgr.exe
5088 | [Owner : Aucun |Parent : 5392] - (.Microsoft Corporation - Bloc-notes.) - (10.0.17134.1) = C:\Windows\SysWOW64\notepad.exe
4944 | [Owner : SystÃ¨me |Parent : 692] - (.Microsoft Corporation - Windows Problem Reporting.) - (10.0.17134.885) = C:\Windows\System32\wermgr.exe
4980 | [Owner : SystÃ¨me |Parent : 692] - (.Microsoft Corporation - Windows Problem Reporting.) - (10.0.17134.885) = C:\Windows\System32\wermgr.exe
1368 | [Owner : SystÃ¨me |Parent : 692] - (.Microsoft Corporation - Windows Problem Reporting.) - (10.0.17134.885) = C:\Windows\System32\wermgr.exe
2556 | [Owner : SystÃ¨me |Parent : 692] - (.Microsoft Corporation - Windows Problem Reporting.) - (10.0.17134.885) = C:\Windows\System32\wermgr.exe
5848 | [Owner : SystÃ¨me |Parent : 692] - (.Microsoft Corporation - Windows Problem Reporting.) - (10.0.17134.885) = C:\Windows\System32\wermgr.exe
5844 | [Owner : SystÃ¨me |Parent : 692] - (.Microsoft Corporation - Windows Problem Reporting.) - (10.0.17134.885) = C:\Windows\System32\wermgr.exe
3200 | [Owner : SystÃ¨me |Parent : 692] - (.Microsoft Corporation - Windows Problem Reporting.) - (10.0.17134.885) = C:\Windows\System32\wermgr.exe
1152 | [Owner : SystÃ¨me |Parent : 692] - (.Microsoft Corporation - Windows Problem Reporting.) - (10.0.17134.885) = C:\Windows\System32\wermgr.exe
4928 | [Owner : SystÃ¨me |Parent : 692] - (.Microsoft Corporation - Windows Problem Reporting.) - (10.0.17134.885) = C:\Windows\System32\wermgr.exe
4284 | [Owner : SystÃ¨me |Parent : 692] - (.Microsoft Corporation - Windows Problem Reporting.) - (10.0.17134.885) = C:\Windows\System32\wermgr.exe
2184 | [Owner : EFM LFS Hyper UEFM |Parent : 1168] - (.Microsoft Corporation - Processus hÃ´te pour TÃ¢ches Windows.) - (10.0.17134.619) = C:\Windows\System32\taskhostw.exe
3892 | [Owner : SystÃ¨me |Parent : 692] - (.Microsoft Corporation - Windows Problem Reporting.) - (10.0.17134.885) = C:\Windows\System32\wermgr.exe
3932 | [Owner : SystÃ¨me |Parent : 692] - (.Microsoft Corporation - Windows Problem Reporting.) - (10.0.17134.885) = C:\Windows\System32\wermgr.exe
5660 | [Owner : SystÃ¨me |Parent : 692] - (.Microsoft Corporation - Windows Problem Reporting.) - (10.0.17134.885) = C:\Windows\System32\wermgr.exe
1156 | [Owner : SystÃ¨me |Parent : 692] - (.Microsoft Corporation - Windows Problem Reporting.) - (10.0.17134.885) = C:\Windows\System32\wermgr.exe
1424 | [Owner : SystÃ¨me |Parent : 692] - (.Microsoft Corporation - Windows Problem Reporting.) - (10.0.17134.885) = C:\Windows\System32\wermgr.exe
2088 | [Owner : SystÃ¨me |Parent : 692] - (.Microsoft Corporation - Windows Problem Reporting.) - (10.0.17134.885) = C:\Windows\System32\wermgr.exe
3672 | [Owner : SystÃ¨me |Parent : 692] - (.Microsoft Corporation - Windows Problem Reporting.) - (10.0.17134.885) = C:\Windows\System32\wermgr.exe
5864 | [Owner : SystÃ¨me |Parent : 692] - (.Microsoft Corporation - Windows Problem Reporting.) - (10.0.17134.885) = C:\Windows\System32\wermgr.exe
3668 | [Owner : SystÃ¨me |Parent : 692] - (.Microsoft Corporation - Windows Problem Reporting.) - (10.0.17134.885) = C:\Windows\System32\wermgr.exe
1200 | [Owner : SystÃ¨me |Parent : 692] - (.Microsoft Corporation - Windows Problem Reporting.) - (10.0.17134.885) = C:\Windows\System32\wermgr.exe
5676 | [Owner : SystÃ¨me |Parent : 692] - (.Microsoft Corporation - Windows Problem Reporting.) - (10.0.17134.885) = C:\Windows\System32\wermgr.exe
676 | [Owner : SystÃ¨me |Parent : 692] - (.Microsoft Corporation - Windows Problem Reporting.) - (10.0.17134.885) = C:\Windows\System32\wermgr.exe
3044 | [Owner : SystÃ¨me |Parent : 692] - (.Microsoft Corporation - Windows Problem Reporting.) - (10.0.17134.885) = C:\Windows\System32\wermgr.exe
6304 | [Owner : SystÃ¨me |Parent : 692] - (.Microsoft Corporation - Windows Problem Reporting.) - (10.0.17134.885) = C:\Windows\System32\wermgr.exe
6312 | [Owner : SystÃ¨me |Parent : 692] - (.Microsoft Corporation - Windows Problem Reporting.) - (10.0.17134.885) = C:\Windows\System32\wermgr.exe
6532 | [Owner : SystÃ¨me |Parent : 692] - (.Microsoft Corporation - Windows Problem Reporting.) - (10.0.17134.885) = C:\Windows\System32\wermgr.exe
6540 | [Owner : SystÃ¨me |Parent : 692] - (.Microsoft Corporation - Windows Problem Reporting.) - (10.0.17134.885) = C:\Windows\System32\wermgr.exe
6548 | [Owner : SystÃ¨me |Parent : 692] - (.Microsoft Corporation - Windows Problem Reporting.) - (10.0.17134.885) = C:\Windows\System32\wermgr.exe
6888 | [Owner : SystÃ¨me |Parent : 692] - (.Microsoft Corporation - Windows Problem Reporting.) - (10.0.17134.885) = C:\Windows\System32\wermgr.exe
7064 | [Owner : SystÃ¨me |Parent : 692] - (.Microsoft Corporation - Windows Problem Reporting.) - (10.0.17134.885) = C:\Windows\System32\wermgr.exe
5152 | [Owner : SystÃ¨me |Parent : 692] - (.Microsoft Corporation - Windows Problem Reporting.) - (10.0.17134.885) = C:\Windows\System32\wermgr.exe
6168 | [Owner : SystÃ¨me |Parent : 692] - (.Microsoft Corporation - Windows Problem Reporting.) - (10.0.17134.885) = C:\Windows\System32\wermgr.exe
4696 | [Owner : SystÃ¨me |Parent : 692] - (.Microsoft Corporation - Windows Problem Reporting.) - (10.0.17134.885) = C:\Windows\System32\wermgr.exe
3960 | [Owner : SystÃ¨me |Parent : 692] - (.Microsoft Corporation - Windows Problem Reporting.) - (10.0.17134.885) = C:\Windows\System32\wermgr.exe
6664 | [Owner : SystÃ¨me |Parent : 3896] - (.Microsoft Corporation - Microsoft Compatibility Telemetry.) - (10.0.18362.1013) = C:\Windows\System32\CompatTelRunner.exe
5388 | [Owner : SystÃ¨me |Parent : 692] - (.Microsoft Corporation - Windows Problem Reporting.) - (10.0.17134.885) = C:\Windows\System32\wermgr.exe
6620 | [Owner : SystÃ¨me |Parent : 692] - (.Microsoft Corporation - Windows Problem Reporting.) - (10.0.17134.885) = C:\Windows\System32\wermgr.exe

Â¤Â¤Â¤Â¤Â¤Â¤Â¤Â¤Â¤Â¤ # Winlogon user


Â¤Â¤Â¤Â¤Â¤Â¤Â¤Â¤Â¤Â¤ # Winlogon machine


Â¤Â¤Â¤Â¤Â¤Â¤Â¤Â¤Â¤Â¤ # SafeBoot

Safeboot Keys are O.K

Alternate shell is OK !

ï¿½


Â¤Â¤Â¤Â¤Â¤Â¤Â¤Â¤Â¤Â¤ # IFEO


Â¤Â¤Â¤Â¤Â¤Â¤Â¤Â¤Â¤Â¤ # Mountpoints2



Â¤Â¤Â¤Â¤Â¤Â¤Â¤Â¤Â¤Â¤ # Windows

[HKLM\Software\Microsoft\Windows NT\CurrentVersion\IniFileMapping\system.ini\Boot]~[Shell] : SYS:Microsoft\Windows NT\CurrentVersion\Winlogon
[HKLM\Software\Microsoft\Windows NT\CurrentVersion\IniFileMapping\win.ini]~[winlogon] : SYS:Microsoft\Windows NT\CurrentVersion\Winlogon
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\IniFileMapping\system.ini\Boot]~[Shell] : SYS:Microsoft\Windows NT\CurrentVersion\Winlogon

Â¤Â¤Â¤Â¤Â¤Â¤Â¤Â¤Â¤Â¤ # Security center




Â¤Â¤Â¤Â¤Â¤Â¤Â¤Â¤Â¤Â¤ # Services


Repaired : [HKLM\SYSTEM\CurrentControlSet\Services\Bits]~[Start] : 3 -> 2
Repaired : [HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess]~[Start] : 1 -> 2

Â¤Â¤Â¤Â¤Â¤Â¤Â¤Â¤Â¤Â¤ # Internet Explorer


Â¤Â¤Â¤Â¤Â¤Â¤Â¤Â¤Â¤Â¤ # reparsepoint



Â¤Â¤Â¤Â¤Â¤Â¤Â¤Â¤Â¤Â¤ # Offsets


Â¤Â¤Â¤Â¤Â¤Â¤Â¤Â¤Â¤Â¤ # Files | Folders | Registry



Moved to quarantine successfully  : F:\cispremium_installer.exe

Â¤Â¤Â¤Â¤Â¤Â¤Â¤Â¤Â¤Â¤ # ADS


Prefetch -> cleaned


E:\ : Vaccinated (Vaccin created by Pre_Scan)

Â¤Â¤Â¤Â¤Â¤Â¤Â¤Â¤Â¤Â¤ | Hidden files

~ [Windows] : Hidden : 2 | Restored : 1


End : 16:44:23


Â¤Â¤Â¤Â¤Â¤Â¤Â¤Â¤Â¤Â¤( EOF )Â¤Â¤Â¤Â¤Â¤Â¤Â¤Â¤Â¤Â¤ - 264