¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Pre_Scan | g3n-h@ckm@n | V9_18.10.19.1 ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ ¤¤¤¤¤ XP | Vista | 7 | 8 - 32/64 bits ¤¤¤¤¤ - Start 13:37:21 04/06/2021 Updated 18/10/2019 | 07:30 (GMT) by g3n-h@ckm@n Contact : http://www.sosvirus.net/ Pre_scan Feedbacks : http://www.sosvirus.net/feedback-t74962.html [Jean Marie CARRIBON (Administrator)] - [DESKTOP-NA2IIKJ] SID = S-1-5-21-2982999039-1405869219-2042017926-1001 Boot: Normal boot System : Windows 10 Home (64 bits) Core ProcessorNameString : AMD E2-7110 APU with AMD Radeon R2 Graphics Identifier : AMD64 Family 22 Model 48 Stepping 1 CoreTemp : 30 Celsius - Max : 90 Celsius Memory RAM = Total (MB) : 3595 | Free (MB) : 1497 Pagefile = Total (MB) : 7892 | Free (MB) : 5701 Virtual = Total (MB) : 4194 | Free (MB) : 3958 ¤¤¤¤¤¤¤¤¤¤ # Components of starting up ¤¤¤¤¤¤¤¤¤¤¤ # Drives O:\-> [Removable] | [SAND MEMTES] | Total : 14.26 Go | Free : 2.8 Go -> FAT32 [USB] N:\-> [Removable] | [CUBUNTU ONE] | Total : 7.2 Go | Free : 0.04 Go -> FAT32 [USB] L:\-> [Removable] | [JARDINE2REM] | Total : 29.71 Go | Free : 0.22 Go -> FAT32 [USB] K:\-> [Removable] | [CUBUNTU ONE] | Total : 14.4 Go | Free : 6.92 Go -> FAT32 [USB] J:\-> [Removable] | [LUBUNTU 15_] | Total : 29.33 Go | Free : 28.46 Go -> FAT32 [USB] I:\-> [Removable] | [] | Total : 29.27 Go | Free : 13.33 Go -> FAT32 [USB] G:\-> [Removable] | [MULTIBOOT] | Total : 1.9 Go | Free : 0.02 Go -> FAT32 [USB] F:\-> [Removable] | [PHONE CARD] | Total : 1.88 Go | Free : 1.76 Go -> FAT [USB] C:\-> [Fixed] | [WINDOWS 10 FAMILLE 64 BITS] | Total : 930.91 Go | Free : 863.85 Go -> NTFS [SATA] ¤¤¤¤¤¤¤¤¤¤ # Windows updates Windows Is Activated ¤¤¤¤¤¤¤¤¤¤ # Sessions C:\WINDOWS\system32\config\systemprofile C:\WINDOWS\ServiceProfiles\LocalService C:\WINDOWS\ServiceProfiles\NetworkService C:\Users\Jean Marie CARRIBON Registry saved , to restore : Shortcut on the desktop 'Pre_Scan_Restore' Restore the register (C:\Pre_Scan\Save\Registry [06.04.2021 @ 13_29_38]) To restore File or Folder : Shortcut on the desktop 'Pre_Scan_Restore' , select 'restore File - Folder' , select an Item and click on Restore ¤¤¤¤¤¤¤¤¤¤ # Browsers IE : 11.0.19041.1 (© Microsoft Corporation.) GC : 89.0.4389.114 (Copyright 2020 Google LLC.) ¤¤¤¤¤¤¤¤¤¤ # FlashPlayer ActiveX : 32.0.0.445 Plugin : 32.0.0.465 ���������� # Security AV : COMODO Antivirus Disabled AS : Windows Defender Enabled FW : WMI : OK WU: Windows Update Service [Manual(3)] = Running AS: Windows Defender [Auto(2)] = Running FW: Windows FireWall Service [Auto(2)] = Running ¤¤¤¤¤¤¤¤¤¤ # Stopped processes 1872 | [Owner : |Parent : 888] - (.AMD - AMD External Events Service Module.) - (27.20.1034.6) = C:\Windows\System32\DriverStore\FileRepository\c0360470.inf_amd64_b06c374aee20d185\B360357\atiesrxx.exe 2788 | [Owner : |Parent : 1872] - (.AMD - AMD External Events Client Module.) - (27.20.1034.6) = C:\Windows\System32\DriverStore\FileRepository\c0360470.inf_amd64_b06c374aee20d185\B360357\atieclxx.exe 2848 | [Owner : Jean Marie CARRIBON |Parent : 1220] - (.Microsoft Corporation - Shell Infrastructure Host.) - (10.0.19041.746) = C:\Windows\System32\sihost.exe 2872 | [Owner : Jean Marie CARRIBON |Parent : 888] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe 1416 | [Owner : Jean Marie CARRIBON |Parent : 1220] - (.Microsoft Corporation - Processus hôte pour Tâches Windows.) - (10.0.19041.662) = C:\Windows\System32\taskhostw.exe 2292 | [Owner : Jean Marie CARRIBON |Parent : 1384] - (.Microsoft Corporation - Chargeur CTF.) - (10.0.19041.1) = C:\Windows\System32\ctfmon.exe 1684 | [Owner : Aucun |Parent : 3060] - (.Microsoft Corporation - Outil de configuration du Planificateur de tâches.) - (10.0.19041.662) = C:\Windows\System32\schtasks.exe 2656 | [Owner : Aucun |Parent : 1684] - (.Microsoft Corporation - Hôte de la fenêtre de la console.) - (10.0.19041.746) = C:\Windows\System32\conhost.exe 3060 | [Owner : Jean Marie CARRIBON |Parent : 2572] - (.Microsoft Corporation - Explorateur Windows.) - (10.0.19041.844) = C:\Windows\explorer.exe 848 | [Owner : |Parent : 888] - (.Realtek Semiconductor - Realtek Audio Service.) - (1.0.0.88) = C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe 3256 | [Owner : |Parent : 848] - (.Realtek Semiconductor - HD Audio Background Process.) - (1.0.0.295) = C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe 3276 | [Owner : |Parent : 848] - (.Realtek Semiconductor - HD Audio Background Process.) - (1.0.0.295) = C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe 3520 | [Owner : Jean Marie CARRIBON |Parent : 888] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe 3620 | [Owner : |Parent : 888] - (.Microsoft Corporation - Application sous-système spouleur.) - (10.0.19041.746) = C:\Windows\System32\spoolsv.exe 3084 | [Owner : Jean Marie CARRIBON |Parent : 748] - (. - .) - (0.0.0.0) = C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe 3676 | [Owner : Système |Parent : 888] - (.Adobe Inc. - Adobe Acrobat Update Service.) - (1.824.42.176) = C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 3800 | [Owner : Système |Parent : 888] - (.CGMHub - CGMHub.) - (1.0.0.86) = C:\Program Files (x86)\CGM\CGMHub\CGMHub.exe 4116 | [Owner : Système |Parent : 888] - (.Seiko Epson Corporation - MyEpson Portal Service.) - (1.0.3.3) = C:\Program Files (x86)\epson\MyEpson Portal\mepService.exe 4144 | [Owner : Système |Parent : 888] - (.Realtek Semiconductor Corp. - Realtek Bluetooth BTDevManager Service Application.) - (1.1.26.1) = C:\Windows\RtkBtManServ.exe 4192 | [Owner : |Parent : 888] - (.COMODO - COMODO Internet Security.) - (12.2.2.7098) = C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe 4196 | [Owner : Système |Parent : 888] - (.COMODO - COMODO Internet Security.) - (12.2.2.7098) = C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe 4208 | [Owner : |Parent : 888] - (.Microsoft Corporation - Antimalware Service Executable.) - (4.18.2103.6) = C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.6-0\MsMpEng.exe 4224 | [Owner : Système |Parent : 888] - (.Seiko Epson Corporation - Epson Scanner Service (64bit).) - (1.1.0.1) = C:\Windows\System32\escsvc64.exe 4260 | [Owner : Système |Parent : 888] - (.COMODO - Internet Security Essentials.) - (1.6.13835.185) = C:\Program Files (x86)\COMODO\Internet Security Essentials\isesrv.exe 4368 | [Owner : Système |Parent : 888] - (.Comodo - Comodo Dragon.) - (1.0.0.1) = C:\Program Files (x86)\COMODO\Dragon\dragon_updater.exe 4760 | [Owner : Jean Marie CARRIBON |Parent : 748] - (.Microsoft Corporation - Runtime Broker.) - (10.0.19041.746) = C:\Windows\System32\RuntimeBroker.exe 4168 | [Owner : Jean Marie CARRIBON |Parent : 4116] - (.Seiko Epson Corporation - MyEpson Portal.) - (1.1.3.4) = C:\Program Files (x86)\epson\MyEpson Portal\mep.exe 5248 | [Owner : LogonSessionId_0_504576 |Parent : 888] - (.Microsoft Corporation - Indexeur Microsoft Windows Search.) - (7.0.19041.844) = C:\Windows\System32\SearchIndexer.exe 5796 | [Owner : Jean Marie CARRIBON |Parent : 748] - (.Microsoft Corporation - Runtime Broker.) - (10.0.19041.746) = C:\Windows\System32\RuntimeBroker.exe 6132 | [Owner : Jean Marie CARRIBON |Parent : 748] - (.Microsoft Corporation - YourPhone.) - (1.20082.141.0) = C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20082.141.0_x64__8wekyb3d8bbwe\YourPhone.exe 6856 | [Owner : Jean Marie CARRIBON |Parent : 3060] - (.Microsoft Corporation - Windows Security notification icon.) - (10.0.19041.1) = C:\Windows\System32\SecurityHealthSystray.exe 6880 | [Owner : Jean Marie CARRIBON |Parent : 3060] - (.COMODO - COMODO Internet Security.) - (12.2.2.7098) = C:\Program Files\COMODO\COMODO Internet Security\cis.exe 6900 | [Owner : |Parent : 888] - (.Microsoft Corporation - Windows Security Health Service.) - (4.18.1907.16384) = C:\Windows\System32\SecurityHealthService.exe 5700 | [Owner : Jean Marie CARRIBON |Parent : 2996] - (.Advanced Micro Devices, Inc. - Radeon Software: Host Application.) - (10.1.2.1798) = C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe 6932 | [Owner : Jean Marie CARRIBON |Parent : 3060] - (.Seiko Epson Corporation - Epson Software Updater.) - (1.0.0.0) = C:\Program Files (x86)\Epson Software\Download Navigator\EPSDNMON.EXE 6408 | [Owner : Jean Marie CARRIBON |Parent : 748] - (.Microsoft Corporation - Runtime Broker.) - (10.0.19041.746) = C:\Windows\System32\RuntimeBroker.exe 3632 | [Owner : Jean Marie CARRIBON |Parent : 3060] - (.Skype Technologies S.A. - Skype.) - (8.64.0.80) = C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\Skype.exe 5332 | [Owner : Jean Marie CARRIBON |Parent : 3060] - (.ASIP SANTE - Gestionnaire de certificats CPS WIN 64 (Version Release).) - (3.13.0.0) = C:\Program Files\santesocial\CPS\CCM.exe 3888 | [Owner : Jean Marie CARRIBON |Parent : 6480] - (.Hagel Technologies Ltd - DU Meter.) - (3.50.2822.0) = C:\Program Files (x86)\DU Meter\DUMeter.exe 6124 | [Owner : Jean Marie CARRIBON |Parent : 6480] - (.CNAMTS - GIE SESAM-Vitale - SrvSVCNAM.) - (3.40.0.0) = C:\Program Files (x86)\santesocial\srvsvcnam\SRVSVCNAM.exe 7208 | [Owner : Jean Marie CARRIBON |Parent : 6480] - (.SEIKO EPSON CORPORATION - Fax Reception.) - (3.0.2.1) = C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe 7228 | [Owner : |Parent : 888] - (.Microsoft Corporation - Microsoft Network Realtime Inspection Service.) - (4.18.2103.6) = C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.6-0\NisSrv.exe 7328 | [Owner : Jean Marie CARRIBON |Parent : 6480] - (.SEIKO EPSON CORPORATION - Fax Transmission.) - (3.0.2.1) = C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe 7412 | [Owner : Jean Marie CARRIBON |Parent : 1220] - (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) - (1.0.693.0) = C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe 7480 | [Owner : Jean Marie CARRIBON |Parent : 6480] - (.SEIKO EPSON CORPORATION - EEventManager Application.) - (3.2.0.0) = C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe 7516 | [Owner : Jean Marie CARRIBON |Parent : 6480] - (.COMODO - Internet Security Essentials.) - (1.6.13835.185) = C:\Program Files (x86)\COMODO\Internet Security Essentials\vkise.exe 7584 | [Owner : Jean Marie CARRIBON |Parent : 5332] - (.GIE SESAM VITALE - ASIP SANTE - Serveur du Gestionnaire d'Acces au Lecteur WIN 64 sur NP (RELEASE) .) - (3.42.0.0) = C:\Program Files\santesocial\galss\galsvw64.exe 7776 | [Owner : Aucun |Parent : 1256] - (.Piriform Software Ltd - CCleaner.) - (5.78.0.8558) = C:\Program Files\CCleaner\CCleaner64.exe 5360 | [Owner : Jean Marie CARRIBON |Parent : 4348] - (.Advanced Micro Devices, Inc. - Radeon Settings: Host Service.) - (10.1.1.1798) = C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe 1324 | [Owner : Jean Marie CARRIBON |Parent : 5360] - (.Advanced Micro Devices, Inc. - Radeon Settings: Desktop Overlay.) - (10.1.1.1798) = C:\Program Files\AMD\CNext\CNext\amdow.exe 2068 | [Owner : Système |Parent : 3044] - (.Google LLC - Google Crash Handler.) - (1.3.36.71) = C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler.exe 2380 | [Owner : Système |Parent : 3044] - (.Google LLC - Google Crash Handler.) - (1.3.36.71) = C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler64.exe 7028 | [Owner : Jean Marie CARRIBON |Parent : 6880] - (.COMODO - COMODO Internet Security.) - (12.2.2.7098) = C:\Program Files\COMODO\COMODO Internet Security\cis.exe 3864 | [Owner : Jean Marie CARRIBON |Parent : 7028] - (.COMODO - COMODO Internet Security.) - (12.2.2.7098) = C:\Program Files\COMODO\COMODO Internet Security\cis.exe 2148 | [Owner : Jean Marie CARRIBON |Parent : 7028] - (.COMODO - COMODO Internet Security.) - (12.2.2.7098) = C:\Program Files\COMODO\COMODO Internet Security\cis.exe 8304 | [Owner : Jean Marie CARRIBON |Parent : 7884] - (.COMODO - COMODO Secure Shopping.) - (1.4.50284.159) = C:\Program Files (x86)\COMODO\COMODO Secure Shopping\vdcss.exe 9584 | [Owner : Système |Parent : 748] - (.Microsoft Corporation - MoUSO Core Worker Process.) - (10.0.19041.844) = C:\Windows\System32\MoUsoCoreWorker.exe 7840 | [Owner : Jean Marie CARRIBON |Parent : 748] - (.Microsoft Corporation - Runtime Broker.) - (10.0.19041.746) = C:\Windows\System32\RuntimeBroker.exe 9820 | [Owner : Jean Marie CARRIBON |Parent : 748] - (.Microsoft Corporation - Runtime Broker.) - (10.0.19041.746) = C:\Windows\System32\RuntimeBroker.exe 5656 | [Owner : Jean Marie CARRIBON |Parent : 748] - (.Microsoft Corporation - User OOBE Broker.) - (10.0.19041.746) = C:\Windows\System32\oobe\UserOOBEBroker.exe 11164 | [Owner : Système |Parent : 748] - (.COMODO - COMODO Internet Security.) - (12.2.2.7098) = C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe 9864 | [Owner : Jean Marie CARRIBON |Parent : 748] - (.Microsoft Corporation - Windows Defender SmartScreen.) - (10.0.19041.844) = C:\Windows\System32\smartscreen.exe 11084 | [Owner : Jean Marie CARRIBON |Parent : 7040] - (.Mozilla Corporation - Firefox.) - (87.0.0.7747) = C:\Program Files\Mozilla Firefox\firefox.exe 3196 | [Owner : Jean Marie CARRIBON |Parent : 11084] - (.Mozilla Corporation - Firefox.) - (87.0.0.7747) = C:\Program Files\Mozilla Firefox\firefox.exe 11236 | [Owner : Jean Marie CARRIBON |Parent : 11084] - (.Mozilla Corporation - Firefox.) - (87.0.0.7747) = C:\Program Files\Mozilla Firefox\firefox.exe 11152 | [Owner : Jean Marie CARRIBON |Parent : 11084] - (.Mozilla Corporation - Firefox.) - (87.0.0.7747) = C:\Program Files\Mozilla Firefox\firefox.exe 2116 | [Owner : Jean Marie CARRIBON |Parent : 11084] - (.Mozilla Corporation - Firefox.) - (87.0.0.7747) = C:\Program Files\Mozilla Firefox\firefox.exe 10416 | [Owner : Jean Marie CARRIBON |Parent : 11084] - (.Mozilla Corporation - Firefox.) - (87.0.0.7747) = C:\Program Files\Mozilla Firefox\firefox.exe 9988 | [Owner : Aucun |Parent : 3268] - (.Piriform Software Ltd - CCleaner.) - (5.78.0.8558) = C:\Program Files\CCleaner\CCleaner64.exe 10580 | [Owner : Jean Marie CARRIBON |Parent : 748] - (.Microsoft Corporation - Application Frame Host.) - (10.0.19041.746) = C:\Windows\System32\ApplicationFrameHost.exe 8256 | [Owner : Jean Marie CARRIBON |Parent : 748] - (.Microsoft Corporation - Runtime Broker.) - (10.0.19041.746) = C:\Windows\System32\RuntimeBroker.exe 11680 | [Owner : |Parent : 888] - (.Microsoft Corporation - Service de la plateforme de protection logicielle Microsoft.) - (10.0.19041.867) = C:\Windows\System32\sppsvc.exe ¤¤¤¤¤¤¤¤¤¤ # Winlogon user ¤¤¤¤¤¤¤¤¤¤ # Winlogon machine Repaired : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon]~[userinit] : -> C:\WINDOWS\SYSWOW64\userinit.exe, ¤¤¤¤¤¤¤¤¤¤ # SafeBoot Safeboot Keys are O.K Alternate shell is OK ! � ¤¤¤¤¤¤¤¤¤¤ | Winsock ¤¤¤¤¤¤¤¤¤¤ # IFEO ¤¤¤¤¤¤¤¤¤¤ # Mountpoints2 Content of O:\AUTORUN.INF : Content of N:\AUTORUN.INF : Content of K:\AUTORUN.INF : Content of G:\autorun.inf : ¤¤¤¤¤¤¤¤¤¤ # Windows [HKLM\Software\Microsoft\Windows NT\CurrentVersion\IniFileMapping\system.ini\Boot]~[Shell] : SYS:Microsoft\Windows NT\CurrentVersion\Winlogon [HKLM\Software\Microsoft\Windows NT\CurrentVersion\IniFileMapping\win.ini]~[winlogon] : SYS:Microsoft\Windows NT\CurrentVersion\Winlogon [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\IniFileMapping\system.ini\Boot]~[Shell] : SYS:Microsoft\Windows NT\CurrentVersion\Winlogon ¤¤¤¤¤¤¤¤¤¤ # Security center Repaired : [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellServiceObjects\{F56F6FDD-AA9D-4618-A949-C1B91AF43B1A}]~[Autostart] : -> C:\WINDOWS\System32\ActionCenter.dll ¤¤¤¤¤¤¤¤¤¤ # Services Impossible to restore service : BROWSER Repaired : [HKLM\SYSTEM\CurrentControlSet\Services\Compbatt]~[Start] : -> 0 Repaired : [HKLM\SYSTEM\CurrentControlSet\Services\srService]~[Start] : -> 2 Repaired : [HKLM\SYSTEM\CurrentControlSet\Services\PlugPlay]~[Start] : 3 -> 2 Repaired : [HKLM\SYSTEM\CurrentControlSet\Services\Parvdm]~[Start] : -> 2 Repaired : [HKLM\SYSTEM\CurrentControlSet\Services\NVSvc]~[Start] : -> 2 Repaired : [HKLM\SYSTEM\CurrentControlSet\Services\NIHardwareService]~[Start] : -> 2 Repaired : [HKLM\SYSTEM\CurrentControlSet\Services\IKEEXT]~[Start] : 3 -> 2 Repaired : [HKLM\SYSTEM\CurrentControlSet\Services\IAStorDataMgrsvc]~[Start] : -> 2 Repaired : [HKLM\SYSTEM\CurrentControlSet\Services\lmhosts]~[Start] : 3 -> 2 Repaired : [HKLM\SYSTEM\CurrentControlSet\Services\agp440]~[Start] : -> 2 Repaired : [HKLM\SYSTEM\CurrentControlSet\Services\Browser]~[Start] : -> 3 Repaired : [HKLM\SYSTEM\CurrentControlSet\Services\ERSvc]~[Start] : -> 2 Repaired : [HKLM\SYSTEM\CurrentControlSet\Services\Bits]~[Start] : 3 -> 2 Repaired : [HKLM\SYSTEM\CurrentControlSet\Services\EapHost]~[Start] : 3 -> 2 Repaired : [HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess]~[Start] : 3 -> 2 Repaired : [HKLM\SYSTEM\CurrentControlSet\Services\wuauserv]~[Start] : 3 -> 2 Repaired : [HKLM\SYSTEM\CurrentControlSet\Services\wudfsvc]~[Start] : -> 2 Repaired : [HKLM\SYSTEM\CurrentControlSet\Services\WerSvc]~[Start] : 3 -> 2 ¤¤¤¤¤¤¤¤¤¤ # Internet Explorer ¤¤¤¤¤¤¤¤¤¤ # reparsepoint ¤¤¤¤¤¤¤¤¤¤ # Offsets ¤¤¤¤¤¤¤¤¤¤ # Files | Folders | Registry Deleted : HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\Software\(null) Deleted : HKLM\Software\dotnet Deleted : HKLM\Software\Nico Mak Computing Deleted : HKLM\Software\WOW6432Node\dotnet Deleted : [HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]~[DU Meter] : C:\Program Files (x86)\DU Meter\DUMeter.exe Deleted : [HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]~[SrvSVCNAM] : C:\Program Files (x86)\santesocial\srvsvcnam\SRVSVCNAM.exe Moved to quarantine successfully : O:\kprm_2.9.exe Moved to quarantine successfully : O:\css_installer.exe Moved to quarantine successfully : O:\QuickDiag.exe Moved to quarantine successfully : O:\quickdiag_V5_29.10.19.1.exe Moved to quarantine successfully : O:\OTM.exe Moved to quarantine successfully : N:\quickdiag_V5_29.10.19.1.exe Moved to quarantine successfully : N:\OTM.exe Moved to quarantine successfully : N:\QuickDiag.exe Moved to quarantine successfully : L:\zapSetupWeb_158_145_18590.exe Moved to quarantine successfully : L:\freefirewall-setup.exe Moved to quarantine successfully : L:\privatefirewall.exe Moved to quarantine successfully : L:\zafwSetupWeb_158_145_18590.exe.exe Moved to quarantine successfully : L:\NetDefender.exe Moved to quarantine successfully : L:\zapSetupWeb_158_145_18590.exe.exe Moved to quarantine successfully : L:\PeerBlock-Setup_v1.2_r693.exe Moved to quarantine successfully : L:\wfc6setup.exe Moved to quarantine successfully : L:\mobianygo_trial_installer.exe Moved to quarantine successfully : L:\NetDefender(1).exe Moved to quarantine successfully : L:\mobianygo_trial_installer(1).exe Moved to quarantine successfully : L:\PeerBlock-Setup_v1.2_r693(1).exe Moved to quarantine successfully : L:\privatefirewall(1).exe Moved to quarantine successfully : L:\wfc6setup(1).exe Moved to quarantine successfully : L:\zafwSetupWeb_158_145_18590.exe(1).exe Moved to quarantine successfully : L:\zapSetupWeb_158_145_18590.exe(1).exe Moved to quarantine successfully : L:\kprm_2.9.exe Moved to quarantine successfully : L:\css_installer.exe Moved to quarantine successfully : L:\QuickDiag.exe Moved to quarantine successfully : L:\quickdiag_V5_29.10.19.1.exe Moved to quarantine successfully : L:\OTM.exe Moved to quarantine successfully : K:\kprm_2.9.exe Moved to quarantine successfully : K:\css_installer.exe Moved to quarantine successfully : K:\OTM.exe Moved to quarantine successfully : K:\QuickDiag.exe Moved to quarantine successfully : K:\quickdiag_V5_29.10.19.1.exe Moved to quarantine successfully : J:\kprm_2.9.exe Moved to quarantine successfully : J:\css_installer.exe Moved to quarantine successfully : J:\QuickDiag.exe Moved to quarantine successfully : J:\quickdiag_V5_29.10.19.1.exe Moved to quarantine successfully : J:\OTM.exe Will be moved in quarantine at reboot : I:\Start.exe Moved to quarantine successfully : F:\kprm_2.9.exe Moved to quarantine successfully : F:\css_installer.exe Moved to quarantine successfully : O:\Télé Assistance HelloDoc.lnk Moved to quarantine successfully : O:\Pense-bêtes.lnk Moved to quarantine successfully : O:\Print 3D.lnk Moved to quarantine successfully : O:\Votre téléphone.lnk Moved to quarantine successfully : O:\005[1] - Raccourci.lnk Moved to quarantine successfully : O:\Alarmes et horloge.lnk Moved to quarantine successfully : O:\Calculatrice.lnk Moved to quarantine successfully : O:\Calculette en Euros.lnk Moved to quarantine successfully : O:\Calendrier.lnk Moved to quarantine successfully : O:\Caméra.lnk Moved to quarantine successfully : O:\Candy Crush Friends.lnk Moved to quarantine successfully : O:\Candy Crush Saga.lnk Moved to quarantine successfully : O:\Capture d'écran et croquis.lnk Moved to quarantine successfully : O:\Cartes.lnk Moved to quarantine successfully : O:\DU Meter.lnk Moved to quarantine successfully : O:\Éditeur de vidéo.lnk Moved to quarantine successfully : O:\Mes Favoris.lnk Moved to quarantine successfully : O:\Mes Vidéos.lnk Moved to quarantine successfully : O:\Météo.lnk Moved to quarantine successfully : O:\Snipping Tool.lnk Moved to quarantine successfully : N:\Votre téléphone.lnk Moved to quarantine successfully : N:\Télé Assistance HelloDoc.lnk Moved to quarantine successfully : N:\Snipping Tool.lnk Moved to quarantine successfully : N:\Pense-bêtes.lnk Moved to quarantine successfully : N:\Print 3D.lnk Moved to quarantine successfully : N:\005[1] - Raccourci.lnk Moved to quarantine successfully : N:\Alarmes et horloge.lnk Moved to quarantine successfully : N:\Calculatrice.lnk Moved to quarantine successfully : N:\Calculette en Euros.lnk Moved to quarantine successfully : N:\Calendrier.lnk Moved to quarantine successfully : N:\Caméra.lnk Moved to quarantine successfully : N:\Candy Crush Friends.lnk Moved to quarantine successfully : N:\Candy Crush Saga.lnk Moved to quarantine successfully : N:\Capture d'écran et croquis.lnk Moved to quarantine successfully : N:\Cartes.lnk Moved to quarantine successfully : N:\DU Meter.lnk Moved to quarantine successfully : N:\Éditeur de vidéo.lnk Moved to quarantine successfully : N:\Mes Favoris.lnk Moved to quarantine successfully : N:\Mes Vidéos.lnk Moved to quarantine successfully : N:\Météo.lnk Moved to quarantine successfully : L:\Pense-bêtes.lnk Moved to quarantine successfully : L:\Print 3D.lnk Moved to quarantine successfully : L:\Télé Assistance HelloDoc.lnk Moved to quarantine successfully : L:\Votre téléphone.lnk Moved to quarantine successfully : L:\005[1] - Raccourci.lnk Moved to quarantine successfully : L:\Alarmes et horloge.lnk Moved to quarantine successfully : L:\Calculatrice.lnk Moved to quarantine successfully : L:\Calculette en Euros.lnk Moved to quarantine successfully : L:\Calendrier.lnk Moved to quarantine successfully : L:\Caméra.lnk Moved to quarantine successfully : L:\Candy Crush Friends.lnk Moved to quarantine successfully : L:\Candy Crush Saga.lnk Moved to quarantine successfully : L:\Capture d'écran et croquis.lnk Moved to quarantine successfully : L:\Cartes.lnk Moved to quarantine successfully : L:\DU Meter.lnk Moved to quarantine successfully : L:\Éditeur de vidéo.lnk Moved to quarantine successfully : L:\Mes Favoris.lnk Moved to quarantine successfully : L:\Mes Vidéos.lnk Moved to quarantine successfully : L:\Météo.lnk Moved to quarantine successfully : L:\Snipping Tool.lnk Moved to quarantine successfully : K:\Snipping Tool.lnk Moved to quarantine successfully : K:\Pense-bêtes.lnk Moved to quarantine successfully : K:\Print 3D.lnk Moved to quarantine successfully : K:\Télé Assistance HelloDoc.lnk Moved to quarantine successfully : K:\Votre téléphone.lnk Moved to quarantine successfully : K:\005[1] - Raccourci.lnk Moved to quarantine successfully : K:\Alarmes et horloge.lnk Moved to quarantine successfully : K:\Calculatrice.lnk Moved to quarantine successfully : K:\Calculette en Euros.lnk Moved to quarantine successfully : K:\Calendrier.lnk Moved to quarantine successfully : K:\Caméra.lnk Moved to quarantine successfully : K:\Candy Crush Friends.lnk Moved to quarantine successfully : K:\Candy Crush Saga.lnk Moved to quarantine successfully : K:\Capture d'écran et croquis.lnk Moved to quarantine successfully : K:\Cartes.lnk Moved to quarantine successfully : K:\DU Meter.lnk Moved to quarantine successfully : K:\Éditeur de vidéo.lnk Moved to quarantine successfully : K:\Mes Favoris.lnk Moved to quarantine successfully : K:\Mes Vidéos.lnk Moved to quarantine successfully : K:\Météo.lnk Moved to quarantine successfully : J:\Snipping Tool.lnk Moved to quarantine successfully : J:\Pense-bêtes.lnk Moved to quarantine successfully : J:\Print 3D.lnk Moved to quarantine successfully : J:\Télé Assistance HelloDoc.lnk Moved to quarantine successfully : J:\Votre téléphone.lnk Moved to quarantine successfully : J:\005[1] - Raccourci.lnk Moved to quarantine successfully : J:\Alarmes et horloge.lnk Moved to quarantine successfully : J:\Calculatrice.lnk Moved to quarantine successfully : J:\Calculette en Euros.lnk Moved to quarantine successfully : J:\Calendrier.lnk Moved to quarantine successfully : J:\Caméra.lnk Moved to quarantine successfully : J:\Candy Crush Friends.lnk Moved to quarantine successfully : J:\Candy Crush Saga.lnk Moved to quarantine successfully : J:\Capture d'écran et croquis.lnk Moved to quarantine successfully : J:\Cartes.lnk Moved to quarantine successfully : J:\DU Meter.lnk Moved to quarantine successfully : J:\Éditeur de vidéo.lnk Moved to quarantine successfully : J:\Mes Favoris.lnk Moved to quarantine successfully : J:\Mes Vidéos.lnk Moved to quarantine successfully : J:\Météo.lnk Will be moved in quarantine at reboot : C:\DumpStack.log.tmp Will be moved in quarantine at reboot : C:\DumpStack.log.tmp Moved to quarantine successfully : O:\desktop.ini Moved to quarantine successfully : N:\desktop.ini Moved to quarantine successfully : L:\desktop.ini Moved to quarantine successfully : K:\desktop.ini Moved to quarantine successfully : J:\desktop.ini ¤¤¤¤¤¤¤¤¤¤ # ADS ¤¤¤¤¤¤¤¤¤¤ # Prefetch cleaned F:\ : Vaccinated (Vaccin created by Pre_Scan) I:\ : Vaccinated (Vaccin created by Pre_Scan) J:\ : Vaccinated (Vaccin created by Pre_Scan) L:\ : Vaccinated (Vaccin created by Pre_Scan) ¤¤¤¤¤¤¤¤¤¤ | Hidden files ~ [Drive C:] : Hidden : 4 | Restored : 3 ~ [Program Files] : Hidden : 5 | Restored : 5 ~ [Users] : Hidden : 2 | Restored : 2 ~ [Documents] : Hidden : 3 | Restored : 3 ~ [Searches] : Hidden : 2 | Restored : 2 ~ [Windows] : Hidden : 73 | Restored : 70 ~ [Start Menu | Programs | Startup] : Hidden : 1 | Restored : 1 ~ [AppData] : Hidden : 12 | Restored : 12 End : 14:29:58 ¤¤¤¤¤¤¤¤¤¤( EOF )¤¤¤¤¤¤¤¤¤¤ - 417