--------------- QuickScript | g3n-h@ckm@n | 2_04.12.2016.1 --------------- ----- XP | Vista | 7 | 8 | 8.1 | 10 - 32/64 bits ----- - Start 21/12/2016 10:13:19 Updated 04/12/2016 | 10.30 by g3n-h@ckm@n Contact : http://www.sosvirus.net/ Time Zone : (UTC+01:00) Bruxelles, Copenhague, Madrid, Paris [jean- (Administrator)] - [DESKTOP-N632QEV] (S-1-5-21-4137909735-3827719672-2247753569-1001) System: Microsoft Windows 10 Professionnel - - (10.0.14393) - BuildType: Multiprocessor Free - OSLanguage: 1036 (040c) System: AutoReboot: True - DebugFilePath: %SystemRoot%\MEMORY.DMP - KernelDumpOnly: False - OverwriteExistingDebugFile: True - WriteDebugInfo: True - WriteToSystemLog: True Boot : Microsoft Windows 10 Professionnel|C:\WINDOWS|\Device\Harddisk0\Partition3 Boot : Normal boot PC: CQ2904EF - Hewlett-Packard - IdNumber: 4CH3100VPJ - UUID: 2C238515-5AA2-7984-51F0-370493363EDB Processor : X64 - 1397 Mhz - AMD E1-1200 APU with Radeon(tm) HD Graphics 8.17 - fra - AMI - S/N: 4CH3100VPJ - 8.17 - HPQOEM - 1072009 CoreTemp : ? Celsius ----------| Script 1720 | [Owner : |Parent : 840(services.exe)] - (.AMD - AMD External Events Service Module.) - (6.14.11.1199) = C:\Windows\System32\atiesrxx.exe 1884 | [Owner : |Parent : 1720(atiesrxx.exe)] - (.AMD - AMD External Events Client Module.) - (6.14.11.1199) = C:\Windows\System32\atieclxx.exe 2236 | [Owner : |Parent : 840(services.exe)] - (.Realtek Semiconductor - Realtek Audio Service.) - (1.0.0.48) = C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe 2284 | [Owner : |Parent : 2236(RtkAudioService64.exe)] - (.Realtek Semiconductor - HD Audio Background Process.) - (1.0.0.159) = C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe 2384 | [Owner : |Parent : 840(services.exe)] - (.Microsoft Corporation - Application sous-système spouleur.) - (10.0.14393.351) = C:\Windows\System32\spoolsv.exe 2692 | [Owner : SERVICE LOCAL |Parent : 1168(svchost.exe)] - (.Microsoft Corporation - Device Association Framework Provider Host.) - (10.0.14393.82) = C:\Windows\System32\dasHost.exe 888 | [Owner : Système |Parent : 840(services.exe)] - (.Advanced Micro Devices, Inc. - Service Fusion Utility.) - (1.0.0.0) = C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe 736 | [Owner : Système |Parent : 840(services.exe)] - (.COMODO Security Solutions - COMODO COSService.) - (1.0.0.1846) = C:\Program Files\COMODO\COMMON\COSService.exe 3080 | [Owner : Système |Parent : 840(services.exe)] - (.SUPERAntiSpyware.com - Core Service.) - (6.0.0.1080) = C:\Program Files\SUPERAntiSpyware\SASCore64.exe 3156 | [Owner : Système |Parent : 840(services.exe)] - (.Seiko Epson Corporation - Epson Scanner Service (64bit).) - (1.1.0.1) = C:\Windows\System32\escsvc64.exe 3228 | [Owner : Système |Parent : 840(services.exe)] - (.Paramount Software UK Ltd - Macrium Reflect Utility Service.) - (6.3.1665.0) = C:\Program Files\Macrium\Common\MacriumService.exe 3320 | [Owner : Système |Parent : 840(services.exe)] - (.SEIKO EPSON CORPORATION - MyEpson Portal Service.) - (1.0.3.1) = C:\Program Files (x86)\EPSON\MyEpson Portal\mepService.exe 3348 | [Owner : LogonSessionId_0_202565 |Parent : 840(services.exe)] - (.Microsoft Corporation - SQL Server VSS Writer - 64 Bit.) - (2011.110.5058.0) = C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe 3376 | [Owner : Système |Parent : 840(services.exe)] - (.COMODO Security Solutions - COMODO SynchronizationService.) - (1.0.0.1846) = C:\Program Files\COMODO\COMMON\SynchronizationService.exe 3472 | [Owner : Système |Parent : 840(services.exe)] - (.RaMMicHaeL - Unchecky Service.) - (1.0.1.0) = C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe 3516 | [Owner : Système |Parent : 840(services.exe)] - (.Zemana Ltd. - ZAM.) - (0.0.0.0) = C:\Program Files (x86)\Zemana AntiLogger\ZAM.exe 4136 | [Owner : Système |Parent : 3320()] - (.Microsoft Corporation - Print driver host for applications.) - (10.0.14393.351) = C:\Windows\splwow64.exe 4504 | [Owner : LogonSessionId_0_283343 |Parent : 840(services.exe)] - (.Microsoft Corporation - Service de disque virtuel.) - (10.0.14393.0) = C:\Windows\System32\vds.exe 4768 | [Owner : LogonSessionId_0_201037 |Parent : 840(services.exe)] - (.Microsoft Corporation - SQL Server Windows NT.) - (2011.110.5343.0) = C:\Program Files (x86)\Microsoft SQL Server\MSSQL11.ADK\MSSQL\Binn\sqlservr.exe 5836 | [Owner : jean- |Parent : 840(services.exe)] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.14393.0) = C:\Windows\System32\svchost.exe 5844 | [Owner : jean- |Parent : 3320()] - (.SEIKO EPSON CORPORATION - MyEpson Portal.) - (1.1.2.4) = C:\Program Files (x86)\EPSON\MyEpson Portal\mep.exe 5556 | [Owner : jean- |Parent : 1096(svchost.exe)] - (.Microsoft Corporation - Processus hôte pour Tâches Windows.) - (10.0.14393.0) = C:\Windows\System32\taskhostw.exe 5540 | [Owner : jean- |Parent : 1096(svchost.exe)] - (.WiseCleaner.com - Wise Hotkey.) - (1.1.5.29) = C:\Program Files\Wise\Wise Hotkey\WiseHotkey.exe 5656 | [Owner : jean- |Parent : 1096(svchost.exe)] - (.Glarysoft Ltd - Glary SoftwareUpdatePro.) - (5.42.0.36) = C:\Program Files (x86)\Glarysoft\Software Update Pro\SoftwareUpdatePro.exe 6164 | [Owner : jean- |Parent : 1096(svchost.exe)] - (.Informer Technologies, Inc. - Software Informer.) - (1.5.1321.0) = C:\Program Files\Software Informer\softinfo.exe 6300 | [Owner : jean- |Parent : 952(svchost.exe)] - (.Microsoft Corporation - Runtime Broker.) - (10.0.14393.0) = C:\Windows\System32\RuntimeBroker.exe 6736 | [Owner : jean- |Parent : 5844(mep.exe)] - (.Microsoft Corporation - Print driver host for applications.) - (10.0.14393.351) = C:\Windows\splwow64.exe 7144 | [Owner : Système |Parent : 840(services.exe)] - (.HP Inc. - HP Support Solutions Framework Service.) - (8.5.32.203) = C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe 7300 | [Owner : jean- |Parent : 6492(explorer.exe)] - (. - .) - (0.0.0.0) = C:\Program Files (x86)\EaseUS\EaseUS EverySync\bin\EaseUSEverySyncCache.exe 7696 | [Owner : jean- |Parent : 6492(explorer.exe)] - (. - .) - (11.15.1046.10613) = C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.15.1046.10613\AdAwareTray.exe 7700 | [Owner : jean- |Parent : 6492(explorer.exe)] - (.Microsoft Corporation - Microsoft OneDrive.) - (17.3.6720.1207) = C:\Users\jean-\AppData\Local\Microsoft\OneDrive\OneDrive.exe 2996 | [Owner : jean- |Parent : 6492(explorer.exe)] - (. - Copy Handler 1.40.) - (1.40.815.0) = C:\Program Files\Copy Handler\ch64.exe 7024 | [Owner : jean- |Parent : 6492(explorer.exe)] - (.COMODO Security Solutions - cCloud.) - (2.0.0.828) = C:\Program Files\COMODO\cCloud\cCloud.exe 7584 | [Owner : jean- |Parent : 6492(explorer.exe)] - (.CyberLink Corp. - Power2Go Desktop Burning Gadget.) - (11.0.1013.0) = C:\Program Files (x86)\CyberLink\Power2Go11\Power2GoExpress.exe 5212 | [Owner : Système |Parent : 840(services.exe)] - (.Disc Soft Ltd - Disc Soft Bus Service Pro.) - (8.1.0.654) = C:\Program Files\DAEMON Tools Pro\DiscSoftBusServicePro.exe 5248 | [Owner : Système |Parent : 796(winlogon.exe)] - (.Microsoft Corporation - Usermode Font Driver Host.) - (10.0.14393.447) = C:\Windows\System32\fontdrvhost.exe 8620 | [Owner : jean- |Parent : 6492(explorer.exe)] - (.TechSmith Corporation - Jing.) - (2.9.15255.1) = C:\Program Files (x86)\TechSmith\Jing\Jing.exe 8684 | [Owner : jean- |Parent : 6492(explorer.exe)] - (.Informer Technologies, Inc. - Software Informer.) - (1.5.1321.0) = C:\Program Files\Software Informer\softinfo.exe 8936 | [Owner : jean- |Parent : 6492(explorer.exe)] - (. - .) - (1.0.0.0) = C:\Program Files (x86)\PowerArchiver\PASTARTER.EXE 9208 | [Owner : jean- |Parent : 6492(explorer.exe)] - (.WinZip Computing, S.L. - WinZip Update Notifier.) - (2.1.28393.10) = C:\Program Files\WinZip\WZUpdateNotifier.exe 7388 | [Owner : jean- |Parent : 6492(explorer.exe)] - (.WinZip Computing, S.L. - WinZip Preloader.) - (21.0.12295.0) = C:\Program Files\WinZip\WzPreloader.exe 7744 | [Owner : jean- |Parent : 6492(explorer.exe)] - (.CHENGDU Yiwo Tech Development Co., Ltd. - .) - (2.0.0.0) = C:\Program Files (x86)\EaseUS\EaseUS EverySync\bin\EverySync.exe 8508 | [Owner : jean- |Parent : 9064()] - (.Microsoft Corp. - Bing Desktop Application.) - (1.4.167.0) = C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe 7076 | [Owner : jean- |Parent : 9064()] - (.CyberLink Corp. - CyberLink VideoMeeting+/PresenterLink+ Service.) - (1.0.1726.0) = C:\Program Files (x86)\CyberLink\Shared files\VMXPLXShare\Service\VMXPLXService.exe 8708 | [Owner : jean- |Parent : 9064()] - (.Wondershare - Wondershare Studio.) - (2.5.2.3) = C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe 7768 | [Owner : jean- |Parent : 9064()] - (.SEIKO EPSON CORPORATION - EEventManager Application.) - (3.2.0.0) = C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe 9400 | [Owner : jean- |Parent : 9064()] - (.CyberLink - CyberLink MediaLibray Service.) - (11.0.0.418) = C:\Program Files (x86)\CyberLink\Power2Go11\CLMLSvc_P2G11.exe 9540 | [Owner : jean- |Parent : 952(svchost.exe)] - (.Microsoft Corporation - Host Process for Setting Synchronization.) - (10.0.14393.187) = C:\Windows\System32\SettingSyncHost.exe 10148 | [Owner : LogonSessionId_0_1260748 |Parent : 840(services.exe)] - (.Nero AG - NeroUpdate.) - (18.0.0.18) = C:\Program Files (x86)\Nero\Update\NASvc.exe 5808 | [Owner : jean- |Parent : 8660()] - (.Disc Soft Ltd - DAEMON Tools Shell Extensions Helper.) - (8.1.0.654) = C:\Program Files\DAEMON Tools Pro\DTShellHlp.exe 5896 | [Owner : jean- |Parent : 5656(SoftwareUpdatePro.exe)] - (.Glarysoft Ltd - WinShellLink x64.) - (5.0.0.8) = C:\Program Files (x86)\Glarysoft\Software Update Pro\x64\Win64ShellLink.exe 8240 | [Owner : jean- |Parent : 952(svchost.exe)] - (.Microsoft Corporation - Application Frame Host.) - (10.0.14393.0) = C:\Windows\System32\ApplicationFrameHost.exe 7504 | [Owner : Système |Parent : 840(services.exe)] - (.CHENGDU YIWO Tech Development Co., Ltd - EaseUS Todo Backup Agent Application.) - (5.0.0.1) = C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe 10536 | [Owner : Système |Parent : 7504()] - (. - .) - (0.0.0.0) = C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe 8248 | [Owner : jean- |Parent : 1096(svchost.exe)] - (.Microsoft Corporation - Processus hôte pour Tâches Windows.) - (10.0.14393.0) = C:\Windows\System32\taskhostw.exe 3932 | [Owner : jean- |Parent : 952(svchost.exe)] - (.Microsoft Corporation - Store.) - (11610.1001.23.0) = C:\Program Files\WindowsApps\Microsoft.WindowsStore_11610.1001.23.0_x64__8wekyb3d8bbwe\WinStore.App.exe 3432 | [Owner : jean- |Parent : 10064()] - (. - .) - (12.8.6.0) = C:\Program Files\RogueKiller\RogueKiller64.exe 7468 | [Owner : jean- |Parent : 11596(explorer.exe)] - (.PortableAppZ.blogspot.com - Vivaldi Portable.) - (2015.2.23.17) = G:\barrow 3, widen 2 & 100% sécurisé finalis\cyberlink youcam 8 essentials\youcam 8 utilities\portableappz.blogspot.fr & portableapps.com platform\PortableApps\VivaldiPortable\VivaldiPortable.exe 8148 | [Owner : jean- |Parent : 7468(VivaldiPortable.exe)] - (.Vivaldi Technologies AS - Vivaldi.) - (1.5.658.56) = G:\barrow 3, widen 2 & 100% sécurisé finalis\cyberlink youcam 8 essentials\youcam 8 utilities\portableappz.blogspot.fr & portableapps.com platform\PortableApps\VivaldiPortable\App\Vivaldi64\vivaldi.exe 5892 | [Owner : jean- |Parent : 8148(vivaldi.exe)] - (.Vivaldi Technologies AS - Vivaldi.) - (1.5.658.56) = G:\barrow 3, widen 2 & 100% sécurisé finalis\cyberlink youcam 8 essentials\youcam 8 utilities\portableappz.blogspot.fr & portableapps.com platform\PortableApps\VivaldiPortable\App\Vivaldi64\vivaldi.exe 1804 | [Owner : jean- |Parent : 8148(vivaldi.exe)] - (.Vivaldi Technologies AS - Vivaldi.) - (1.5.658.56) = G:\barrow 3, widen 2 & 100% sécurisé finalis\cyberlink youcam 8 essentials\youcam 8 utilities\portableappz.blogspot.fr & portableapps.com platform\PortableApps\VivaldiPortable\App\Vivaldi64\vivaldi.exe 8800 | [Owner : jean- |Parent : 952(svchost.exe)] - (. - .) - (11.10.145.0) = C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\SkypeHost.exe 2392 | [Owner : jean- |Parent : 952(svchost.exe)] - (.Microsoft Corporation - Microsoft Edge.) - (11.0.14393.576) = C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe 8788 | [Owner : jean- |Parent : 952(svchost.exe)] - (.Microsoft Corporation - Browser_Broker.) - (11.0.14393.0) = C:\Windows\System32\browser_broker.exe 5608 | [Owner : jean- |Parent : 952(svchost.exe)] - (.Microsoft Corporation - InstallAgent.) - (10.0.14393.479) = C:\Windows\System32\InstallAgent.exe 7648 | [Owner : jean- |Parent : 952(svchost.exe)] - (.Microsoft Corporation - SmartScreen.) - (10.0.14393.321) = C:\Windows\System32\smartscreen.exe 11536 | [Owner : jean- |Parent : 6300()] - (.Microsoft Corporation - Microsoft Edge Content Process.) - (11.0.14393.82) = C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe 10144 | [Owner : jean- |Parent : 8788()] - (. - freevideodownloader_setup_full1290.exe.) - (1.2.1.1) = C:\Users\jean-\Downloads\free-video-downloader_setup_full1290.exe 5756 | [Owner : jean- |Parent : 6300()] - (.Microsoft Corporation - Microsoft Edge Content Process.) - (11.0.14393.82) = C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe 11844 | [Owner : jean- |Parent : 6492(explorer.exe)] - (.OldTimer Tools - .) - (3.1.21.0) = C:\Users\jean-\Desktop\OTM.exe 3652 | [Owner : jean- |Parent : 6492(explorer.exe)] - (.Microsoft Corporation - Application Windows Wordpad.) - (10.0.14393.447) = C:\Program Files\Windows NT\Accessories\wordpad.exe 12220 | [Owner : jean- |Parent : 952(svchost.exe)] - (.Microsoft Corporation - Preview Handler Surrogate Host.) - (10.0.14393.0) = C:\Windows\System32\prevhost.exe 12064 | [Owner : jean- |Parent : 11596(explorer.exe)] - (.Microsoft Corporation - Bloc-notes.) - (10.0.14393.0) = C:\Windows\System32\notepad.exe 10184 | [Owner : Système |Parent : 1096(svchost.exe)] - (.Microsoft Corporation - Windows Problem Reporting.) - (10.0.14393.0) = C:\Windows\System32\wermgr.exe C:\Windows.old Moved Successfully -------------- | CleanDisk : FreeSpace : 861476 Cleaning....... FreeSpace : 861515 ----------(EOF)----------