ComboFix 17-11-14.01 - del 04/12/2017  16:13:20.1.4 - x64
Microsoft Windows 7 Professionnel   6.1.7601.1.1256.212.1036.18.3977.2497 [GMT 0:00]
Running from: c:\users\del\Downloads\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((   Files Created from 2017-11-04 to 2017-12-04  )))))))))))))))))))))))))))))))
.
.
2017-12-04 17:02 . 2017-12-04 17:02	--------	d-----w-	c:\users\Default\AppData\Local\temp
2017-12-04 16:08 . 2017-12-04 16:08	75888	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{9F473E14-729C-4173-8526-23C2014442CF}\offreg.2952.dll
2017-12-03 17:21 . 2017-12-04 15:27	--------	d-----w-	C:\FRST
2017-12-03 12:33 . 2017-12-03 12:33	--------	d-----w-	c:\program files (x86)\Mozilla Maintenance Service
2017-12-03 12:20 . 2017-12-03 12:20	75888	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{9F473E14-729C-4173-8526-23C2014442CF}\offreg.3576.dll
2017-12-02 10:12 . 2017-12-02 10:12	75888	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{9F473E14-729C-4173-8526-23C2014442CF}\offreg.3564.dll
2017-12-01 21:53 . 2017-12-01 21:53	75888	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{9F473E14-729C-4173-8526-23C2014442CF}\offreg.3236.dll
2017-12-01 09:35 . 2017-10-30 09:27	13771264	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{9F473E14-729C-4173-8526-23C2014442CF}\mpengine.dll
2017-11-25 22:37 . 2017-12-02 11:36	28272	----a-w-	c:\windows\system32\drivers\TrueSight.sys
2017-11-25 22:37 . 2017-11-27 11:25	--------	d-----w-	c:\programdata\RogueKiller
2017-11-25 22:36 . 2017-12-01 10:02	--------	d-----w-	c:\program files\RogueKiller
2017-11-25 13:54 . 2017-11-25 13:54	--------	d-----w-	c:\users\del\AppData\Roaming\Zbshareware Lab
2017-11-25 13:54 . 2017-11-25 13:54	--------	d-----w-	c:\program files (x86)\USB Disk Security
2017-11-22 01:01 . 2017-11-25 14:33	--------	d-----w-	c:\users\del\youwave
2017-11-15 13:15 . 2017-11-15 13:15	--------	d-----w-	c:\program files (x86)\Common Files\Java
2017-11-15 10:46 . 2017-10-14 08:38	25731584	----a-w-	c:\windows\system32\mshtml.dll
2017-11-15 10:06 . 2017-10-04 13:04	2023936	----a-w-	c:\windows\system32\aitstatic.exe
2017-11-15 10:06 . 2017-10-18 02:34	134376	----a-w-	c:\windows\system32\CompatTelRunner.exe
2017-11-15 10:06 . 2017-10-18 02:30	605184	----a-w-	c:\windows\system32\aeinv.dll
2017-11-15 10:06 . 2017-10-04 13:04	603648	----a-w-	c:\windows\system32\devinv.dll
2017-11-15 10:06 . 2017-10-04 13:04	241664	----a-w-	c:\windows\system32\aepic.dll
2017-11-15 10:06 . 2017-10-04 13:04	181760	----a-w-	c:\windows\system32\acmigration.dll
2017-11-15 10:06 . 2017-10-04 13:04	1570304	----a-w-	c:\windows\system32\appraiser.dll
2017-11-15 10:06 . 2017-10-15 22:04	407392	----a-w-	c:\windows\system32\centel.dll
2017-11-15 10:06 . 2017-10-04 13:04	670208	----a-w-	c:\windows\system32\generaltel.dll
2017-11-15 10:06 . 2017-10-04 13:04	370688	----a-w-	c:\windows\system32\invagent.dll
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2017-11-17 10:03 . 2017-10-13 08:35	127017032	-c--a-w-	c:\windows\system32\MRT-KB890830.exe
2017-11-17 10:03 . 2015-05-19 21:51	127017032	-c--a-w-	c:\windows\system32\MRT.exe
2017-11-15 13:12 . 2016-05-08 08:39	97856	----a-w-	c:\windows\SysWow64\WindowsAccessBridge-32.dll
2017-10-14 09:33 . 2017-10-14 09:33	899184	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\markup.dll
2017-10-14 09:33 . 2017-10-14 09:33	42168	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll
2017-10-14 09:33 . 2017-10-14 09:33	639312	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2017-10-13 08:49 . 2017-10-13 08:49	55232	----a-w-	c:\windows\system32\drivers\hitmanpro37.sys
2017-10-04 12:15 . 2017-10-26 19:03	77440	----a-w-	c:\windows\system32\drivers\mbae64.sys
2017-10-02 10:40 . 2017-09-17 12:21	192960	----a-w-	c:\windows\system32\drivers\MBAMChameleon.sys
2017-09-13 15:33 . 2017-10-11 09:30	631176	----a-w-	c:\windows\system32\winresume.efi
2017-09-13 15:32 . 2017-10-11 09:30	706792	----a-w-	c:\windows\system32\winload.efi
2017-09-13 15:32 . 2017-10-11 09:30	5547752	----a-w-	c:\windows\system32\ntoskrnl.exe
2017-09-13 15:32 . 2017-10-11 09:30	95464	----a-w-	c:\windows\system32\drivers\ksecdd.sys
2017-09-13 15:32 . 2017-10-11 09:30	154856	----a-w-	c:\windows\system32\drivers\ksecpkg.sys
2017-09-13 15:31 . 2017-10-11 09:30	1732864	----a-w-	c:\windows\system32\ntdll.dll
2017-09-13 15:28 . 2017-10-11 09:30	448512	----a-w-	c:\windows\system32\wlansec.dll
2017-09-13 15:28 . 2017-10-11 09:30	414208	----a-w-	c:\windows\system32\wlanmsm.dll
2017-09-13 15:28 . 2017-10-11 09:30	886272	----a-w-	c:\windows\system32\wlansvc.dll
2017-09-13 15:28 . 2017-10-11 09:30	118784	----a-w-	c:\windows\system32\wlanhlp.dll
2017-09-13 15:28 . 2017-10-11 09:30	113664	----a-w-	c:\windows\system32\wlanapi.dll
2017-09-13 15:28 . 2017-10-11 09:30	362496	----a-w-	c:\windows\system32\wow64win.dll
2017-09-13 15:28 . 2017-10-11 09:30	215552	----a-w-	c:\windows\system32\winsrv.dll
2017-09-13 15:28 . 2017-10-11 09:30	243712	----a-w-	c:\windows\system32\wow64.dll
2017-09-13 15:28 . 2017-10-11 09:30	13312	----a-w-	c:\windows\system32\wow64cpu.dll
2017-09-13 15:28 . 2017-10-11 09:30	86528	----a-w-	c:\windows\system32\TSpkg.dll
2017-09-13 15:28 . 2017-10-11 09:30	210432	----a-w-	c:\windows\system32\wdigest.dll
2017-09-13 15:28 . 2017-10-11 09:30	503808	----a-w-	c:\windows\system32\srcore.dll
2017-09-13 15:28 . 2017-10-11 09:30	135680	----a-w-	c:\windows\system32\sspicli.dll
2017-09-13 15:28 . 2017-10-11 09:30	50176	----a-w-	c:\windows\system32\srclient.dll
2017-09-13 15:28 . 2017-10-11 09:30	28672	----a-w-	c:\windows\system32\sspisrv.dll
2017-09-13 15:28 . 2017-10-11 09:30	63488	----a-w-	c:\windows\system32\setbcdlocale.dll
2017-09-13 15:28 . 2017-10-11 09:30	1212928	----a-w-	c:\windows\system32\rpcrt4.dll
2017-09-13 15:28 . 2017-10-11 09:30	345600	----a-w-	c:\windows\system32\schannel.dll
2017-09-13 15:28 . 2017-10-11 09:30	190464	----a-w-	c:\windows\system32\rpchttp.dll
2017-09-13 15:28 . 2017-10-11 09:30	28160	----a-w-	c:\windows\system32\secur32.dll
2017-09-13 15:28 . 2017-10-11 09:30	16384	----a-w-	c:\windows\system32\ntvdm64.dll
2017-09-13 15:28 . 2017-10-11 09:30	312320	----a-w-	c:\windows\system32\ncrypt.dll
2017-09-13 15:28 . 2017-10-11 09:30	1068544	----a-w-	c:\windows\system32\msctf.dll
2017-09-13 15:28 . 2017-10-11 09:30	316928	----a-w-	c:\windows\system32\msv1_0.dll
2017-09-13 15:28 . 2017-10-11 09:30	60416	----a-w-	c:\windows\system32\msobjs.dll
2017-09-13 15:28 . 2017-10-11 09:30	146432	----a-w-	c:\windows\system32\msaudite.dll
2017-09-13 15:27 . 2017-10-11 09:30	731648	----a-w-	c:\windows\system32\kerberos.dll
2017-09-13 15:27 . 2017-10-11 09:30	1460736	----a-w-	c:\windows\system32\lsasrv.dll
2017-09-13 15:27 . 2017-10-11 09:30	1163264	----a-w-	c:\windows\system32\kernel32.dll
2017-09-13 15:27 . 2017-10-11 09:30	419840	----a-w-	c:\windows\system32\KernelBase.dll
2017-09-13 15:27 . 2017-10-11 09:30	44032	----a-w-	c:\windows\system32\csrsrv.dll
2017-09-13 15:27 . 2017-10-11 09:30	43520	----a-w-	c:\windows\system32\cryptbase.dll
2017-09-13 15:27 . 2017-10-11 09:30	22016	----a-w-	c:\windows\system32\credssp.dll
2017-09-13 15:27 . 2017-10-11 09:30	463872	----a-w-	c:\windows\system32\certcli.dll
2017-09-13 15:27 . 2017-10-11 09:30	880640	----a-w-	c:\windows\system32\advapi32.dll
2017-09-13 15:27 . 2017-10-11 09:30	123904	----a-w-	c:\windows\system32\bcrypt.dll
2017-09-13 15:27 . 2017-10-11 09:30	59904	----a-w-	c:\windows\system32\appidapi.dll
2017-09-13 15:27 . 2017-10-11 09:30	34816	----a-w-	c:\windows\system32\appidsvc.dll
2017-09-13 15:27 . 2017-10-11 09:30	690688	----a-w-	c:\windows\system32\adtschema.dll
2017-09-13 15:27 . 2017-10-11 09:30	6656	----a-w-	c:\windows\system32\apisetschema.dll
2017-09-13 15:27 . 2017-10-11 09:30	6144	---ha-w-	c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2017-09-13 15:27 . 2017-10-11 09:30	5120	---ha-w-	c:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2017-09-13 15:27 . 2017-10-11 09:30	4608	---ha-w-	c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2017-09-13 15:27 . 2017-10-11 09:30	4608	---ha-w-	c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2017-09-13 15:27 . 2017-10-11 09:30	4096	---ha-w-	c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2017-09-13 15:27 . 2017-10-11 09:30	4096	---ha-w-	c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2017-09-13 15:27 . 2017-10-11 09:30	4096	---ha-w-	c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2017-09-13 15:27 . 2017-10-11 09:30	4096	---ha-w-	c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2017-09-13 15:27 . 2017-10-11 09:30	3584	---ha-w-	c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-09-13 15:27 . 2017-10-11 09:30	3584	---ha-w-	c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2017-09-13 15:27 . 2017-10-11 09:30	3584	---ha-w-	c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2017-09-13 15:27 . 2017-10-11 09:30	3584	---ha-w-	c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2017-09-13 15:27 . 2017-10-11 09:30	3584	---ha-w-	c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2017-09-13 15:27 . 2017-10-11 09:30	3584	---ha-w-	c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2017-09-13 15:27 . 2017-10-11 09:30	3584	---ha-w-	c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2017-09-13 15:27 . 2017-10-11 09:30	3072	---ha-w-	c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2017-09-13 15:27 . 2017-10-11 09:30	3072	---ha-w-	c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2017-09-13 15:27 . 2017-10-11 09:30	3072	---ha-w-	c:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2017-09-13 15:27 . 2017-10-11 09:30	3072	---ha-w-	c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2017-09-13 15:27 . 2017-10-11 09:30	3072	---ha-w-	c:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2017-09-13 15:27 . 2017-10-11 09:30	3072	---ha-w-	c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2017-09-13 15:27 . 2017-10-11 09:30	3072	---ha-w-	c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2017-09-13 15:27 . 2017-10-11 09:30	3072	---ha-w-	c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2017-09-13 15:27 . 2017-10-11 09:30	3072	---ha-w-	c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2017-09-13 15:27 . 2017-10-11 09:30	3072	---ha-w-	c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2017-09-13 15:27 . 2017-10-11 09:30	3072	---ha-w-	c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2017-09-13 15:27 . 2017-10-11 09:30	3072	---ha-w-	c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2017-09-13 15:27 . 2017-10-11 09:30	3072	---ha-w-	c:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2017-09-13 15:13 . 2017-10-11 09:30	4001512	----a-w-	c:\windows\SysWow64\ntkrnlpa.exe
2017-09-13 15:13 . 2017-10-11 09:30	3945704	----a-w-	c:\windows\SysWow64\ntoskrnl.exe
2017-09-13 15:10 . 2017-10-11 09:30	1314112	----a-w-	c:\windows\SysWow64\ntdll.dll
2017-09-13 15:09 . 2017-10-11 09:30	666112	----a-w-	c:\windows\SysWow64\rpcrt4.dll
2017-09-13 15:09 . 2017-10-11 09:30	96768	----a-w-	c:\windows\SysWow64\sspicli.dll
2017-09-13 15:09 . 2017-10-11 09:30	275456	----a-w-	c:\windows\SysWow64\KernelBase.dll
2017-09-13 15:09 . 2017-10-11 09:30	5120	----a-w-	c:\windows\SysWow64\wow32.dll
2017-09-13 15:09 . 2017-10-11 09:30	392704	----a-w-	c:\windows\SysWow64\wlansec.dll
2017-09-13 15:09 . 2017-10-11 09:30	83968	----a-w-	c:\windows\SysWow64\wlanhlp.dll
2017-09-13 15:09 . 2017-10-11 09:30	80896	----a-w-	c:\windows\SysWow64\wlanapi.dll
2017-09-13 15:09 . 2017-10-11 09:30	428032	----a-w-	c:\windows\SysWow64\wlanmsm.dll
2017-09-13 15:09 . 2017-10-11 09:30	172032	----a-w-	c:\windows\SysWow64\wdigest.dll
2017-09-13 15:09 . 2017-10-11 09:30	82944	----a-w-	c:\windows\SysWow64\bcrypt.dll
2017-09-13 15:09 . 2017-10-11 09:30	65536	----a-w-	c:\windows\SysWow64\TSpkg.dll
2017-09-13 15:09 . 2017-10-11 09:30	43008	----a-w-	c:\windows\SysWow64\srclient.dll
2017-09-13 15:09 . 2017-10-11 09:30	254464	----a-w-	c:\windows\SysWow64\schannel.dll
2017-09-13 15:09 . 2017-10-11 09:30	22016	----a-w-	c:\windows\SysWow64\secur32.dll
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WirelessManager"="c:\program files (x86)\Dell\Dell Mobile Broadband Manager\WirelessManager.exe" [2012-04-20 20480]
"IDMan"="c:\program files (x86)\Internet Download Manager\IDMan.exe" [2015-05-20 3903056]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner64.exe" [2015-10-19 8551848]
"uTorrent"="c:\users\del\AppData\Roaming\uTorrent\uTorrent.exe" [2017-11-27 1981624]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2017-08-25 27832272]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IMSS"="c:\program files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe" [2013-01-23 113656]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2017-09-05 587288]
"USB Security"="c:\program files (x86)\USB Disk Security\USBGuard.exe" [2015-01-31 695528]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 Modem HDM EC156. RunOuc;Modem HDM EC156. OUC;c:\program files (x86)\Modem HDM EC156\UpdateDog\ouc.exe;c:\program files (x86)\Modem HDM EC156\UpdateDog\ouc.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 Acceler;Accelerometer Service;c:\windows\system32\DRIVERS\accelern.sys;c:\windows\SYSNATIVE\DRIVERS\accelern.sys [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service;c:\program files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe;c:\program files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [x]
R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys;c:\windows\SYSNATIVE\DRIVERS\ew_hwusbdev.sys [x]
R3 ewusbmbb;HUAWEI USB-WWAN miniport;c:\windows\system32\DRIVERS\ewusbwwan.sys;c:\windows\SYSNATIVE\DRIVERS\ewusbwwan.sys [x]
R3 ggflt;SOMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys;c:\windows\SYSNATIVE\DRIVERS\ggflt.sys [x]
R3 ggsomc;SOMC USB Flash Driver;c:\windows\system32\DRIVERS\ggsomc.sys;c:\windows\SYSNATIVE\DRIVERS\ggsomc.sys [x]
R3 hitmanpro37;HitmanPro 3.7 Support Driver;c:\windows\system32\drivers\hitmanpro37.sys;c:\windows\SYSNATIVE\drivers\hitmanpro37.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 LYBDATuner_22F0;LME_PCTV_DVBS_RS2000;c:\windows\system32\Drivers\US2B0D.sys;c:\windows\SYSNATIVE\Drivers\US2B0D.sys [x]
R3 MBAMService;Malwarebytes Service;c:\program files\Malwarebytes\Anti-Malware\mbamservice.exe;c:\program files\Malwarebytes\Anti-Malware\mbamservice.exe [x]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [x]
R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl64.sys;c:\windows\SYSNATIVE\DRIVERS\netaapl64.sys [x]
R3 O2SDJRDR;O2SDJRDR;c:\windows\system32\DRIVERS\o2sdjw7x64.sys;c:\windows\SYSNATIVE\DRIVERS\o2sdjw7x64.sys [x]
R3 phantomtap;Phantom TAP-Windows Adapter V9;c:\windows\system32\DRIVERS\phantomtap.sys;c:\windows\SYSNATIVE\DRIVERS\phantomtap.sys [x]
R3 pwdrvio;pwdrvio;c:\windows\system32\pwdrvio.sys;c:\windows\SYSNATIVE\pwdrvio.sys [x]
R3 pwdspio;pwdspio;c:\windows\system32\pwdspio.sys;c:\windows\SYSNATIVE\pwdspio.sys [x]
R3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S1 HssDRV6;Hotspot Shield Routing Driver 6;c:\windows\system32\DRIVERS\hssdrv6.sys;c:\windows\SYSNATIVE\DRIVERS\hssdrv6.sys [x]
S2 Apple Mobile Device Service;Apple Mobile Device Service;c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe;c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 DMAgent;Service de gestion de pÃ©riphÃ©rique Red Bend IntelÂ® PROSet/Wireless WiMAX;c:\program files\Intel\WiMAX\Bin\DMAgent.exe;c:\program files\Intel\WiMAX\Bin\DMAgent.exe [x]
S2 hshld;Hotspot Shield Service;c:\program files (x86)\Hotspot Shield\bin\cmw_srv.exe;c:\program files (x86)\Hotspot Shield\bin\cmw_srv.exe [x]
S2 HWDeviceService64.exe;HWDeviceService64.exe;c:\programdata\DatacardService\HWDeviceService64.exe;c:\programdata\DatacardService\HWDeviceService64.exe [x]
S2 IDMWFP;IDMWFP;c:\windows\system32\DRIVERS\idmwfp.sys;c:\windows\SYSNATIVE\DRIVERS\idmwfp.sys [x]
S2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service;c:\windows\system32\IProsetMonitor.exe;c:\windows\SYSNATIVE\IProsetMonitor.exe [x]
S2 jhi_service;Intel(R) Identity Protection Technology Host Interface Service;c:\program files (x86)\Intel\Services\IPT\jhi_service.exe;c:\program files (x86)\Intel\Services\IPT\jhi_service.exe [x]
S2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys;c:\windows\SYSNATIVE\drivers\npf.sys [x]
S2 RosettaStoneDaemon;RosettaStoneDaemon;c:\program files (x86)\RosettaStoneLtdServices\RosettaStoneDaemon.exe;c:\program files (x86)\RosettaStoneLtdServices\RosettaStoneDaemon.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 WiMAXAppSrv;Service IntelÂ® PROSet/Wireless WiMAX;c:\program files\Intel\WiMAX\Bin\AppSrv.exe;c:\program files\Intel\WiMAX\Bin\AppSrv.exe [x]
S2 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe [x]
S3 AFTrafMgr1.4;AFTrafMgr1.4;c:\program files (x86)\Hotspot Shield\bin\TrafMgr_1_4_64.sys;c:\program files (x86)\Hotspot Shield\bin\TrafMgr_1_4_64.sys [x]
S3 bpenum;EnumÃ©rateur Intel(R) Centrino(R) WiMAX;c:\windows\system32\DRIVERS\bpenum.sys;c:\windows\SYSNATIVE\DRIVERS\bpenum.sys [x]
S3 BTWAMPFL;btwampfl Bluetooth filter driver;c:\windows\system32\drivers\btwampfl.sys;c:\windows\SYSNATIVE\drivers\btwampfl.sys [x]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
S3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus;c:\windows\system32\DRIVERS\dtlitescsibus.sys;c:\windows\SYSNATIVE\DRIVERS\dtlitescsibus.sys [x]
S3 dtliteusbbus;DAEMON Tools Lite Virtual USB Bus;c:\windows\system32\DRIVERS\dtliteusbbus.sys;c:\windows\SYSNATIVE\DRIVERS\dtliteusbbus.sys [x]
S3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jubusenum.sys [x]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [x]
S3 IntcDAud;Son Intel(R) pour Ã©crans;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 taphss6;Anchorfree HSS VPN Adapter;c:\windows\system32\DRIVERS\taphss6.sys;c:\windows\SYSNATIVE\DRIVERS\taphss6.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation	REG_MULTI_SZ   	SSDPSRV upnphost SCardSvr QWAVE wcncsvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2017-12-03 12:29	1509208	----a-w-	c:\program files (x86)\Google\Chrome\Application\62.0.3202.94\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2017-12-03 c:\windows\Tasks\Adobe Flash Player PPAPI Notifier.job
- c:\windows\SysWOW64\Macromed\Flash\FlashUtil32_22_0_0_209_pepper.exe [2016-07-12 20:02]
.
2017-12-04 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-12-12 13:02]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\IDM Shell Extension]
@="{CDC95B92-E27C-4745-A8C5-64A52A78855D}"
[HKEY_CLASSES_ROOT\CLSID\{CDC95B92-E27C-4745-A8C5-64A52A78855D}]
2014-04-21 08:02	25112	----a-w-	c:\program files (x86)\Internet Download Manager\IDMShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IntelPROSet"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2013-07-17 4791024]
"IntelWirelessWiMAX"="c:\program files\Intel\WiMAX\Bin\WiMAXCU.exe" [2010-11-14 1605632]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2013-03-14 172016]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2013-03-14 399856]
"Persistence"="c:\windows\system32\igfxpers.exe" [2013-03-14 442352]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mStart Page = hxxp://www.google.fr/
mLocal Page = c:\windows\System32\blank.htm
mSearch Bar = https://www.google.com/
IE: &Envoyer Ã  OneNote - c:\progra~2\MICROS~2\Office14\ONBttnIE.dll/105
IE: E&xporter vers Microsoft Excel - c:\progra~2\MICROS~2\Office14\EXCEL.EXE/3000
IE: Envoyer au pÃ©riphÃ©rique &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: Envoyer l'&image au pÃ©riphÃ©rique Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: TÃ©lÃ©charger avec IDM - c:\program files (x86)\Internet Download Manager\IEExt.htm
IE: TÃ©lÃ©charger tous les liens avec Internet Download Manager - c:\program files (x86)\Internet Download Manager\IEGetAll.htm
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{8E204B2A-42E0-4713-A601-28DF78EE4619}: NameServer = 192.168.60.58 192.168.50.55
TCP: Interfaces\{E65F3ECF-2C63-4EF9-A4AE-C4422278373C}: NameServer = 192.168.60.58 192.168.50.55
FF - ProfilePath - 
.
- - - - ORPHANS REMOVED - - - -
.
ShellIconOverlayIdentifiers-{472083B0-C522-11CF-8763-00608CC02F24} - (no file)
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-3611528388-1864222837-1457373446-1000_Classes\Wow6432Node\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"scansk"=hex(0):41,90,4f,15,f4,89,d2,50,56,d2,d1,c0,9e,ed,35,d5,65,a4,b0,4d,d0,
   38,31,25,76,a8,8e,05,27,0d,a6,47,69,a4,5f,d6,0d,92,79,00,00,00,00,00,00,00,\
.
[HKEY_USERS\S-1-5-21-3611528388-1864222837-1457373446-1000_Classes\Wow6432Node\CLSID\{7B8E9164-324D-4A2E-A46D-0165FB2000EC}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"scansk"=hex(0):c4,91,7c,e1,70,22,34,f0,0d,40,d5,f4,3a,73,32,9f,8e,91,e4,53,a0,
   00,70,ce,5b,10,4b,76,ca,8d,ad,3e,71,dd,38,13,12,10,21,af,00,00,00,00,00,00,\
.
[HKEY_USERS\S-1-5-21-3611528388-1864222837-1457373446-1000_Classes\Wow6432Node\CLSID\{d916abb5-848c-4d44-bd1d-34a1dcc58ce8}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"Model"=dword:000000af
"Therad"=dword:0000001e
"MData"=hex(0):2b,8f,78,29,5a,0c,ce,ec,48,d4,68,e5,9f,6a,96,3e,ab,de,c5,81,26,
   38,95,44,85,b1,12,f9,90,dd,23,a1,5b,8c,1b,ef,06,18,51,7a,e7,52,c1,26,54,c0,\
.
[HKEY_USERS\S-1-5-21-3611528388-1864222837-1457373446-1000_Classes\Wow6432Node\CLSID\{df1552f4-ee7c-476a-a054-e93aa34d7c67}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"Model"=dword:000000d8
"Therad"=dword:0000000f
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2017-12-04  17:10:10
ComboFix-quarantined-files.txt  2017-12-04 17:10
.
Pre-Run: 154Â 937Â 610Â 240 octets libres
Post-Run: 154Â 250Â 256Â 384 octets libres
.
- - End Of File - - 5B8F21B0C6832B579C9BEDF161E8FEC4
A36C5E4F47E84449FF07ED3517B43A31