ComboFix 15-05-09.01 - Asus 12/05/2015 3:47.1.2 - x64 Microsoft Windows 8 Professionnel 6.2.9200.0.1256.212.1036.18.4072.2877 [GMT 0:00] Running from: c:\users\Asus\Downloads\Programs\ComboFix.exe AV: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Created a new restore point . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . C:\END c:\program files (x86)\PPriceMinuass c:\program files (x86)\PPriceMinuass\7kKPsKNEUmdIlQ.dat c:\program files (x86)\PPriceMinuass\7kKPsKNEUmdIlQ.dll c:\program files (x86)\PPriceMinuass\7kKPsKNEUmdIlQ.exe c:\program files (x86)\PPriceMinuass\7kKPsKNEUmdIlQ.tlb c:\program files (x86)\PPriceMinuass\7kKPsKNEUmdIlQ.x64.dll c:\programdata\10378430802023999159 c:\programdata\10378430802023999159\01857ccf570f79dcd376cd007cd999be.ini c:\programdata\10378430802023999159\cd5b15e575e1c3d0d376cd007cd999be.ini c:\programdata\ma-config.com\Logs\activex.txt c:\programdata\ma-config.com\Logs\mcdetection.txt c:\programdata\ma-config.com\Logs\mcstubuser.txt c:\programdata\ma-config.com\mcbase.db c:\programdata\ma-config.com\server.pem c:\users\Asus\AppData\Roaming\logs.dat c:\users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\k4tv44tm.default\extensions\jS7@YlTPX.com c:\users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\k4tv44tm.default\extensions\jS7@YlTPX.com\bootstrap.js c:\users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\k4tv44tm.default\extensions\jS7@YlTPX.com\chrome.manifest c:\users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\k4tv44tm.default\extensions\jS7@YlTPX.com\content\bg.js c:\users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\k4tv44tm.default\extensions\jS7@YlTPX.com\install.rdf c:\users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\k4tv44tm.default\extensions\M@Hsd7V.org c:\users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\k4tv44tm.default\extensions\M@Hsd7V.org\bootstrap.js c:\users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\k4tv44tm.default\extensions\M@Hsd7V.org\chrome.manifest c:\users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\k4tv44tm.default\extensions\M@Hsd7V.org\content\bg.js c:\users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\k4tv44tm.default\extensions\M@Hsd7V.org\install.rdf c:\users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\k4tv44tm.default\searchplugins\trovi-search.xml . . ((((((((((((((((((((((((( Files Created from 2015-04-12 to 2015-05-12 ))))))))))))))))))))))))))))))) . . 2015-05-12 03:53 . 2015-05-12 03:53 -------- d-----w- c:\users\Default\AppData\Local\temp 2015-05-12 01:08 . 2015-05-12 01:08 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{0FCD0E62-0D69-4165-9097-1FC522A799B1}\offreg.dll 2015-05-11 03:42 . 2015-05-11 03:42 -------- d-----w- c:\windows\ServiceProfiles\LocalService\winhttp 2015-05-09 19:12 . 2015-05-09 19:12 -------- d-----w- c:\program files (x86)\NirSoft 2015-05-09 13:21 . 2015-04-04 06:25 12032440 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{0FCD0E62-0D69-4165-9097-1FC522A799B1}\mpengine.dll 2015-05-09 13:18 . 2015-05-09 13:18 -------- d-----w- c:\programdata\Mediatek 2015-05-09 13:18 . 2012-05-10 22:01 308736 ----a-w- c:\windows\system32\ssleay32.dll 2015-05-09 13:18 . 2012-05-10 22:01 1503744 ----a-w- c:\windows\system32\libeay32.dll 2015-05-08 22:58 . 2015-05-08 22:58 -------- d-----w- c:\programdata\kcnfpeedpjcappgjnalaahahigfodief 2015-05-05 14:22 . 2015-05-05 14:22 -------- d-----w- c:\program files (x86)\BlueSquad 2015-04-26 20:40 . 2015-04-26 20:40 -------- d-----w- c:\users\Asus\AppData\Local\Opera Software 2015-04-26 20:40 . 2015-04-26 20:40 -------- d-----w- c:\users\Asus\AppData\Roaming\Opera Software 2015-04-20 13:10 . 2015-04-20 13:11 180488 ----a-w- c:\windows\PSEXESVC.EXE 2015-04-13 03:00 . 2015-04-13 03:00 -------- d-----w- c:\users\Asus\VirtualBox VMs 2015-04-13 02:59 . 2015-04-13 03:15 -------- d-----w- c:\users\Asus\.VirtualBox 2015-04-13 02:58 . 2015-03-16 17:36 922704 ----a-w- c:\windows\system32\drivers\VBoxDrv.sys 2015-04-13 02:57 . 2015-03-16 17:35 128592 ----a-w- c:\windows\system32\drivers\VBoxUSBMon.sys 2015-04-13 02:57 . 2015-04-13 02:57 -------- d-----w- c:\program files\Oracle . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2015-04-12 13:19 . 2015-03-20 11:52 269992 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10248.bin 2015-03-16 17:35 . 2015-03-16 17:35 204264 ----a-w- c:\windows\system32\VBoxNetFltNobj.dll 2015-03-16 17:35 . 2015-03-16 17:35 156360 ----a-w- c:\windows\system32\drivers\VBoxNetFlt.sys 2015-03-16 17:35 . 2015-03-16 17:35 141440 ----a-w- c:\windows\system32\drivers\VBoxNetAdp.sys 2015-03-03 13:17 . 2015-01-05 15:25 295552 ------w- c:\windows\system32\MpSigStub.exe . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ShareOverlay] @="{594D4122-1F87-41E2-96C7-825FB4796516}" [HKEY_CLASSES_ROOT\CLSID\{594D4122-1F87-41E2-96C7-825FB4796516}] 2012-08-19 18:37 610816 ----a-w- c:\program files\Classic Shell\ClassicExplorer32.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Connectify"="c:\program files (x86)\Connectify\Connectify.exe" [2011-12-19 2967368] "HydraVisionDesktopManager"="c:\program files (x86)\ATI Technologies\HydraVision\HydraDM.exe" [2014-04-06 389120] "IDMan"="c:\program files (x86)\Internet Download Manager\IDMan.exe" [2015-01-05 3829328] "Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2014-12-11 30877280] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "Meditel Imola ModemListener"="c:\program files (x86)\HSPA USB MODEM\BackgroundService\ModemListener.exe" [2011-06-20 102400] "Raptr"="c:\progra~2\Raptr\raptrstub.exe" [2014-12-08 55568] "Idea Imola ModemListener"="c:\program files (x86)\Idea Net Setter\BackgroundService\ModemListener.exe" [2012-04-13 118784] . c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ ispce-by ilyotek.rar.lnk - c:\programdata\{40295d9d-0ed7-b09b-4029-95d9d0ed7674}\ispce-by ilyotek.rar.exe --startup=1 [2014-3-4 1063936] OneNote 2010 - Capture d’écran et lancement.lnk - c:\program files (x86)\Microsoft Office\Office14\ONENOTEM.EXE /tsr [2010-3-29 227712] . c:\programdata\Microsoft\Windows\Start Menu\Programs\StartUp\ Mediatek Wireless Utility.lnk - c:\program files (x86)\MediatekWiFi\Common\RaUI.exe -s [2015-5-9 15611024] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "PromptOnSecureDesktop"= 0 (0x0) "ConsentPromptBehaviorAdmin"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) "EnableCursorSuppression"= 1 (0x1) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows] "LoadAppInit_DLLs"=1 (0x1) . R2 Internet Mobile. RunOuc;Internet Mobile. OUC;c:\program files (x86)\Internet Mobile\UpdateDog\ouc.exe;c:\program files (x86)\Internet Mobile\UpdateDog\ouc.exe [x] R2 Meditel Imola Modem Device Helper;Meditel Imola Modem Device Helper;c:\program files (x86)\HSPA USB MODEM\BackgroundService\ServiceManager.exe;c:\program files (x86)\HSPA USB MODEM\BackgroundService\ServiceManager.exe [x] R2 RaMediaServer;Ralink UPnP Media Server;c:\program files (x86)\MediatekWiFi\Common\RaMediaServer.exe;c:\program files (x86)\MediatekWiFi\Common\RaMediaServer.exe [x] R3 amdkmafd;AMD Audio Bus Lower Filter;c:\windows\System32\drivers\amdkmafd.sys;c:\windows\SYSNATIVE\drivers\amdkmafd.sys [x] R3 AppProtectEx;AppProtectEx;c:\windows\System32\drivers\AppProtectEx.sys;c:\windows\SYSNATIVE\drivers\AppProtectEx.sys [x] R3 BprotectEx;Baidu ProtectEx;c:\windows\System32\drivers\BprotectEx.sys;c:\windows\SYSNATIVE\drivers\BprotectEx.sys [x] R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x] R3 evusbat;CDMA Modem AT Port;c:\windows\system32\DRIVERS\evusbat.sys;c:\windows\SYSNATIVE\DRIVERS\evusbat.sys [x] R3 evusbdiag;CDMA Modem Service Port;c:\windows\system32\DRIVERS\evusbdiag.sys;c:\windows\SYSNATIVE\DRIVERS\evusbdiag.sys [x] R3 evusbmdm;CDMA Modem USB Modem;c:\windows\system32\DRIVERS\evusbmdm.sys;c:\windows\SYSNATIVE\DRIVERS\evusbmdm.sys [x] R3 evusbvoc;CDMA Modem Voice Port;c:\windows\system32\DRIVERS\evusbvoc.sys;c:\windows\SYSNATIVE\DRIVERS\evusbvoc.sys [x] R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys;c:\windows\SYSNATIVE\DRIVERS\ew_hwusbdev.sys [x] R3 ew_usbenumfilter;huawei_CompositeFilter;c:\windows\System32\drivers\ew_usbenumfilter.sys;c:\windows\SYSNATIVE\drivers\ew_usbenumfilter.sys [x] R3 ewusbmbb;HUAWEI USB-WWAN miniport;c:\windows\system32\DRIVERS\ewusbwwan.sys;c:\windows\SYSNATIVE\DRIVERS\ewusbwwan.sys [x] R3 huawei_enumerator;huawei_enumerator;c:\windows\System32\drivers\ew_jubusenum.sys;c:\windows\SYSNATIVE\drivers\ew_jubusenum.sys [x] R3 hwusb_cdcacm;hwusb_cdcacm;c:\windows\system32\DRIVERS\ew_cdcacm.sys;c:\windows\SYSNATIVE\DRIVERS\ew_cdcacm.sys [x] R3 hwusb_wwanecm;hwusb_wwanecm;c:\windows\system32\DRIVERS\ew_wwanecm.sys;c:\windows\SYSNATIVE\DRIVERS\ew_wwanecm.sys [x] R3 jrdusbser;Modem Interface Device for Legacy Serial Communication;c:\windows\system32\DRIVERS\jrdusbser.sys;c:\windows\SYSNATIVE\DRIVERS\jrdusbser.sys [x] R3 ma-config_amd64;ma-config_amd64;c:\program files\ma-config.com\Drivers\ma-config_amd64.sys;c:\program files\ma-config.com\Drivers\ma-config_amd64.sys [x] R3 PCFApiUtil;PCFApiUtil;c:\program files (x86)\Baidu Security\PC Faster\5.0.0.0\PCFApiUtil64.sys;c:\program files (x86)\Baidu Security\PC Faster\5.0.0.0\PCFApiUtil64.sys [x] R3 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x] R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x] R3 WUDFWpdMtp;WUDFWpdMtp;c:\windows\system32\DRIVERS\WUDFRd.sys;c:\windows\SYSNATIVE\DRIVERS\WUDFRd.sys [x] S1 cnnctfy2;Connectify LightWeight Filter;c:\windows\system32\DRIVERS\cnnctfy2.sys;c:\windows\SYSNATIVE\DRIVERS\cnnctfy2.sys [x] S1 VBoxDrv;VirtualBox Service;c:\windows\system32\DRIVERS\VBoxDrv.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxDrv.sys [x] S1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\DRIVERS\VBoxUSBMon.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxUSBMon.sys [x] S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x] S2 Connectify;Connectify;c:\program files (x86)\Connectify\ConnectifyService.exe;c:\program files (x86)\Connectify\ConnectifyService.exe [x] S2 Idea Imola Modem Device Helper;Idea Imola Modem Device Helper;c:\program files (x86)\Idea Net Setter\BackgroundService\ServiceManager.exe;c:\program files (x86)\Idea Net Setter\BackgroundService\ServiceManager.exe [x] S2 IDMWFP;IDMWFP;c:\windows\system32\DRIVERS\idmwfp.sys;c:\windows\SYSNATIVE\DRIVERS\idmwfp.sys [x] S2 MaConfigAgent;Ma-Config Agent;c:\program files\ma-config.com\MaConfigAgent.exe;c:\program files\ma-config.com\MaConfigAgent.exe [x] S2 MediatekRegistryWriter;MediatekRegistryWriter;c:\program files (x86)\MediatekWiFi\Common\RaRegistry.exe;c:\program files (x86)\MediatekWiFi\Common\RaRegistry.exe [x] S2 MediatekRegistryWriter64;MediatekRegistryWriter64;c:\program files (x86)\MediatekWiFi\Common\RaRegistry64.exe;c:\program files (x86)\MediatekWiFi\Common\RaRegistry64.exe [x] S3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS;c:\windows\SYSNATIVE\drivers\AmUStor.SYS [x] S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\System32\drivers\asmthub3.sys;c:\windows\SYSNATIVE\drivers\asmthub3.sys [x] S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\System32\drivers\asmtxhci.sys;c:\windows\SYSNATIVE\drivers\asmtxhci.sys [x] S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW86.sys;c:\windows\SYSNATIVE\drivers\AtihdW86.sys [x] S3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C63x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C63x64.sys [x] S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetAdp.sys [x] S3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetFlt.sys [x] . . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}] 2015-01-22 14:28 1086280 ----a-w- c:\program files (x86)\Google\Chrome\Application\40.0.2214.91\Installer\chrmstp.exe . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{A6EADE66-0000-0000-484E-7E8A45000000}] 2014-12-03 06:31 215416 ----a-w- c:\program files (x86)\Adobe\Reader 11.0\Esl\AiodLite.dll . Contents of the 'Scheduled Tasks' folder . 2015-01-24 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2015-01-05 12:58] . 2015-01-24 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2015-01-05 12:58] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\IDM Shell Extension] @="{CDC95B92-E27C-4745-A8C5-64A52A78855D}" [HKEY_CLASSES_ROOT\CLSID\{CDC95B92-E27C-4745-A8C5-64A52A78855D}] 2014-03-28 01:32 24600 ----a-w- c:\program files (x86)\Internet Download Manager\IDMShellExt64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ShareOverlay] @="{594D4122-1F87-41E2-96C7-825FB4796516}" [HKEY_CLASSES_ROOT\CLSID\{594D4122-1F87-41E2-96C7-825FB4796516}] 2012-08-19 18:37 741376 ----a-w- c:\program files\Classic Shell\ClassicExplorer64.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2014-05-09 13672152] . ------- Supplementary Scan ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = https://www.google.com/?gws_rd=ssl mLocal Page = c:\windows\SysWOW64\blank.htm IE: &Envoyer à OneNote - c:\progra~2\MICROS~2\Office14\ONBttnIE.dll/105 IE: E&xporter vers Microsoft Excel - c:\progra~2\MICROS~2\Office14\EXCEL.EXE/3000 IE: Télécharger avec Internet Download Manager - c:\program files (x86)\Internet Download Manager\IEExt.htm IE: Télécharger tous les liens avec Internet Download Manager - c:\program files (x86)\Internet Download Manager\IEGetAll.htm Trusted Zone: ma-config.com Trusted Zone: touslesdrivers.com TCP: DhcpNameServer = 192.168.1.1 TCP: Interfaces\{BB86F05C-5223-47E2-8A8F-7C4EF626B83E}: NameServer = 192.168.87.1 FF - ProfilePath - c:\users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\k4tv44tm.default\ FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxps://www.google.com/?gws_rd=ssl . - - - - ORPHANS REMOVED - - - - . BHO-{7b53a1de-3052-4d52-863e-e1f8009f8286} - c:\program files (x86)\PPriceMinuass\7kKPsKNEUmdIlQ.dll BHO-{7b53a1de-3052-4d52-863e-e1f8009f8286} - c:\program files (x86)\PPriceMinuass\7kKPsKNEUmdIlQ.x64.dll ShellIconOverlayIdentifiers-{0A93904A-BB1E-4a0c-9753-B57B9AE272CC} - c:\program files (x86)\Baidu Security\Baidu Antivirus\BavShx64.dll AddRemove-{06B99631-BFA2-3B7A-F58B-D067C2BA59B7} - c:\program files (x86)\PPriceMinuass\7kKPsKNEUmdIlQ.exe . . . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_USERS\S-1-5-21-3492466885-2975308169-3589532494-1001_Classes\Wow6432Node\CLSID\{7B8E9164-324D-4A2E-A46D-0165FB2000EC}] @Denied: (Full) (Everyone) "scansk"=hex(0):dc,3e,87,1e,8a,a5,35,af,b1,38,da,dc,7d,c2,00,0d,b3,79,5f,78,dd, 8b,a8,69,38,56,65,28,3e,0c,98,e9,94,ac,bd,06,41,4e,ec,3b,00,00,00,00,00,00,\ . [HKEY_USERS\S-1-5-21-3492466885-2975308169-3589532494-1001_Classes\Wow6432Node\CLSID\{951007d7-7b8a-4f7d-ae53-4288f0688bf5}] @Denied: (Full) (Everyone) @Allowed: (Read) (RestrictedCode) @Allowed: (Read) (S-1-15-2-1) "Model"=dword:0000007f "Therad"=dword:0000001c "MData"=hex(0):73,d5,cf,b8,a4,07,89,80,31,e4,35,6b,2a,ca,fe,43,b6,1f,81,1f,5a, 1b,4d,36,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,\ . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}] @Denied: (A) (Everyone) "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3] @Denied: (A) (Everyone) . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0] "Key"="ActionsPane3" "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}\0002\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}\0003\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) @SACL=(02 0000) . Completion time: 2015-05-12 03:56:12 ComboFix-quarantined-files.txt 2015-05-12 03:56 . Pre-Run: 48 046 833 664 octets libres Post-Run: 47 919 849 472 octets libres . - - End Of File - - 8F9C63B41022C2956FBCAA7C0B452B65 A36C5E4F47E84449FF07ED3517B43A31