start 
CreateRestorePoint: 
CloseProcesses: 
RemoveProxy: 

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION 
HKU\S-1-5-21-2776931520-2553299329-4176664162-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION 
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131073464211236673&GUID=00000000-0000-0000-0000-000000000000 
HKU\S-1-5-21-2776931520-2553299329-4176664162-1001\Software\Microsoft\Internet Explorer\Main,Start Page = 
HKU\S-1-5-21-2776931520-2553299329-4176664162-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/ar-eg/?ocid=iehp 
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [Pas de fichier] 
CHR DefaultProfile: Default 
CHR HomePage: Default -> file:///C:/Program%20Files/Google/Chrome/Application/52.0.2743.116 
CHR Profile: C:\Users\lamdjed\AppData\Local\Google\Chrome\User Data\Default backup [2016-12-04] <==== ATTENTION 
R2 rpcapd; "%ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini" [X] 
Task: {1FBE8E86-294E-4517-9060-9A8FB26C1835} - System32\Tasks\{5BC19B9F-DA53-4E4F-949B-7A265B51B487} => pcalua.exe -a "C:\Users\lamdjed\AppData\Local\Temp\Temp1_CamStudio Install.zip\CamStudio Install.exe" <==== ATTENTION 

S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X] 
S3 tsusbhub; system32\drivers\tsusbhub.sys [X] 
S3 VGPU; System32\drivers\rdvgkmd.sys [X] 


CMD: netsh winsock reset all
CMD: ipconfig /flushdns
hosts:
EmptyTemp: 
Reboot:
end