start 
CreateRestorePoint: 
CloseProcesses: 
RemoveProxy: 


HKLM\...\Run: [] => [X] 
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1 
HKU\S-1-5-21-192703340-2864785991-2943838607-1000\...\Run: [avmkbddkhh] => explorer "hxxp://granena.ru/?utm_source=uoua03n&utm_content=e739009bccd5f1e6d71a91bff5994529&utm_term=1B8B73A040B06E64F63EAEB895130BD3&utm_d=20170307" <===== ATTENTION 
HKU\S-1-5-21-192703340-2864785991-2943838607-1000\...\Run: [CyberGhost] => "C:\Program Files\CyberGhost 6\CyberGhost.exe" /autostart /min 
HKU\S-1-5-18\...\Run: [] => [X] 
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\ZAKARIA\AppData\Local\MEGAsync\ShellExtX32.dll -> Pas de fichier 
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\ZAKARIA\AppData\Local\MEGAsync\ShellExtX32.dll -> Pas de fichier 
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\ZAKARIA\AppData\Local\MEGAsync\ShellExtX32.dll -> Pas de fichier 
GroupPolicy: Restriction - Chrome <======= ATTENTION 
GroupPolicy\User: Restriction ? <======= ATTENTION 
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION 
SearchScopes: HKU\S-1-5-21-192703340-2864785991-2943838607-1000 -> DefaultScope {FFEBBF0A-C22C-4172-89FF-45215A135AC7} URL = 
SearchScopes: HKU\S-1-5-21-192703340-2864785991-2943838607-1000 -> {6AFE7A14-F16A-433C-AB41-DC603B315083} URL = hxxps://www.google.com/search?q={searchTerms} 
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_10-windows-i586.cab 
DPF: {CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_10-windows-i586.cab 
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_10-windows-i586.cab 
FF ProfilePath: C:\Users\ZAKARIA\AppData\Roaming\Mozilla\Firefox\Profiles\ftojwf3q.default [2017-04-04] 
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\ftojwf3q.default -> initialpage123 
FF SearchEngineOrder.1: Mozilla\Firefox\Profiles\ftojwf3q.default -> SearchShock 
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\ftojwf3q.default -> initialpage123 
FF Extension: (Pas de nom) - C:\Users\ZAKARIA\AppData\Roaming\Mozilla\Firefox\Profiles\ftojwf3q.default\extensions\{a38384b3-2d1d-4f36-bc22-0f7ae402bcd7} [non trouvé(e)] 
FF SearchPlugin: C:\Users\ZAKARIA\AppData\Roaming\Mozilla\Firefox\Profiles\ftojwf3q.default\searchplugins\m0q02yie.xml [2017-04-04] 
FF HKLM\...\Firefox\Extensions: [jqs@sun.com] - C:\Program Files\Java\jre6\lib\deploy\jqs\ff 
CHR DefaultProfile: ChromeDefaultData 
CHR RestoreOnStartup: ChromeDefaultData -> "hxxp://fr.search.yahoo.com/?fr=hp-ddc-bd&type=pr-bcr-10013__alt__ddc_dsssyc_bd_com" 
CHR Profile: C:\Users\ZAKARIA\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2017-04-05] <==== ATTENTION 
CHR Extension: (Deal Keeper) - C:\Users\ZAKARIA\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\cfgnifjaajfcpedaghpomgemfkkdiblj [2016-06-08] [UpdateUrl: hxxp://wwwmightydealkee-a.akamaihd.net/update/chrome] <==== ATTENTION 
S3 gkernel; \??\C:\Users\ZAKARIA\AppData\Local\Temp\gkernel.sys [X] <==== ATTENTION 
U3 idsvc; pas de ImagePath 
initialpage123 - Uninstall (HKLM\...\{23F0E43C-68F0-4712-9AF0-5204D9F69C56}) (Version:  - ) <==== ATTENTION
Task: {059E6052-FDB7-4D8C-88BA-AE992B453329} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Pas de fichier <==== ATTENTION

Task: {427F0B1B-6A46-4ED4-BEA6-77F22017E85D} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Pas de fichier
<==== ATTENTION
Task: {2073EEF3-FEFA-405E-B80C-AB5CAA85D177} - \Microsoft\Windows\Setup\gwx\rundetector -> Pas de fichier <==== ATTENTION

Task: {4DD2F9F3-E5AC-4DE1-98F7-C1B192FD9240} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Pas de fichier <==== ATTENTION

Task: {62A0770C-67B1-44FA-822D-87B3B378F8DB} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Pas de fichier <==== ATTENTION
Task: {6642DC6C-31A5-4559-84E2-DFAFCA782775} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Pas de fichier <==== ATTENTION
Task: {68B2256F-2CD5-4439-9149-02C416B471BF} - \CCleanerSkipUAC -> Pas de fichier <==== ATTENTION

Task: {85161325-39F5-4BBA-90EE-81F6858ED812} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Pas de fichier <==== ATTENTION

Task: {93EB5D4C-E72C-4CA7-ADF3-07F61E75A6AA} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Pas de fichier <==== ATTENTION

Task: {9CFDF691-36B1-4AE0-B36C-DEB64A229625} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> Pas de fichier <==== ATTENTION
Task: {A1C591A3-17AA-43D5-8044-EA80D063DB48} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Pas de fichier <==== ATTENTION
Task: {A9F3A9CA-E895-456F-A793-BAE4EF976707} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Pas de fichier <==== ATTENTION

Task: {B0B83349-2C76-4825-A77B-E399A867BA26} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Pas de fichier <==== ATTENTION

Task: {B9CE1DE7-3107-4CD8-9440-6C8441E6E2D3} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> Pas de fichier <==== ATTENTION

Task: {D90A32A1-0AB7-43BC-A4DA-C86237D19294} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Pas de fichier <==== ATTENTION

Task: {E54646E1-F53C-4F26-B9B1-DEE837920283} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Pas de fichier <==== ATTENTION



CMD: netsh winsock reset all
CMD: ipconfig /flushdns
hosts:
EmptyTemp: 
Reboot:
end