Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x86) Version: 29.12.2018
Exécuté par Youcef Hadjersi (administrateur) sur G7-PC (30-12-2018 23:42:54)
Exécuté depuis C:\Users\Youcef Hadjersi\Desktop
Profils chargés: Youcef Hadjersi (Profils disponibles: Youcef Hadjersi)
Platform: Microsoft Windows 7 Professionnel Service Pack 1 (X86) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: FF)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processus (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)

(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv.exe
(Arcai.com) C:\Program Files\arcai.com\aips.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\ProgramData\Logic Cramble\set.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Realsil Microelectronics Inc.) C:\Program Files\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Google Inc.) C:\ProgramData\localNETService\localNETService.exe
() C:\Program Files\arcai.com\netcut_windows.exe
(Ralink Technology, Corp.) C:\Program Files\Ralink\Common\RaRegistry.exe
(Roxio) C:\Program Files\Roxio\RoxioNow Player\RNowSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Elaborate Bytes AG) C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Nico Mak Computing) C:\Program Files\File Association Helper\FAHWindow.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Advanced Micro Devices Inc.) C:\Program Files\AMD\ATI.ACE\Core-Static\MOM.exe
(SFX TEAM) C:\Program Files\SuperCopier2\SuperCopier2.exe
(Tonec Inc.) C:\Program Files\Internet Download Manager\IDMan.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastUI.exe
(Advanced Micro Devices Inc.) C:\Program Files\AMD\ATI.ACE\Core-Static\CCC.exe
(1LT) C:\Program Files\42M606S8LX\42M606S8L.exe
(Tonec Inc.) C:\Program Files\Internet Download Manager\IEMonitor.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
( ) C:\Users\Youcef Hadjersi\AppData\Roaming\qx3mg1kfdgo\wymcntjc53n.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
() C:\Users\Youcef Hadjersi\AppData\Local\Temp\0SYW76L2S9\XAZC.exe
(1LT) C:\Program Files\RFI9JCI2K6\EC6Y28HBM.exe
() C:\Users\Youcef Hadjersi\AppData\Local\Temp\is-GVP29.tmp\wymcntjc53n.tmp
(Raptr, Inc) C:\Program Files\Raptr Inc\Raptr\raptr.exe
( ) C:\Users\Youcef Hadjersi\AppData\Roaming\s0fvewkdtmo\g4fudzxnimp.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Ralink Technology, Corp.) C:\Program Files\Ralink\Common\RaUI.exe
() C:\Users\Youcef Hadjersi\AppData\Local\Temp\is-MUTKJ.tmp\g4fudzxnimp.tmp
(CyberLink) C:\Program Files\CyberLink\YouCam\YCMMirage.exe
(Microsoft Corporation) C:\Windows\System32\osk.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe
(Hewlett-Packard Development Company L.P.) C:\Program Files\Hewlett-Packard\Shared\hpCaslNotification.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe

==================== Registre (Avec liste blanche) ===========================

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray.exe [1138783 2011-06-07] (IDT, Inc.)
HKLM\...\Run: [IMSS] => C:\Program Files\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [111640 2010-07-23] ()
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2274600 2011-06-09] (Synaptics Incorporated)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2011-01-12] (Intel Corporation)
HKLM\...\Run: [HPWirelessAssistant] => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe [363064 2010-07-21] (Hewlett-Packard Company)
HKLM\...\Run: [VirtualCloneDrive] => C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [89456 2011-03-07] (Elaborate Bytes AG)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [68920 2018-11-01] (Apple Inc.)
HKLM\...\Run: [FAHConsole] => C:\Program Files\File Association Helper\FAHConsole.exe [616632 2014-01-28] (Nico Mak Computing)
HKLM\...\Run: [StartCCC] => C:\Program Files\AMD\ATI.ACE\Core-Static\x86\CLIStart.exe [748744 2015-08-04] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [Raptr] => C:\Program Files\Raptr Inc\Raptr\raptrstub.exe [58584 2018-01-23] (Raptr, Inc)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Alwil Software\Avast5\AvLaunch.exe [242392 2018-11-19] (AVAST Software)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [266552 2018-11-15] (Apple Inc.)
HKLM\...\Run: [chrome] => "C:\Program Files\Google\Chrome\Application\chrome.exe" --headless --disable-gpu --remote-debugging-port=9222 hxxp://mi-ner-nis-de-6.info/cdn-1006.html?t=0.4
HKLM\...\RunOnce: [vhuok401lbs] => C:\Program Files\Salz\416236163.exe [664576 2018-12-29] ()
HKLM\...\RunOnce: [OMEWPRODUCT_] => C:\Program Files\DVD Maker\NCEIYT46NWQKKUO5CCF0ZQ\P2-N79Rkao.exe [93184 2018-12-30] ()
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-2524844636-2310631664-1732187011-500\...\Run: [SuperCopier2.exe] => C:\Program Files\SuperCopier2\SuperCopier2.exe [955392 2009-08-16] (SFX TEAM)
HKU\S-1-5-21-2524844636-2310631664-1732187011-500\...\Run: [IDMan] => C:\Program Files\Internet Download Manager\IDMan.exe [3931728 2015-12-18] (Tonec Inc.)
HKU\S-1-5-21-2524844636-2310631664-1732187011-500\...\Run: [Web Companion] => C:\Program Files\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize
HKU\S-1-5-21-2524844636-2310631664-1732187011-500\...\Run: [+TFo-WjsT2.exe] => C:\Program Files\DVD Maker\NCEIYT46NWQKKUO5CCF0ZQ\+TFo-WjsT2.exe [364032 2018-12-30] ()
HKU\S-1-5-21-2524844636-2310631664-1732187011-500\...\Run: [Y3E7EUG77FY0HD2] => C:\Program Files\42M606S8LX\42M606S8L.exe [1100288 2018-12-30] (1LT)
HKU\S-1-5-21-2524844636-2310631664-1732187011-500\...\Run: [572801] => C:\Users\Youcef Hadjersi\AppData\Roaming\qx3mg1kfdgo\wymcntjc53n.exe [1476156 2018-12-30] ( )
HKU\S-1-5-21-2524844636-2310631664-1732187011-500\...\Run: [XP1B6PFEUH3XLUM] => "C:\Program Files\ShutdownTime\URR1A.exe"
HKU\S-1-5-21-2524844636-2310631664-1732187011-500\...\Run: [0GUGMHKQO5ST4G9] => C:\Program Files\RFI9JCI2K6\EC6Y28HBM.exe [1100288 2018-12-30] (1LT)
HKU\S-1-5-21-2524844636-2310631664-1732187011-500\...\Run: [8086310] => C:\Users\Youcef Hadjersi\AppData\Roaming\s0fvewkdtmo\g4fudzxnimp.exe [1476156 2018-12-30] ( )
HKU\S-1-5-18\...\Run: [Web Companion] => C:\Program Files\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize
HKU\S-1-5-18\...\RunOnce: [Application Restart #0] => C:\Windows\System32\osk.exe [646144 2014-06-18] (Microsoft Corporation)
HKU\S-1-5-18\...\RunOnce: [osk.exe] => C:\Windows\system32\osk.exe [646144 2014-06-18] (Microsoft Corporation)
HKLM\...\Drivers32: [MSVideo8] => C:\Windows\system32\VfWWDM32.dll [56832 2010-11-20] (Microsoft Corporation)
HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\system32\ff_vfw.dll [10752 2007-02-21] ()
HKLM\...\Drivers32: [VIDC.DIVX] => C:\Windows\system32\divx.dll [639066 2007-02-01] (DivX, Inc.)
HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\system32\xvidvfw.dll [180224 2006-11-01] ()
HKLM\...\Drivers32: [vidc.yv12] => C:\Windows\system32\yv12vfw.dll [217088 2004-01-25] (www.helixcommunity.org)
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\system32\ac3acm.acm [118784 2006-05-13] (fccHandler)
HKLM\...\Drivers32: [VIDC.wmv3] => C:\Windows\system32\wmv9vcm.dll [1565480 2007-01-20] (Microsoft Corporation)
HKLM\...\Drivers32: [msacm.siren] => C:\Windows\system32\sirenacm.dll [58568 2014-03-31] (Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> C:\Program Files\Adobe\Acrobat Reader DC\Esl\AiodLite.dll [2018-09-20] (Adobe Systems, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2013-08-19]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Ralink Wireless Utility.lnk [2013-09-11]
ShortcutTarget: Ralink Wireless Utility.lnk -> C:\Program Files\Ralink\Common\RaUI.exe (Ralink Technology, Corp.)
Startup: C:\Users\Youcef Hadjersi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Gameroom.lnk [2018-12-23]
ShortcutTarget: Facebook Gameroom.lnk -> C:\Users\Youcef Hadjersi\AppData\Local\Facebook\Games\FacebookGameroom.exe (Pas de fichier)
BootExecute: autocheck autochk * aswBoot.exe /A:"* " /L:"1036" /KBD:3 /dir:"C:\Program Files\Alwil Software\Avast5"
GroupPolicy: Restriction - Chrome <==== ATTENTION
GroupPolicy\User: Restriction ? <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Internet (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)

Winsock: Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{4239C172-39F8-4D35-9AF1-97F91D2CAF20}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{B154018B-8D4B-4F96-989C-526D4ABF3828}: [NameServer] 114.114.114.114,8.8.8.8
Tcpip\..\Interfaces\{B154018B-8D4B-4F96-989C-526D4ABF3828}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{D35BA788-B0A1-4D82-B071-0431F9C6E707}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{D56EC59A-B5AE-41A2-A4A5-1D2525690344}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130956871193132168&GUID=00000000-0000-0000-0000-000000000000
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.mystartsearch.com/web/?type=ds&ts=1416018646&from=smt&uid=ST9500325AS_6VEMLYH7&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.mystartsearch.com/?type=hp&ts=1416018646&from=smt&uid=ST9500325AS_6VEMLYH7
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1416018646&from=smt&uid=ST9500325AS_6VEMLYH7&q={searchTerms}
HKU\S-1-5-21-2524844636-2310631664-1732187011-500\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRGNclVS1AC6sNoH2TlPbfGRogFok0TXo8BdEPODXyz_fZp62DXdkOb02uv5xaxSsD2IiJ698yAv16sSpB-sSmHJyLkAOngRyH5HJmT7gZO7plB_O0F9qTQ4AqoXOk-RuWQphISKm-tkrpMaUj6crk0qIs9zHm3tsbw3MUD08FjVzDDo5Jfdnmrw,,&q={searchTerms}
HKU\S-1-5-21-2524844636-2310631664-1732187011-500\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.mystartsearch.com/?type=hp&ts=1416018646&from=smt&uid=ST9500325AS_6VEMLYH7
SearchScopes: HKLM -> DefaultScope {ielnksrch} URL =
SearchScopes: HKLM -> ielnksrch URL = hxxps://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRGNclVS1AC6sNoH2TlPbfGRogFok0TXo8BdEPODXyz_fZp62DXdkOb02uv5xaxSsD2IiJ698yAv16sSpB-sSmHJyLkAOngRyH5HJmT7gZO7plB_O0F9qTQ4AqoXOk-RuWQphISKm-tkrpMaUj6crk0qIs9zHm3tsbw3MUD08FjVzDDo5Jfdnmrw,,&q={searchTerms}
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-2524844636-2310631664-1732187011-500 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.dalesearch.com/?q={searchTerms}&babsrc=SP_ss&mntrId=C823E02A82A7B690&affID=124442&tsp=5026
SearchScopes: HKU\S-1-5-21-2524844636-2310631664-1732187011-500 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1416018646&from=smt&uid=ST9500325AS_6VEMLYH7&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2524844636-2310631664-1732187011-500 -> {4FEEFA5F-BEC6-4735-9C97-5EB8F84A8C8F} URL = hxxp://rts.dsrlte.com/?affID=na&q={searchTerms}&r=754
SearchScopes: HKU\S-1-5-21-2524844636-2310631664-1732187011-500 -> {BDF61FAE-9D19-40F0-8F34-688DEB334CA9} URL = hxxp://securedsearch.lavasoft.com/results.php?pr=vmn&id=webcompa&ent=ch_WCYID10477_721_181229&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2524844636-2310631664-1732187011-500 -> {FFEBBF0A-C22C-4172-89FF-45215A135AC7} URL = hxxp://go.mail.ru/distib/ep/?q={searchTerms}&fr=ntg&product_id=%7B5EE9362E-D0CD-4F58-BC2A-F516EE2F4F1D%7D&gp=811610
SearchScopes: HKU\S-1-5-21-2524844636-2310631664-1732187011-500 -> {ielnksrch} URL = hxxps://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRGNclVS1AC6sNoH2TlPbfGRogFok0TXo8BdEPODXyz_fZp62DXdkOb02uv5xaxSsD2IiJ698yAv16sSpB-sSmHJyLkAOngRyH5HJmT7gZO7plB_O0F9qTQ4AqoXOk-RuWQphISKm-tkrpMaUj6crk0qIs9zHm3tsbw3MUD08FjVzDDo5Jfdnmrw,,&q={searchTerms}
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files\Internet Download Manager\IDMIECC.dll [2015-12-08] (Internet Download Manager, Tonec Inc.)
BHO: Pas de nom -> {11111111-1111-1111-1111-110611571143} -> Pas de fichier
BHO: Pas de nom -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> Pas de fichier
BHO: Search@Mail.Ru -> {8E8F97CD-60B5-456F-A201-73065652D099} -> C:\Users\Youcef Hadjersi\AppData\Local\Mail.Ru\Sputnik\ie_addon_dll.dll [2018-12-29] (Mail.Ru)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
Toolbar: HKU\S-1-5-21-2524844636-2310631664-1732187011-500 -> Pas de nom - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - Pas de fichier
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.mystartsearch.com/?type=sc&ts=1416018646&from=smt&uid=ST9500325AS_6VEMLYH7

FireFox:
========
FF DefaultProfile: h8vl6piv.default-1546208146065
FF ProfilePath: C:\Users\Youcef Hadjersi\AppData\Roaming\Mozilla\Firefox\Profiles\h8vl6piv.default-1546208146065 [2018-12-30]
FF Extension: (Adblock Plus) - C:\Users\Youcef Hadjersi\AppData\Roaming\Mozilla\Firefox\Profiles\h8vl6piv.default-1546208146065\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2018-12-30]
FF HKLM\...\Firefox\Extensions: [faststartff@gmail.com] - C:\Users\Youcef Hadjersi\AppData\Roaming\Mozilla\Firefox\Profiles\fu2tq6fe.default\extensions\faststartff@gmail.com => non trouvé(e)
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_32_0_0_101.dll [2018-12-06] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1213153.dll [2014-06-24] (Adobe Systems, Inc.)
FF Plugin: @microsoft.com/GENUINE -> disabled [Pas de fichier]
FF Plugin: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-12-04] (Adobe Systems Inc.)
FF Plugin: yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1 -> C:\Program Files\Yahoo!\Common\npyaxmpb.dll [2006-11-03] (Yahoo! Inc.)

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [gndoicapfdaldiokbcdnllfhnapokcbk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [ikpcpgklmefncbfgbdifkaphbaapgafh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [jlnfdbbladgcmhhamgkioifhbobjaoof] - C:\Program Files\LemurLeap\jlnfdbbladgcmhhamgkioifhbobjaoof.crx <non trouvé(e)>
CHR HKLM\...\Chrome\Extension: [mdhpacfhljhcombkalcmkahkhodpkbim] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files\Internet Download Manager\IDMGCExt.crx [2015-12-18]

Opera:
=======
OPR Extension: (LemurLeap) - C:\Users\Youcef Hadjersi\AppData\Roaming\Opera Software\Opera Stable\Extensions\khjlmoimbipephlkgfglajblpkgngcli [2015-12-27]
OPR Extension: (EnterDigital) - C:\Users\Youcef Hadjersi\AppData\Roaming\Opera Software\Opera Stable\Extensions\loaijddfgbgdmididoklildabncemoog [2015-12-26]
OPR Extension: (Adblock Plus) - C:\Users\Youcef Hadjersi\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2018-12-29]

==================== Services (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R2 AIPS; C:\Program Files\arcai.com\aips.exe [2677760 2018-05-11] (Arcai.com) [Fichier non signé]
S3 aswbIDSAgent; C:\Program Files\Alwil Software\Avast5\aswidsagent.exe [6799632 2018-11-19] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [324000 2018-11-19] (AVAST Software)
R2 backlh; C:\ProgramData\Logic Cramble\set.exe [3780096 2018-12-30] () [Fichier non signé] <==== ATTENTION
R2 HP Wireless Assistant Service; C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [103992 2010-07-21] (Hewlett-Packard Company)
R2 IconMan_R; C:\Program Files\Realtek\Realtek PCIE Card Reader\RIconMan.exe [1752576 2011-02-18] (Realsil Microelectronics Inc.) [Fichier non signé]
R2 localNETService; C:\ProgramData\localNETService\localNETService.exe [730416 2018-12-29] (Google Inc.)
R2 RalinkRegistryWriter; C:\Program Files\Ralink\Common\RaRegistry.exe [375872 2011-03-31] (Ralink Technology, Corp.)
S3 RaMediaServer; C:\Program Files\Ralink\Common\RaMediaServer.exe [625728 2011-08-18] ()
R2 RoxioNow Service; C:\Program Files\Roxio\RoxioNow Player\RNowSvc.exe [399344 2010-11-26] (Roxio)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV.exe [282709 2011-06-07] (IDT, Inc.)
S3 uSHAREitSvc; C:\Program Files\SHAREit Technologies\SHAREit\SHAREit.Service.exe [33224 2017-09-11] (SHAREit Technologies Co.Ltd)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
S2 avast; "C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe" /svc [X]
S3 avastm; "C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe" /medsvc [X]
S3 rpcapd; "%ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini" [X]

===================== Pilotes (Avec liste blanche) ======================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R1 8E5095447D9F; C:\Windows\8E5095447D9F.sys [493800 2018-12-30] (VideoDriver)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [167480 2018-11-19] (AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriverx.sys [188976 2018-11-19] (AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidshx.sys [165384 2018-11-19] (AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswblogx.sys [284256 2018-11-19] (AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbunivx.sys [57904 2018-11-19] (AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [183176 2018-11-26] (AVAST Software)
S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [42736 2018-11-19] (AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [40688 2018-11-19] (AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [135200 2018-11-19] (AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [100984 2018-11-19] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [72800 2018-11-19] (AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [784560 2018-11-19] (AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [397992 2018-11-19] (AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [156936 2018-11-19] (AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [310200 2018-11-19] (AVAST Software)
R3 BTWAMPFL; C:\Windows\System32\DRIVERS\btwampfl.sys [302120 2011-03-25] (Broadcom Corporation.)
R1 ElbyCDIO; C:\Windows\System32\Drivers\ElbyCDIO.sys [31088 2010-12-16] (Elaborate Bytes AG)
S3 gdrv; C:\Windows\gdrv.sys [15600 2017-02-08] (Windows (R) 2000 DDK provider)
S3 intelkmd; C:\Windows\System32\DRIVERS\igdpmd32.sys [10786304 2011-04-15] (Intel Corporation) [Fichier non signé]
S3 netr28u; C:\Windows\System32\DRIVERS\netr28u.sys [1265216 2011-09-09] (Ralink Technology Corp.)
R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
S3 RSPCIESTOR; C:\Windows\System32\DRIVERS\RtsPStor.sys [251496 2011-02-15] (Realtek Semiconductor Corp.)
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [22728 2018-05-11] (SlimWare Utilities, Inc.)
R3 vpcbus; C:\Windows\System32\DRIVERS\vpchbus.sys [165376 2009-07-22] (Microsoft Corporation)
R1 vpcnfltr; C:\Windows\System32\DRIVERS\vpcnfltr.sys [55040 2009-07-22] (Microsoft Corporation)
R3 vpcusb; C:\Windows\System32\DRIVERS\vpcusb.sys [78336 2009-07-22] (Microsoft Corporation)
S3 vpcuxd; C:\Windows\System32\DRIVERS\vpcuxd.sys [12800 2009-07-22] (Microsoft Corporation)
R1 vpcvmm; C:\Windows\System32\drivers\vpcvmm.sys [293904 2009-07-22] (Microsoft Corporation)
U5 terminpt; C:\Windows\System32\Drivers\terminpt.sys [24064 2013-03-23] (Microsoft Corporation) [Fichier non signé]
S3 vmci; \SystemRoot\system32\DRIVERS\vmci.sys [X]
S3 VMnetAdapter; system32\DRIVERS\vmnetadapter.sys [X]

==================== NetSvcs (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)


==================== Un mois - Créés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2018-12-30 23:42 - 2018-12-30 23:45 - 000024289 _____ C:\Users\Youcef Hadjersi\Desktop\FRST.txt
2018-12-30 23:39 - 2018-12-30 23:42 - 000000000 ____D C:\FRST
2018-12-30 23:38 - 2018-12-30 23:38 - 001781760 _____ (Farbar) C:\Users\Youcef Hadjersi\Desktop\FRST.exe
2018-12-30 23:15 - 2018-12-30 23:15 - 000000000 ____D C:\Users\Youcef Hadjersi\Desktop\Anciennes données de Firefox
2018-12-30 23:03 - 2018-12-30 23:03 - 000320216 _____ (Mozilla) C:\Users\Youcef Hadjersi\Downloads\Firefox Installer.exe
2018-12-30 23:00 - 2018-12-30 23:00 - 000001077 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2018-12-30 23:00 - 2018-12-30 23:00 - 000001065 _____ C:\Users\Public\Desktop\Firefox.lnk
2018-12-30 22:20 - 2018-12-30 22:21 - 001136176 _____ (Google Inc.) C:\Users\Youcef Hadjersi\Downloads\ChromeSetup(1).exe
2018-12-30 20:12 - 2018-12-30 22:56 - 000010516 _____ C:\Windows\system32\rrrr.txt
2018-12-30 20:12 - 2018-12-30 20:12 - 000000000 ____D C:\Users\Youcef Hadjersi\AppData\Roaming\s0fvewkdtmo
2018-12-30 20:12 - 2018-12-30 20:12 - 000000000 ____D C:\Program Files\RFI9JCI2K6
2018-12-30 19:40 - 2018-12-30 21:14 - 000000000 ____D C:\Program Files\ShutdownTime
2018-12-30 19:40 - 2018-12-30 19:41 - 000000000 ____D C:\Program Files\42M606S8LX
2018-12-30 19:40 - 2018-12-30 19:40 - 000000000 ____D C:\Users\Youcef Hadjersi\AppData\Roaming\qx3mg1kfdgo
2018-12-30 19:39 - 2018-12-30 19:39 - 000493800 _____ (VideoDriver) C:\Windows\8E5095447D9F.sys
2018-12-30 19:38 - 2018-12-30 19:38 - 000001068 _____ C:\Users\Youcef Hadjersi\Desktop\foldershare.lnk
2018-12-30 19:37 - 2018-12-30 19:38 - 000000000 ____D C:\Program Files\foldershare
2018-12-30 19:36 - 2018-12-30 20:44 - 000000000 ____D C:\Program Files\Common Files\Rankhome
2018-12-30 19:36 - 2018-12-30 19:36 - 007858688 _____ C:\Users\Youcef Hadjersi\AppData\Local\agent.dat
2018-12-30 19:36 - 2018-12-30 19:36 - 002036384 _____ C:\Users\Youcef Hadjersi\AppData\Local\Quadhome.tst
2018-12-30 19:36 - 2018-12-30 19:36 - 001895382 _____ C:\Users\Youcef Hadjersi\AppData\Local\Groove-Sing.bin
2018-12-30 19:36 - 2018-12-30 19:36 - 000126464 _____ C:\Users\Youcef Hadjersi\AppData\Local\noah.dat
2018-12-30 19:36 - 2018-12-30 19:36 - 000070896 _____ C:\Users\Youcef Hadjersi\AppData\Local\Config.xml
2018-12-30 19:36 - 2018-12-30 19:36 - 000018432 _____ C:\Users\Youcef Hadjersi\AppData\Local\Main.dat
2018-12-30 19:36 - 2018-12-30 19:36 - 000005568 _____ C:\Users\Youcef Hadjersi\AppData\Local\md.xml
2018-12-30 19:36 - 2018-12-30 19:36 - 000000000 ____D C:\ProgramData\Quoteexs
2018-12-30 19:36 - 2018-12-30 19:36 - 000000000 ____D C:\ProgramData\Logic Cramble
2018-12-30 19:35 - 2018-12-30 20:38 - 000722944 _____ C:\Users\Youcef Hadjersi\AppData\Local\sham.db
2018-12-30 19:35 - 2018-12-30 19:35 - 003622912 _____ (TODO: <Company name>) C:\Users\Youcef Hadjersi\AppData\Local\Xxx-It.exe
2018-12-30 19:35 - 2018-12-30 19:35 - 003622912 _____ (TODO: <Company name>) C:\Users\Youcef Hadjersi\AppData\Local\Quadhome.exe
2018-12-30 19:35 - 2018-12-30 19:35 - 000278510 _____ C:\Users\Youcef Hadjersi\AppData\Local\Xxx-It.tst
2018-12-30 19:35 - 2018-12-30 19:35 - 000140800 _____ C:\Users\Youcef Hadjersi\AppData\Local\installer.dat
2018-12-30 19:35 - 2018-12-30 19:35 - 000016416 _____ C:\Users\Youcef Hadjersi\AppData\Local\InstallationConfiguration.xml
2018-12-29 21:26 - 2018-12-29 21:26 - 000083784 _____ (Microsoft Corporation) C:\ProgramData\vcruntime140.dll
2018-12-29 21:25 - 2018-12-30 23:44 - 000000004 _____ C:\ProgramData\lock.dat
2018-12-29 21:25 - 2018-12-30 22:57 - 000000028 _____ C:\ProgramData\irw.atsd
2018-12-29 21:25 - 2018-12-29 21:26 - 000000000 ____D C:\ProgramData\I5PAC19TTD6VU9DBTRAI
2018-12-29 21:25 - 2018-12-29 21:25 - 001246160 _____ (Mozilla Foundation) C:\ProgramData\nss3.dll
2018-12-29 21:25 - 2018-12-29 21:25 - 000440120 _____ (Microsoft Corporation) C:\ProgramData\msvcp140.dll
2018-12-29 21:25 - 2018-12-29 21:25 - 000137168 _____ (Mozilla Foundation) C:\ProgramData\mozglue.dll
2018-12-29 21:25 - 2018-12-29 21:25 - 000000008 _____ C:\ProgramData\ts.dat
2018-12-29 21:08 - 2018-12-29 21:11 - 000000000 ____D C:\Users\Youcef Hadjersi\Downloads\cydia-update(3)
2018-12-29 20:34 - 2018-12-29 20:36 - 019448225 _____ C:\Users\Youcef Hadjersi\Downloads\Impactor_0.9.51.zip
2018-12-29 20:31 - 2018-12-29 20:31 - 000000000 ____D C:\Users\Youcef Hadjersi\Downloads\PanguNEW-12-released
2018-12-29 20:28 - 2018-12-29 20:31 - 007605547 _____ C:\Users\Youcef Hadjersi\Downloads\PanguNEW-12-released.zip
2018-12-29 20:14 - 2018-12-29 20:14 - 000000000 ____D C:\Users\Youcef Hadjersi\Downloads\jailbreak-beta
2018-12-29 20:11 - 2018-12-29 21:28 - 000000290 __RSH C:\Users\Youcef Hadjersi\ntuser.pol
2018-12-29 20:09 - 2018-12-29 20:10 - 000000000 ____D C:\Users\Youcef Hadjersi\Downloads\cydia-update(1)
2018-12-29 20:05 - 2018-12-29 20:05 - 000000000 ____D C:\Users\Youcef Hadjersi\Downloads\ElectraLized-12-master
2018-12-29 20:00 - 2018-12-29 20:04 - 007607289 _____ C:\Users\Youcef Hadjersi\Downloads\ElectraLized-12-master.zip
2018-12-29 19:39 - 2018-12-30 19:20 - 000000000 ____D C:\Program Files\Mail.Ru
2018-12-29 19:36 - 2018-12-30 19:20 - 000000000 ____D C:\Users\Youcef Hadjersi\AppData\Local\Mail.Ru
2018-12-29 19:36 - 2018-12-29 19:39 - 000000000 ____D C:\ProgramData\Mail.Ru
2018-12-29 19:35 - 2018-12-30 21:15 - 000000000 ____D C:\Users\Youcef Hadjersi\AppData\Local\WhiteClick
2018-12-29 19:34 - 2018-12-30 21:15 - 000000000 ____D C:\Users\Youcef Hadjersi\AppData\Local\WhiteClick LLC
2018-12-29 19:33 - 2018-12-29 19:33 - 000000000 ____D C:\ProgramData\localNETService
2018-12-29 19:32 - 2018-12-30 19:41 - 000000000 ____D C:\Program Files\Salz
2018-12-29 19:31 - 2018-12-30 19:06 - 000000000 ____D C:\Users\Youcef Hadjersi\AppData\Local\WServices
2018-12-29 19:31 - 2018-12-29 19:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Application Controller
2018-12-29 19:31 - 2018-12-29 19:31 - 000000000 ____D C:\Program Files\Smart Application Controller
2018-12-29 19:30 - 2018-12-29 19:30 - 000000000 ____D C:\Users\Youcef Hadjersi\AppData\Roaming\Smart Application Controller
2018-12-29 19:29 - 2018-12-29 19:29 - 000000000 ____D C:\Users\Youcef Hadjersi\Downloads\cydia-update
2018-12-29 19:28 - 2018-12-29 19:28 - 000000000 ____D C:\Users\Youcef Hadjersi\Downloads\jb-tool_12to12.1.3-master
2018-12-29 19:24 - 2018-12-29 19:27 - 007605579 _____ C:\Users\Youcef Hadjersi\Downloads\jb-tool_12to12.1.3-master.zip
2018-12-29 18:08 - 2018-12-29 18:08 - 000383416 _____ C:\Users\Youcef Hadjersi\Downloads\iMyfone-data-recovery-for-iphone_setup.exe
2018-12-28 13:54 - 2018-12-28 14:05 - 000000117 _____ C:\Users\Public\Desktop\netcut.url
2018-12-28 13:54 - 2018-12-28 14:05 - 000000117 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\netcut.url
2018-12-28 13:54 - 2018-12-28 14:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\netcut
2018-12-22 17:50 - 2018-12-22 17:50 - 000001707 _____ C:\Users\Public\Desktop\iTunes.lnk
2018-12-22 17:50 - 2018-12-22 17:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2018-12-22 17:50 - 2018-12-22 17:50 - 000000000 ____D C:\Program Files\iPod
2018-12-22 17:48 - 2018-12-22 17:50 - 000000000 ____D C:\Program Files\iTunes
2018-12-20 19:24 - 2018-12-15 00:14 - 000348760 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2018-12-20 19:24 - 2018-12-14 07:58 - 020280832 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2018-12-20 19:24 - 2018-12-14 07:51 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2018-12-20 19:24 - 2018-12-14 07:51 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2018-12-20 19:24 - 2018-12-14 07:41 - 000498176 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2018-12-20 19:24 - 2018-12-14 07:41 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2018-12-20 19:24 - 2018-12-14 07:40 - 000341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2018-12-20 19:24 - 2018-12-14 07:40 - 000047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2018-12-20 19:24 - 2018-12-14 07:39 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2018-12-20 19:24 - 2018-12-14 07:38 - 002295808 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2018-12-20 19:24 - 2018-12-14 07:35 - 000047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2018-12-20 19:24 - 2018-12-14 07:35 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2018-12-20 19:24 - 2018-12-14 07:34 - 000476160 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2018-12-20 19:24 - 2018-12-14 07:33 - 000663040 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2018-12-20 19:24 - 2018-12-14 07:33 - 000115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2018-12-20 19:24 - 2018-12-14 07:33 - 000104960 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2018-12-20 19:24 - 2018-12-14 07:32 - 000620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2018-12-20 19:24 - 2018-12-14 07:29 - 000668160 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2018-12-20 19:24 - 2018-12-14 07:26 - 000416256 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2018-12-20 19:24 - 2018-12-14 07:23 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2018-12-20 19:24 - 2018-12-14 07:22 - 000091136 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2018-12-20 19:24 - 2018-12-14 07:22 - 000073216 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2018-12-20 19:24 - 2018-12-14 07:20 - 000168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2018-12-20 19:24 - 2018-12-14 07:19 - 000279040 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2018-12-20 19:24 - 2018-12-14 07:19 - 000076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2018-12-20 19:24 - 2018-12-14 07:18 - 004494848 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2018-12-20 19:24 - 2018-12-14 07:18 - 000130048 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2018-12-20 19:24 - 2018-12-14 07:14 - 013681152 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2018-12-20 19:24 - 2018-12-14 07:13 - 000230400 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2018-12-20 19:24 - 2018-12-14 07:11 - 002059776 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2018-12-20 19:24 - 2018-12-14 07:11 - 000696320 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2018-12-20 19:24 - 2018-12-14 07:11 - 000692224 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2018-12-20 19:24 - 2018-12-14 07:10 - 001155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2018-12-20 19:24 - 2018-12-14 06:58 - 004386816 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2018-12-20 19:24 - 2018-12-14 06:54 - 001330176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2018-12-20 19:24 - 2018-12-14 06:52 - 000710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2018-12-12 00:21 - 2018-12-06 03:35 - 002405376 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2018-12-12 00:21 - 2018-11-28 22:50 - 012574208 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2018-12-12 00:21 - 2018-11-28 22:50 - 011411968 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2018-12-12 00:21 - 2018-11-28 22:38 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2018-12-12 00:21 - 2018-11-28 22:38 - 000004608 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2018-12-12 00:21 - 2018-11-28 22:38 - 000004608 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2018-12-12 00:21 - 2018-11-11 17:50 - 000189672 _____ (Microsoft Corporation) C:\Windows\system32\halmacpi.dll
2018-12-12 00:21 - 2018-11-11 17:50 - 000189672 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2018-12-12 00:21 - 2018-11-11 17:49 - 004054760 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2018-12-12 00:21 - 2018-11-11 17:49 - 003960040 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2018-12-12 00:21 - 2018-11-11 17:49 - 000162536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msrpc.sys
2018-12-12 00:21 - 2018-11-11 17:49 - 000137960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2018-12-12 00:21 - 2018-11-11 17:49 - 000136424 _____ (Microsoft Corporation) C:\Windows\system32\halacpi.dll
2018-12-12 00:21 - 2018-11-11 17:49 - 000067304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2018-12-12 00:21 - 2018-11-11 17:47 - 001310528 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2018-12-12 00:21 - 2018-11-11 17:45 - 001063424 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2018-12-12 00:21 - 2018-11-11 17:45 - 000655360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2018-12-12 00:21 - 2018-11-11 17:45 - 000554496 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2018-12-12 00:21 - 2018-11-11 17:45 - 000400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2018-12-12 00:21 - 2018-11-11 17:45 - 000261120 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2018-12-12 00:21 - 2018-11-11 17:45 - 000254464 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2018-12-12 00:21 - 2018-11-11 17:45 - 000223232 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2018-12-12 00:21 - 2018-11-11 17:45 - 000172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2018-12-12 00:21 - 2018-11-11 17:45 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2018-12-12 00:21 - 2018-11-11 17:45 - 000141312 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2018-12-12 00:21 - 2018-11-11 17:45 - 000099840 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2018-12-12 00:21 - 2018-11-11 17:45 - 000070144 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2018-12-12 00:21 - 2018-11-11 17:45 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2018-12-12 00:21 - 2018-11-11 17:45 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2018-12-12 00:21 - 2018-11-11 17:45 - 000043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2018-12-12 00:21 - 2018-11-11 17:45 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2018-12-12 00:21 - 2018-11-11 17:44 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2018-12-12 00:21 - 2018-11-11 17:44 - 000644096 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2018-12-12 00:21 - 2018-11-11 17:44 - 000307200 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2018-12-12 00:21 - 2018-11-11 17:44 - 000082432 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2018-12-12 00:21 - 2018-11-11 17:44 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2018-12-12 00:21 - 2018-11-11 17:44 - 000038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2018-12-12 00:21 - 2018-11-11 17:44 - 000017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2018-12-12 00:21 - 2018-11-11 17:44 - 000006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2018-12-12 00:21 - 2018-11-11 17:20 - 000097792 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2018-12-12 00:21 - 2018-11-11 17:20 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2018-12-12 00:21 - 2018-11-11 17:20 - 000029696 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2018-12-12 00:21 - 2018-11-11 17:20 - 000016896 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2018-12-12 00:21 - 2018-11-11 17:19 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2018-12-12 00:21 - 2018-11-11 17:17 - 000262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2018-12-12 00:21 - 2018-11-11 17:17 - 000107008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
2018-12-12 00:21 - 2018-11-11 17:15 - 000226304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2018-12-12 00:21 - 2018-11-11 17:14 - 000125952 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2018-12-12 00:21 - 2018-11-11 17:14 - 000098816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2018-12-12 00:21 - 2018-11-11 17:14 - 000069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2018-12-12 00:21 - 2018-11-11 17:14 - 000036352 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2018-12-12 00:21 - 2018-11-11 17:14 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2018-12-12 00:21 - 2018-11-11 17:14 - 000015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2018-12-12 00:21 - 2018-11-11 17:13 - 000055296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys
2018-12-12 00:21 - 2018-11-11 17:13 - 000053760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys
2018-12-12 00:21 - 2018-11-11 17:13 - 000053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\viac7.sys
2018-12-12 00:21 - 2018-11-11 17:13 - 000052736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys
2018-12-12 00:21 - 2018-11-11 17:13 - 000052224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys
2018-12-12 00:21 - 2018-11-08 17:43 - 001391104 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2018-12-12 00:21 - 2018-11-08 17:43 - 001241088 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2018-12-12 00:21 - 2018-11-08 17:43 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2018-12-12 00:21 - 2018-11-08 17:43 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2018-12-12 00:21 - 2018-11-06 05:20 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2018-12-12 00:21 - 2018-10-06 16:50 - 000309480 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2018-12-12 00:21 - 2018-10-06 16:44 - 000111616 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2018-12-12 00:21 - 2018-10-06 16:43 - 000071680 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2018-12-12 00:21 - 2018-10-06 16:43 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2018-12-12 00:21 - 2018-10-06 16:43 - 000010240 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2018-12-12 00:21 - 2018-10-06 16:16 - 000034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2018-12-02 18:31 - 2018-12-22 17:48 - 000000000 ____D C:\ProgramData\B0FFCDD9-5261-4e59-B29A-17A4FABDEBAB
2018-12-02 18:22 - 2018-12-02 18:23 - 000431032 _____ C:\Users\Youcef Hadjersi\Downloads\imyfone-itransfer_setup.exe
2018-12-01 23:07 - 2018-12-01 23:07 - 000000000 ____D C:\Users\Youcef Hadjersi\AppData\Local\iTunes
2018-12-01 21:32 - 2018-12-01 21:32 - 000006498 _____ C:\Users\Youcef Hadjersi\Documents\iTunes Library.itl
2018-12-01 20:07 - 2018-12-01 20:07 - 000000000 _____ C:\Users\Youcef Hadjersi\Downloads\Non confirmé 965197.crdownload

==================== Un mois - Modifiés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2018-12-30 23:43 - 2016-12-26 13:46 - 000000000 ____D C:\Users\Youcef Hadjersi\AppData\LocalLow\Mozilla
2018-12-30 23:33 - 2013-08-19 17:43 - 000000000 ____D C:\Program Files\Google
2018-12-30 23:32 - 2013-08-19 17:43 - 000000000 ____D C:\Users\Youcef Hadjersi\AppData\Local\Google
2018-12-30 23:11 - 2017-01-01 21:55 - 000000000 ____D C:\Program Files\Mozilla Firefox
2018-12-30 23:11 - 2013-08-19 17:42 - 000000000 ____D C:\Program Files\Mozilla Maintenance Service
2018-12-30 23:03 - 2009-07-14 05:34 - 000021904 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-12-30 23:03 - 2009-07-14 05:34 - 000021904 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-12-30 22:56 - 2017-08-15 20:03 - 000000000 ____D C:\Users\Youcef Hadjersi\AppData\Roaming\Raptr
2018-12-30 22:55 - 2009-07-14 05:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-12-30 22:54 - 2013-08-19 16:51 - 000000000 ____D C:\Users\Youcef Hadjersi\AppData\Roaming\DMCache
2018-12-30 20:37 - 2017-05-21 21:05 - 000000000 ____D C:\Users\Youcef Hadjersi\AppData\Local\Facebook
2018-12-30 20:36 - 2015-01-13 00:39 - 000000000 ____D C:\Program Files\Opera
2018-12-30 20:32 - 2016-06-13 02:45 - 000000000 ____D C:\Users\Youcef Hadjersi\Downloads\Outlook.com
2018-12-30 20:29 - 2018-05-09 19:26 - 000000000 ____D C:\Users\Youcef Hadjersi\AppData\Local\AVAST Software
2018-12-30 19:37 - 2009-07-14 05:52 - 000000000 ____D C:\Program Files\DVD Maker
2018-12-30 19:36 - 2013-08-19 15:42 - 000001014 _____ C:\Users\Youcef Hadjersi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2018-12-30 19:34 - 2015-12-31 17:04 - 000000000 ____D C:\Users\Youcef Hadjersi\Downloads\Compressed
2018-12-30 19:20 - 2016-06-05 01:49 - 000000000 ____D C:\ProgramData\Google
2018-12-30 19:18 - 2017-02-11 02:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R.G. Games
2018-12-30 19:18 - 2017-01-27 22:22 - 000000000 ____D C:\Program Files\GTA IV Vehicle Mod Installer
2018-12-30 01:37 - 2013-08-19 17:48 - 000000000 ____D C:\Windows\system32\Macromed
2018-12-29 21:28 - 2014-09-19 17:11 - 000004012 __RSH C:\ProgramData\ntuser.pol
2018-12-29 21:28 - 2013-08-19 15:42 - 000000000 ____D C:\Users\Youcef Hadjersi
2018-12-29 20:03 - 2013-08-19 17:44 - 000000000 ____D C:\ProgramData\AVAST Software
2018-12-29 19:41 - 2009-07-14 03:37 - 000000000 ___HD C:\Windows\system32\GroupPolicy
2018-12-28 14:06 - 2018-04-07 15:12 - 000000000 ____D C:\Program Files\WinPcap
2018-12-28 14:05 - 2018-04-07 15:12 - 000000000 ____D C:\Program Files\arcai.com
2018-12-28 14:04 - 2018-04-07 15:12 - 000000684 _____ C:\Windows\system32\rsatest.txt
2018-12-28 14:04 - 2018-04-07 15:12 - 000000064 _____ C:\Windows\system32\aes.txt
2018-12-23 01:15 - 2017-05-21 21:05 - 000000000 ____D C:\Users\Youcef Hadjersi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Facebook
2018-12-22 21:41 - 2009-07-14 03:37 - 000000000 ____D C:\Windows\rescache
2018-12-22 17:48 - 2013-12-08 18:03 - 000000000 ____D C:\Program Files\Common Files\Apple
2018-12-21 17:56 - 2009-07-14 05:46 - 000001515 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2018-12-21 17:50 - 2013-10-30 23:25 - 000000000 ____D C:\Users\Youcef Hadjersi\AppData\Roaming\vlc
2018-12-21 17:49 - 2016-06-14 05:36 - 000000000 ____D C:\Users\Youcef Hadjersi\AppData\Local\Windows Live
2018-12-12 03:39 - 2011-04-12 02:35 - 002157944 _____ C:\Windows\system32\perfh00C.dat
2018-12-12 03:39 - 2011-04-12 02:35 - 000626984 _____ C:\Windows\system32\perfc00C.dat
2018-12-12 03:39 - 2010-11-20 22:01 - 000006224 _____ C:\Windows\system32\PerfStringBackup.INI
2018-12-12 03:33 - 2009-07-14 05:33 - 000410352 _____ C:\Windows\system32\FNTCACHE.DAT
2018-12-12 03:13 - 2013-08-20 08:14 - 000000000 ____D C:\Windows\system32\MRT
2018-12-12 03:05 - 2013-08-20 08:14 - 134209608 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2018-12-12 00:23 - 2017-04-11 20:38 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-12-09 19:14 - 2009-07-14 05:53 - 000032482 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2018-12-06 19:58 - 2013-10-05 22:07 - 000842240 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2018-12-06 19:58 - 2013-10-05 22:07 - 000175104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl

==================== Fichiers à la racine de certains dossiers =======

2018-12-29 21:25 - 2018-12-30 23:44 - 000000004 _____ () C:\ProgramData\lock.dat
2018-12-29 21:25 - 2018-12-29 21:25 - 000137168 _____ (Mozilla Foundation) C:\ProgramData\mozglue.dll
2018-12-29 21:25 - 2018-12-29 21:25 - 000440120 _____ (Microsoft Corporation) C:\ProgramData\msvcp140.dll
2018-12-29 21:25 - 2018-12-29 21:25 - 001246160 _____ (Mozilla Foundation) C:\ProgramData\nss3.dll
2018-12-29 21:25 - 2018-12-29 21:25 - 000000008 _____ () C:\ProgramData\ts.dat
2018-12-29 21:26 - 2018-12-29 21:26 - 000083784 _____ (Microsoft Corporation) C:\ProgramData\vcruntime140.dll
2011-11-22 21:49 - 2011-11-22 21:49 - 013640592 ____N ( ) C:\Users\DVB Dream Full\dvbdreamsetup_v17a.exe
2013-08-20 10:34 - 2013-08-20 11:32 - 000013030 _____ () C:\Users\Youcef Hadjersi\AppData\Roaming\PDOXUSRS.NET
2014-01-21 18:50 - 2015-12-27 00:33 - 000000600 _____ () C:\Users\Youcef Hadjersi\AppData\Roaming\winscp.rnd
2018-12-30 19:36 - 2018-12-30 19:36 - 007858688 _____ () C:\Users\Youcef Hadjersi\AppData\Local\agent.dat
2018-12-30 19:36 - 2018-12-30 19:36 - 000070896 _____ () C:\Users\Youcef Hadjersi\AppData\Local\Config.xml
2018-12-30 19:36 - 2018-12-30 19:36 - 001895382 _____ () C:\Users\Youcef Hadjersi\AppData\Local\Groove-Sing.bin
2018-12-30 19:35 - 2018-12-30 19:35 - 000016416 _____ () C:\Users\Youcef Hadjersi\AppData\Local\InstallationConfiguration.xml
2018-12-30 19:35 - 2018-12-30 19:35 - 000140800 _____ () C:\Users\Youcef Hadjersi\AppData\Local\installer.dat
2018-12-30 19:36 - 2018-12-30 19:36 - 000018432 _____ () C:\Users\Youcef Hadjersi\AppData\Local\Main.dat
2018-12-30 19:36 - 2018-12-30 19:36 - 000005568 _____ () C:\Users\Youcef Hadjersi\AppData\Local\md.xml
2018-12-30 19:36 - 2018-12-30 19:36 - 000126464 _____ () C:\Users\Youcef Hadjersi\AppData\Local\noah.dat
2013-12-21 01:06 - 2014-03-11 18:41 - 000000600 _____ () C:\Users\Youcef Hadjersi\AppData\Local\PUTTY.RND
2018-12-30 19:35 - 2018-12-30 19:35 - 003622912 _____ (TODO: <Company name>) C:\Users\Youcef Hadjersi\AppData\Local\Quadhome.exe
2018-12-30 19:36 - 2018-12-30 19:36 - 002036384 _____ () C:\Users\Youcef Hadjersi\AppData\Local\Quadhome.tst
2017-04-16 14:55 - 2017-04-16 14:55 - 000007613 _____ () C:\Users\Youcef Hadjersi\AppData\Local\Resmon.ResmonCfg
2018-12-30 19:35 - 2018-12-30 20:38 - 000722944 _____ () C:\Users\Youcef Hadjersi\AppData\Local\sham.db
2018-12-30 19:36 - 2018-12-30 19:36 - 000032038 _____ () C:\Users\Youcef Hadjersi\AppData\Local\uninstall_temp.ico
2018-12-30 19:35 - 2018-12-30 19:35 - 003622912 _____ (TODO: <Company name>) C:\Users\Youcef Hadjersi\AppData\Local\Xxx-It.exe
2018-12-30 19:35 - 2018-12-30 19:35 - 000278510 _____ () C:\Users\Youcef Hadjersi\AppData\Local\Xxx-It.tst

Certains fichiers dans TEMP:
====================
2018-12-30 21:14 - 2018-12-30 21:14 - 000484864 _____ (1LT) C:\Users\Youcef Hadjersi\AppData\Local\Temp\6CNSII7C9Q3C.exe
2018-12-30 19:17 - 2018-12-29 19:40 - 000099900 _____ () C:\Users\Youcef Hadjersi\AppData\Local\Temp\Uninstall.exe
2018-12-29 22:46 - 2018-12-29 22:46 - 000958776 _____ (adaware) C:\Users\Youcef Hadjersi\AppData\Local\Temp\WCU009.exe
2018-12-29 21:11 - 2018-12-29 21:11 - 001104315 _____ (WhiteClick LLC ) C:\Users\Youcef Hadjersi\AppData\Local\Temp\whiteclick.exe

==================== Bamital & volsnap ======================

(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)

C:\Windows\explorer.exe => Le fichier est signé numériquement
C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement
C:\Windows\system32\wininit.exe => Le fichier est signé numériquement
C:\Windows\system32\svchost.exe => Le fichier est signé numériquement
C:\Windows\system32\services.exe => Le fichier est signé numériquement
C:\Windows\system32\User32.dll => Le fichier est signé numériquement
C:\Windows\system32\userinit.exe => Le fichier est signé numériquement
C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement
C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement


testsigning: ==> 'testsigning' est activé. Rechercher un éventuel pilote non signé <==== ATTENTION

LastRegBack: 2018-12-25 19:57

==================== Fin de FRST.txt ============================