Résultats de l'Analyse supplémentaire de Farbar Recovery Scan Tool (x64) Version: 24-03-2025 Exécuté par MICHEL MVK (28-03-2025 15:36:03) Exécuté depuis C:\Users\MCFIVE\Downloads Windows 10 Version 22H2 19045.5679 (X64) (2021-02-16 18:30:49) Mode d'amorçage: Normal ========================================================== ==================== Comptes: ============================= (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.) Administrateur (S-1-5-21-916869094-3403233507-1452638425-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-916869094-3403233507-1452638425-503 - Limited - Disabled) Invité (S-1-5-21-916869094-3403233507-1452638425-501 - Limited - Disabled) MCFIVE (S-1-5-21-916869094-3403233507-1452638425-1010 - Limited - Enabled) => C:\Users\MCFIVE MICHEL MVK (S-1-5-21-916869094-3403233507-1452638425-1011 - Administrator - Enabled) => C:\Users\MICHEL MVK WDAGUtilityAccount (S-1-5-21-916869094-3403233507-1452638425-504 - Limited - Disabled) ==================== Centre de sécurité ======================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.) AV: Malwarebytes (Enabled - Up to date) {0D452135-A081-B000-D6B6-132E52638543} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Programmes installés ====================== (Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.) 7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov) Admiral Markets MT5 (HKLM\...\Admiral Markets MT5) (Version: 5.00 - MetaQuotes Ltd.) Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1036-1033-7760-BC15014EA700}) (Version: 25.001.20435 - Adobe) Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601108}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden Audacity 3.0.4 (HKLM\...\Audacity_is1) (Version: 3.0.4 - Audacity Team) Brave (HKU\S-1-5-21-916869094-3403233507-1452638425-1010\...\BraveSoftware Brave-Browser) (Version: 134.1.76.82 - Auteurs de Brave) BrightPDF (HKU\S-1-5-21-916869094-3403233507-1452638425-1010\...\BrightPDF) (Version: 1.0 - BrightPDF) Capture NX-D (HKLM\...\{2D088846-B670-47AF-91C3-76E0B3E887C3}) (Version: 1.6.5 - Nikon Corporation) Contrôle d’intégrité du PC Windows (HKLM\...\{90C6971F-ABF1-4FBF-BD98-24F14C5F5AB4}) (Version: 3.6.2204.08001 - Microsoft Corporation) Contrôle d’intégrité du PC Windows (HKLM\...\{C2812DB5-E3F5-44FF-8EA0-8E03F1B61103}) (Version: 3.3.2110.22002 - Microsoft Corporation) Contrôle d’intégrité du PC Windows (HKLM\...\{DB3AADA3-0996-4427-87CC-8BA140012410}) (Version: 3.7.2204.15001 - Microsoft Corporation) CrowdBunker (HKU\S-1-5-21-916869094-3403233507-1452638425-1010\...\5d58ea62638d4dd24645985b9e8447b0) (Version: 1.0 - BraveSoftware\Brave-Browser) Disk Drill 4.3.586.0 (HKLM-x32\...\{bfc9449d-f283-402b-bbea-d1ab1601941a}) (Version: 4.3.586.0 - CleverFiles) Disk Drill 4.3.586.0 (x64) (HKLM\...\{F8BF1CAE-3A62-4ED3-BF09-10B84120F57C}) (Version: 4.3.586.0 - CleverFiles) Hidden Documentation Manager (HKLM\...\{87CA98A2-FF74-4CBE-81D8-0E9145F4A97C}) (Version: 22.30.0.11 - Intel Corporation) Hidden DownloadHelper CoApp (HKLM-x32\...\DownloadHelper CoApp) (Version: 2.0.19.0 - ACLAP) Dynamic Application Loader Host Interface Service (HKLM\...\{A28339C8-E641-4CCE-A316-56F405D1C245}) (Version: 1.0.0.0 - Intel Corporation) Hidden Easy Connection to Screen (HKLM\...\{12128269-E2C9-4D5B-8B34-0EDFDA6208C7}) (Version: 2.21.2 - Samsung) EasyTuneEngineService (HKLM-x32\...\{964575C3-5820-4642-A89A-754255B5EFE1}) (Version: 1.21.0114.1 - GIGABYTE) Hidden EasyTuneEngineService (HKLM-x32\...\InstallShield_{964575C3-5820-4642-A89A-754255B5EFE1}) (Version: 1.21.0114.1 - GIGABYTE) ENE_AIC_Marvell_HAL (HKLM\...\{085E2365-0A70-4230-B664-02D5E4FE7E9C}) (Version: 1.0.7.0 - ENE TECHNOLOGY INC.) Hidden ENE_AIC_Marvell_HAL (HKLM-x32\...\{887e18fb-6bc3-4cd4-b34e-32d9ff71bbae}) (Version: 1.0.7.0 - ENE TECHNOLOGY INC.) Hidden ENE_DRAM_RGB_AIO (HKLM\...\{1745D314-9077-46C9-8562-1C62BAE189B7}) (Version: 1.0.0.9 - Ene Tech.) Hidden ENE_DRAM_RGB_AIO (HKLM-x32\...\{8bcd6161-a822-4c5a-9711-472cb32c7adf}) (Version: 1.0.0.9 - Ene Tech.) Hidden ENE_EHD_M2_HAL (HKLM\...\{37A48B7F-D4EA-4863-844E-A284E2AA3C5D}) (Version: 1.0.6.0 - ENE TECHNOLOGY INC.) Hidden ENE_EHD_M2_HAL (HKLM-x32\...\{d8516682-de60-4332-ad6f-49373754b677}) (Version: 1.0.6.0 - ENE TECHNOLOGY INC.) Hidden ENE_EHD_SSS_HAL (HKLM\...\{CF703694-01C6-4062-B797-84DB215662BC}) (Version: 1.0.2.0 - ENE TECHNOLOGY INC.) Hidden ENE_EHD_SSS_HAL (HKLM-x32\...\{9eeadf99-713b-4ab5-9ccd-bf9c1c4d9daf}) (Version: 1.0.2.0 - ENE TECHNOLOGY INC.) Hidden Exodus (HKU\S-1-5-21-916869094-3403233507-1452638425-1010\...\exodus) (Version: 25.5.3 - Exodus Movement Inc) Fortuneo LIVE TRADER (64-bit) (HKU\S-1-5-21-916869094-3403233507-1452638425-1010\...\Fortuneo LIVE TRADER (x64)) (Version: 1.1.0.0 - Ariane Software) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 134.0.6998.167 - Google LLC) Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.101.0 - Google LLC) Hidden Google+ Auto Backup (HKU\S-1-5-21-916869094-3403233507-1452638425-1010\...\Google+ Auto Backup) (Version: 1.0.26.150 - Google, Inc.) Intel(R) Chipset Device Software (HKLM\...\{44C34709-F068-4CBC-8A71-515EDBC3B2A6}) (Version: 10.1.18383.8213 - Intel Corporation) Hidden Intel(R) Chipset Device Software (HKLM-x32\...\{afad3740-3061-4b48-a9ab-6f1435cb3dd6}) (Version: 10.1.18383.8213 - Intel(R) Corporation) Intel(R) Icls (HKLM\...\{0F81F40A-C278-47DA-8DD7-1961834FA78C}) (Version: 1.0.0.0 - Intel Corporation) Hidden Intel(R) LMS (HKLM\...\{A0983640-26D2-4CD8-A512-747BF3CF3F82}) (Version: 1.0.0.0 - Intel Corporation) Hidden Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 2101.15.0.2080 - Intel Corporation) Intel(R) Management Engine Components (HKLM\...\{21468D61-6A78-4358-B346-F4D37C6D55CC}) (Version: 1.0.0.0 - Intel Corporation) Hidden Intel(R) Management Engine Components (HKLM\...\{788371EA-0B02-40AD-85D0-21BE107E3628}) (Version: 1.0.0.0 - Intel Corporation) Hidden Intel(R) Management Engine Driver (HKLM\...\{2F171580-9C56-4A25-A5D5-CBBAA025BFA6}) (Version: 1.0.0.0 - Intel Corporation) Hidden Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00000030-0220-1036-84C8-B8D95FA3C8C3}) (Version: 22.30.0.4 - Intel Corporation) Intel® PROSet/Wireless WiFi Software (HKLM\...\{074B9893-BA7C-46C3-A5AD-D15971AA8666}) (Version: 21.30.3.3297 - Intel Corporation) Hidden Intel® Software Installer (HKLM-x32\...\{469cd1ee-2994-481c-ad19-874d4d32525b}) (Version: 22.30.0.11 - Intel Corporation) Hidden Ledger Live 2.47.0 (HKLM\...\c62032b2-0bca-5abc-b458-fd67cfc9e49b) (Version: 2.47.0 - Ledger Live Team) LibreOffice 7.1.1.2 (HKLM\...\{14E9DACB-8945-4B62-A19B-2C6245D48490}) (Version: 7.1.1.2 - The Document Foundation) Lifesize (HKU\S-1-5-21-916869094-3403233507-1452638425-1010\...\lifesize_app) (Version: 3.0.17 - Lifesize) Logiciel Intel® PROSet/Wireless (HKLM-x32\...\{0fdc2e5c-7a15-4db3-b33c-f303fe56f68d}) (Version: 21.30.3 - Intel Corporation) Logitech Capture (HKLM\...\Capture) (Version: 2.06.12 - Logitech) Malwarebytes version 5.2.8.173 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 5.2.8.173 - Malwarebytes) Microsoft .NET Host - 8.0.8 (x64) (HKLM\...\{3BA242F8-BDB5-4096-9FBC-333CD663BBAD}) (Version: 64.32.18380 - Microsoft Corporation) Hidden Microsoft .NET Host FX Resolver - 8.0.8 (x64) (HKLM\...\{7FE24458-0796-4428-99C2-9A0F8DAB93CC}) (Version: 64.32.18380 - Microsoft Corporation) Hidden Microsoft .NET Runtime - 8.0.8 (x64) (HKLM\...\{9ACB23DB-4D32-49ED-A5E3-F4E2F8D9D2AA}) (Version: 64.32.18380 - Microsoft Corporation) Hidden Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 134.0.3124.93 - Microsoft Corporation) Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 134.0.3124.85 - Microsoft Corporation) Hidden Microsoft OneDrive (HKU\S-1-5-21-916869094-3403233507-1452638425-1010\...\OneDriveSetup.exe) (Version: 25.041.0303.0002 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-916869094-3403233507-1452638425-1011\...\OneDriveSetup.exe) (Version: 25.035.0223.0003 - Microsoft Corporation) Microsoft Teams classic (HKU\S-1-5-21-916869094-3403233507-1452638425-1010\...\Teams) (Version: 1.8.00.6262 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{d491dd9d-2eda-4d75-b504-1a201436e7fd}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{3994d355-238a-4612-af93-26d13deddef1}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29334 (HKLM-x32\...\{b2d0f752-adc5-496e-8f70-8669de01f746}) (Version: 14.28.29334.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.40.33810 (HKLM-x32\...\{5af95fd8-a22e-458f-acee-c61bd787178e}) (Version: 14.40.33810.0 - Microsoft Corporation) Microsoft Visual C++ 2019 X86 Additional Runtime - 14.28.29334 (HKLM-x32\...\{14C49FC8-3E9B-4F29-8526-26629B5CF30B}) (Version: 14.28.29334 - Microsoft Corporation) Hidden Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.28.29334 (HKLM-x32\...\{0D01A812-82A1-481F-8546-8E28E976F8DF}) (Version: 14.28.29334 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X64 Additional Runtime - 14.40.33810 (HKLM\...\{59CED48F-EBFE-480C-8A38-FC079C2BEC0F}) (Version: 14.40.33810 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.40.33810 (HKLM\...\{B8B3BB4A-A10D-4F51-91B7-A64FFAC31EA7}) (Version: 14.40.33810 - Microsoft Corporation) Hidden Microsoft Windows Desktop Runtime - 8.0.8 (x64) (HKLM\...\{663E7053-3B36-4AE5-8223-234867FAEAE6}) (Version: 64.32.18376 - Microsoft Corporation) Hidden Microsoft Windows Desktop Runtime - 8.0.8 (x64) (HKLM-x32\...\{33832ff3-5583-4b81-b270-d9fd42760e1a}) (Version: 8.0.8.33916 - Microsoft Corporation) Mozilla Firefox (x64 fr) (HKLM\...\Mozilla Firefox 136.0.4 (x64 fr)) (Version: 136.0.4 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 109.0 - Mozilla) Nikon Message Center 2 (HKLM-x32\...\{B014EE44-9197-4513-9613-71E6EB1B514E}) (Version: 2.4.1 - Nikon Corporation) Nikon Transfer 2 (HKLM-x32\...\{757DBE04-3DC8-4741-B10B-4628745E96FE}) (Version: 2.13.7 - Nikon Corporation) NordUpdater (HKLM\...\{6E35DB82-3D19-4DD6-B8CB-F082815FDE18}_is1) (Version: 1.4.6.950 - Nord Security) NordVPN (HKLM\...\{19465C24-3D5D-4327-B99F-3CC0A1D38151}_is1) (Version: 7.37.1.0 - Nord Security) NordVPN network TAP (HKLM-x32\...\{97DEC5D6-2BE9-45BB-BFC5-274B851B486B}) (Version: 1.0.1 - NordVPN) NVIDIA Pilote graphique 516.94 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 516.94 - NVIDIA Corporation) NVIDIA RTX Desktop Manager 201.18 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView) (Version: 201.18 - NVIDIA Corporation) NVIDIA WMI 2.36.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVWMI) (Version: 2.36.0 - NVIDIA Corporation) Hidden oDownloader (HKLM-x32\...\{6F331B47-2434-42BD-9195-1861EA35F89B}) (Version: 3.0.6 - Infatica Ltd) Opera Stable 117.0.5408.53 (HKU\S-1-5-21-916869094-3403233507-1452638425-1010\...\Opera 117.0.5408.53) (Version: 117.0.5408.53 - Opera Software) Patriot Viper M2 SSD RGB (HKLM\...\{0886A906-0625-4A43-930D-AA92F6665AF4}) (Version: 1.00.04 - Patriot Memory) Hidden Patriot Viper M2 SSD RGB (HKLM-x32\...\{ebb7013c-0b03-497c-bed1-1e48e806a593}) (Version: 1.00.04 - Patriot Memory) Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.) Picture Control Utility 2 (HKLM\...\{C03DA72C-DE1F-4628-9CA0-53AFAE96C05F}) (Version: 2.4.7 - Nikon Corporation) Que sont les Grandes orientations des politiques économiques (GOPÉ) ? - Union Populaire Républicaine | UPR (HKU\S-1-5-21-916869094-3403233507-1452638425-1010\...\270fbcfaeaf179dbe6839b146dd70ba9) (Version: 1.0 - Vivaldi) Realtek Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9075.1 - Realtek Semiconductor Corp.) Revo Uninstaller 2.2.2 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.2.2 - VS Revo Group, Ltd.) Signal 5.34.0 (HKU\S-1-5-21-916869094-3403233507-1452638425-1010\...\7d96caee-06e6-597c-9f2f-c7bb2e0948b4) (Version: 5.34.0 - Open Whisper Systems) Telegram Desktop (HKU\S-1-5-21-916869094-3403233507-1452638425-1010\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 5.12.3 - Telegram FZ-LLC) Update for x64-based Windows Systems (KB5001716) (HKLM\...\{DA80A019-4C3B-4DAA-ACA1-6937D7CAAF9E}) (Version: 8.94.0.0 - Microsoft Corporation) VdhCoApp 1.6.3 (HKLM\...\weh-iss-net.downloadhelper.coapp_is1) (Version: - DownloadHelper) Vivaldi (HKU\S-1-5-21-916869094-3403233507-1452638425-1010\...\Vivaldi) (Version: 7.3.3635.2 - Vivaldi Technologies AS.) VLC media player (HKLM\...\VLC media player) (Version: 3.0.20 - VideoLAN) WhatsApp (HKU\S-1-5-21-916869094-3403233507-1452638425-1010\...\WhatsApp) (Version: 2.2222.12 - WhatsApp) WinRAR 6.00 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 6.00.0 - win.rar GmbH) X (HKU\S-1-5-21-916869094-3403233507-1452638425-1010\...\d7734fb8014f577f14d84d739d218320) (Version: 1.0 - Vivaldi) Packages: ========= Adobe Acrobat Reader -> C:\Program Files\Adobe\Acrobat DC [2025-03-07] () Copilot -> C:\Program Files\WindowsApps\Microsoft.Copilot_1.25014.121.0_x64__8wekyb3d8bbwe [2025-03-20] (Microsoft Corporation) [Startup Task] HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_158.1.1131.0_x64__v10z8vjag6ke6 [2025-03-07] (HP Inc.) Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.20.238.0_x64__dt26b99r8h8gj [2025-03-07] (Realtek Semiconductor Corp) ==================== Personnalisé CLSID (Avec liste blanche): ============== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) CustomCLSID: HKU\S-1-5-21-916869094-3403233507-1452638425-1010_Classes\CLSID\{04271989-C4D2-853D-C5C8-9ED21FC6E81C} -> [OneDrive - etu.u-cergy.fr] => C:\Users\MCFIVE\OneDrive - etu.u-cergy.fr [2022-12-06 13:22] CustomCLSID: HKU\S-1-5-21-916869094-3403233507-1452638425-1010_Classes\CLSID\{06B74C04-E813-4DD4-A972-172836EFA8D6}\InprocServer32 -> C:\Users\MCFIVE\AppData\Local\BraveSoftware\Update\1.3.361.151\psuser_64.dll (Brave Software, Inc. -> BraveSoftware Inc.) CustomCLSID: HKU\S-1-5-21-916869094-3403233507-1452638425-1010_Classes\CLSID\{06C9646D-2807-44C0-97D2-6DA0DB623DB4}\localserver32 -> C:\Users\MCFIVE\AppData\Local\BraveSoftware\Brave-Browser\Application\134.1.76.82\notification_helper.exe (Brave Software, Inc. -> Brave Software, Inc.) CustomCLSID: HKU\S-1-5-21-916869094-3403233507-1452638425-1010_Classes\CLSID\{13357088-9834-0409-1600-134951500000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe) CustomCLSID: HKU\S-1-5-21-916869094-3403233507-1452638425-1010_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\MCFIVE\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.24313.1\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-916869094-3403233507-1452638425-1010_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Users\MCFIVE\AppData\Local\Google\GoogleUpdater\136.0.7079.0\updater.exe (Google LLC -> Google LLC) CustomCLSID: HKU\S-1-5-21-916869094-3403233507-1452638425-1010_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe) CustomCLSID: HKU\S-1-5-21-916869094-3403233507-1452638425-1010_Classes\CLSID\{4e6f7264-5650-4e00-0000-000000000000}\localserver32 -> C:\Program Files\NordVPN\NordVPN.exe (nordvpn s.a. -> NordVPN) CustomCLSID: HKU\S-1-5-21-916869094-3403233507-1452638425-1010_Classes\CLSID\{547E9AEF-8043-5D26-879F-01E7664192DC}\localserver32 -> C:\Users\MCFIVE\AppData\Local\Google\GoogleUpdater\136.0.7079.0\updater.exe (Google LLC -> Google LLC) CustomCLSID: HKU\S-1-5-21-916869094-3403233507-1452638425-1010_Classes\CLSID\{6DDCE70D-A4AE-4E97-908C-BE7B2DB750AD}\localserver32 -> C:\Users\MCFIVE\AppData\Local\Google\GoogleUpdater\136.0.7079.0\updater.exe (Google LLC -> Google LLC) CustomCLSID: HKU\S-1-5-21-916869094-3403233507-1452638425-1010_Classes\CLSID\{9B9D6EB5-17B3-5292-8995-4537F9449B4A}\localserver32 -> C:\Users\MCFIVE\AppData\Local\Google\GoogleUpdater\136.0.7079.0\updater.exe (Google LLC -> Google LLC) CustomCLSID: HKU\S-1-5-21-916869094-3403233507-1452638425-1010_Classes\CLSID\{9C2CAD0E-C084-478E-B922-37EAB1DF062B}\localserver32 -> C:\Users\MCFIVE\AppData\Local\Vivaldi\Application\7.3.3635.2\notification_helper.exe (Vivaldi Technologies AS -> Vivaldi Technologies AS) CustomCLSID: HKU\S-1-5-21-916869094-3403233507-1452638425-1010_Classes\CLSID\{ECC20441-2AE9-44E2-86C6-3AA267D2C7F9}\InprocServer32 -> C:\Users\MCFIVE\AppData\Local\BraveSoftware\Update\1.3.361.151\psuser_64.dll (Brave Software, Inc. -> BraveSoftware Inc.) CustomCLSID: HKU\S-1-5-21-916869094-3403233507-1452638425-1010_Classes\CLSID\{F6E536F5-F795-49CE-A85D-2DA66503C6F1}\InprocServer32 -> C:\Users\MCFIVE\AppData\Local\BraveSoftware\Update\1.3.361.151\psuser_64.dll (Brave Software, Inc. -> BraveSoftware Inc.) CustomCLSID: HKU\S-1-5-21-916869094-3403233507-1452638425-1011_Classes\CLSID\{4e6f7264-5650-4e00-0000-000000000000}\localserver32 -> C:\Program Files\NordVPN\NordVPN.exe (nordvpn s.a. -> NordVPN) ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Fichier non signé] ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2025-03-18] (Malwarebytes Inc. -> Malwarebytes) ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Fichier non signé] ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\windows\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_ee20464bb4ac57f4\nvshext.dll [2022-08-23] (Nvidia Corporation -> NVIDIA Corporation) ContextMenuHandlers5: [NvQuadroView] -> {1E9B04FB-F9E5-4718-997B-B8DA88302A48} => C:\Program Files\NVIDIA Corporation\nview\nvshell.dll [2021-02-24] (NVIDIA Corporation -> NVIDIA Corporation) ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Fichier non signé] ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2025-03-18] (Malwarebytes Inc. -> Malwarebytes) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal) ==================== Codecs (Avec liste blanche) ==================== ==================== Raccourcis & WMI ======================== ==================== Modules chargés (Avec liste blanche) ============= 2025-03-28 12:44 - 2025-03-28 12:44 - 000009216 ____N () [Fichier non signé] C:\Users\MCFIVE\AppData\Local\Temp\flatlaf.temp\flatlaf-windows-x86_64-1018020782099000.dll 2020-07-26 15:29 - 2020-07-26 15:29 - 000140288 _____ (Artyom Gorchakov and Contributors) [Fichier non signé] [Fichier en cours d'utilisation] C:\Program Files (x86)\oDownloader\Citrus.Avalonia.dll 2020-12-10 20:45 - 2020-12-10 20:45 - 000048640 _____ (Avalonia.Animation) [Fichier non signé] [Fichier en cours d'utilisation] C:\Program Files (x86)\oDownloader\Avalonia.Animation.dll 2020-12-10 20:45 - 2020-12-10 20:45 - 000219136 _____ (Avalonia.Base) [Fichier non signé] [Fichier en cours d'utilisation] C:\Program Files (x86)\oDownloader\Avalonia.Base.dll 2020-12-10 20:45 - 2020-12-10 20:45 - 000716800 _____ (Avalonia.Controls) [Fichier non signé] [Fichier en cours d'utilisation] C:\Program Files (x86)\oDownloader\Avalonia.Controls.dll 2020-12-10 20:45 - 2020-12-10 20:45 - 000005632 _____ (Avalonia.Desktop) [Fichier non signé] [Fichier en cours d'utilisation] C:\Program Files (x86)\oDownloader\Avalonia.Desktop.dll 2020-12-10 20:45 - 2020-12-10 20:45 - 000025600 _____ (Avalonia.DesktopRuntime) [Fichier non signé] [Fichier en cours d'utilisation] C:\Program Files (x86)\oDownloader\Avalonia.DesktopRuntime.dll 2020-12-10 20:45 - 2020-12-10 20:45 - 000081920 _____ (Avalonia.Input) [Fichier non signé] [Fichier en cours d'utilisation] C:\Program Files (x86)\oDownloader\Avalonia.Input.dll 2020-12-10 20:45 - 2020-12-10 20:45 - 000020480 _____ (Avalonia.Interactivity) [Fichier non signé] [Fichier en cours d'utilisation] C:\Program Files (x86)\oDownloader\Avalonia.Interactivity.dll 2020-12-10 20:45 - 2020-12-10 20:45 - 000072192 _____ (Avalonia.Layout) [Fichier non signé] [Fichier en cours d'utilisation] C:\Program Files (x86)\oDownloader\Avalonia.Layout.dll 2020-12-10 20:45 - 2020-12-10 20:45 - 000048640 _____ (Avalonia.Markup) [Fichier non signé] [Fichier en cours d'utilisation] C:\Program Files (x86)\oDownloader\Avalonia.Markup.dll 2020-12-10 20:45 - 2020-12-10 20:45 - 000054272 _____ (Avalonia.Markup.Xaml) [Fichier non signé] [Fichier en cours d'utilisation] C:\Program Files (x86)\oDownloader\Avalonia.Markup.Xaml.dll 2020-12-10 20:45 - 2020-12-10 20:45 - 000013824 _____ (Avalonia.MicroCom) [Fichier non signé] [Fichier en cours d'utilisation] C:\Program Files (x86)\oDownloader\Avalonia.MicroCom.dll 2020-12-10 20:45 - 2020-12-10 20:45 - 000304128 _____ (Avalonia.OpenGL) [Fichier non signé] [Fichier en cours d'utilisation] C:\Program Files (x86)\oDownloader\Avalonia.OpenGL.dll 2020-12-10 20:45 - 2020-12-10 20:45 - 000021504 _____ (Avalonia.ReactiveUI) [Fichier non signé] [Fichier en cours d'utilisation] C:\Program Files (x86)\oDownloader\Avalonia.ReactiveUI.dll 2020-12-10 20:45 - 2020-12-10 20:45 - 000096768 _____ (Avalonia.Skia) [Fichier non signé] [Fichier en cours d'utilisation] C:\Program Files (x86)\oDownloader\Avalonia.Skia.dll 2020-12-10 20:45 - 2020-12-10 20:45 - 000069120 _____ (Avalonia.Styling) [Fichier non signé] [Fichier en cours d'utilisation] C:\Program Files (x86)\oDownloader\Avalonia.Styling.dll 2020-12-10 20:45 - 2020-12-10 20:45 - 000413184 _____ (Avalonia.Themes.Default) [Fichier non signé] [Fichier en cours d'utilisation] C:\Program Files (x86)\oDownloader\Avalonia.Themes.Default.dll 2020-12-10 20:45 - 2020-12-10 20:45 - 000341504 _____ (Avalonia.Visuals) [Fichier non signé] [Fichier en cours d'utilisation] C:\Program Files (x86)\oDownloader\Avalonia.Visuals.dll 2020-12-10 20:45 - 2020-12-10 20:45 - 000295936 _____ (Avalonia.Win32) [Fichier non signé] [Fichier en cours d'utilisation] C:\Program Files (x86)\oDownloader\Avalonia.Win32.dll 2020-09-11 08:53 - 2020-09-11 08:53 - 008656240 _____ (Code Sign Test (DO NOT TRUST) -> ) [Fichier non signé] C:\Program Files (x86)\oDownloader\libSkiaSharp.DLL 2020-09-11 08:53 - 2020-09-11 08:53 - 000405872 _____ (Code Sign Test (DO NOT TRUST) -> Microsoft Corporation) [Fichier non signé] [Fichier en cours d'utilisation] C:\Program Files (x86)\oDownloader\SkiaSharp.dll 2021-06-18 00:05 - 2021-06-18 00:05 - 000008192 _____ (GoogleUA) [Fichier non signé] [Fichier en cours d'utilisation] C:\Program Files (x86)\oDownloader\GoogleUA.dll 2021-01-14 15:21 - 2019-02-21 17:00 - 000078336 _____ (Igor Pavlov) [Fichier non signé] C:\Program Files\7-Zip\7-zip.dll 2025-03-28 12:45 - 2025-03-28 12:45 - 000245760 ____N (Java(TM) Native Access (JNA)) [Fichier non signé] C:\Users\MCFIVE\AppData\Local\Temp\jna--2026488504\jna18281881277852491952.dll 2020-12-16 21:04 - 2020-12-16 21:04 - 004267008 _____ (Lary) [Fichier non signé] [Fichier en cours d'utilisation] C:\Program Files (x86)\oDownloader\MessageBox.Avalonia.dll 2020-10-25 01:52 - 2020-10-25 01:52 - 000024576 _____ (Matthew King) [Fichier non signé] [Fichier en cours d'utilisation] C:\Program Files (x86)\oDownloader\DeviceId.dll 2021-06-18 00:05 - 2021-06-18 00:05 - 002203648 _____ (oDownloader) [Fichier non signé] [Fichier en cours d'utilisation] C:\Program Files (x86)\oDownloader\oDownloader.dll 2025-03-28 12:45 - 2025-03-28 12:45 - 000211456 ____N (www.pretty-tools.com) [Fichier non signé] C:\Users\MCFIVE\AppData\Local\Temp\jna--2026488504\jna1836568753857134438.dll ==================== Alternate Data Streams (Avec liste blanche) ======== (Si un élément est inclus dans le fichier fixlist.txt, seul le flux de données additionnel (ADS - Alternate Data Stream) sera supprimé.) AlternateDataStreams: C:\Users\MCFIVE\Desktop\FRAUDE CB FNEO 21 02 2023.jpg:shield [101] AlternateDataStreams: C:\Users\MCFIVE\Desktop\FRAUDE DEBIT CB FNEO 21 02 2023.jpg:shield [107] AlternateDataStreams: C:\Users\MCFIVE\Desktop\LIVRE GIGANTESQUE SECRET ANCIENS.MP4:shield [110] AlternateDataStreams: C:\Users\MCFIVE\Desktop\pedo Je rajouterai qu’il soit aussi brûlé.mp4:shield [91] AlternateDataStreams: C:\Users\MCFIVE\Desktop\rib-revolut_e36c08.pdf:shield [93] AlternateDataStreams: C:\Users\MCFIVE\Desktop\SIMONE WEIL UKRAINE NAZIS.mp4:shield [120] AlternateDataStreams: C:\Users\MCFIVE\Desktop\WhatsApp Image 2025-02-07 à 18.24.22_18f97eb6.jpg:shield [120] AlternateDataStreams: C:\Users\MCFIVE\Desktop\WhatsApp Vidéo 2025-02-07 à 18.19.36_7b8168a0.mp4:shield [120] AlternateDataStreams: C:\Users\MCFIVE\Downloads\07account-terms-cards-mastercard-fr (1).pdf:shield [180] AlternateDataStreams: C:\Users\MCFIVE\Downloads\07account-terms-cards-mastercard-fr.pdf:shield [176] AlternateDataStreams: C:\Users\MCFIVE\Downloads\2zLY4aPi35fRz5RF6lbF4zO23Xhl9M7C-1733477589.jpg:shield [198] AlternateDataStreams: C:\Users\MCFIVE\Downloads\2_36c6bc06-2887-4f68-baf9-4ff557f6f2c7 (1).pdf:shield [596] AlternateDataStreams: C:\Users\MCFIVE\Downloads\2_36c6bc06-2887-4f68-baf9-4ff557f6f2c7 (2).pdf:shield [596] AlternateDataStreams: C:\Users\MCFIVE\Downloads\2_36c6bc06-2887-4f68-baf9-4ff557f6f2c7.pdf:shield [115] AlternateDataStreams: C:\Users\MCFIVE\Downloads\2_986a1b33-9a10-4401-b9e5-9ed378058a94.pdf:shield [592] AlternateDataStreams: C:\Users\MCFIVE\Downloads\3045953109475676_payment (1).pdf:shield [203] AlternateDataStreams: C:\Users\MCFIVE\Downloads\3045953109475676_payment.pdf:shield [199] AlternateDataStreams: C:\Users\MCFIVE\Downloads\3046397849425676_payment (1).pdf:shield [203] AlternateDataStreams: C:\Users\MCFIVE\Downloads\3046397849425676_payment.pdf:shield [199] AlternateDataStreams: C:\Users\MCFIVE\Downloads\3046510529615676_payment (1).pdf:shield [203] AlternateDataStreams: C:\Users\MCFIVE\Downloads\3046510529615676_payment.pdf:shield [199] AlternateDataStreams: C:\Users\MCFIVE\Downloads\49410334917 - Rapport sur l'historique des trades(2).xls:shield [131] AlternateDataStreams: C:\Users\MCFIVE\Downloads\49410334917 - Rapport sur l'historique des trades(3).xls:shield [131] AlternateDataStreams: C:\Users\MCFIVE\Downloads\49410334917 - Rapport sur l'historique des trades(4).xls:shield [131] AlternateDataStreams: C:\Users\MCFIVE\Downloads\49410334917 - Rapport sur l'historique des trades(5).xls:shield [131] AlternateDataStreams: C:\Users\MCFIVE\Downloads\49410334917 - Rapport sur l'historique des trades(6).xls:shield [131] AlternateDataStreams: C:\Users\MCFIVE\Downloads\49410334917 - Rapport sur l'historique des trades(7).xls:shield [131] AlternateDataStreams: C:\Users\MCFIVE\Downloads\4Idw4M2WdFl6G9j0Fh9cGZ7c6vNzO72g-1733476007.jpg:shield [198] AlternateDataStreams: C:\Users\MCFIVE\Downloads\7GvV2vF1coU5Ib9u5UYl78xTK2jbM3t1-1733475608.jpg:shield [198] AlternateDataStreams: C:\Users\MCFIVE\Downloads\ACCORD DE PRÊT_encrypted_.pdf:shield [249] AlternateDataStreams: C:\Users\MCFIVE\Downloads\ACCORD DE SERVICES DE DONNÉES STATISTIQUES_encrypted_.pdf:shield [277] AlternateDataStreams: C:\Users\MCFIVE\Downloads\ACCORD POUR ÉVÉNEMENT GAP_encrypted_-1.pdf:shield [262] AlternateDataStreams: C:\Users\MCFIVE\Downloads\ACCORD POUR ÉVÉNEMENT GAP_encrypted_.pdf:shield [260] AlternateDataStreams: C:\Users\MCFIVE\Downloads\ALERTE, SORTEZ VOS ENFANTS EDSENS.mp4:shield [112] AlternateDataStreams: C:\Users\MCFIVE\Downloads\archive(1).zip:shield [585] AlternateDataStreams: C:\Users\MCFIVE\Downloads\archive(2).zip:shield [796] AlternateDataStreams: C:\Users\MCFIVE\Downloads\archive(3).zip:shield [796] AlternateDataStreams: C:\Users\MCFIVE\Downloads\archive(4).zip:shield [582] AlternateDataStreams: C:\Users\MCFIVE\Downloads\archive(5).zip:shield [582] AlternateDataStreams: C:\Users\MCFIVE\Downloads\ATTESTATION LIBRE - Acte 100212015_20305693.pdf:shield [603] AlternateDataStreams: C:\Users\MCFIVE\Downloads\avis-d-opere-30-janvier-2025.pdf:shield [264] AlternateDataStreams: C:\Users\MCFIVE\Downloads\BRONCHITTE TOUX RHUMEvideo_2023-09-25_10-09-44.mp4:shield [124] AlternateDataStreams: C:\Users\MCFIVE\Downloads\COMPTEDEDEPOTS_00826049465_20241002.pdf:shield [114] AlternateDataStreams: C:\Users\MCFIVE\Downloads\COMPTEDEDEPOTS_00826049465_20241031-1.pdf:shield [116] AlternateDataStreams: C:\Users\MCFIVE\Downloads\COMPTEDEDEPOTS_00826049465_20241031-2.pdf:shield [116] AlternateDataStreams: C:\Users\MCFIVE\Downloads\COMPTEDEDEPOTS_00826049465_20241031.pdf:shield [114] AlternateDataStreams: C:\Users\MCFIVE\Downloads\comptes (1).xlsx:shield [231] AlternateDataStreams: C:\Users\MCFIVE\Downloads\comptes(8).xlsx:shield [300] AlternateDataStreams: C:\Users\MCFIVE\Downloads\Confirmation de virement_1730740121173.pdf:shield [267] AlternateDataStreams: C:\Users\MCFIVE\Downloads\Confirmation de virement_1738346398307.pdf:shield [267] AlternateDataStreams: C:\Users\MCFIVE\Downloads\CONFIRMATION OF FUNDS RECEIPT_.pdf:mshield [590] AlternateDataStreams: C:\Users\MCFIVE\Downloads\coordonnees-bancaires-fortuneo (3).pdf:shield [201] AlternateDataStreams: C:\Users\MCFIVE\Downloads\coordonnees-bancaires-fortuneo-10.pdf:mshield [200] AlternateDataStreams: C:\Users\MCFIVE\Downloads\coordonnees-bancaires-fortuneo-11.pdf:mshield [200] AlternateDataStreams: C:\Users\MCFIVE\Downloads\coordonnees-bancaires-fortuneo-12.pdf:mshield [200] AlternateDataStreams: C:\Users\MCFIVE\Downloads\coordonnees-bancaires-fortuneo-2.pdf:shield [199] AlternateDataStreams: C:\Users\MCFIVE\Downloads\coordonnees-bancaires-fortuneo-3.pdf:shield [199] AlternateDataStreams: C:\Users\MCFIVE\Downloads\coordonnees-bancaires-fortuneo-4.pdf:shield [199] AlternateDataStreams: C:\Users\MCFIVE\Downloads\coordonnees-bancaires-fortuneo-6.pdf:mshield [199] AlternateDataStreams: C:\Users\MCFIVE\Downloads\coordonnees-bancaires-fortuneo-8.pdf:mshield [199] AlternateDataStreams: C:\Users\MCFIVE\Downloads\coordonnees-bancaires-fortuneo-9.pdf:mshield [199] AlternateDataStreams: C:\Users\MCFIVE\Downloads\Copie AAE PARTAGE GOENEUTTE Christiane veuve BONNIN_20305014 (1).pdf:shield [618] AlternateDataStreams: C:\Users\MCFIVE\Downloads\Copie AAE PARTAGE GOENEUTTE Christiane veuve BONNIN_20305014.pdf:shield [614] AlternateDataStreams: C:\Users\MCFIVE\Downloads\Demande de pièces manquantes ou non conformes.pdf:shield [599] AlternateDataStreams: C:\Users\MCFIVE\Downloads\DISCLAIMER FORM_.pdf:mshield [570] AlternateDataStreams: C:\Users\MCFIVE\Downloads\exodus-windows-x64-25.5.2.exe:shield [157] AlternateDataStreams: C:\Users\MCFIVE\Downloads\Extrait de comptes Compte 10150 000203886.. C_C CONTRAT PERSONNEL GLOBAL M OU MME MICHEL CARMAGNAT au 2025-01-31.pdf:shield [367] AlternateDataStreams: C:\Users\MCFIVE\Downloads\Formulaire (2)-1.pdf:mshield [570] AlternateDataStreams: C:\Users\MCFIVE\Downloads\Formulaire (2)-2.pdf:mshield [576] AlternateDataStreams: C:\Users\MCFIVE\Downloads\Formulaire (2).pdf:mshield [568] AlternateDataStreams: C:\Users\MCFIVE\Downloads\Formulaire-1.pdf:shield [566] AlternateDataStreams: C:\Users\MCFIVE\Downloads\Formulaire.pdf:shield [564] AlternateDataStreams: C:\Users\MCFIVE\Downloads\fortuneo-livetrader-x64(29).exe:shield [156] AlternateDataStreams: C:\Users\MCFIVE\Downloads\fortuneo-livetrader-x64(30).exe:shield [156] AlternateDataStreams: C:\Users\MCFIVE\Downloads\FRST64.exe:MBAM.Zone.Identifier [225] AlternateDataStreams: C:\Users\MCFIVE\Downloads\FRST64.exe:mshield [260] AlternateDataStreams: C:\Users\MCFIVE\Downloads\Fwd_ Vos ebillets.zip:shield [96] AlternateDataStreams: C:\Users\MCFIVE\Downloads\HistoriqueOperations_013193528040 (2).zip:shield [178] AlternateDataStreams: C:\Users\MCFIVE\Downloads\HistoriqueOperations_013193528040(1).zip:shield [177] AlternateDataStreams: C:\Users\MCFIVE\Downloads\HistoriqueOperations_013193528041.zip:mshield [174] AlternateDataStreams: C:\Users\MCFIVE\Downloads\I05D24355N01673D.pdf:shield [293] AlternateDataStreams: C:\Users\MCFIVE\Downloads\I05D24359N00358D.pdf:shield [293] AlternateDataStreams: C:\Users\MCFIVE\Downloads\I05D25022N01056D-1.pdf:shield [295] AlternateDataStreams: C:\Users\MCFIVE\Downloads\I05D25022N01056D-2.pdf:shield [295] AlternateDataStreams: C:\Users\MCFIVE\Downloads\I05D25022N01056D.pdf:shield [293] AlternateDataStreams: C:\Users\MCFIVE\Downloads\I05D25023N00975D.pdf:shield [293] AlternateDataStreams: C:\Users\MCFIVE\Downloads\iban_M_OU_MME_MICHEL_CARMAGNAT_00020388601 (1).pdf:shield [223] AlternateDataStreams: C:\Users\MCFIVE\Downloads\iban_M_OU_MME_MICHEL_CARMAGNAT_00020388601 (2).pdf:mshield [223] AlternateDataStreams: C:\Users\MCFIVE\Downloads\iban_M_OU_MME_MICHEL_CARMAGNAT_00020388601-2.pdf:shield [221] AlternateDataStreams: C:\Users\MCFIVE\Downloads\Image 2025-03-24 à 11.00.52_7db637f0.jpg:mshield [113] AlternateDataStreams: C:\Users\MCFIVE\Downloads\J. Bardella parlement européen.mp4 .mp4:shield [595] AlternateDataStreams: C:\Users\MCFIVE\Downloads\LINKS.pdf:mshield [559] AlternateDataStreams: C:\Users\MCFIVE\Downloads\MACIF 02 2024 _ALEXIS Assurance_MERCEDES_E_FW-587-HX.pdf:shield [262] AlternateDataStreams: C:\Users\MCFIVE\Downloads\MAIL.pdf:mshield [558] AlternateDataStreams: C:\Users\MCFIVE\Downloads\MBSetup.exe:mshield [139] AlternateDataStreams: C:\Users\MCFIVE\Downloads\Memo_piratage-de-compte.pdf:mshield [168] AlternateDataStreams: C:\Users\MCFIVE\Downloads\Mémo Véhicule Assuré.pdf:shield [574] AlternateDataStreams: C:\Users\MCFIVE\Downloads\N26 CL 04-11-2024.pdf:shield [153] AlternateDataStreams: C:\Users\MCFIVE\Downloads\Notice _ scan.pdf:shield [567] AlternateDataStreams: C:\Users\MCFIVE\Downloads\Numérisation_20250125 (4).png:shield [582] AlternateDataStreams: C:\Users\MCFIVE\Downloads\octobre novembre 2024.txt:mshield [111] AlternateDataStreams: C:\Users\MCFIVE\Downloads\octobre novembre 2024.txt:shield [111] AlternateDataStreams: C:\Users\MCFIVE\Downloads\p2p-transaction-confirmation-report_fr-fr_ee1acf.pdf:shield [127] AlternateDataStreams: C:\Users\MCFIVE\Downloads\Projet de partage.pdf:shield [574] AlternateDataStreams: C:\Users\MCFIVE\Downloads\Recap.(1).png:shield [569] AlternateDataStreams: C:\Users\MCFIVE\Downloads\Recap.(2).png:shield [569] AlternateDataStreams: C:\Users\MCFIVE\Downloads\Recap..png:shield [566] AlternateDataStreams: C:\Users\MCFIVE\Downloads\Releve-compte-28-02-2025.pdf:mshield [301] AlternateDataStreams: C:\Users\MCFIVE\Downloads\rib-revolut_e36c08.pdf:shield [228] AlternateDataStreams: C:\Users\MCFIVE\Downloads\Sayanims Richard Boutry nous parle des.mp4:shield [116] AlternateDataStreams: C:\Users\MCFIVE\Downloads\Scan.pdf:mshield [558] AlternateDataStreams: C:\Users\MCFIVE\Downloads\Transaction History.pdf:mshield [110] AlternateDataStreams: C:\Users\MCFIVE\Downloads\VID-20250117-WA0002(1).mp4:shield [582] AlternateDataStreams: C:\Users\MCFIVE\Downloads\VID-20250117-WA0002.mp4:shield [579] AlternateDataStreams: C:\Users\MCFIVE\Downloads\VIREMENT_INSTANTANE_04-11-2024 (1).pdf:shield [124] AlternateDataStreams: C:\Users\MCFIVE\Downloads\VIREMENT_INSTANTANE_04-11-2024.pdf:shield [107] AlternateDataStreams: C:\Users\MCFIVE\Downloads\VIREMENT_INSTANTANE_21-10-2024.pdf:shield [120] AlternateDataStreams: C:\Users\MCFIVE\Downloads\VIREMENT_INSTANTANE_21-11-2024.pdf:shield [120] AlternateDataStreams: C:\Users\MCFIVE\Downloads\WISE 35.pdf:shield [135] AlternateDataStreams: C:\Users\MCFIVE\Downloads\wise 797.jpeg:shield [164] AlternateDataStreams: C:\Users\MCFIVE\Downloads\wise797.jpeg:shield [163] AlternateDataStreams: C:\Users\MCFIVE\Downloads\В_МО_РФ_сообщили_об_уничтожении_сил_ВСУ_экипажами_Ка_52_и_Ми_28.mp4:shield [71] AlternateDataStreams: C:\Users\MCFIVE\Downloads\видос на 5.mp4:shield [71] AlternateDataStreams: C:\Users\MCFIVE\Documents\CB PIRATE MAROC.jpg:shield [92] AlternateDataStreams: C:\Users\MCFIVE\Documents\CICDocument_2024-11-25_162759.pdf:shield [103] AlternateDataStreams: C:\Users\MCFIVE\Documents\COLORANT E150 DANS LE COCA.mp4:shield [130] AlternateDataStreams: C:\Users\MCFIVE\Documents\cours de masturbation pour les enfants video2023-05-23_17-11-44.mp4:shield [142] AlternateDataStreams: C:\Users\MCFIVE\Documents\cours de masturbation pour les enfants vvideo_2023-05-24_19-45-48.mp4:shield [102] AlternateDataStreams: C:\Users\MCFIVE\Documents\eoyrtFCUyE.htm:shield [87] AlternateDataStreams: C:\Users\MCFIVE\Documents\Géant La grande Tartarie avec ses mystères cachés par la dernière grande réinitialisation 2024.mp4:shield [172] AlternateDataStreams: C:\Users\MCFIVE\Documents\httpst.meVeriteDiffusee20719 ssstik.io_1708404063893.mp4:shield [100] AlternateDataStreams: C:\Users\MCFIVE\Documents\Le Livre de la Honte.pdf:shield [174] AlternateDataStreams: C:\Users\MCFIVE\Documents\Loi «Pompidou-Giscard-Rothschild»–Rocard.mp4:shield [104] AlternateDataStreams: C:\Users\MCFIVE\Documents\LUNE WhatsApp Vidéo 2023-02-13 à 18.55.43.mp4:shield [120] AlternateDataStreams: C:\Users\MCFIVE\Documents\OperaSetup.exe:shield [325] AlternateDataStreams: C:\Users\MCFIVE\Documents\PASSEPOERT ALEX.pdf:shield [92] AlternateDataStreams: C:\Users\MCFIVE\Documents\Photo id alexis.jpg:shield [92] AlternateDataStreams: C:\Users\MCFIVE\Documents\P_Diddy TORTURES Hearing_VOSTFR.mp4:shield [99] AlternateDataStreams: C:\Users\MCFIVE\Documents\ROCK'n goal.jpg:shield [88] AlternateDataStreams: C:\Users\MCFIVE\Documents\tor-browser-windows-x86_64-portable-14.0.7.exe:mshield [199] AlternateDataStreams: C:\Users\MCFIVE\Documents\VEOLIA facture.pdf:shield [91] AlternateDataStreams: C:\Users\MCFIVE\Documents\VEOLIA_2024-09-18_140911.pdf:shield [103] AlternateDataStreams: C:\Users\MCFIVE\Documents\video covid_micro reste ouvert 2024-10-01_08-14-21.mp4:shield [129] AlternateDataStreams: C:\Users\MCFIVE\Documents\video_2023-05-15_13-37-39.mp4:shield [102] AlternateDataStreams: C:\Users\MCFIVE\Documents\video_2024-06-05_00-59-44.mp4:shield [102] ==================== Mode sans échec (Avec liste blanche) ================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le "AlternateShell" sera restauré.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Association (Avec liste blanche) ================= ==================== Internet Explorer (Avec liste blanche) ============= ==================== Hosts contenu: ========================= (Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.) 2019-12-07 10:14 - 2025-03-28 15:33 - 000000066 _____ C:\windows\system32\drivers\etc\hosts 127.0.0.1 localhost 100.103.1.237 mcarmagnat-everest.nord 2021-03-17 19:48 - 2024-12-13 16:39 - 000000446 _____ C:\windows\system32\drivers\etc\hosts.ics ==================== Autres zones =========================== (Actuellement, il n'y a pas de correction automatique pour cette section.) HKU\S-1-5-21-916869094-3403233507-1452638425-1010\Control Panel\Desktop\\Wallpaper -> HKU\S-1-5-21-916869094-3403233507-1452638425-1011\Control Panel\Desktop\\Wallpaper -> C:\windows\system32\oobe\info\backgrounds\background.jpg DNS Servers: 192.168.0.254 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Le Pare-feu est activé. Network Binding: ============= NordLwf: NordVPN LightWeight Firewall ==================== MSCONFIG/TASK MANAGER éléments désactivés == ==================== RèglesPare-feu (Avec liste blanche) ================ (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) FirewallRules: [TCP Query User{D60B41B9-1D73-41C7-9033-BE169A26D86E}C:\users\mcfive\appdata\local\vivaldi\application\vivaldi.exe] => (Block) C:\users\mcfive\appdata\local\vivaldi\application\vivaldi.exe (Vivaldi Technologies AS -> Vivaldi Technologies AS) FirewallRules: [UDP Query User{14FE2E83-622A-4CB4-A403-D374C0B37C2A}C:\users\mcfive\appdata\local\vivaldi\application\vivaldi.exe] => (Block) C:\users\mcfive\appdata\local\vivaldi\application\vivaldi.exe (Vivaldi Technologies AS -> Vivaldi Technologies AS) FirewallRules: [TCP Query User{68D77529-3839-4C42-B417-3AFBFC6103A3}C:\users\mcfive\appdata\local\programs\opera\opera.exe] => (Block) C:\users\mcfive\appdata\local\programs\opera\opera.exe (Opera Norway AS -> Opera Software) FirewallRules: [UDP Query User{02348F49-05FE-4A06-90D4-7E8F268E5B7D}C:\users\mcfive\appdata\local\programs\opera\opera.exe] => (Block) C:\users\mcfive\appdata\local\programs\opera\opera.exe (Opera Norway AS -> Opera Software) FirewallRules: [TCP Query User{6A34E8D0-C155-4D29-95DE-62BE97D2E319}C:\users\mcfive\downloads\anydesk(1).exe] => (Block) C:\users\mcfive\downloads\anydesk(1).exe (AnyDesk Software GmbH -> AnyDesk Software GmbH) FirewallRules: [UDP Query User{6020A4A2-7250-4CCE-BD18-5D38CA664759}C:\users\mcfive\downloads\anydesk(1).exe] => (Block) C:\users\mcfive\downloads\anydesk(1).exe (AnyDesk Software GmbH -> AnyDesk Software GmbH) FirewallRules: [{95F4AB6B-67FC-489E-BA0D-AB565AE631AD}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{6A9376FC-38F7-426D-BDE1-3AB0FDBD7BC4}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{B6019617-2E44-46E9-B399-0B4E8D1EAC66}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.138.3209.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{1C663100-95A6-47EB-8C9E-928305F5E680}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.138.3209.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{3742F8FB-3ACA-4F16-ACEE-F16D85B900B9}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.138.3209.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{C9039B76-37F1-47E7-837E-0FF1DA6D8D3F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.138.3209.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{72F9B03F-D6A3-4526-A72C-42D9664DCB94}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\134.0.3124.83\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{34E9D7A6-95EA-4E57-AA0D-13EE5921D41E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.138.3211.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{E7B3635C-1C09-4473-B873-F0926967F48C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.138.3211.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{E1E10063-D9AE-4DD2-98F3-AA7DBFBC7B5C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.138.3211.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{C3F4F2F9-B1CC-4135-80AD-1DF0D7B28B47}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.138.3211.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{E867B9EA-C3E8-4243-89AD-C62645D9D8E3}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{736089C3-8697-4277-AD24-3B1F003BC99F}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\134.0.3124.85\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{CC3E9124-EDCD-44AE-8D6C-82E516D6B9B8}] => (Allow) C:\Program Files\NordVPN\nordvpn-service.exe (nordvpn s.a. -> NordVPN) FirewallRules: [{F0A3921A-5C6A-47C2-841D-B257C93FAB26}] => (Allow) C:\Program Files\NordVPN\nordvpn-service.exe (nordvpn s.a. -> NordVPN) FirewallRules: [{74322B61-5EA8-4013-8871-605845965A17}] => (Allow) C:\Program Files\NordVPN\NordVPN.exe (nordvpn s.a. -> NordVPN) FirewallRules: [{D85E93E6-F68E-4F81-AB63-0304A9740F9C}] => (Allow) C:\Program Files\NordVPN\NordVPN.exe (nordvpn s.a. -> NordVPN) ==================== Points de restauration ========================= Vérifiez le service "VSS" ==================== Éléments en erreur du Gestionnaire de périphériques ============ ==================== Erreurs du Journal des événements: ======================== Erreurs Application: ================== Error: (03/28/2025 08:07:38 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nom de l’application défaillante GigabyteDownloadAssistant.exe, version : 1.0.0.46, horodatage : 0x5e79d1c4 Nom du module défaillant : KERNELBASE.dll, version : 10.0.19041.5678, horodatage : 0x024a42e4 Code d’exception : 0xe0434352 Décalage d’erreur : 0x000000000003b699 ID du processus défaillant : 0x50b8 Heure de début de l’application défaillante : 0x01db9fb015732bdb Chemin d’accès de l’application défaillante : C:\windows\system32\GigabyteDownloadAssistant.exe Chemin d’accès du module défaillant: C:\windows\System32\KERNELBASE.dll ID de rapport : 15a33c73-be63-4111-9a23-accd95fb8c38 Nom complet du package défaillant : ID de l’application relative au package défaillant : Error: (03/28/2025 08:07:37 AM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Application : GigabyteDownloadAssistant.exe Version du Framework : v4.0.30319 Description : le processus a été arrêté en raison d'une exception non gérée. Informations sur l'exception : System.UnauthorizedAccessException à System.IO.__Error.WinIOError(Int32, System.String) à System.IO.FileStream.Init(System.String, System.IO.FileMode, System.IO.FileAccess, Int32, Boolean, System.IO.FileShare, Int32, System.IO.FileOptions, SECURITY_ATTRIBUTES, System.String, Boolean, Boolean, Boolean) à System.IO.FileStream..ctor(System.String, System.IO.FileMode, System.IO.FileAccess, System.IO.FileShare, Int32, System.IO.FileOptions, System.String, Boolean, Boolean, Boolean) à System.IO.StreamWriter.CreateFile(System.String, Boolean, Boolean) à System.IO.StreamWriter..ctor(System.String, Boolean, System.Text.Encoding, Int32, Boolean) à System.IO.StreamWriter..ctor(System.String, Boolean, System.Text.Encoding) à System.IO.File.InternalAppendAllText(System.String, System.String, System.Text.Encoding) à GigabyteDownloadAssistant.Utilities.Log.AppLogFile.Write(System.String, System.Diagnostics.EventLogEntryType) à GigabyteDownloadAssistant.MainWindow..ctor() Informations sur l'exception : System.Windows.Markup.XamlParseException à System.Windows.Markup.XamlReader.RewrapException(System.Exception, System.Xaml.IXamlLineInfo, System.Uri) à System.Windows.Markup.WpfXamlLoader.Load(System.Xaml.XamlReader, System.Xaml.IXamlObjectWriterFactory, Boolean, System.Object, System.Xaml.XamlObjectWriterSettings, System.Uri) à System.Windows.Markup.WpfXamlLoader.LoadBaml(System.Xaml.XamlReader, Boolean, System.Object, System.Xaml.Permissions.XamlAccessLevel, System.Uri) à System.Windows.Markup.XamlReader.LoadBaml(System.IO.Stream, System.Windows.Markup.ParserContext, System.Object, Boolean) à System.Windows.Application.LoadBamlStreamWithSyncInfo(System.IO.Stream, System.Windows.Markup.ParserContext) à System.Windows.Application.DoStartup() à System.Windows.Application.<.ctor>b__1_0(System.Object) à System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32) à System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate) à System.Windows.Threading.DispatcherOperation.InvokeImpl() à MS.Internal.CulturePreservingExecutionContext.CallbackWrapper(System.Object) à System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) à System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) à System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object) à MS.Internal.CulturePreservingExecutionContext.Run(MS.Internal.CulturePreservingExecutionContext, System.Threading.ContextCallback, System.Object) à System.Windows.Threading.DispatcherOperation.Invoke() à System.Windows.Threading.Dispatcher.ProcessQueue() à System.Windows.Threading.Dispatcher.WndProcHook(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef) à MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef) à MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object) à System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32) à System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate) à System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32) à MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr) à MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef) à System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame) à System.Windows.Application.RunDispatcher(System.Object) à System.Windows.Application.RunInternal(System.Windows.Window) à GigabyteDownloadAssistant.App.Main() Error: (03/27/2025 08:28:54 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nom de l’application défaillante GigabyteDownloadAssistant.exe, version : 1.0.0.46, horodatage : 0x5e79d1c4 Nom du module défaillant : KERNELBASE.dll, version : 10.0.19041.5678, horodatage : 0x024a42e4 Code d’exception : 0xe0434352 Décalage d’erreur : 0x000000000003b699 ID du processus défaillant : 0x2d30 Heure de début de l’application défaillante : 0x01db9ee9e43c20c9 Chemin d’accès de l’application défaillante : C:\windows\system32\GigabyteDownloadAssistant.exe Chemin d’accès du module défaillant: C:\windows\System32\KERNELBASE.dll ID de rapport : c733bf74-4d3c-4d9a-a844-8581e70ae5b1 Nom complet du package défaillant : ID de l’application relative au package défaillant : Error: (03/27/2025 08:28:54 AM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Application : GigabyteDownloadAssistant.exe Version du Framework : v4.0.30319 Description : le processus a été arrêté en raison d'une exception non gérée. Informations sur l'exception : System.UnauthorizedAccessException à System.IO.__Error.WinIOError(Int32, System.String) à System.IO.FileStream.Init(System.String, System.IO.FileMode, System.IO.FileAccess, Int32, Boolean, System.IO.FileShare, Int32, System.IO.FileOptions, SECURITY_ATTRIBUTES, System.String, Boolean, Boolean, Boolean) à System.IO.FileStream..ctor(System.String, System.IO.FileMode, System.IO.FileAccess, System.IO.FileShare, Int32, System.IO.FileOptions, System.String, Boolean, Boolean, Boolean) à System.IO.StreamWriter.CreateFile(System.String, Boolean, Boolean) à System.IO.StreamWriter..ctor(System.String, Boolean, System.Text.Encoding, Int32, Boolean) à System.IO.StreamWriter..ctor(System.String, Boolean, System.Text.Encoding) à System.IO.File.InternalAppendAllText(System.String, System.String, System.Text.Encoding) à GigabyteDownloadAssistant.Utilities.Log.AppLogFile.Write(System.String, System.Diagnostics.EventLogEntryType) à GigabyteDownloadAssistant.MainWindow..ctor() Informations sur l'exception : System.Windows.Markup.XamlParseException à System.Windows.Markup.XamlReader.RewrapException(System.Exception, System.Xaml.IXamlLineInfo, System.Uri) à System.Windows.Markup.WpfXamlLoader.Load(System.Xaml.XamlReader, System.Xaml.IXamlObjectWriterFactory, Boolean, System.Object, System.Xaml.XamlObjectWriterSettings, System.Uri) à System.Windows.Markup.WpfXamlLoader.LoadBaml(System.Xaml.XamlReader, Boolean, System.Object, System.Xaml.Permissions.XamlAccessLevel, System.Uri) à System.Windows.Markup.XamlReader.LoadBaml(System.IO.Stream, System.Windows.Markup.ParserContext, System.Object, Boolean) à System.Windows.Application.LoadBamlStreamWithSyncInfo(System.IO.Stream, System.Windows.Markup.ParserContext) à System.Windows.Application.DoStartup() à System.Windows.Application.<.ctor>b__1_0(System.Object) à System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32) à System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate) à System.Windows.Threading.DispatcherOperation.InvokeImpl() à MS.Internal.CulturePreservingExecutionContext.CallbackWrapper(System.Object) à System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) à System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) à System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object) à MS.Internal.CulturePreservingExecutionContext.Run(MS.Internal.CulturePreservingExecutionContext, System.Threading.ContextCallback, System.Object) à System.Windows.Threading.DispatcherOperation.Invoke() à System.Windows.Threading.Dispatcher.ProcessQueue() à System.Windows.Threading.Dispatcher.WndProcHook(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef) à MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef) à MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object) à System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32) à System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate) à System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32) à MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr) à MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef) à System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame) à System.Windows.Application.RunDispatcher(System.Object) à System.Windows.Application.RunInternal(System.Windows.Window) à GigabyteDownloadAssistant.App.Main() Error: (03/27/2025 08:07:51 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nom de l’application défaillante GigabyteDownloadAssistant.exe, version : 1.0.0.46, horodatage : 0x5e79d1c4 Nom du module défaillant : KERNELBASE.dll, version : 10.0.19041.5607, horodatage : 0x18768d24 Code d’exception : 0xe0434352 Décalage d’erreur : 0x000000000003b699 ID du processus défaillant : 0x1070 Heure de début de l’application défaillante : 0x01db9ee6f3421b91 Chemin d’accès de l’application défaillante : C:\windows\system32\GigabyteDownloadAssistant.exe Chemin d’accès du module défaillant: C:\windows\System32\KERNELBASE.dll ID de rapport : 38a9c631-3932-4fa8-8782-6192b201b171 Nom complet du package défaillant : ID de l’application relative au package défaillant : Error: (03/27/2025 08:07:51 AM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Application : GigabyteDownloadAssistant.exe Version du Framework : v4.0.30319 Description : le processus a été arrêté en raison d'une exception non gérée. Informations sur l'exception : System.UnauthorizedAccessException à System.IO.__Error.WinIOError(Int32, System.String) à System.IO.FileStream.Init(System.String, System.IO.FileMode, System.IO.FileAccess, Int32, Boolean, System.IO.FileShare, Int32, System.IO.FileOptions, SECURITY_ATTRIBUTES, System.String, Boolean, Boolean, Boolean) à System.IO.FileStream..ctor(System.String, System.IO.FileMode, System.IO.FileAccess, System.IO.FileShare, Int32, System.IO.FileOptions, System.String, Boolean, Boolean, Boolean) à System.IO.StreamWriter.CreateFile(System.String, Boolean, Boolean) à System.IO.StreamWriter..ctor(System.String, Boolean, System.Text.Encoding, Int32, Boolean) à System.IO.StreamWriter..ctor(System.String, Boolean, System.Text.Encoding) à System.IO.File.InternalAppendAllText(System.String, System.String, System.Text.Encoding) à GigabyteDownloadAssistant.Utilities.Log.AppLogFile.Write(System.String, System.Diagnostics.EventLogEntryType) à GigabyteDownloadAssistant.MainWindow..ctor() Informations sur l'exception : System.Windows.Markup.XamlParseException à System.Windows.Markup.XamlReader.RewrapException(System.Exception, System.Xaml.IXamlLineInfo, System.Uri) à System.Windows.Markup.WpfXamlLoader.Load(System.Xaml.XamlReader, System.Xaml.IXamlObjectWriterFactory, Boolean, System.Object, System.Xaml.XamlObjectWriterSettings, System.Uri) à System.Windows.Markup.WpfXamlLoader.LoadBaml(System.Xaml.XamlReader, Boolean, System.Object, System.Xaml.Permissions.XamlAccessLevel, System.Uri) à System.Windows.Markup.XamlReader.LoadBaml(System.IO.Stream, System.Windows.Markup.ParserContext, System.Object, Boolean) à System.Windows.Application.LoadBamlStreamWithSyncInfo(System.IO.Stream, System.Windows.Markup.ParserContext) à System.Windows.Application.DoStartup() à System.Windows.Application.<.ctor>b__1_0(System.Object) à System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32) à System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate) à System.Windows.Threading.DispatcherOperation.InvokeImpl() à MS.Internal.CulturePreservingExecutionContext.CallbackWrapper(System.Object) à System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) à System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) à System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object) à MS.Internal.CulturePreservingExecutionContext.Run(MS.Internal.CulturePreservingExecutionContext, System.Threading.ContextCallback, System.Object) à System.Windows.Threading.DispatcherOperation.Invoke() à System.Windows.Threading.Dispatcher.ProcessQueue() à System.Windows.Threading.Dispatcher.WndProcHook(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef) à MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef) à MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object) à System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32) à System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate) à System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32) à MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr) à MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef) à System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame) à System.Windows.Application.RunDispatcher(System.Object) à System.Windows.Application.RunInternal(System.Windows.Window) à GigabyteDownloadAssistant.App.Main() Error: (03/26/2025 03:20:21 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Erreur du service de cliché instantané des volumes : erreur lors de l’appel de la routine QueryFullProcessImageNameW. hr = 0x80070006, Descripteur non valide. Opération : Opération asynchrone en cours d’exécution Contexte : État actuel: DoSnapshotSet Error: (03/26/2025 01:22:17 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: PC_MATERIEL_NET) Description: Impossible de fermer l’application ou le service « NordVPN ». Erreurs système: ============= Error: (03/28/2025 08:33:24 AM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1796) (User: AUTORITE NT) Description: La mise à jour du démarrage sécurisé n’a pas pu mettre à jour une variable de démarrage sécurisé avec l'erreur (-2147020471 = Le démarrage sécurisé n’est pas activé sur cet ordinateur.). Pour plus d'informations, veuillez consulter https://go.microsoft.com/fwlink/?linkid=2169931 Error: (03/28/2025 08:10:38 AM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Le service Mozilla Maintenance Service s’est arrêté avec l’erreur : Fonction incorrecte. Error: (03/28/2025 08:10:35 AM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Le service Mozilla Maintenance Service s’est arrêté avec l’erreur : Fonction incorrecte. Error: (03/27/2025 08:33:24 PM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1796) (User: AUTORITE NT) Description: La mise à jour du démarrage sécurisé n’a pas pu mettre à jour une variable de démarrage sécurisé avec l'erreur (-2147020471 = Le démarrage sécurisé n’est pas activé sur cet ordinateur.). Pour plus d'informations, veuillez consulter https://go.microsoft.com/fwlink/?linkid=2169931 Error: (03/27/2025 08:33:24 AM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1796) (User: AUTORITE NT) Description: La mise à jour du démarrage sécurisé n’a pas pu mettre à jour une variable de démarrage sécurisé avec l'erreur (-2147020471 = Le démarrage sécurisé n’est pas activé sur cet ordinateur.). Pour plus d'informations, veuillez consulter https://go.microsoft.com/fwlink/?linkid=2169931 Error: (03/27/2025 08:32:18 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: AUTORITE NT) Description: Échec de l’installation : l’installation de la mise à jour suivante a échoue avec l’erreur 0x80073d02 : 9NMPJ99VJBWV-Microsoft.YourPhone. Error: (03/27/2025 08:30:27 AM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Le service Service Broker du moniteur d'exécution System Guard s’est arrêté avec l’erreur : %%3489660935 Error: (03/27/2025 08:30:27 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Le service Service Google Update (gupdate) n’a pas pu démarrer en raison de l’erreur : Le service n’a pas répondu assez vite à la demande de lancement ou de contrôle. Windows Defender: ================ Date: 2025-03-18 09:48:04 Description: Microsoft Defender Antivirus scan has been stopped before completion. Scan Type: Antimalware Scan Parameters: Quick Scan Date: 2025-03-16 08:47:49 Description: Microsoft Defender Antivirus scan has been stopped before completion. Scan Type: Antimalware Scan Parameters: Quick Scan Date: 2025-03-15 12:04:15 Description: Microsoft Defender Antivirus scan has been stopped before completion. Scan Type: Antimalware Scan Parameters: Quick Scan Date: 2025-03-14 08:40:23 Description: Microsoft Defender Antivirus scan has been stopped before completion. Scan Type: Antimalware Scan Parameters: Quick Scan Date: 2025-03-13 11:11:30 Description: Microsoft Defender Antivirus scan has been stopped before completion. Scan Type: Antimalware Scan Parameters: Quick Scan Event[0]: Date: 2025-03-27 08:28:45 Description: Microsoft Defender Antivirus has encountered an error trying to update security intelligence. New security intelligence Version: Previous security intelligence Version: 1.425.84.0 Update Source: Microsoft Malware Protection Center Security intelligence Type: AntiVirus Update Type: Full Current Engine Version: Previous Engine Version: 1.1.25020.1007 Error code: 0x80072ee7 Error description: L’adresse ou le nom de serveur n’a pas pu être résolu Date: 2025-03-27 08:28:45 Description: Microsoft Defender Antivirus has encountered an error trying to update security intelligence. New security intelligence Version: Previous security intelligence Version: 1.425.84.0 Update Source: Microsoft Malware Protection Center Security intelligence Type: AntiSpyware Update Type: Full Current Engine Version: Previous Engine Version: 1.1.25020.1007 Error code: 0x80072ee7 Error description: L’adresse ou le nom de serveur n’a pas pu être résolu Date: 2025-03-27 08:28:45 Description: Microsoft Defender Antivirus has encountered an error trying to update security intelligence. New security intelligence Version: Previous security intelligence Version: 1.425.84.0 Update Source: Microsoft Malware Protection Center Security intelligence Type: AntiVirus Update Type: Full Current Engine Version: Previous Engine Version: 1.1.25020.1007 Error code: 0x80072ee7 Error description: L’adresse ou le nom de serveur n’a pas pu être résolu Date: 2025-03-27 08:28:45 Description: Microsoft Defender Antivirus has encountered an error trying to update security intelligence. New security intelligence Version: Previous security intelligence Version: 1.425.84.0 Update Source: Microsoft Malware Protection Center Security intelligence Type: AntiVirus Update Type: Full Current Engine Version: Previous Engine Version: 1.1.25020.1007 Error code: 0x80072ee7 Error description: L’adresse ou le nom de serveur n’a pas pu être résolu Date: 2025-03-27 08:28:45 Description: Microsoft Defender Antivirus has encountered an error trying to update security intelligence. New security intelligence Version: Previous security intelligence Version: 1.425.84.0 Update Source: Microsoft Malware Protection Center Security intelligence Type: AntiSpyware Update Type: Full Current Engine Version: Previous Engine Version: 1.1.25020.1007 Error code: 0x80072ee7 Error description: L’adresse ou le nom de serveur n’a pas pu être résolu CodeIntegrity: =============== Date: 2025-03-28 15:36:52 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements. ==================== Infos Mémoire =========================== BIOS: American Megatrends Inc. F3 05/27/2020 Carte mère: Gigabyte Technology Co., Ltd. B460 AORUS PRO AC Processeur: Intel(R) Core(TM) i7-10700F CPU @ 2.90GHz Pourcentage de mémoire utilisée: 50% Mémoire physique - RAM - totale: 32700.32 MB Mémoire physique - RAM - disponible: 16136.34 MB Mémoire virtuelle totale: 37564.32 MB Mémoire virtuelle disponible: 15885.85 MB ==================== Lecteurs ================================ Drive c: (Windows) (Fixed) (Total:464.49 GB) (Free:238.74 GB) NTFS Drive d: (clee doree) (Removable) (Total:117.18 GB) (Free:106.26 GB) exFAT Drive e: () (Fixed) (Total:1863 GB) (Free:1850.37 GB) NTFS Drive f: () (Removable) (Total:1953.06 GB) (Free:1953.06 GB) exFAT \\?\Volume{954e7e79-f3de-41fc-a894-3ee1e4128ccf}\ (Recovery image) (Fixed) (Total:1 GB) (Free:0.41 GB) NTFS \\?\Volume{4016e326-30e5-40d5-9c06-1d274817aafc}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32 ==================== MBR & Table des partitions ==================== ========================================================== Disk: 0 (Protective MBR) (Size: 1863 GB) (Disk ID: 00000000) Partition: GPT. ========================================================== Disk: 1 (Size: 465.8 GB) (Disk ID: 4CB4A112) Partition: GPT. ========================================================== Disk: 2 (Size: 117.2 GB) (Disk ID: FA2CB833) Partition 1: (Active) - (Size=117.2 GB) - (Type=07 NTFS) ========================================================== Disk: 3 (Size: 1953.1 GB) (Disk ID: FA2CB833) Partition 1: (Active) - (Size=1953.1 GB) - (Type=07 NTFS) ==================== Fin de Addition.txt =======================