ÿþOTL Extras logfile created on: 22/03/2023 13:51:12 - Run 2 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\UEFM LFS Hyper UEFM\Desktop 64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation Internet Explorer (Version = 9.11.19041.0) Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy 3,57 Gb Total Physical Memory | 0,63 Gb Available Physical Memory | 17,74% Memory free 7,45 Gb Paging File | 3,11 Gb Available in Paging File | 41,73% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86) Drive C: | 151,02 Gb Total Space | 0,43 Gb Free Space | 0,29% Space Free | Partition Type: NTFS Drive D: | 64,23 Gb Total Space | 55,34 Gb Free Space | 86,16% Space Free | Partition Type: NTFS Drive E: | 17,95 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS Drive G: | 39,62 Gb Total Space | 35,38 Gb Free Space | 89,31% Space Free | Partition Type: NTFS Drive K: | 7,49 Gb Total Space | 2,24 Gb Free Space | 29,87% Space Free | Partition Type: FAT32 Drive N: | 31,99 Gb Total Space | 27,12 Gb Free Space | 84,79% Space Free | Partition Type: FAT32 Drive O: | 112,53 Mb Total Space | 57,37 Mb Free Space | 50,98% Space Free | Partition Type: NTFS Drive P: | 573,92 Mb Total Space | 1,67 Mb Free Space | 0,29% Space Free | Partition Type: FAT32 Drive R: | 4,27 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF Drive S: | 6,83 Gb Total Space | 0,01 Gb Free Space | 0,14% Space Free | Partition Type: NTFS Drive V: | 14,26 Gb Total Space | 2,57 Gb Free Space | 18,05% Space Free | Partition Type: FAT32 Drive X: | 30,03 Gb Total Space | 0,37 Gb Free Space | 1,25% Space Free | Partition Type: NTFS Drive Y: | 24,28 Gb Total Space | 0,06 Gb Free Space | 0,24% Space Free | Partition Type: FAT32 Computer Name: DESKTOP-DO2EQCB | User Name: UEFM LFS Hyper UEFM | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 360 Days [color=#E56717]========== Extra Registry (All) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .chm[@ = chm.file] -- C:\WINDOWS\hh.exe (Microsoft Corporation) .cpl[@ = cplfile] -- C:\WINDOWS\SysNative\control.exe (Microsoft Corporation) .hlp[@ = hlpfile] -- C:\WINDOWS\winhlp32.exe (Microsoft Corporation) .html[@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation) .inf[@ = inffile] -- C:\WINDOWS\SysNative\NOTEPAD.EXE (Microsoft Corporation) .ini[@ = inifile] -- C:\WINDOWS\SysNative\NOTEPAD.EXE (Microsoft Corporation) .url[@ = InternetShortcut] -- C:\WINDOWS\SysNative\rundll32.exe (Microsoft Corporation) .js[@ = JSFile] -- C:\WINDOWS\SysNative\WScript.exe (Microsoft Corporation) .jse[@ = JSEFile] -- C:\WINDOWS\SysNative\WScript.exe (Microsoft Corporation) .reg[@ = regfile] -- C:\WINDOWS\regedit.exe (Microsoft Corporation) .txt[@ = txtfile] -- C:\WINDOWS\SysNative\NOTEPAD.EXE (Microsoft Corporation) .vbe[@ = VBEFile] -- C:\WINDOWS\SysNative\WScript.exe (Microsoft Corporation) .vbs[@ = VBSFile] -- C:\WINDOWS\SysNative\WScript.exe (Microsoft Corporation) .wsf[@ = WSFFile] -- C:\WINDOWS\SysNative\WScript.exe (Microsoft Corporation) .wsh[@ = WSHFile] -- C:\WINDOWS\SysNative\WScript.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .bat [@ = batfile] -- "%1" %* .chm [@ = chm.file] -- C:\WINDOWS\hh.exe (Microsoft Corporation) .cmd [@ = cmdfile] -- "%1" %* .com [@ = comfile] -- "%1" %* .cpl [@ = cplfile] -- C:\WINDOWS\SysWow64\control.exe (Microsoft Corporation) .exe [@ = exefile] -- "%1" %* .hlp [@ = hlpfile] -- C:\WINDOWS\winhlp32.exe (Microsoft Corporation) .hta [@ = htafile] -- "%1" %* .html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation) .inf [@ = inffile] -- C:\WINDOWS\SysWow64\NOTEPAD.EXE (Microsoft Corporation) .ini [@ = inifile] -- C:\WINDOWS\SysWow64\NOTEPAD.EXE (Microsoft Corporation) .url [@ = InternetShortcut] -- C:\WINDOWS\SysWow64\rundll32.exe (Microsoft Corporation) .js [@ = JSFile] -- C:\WINDOWS\SysWow64\WScript.exe (Microsoft Corporation) .jse [@ = JSEFile] -- C:\WINDOWS\SysWow64\WScript.exe (Microsoft Corporation) .pif [@ = piffile] -- "%1" %* .reg [@ = regfile] -- C:\WINDOWS\SysWow64\regedit.exe (Microsoft Corporation) .scr [@ = scrfile] -- "%1" /S .txt [@ = txtfile] -- C:\WINDOWS\SysWow64\NOTEPAD.EXE (Microsoft Corporation) .vbe [@ = VBEFile] -- C:\WINDOWS\SysWow64\WScript.exe (Microsoft Corporation) .vbs [@ = VBSFile] -- C:\WINDOWS\SysWow64\WScript.exe (Microsoft Corporation) .wsf [@ = WSFFile] -- C:\WINDOWS\SysWow64\WScript.exe (Microsoft Corporation) .wsh [@ = WSHFile] -- C:\WINDOWS\SysWow64\WScript.exe (Microsoft Corporation) [HKEY_USERS\S-1-5-21-158993690-1269080673-3091534466-1000\SOFTWARE\Classes\<extension>] .html [@ = UCHTML] -- Reg Error: Value error. File not found [color=#E56717]========== Shell Spawning ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation) batfile [open] -- "%1" %* batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation) chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation) cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation) cmdfile [open] -- "%1" %* cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation) comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) htafile [open] -- "%1" %* htmlfile [edit] -- Reg Error: Key error. htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation) htmlfile [opennew] -- Reg Error: Key error. htmlfile [print] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation) https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation) inffile [install] -- Reg Error: Key error. inffile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation) inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation) inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation) inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation) InternetShortcut [open] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) jsfile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation) jsfile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation) jsfile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation) jsefile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation) jsefile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation) jsefile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation) piffile [open] -- "%1" %* regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation) regfile [open] -- regedit.exe "%1" (Microsoft Corporation) regfile [merge] -- Reg Error: Key error. regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation) scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation) txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation) txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation) vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation) vbefile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation) vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation) vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation) vbsfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation) vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation) wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation) wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation) wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation) wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation) Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [Powershell] -- powershell.exe -noexit -command Set-Location -literalPath '%V' (Microsoft Corporation) Directory [TotalAV] -- "C:\Program Files (x86)\TotalAV\TotalAV.exe" --custom-scan-context --custom-scan-archives --custom-scan-folders="%1" --hide Directory [UpdateEncryptionSettings] -- Reg Error: Key error. Folder [open] -- C:\WINDOWS\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation) batfile [open] -- "%1" %* batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation) chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation) cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation) cmdfile [open] -- "%1" %* cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation) comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) htafile [open] -- "%1" %* htmlfile [edit] -- Reg Error: Key error. htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation) htmlfile [opennew] -- Reg Error: Key error. htmlfile [print] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation) https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation) inffile [install] -- Reg Error: Key error. inffile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation) inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation) inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation) inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation) InternetShortcut [open] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) jsfile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation) jsfile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation) jsfile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation) jsefile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation) jsefile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation) jsefile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation) piffile [open] -- "%1" %* regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation) regfile [open] -- regedit.exe "%1" (Microsoft Corporation) regfile [merge] -- Reg Error: Key error. regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation) scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation) txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation) txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation) vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation) vbefile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation) vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation) vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation) vbsfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation) vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation) wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation) wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation) wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation) wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation) Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [Powershell] -- powershell.exe -noexit -command Set-Location -literalPath '%V' (Microsoft Corporation) Directory [TotalAV] -- "C:\Program Files (x86)\TotalAV\TotalAV.exe" --custom-scan-context --custom-scan-archives --custom-scan-folders="%1" --hide Directory [UpdateEncryptionSettings] -- Reg Error: Key error. Folder [open] -- C:\WINDOWS\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error. [color=#E56717]========== Security Center Settings ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Feature] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Av] "DataMigrated" = 1 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Av\{0567E33F-93C9-11B5-891D-90A37AEB2766}] "GUID" = {0567E33F-93C9-11B5-891D-90A37AEB2766} "DISPLAYNAME" = Total AV "STATE" = 262144 "PRODUCTEXE" = C:\Program Files (x86)\TotalAV\wscf.exe "REPORTINGEXE" = C:\Program Files (x86)\TotalAV\SecurityService.exe [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Av\{D68DDC3A-831F-4fae-9E44-DA132C1ACF46}] "GUID" = {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} "DISPLAYNAME" = Antivirus Microsoft Defender "STATE" = 397568 "PRODUCTEXE" = windowsdefender:// "REPORTINGEXE" = %ProgramFiles%\Windows Defender\MsMpeng.exe -- (Microsoft Corporation) [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\CBP] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\DPA] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Fw] "DataMigrated" = 1 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\SecurityApp] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\SecurityApp\WebProtection] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\ProvidersMigration] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\ProvidersMigration\WicaUpgradableAVs] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = E2 27 A8 57 03 BE D6 01 [binary data] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade] "UpgradeTime" = [binary data] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Feature] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Av] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\CBP] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\DPA] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Fw] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\SecurityApp] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\SecurityApp\WebProtection] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\ProvidersMigration] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade] "UpgradeTime" = Reg Error: Unknown registry data type -- File not found [color=#E56717]========== System Restore Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService] "Start" = 2 [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [color=#E56717]========== Authorized Applications List ==========[/color] [color=#E56717]========== Vista Active Open Ports Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{5075540F-E368-41DC-A983-2DD395853899}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft\edge\application\msedge.exe | "{84DD0D25-0575-4571-80D6-C39C2F512F5A}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft\edgewebview\application\111.0.1661.44\msedgewebview2.exe | [color=#E56717]========== Vista Active Application Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{028361D1-3066-45EB-84B9-0A68DCFE3910}" = dir=in | name=skype | "{0913B537-2B5C-4282-9D8D-F09B6160B25E}" = protocol=6 | dir=in | app=c:\program files\windowsapps\microsoft.skypeapp_15.95.3409.0_x64__kzf8qxf38zg5c\skype\skype.exe | "{0B01E885-6D9B-4E55-9F2D-652A97021A8C}" = protocol=17 | dir=in | app=c:\program files\firefox nightly\firefox.exe | "{3DD7CCAE-FB85-44B8-B498-813AB3C96B73}" = dir=out | name=skype | "{41C9935F-F86F-4580-B6F0-9C1CBCD25E8C}" = dir=in | app=c:\program files (x86)\driverpack\tools\aria2c.exe | "{4DB018F2-69AF-4473-9004-2EB3EB47E957}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe | "{5E139797-C4F6-402C-9490-7DCD56283BD3}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe | "{612CDD69-7169-4A25-BC6D-F1D7BC72A46C}" = protocol=6 | dir=out | app=c:\program files\windowsapps\microsoft.skypeapp_15.95.3409.0_x64__kzf8qxf38zg5c\skype\skype.exe | "{804E142D-279E-4A70-ACFA-AE9FB940B1CA}" = protocol=17 | dir=out | app=c:\program files\windowsapps\microsoft.skypeapp_15.95.3409.0_x64__kzf8qxf38zg5c\skype\skype.exe | "{8AB70E12-B291-41E9-BCBF-EA876079565A}" = dir=out | name=solitaire & casual games | "{C014CFD6-29EE-4F5E-B27E-3B82465937F1}" = protocol=6 | dir=in | app=c:\program files\firefox nightly\firefox.exe | "{C4E49593-2B51-4FD8-8356-829FFC619730}" = dir=out | name=@{microsoft.storepurchaseapp_12301.1401.8.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.storepurchaseapp/resources/displaytitle} | "{DF725677-58CE-47D4-AA0B-A1BA82DB393C}" = protocol=17 | dir=in | app=c:\program files\windowsapps\microsoft.skypeapp_15.95.3409.0_x64__kzf8qxf38zg5c\skype\skype.exe | "{E0E4AC3C-9743-4436-9510-B85E56945716}" = dir=in | name=solitaire & casual games | "TCP Query User{E6F1430E-83B8-43CD-BD62-AB8E916CEC63}C:\program files\ashampoo\ashampoo snap 15\snap15.exe" = protocol=6 | dir=in | app=c:\program files\ashampoo\ashampoo snap 15\snap15.exe | "UDP Query User{AE864DFB-232A-4BC3-BFF9-E99515F71603}C:\program files\ashampoo\ashampoo snap 15\snap15.exe" = protocol=17 | dir=in | app=c:\program files\ashampoo\ashampoo snap 15\snap15.exe | [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0016BB81-682A-4125-987A-733D9F3D1C75}" = Mailbird "{063E67F0-C298-8A2A-0FA6-84C15322A4E0}" = ccc-utility64 "{0A11EA01-7CAC-87D7-5641-D61A11726754}_is1" = Ashampoo Snap 15 "{26A24AE4-039D-4CA4-87B4-2F64180333F0}" = Java 8 Update 333 (64-bit) "{3407B900-37F5-4CC2-B612-5CD5D580A163}" = Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.32.31332 "{34B007AF-13F2-0C6B-E46E-52386F953140}_is1" = Ashampoo Backup 2023 "{55F4EDBA-7615-480C-823C-7EF528F4BB02}" = WebCompanion VPN "{5A2BC38A-406C-4A5B-BF45-6991F9A05325}_is1" = PeaZip 9.1.0 (WIN64) "{76A22428-2400-4521-96AF-7AC4A6174CA5}" = UpdateAssistant "{89581302-705F-42C5-99B0-E368A845DAD5}" = Microsoft Update Health Tools "{90C6971F-ABF1-4FBF-BD98-24F14C5F5AB4}" = Contrôle d intégrité du PC Windows "{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1" = Revo Uninstaller 2.4.2 "{A2CB1ACB-94A2-32BA-A15E-7D80319F7589}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 "{AC53FC8B-EE18-3F9C-9B59-60937D0B182C}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 "{B0C42DAC-4ED9-4936-AECD-DC722284A25B}" = Oracle VM VirtualBox 7.0.6 "{BA85A29D-B48E-4826-BAEE-817024E52E29}_is1" = SRWare Iron (64-Bit) version 110.0.5600.0 "{C2A02857-D138-446B-B181-442DEE20C8E6}" = Password Safe 3.62.0 for Windows (64-bit) "{D9F136C1-3691-47E3-9079-4FE9C9010001}" = ClamAV 1.0.1 "{DEC1D812-1FAB-4429-B9EB-ED7289CB6E1E}" = Paragon UIM "{E7366CA8-7179-77AE-E712-BA18D70A0A07}" = AMD Fuel "{E983FD09-782B-4A50-B4E2-BAFC91545B1C}" = Paragon Hard Disk Manager"! 17 Business WS "{F4499EE3-A166-496C-81BB-51D1BCDC70A9}" = Microsoft Visual C++ 2022 X64 Additional Runtime - 14.32.31332 "{f4fef76c-1aa9-441c-af7e-d27f58d898d1}_is1" = BCUninstaller "{F55A72A1-C710-4D2B-9096-0774DD4CC796}" = TeraCopy "10DBD048-433A-4BC3-951F-055296F077B3_is1" = Diag version 2.8.2.0 "AIMP" = AIMP "Bandizip" = Bandizip "C4E7EE54-826F-41C4-BE3C-375CC70DC1D8_is1" = UCheck version 4.6.0.0 "CCleaner" = CCleaner "Defraggler" = Defraggler "E45F055F-784E-4AA5-9EC1-2419E9A343DC_is1" = YaraEditor version 4.2.1.0 "FileViewPro_is1" = FileViewPro "HitmanPro.Alert" = HitmanPro.Alert 3 "iMazing_is1" = iMazing 2.16.9.0 "Mozilla Thunderbird 102.9.0 (x64 fr)" = Mozilla Thunderbird (x64 fr) "MozillaMaintenanceService" = Mozilla Maintenance Service "MultiCommander x64" = MultiCommander (x64) "Nightly 113.0a1 (x64 fr)" = Nightly (x64 fr) "Notepad++" = Notepad++ (64-bit x64) "Recuva" = Recuva "S.O.S. Security Suite" = S.O.S. Security Suite "Speccy" = Speccy "TreeSize Free_is1" = TreeSize Free V4.6.3 (64 bit) "WinRAR archiver" = WinRAR 6.21 (64-bit) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{02F850ED-FD0E-4ED1-BE0B-54981f5BD3D4}_is1" = AOMEI Partition Assistant 9.15.0 "{07326A3E-02B3-1078-25D7-B8666BA8FE15}" = CCC Help Korean "{085EBD0C-F24E-EB94-6D33-2A22EF64C5CF}" = CCC Help Finnish "{11087D24-567D-7D88-69C6-D7A08B5F4C47}" = Catalyst Control Center - Branding "{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}" = Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 "{15134cb0-b767-4960-a911-f2d16ae54797}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 "{1AD99E77-37CC-744E-39CA-67F6FD34565A}" = Catalyst Control Center Localization All "{1BB85E73-0D92-604A-0AAF-C7AAD5E3A3C6}" = CCC Help English "{1E6FC929-567E-4D22-9206-C5B83F0A21B9}" = Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.22.27821 "{1E72F5D1-553E-CFF9-06A3-8C5AF507DD1C}" = CCC Help French "{22154f09-719a-4619-bb71-5b3356999fbf}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 "{25ACE797-EBDA-0E4B-096F-9FE97A1E2A6F}" = CCC Help Russian "{2AA44AF4-C116-4219-B800-4573E7E6D421}_is1" = Advanced Disk Recovery "{2D07E15C-A9A4-D8D6-D371-92EC8779E587}" = CCC Help Hungarian "{2F73A7B2-E50E-39A6-9ABC-EF89E4C62E36}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 "{350E61E5-6C2C-2F3C-3A14-7E094AB6D3A0}" = CCC Help Spanish "{35A71DED-DA81-1313-352A-EC8A0B27DF3B}" = CCC Help Chinese Standard "{3746f21b-c990-4045-bb33-1cf98cff7a68}" = Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.32.31332 "{3BDE80F7-7EC9-448E-8160-4ADA0CDA8879}" = Microsoft Visual C++ 2019 X86 Additional Runtime - 14.22.27821 "{5bfc1380-fd35-4b85-9715-7351535d077e}" = Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.22.27821 "{64D5A142-BD50-726E-ED9E-D2508D2A17E2}" = Catalyst Control Center InstallProxy "{6FDCB1C3-9EDC-3CBC-473C-DD85ED5E0494}" = CCC Help German "{79D22166-78C1-2AD4-04E7-BD22BD58FD46}" = CCC Help Chinese Traditional "{82CA1714-13EA-F419-91FE-12834424745E}" = CCC Help Italian "{8CBC65A3-40AB-DE65-2CB1-997ABDA8FD68}" = CCC Help Turkish "{8FFCCB27-EE2D-D58F-5ABD-ED5C06B91E81}" = CCC Help Swedish "{9346016b-6620-4841-8ea4-ad91d3ea02b5}" = Kit de déploiement et d évaluation Windows - Windows 10 "{A5A6A4D0-2005-2A05-2E21-495808CF95ED}" = CCC Help Norwegian "{A760847A-C4D9-E7EF-716F-07C6CBF6B147}" = CCC Help Thai "{aa47ecd7-8c4e-4bba-937a-91126388c15c}" = Paragon Hard Disk Manager"! 17 Business WS "{AF0FDA86-6E7B-1A6C-51D4-43AF50181ED2}" = AMD Catalyst Control Center "{AmazingPartitionManager}_is1" = Amazing Partition Manager Professional version 5.1.1.8 "{B839153C-D4D2-F89C-5033-0A160C62706B}" = CCC Help Portuguese "{C1EA3764-1138-AE27-AD63-549BAD99BA15}" = CCC Help Japanese "{C3D13AB8-468A-0174-1D06-DB9AAE8A131B}" = CCC Help Czech "{CA95D57F-9FC3-0DD7-7C36-362F74D8C04E}" = CCC Help Dutch "{E817E580-6318-AFC8-2102-322C73117EC4}" = CCC Help Polish "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{f65db027-aff3-4070-886a-0d87064aabb1}" = Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 "{F77474EE-EB6C-C87B-88AF-3310C848E068}" = CCC Help Greek "{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}" = Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 "{F8DDBE95-DCBE-03B5-5359-DE3601146E21}" = CCC Help Danish "{FDB30193-FDA0-3DAA-ACCA-A75EEFE53607}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 "00212D92-C5D8-4ff4-AE50-B20F0F85C40A_Systweak_Ad~B9F029BF_is1" = Advanced System Protector "Adaware PC Cleaner_is1" = Adaware PC Cleaner v7.2.0 "AI RoboForm" = RoboForm 9-4-4-4 (All Users) "AvantBrowser" = Avant Browser (remove only) "DA71BA65-680A-4212-9150-6239217B53DC_Systweak_Ad~8C5446C9_is1" = Advanced Driver Updater "DriverPack" = DriverPack "IM_Magic_PR" = IM-Magic Partition Resizer Free "ImgBurn" = ImgBurn "KeePassPasswordSafe2_is1" = KeePass Password Safe 2.53.1 "macrorit_extender" = Macrorit Partition Extender Free "macrorit_mds" = Macrorit Disk Scanner Pro "macrorit_mdw" = Macrorit Data Wiper Pro "macrorit_mn2f" = Macrorit NTFS To FAT32 Converter "Microsoft Edge" = Microsoft Edge "Microsoft Edge Update" = Microsoft Edge Update "Microsoft EdgeWebView" = Microsoft Edge WebView2 Runtime "SEAF" = SEAF By C_XX "SpywareBlaster_is1" = SpywareBlaster 6.0 "Steam" = Steam "WinThruster_is1" = WinThruster v8.0.0.1 "WUCCCApp" = AMD Catalyst Control Center "XnView_is1" = XnView 2.51.2 [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-158993690-1269080673-3091534466-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "173a9bac-6f0d-50c4-8202-4744c69d091a" = Bitwarden "d2f3b6c7-6f49-59e2-b8a5-f72e33900c2b" = balenaEtcher 1.14.3 "FastCopy" = FastCopy "OneDriveSetup.exe" = Microsoft OneDrive [color=#E56717]========== Last 20 Event Log Errors ==========[/color] [ Application Events ] Error - 22/03/2023 08:25:05 | Computer Name = DESKTOP-DO2EQCB | Source = MsiInstaller | ID = 11601 Description = Error - 22/03/2023 08:35:32 | Computer Name = DESKTOP-DO2EQCB | Source = MsiInstaller | ID = 11406 Description = Error - 22/03/2023 08:53:01 | Computer Name = DESKTOP-DO2EQCB | Source = ESENT | ID = 455 Description = svchost (9192,R,98) TILEREPOSITORYS-1-5-18: L erreur -1023 (0xfffffc01) s est produite lors de l ouverture d un fichier journal C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Error - 22/03/2023 09:21:05 | Computer Name = DESKTOP-DO2EQCB | Source = ESENT | ID = 455 Description = svchost (1388,R,98) TILEREPOSITORYS-1-5-18: L erreur -1023 (0xfffffc01) s est produite lors de l ouverture d un fichier journal C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Error - 22/03/2023 09:38:07 | Computer Name = DESKTOP-DO2EQCB | Source = ESENT | ID = 455 Description = svchost (7376,R,98) TILEREPOSITORYS-1-5-18: L erreur -1023 (0xfffffc01) s est produite lors de l ouverture d un fichier journal C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Error - 22/03/2023 09:48:46 | Computer Name = DESKTOP-DO2EQCB | Source = ESENT | ID = 455 Description = svchost (8336,R,98) TILEREPOSITORYS-1-5-18: L erreur -1023 (0xfffffc01) s est produite lors de l ouverture d un fichier journal C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Error - 22/03/2023 09:50:17 | Computer Name = DESKTOP-DO2EQCB | Source = Application Error | ID = 1000 Description = Nom de l application défaillante SearchApp.exe, version : 10.0.19041.2673, horodatage : 0x61de921c Nom du module défaillant : KERNELBASE.dll, version : 10.0.19041.2728, horodatage : 0xe7e53a4e Code d exception : 0xc000027b Décalage d erreur : 0x000000000010fd12 ID du processus défaillant : 0xe34 Heure de début de l application défaillante : 0x01d95cb7872dfd13 Chemin d accès de l application défaillante : C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe Chemin d accès du module défaillant: C:\WINDOWS\System32\KERNELBASE.dll ID de rapport : 0c97041e-e67e-4754-95f0-4d9294cccf23 Nom complet du package défaillant : Microsoft.Windows.Search_1.14.8.19041_neutral_neutral_cw5n1h2txyewy ID de l application relative au package défaillant : CortanaUI Error - 22/03/2023 09:55:26 | Computer Name = DESKTOP-DO2EQCB | Source = ESENT | ID = 455 Description = svchost (9688,R,98) TILEREPOSITORYS-1-5-18: L erreur -1023 (0xfffffc01) s est produite lors de l ouverture d un fichier journal C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Error - 22/03/2023 10:26:14 | Computer Name = DESKTOP-DO2EQCB | Source = ESENT | ID = 455 Description = svchost (4944,R,98) TILEREPOSITORYS-1-5-18: L erreur -1023 (0xfffffc01) s est produite lors de l ouverture d un fichier journal C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Error - 22/03/2023 10:37:13 | Computer Name = DESKTOP-DO2EQCB | Source = ESENT | ID = 455 Description = svchost (7796,R,98) TILEREPOSITORYS-1-5-18: L erreur -1023 (0xfffffc01) s est produite lors de l ouverture d un fichier journal C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. [ Microsoft-Windows-Diagnostics-Performance/Operational Events ] Error - 13/03/2023 08:13:21 | Computer Name = DESKTOP-DO2EQCB | Source = Microsoft-Windows-Diagnostics-Performance | ID = 101 Description = Error - 14/03/2023 07:48:42 | Computer Name = DESKTOP-DO2EQCB | Source = Microsoft-Windows-Diagnostics-Performance | ID = 101 Description = Error - 14/03/2023 10:53:45 | Computer Name = DESKTOP-DO2EQCB | Source = Microsoft-Windows-Diagnostics-Performance | ID = 200 Description = Error - 14/03/2023 10:53:45 | Computer Name = DESKTOP-DO2EQCB | Source = Microsoft-Windows-Diagnostics-Performance | ID = 203 Description = Error - 14/03/2023 10:53:45 | Computer Name = DESKTOP-DO2EQCB | Source = Microsoft-Windows-Diagnostics-Performance | ID = 203 Description = Error - 15/03/2023 19:55:34 | Computer Name = DESKTOP-DO2EQCB | Source = Microsoft-Windows-Diagnostics-Performance | ID = 203 Description = Error - 15/03/2023 19:55:34 | Computer Name = DESKTOP-DO2EQCB | Source = Microsoft-Windows-Diagnostics-Performance | ID = 203 Description = Error - 15/03/2023 19:55:34 | Computer Name = DESKTOP-DO2EQCB | Source = Microsoft-Windows-Diagnostics-Performance | ID = 203 Description = Error - 15/03/2023 19:55:34 | Computer Name = DESKTOP-DO2EQCB | Source = Microsoft-Windows-Diagnostics-Performance | ID = 203 Description = Error - 15/03/2023 19:55:34 | Computer Name = DESKTOP-DO2EQCB | Source = Microsoft-Windows-Diagnostics-Performance | ID = 203 Description = [ Parameters Events ] OTL encountered an error while reading this event log. It may be corrupt. [ State Events ] OTL encountered an error while reading this event log. It may be corrupt. Error - 22/03/2023 10:34:32 | Computer Name = DESKTOP-DO2EQCB | Source = Microsoft-Windows-BitLocker-Driver | ID = 24620 Description = Vérification du volume chiffré : impossible de lire les informations de volume sur W:. Error - 22/03/2023 10:36:05 | Computer Name = DESKTOP-DO2EQCB | Source = Service Control Manager | ID = 7011 Description = Le dépassement de délai (30000 millisecondes) a été atteint lors de l attente de la réponse transactionnelle du service WSearch. Error - 22/03/2023 10:36:35 | Computer Name = DESKTOP-DO2EQCB | Source = Service Control Manager | ID = 7011 Description = Le dépassement de délai (30000 millisecondes) a été atteint lors de l attente de la réponse transactionnelle du service WSearch. Error - 22/03/2023 10:37:05 | Computer Name = DESKTOP-DO2EQCB | Source = Service Control Manager | ID = 7011 Description = Le dépassement de délai (30000 millisecondes) a été atteint lors de l attente de la réponse transactionnelle du service WSearch. Error - 22/03/2023 10:45:34 | Computer Name = DESKTOP-DO2EQCB | Source = disk | ID = 262298 Description = L opération d E/S à l adresse de bloc logique 0x0 pour le disque 12 (nom d objet périphérique physique : \Device\000000d0) a échoué en raison d une erreur matérielle. Error - 22/03/2023 10:45:34 | Computer Name = DESKTOP-DO2EQCB | Source = Microsoft-Windows-BitLocker-Driver | ID = 24620 Description = Vérification du volume chiffré : impossible de lire les informations de volume sur W:. Error - 22/03/2023 10:56:37 | Computer Name = DESKTOP-DO2EQCB | Source = disk | ID = 262298 Description = L opération d E/S à l adresse de bloc logique 0x0 pour le disque 12 (nom d objet périphérique physique : \Device\000000d0) a échoué en raison d une erreur matérielle. Error - 22/03/2023 10:56:37 | Computer Name = DESKTOP-DO2EQCB | Source = Microsoft-Windows-BitLocker-Driver | ID = 24620 Description = Vérification du volume chiffré : impossible de lire les informations de volume sur W:. Error - 22/03/2023 11:07:40 | Computer Name = DESKTOP-DO2EQCB | Source = disk | ID = 262298 Description = L opération d E/S à l adresse de bloc logique 0x0 pour le disque 12 (nom d objet périphérique physique : \Device\000000d0) a échoué en raison d une erreur matérielle. Error - 22/03/2023 11:07:40 | Computer Name = DESKTOP-DO2EQCB | Source = Microsoft-Windows-BitLocker-Driver | ID = 24620 Description = Vérification du volume chiffré : impossible de lire les informations de volume sur W:. < End of report >