Resultado da análise adicional Farbar Recovery Scan Tool (x64) Versão: 26-01-2022
Executado por pryar (28-01-2022 15:51:10)
Executando a partir de C:\Users\pryar\Desktop
Microsoft Windows 10 Home Single Language Versão 20H2 19042.1466 (X64) (2022-01-28 09:01:16)
Modo da Inicialização: Normal
==========================================================


==================== Contas: =============================


(Se uma entrada for incluída na fixlist, será removida.)

Administrador (S-1-5-21-1663057799-4257141489-1272137286-500 - Administrator - Disabled)
Convidado (S-1-5-21-1663057799-4257141489-1272137286-501 - Limited - Disabled)
DefaultAccount (S-1-5-21-1663057799-4257141489-1272137286-503 - Limited - Disabled)
pryar (S-1-5-21-1663057799-4257141489-1272137286-1001 - Administrator - Enabled) => C:\Users\pryar
WDAGUtilityAccount (S-1-5-21-1663057799-4257141489-1272137286-504 - Limited - Disabled)

==================== Central de Segurança ========================

(Se uma entrada for incluída na fixlist, será removida.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Kaspersky Security Cloud (Disabled - Up to date) {4F76F112-43EB-40E8-11D8-F7BD1853EA23}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
FW: Kaspersky Security Cloud (Disabled) {774D7037-0984-41B0-3A87-5E88E680AD58}

==================== Programas Instalados ======================

(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)

Kaspersky Password Manager (HKLM-x32\...\{B2F7333E-6C8D-4994-AAC4-FEC8EBBF9611}) (Version: 9.0.2.767 - Kaspersky Lab) Hidden
Kaspersky Password Manager (HKLM-x32\...\InstallWIX_{B2F7333E-6C8D-4994-AAC4-FEC8EBBF9611}) (Version: 9.0.2.767 - Kaspersky Lab)
Kaspersky Security Cloud (HKLM-x32\...\{4FC79BE9-AD63-46C0-9626-E4F6BCE6A976}) (Version: 21.3.10.391 - Kaspersky) Hidden
Kaspersky Security Cloud (HKLM-x32\...\InstallWIX_{4FC79BE9-AD63-46C0-9626-E4F6BCE6A976}) (Version: 21.3.10.391 - Kaspersky)
Kaspersky VPN (HKLM-x32\...\{FF2A12B8-AEB7-48C0-95C8-E2E3D67DFCB2}) (Version: 21.3.10.391 - Kaspersky) Hidden
Kaspersky VPN (HKLM-x32\...\InstallWIX_{FF2A12B8-AEB7-48C0-95C8-E2E3D67DFCB2}) (Version: 21.3.10.391 - Kaspersky)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 97.0.1072.69 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1663057799-4257141489-1272137286-1001\...\OneDriveSetup.exe) (Version: 21.220.1024.0005 - Microsoft Corporation)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7543 - Realtek Semiconductor Corp.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.2.1.8 - Synaptics Incorporated)

Packages:
=========
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.12.1050.0_x64__8wekyb3d8bbwe [2022-01-28] (Microsoft Studios) [MS Ad]

==================== Análise Personalizada CLSID (Whitelisted): ==============

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

CustomCLSID: HKU\S-1-5-21-1663057799-4257141489-1272137286-1001_Classes\CLSID\{D9AC5E73-BB10-467b-B884-AA1E475C51F5}\Shell\Open\Command -> C:\Program Files\Synaptics\SynTP\SynTPCpl.dll (Synaptics Incorporated -> Synaptics Incorporated)
ContextMenuHandlers1: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\x64\shellex.dll [2022-01-28] (Kaspersky Lab JSC -> AO Kaspersky Lab)
ContextMenuHandlers2: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\x64\shellex.dll [2022-01-28] (Kaspersky Lab JSC -> AO Kaspersky Lab)
ContextMenuHandlers4: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\x64\shellex.dll [2022-01-28] (Kaspersky Lab JSC -> AO Kaspersky Lab)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll [2017-03-09] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\x64\shellex.dll [2022-01-28] (Kaspersky Lab JSC -> AO Kaspersky Lab)

==================== Codecs (Whitelisted) ====================

==================== Atalhos & WMI ========================

==================== Módulos Carregados (Whitelisted) =============

==================== Alternate Data Streams (Whitelisted) ========

==================== Modo de Segurança (Whitelisted) ==================

==================== Associação (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========


==================== Hosts Conteúdo: =========================

(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)

2019-12-07 06:14 - 2019-12-07 06:12 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Outras Áreas ===========================

(Atualmente não há nenhuma correção automática para esta seção.)

HKU\S-1-5-21-1663057799-4257141489-1272137286-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\pryar\Pictures\Wallpapers\Início 2022.png
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Firewall do Windows está habilitado.

==================== MSCONFIG/TASK MANAGER ítens desabilitados ==

==================== Regras do Firewall (Whitelisted) ================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

FirewallRules: [{A17FBB8D-EA4F-4285-9D83-08637BBD3DC4}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{53A872A2-3194-4E5C-AA70-A5D7FC4FA65D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{DB8E5846-4A7B-4382-92F8-187AB7024E94}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{0412CE57-48BA-4038-BEA8-2E3362A2B136}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)

==================== Pontos de Restauração =========================

ATENÇÃO: A Restauração do Sistema está desabilitada (Total:465.14 GB) (Free:287.79 GB) (62%)

==================== Dispositivos Apresentando Falhas No Gerenciador ============


==================== Erros no Log de eventos: ========================

Erros em Aplicativos:
==================
Error: (01/28/2022 06:42:26 AM) (Source: VSS) (EventID: 13) (User: )
Description: Informações sobre o Serviço de Cópias de Sombra de Volume: não é possível iniciar o Servidor COM com CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} e nome CEventSystem. [0x8007045b, O sistema está sendo desligado.
]

Error: (01/28/2022 06:42:22 AM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Erro ao atualizar o status  para SECURITY_PRODUCT_STATE_ON.

Error: (01/28/2022 06:42:17 AM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Erro ao atualizar o status  para SECURITY_PRODUCT_STATE_ON.

Error: (01/28/2022 06:42:12 AM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Erro ao atualizar o status  para SECURITY_PRODUCT_STATE_ON.

Error: (01/28/2022 06:42:07 AM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Erro ao atualizar o status  para SECURITY_PRODUCT_STATE_ON.

Error: (01/28/2022 06:42:02 AM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Erro ao atualizar o status  para SECURITY_PRODUCT_STATE_ON.

Error: (01/28/2022 06:41:57 AM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Erro ao atualizar o status  para SECURITY_PRODUCT_STATE_ON.

Error: (01/28/2022 06:41:52 AM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Erro ao atualizar o status  para SECURITY_PRODUCT_STATE_ON.


Erros de Sistema:
=============
Error: (01/28/2022 03:39:39 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço Kaspersky VPN Secure Connection Service 5.3 foi encerrado inesperadamente.  Isso aconteceu 3 vez(es).

Error: (01/28/2022 02:41:30 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Kaspersky VPN Secure Connection Service 5.3 foi finalizado inesperadamente. Isto aconteceu 2 vez(es). A seguinte ação corretiva será tomada em 10000 milissegundos: Reiniciar o serviço.

Error: (01/28/2022 02:31:46 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Kaspersky VPN Secure Connection Service 5.3 foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 10000 milissegundos: Reiniciar o serviço.

Error: (01/28/2022 02:31:45 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço SynTPEnh Caller Service foi encerrado inesperadamente.  Isso aconteceu 1 vez(es).

Error: (01/28/2022 02:31:45 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço AtherosSvc foi encerrado inesperadamente.  Isso aconteceu 1 vez(es).

Error: (01/28/2022 01:00:28 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4

Error: (01/28/2022 08:36:41 AM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4

Error: (01/28/2022 06:48:13 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: A chamada ScRegSetValueExW falhou para Start com o seguinte erro: 
Acesso negado.


CodeIntegrity:
===============
Date: 2022-01-28 15:34:03
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SecurityHealthService.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.


==================== Informações da Memória =========================== 

BIOS: Phoenix Technologies Ltd. P07RAP 05/02/2013
placa-mãe: SAMSUNG ELECTRONICS CO., LTD. NP300E4C-AD2BR
Processador: Intel(R) Core(TM) i3-2328M CPU @ 2.20GHz
Percentagem de memória em uso: 46%
RAM física total: 7891.48 MB
RAM física disponível: 4218.75 MB
Virtual Total: 9811.48 MB
Virtual disponível: 6171.44 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.14 GB) (Free:287.79 GB) NTFS

\\?\Volume{87d72310-c177-40f3-b9f2-bb7980ac65ce}\ () (Fixed) (Total:0.5 GB) (Free:0.08 GB) NTFS
\\?\Volume{d9f9a07a-96ac-456c-ad3f-9af1d597e234}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Tabela de Partições ====================

==========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 673EEE87)

Partition: GPT.

==================== Fim de Addition.txt =======================