Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-05-2022 Ran by dell (15-05-2022 16:12:36) Running from C:\Users\dell\OneDrive\Área de Trabalho Microsoft Windows 10 Home Version 21H1 19043.1706 (X64) (2021-03-10 17:18:17) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= (If an entry is included in the fixlist, it will be removed.) Administrator (S-1-5-21-1378158352-3957057711-1579280521-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-1378158352-3957057711-1579280521-503 - Limited - Disabled) dell (S-1-5-21-1378158352-3957057711-1579280521-1001 - Administrator - Enabled) => C:\Users\dell Guest (S-1-5-21-1378158352-3957057711-1579280521-501 - Limited - Disabled) WDAGUtilityAccount (S-1-5-21-1378158352-3957057711-1579280521-504 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) CDisplayEx 1.10.33 (HKLM\...\CDisplayEx_is1) (Version: - Progdigy Software S.A.R.L.) Dell Digital Delivery Services (HKLM-x32\...\{560DFD4A-23E2-45DD-A223-A4B3FA356913}) (Version: 4.0.92.0 - Dell Inc.) Dell Power Manager Service (HKLM\...\{18469ED8-8C36-4CF7-BD43-0FC9B1931AF8}) (Version: 3.10.0 - Dell Inc.) Dell SupportAssist OS Recovery Plugin for Dell Update (HKLM\...\{08E7C8D5-F2B5-4F09-B0EA-F28913BEFDB0}) (Version: 5.5.1.16143 - Dell Inc.) Hidden Dell SupportAssist OS Recovery Plugin for Dell Update (HKLM-x32\...\{2a8bafd6-22ae-4d0e-87a4-686b2a4a2ab0}) (Version: 5.5.1.16143 - Dell Inc.) Dell SupportAssist Remediation (HKLM\...\{A10EE376-2100-432C-B534-29768465A12B}) (Version: 5.5.1.16141 - Dell Inc.) Hidden Dell SupportAssist Remediation (HKLM-x32\...\{06e056de-da6a-4099-9d0a-94e5e0a14dfc}) (Version: 5.5.1.16141 - Dell Inc.) Dell Update for Windows Universal (HKLM\...\{931EF4E8-D267-4504-A5E9-5DE70B9712E9}) (Version: 4.5.0 - Dell Inc.) Discord (HKU\S-1-5-21-1378158352-3957057711-1579280521-1001\...\Discord) (Version: 1.0.9002 - Discord Inc.) Dynamic Application Loader Host Interface Service (HKLM\...\{0AFA46DB-6E86-479E-BF66-B25C29324A5F}) (Version: 1.0.0.0 - Intel Corporation) Hidden Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Fusion Service (HKLM\...\{DD0DA204-7652-45B7-AB88-50ECF954914E}) (Version: 1.0.0.172 - Dell.Inc) Hidden Fusion Service (HKLM-x32\...\{3463f0f5-fd97-448c-8b74-6601e705e0f9}) (Version: 1.0.0.172 - Dell.Inc) Goodix Fingerprint Driver (HKLM\...\{60FAB781-18F2-4D2B-A8E7-B3AADD327955}_is1) (Version: 3.0.38.600 - Goodix, Inc.) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 101.0.4951.67 - Google LLC) Intel Software Package (HKLM-x32\...\{e1d93543-7ba0-4927-aa7f-09c5fc7f25df}) (Version: 8.7.10600.20700 - Intel) Hidden Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{F70BCE36-25F2-4475-A918-6209B3D85BF3}) (Version: 15.0.179 - Intel Corporation) Intel(R) Dynamic Tuning (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.7.10600.20700 - Intel Corporation) Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 2141.15.0.2511 - Intel Corporation) Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.2104.1 - Intel Corporation) Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Lunar Client (HKU\S-1-5-21-1378158352-3957057711-1579280521-1001\...\1fcec38f-e773-5444-8669-32b8eb41524b) (Version: 2.10.1 - Moonsworth, LLC) Malwarebytes version 4.5.9.198 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.9.198 - Malwarebytes) Microsoft .NET Runtime - 5.0.14 (x64) (HKLM-x32\...\{3c001ec7-478b-4d22-8d92-a6561d20091f}) (Version: 5.0.14.30907 - Microsoft Corporation) Microsoft 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.15128.20224 - Microsoft Corporation) Microsoft 365 Apps para Grandes Empresas - pt-br (HKLM\...\O365ProPlusRetail - pt-br) (Version: 16.0.15128.20224 - Microsoft Corporation) Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 101.0.1210.47 - Microsoft Corporation) Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 101.0.1210.39 - Microsoft Corporation) Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 22.077.0410.0007 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{7B1FCD52-8F6B-4F12-A143-361EA39F5E7C}) (Version: 3.67.0.0 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.25.28508 (HKLM-x32\...\{6913e92a-b64e-41c9-a5e6-cef39207fe89}) (Version: 14.25.28508.3 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.24.28127 (HKLM-x32\...\{e31cb1a4-76b5-46a5-a084-3fa419e82201}) (Version: 14.24.28127.4 - Microsoft Corporation) Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation) Minecraft Launcher (HKLM-x32\...\{911FBC64-4C64-4B8F-A637-B34832638C86}) (Version: 1.0.0.0 - Mojang) Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.15128.20146 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.15128.20224 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0416-1000-0000000FF1CE}) (Version: 16.0.15128.20178 - Microsoft Corporation) Hidden OptaneDowngradeGuard (HKLM\...\{86B0E6C1-32E0-42CC-BC4F-BF3C0730CECB}) (Version: 18.0.0.0 - Intel Corporation) Hidden Qualcomm 11ac Wireless LAN&Bluetooth Installer (HKLM-x32\...\{E7086B15-806E-4519-A876-DBA9FDDE9A13}) (Version: 11.0.0.10527 - Qualcomm) Realtek Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9268.1 - Realtek Semiconductor Corp.) Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.19042.31267 - Realtek Semiconductor Corp.) RstDowngradeGuard (HKLM\...\{13C2A26E-7AD4-4D82-BB4F-DEA6E871B958}) (Version: 18.0.0.0 - Intel Corporation) Hidden SmartByte Drivers and Services (HKLM\...\{A0CDAD3D-0329-4E3E-8DC1-30E333D6564D}) (Version: 3.1.995 - Rivet Networks) Stremio (HKU\S-1-5-21-1378158352-3957057711-1579280521-1001\...\Stremio) (Version: 4.4.137 - Smart Code Ltd) Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.3.0.21759 - Microsoft Corporation) Windows PC Health Check (HKLM\...\{6798C408-2636-448C-8AC6-F4E341102D27}) (Version: 3.6.2204.08001 - Microsoft Corporation) WinRAR 6.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.01.0 - win.rar GmbH) Packages: ========= Dell CinemaColor -> C:\Program Files\WindowsApps\PortraitDisplays.DellCinemaColor_2.4.50.0_x64__2dgmkzkw4h30c [2022-04-30] (Portrait Displays) Dell Digital Delivery -> C:\Program Files\WindowsApps\DellInc.DellDigitalDelivery_4.0.92.0_x64__htrsf667h5kn2 [2021-10-06] (Dell Inc) Dell Mobile Connect 3.3 -> C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobileConnect_3.3.9809.0_x64__0vhbc3ng4wbp0 [2021-10-06] (Screenovate Technologies) [Startup Task] Dell Power Manager -> C:\Program Files\WindowsApps\DellInc.DellPowerManager_3.10.10.0_x64__htrsf667h5kn2 [2022-05-13] (Dell Inc) Dell Update -> C:\Program Files\WindowsApps\DellInc.DellUpdate_4.5.23.0_x86__htrsf667h5kn2 [2022-03-28] (Dell Inc) Dropbox promotion -> C:\Program Files\WindowsApps\C27EB4BA.DropboxOEM_20.4.8.0_x64__xbfy0k16fey96 [2022-04-25] (Dropbox Inc.) Intel® Graphics Command Center -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3408.0_x64__8j3eq9eme6ctt [2022-04-22] (INTEL CORP) [Startup Task] Intel® Optane™ Memory and Storage Management -> C:\Program Files\WindowsApps\AppUp.IntelOptaneMemoryandStorageManagement_18.1.1026.0_x64__8j3eq9eme6ctt [2022-04-05] (INTEL CORP) Minecraft Launcher -> C:\Program Files\WindowsApps\Microsoft.4297127D64EC6_1.1.15.0_x64__8wekyb3d8bbwe [2022-05-10] (Microsoft Studios) MPEG-2 Video Extension -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.50901.0_x64__8wekyb3d8bbwe [2022-05-05] (Microsoft Corporation) My Dell -> C:\Program Files\WindowsApps\DellInc.MyDell_2.0.30.0_x64__htrsf667h5kn2 [2022-04-17] (Dell Inc) Partner Promo -> C:\Program Files\WindowsApps\DellInc.PartnerPromo_1.0.21.0_x64__htrsf667h5kn2 [2020-12-25] (Dell Inc) Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-04-22] (Microsoft Corporation) SmartByte -> C:\Program Files\WindowsApps\RivetNetworks.SmartByte_3.1.1001.0_x64__rh07ty8m5nkag [2021-10-26] (Rivet Networks LLC) Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.185.895.0_x86__zpdnekdrzrea0 [2022-05-13] (Spotify AB) [Startup Task] Waves MaxxAudio Pro for Dell 2020 -> C:\Program Files\WindowsApps\WavesAudio.MaxxAudioProforDell2020_3.0.98.0_x64__fh4rh281wavaa [2021-07-01] (Waves Audio) ==================== Custom CLSID (Whitelisted): ============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-1378158352-3957057711-1579280521-1001_Classes\CLSID\{0BAD39CB-DD3E-4F21-9156-649B0156C28E}\localserver32 -> C:\Windows\System32\DriverStore\FileRepository\wavesapo9de.inf_amd64_d350b8504310bbf5\WavesSvc64.exe (Waves Inc -> Waves Audio Ltd.) CustomCLSID: HKU\S-1-5-21-1378158352-3957057711-1579280521-1001_Classes\CLSID\{74F5CC00-49A9-11CF-A2F9-444553540000}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD LT 2019\en-US\acadltficn.dll => No File ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\22.077.0410.0007\FileSyncShell64.dll [2022-05-03] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\22.077.0410.0007\FileSyncShell64.dll [2022-05-03] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\22.077.0410.0007\FileSyncShell64.dll [2022-05-03] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\22.077.0410.0007\FileSyncShell64.dll [2022-05-03] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\22.077.0410.0007\FileSyncShell64.dll [2022-05-03] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\22.077.0410.0007\FileSyncShell64.dll [2022-05-03] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\22.077.0410.0007\FileSyncShell64.dll [2022-05-03] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => C:\Windows\System32\DriverStore\FileRepository\iastorpinningcomponent.inf_amd64_ff8d0bd695f4bb2e\OptaneShellExt.dll [2022-02-07] (Intel Corporation -> ) ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\22.077.0410.0007\FileSyncShell64.dll [2022-05-03] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\22.077.0410.0007\FileSyncShell64.dll [2022-05-03] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\22.077.0410.0007\FileSyncShell64.dll [2022-05-03] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\22.077.0410.0007\FileSyncShell64.dll [2022-05-03] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\22.077.0410.0007\FileSyncShell64.dll [2022-05-03] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\22.077.0410.0007\FileSyncShell64.dll [2022-05-03] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\22.077.0410.0007\FileSyncShell64.dll [2022-05-03] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.077.0410.0007\FileSyncShell64.dll [2022-05-03] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-04-07] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-04-07] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-05-09] (Malwarebytes Inc. -> Malwarebytes) ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => C:\Windows\System32\DriverStore\FileRepository\iastorpinningcomponent.inf_amd64_ff8d0bd695f4bb2e\OptaneShellExt.dll [2022-02-07] (Intel Corporation -> ) ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.077.0410.0007\FileSyncShell64.dll [2022-05-03] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.077.0410.0007\FileSyncShell64.dll [2022-05-03] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-05-09] (Malwarebytes Inc. -> Malwarebytes) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-04-07] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-04-07] (win.rar GmbH -> Alexander Roshal) ==================== Codecs (Whitelisted) ==================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Drivers32-x32: [vidc.VP60] => C:\Windows\system32\vp6vfw.dll HKLM\...\Drivers32-x32: [vidc.VP61] => C:\Windows\system32\vp6vfw.dll ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) ShortcutWithArgument: C:\Users\dell\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\9501e18d7c2ab92e\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 2" ==================== Loaded Modules (Whitelisted) ============= 2022-04-21 19:40 - 2022-04-21 19:40 - 042859520 _____ (Intel Corporation) [File not signed] C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3408.0_x64__8j3eq9eme6ctt\IGCC.dll ==================== Alternate Data Streams (Whitelisted) ======== (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\ProgramData\Reprise:jhqduwvxlctbqqijsf`usjbm`bfjhjiiiio [0] ==================== Safe Mode (Whitelisted) ================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service" ==================== Association (Whitelisted) ================= (If an entry is included in the fixlist, the registry item will be restored to default or removed.) HKU\S-1-5-21-1378158352-3957057711-1579280521-1001\Software\Classes\.scr: AutoCADLTScriptFile => C:\Windows\system32\notepad.exe "%1" ==================== Internet Explorer (Whitelisted) ========== BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2022-04-05] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2022-03-03] (Microsoft Corporation -> Microsoft Corporation) Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-05-01] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-05-01] (Microsoft Corporation -> Microsoft Corporation) Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-05-01] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-05-01] (Microsoft Corporation -> Microsoft Corporation) Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-05-01] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-05-01] (Microsoft Corporation -> Microsoft Corporation) Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-05-01] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-05-01] (Microsoft Corporation -> Microsoft Corporation) ==================== Hosts content: ========================= (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2019-12-07 06:14 - 2019-12-07 06:12 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts ==================== Other Areas =========================== (Currently there is no automatic fix for this section.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> %INTEL_DEV_REDIST%redist\intel64\compiler;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\dotnet\ HKU\S-1-5-21-1378158352-3957057711-1579280521-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\dell\OneDrive\Imagens\papel de parede\Design sem nome (1).png DNS Servers: 177.73.96.10 - 8.8.8.8 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: ) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (If an entry is included in the fixlist, it will be removed.) HKLM\...\StartupApproved\Run32: => "Autodesk Desktop App" HKLM\...\StartupApproved\Run32: => "Autodesk Genuine Service " HKU\S-1-5-21-1378158352-3957057711-1579280521-1001\...\StartupApproved\StartupFolder: => "Enviar para o OneNote.lnk" HKU\S-1-5-21-1378158352-3957057711-1579280521-1001\...\StartupApproved\Run: => "Steam" HKU\S-1-5-21-1378158352-3957057711-1579280521-1001\...\StartupApproved\Run: => "Spotify" HKU\S-1-5-21-1378158352-3957057711-1579280521-1001\...\StartupApproved\Run: => "EpicGamesLauncher" ==================== FirewallRules (Whitelisted) ================ (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{F18F8ABD-15CC-499B-AB97-A9D846D06189}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{D74B3016-F09C-4E40-A297-280069DB5086}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{8FC33DCF-0ECA-4469-A6A9-0EACEF14F4DF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{A5CAC91B-51ED-4F22-8622-3BAC1950DF27}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{7FD4FE47-3ADA-4D0B-ADC3-C1A9FD2B89F5}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{0ECF46DF-9158-4AD1-8929-55B9FDFFE8C4}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [TCP Query User{45FC493E-AD62-4044-8E3B-F7630B9BF147}C:\program files (x86)\minecraft launcher\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe FirewallRules: [UDP Query User{5360BBA2-BA88-48AA-81AC-C08DC84C0011}C:\program files (x86)\minecraft launcher\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe FirewallRules: [TCP Query User{D27D107A-2C93-4633-A9A4-7D068B7BF358}C:\users\dell\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\dell\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [UDP Query User{8AB1489C-318B-4F59-B1DD-441D3D91D814}C:\users\dell\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\dell\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [TCP Query User{7FACF2F6-08B6-4BC5-BC42-86D6F110AAF5}C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe FirewallRules: [UDP Query User{21F30809-F060-401C-9085-A9B47E9EDEAD}C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe FirewallRules: [TCP Query User{D0CF3678-4463-4CCA-AD66-2DD4D0E63893}C:\users\dell\appdata\local\programs\lnv\stremio-4\stremio-runtime.exe] => (Allow) C:\users\dell\appdata\local\programs\lnv\stremio-4\stremio-runtime.exe (Stremio (Smart Code OOD) -> Stremio Runtime) [File not signed] FirewallRules: [UDP Query User{7520B047-E57E-4779-A2A5-90DCF3862CFD}C:\users\dell\appdata\local\programs\lnv\stremio-4\stremio-runtime.exe] => (Allow) C:\users\dell\appdata\local\programs\lnv\stremio-4\stremio-runtime.exe (Stremio (Smart Code OOD) -> Stremio Runtime) [File not signed] FirewallRules: [{4D573F9B-2BFF-403A-A88E-659945DD486E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe => No File FirewallRules: [{A0BC7354-3BC9-4146-B1A6-5CDBC6B9F045}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe => No File FirewallRules: [{4FA7D87A-2118-4DA0-8F13-237D0A54084D}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe => No File FirewallRules: [{347E861D-5CCB-4A53-8E0D-D57606FEAF96}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe => No File FirewallRules: [{48CAE855-B66A-4518-8306-98E54240206E}] => (Allow) C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobileConnect_3.3.9809.0_x64__0vhbc3ng4wbp0\app\DellMobileConnectClient.exe (SCREENOVATE TECHNOLOGIES LTD. -> Screenovate Technologies Ltd.) [File not signed] FirewallRules: [{33E85710-7A84-45E0-81E7-6E96F8BD1770}] => (Allow) C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobileConnect_3.3.9809.0_x64__0vhbc3ng4wbp0\app\DellMobileConnectClient.exe (SCREENOVATE TECHNOLOGIES LTD. -> Screenovate Technologies Ltd.) [File not signed] FirewallRules: [TCP Query User{08E20019-1565-49B3-AEC3-D4950570B2AA}C:\users\dell\.lunarclient\jre\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe] => (Allow) C:\users\dell\.lunarclient\jre\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe FirewallRules: [UDP Query User{154EEB9C-0EDB-4891-830F-ED41CD475FED}C:\users\dell\.lunarclient\jre\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe] => (Allow) C:\users\dell\.lunarclient\jre\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe FirewallRules: [TCP Query User{FD380F49-02B4-4C73-BEF5-5B579BCA3004}C:\program files (x86)\minecraft launcher\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe FirewallRules: [UDP Query User{3815D67A-00D4-4ED1-943E-7E0C773E2EED}C:\program files (x86)\minecraft launcher\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe FirewallRules: [TCP Query User{9EC4554E-D5BF-4104-90DA-E338D4B63475}C:\users\dell\.lunarclient\jre\1.18\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe] => (Allow) C:\users\dell\.lunarclient\jre\1.18\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe FirewallRules: [UDP Query User{10C5E7EE-B938-4250-8F3B-A92EEEE1AECD}C:\users\dell\.lunarclient\jre\1.18\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe] => (Allow) C:\users\dell\.lunarclient\jre\1.18\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe FirewallRules: [TCP Query User{B56FA749-23A9-407E-BB1F-535FCCD558CA}C:\users\dell\.lunarclient\jre\1.17\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe] => (Allow) C:\users\dell\.lunarclient\jre\1.17\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe FirewallRules: [UDP Query User{5A06C977-FF9E-4182-AD7C-802845377F66}C:\users\dell\.lunarclient\jre\1.17\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe] => (Allow) C:\users\dell\.lunarclient\jre\1.17\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe FirewallRules: [TCP Query User{DDF2EE69-9DB8-44D7-A317-E651448FE641}C:\users\dell\.lunarclient\jre\1.16\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe] => (Allow) C:\users\dell\.lunarclient\jre\1.16\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe FirewallRules: [UDP Query User{AC1E9ECE-8D82-4DBB-B772-B0DF1826A370}C:\users\dell\.lunarclient\jre\1.16\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe] => (Allow) C:\users\dell\.lunarclient\jre\1.16\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe FirewallRules: [TCP Query User{FBBD446E-DDB9-42C7-8A0F-91EC57A78EF5}C:\users\dell\.lunarclient\jre\1.8\zulu16.30.15-ca-fx-jre16.0.1-win_x64\bin\javaw.exe] => (Allow) C:\users\dell\.lunarclient\jre\1.8\zulu16.30.15-ca-fx-jre16.0.1-win_x64\bin\javaw.exe FirewallRules: [UDP Query User{D135DFE9-C03B-46C9-A7C1-4FD6B262A9B3}C:\users\dell\.lunarclient\jre\1.8\zulu16.30.15-ca-fx-jre16.0.1-win_x64\bin\javaw.exe] => (Allow) C:\users\dell\.lunarclient\jre\1.8\zulu16.30.15-ca-fx-jre16.0.1-win_x64\bin\javaw.exe FirewallRules: [{4DCC64B7-AD0D-4936-AA0C-03860E8CA8BE}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{F226846A-6AA6-4A1D-BA53-15EAF61F9785}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{DAE980EF-CDED-44CB-8F33-A5E6542AE1EF}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{B3917560-A5DE-4A79-BB9E-5CF765D90DF4}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe => No File FirewallRules: [TCP Query User{CE672DE0-A9BB-43B7-8ACB-9BA75DAA7040}C:\users\dell\.lunarclient\jre\1.18.2\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe] => (Allow) C:\users\dell\.lunarclient\jre\1.18.2\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe FirewallRules: [UDP Query User{8281D831-5143-4391-ABB1-E50E5E54B4EA}C:\users\dell\.lunarclient\jre\1.18.2\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe] => (Allow) C:\users\dell\.lunarclient\jre\1.18.2\zulu17.30.15-ca-fx-jre17.0.1-win_x64\bin\javaw.exe FirewallRules: [{AC339887-251D-44E7-A567-32FFE30A1913}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\101.0.1210.39\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{C32C1078-B527-4ADE-87E8-308CABB88CE3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.185.895.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{1582A1BF-D7F6-49DE-93DF-73771A85923D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.185.895.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{3430D016-F2FA-4B16-A0DB-120EA43C925D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.185.895.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{57BC97F8-031C-4888-8F4B-73D59C371721}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.185.895.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{52F1840A-9580-4613-BEBB-CCE62067AFEC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.185.895.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{B912B5AB-82EB-4DC8-89A5-0608A4EA5557}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.185.895.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{18946651-9823-4BE1-91FF-EA870CF29F07}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.185.895.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{10BC4A03-7E23-4ED0-BE49-800DC2B8C36D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.185.895.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{F67A81AF-826E-45CD-B049-272B1B52FD5E}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) ==================== Restore Points ========================= 15-05-2022 15:47:14 Scheduled Checkpoint ==================== Faulty Device Manager Devices ============ ==================== Event log errors: ======================== Application errors: ================== Error: (05/15/2022 03:11:41 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: ESETOnlineScanner.exe, version: 10.23.31.0, time stamp: 0x61e82da2 Faulting module name: WININET.dll, version: 11.0.19041.1566, time stamp: 0x58892bb7 Exception code: 0xc0000005 Fault offset: 0x00313278 Faulting process id: 0xa34 Faulting application start time: 0x01d8688737ca26a0 Faulting application path: C:\Users\dell\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe Faulting module path: C:\Windows\SYSTEM32\WININET.dll Report Id: 50b641c7-c7ca-4685-b9c1-77c8b9a05dd2 Faulting package full name: Faulting package-relative application ID: Error: (05/15/2022 03:09:33 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Volume Shadow Copy Service error: Unexpected error calling routine QueryFullProcessImageNameW. hr = 0x80070006, The handle is invalid. . Operation: Executing Asynchronous Operation Context: Current State: DoSnapshotSet Error: (05/15/2022 03:09:18 PM) (Source: VSS) (EventID: 8194) (User: ) Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied. . This is often caused by incorrect security settings in either the writer or requestor process. Operation: Gathering Writer Data Context: Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220} Writer Name: System Writer Writer Instance ID: {d5adf9ac-9fd3-4d4f-98f0-d4b00d0133ee} Error: (05/13/2022 04:07:49 PM) (Source: ESENT) (EventID: 411) (User: ) Description: qmgr.dll (12332,R,98) QmgrDatabaseInstance: The log version stamp of logfile C:\ProgramData\Microsoft\Network\Downloader\edb.log does not match the database engine version stamp. The logfiles may be the wrong version for the database. Error: (05/13/2022 04:07:49 PM) (Source: ESENT) (EventID: 547) (User: ) Description: qmgr.dll (12332,R,98) QmgrDatabaseInstance: The log generation (0x61) is too high (8.90.200) to be supported or replayed by this database engine (max supported 8.60.140). Error: (05/13/2022 04:07:22 PM) (Source: Windows Search Service) (EventID: 7010) (User: ) Description: The index cannot be initialized. Details: The specified object cannot be found. Specify the name of an existing object. (HRESULT : 0x80040d06) (0x80040d06) Error: (05/13/2022 04:07:22 PM) (Source: Windows Search Service) (EventID: 3058) (User: ) Description: The application cannot be initialized. Context: Windows Application Details: The specified object cannot be found. Specify the name of an existing object. (HRESULT : 0x80040d06) (0x80040d06) Error: (05/13/2022 04:07:22 PM) (Source: Windows Search Service) (EventID: 3028) (User: ) Description: The gatherer object cannot be initialized. Context: Windows Application, SystemIndex Catalog Details: The specified object cannot be found. Specify the name of an existing object. (HRESULT : 0x80040d06) (0x80040d06) System errors: ============= Error: (05/15/2022 03:19:47 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The eapihdrv service failed to start due to the following error: This driver has been blocked from loading Error: (05/15/2022 03:19:47 PM) (Source: Application Popup) (EventID: 1060) (User: ) Description: \??\C:\Users\dell\AppData\Local\Temp\ehdrv.sys Error: (05/15/2022 03:19:47 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The eapihdrv service failed to start due to the following error: This driver has been blocked from loading Error: (05/15/2022 03:19:47 PM) (Source: Application Popup) (EventID: 1060) (User: ) Description: \??\C:\Users\dell\AppData\Local\Temp\ehdrv.sys Error: (05/15/2022 03:19:47 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The eapihdrv service failed to start due to the following error: This driver has been blocked from loading Error: (05/15/2022 03:19:47 PM) (Source: Application Popup) (EventID: 1060) (User: ) Description: \??\C:\Users\dell\AppData\Local\Temp\ehdrv.sys Error: (05/15/2022 03:19:46 PM) (Source: Application Popup) (EventID: 1060) (User: ) Description: \??\C:\Users\dell\AppData\Local\Temp\ehdrv.sys Error: (05/15/2022 03:19:46 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The eapihdrv service failed to start due to the following error: This driver has been blocked from loading Windows Defender: ================ Date: 2022-05-13 10:26:01 Description: O exame do Microsoft Defender Antivirus foi interrompido antes da conclusão. ID do Exame: {5A631B0F-8D04-4DC5-A27E-3BB563AE329F} Tipo de Exame: Antimalware Parâmetros do Exame: Quick Scan Usuário: NT AUTHORITY\SYSTEM Date: 2022-05-11 16:17:46 Description: O exame do Microsoft Defender Antivirus foi interrompido antes da conclusão. ID do Exame: {89620B09-C04F-4A40-971D-581A35841FD5} Tipo de Exame: Antimalware Parâmetros do Exame: Quick Scan Usuário: NT AUTHORITY\SYSTEM Date: 2022-05-10 11:39:31 Description: O exame do Microsoft Defender Antivirus foi interrompido antes da conclusão. ID do Exame: {0800108B-8F0B-4E24-9B4A-467BDF84F2B1} Tipo de Exame: Antimalware Parâmetros do Exame: Quick Scan Usuário: NT AUTHORITY\SYSTEM Date: 2022-05-09 11:54:01 Description: O exame do Microsoft Defender Antivirus foi interrompido antes da conclusão. ID do Exame: {5BA62B70-A7E5-4B14-9585-19BB48ADC8CF} Tipo de Exame: Antimalware Parâmetros do Exame: Quick Scan Usuário: NT AUTHORITY\SYSTEM Date: 2022-05-07 21:56:58 Description: Microsoft Defender Antivirus detectou malware ou outro software potencialmente indesejado. Para obter mais informações, veja a seguir: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Sabsik.EN.B!ml&threatid=2147810992&enterprise=0 Nome: Trojan:Win32/Sabsik.EN.B!ml Gravidade: Severe Categoria: Trojan Caminho: file:_C:\Users\dell\AppData\Local\Temp\start.exe Origem da Detecção: Local machine Tipo da Detecção: FastPath Fonte da Detecção: Real-Time Protection Usuário: PC-GIOVANA\dell Nome do Processo: C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe Versão da Inteligência de Segurança: AV: 1.363.1577.0, AS: 1.363.1577.0, NIS: 1.363.1577.0 Versão do Mecanismo: AM: 1.1.19200.5, NIS: 1.1.19200.5 Event[0]: Date: 2022-05-13 16:06:58 Description: Microsoft Defender Antivirus encontrou um erro ao tentar carregar a inteligência de segurança e tentará reverter para uma versão válida. Tentativa de Inteligência de Segurança: Current Código de Erro: 0x80070003 Descrição do Erro: The system cannot find the path specified. Versão da Inteligência de Segurança: 0.0.0.0;0.0.0.0 Versão do Mecanismo: 0.0.0.0 Date: 2022-05-09 11:50:10 Description: Microsoft Defender Antivirus encontrou um erro ao tentar carregar um arquivo suspeito para análise posterior. Nome do Arquivo: C:\Recovery\OEM\DellSupport.wim Sha256: dc463e70c78ac28dfce6469af88eaee947006bae13df44e8cb12d8ffe6d07897 Versão da Inteligência de Segurança Atual: AV: 1.363.1657.0, AS: 1.363.1657.0 Versão Atual do Mecanismo: 1.1.19200.5 Código de Erro: 0x80508016 CodeIntegrity: =============== Date: 2022-05-15 15:36:11 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2022-05-15 15:10:08 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_36fb67bd6dbd887d\igd10iumd64.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Memory info =========================== BIOS: Dell Inc. 1.12.0 01/28/2022 Motherboard: Dell Inc. 0RYXFP Processor: 11th Gen Intel(R) Core(TM) i5-1135G7 @ 2.40GHz Percentage of memory in use: 48% Total physical RAM: 16106.79 MB Available physical RAM: 8270 MB Total Virtual: 18538.79 MB Available Virtual: 10538.4 MB ==================== Drives ================================ Drive c: (OS) (Fixed) (Total:220.58 GB) (Free:130.11 GB) (Protected) NTFS \\?\Volume{4fb74330-2bee-4e4b-bf9e-b4b3f984d006}\ (WINRETOOLS) (Fixed) (Total:0.97 GB) (Free:0.48 GB) NTFS \\?\Volume{90d3c70e-5d3c-4b25-a985-422a3c97c168}\ (Image) (Fixed) (Total:15.04 GB) (Free:0.17 GB) NTFS \\?\Volume{bdda221a-53ce-40e8-ace5-ca15d523a4d0}\ (DELLSUPPORT) (Fixed) (Total:1.52 GB) (Free:0.65 GB) NTFS \\?\Volume{ef22a638-f996-faa4-fb0b-9fa3c99fd8b5}\ () (Fixed) (Total:0.01 GB) (Free:0 GB) NTFS \\?\Volume{bd7b3bd3-d8ed-411a-9a4b-89b6372eec47}\ (ESP) (Fixed) (Total:0.24 GB) (Free:0.16 GB) FAT32 ==================== MBR & Partition Table ==================== ========================================================== Disk: 0 (Size: 238.5 GB) (Disk ID: 9CCD4928) Partition: GPT. Attempted reading MBR returned 0 bytes. Could not read MBR for disk 1. ==================== End of Addition.txt =======================