Resultado da análise adicional Farbar Recovery Scan Tool (x64) Versão: 21-05-2023 Executado por Leão de Judá (22-05-2023 10:27:31) Executando a partir de C:\Users\Leão de Judá\Desktop Microsoft Windows 11 Home Single Language Versão 22H2 22621.1702 (X64) (2023-05-19 17:45:33) Modo da Inicialização: Normal ========================================================== ==================== Contas: ============================= (Se uma entrada for incluída na fixlist, será removida.) Administrador (S-1-5-21-3369751713-1115460351-828220276-500 - Administrator - Disabled) Convidado (S-1-5-21-3369751713-1115460351-828220276-501 - Limited - Disabled) DefaultAccount (S-1-5-21-3369751713-1115460351-828220276-503 - Limited - Disabled) Leão de Judá (S-1-5-21-3369751713-1115460351-828220276-1001 - Administrator - Enabled) => C:\Users\Leão de Judá WDAGUtilityAccount (S-1-5-21-3369751713-1115460351-828220276-504 - Limited - Disabled) ==================== Central de Segurança ======================== (Se uma entrada for incluída na fixlist, será removida.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Kaspersky (Enabled - Up to date) {4F76F112-43EB-40E8-11D8-F7BD1853EA23} FW: Kaspersky (Enabled) {774D7037-0984-41B0-3A87-5E88E680AD58} ==================== Programas Instalados ====================== (Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.) Assistente de Instalação do Windows 11 (HKLM-x32\...\{115DF11E-4B4C-4EA9-9A79-00DB0C7EF02D}) (Version: 1.4.19041.2063 - Microsoft Corporation) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 113.0.5672.127 - Google LLC) Kaspersky (HKLM-x32\...\{E396C2E3-5292-33E9-949C-349C23D784D8}) (Version: 21.13.5.506 - Kaspersky) Hidden Kaspersky (HKLM-x32\...\InstallWIX_{E396C2E3-5292-33E9-949C-349C23D784D8}) (Version: 21.13.5.506 - Kaspersky) Kaspersky VPN (HKLM-x32\...\{4DC8ED2C-8DA1-3701-A234-66AF6EF1CEFF}) (Version: 21.13.5.506 - Kaspersky) Hidden Kaspersky VPN (HKLM-x32\...\InstallWIX_{4DC8ED2C-8DA1-3701-A234-66AF6EF1CEFF}) (Version: 21.13.5.506 - Kaspersky) Microsoft .NET Host - 6.0.10 (x86) (HKLM-x32\...\{3B28977C-9163-48A5-A08C-C01327E18AE2}) (Version: 48.43.48869 - Microsoft Corporation) Hidden Microsoft .NET Host FX Resolver - 6.0.10 (x86) (HKLM-x32\...\{EBD44C5E-F1AF-4955-AEDF-F15D06384A9C}) (Version: 48.43.48869 - Microsoft Corporation) Hidden Microsoft .NET Runtime - 6.0.10 (x86) (HKLM-x32\...\{98CA5A6B-4ECC-4E6D-BF18-6B20CBB6E5F4}) (Version: 48.43.48869 - Microsoft Corporation) Hidden Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 113.0.1774.50 - Microsoft Corporation) Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 113.0.1774.50 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{43D501A5-E5E3-46EC-8F33-9E15D2A2CBD5}) (Version: 5.70.0.0 - Microsoft Corporation) Microsoft Windows Desktop Runtime - 6.0.10 (x86) (HKLM-x32\...\{0F3E4057-E2BB-4114-A646-F143DB5CE4C9}) (Version: 48.43.48870 - Microsoft Corporation) Hidden Microsoft Windows Desktop Runtime - 6.0.10 (x86) (HKLM-x32\...\{9dd24b73-88e0-4f0f-882a-500e00d2bdef}) (Version: 6.0.10.31726 - Microsoft Corporation) NVIDIA Driver de gráficos 527.37 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 527.37 - NVIDIA Corporation) Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{C270D21B-2327-49B8-85F7-395133A93C75}) (Version: 8.92.0.0 - Microsoft Corporation) Verificação de integridade do PC Windows (HKLM\...\{2403B2D2-1FDC-497D-B181-F53D079FEAAA}) (Version: 3.6.2204.08001 - Microsoft Corporation) Packages: ========= Centro de controle Thunderbolt™ -> C:\Program Files\WindowsApps\appup.thunderboltcontrolcenter_1.0.36.0_x64__8j3eq9eme6ctt [2023-05-19] (INTEL CORP) Dell SupportAssist for Home PCs -> C:\Program Files\WindowsApps\dellinc.dellsupportassistforpcs_3.14.4.0_x64__htrsf667h5kn2 [2023-05-19] (Dell Inc) Extensão de Vídeo MPEG-2 -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.50901.0_x64__8wekyb3d8bbwe [2023-05-19] (Microsoft Corporation) Microsoft Whiteboard -> C:\Program Files\WindowsApps\Microsoft.Whiteboard_53.10126.517.0_x64__8wekyb3d8bbwe [2023-05-19] (Microsoft Corporation) ms-resource:app_name_ms_todo -> C:\Program Files\WindowsApps\Microsoft.Todos_2.96.61291.0_x64__8wekyb3d8bbwe [2023-05-19] (Microsoft Corporation) [Startup Task] ms-resource:AppStoreName -> C:\Program Files\WindowsApps\Microsoft.AV1VideoExtension_1.1.60961.0_x64__8wekyb3d8bbwe [2023-05-19] (Microsoft Corporation) ms-resource:System_Item_Title_IntelGraphicsControlPanel -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.4779.0_x64__8j3eq9eme6ctt [2023-05-19] (INTEL CORP) [Startup Task] NVIDIA Control Panel -> C:\Program Files\WindowsApps\nvidiacorp.nvidiacontrolpanel_8.1.964.0_x64__56jybvy8sckqj [2023-05-19] (NVIDIA Corp.) OneDrive -> C:\Program Files\WindowsApps\microsoft.microsoftskydrive_19.23.19.0_x64__8wekyb3d8bbwe [2023-05-19] (Microsoft Corporation) ShellEx Package -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.13\x64 [2023-05-19] (0) Waves MaxxAudio Pro for Dell 2020 -> C:\Program Files\WindowsApps\WavesAudio.MaxxAudioProforDell2020_3.0.98.0_x64__fh4rh281wavaa [2023-05-19] (Waves Audio) ==================== Análise Personalizada CLSID (Whitelisted): ============== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> Nenhum Arquivo ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> Nenhum Arquivo ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> Nenhum Arquivo ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> Nenhum Arquivo ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> Nenhum Arquivo ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> Nenhum Arquivo ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> Nenhum Arquivo ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> Nenhum Arquivo ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> Nenhum Arquivo ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> Nenhum Arquivo ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> Nenhum Arquivo ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> Nenhum Arquivo ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> Nenhum Arquivo ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> Nenhum Arquivo ContextMenuHandlers1: [Kaspersky Anti-Virus 21.13] -> {0E70CD47-F3F0-4C43-B347-796CF9B1F06C} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.13\x64\shellex.dll [2023-05-19] (Kaspersky Lab JSC -> AO Kaspersky Lab) ContextMenuHandlers2: [Kaspersky Anti-Virus 21.13] -> {0E70CD47-F3F0-4C43-B347-796CF9B1F06C} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.13\x64\shellex.dll [2023-05-19] (Kaspersky Lab JSC -> AO Kaspersky Lab) ContextMenuHandlers4: [Kaspersky Anti-Virus 21.13] -> {0E70CD47-F3F0-4C43-B347-796CF9B1F06C} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.13\x64\shellex.dll [2023-05-19] (Kaspersky Lab JSC -> AO Kaspersky Lab) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvdm.inf_amd64_008995e2454cd6de\nvshext.dll [2023-02-13] (Nvidia Corporation -> NVIDIA Corporation) ContextMenuHandlers6: [Kaspersky Anti-Virus 21.13] -> {0E70CD47-F3F0-4C43-B347-796CF9B1F06C} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.13\x64\shellex.dll [2023-05-19] (Kaspersky Lab JSC -> AO Kaspersky Lab) ==================== Codecs (Whitelisted) ==================== ==================== Atalhos & WMI ======================== ==================== Módulos Carregados (Whitelisted) ============= ==================== Alternate Data Streams (Whitelisted) ======== ==================== Modo de Segurança (Whitelisted) ================== ==================== Associação (Whitelisted) ================= ==================== Internet Explorer (Whitelisted) ========== ==================== Hosts Conteúdo: ========================= (Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.) 2023-05-19 04:05 - 2023-05-19 04:04 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts ==================== Outras Áreas =========================== (Atualmente não há nenhuma correção automática para esta seção.) HKU\S-1-5-21-3369751713-1115460351-828220276-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg DNS Servers: 179.233.128.22 - 179.233.128.17 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Firewall do Windows está habilitado. ==================== MSCONFIG/TASK MANAGER ítens desabilitados == (Se uma entrada for incluída na fixlist, será removida.) HKLM\...\StartupApproved\Run: => "WavesSvc" HKLM\...\StartupApproved\Run: => "RtkAudUService" HKU\S-1-5-21-3369751713-1115460351-828220276-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_3376729631545DF97C777909444A5AC3" ==================== Regras do Firewall (Whitelisted) ================ (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) FirewallRules: [{34F53D88-64E6-47B9-B44D-4A873D566391}] => (Allow) C:\Users\Leão de Judá\Downloads\AnyDesk.exe (philandro Software GmbH -> AnyDesk Software GmbH) FirewallRules: [{DF7CB0B1-B700-4AD4-9C7C-2A6D462AAE5C}] => (Allow) C:\Users\Leão de Judá\Downloads\AnyDesk.exe (philandro Software GmbH -> AnyDesk Software GmbH) FirewallRules: [{3C367206-728C-4380-BD8B-D258C4AB33A8}] => (Allow) C:\Users\Leão de Judá\Downloads\AnyDesk.exe (philandro Software GmbH -> AnyDesk Software GmbH) FirewallRules: [{2715ECAE-8DE4-46E9-B470-5872BAF1FFA8}] => (Allow) C:\Users\Leão de Judá\Downloads\AnyDesk.exe (philandro Software GmbH -> AnyDesk Software GmbH) FirewallRules: [{ADAFA426-94A7-4E38-BA25-1D02772D86B8}] => (Allow) C:\Users\Leão de Judá\Downloads\AnyDesk.exe (philandro Software GmbH -> AnyDesk Software GmbH) FirewallRules: [{9B5650FE-9673-4DCF-BE31-4D489CE9710F}] => (Allow) C:\Users\Leão de Judá\Downloads\AnyDesk.exe (philandro Software GmbH -> AnyDesk Software GmbH) FirewallRules: [{08A01F55-6EF6-456E-9969-88745E89CB01}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\113.0.1774.50\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{BE7E603C-748F-4F4D-B60D-9423CFEB8510}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{DAF9D747-CE63-420E-96F5-21EA1471EF4F}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_23091.406.2009.3890_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{D1A911A6-1B08-4D22-B6CE-13FFD189DBC5}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_23091.406.2009.3890_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation) ==================== Pontos de Restauração ========================= ATENÇÃO: A Restauração do Sistema está desabilitada (Total:465.71 GB) (Free:403.57 GB) (87%) ==================== Dispositivos Apresentando Falhas No Gerenciador ============ ==================== Erros no Log de eventos: ======================== Erros em Aplicativos: ================== Error: (05/22/2023 10:25:59 AM) (Source: Microsoft-Windows-Perflib) (EventID: 1017) (User: AUTORIDADE NT) Description: Coleta de dados de contador de desempenho desabilitada no serviço "Lsa" porque a biblioteca de contadores de desempenho desse serviço gerou um ou mais erros. Os erros que forçaram essa ação foram gravados no log de eventos do aplicativo. Corrija os erros antes de habilitar os contadores de desempenho para esse serviço. Error: (05/22/2023 10:25:59 AM) (Source: Microsoft-Windows-Perflib) (EventID: 1005) (User: AUTORIDADE NT) Description: A tentativa de localizar o procedimento Open "OpenLsaPerformanceData" na DLL "C:\Windows\System32\Secur32.dll" para o serviço "Lsa" falhou com o código de erro do Win32 127. Os dados de desempenho desse serviço não estarão disponíveis. Erros de Sistema: ============= Error: (05/19/2023 03:22:54 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: AUTORIDADE NT) Description: Falha na Instalação: o Windows não pôde instalar a seguinte atualização com o erro 0x8007139f: 9WZDNCRFJ3PT-MICROSOFT.ZUNEMUSIC. Error: (05/19/2023 03:22:38 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: AUTORIDADE NT) Description: Falha na Instalação: o Windows não pôde instalar a seguinte atualização com o erro 0x80073d02: 9MSSGKG348SP-MicrosoftWindows.Client.WebExperience. Error: (05/19/2023 02:40:56 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: O serviço Serviço da Lista de Redes terminou com o erro: O dispositivo não está pronto. Error: (05/19/2023 02:40:56 PM) (Source: DCOM) (EventID: 10010) (User: AUTORIDADE NT) Description: O servidor {A47979D2-C419-11D9-A5B4-001185AD2B89} não se registrou no DCOM dentro do tempo limite necessário. Error: (05/19/2023 02:40:56 PM) (Source: Service Control Manager) (EventID: 7030) (User: ) Description: O serviço Extensões e Notificações da Impressora está marcado como um serviço interativo. No entanto, o sistema está configurado para não permitir serviços interativos. Esse serviço pode não funcionar corretamente. Error: (05/19/2023 02:40:01 PM) (Source: Tcpip) (EventID: 4207) (User: ) Description: O interface TCP/IP IPv6 com índice 6 não pôde se associar ao provedor. Error: (05/19/2023 02:40:01 PM) (Source: Tcpip) (EventID: 4207) (User: ) Description: O interface TCP/IP IPv4 com índice 6 não pôde se associar ao provedor. Error: (05/19/2023 02:39:24 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: O serviço Intel(R) Dynamic Application Loader Host Interface Service depende do serviço Auxiliar de IP, mas não foi possível iniciá-lo devido ao seguinte erro: A operação foi concluída com êxito. CodeIntegrity: =============== Date: 2023-05-22 10:26:50 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky 21.13\x64\com_antivirus.dll that did not meet the Windows signing level requirements. ==================== Informações da Memória =========================== BIOS: Dell Inc. 1.22.0 03/14/2023 placa-mãe: Dell Inc. 0FJYHK Processador: 11th Gen Intel(R) Core(TM) i7-1165G7 @ 2.80GHz Percentagem de memória em uso: 49% RAM física total: 16106.79 MB RAM física disponível: 8093.98 MB Virtual Total: 19050.79 MB Virtual disponível: 10802.74 MB ==================== Drives ================================ Drive c: (OS) (Fixed) (Total:465.71 GB) (Free:403.57 GB) (Model: IM2P33F3A NVMe ADATA 512GB) (Protected) NTFS \\?\Volume{37cce710-d1e8-4005-b9d9-b233cfc0cff6}\ (WINRETOOLS) (Fixed) (Total:0.98 GB) (Free:0.23 GB) NTFS \\?\Volume{a8cf2531-a124-4ce7-911b-167df3b248cf}\ (Image) (Fixed) (Total:8.56 GB) (Free:2.97 GB) NTFS \\?\Volume{4196d75e-391d-47e5-9b65-528a22d4955f}\ (DELLSUPPORT) (Fixed) (Total:1.06 GB) (Free:0.18 GB) NTFS \\?\Volume{4a349ae3-faa1-43f4-833f-ba6accfce08c}\ (ESP) (Fixed) (Total:0.48 GB) (Free:0.43 GB) FAT32 ==================== MBR & Tabela de Partições ==================== ========================================================== Disk: 0 (Protective MBR) (Size: 476.9 GB) (Disk ID: 00000000) Partition: GPT. ==================== Fim de Addition.txt =======================