Resultado da análise adicional Farbar Recovery Scan Tool (x64) Versão: 27.01.2024 01
Executado por maaaj (31-01-2024 01:56:44)
Executando a partir de C:\Users\maaaj\Desktop
Microsoft Windows 10 Pro Versão 22H2 19045.3930 (X64) (2024-01-31 02:33:52)
Modo da Inicialização: Normal
==========================================================


==================== Contas: =============================


(Se uma entrada for incluída na fixlist, será removida.)

Administrador (S-1-5-21-417777439-1456399875-1852474602-500 - Administrator - Disabled)
Convidado (S-1-5-21-417777439-1456399875-1852474602-501 - Limited - Disabled)
DefaultAccount (S-1-5-21-417777439-1456399875-1852474602-503 - Limited - Disabled)
maaaj (S-1-5-21-417777439-1456399875-1852474602-1001 - Administrator - Enabled) => C:\Users\maaaj
WDAGUtilityAccount (S-1-5-21-417777439-1456399875-1852474602-504 - Limited - Disabled)

==================== Central de Segurança ========================

(Se uma entrada for incluída na fixlist, será removida.)

AV: Malwarebytes (Disabled - Up to date) {0D452135-A081-B000-D6B6-132E52638543}
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Programas Instalados ======================

(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)

Malwarebytes version 4.6.8.311 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.6.8.311 - Malwarebytes)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 121.0.2277.83 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 120.0.2210.144 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-417777439-1456399875-1852474602-1001\...\OneDriveSetup.exe) (Version: 21.220.1024.0005 - Microsoft Corporation)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9205.1 - Realtek Semiconductor Corp.)

Packages:
=========
Email e Calendário -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe [2024-01-30] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\microsoft.advertising.xaml_10.1808.3.0_x64__8wekyb3d8bbwe [2024-01-30] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.8204.0_x64__8wekyb3d8bbwe [2024-01-31] (Microsoft Studios) [MS Ad]
MSN Clima -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.25.20211.0_x64__8wekyb3d8bbwe [2024-01-31] (Microsoft Corporation) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.964.0_x64__56jybvy8sckqj [2024-01-31] (NVIDIA Corp.)
Skype -> C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.53.77.0_x64__kzf8qxf38zg5c [2024-01-31] (Skype)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.229.605.0_x64__zpdnekdrzrea0 [2024-01-31] (Spotify AB) [Startup Task]

==================== Análise Personalizada CLSID (Whitelisted): ==============

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2024-01-30] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvmdi.inf_amd64_a3a35b9b20ddd8f1\nvshext.dll [2024-01-18] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2024-01-30] (Malwarebytes Inc. -> Malwarebytes)

==================== Codecs (Whitelisted) ====================

==================== Atalhos & WMI ========================

==================== Módulos Carregados (Whitelisted) =============

==================== Alternate Data Streams (Whitelisted) ========

==================== Modo de Segurança (Whitelisted) ==================

(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Associação (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========


==================== Hosts Conteúdo: =========================

(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)

2019-12-07 06:14 - 2019-12-07 06:12 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Outras Áreas ===========================

(Atualmente não há nenhuma correção automática para esta seção.)

HKU\S-1-5-21-417777439-1456399875-1852474602-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 191.242.176.218 - 191.242.176.219
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Firewall do Windows está habilitado.

==================== MSCONFIG/TASK MANAGER ítens desabilitados ==

==================== Regras do Firewall (Whitelisted) ================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

FirewallRules: [{2D063534-36A3-42DE-90F9-16FD28BC752F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.229.605.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{FE1E5A7A-C582-4472-9F3E-FE2EEA0B2724}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.229.605.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{8FC810E3-712E-413C-9DDE-C40FD5F23B81}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.229.605.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{1E76FF58-464C-4804-9EED-AF457B82B41C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.229.605.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{AD99E8C9-4B67-4059-B4D7-59E28359A7D9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.229.605.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{B6EDC306-B537-4E3B-8AE1-9B259F4997FD}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.229.605.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{392E740F-2013-471C-AA27-23B4674D7638}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.229.605.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{30BEA88B-098A-43D0-B577-17A0FCC31EAD}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.229.605.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{B4D41620-AFC5-42F1-9E32-681000C15E6E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.229.605.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{E14C62E9-9C00-4EC3-9758-896662611535}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.229.605.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{F1AAE4F5-7DD7-4302-97C8-F075DB8F1CDE}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\120.0.2210.144\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Pontos de Restauração =========================

31-01-2024 01:34:18 ZHPcleaner

==================== Dispositivos Apresentando Falhas No Gerenciador ============


==================== Erros no Log de eventos: ========================

Erros em Aplicativos:
==================
Error: (01/31/2024 01:40:47 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Falha na Ativação de Licença (slui.exe). Código de erro:
hr=0x803F7001
Argumento de linha de comando:
RuleId=31e71c49-8da7-4a2f-ad92-45d98a1c79ba;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=4de7cb65-cdf1-4de9-8ae8-e3cce27b9f2c;NotificationInterval=1440;Trigger=UserLogon;SessionId=1

Error: (01/31/2024 01:40:34 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Falha na Ativação de Licença (slui.exe). Código de erro:
hr=0x803F7001
Argumento de linha de comando:
RuleId=31e71c49-8da7-4a2f-ad92-45d98a1c79ba;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=4de7cb65-cdf1-4de9-8ae8-e3cce27b9f2c;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (01/31/2024 01:40:34 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Falha na Ativação de Licença (slui.exe). Código de erro:
hr=0x803F7001
Argumento de linha de comando:
RuleId=31e71c49-8da7-4a2f-ad92-45d98a1c79ba;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=4de7cb65-cdf1-4de9-8ae8-e3cce27b9f2c;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (01/31/2024 01:38:31 AM) (Source: VSS) (EventID: 13) (User: )
Description: Informações sobre o Serviço de Cópias de Sombra de Volume: não é possível iniciar o Servidor COM com CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} e nome CEventSystem. [0x8007045b, O sistema está sendo desligado.]

Error: (01/31/2024 01:15:37 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: MBAMService.exe, versão: 3.2.0.1269, carimbo de data/hora: 0x657105c6
Nome do módulo com falha: mbae-api-na.dll_unloaded, versão: 1.13.4.568, carimbo de data/hora: 0x657cb4e0
Código de exceção: 0xc0000005
Deslocamento da falha: 0x0000000000038b62
ID do processo com falha: 0xf6c
Hora de início do aplicativo com falha: 0x01da53f5837a0f24
Caminho do aplicativo com falha: C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
Caminho do módulo com falha: mbae-api-na.dll
ID do Relatório: 620bae87-20c7-410a-9683-d74bc37871da
Nome completo do pacote com falha: 
ID do aplicativo relativo ao pacote com falha:

Error: (01/31/2024 12:29:44 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Falha na Ativação de Licença (slui.exe). Código de erro:
hr=0x803F7001
Argumento de linha de comando:
RuleId=31e71c49-8da7-4a2f-ad92-45d98a1c79ba;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=4de7cb65-cdf1-4de9-8ae8-e3cce27b9f2c;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (01/31/2024 12:29:43 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Falha na Ativação de Licença (slui.exe). Código de erro:
hr=0x803F7001
Argumento de linha de comando:
RuleId=31e71c49-8da7-4a2f-ad92-45d98a1c79ba;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=4de7cb65-cdf1-4de9-8ae8-e3cce27b9f2c;NotificationInterval=1440;Trigger=UserLogon;SessionId=1

Error: (01/30/2024 11:57:14 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Falha na Ativação de Licença (slui.exe). Código de erro:
hr=0x803F7001
Argumento de linha de comando:
RuleId=31e71c49-8da7-4a2f-ad92-45d98a1c79ba;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=4de7cb65-cdf1-4de9-8ae8-e3cce27b9f2c;NotificationInterval=1440;Trigger=NetworkAvailable


Erros de Sistema:
=============
Error: (01/31/2024 01:21:50 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço NVIDIA Display Container LS foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 6000 milissegundos: Reiniciar o serviço.

Error: (01/31/2024 12:27:32 AM) (Source: MEIx64) (EventID: 3) (User: )
Description: Intel(R) Management Engine Interface driver has failed to perform handshake with the Firmware.

Error: (01/31/2024 12:28:04 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: O desligamento do sistema que ocorreu às 21:31:42 do dia ‎30/‎01/‎2024 não era esperado.

Error: (01/31/2024 12:27:19 AM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 29) (User: AUTORIDADE NT)
Description: 3221226513Ocorrência de erro fatal em processamento de dados de restauração.

Error: (01/30/2024 11:34:03 PM) (Source: DCOM) (EventID: 10010) (User: AUTORIDADE NT)
Description: O servidor {E60687F7-01A1-40AA-86AC-DB1CBF673334} não se registrou no DCOM dentro do tempo limite necessário.

Error: (01/30/2024 09:27:27 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: O serviço Agente de Conexão de Rede terminou com o erro: 
Um dispositivo conectado ao sistema não está funcionando.

Error: (01/30/2024 09:27:26 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: O serviço Serviço da Lista de Redes terminou com o erro: 
O dispositivo não está pronto.

Error: (01/30/2024 09:27:26 PM) (Source: DCOM) (EventID: 10010) (User: AUTORIDADE NT)
Description: O servidor {A47979D2-C419-11D9-A5B4-001185AD2B89} não se registrou no DCOM dentro do tempo limite necessário.


CodeIntegrity:
===============
Date: 2024-01-31 01:15:41
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\SystemSettings.DataModel.dll because the set of per-page image hashes could not be found on the system.

Date: 2024-01-31 01:15:37
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.


==================== Informações da Memória =========================== 

BIOS: Intel Corp. HOH6110H.86A.0012.2012.0813.1515 08/13/2012
placa-mãe: Intel Corporation DH61HO
Processador: Intel(R) Core(TM) i5-3470S CPU @ 2.90GHz
Percentagem de memória em uso: 19%
RAM física total: 16370.59 MB
RAM física disponível: 13247.13 MB
Virtual Total: 19314.59 MB
Virtual disponível: 14893.39 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:454.55 GB) (Free:410.95 GB) (Model: ST500DM002-1BD142) NTFS

\\?\Volume{8f2181f7-0000-0000-0000-100000000000}\ () (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
\\?\Volume{8f2181f7-0000-0000-0000-90a971000000}\ () (Fixed) (Total:0.53 GB) (Free:0.08 GB) NTFS
\\?\Volume{8f2181f7-0000-0000-0000-803c74000000}\ () (Fixed) (Total:0.82 GB) (Free:0.34 GB) NTFS

==================== MBR & Tabela de Partições ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 8F2181F7)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=454.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=542 MB) - (Type=27)
Partition 4: (Not Active) - (Size=835 MB) - (Type=27)

==================== Fim de Addition.txt =======================