Resultado da análise adicional Farbar Recovery Scan Tool (x64) Versão: 24.01.2024 Executado por Icebrave (25-01-2024 09:51:52) Executando a partir de C:\Users\Net\Desktop Microsoft Windows 10 Pro Versão 22H2 19045.3996 (X64) (2023-12-16 18:23:59) Modo da Inicialização: Normal ========================================================== ==================== Contas: ============================= (Se uma entrada for incluída na fixlist, será removida.) Administrador (S-1-5-21-702104581-954937399-490591429-500 - Administrator - Disabled) Convidado (S-1-5-21-702104581-954937399-490591429-501 - Limited - Disabled) DefaultAccount (S-1-5-21-702104581-954937399-490591429-503 - Limited - Disabled) Icebrave (S-1-5-21-702104581-954937399-490591429-1002 - Administrator - Enabled) => C:\Users\Icebrave Net (S-1-5-21-702104581-954937399-490591429-1003 - Limited - Enabled) => C:\Users\Net WDAGUtilityAccount (S-1-5-21-702104581-954937399-490591429-504 - Limited - Disabled) ==================== Central de Segurança ======================== (Se uma entrada for incluída na fixlist, será removida.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Programas Instalados ====================== (Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.) Boilsoft Video Splitter 8.3.3 (HKU\S-1-5-21-702104581-954937399-490591429-1003\...\cfc26c2a-150b-5ef7-9bdf-a41433ec180c) (Version: 8.3.3 - ) CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.8.7128 - CDBurnerXP) Debut Video Capture Software (HKU\S-1-5-21-702104581-954937399-490591429-1003\...\Debut) (Version: 9.46 - NCH Software) Everything 1.4.1.1024 (x64) (HKLM\...\Everything) (Version: 1.4.1.1024 - voidtools) FastStone Image Viewer 7.8 (HKLM-x32\...\FastStone Image Viewer) (Version: 7.8 - FastStone Corporation) FormatFactory 5.16.0.0 (HKLM-x32\...\FormatFactory) (Version: 5.16.0.0 - Free Time) Foxit PDF Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 2023.3.0.23028 - Foxit Software Inc.) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 120.0.6099.225 - Google LLC) HandBrake 1.7.2 (HKLM-x32\...\HandBrake) (Version: 1.7.2 - ) HP DeskJet 2130 series Software básico do dispositivo (HKLM\...\{30135B68-7334-4D1B-8AB4-A79EF84ECDE1}) (Version: 40.15.1230.21319 - HP Inc.) HP Dropbox Plugin (HKLM-x32\...\{8533E879-3794-426D-96B1-B010B56B03F5}) (Version: 40.13.54.81239 - HP) HP Google Drive Plugin (HKLM-x32\...\{57E78C1A-6BCB-42E9-B3A5-54A05CA85E1C}) (Version: 40.13.54.81239 - HP) Infatica P2B Network (HKLM-x32\...\{C989163F-E0E5-4DE3-B7F5-46C77F411451}_is1) (Version: 1.1.4.0 - ) K-Lite Mega Codec Pack 18.0.0 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 18.0.0 - KLCP) Microsoft .NET Host - 6.0.25 (x64) (HKLM\...\{C7141A99-592B-4226-A4E9-B767C1D0FBAF}) (Version: 48.100.4028 - Microsoft Corporation) Hidden Microsoft .NET Host FX Resolver - 6.0.25 (x64) (HKLM\...\{AE86D888-1404-47CC-A7BB-8D86C0503E58}) (Version: 48.100.4028 - Microsoft Corporation) Hidden Microsoft .NET Runtime - 6.0.25 (x64) (HKLM\...\{3544B2EE-E62F-4D11-B79C-3DDEACE94DA5}) (Version: 48.100.4028 - Microsoft Corporation) Hidden Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 120.0.2210.144 - Microsoft Corporation) Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 120.0.2210.144 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-702104581-954937399-490591429-1002\...\OneDriveSetup.exe) (Version: 23.246.1127.0002 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-702104581-954937399-490591429-1003\...\OneDriveSetup.exe) (Version: 23.246.1127.0002 - Microsoft Corporation) Microsoft Windows Desktop Runtime - 6.0.25 (x64) (HKLM\...\{E016F2B9-01FE-4FAA-882E-ECC43FA49751}) (Version: 48.100.4037 - Microsoft Corporation) Hidden Microsoft Windows Desktop Runtime - 6.0.25 (x64) (HKLM-x32\...\{fb0500c1-f968-4621-a48b-985b52884c49}) (Version: 6.0.25.33020 - Microsoft Corporation) Mozilla Firefox (x64 pt-BR) (HKLM\...\Mozilla Firefox 122.0 (x64 pt-BR)) (Version: 122.0 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 115.5.2 - Mozilla) Mozilla Thunderbird (x64 pt-BR) (HKLM\...\Mozilla Thunderbird 115.6.1 (x64 pt-BR)) (Version: 115.6.1 - Mozilla) Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 8.6 - Notepad++ Team) PrivaZer (HKU\S-1-5-21-702104581-954937399-490591429-1003\...\PrivaZer) (Version: 4.0.81.0 - Goversoft LLC) qBittorrent (HKLM-x32\...\qBittorrent) (Version: 4.6.3 - The qBittorrent project) RadioSure (HKU\S-1-5-21-702104581-954937399-490591429-1003\...\RadioSure) (Version: - ) Revo Uninstaller 2.4.5 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.4.5 - VS Revo Group, Ltd.) Shotcut (HKLM\...\Shotcut) (Version: 22.12.21 - Meltytech, LLC) TechnoMage (HKLM-x32\...\TechnoMage) (Version: - ) Telegram Desktop (HKU\S-1-5-21-702104581-954937399-490591429-1003\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 4.14.4 - Telegram FZ-LLC) Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{7B63012A-4AC6-40C6-B6AF-B24A84359DD5}) (Version: 8.93.0.0 - Microsoft Corporation) WinRAR archiver (HKLM-x32\...\WinRAR archiver) (Version: - ) WPS Office (12.2.0.13359) (HKU\S-1-5-21-702104581-954937399-490591429-1002\...\Kingsoft Office) (Version: 12.2.0.13359 - Kingsoft Corp.) WPS Office (12.2.0.13431) (HKU\S-1-5-21-702104581-954937399-490591429-1003\...\Kingsoft Office) (Version: 12.2.0.13431 - Kingsoft Corp.) Zoom (HKU\S-1-5-21-702104581-954937399-490591429-1003\...\ZoomUMX) (Version: 5.17.1 (28914) - Zoom Video Communications, Inc.) Packages: ========= HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_151.1.1087.0_x64__v10z8vjag6ke6 [2024-01-08] (HP Inc.) Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.18.11020.0_x64__8wekyb3d8bbwe [2023-12-23] (Microsoft Studios) [MS Ad] ==================== Análise Personalizada CLSID (Whitelisted): ============== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) CustomCLSID: HKU\S-1-5-21-702104581-954937399-490591429-1002_Classes\CLSID\{28A80003-18FD-411D-B0A3-3C81F618E22B}\InprocServer32 -> C:\Users\Icebrave\AppData\Local\Kingsoft\WPS Office\12.2.0.13359\office6\kwpsmenushellext64.dll (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd) CustomCLSID: HKU\S-1-5-21-702104581-954937399-490591429-1002_Classes\CLSID\{7C360CF9-D475-44FC-8163-AD6C95CF5F5D}\InprocServer32 -> C:\Users\Net\AppData\Local\Kingsoft\WPS Office\12.2.0.13359\office6\kmso2pdfplugins64.dll => Nenhum Arquivo CustomCLSID: HKU\S-1-5-21-702104581-954937399-490591429-1003_Classes\CLSID\{1a46400f-4c81-802a-c2c1-1e9a687a9340}\localserver32 -> C:\Program Files\HandBrake\HandBrake.exe (HandBrake Team) [Arquivo não assinado] CustomCLSID: HKU\S-1-5-21-702104581-954937399-490591429-1003_Classes\CLSID\{28A80003-18FD-411D-B0A3-3C81F618E22B}\InprocServer32 -> C:\Users\Net\AppData\Local\Kingsoft\WPS Office\12.2.0.13431\office6\kwpsmenushellext64.dll (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd) CustomCLSID: HKU\S-1-5-21-702104581-954937399-490591429-1003_Classes\CLSID\{7C360CF9-D475-44FC-8163-AD6C95CF5F5D}\InprocServer32 -> C:\Users\Net\AppData\Local\Kingsoft\WPS Office\12.2.0.13359\office6\kmso2pdfplugins64.dll => Nenhum Arquivo CustomCLSID: HKU\S-1-5-21-702104581-954937399-490591429-1003_Classes\CLSID\{9ed26d04-bb53-4559-a405-a0245d494b44}\InprocServer32 -> C:\Program Files\Mozilla Thunderbird\notificationserver.dll => Nenhum Arquivo ContextMenuHandlers1: [FormatFactoryShell] -> {A3888923-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files\FormatFactory\ShellEx_108.dll [2023-07-21] (Free Time) [Arquivo não assinado] ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2008-06-20] () [Arquivo não assinado] ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2008-09-16] () [Arquivo não assinado] ContextMenuHandlers4: [FormatFactoryShell] -> {A3888923-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files\FormatFactory\ShellEx_108.dll [2023-07-21] (Free Time) [Arquivo não assinado] ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2008-06-20] () [Arquivo não assinado] ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2008-09-16] () [Arquivo não assinado] ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2008-06-20] () [Arquivo não assinado] ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2008-09-16] () [Arquivo não assinado] ContextMenuHandlers1_S-1-5-21-702104581-954937399-490591429-1002: [ kwpsshellext] -> {28A80003-18FD-411D-B0A3-3C81F618E22B} => C:\Users\Icebrave\AppData\Local\Kingsoft\WPS Office\12.2.0.13359\office6\kwpsmenushellext64.dll [2023-12-17] (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd) ContextMenuHandlers4_S-1-5-21-702104581-954937399-490591429-1002: [ kwpsshellext] -> {28A80003-18FD-411D-B0A3-3C81F618E22B} => C:\Users\Icebrave\AppData\Local\Kingsoft\WPS Office\12.2.0.13359\office6\kwpsmenushellext64.dll [2023-12-17] (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd) ContextMenuHandlers1_S-1-5-21-702104581-954937399-490591429-1003: [ kwpsshellext] -> {28A80003-18FD-411D-B0A3-3C81F618E22B} => C:\Users\Icebrave\AppData\Local\Kingsoft\WPS Office\12.2.0.13359\office6\kwpsmenushellext64.dll [2023-12-17] (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd) ContextMenuHandlers4_S-1-5-21-702104581-954937399-490591429-1003: [ kwpsshellext] -> {28A80003-18FD-411D-B0A3-3C81F618E22B} => C:\Users\Icebrave\AppData\Local\Kingsoft\WPS Office\12.2.0.13359\office6\kwpsmenushellext64.dll [2023-12-17] (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd) ==================== Codecs (Whitelisted) ==================== (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.) HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\system32\x264vfw64.dll [3799552 2017-07-30] (x264vfw project) [Arquivo não assinado] HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\system32\lagarith.dll [148992 2011-12-07] () [Arquivo não assinado] HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\system32\xvidvfw.dll [310784 2019-12-28] () [Arquivo não assinado] HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\system32\ac3acm.acm [180736 2012-07-21] (fccHandler) [Arquivo não assinado] HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\SysWOW64\x264vfw.dll [3850240 2017-07-30] (x264vfw project) [Arquivo não assinado] HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\SysWOW64\lagarith.dll [216064 2011-12-07] () [Arquivo não assinado] HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\SysWOW64\xvidvfw.dll [284160 2019-12-28] () [Arquivo não assinado] HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\SysWOW64\ac3acm.acm [122880 2012-07-21] (fccHandler) [Arquivo não assinado] ==================== Atalhos & WMI ======================== ==================== Módulos Carregados (Whitelisted) ============= 2023-12-17 10:31 - 2008-06-20 00:41 - 000062464 _____ () [Arquivo não assinado] C:\Program Files (x86)\WinRAR\rarext64.dll 2023-07-21 09:20 - 2023-07-21 09:20 - 000344064 _____ (Free Time) [Arquivo não assinado] C:\Program Files\FormatFactory\ShellEx_108.dll ==================== Alternate Data Streams (Whitelisted) ======== ==================== Modo de Segurança (Whitelisted) ================== ==================== Associação (Whitelisted) ================= ==================== Internet Explorer (Whitelisted) ========== Handler: mso-minsb-roaming.16 - Nenhum Valor CLSID Handler: mso-minsb.16 - Nenhum Valor CLSID Handler: osf-roaming.16 - Nenhum Valor CLSID Handler: osf.16 - Nenhum Valor CLSID ==================== Hosts Conteúdo: ========================= (Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.) 2019-12-07 06:14 - 2024-01-17 05:22 - 000000027 _____ C:\Windows\system32\drivers\etc\hosts 127.0.0.1 localhost ==================== Outras Áreas =========================== (Atualmente não há nenhuma correção automática para esta seção.) HKU\S-1-5-21-702104581-954937399-490591429-1002\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img2.jpg HKU\S-1-5-21-702104581-954937399-490591429-1003\Control Panel\Desktop\\Wallpaper -> DNS Servers: 181.213.132.6 - 181.213.132.7 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Firewall do Windows está habilitado. ==================== MSCONFIG/TASK MANAGER ítens desabilitados == (Se uma entrada for incluída na fixlist, será removida.) HKLM\...\StartupApproved\Run: => "SecurityHealth" HKLM\...\StartupApproved\Run32: => "TeamsMachineInstaller" HKLM\...\StartupApproved\Run32: => "TeamsMachineUninstallerLocalAppData" HKLM\...\StartupApproved\Run32: => "TeamsMachineUninstallerProgramData" HKU\S-1-5-21-702104581-954937399-490591429-1002\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_DE42051A7061B4E326E1FAAC622AFB84" HKU\S-1-5-21-702104581-954937399-490591429-1002\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-702104581-954937399-490591429-1002\...\StartupApproved\Run: => "com.squirrel.Teams.Teams" HKU\S-1-5-21-702104581-954937399-490591429-1003\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_4F469AB9D1336CB61BA9F80E8F2FF34A" HKU\S-1-5-21-702104581-954937399-490591429-1003\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-702104581-954937399-490591429-1003\...\StartupApproved\Run: => "com.squirrel.Teams.Teams" ==================== Regras do Firewall (Whitelisted) ================ (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) FirewallRules: [{9354F41F-CE9E-40B2-B496-D8F77F543E72}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{ECD57F3B-6C35-4B81-8A04-5F7B94AEF261}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{0AC9FBB3-AA69-440F-B89F-4B9263CC9B0B}] => (Allow) C:\Users\Net\AppData\Local\Kingsoft\WPS Office\12.2.0.13359\office6\wps.exe => Nenhum Arquivo FirewallRules: [{BE929A88-4ECB-407F-B05F-2E32C8E00C36}] => (Allow) C:\Users\Net\AppData\Local\Kingsoft\WPS Office\12.2.0.13359\office6\wpscloudsvr.exe => Nenhum Arquivo FirewallRules: [{B65D91CC-DC47-473F-9288-7ECC671493D6}] => (Allow) C:\Users\Net\AppData\Local\Kingsoft\WPS Office\12.2.0.13359\office6\promecefpluginhost.exe => Nenhum Arquivo FirewallRules: [{903536E5-925A-4C71-ABA0-56EC3B96D3D8}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe (The qBittorrent Project) [Arquivo não assinado] FirewallRules: [{8F1997F6-0D78-4DCA-B232-6E0B9CB675B7}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe (The qBittorrent Project) [Arquivo não assinado] FirewallRules: [{18E257FE-20BF-41D2-8155-1D584FA20E10}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.110.3218.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{647CDAA6-F9F7-4074-839C-9DF0B7A35C97}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.110.3218.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{2E7A89E0-811A-46B0-9A15-727EE08BD25A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.110.3218.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{69C3EA7D-9647-4D5F-9895-739EE48C21B6}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.110.3218.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{7056C802-9E87-43A5-88A6-81FD770A91EA}] => (Allow) C:\Program Files\FormatFactory\FormatFactory.exe (Free Time Software Technology Co., Ltd. -> Free Time Co., Ltd.) FirewallRules: [{CC08EF41-5A84-4988-8B5D-3964E7AD9813}] => (Allow) C:\Program Files\HP\HP DeskJet 2130 series\Bin\USBSetup.exe (HP Inc. -> HP Inc.) FirewallRules: [{D68557E5-1363-4609-BC52-DCFDEDC3D62A}] => (Allow) C:\Program Files\HP\HP DeskJet 2130 series\Bin\HPNetworkCommunicatorCom.exe (HP Inc. -> HP Inc.) FirewallRules: [{B9415BBD-E501-463F-9EED-A36A6ECE3923}] => (Allow) C:\Users\Icebrave\AppData\Local\Temp\7zS4C2F\HP.EasyStart.exe => Nenhum Arquivo FirewallRules: [{2EA5C0AF-013B-400E-BD3D-5C129EC63237}] => (Allow) C:\Program Files\FormatFactory\FormatFactory.exe (Free Time Software Technology Co., Ltd. -> Free Time Co., Ltd.) FirewallRules: [{D4F9A480-F007-44A8-B8AD-F9C6D6037FF5}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{44E7348A-F048-4702-A585-357A04421555}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\120.0.2210.144\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{6CD381A5-8DC3-4111-A0B9-2EE0EC406E89}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe (The qBittorrent Project) [Arquivo não assinado] FirewallRules: [{86241D30-0DC1-4561-BDFE-1CD610B7615A}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe (The qBittorrent Project) [Arquivo não assinado] ==================== Pontos de Restauração ========================= 17-01-2024 09:21:14 KpRm 20-01-2024 17:00:51 Revo Uninstaller's restore point - Vincular ao Celular 24-01-2024 11:50:39 Instalador de Módulos do Windows 24-01-2024 11:57:55 Instalador de Módulos do Windows ==================== Dispositivos Apresentando Falhas No Gerenciador ============ ==================== Erros no Log de eventos: ======================== Erros em Aplicativos: ================== Error: (01/25/2024 09:10:49 AM) (Source: VSS) (EventID: 8193) (User: ) Description: Erro do serviço de cópias de sombra de volume: erro inesperado ao chamar a rotina QueryFullProcessImageNameW. hr = 0x80070006, Identificador inválido.. Operação: Executando Operação Assíncrona Contexto: Estado Atual: DoSnapshotSet Error: (01/25/2024 09:09:40 AM) (Source: VSS) (EventID: 8193) (User: ) Description: Erro do serviço de cópias de sombra de volume: erro inesperado ao chamar a rotina QueryFullProcessImageNameW. hr = 0x8007001f, Um dispositivo conectado ao sistema não está funcionando.. Operação: Executando Operação Assíncrona Contexto: Estado Atual: DoSnapshotSet Error: (01/25/2024 09:02:21 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: MBAMService.exe, versão: 3.2.0.1269, carimbo de data/hora: 0x657105c6 Nome do módulo com falha: mbae-api-na.dll_unloaded, versão: 1.13.4.568, carimbo de data/hora: 0x657cb4e0 Código de exceção: 0xc0000005 Deslocamento da falha: 0x0000000000038b62 ID do processo com falha: 0x1128 Hora de início do aplicativo com falha: 0x01da4f84abdd598d Caminho do aplicativo com falha: C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe Caminho do módulo com falha: mbae-api-na.dll ID do Relatório: 2b208579-d5f7-4a66-a5cb-194029334110 Nome completo do pacote com falha: ID do aplicativo relativo ao pacote com falha: Error: (01/25/2024 09:01:40 AM) (Source: VSS) (EventID: 8193) (User: ) Description: Erro do serviço de cópias de sombra de volume: erro inesperado ao chamar a rotina QueryFullProcessImageNameW. hr = 0x80070006, Identificador inválido.. Operação: Executando Operação Assíncrona Contexto: Estado Atual: DoSnapshotSet Error: (01/25/2024 09:00:39 AM) (Source: VSS) (EventID: 8194) (User: ) Description: Erro do Serviço de Cópias de Sombra de Volume: erro inesperado ao consultar a interface IVssWriterCallback. hr = 0x80070005, Acesso negado..Muitas vezes, isso é causado por configurações de segurança incorretas no processo gravador ou solicitante. Operação: Obtendo Dados do Gravador Contexto: Id de Classe de Gravador: {e8132975-6f93-4464-a53e-1050253ae220} Nome do Gravador: System Writer ID de Instância de Gravador: {0f0635fd-010a-4ac1-acd4-a7130453fd12} Error: (01/22/2024 10:38:24 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: ) Description: Não foi possível concluir o otimizador de armazenamento otimizar novamente em Reservado pelo Sistema devido a: A operação solicitada não é compatível com o hardware que contém o volume. (0x8900002A) Error: (01/20/2024 05:25:07 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Erro do serviço de cópias de sombra de volume: erro inesperado ao chamar a rotina QueryFullProcessImageNameW. hr = 0x80070006, Identificador inválido.. Operação: Executando Operação Assíncrona Contexto: Estado Atual: DoSnapshotSet Error: (01/20/2024 05:23:56 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Erro do serviço de cópias de sombra de volume: erro inesperado ao chamar a rotina QueryFullProcessImageNameW. hr = 0x80070006, Identificador inválido.. Operação: Executando Operação Assíncrona Contexto: Estado Atual: DoSnapshotSet Erros de Sistema: ============= Error: (01/25/2024 11:17:36 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: O serviço Foxit PDF Reader Update Service foi encerrado inesperadamente. Isso aconteceu 1 vez(es). Error: (01/25/2024 11:17:36 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: O serviço AMD External Events Utility foi encerrado inesperadamente. Isso aconteceu 1 vez(es). Error: (01/22/2024 07:43:21 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: O desligamento do sistema que ocorreu às 11:35:54 do dia ‎22/‎01/‎2024 não era esperado. Error: (01/19/2024 07:48:14 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: AUTORIDADE NT) Description: Falha na Instalação: o Windows não pôde instalar a seguinte atualização com o erro 0x8024200b: 2024-01 Atualização de segurança do Windows 10 Version 22H2 para sistemas baseados em x64 (KB5034441). Error: (01/17/2024 05:20:54 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-NPVV5ON) Description: O servidor Microsoft.AAD.BrokerPlugin_1000.19041.3636.0_neutral_neutral_cw5n1h2txyewy!Windows.Security.Authentication.Web.Core.BackgroundGetTokenTask.ClassId.WebAccountProvider não se registrou no DCOM dentro do tempo limite necessário. Error: (01/17/2024 04:52:30 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: O serviço Windows Search foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 30000 milissegundos: Reiniciar o serviço. Error: (01/17/2024 04:52:30 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: O serviço Foxit PDF Reader Update Service foi encerrado inesperadamente. Isso aconteceu 1 vez(es). Error: (01/17/2024 04:52:30 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: O serviço AMD External Events Utility foi encerrado inesperadamente. Isso aconteceu 1 vez(es). Windows Defender: ================ Date: 2024-01-25 01:36:31 Description: O exame do Microsoft Defender Antivírus foi interrompido antes da conclusão. ID do Exame: {C9C74CA1-7460-4B0A-A1A7-7697EF683C2E} Tipo de Exame: Antimalware Parâmetros do Exame: Verificação Rápida Usuário: AUTORIDADE NT\SISTEMA Date: 2024-01-25 00:54:37 Description: O exame do Microsoft Defender Antivírus foi interrompido antes da conclusão. ID do Exame: {0F8AFD19-31B1-4303-A262-BD5E401E3A9B} Tipo de Exame: Antimalware Parâmetros do Exame: Verificação Rápida Usuário: AUTORIDADE NT\SISTEMA Date: 2024-01-25 00:41:22 Description: O exame do Microsoft Defender Antivírus foi interrompido antes da conclusão. ID do Exame: {252FA690-F826-46A6-A812-D2DAB041FECB} Tipo de Exame: Antimalware Parâmetros do Exame: Verificação Rápida Usuário: AUTORIDADE NT\SISTEMA Date: 2024-01-24 15:31:53 Description: O exame do Microsoft Defender Antivírus foi interrompido antes da conclusão. ID do Exame: {E7E21B49-E3BA-40FF-87F8-D2367AA171F7} Tipo de Exame: Antimalware Parâmetros do Exame: Verificação Rápida Usuário: AUTORIDADE NT\SISTEMA Date: 2024-01-24 13:47:52 Description: O exame do Microsoft Defender Antivírus foi interrompido antes da conclusão. ID do Exame: {15B87A95-E31D-4FB6-B49A-80AD43D71F16} Tipo de Exame: Antimalware Parâmetros do Exame: Verificação Rápida Usuário: AUTORIDADE NT\SISTEMA  CodeIntegrity: =============== Date: 2024-01-25 09:02:21 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system. Date: 2024-01-17 04:37:43 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\SystemSettings.DataModel.dll because the set of per-page image hashes could not be found on the system. Date: 2024-01-17 04:36:50 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Mozilla Firefox\firefox.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements. ==================== Informações da Memória =========================== BIOS: American Megatrends Inc. 0701 06/23/2014 placa-mãe: ASUSTeK COMPUTER INC. A58M-A/BR Processador: AMD A8-7650K Radeon R7, 10 Compute Cores 4C+6G Percentagem de memória em uso: 45% RAM física total: 7110.45 MB RAM física disponível: 3908.33 MB Virtual Total: 8262.45 MB Virtual disponível: 5138.72 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:540.12 GB) (Free:388.81 GB) (Model: ST31000524AS) NTFS Drive d: (Novo volume) (Fixed) (Total:292.96 GB) (Free:189.7 GB) (Model: ST31000524AS) exFAT Drive e: (Ventoy) (Removable) (Total:14.53 GB) (Free:0.92 GB) exFAT Drive g: (FILMES) (Removable) (Total:14.89 GB) (Free:9.34 GB) FAT32 \\?\Volume{759ddace-0000-0000-0000-100000000000}\ (Reservado pelo Sistema) (Fixed) (Total:0.57 GB) (Free:0.15 GB) NTFS \\?\Volume{bab8dd6f-af3f-11ee-b4d4-0862669877e8}\ (VTOYEFI) (Removable) (Total:0.03 GB) (Free:0 GB) FAT ==================== MBR & Tabela de Partições ==================== ========================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: 759DDACE) Partition 1: (Active) - (Size=579 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=540.1 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=97.9 GB) - (Type=0F Extended) Partition 4: (Not Active) - (Size=293 GB) - (Type=07 NTFS) ========================================================== Disk: 1 (Size: 14.9 GB) (Disk ID: 13443E16) Partition 1: (Not Active) - (Size=14.9 GB) - (Type=FAT32) ========================================================== Disk: 2 (Size: 14.6 GB) (Disk ID: 516D50C5) Partition 1: (Active) - (Size=14.5 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=32 MB) - (Type=EF) ==================== Fim de Addition.txt =======================