Resultado da Correção pela Farbar Recovery Scan Tool (x64) Versão: 11-12-2021 Executado por teste (23-12-2021 11:22:50) Run:2 Executando a partir de C:\Users\luize\Desktop Perfis Carregados: teste & testet & Administrador Modo da Inicialização: Normal ============================================== fixlist Conteúdo: ***************** closeprocesses: createrestorepoint: HKLM-x32\...\Run: [TeamsMachineUninstallerProgramData] => %ProgramData%\Microsoft\Teams\Update.exe --uninstall --msiUninstall --source=default (Nenhum Arquivo) HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restrição <==== ATENÇÃO ShortcutTarget: Enviar para o OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Nenhum Arquivo) GroupPolicy: Restrição ? <==== ATENÇÃO Policies: C:\ProgramData\NTUSER.pol: Restrição <==== ATENÇÃO HKLM\SOFTWARE\Policies\Google: Restrição <==== ATENÇÃO Task: {AFB89005-2B8B-4279-BC64-F6879E3690CA} - System32\Tasks\CareCenter\cmsc_Reg_HKLMWow6432Run => c:\program files (x86)\cmcm\Clean Master\cmtray.exe -autorun (Nenhum Arquivo) Task: {B73565F3-E73E-462B-B3F5-E4E07E8E6984} - System32\Tasks\App Explorer => C:\Users\luize\AppData\Local\Host App Service\Engine\HostAppServiceUpdater.exe [7822896 2021-12-15] (SweetLabs Inc. -> SweetLabs, Inc) <==== ATENÇÃO Task: {BCDBB474-F25E-4585-8834-CF1DBF626042} - System32\Tasks\CareCenter\SecurityHealth_Reg_HKLMRun => C:\Program Files\Windows Defender\MSASCuiL.exe (Nenhum Arquivo) App Explorer (HKU\S-1-5-21-2542068703-144574761-1523392838-1001\...\Host App Service) (Version: 0.273.4.369 - SweetLabs) <==== ATENÇÃO App Explorer (HKU\S-1-5-21-2542068703-144574761-1523392838-1004\...\Host App Service) (Version: 0.272.1.295 - SweetLabs) <==== ATENÇÃO App Explorer (HKU\S-1-5-21-2542068703-144574761-1523392838-500\...\Host App Service) (Version: 0.273.4.346 - SweetLabs) <==== ATENÇÃO ContextMenuHandlers1: [cm_64bit] -> {69E19770-EA24-49e2-B997-405EDBEF4C05} => -> Nenhum Arquivo ContextMenuHandlers2: [cm_64bit] -> {69E19770-EA24-49e2-B997-405EDBEF4C05} => -> Nenhum Arquivo ContextMenuHandlers4: [cm_64bit] -> {69E19770-EA24-49e2-B997-405EDBEF4C05} => -> Nenhum Arquivo ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => -> Nenhum Arquivo ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Nenhum Arquivo ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => -> Nenhum Arquivo IE trusted site: HKU\S-1-5-21-2542068703-144574761-1523392838-1001\...\webcompanion.com -> hxxp://webcompanion.com FF Plugin-x32: @tools.CryptoTab.com/CryptoTab Update;version=3 -> C:\Program Files (x86)\CryptoCompany\Update\1.3.99.31\npCryptoTabUpdate3.dll [Nenhum Arquivo] FF Plugin-x32: @tools.CryptoTab.com/CryptoTab Update;version=9 -> C:\Program Files (x86)\CryptoCompany\Update\1.3.99.31\npCryptoTabUpdate3.dll [Nenhum Arquivo] CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] CHR HKLM-x32\...\Chrome\Extension: [pbjikboenpfhbbejgkoklgkhjpfogcam] Emptytemp: ***************** Processos fechados com sucesso. Ponto de Restauração criado com sucesso. "HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\TeamsMachineUninstallerProgramData" => removido (a) com sucesso. HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removido (a) com sucesso. "C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE" => não encontrado (a) C:\WINDOWS\system32\GroupPolicy\Machine => movido com sucesso C:\WINDOWS\system32\GroupPolicy\GPT.ini => movido com sucesso C:\ProgramData\NTUSER.pol => movido com sucesso HKLM\SOFTWARE\Policies\Google => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{AFB89005-2B8B-4279-BC64-F6879E3690CA}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AFB89005-2B8B-4279-BC64-F6879E3690CA}" => removido (a) com sucesso. C:\WINDOWS\System32\Tasks\CareCenter\cmsc_Reg_HKLMWow6432Run => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CareCenter\cmsc_Reg_HKLMWow6432Run" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B73565F3-E73E-462B-B3F5-E4E07E8E6984}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B73565F3-E73E-462B-B3F5-E4E07E8E6984}" => removido (a) com sucesso. C:\WINDOWS\System32\Tasks\App Explorer => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\App Explorer" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{BCDBB474-F25E-4585-8834-CF1DBF626042}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BCDBB474-F25E-4585-8834-CF1DBF626042}" => removido (a) com sucesso. C:\WINDOWS\System32\Tasks\CareCenter\SecurityHealth_Reg_HKLMRun => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CareCenter\SecurityHealth_Reg_HKLMRun" => removido (a) com sucesso. App Explorer (HKU\S-1-5-21-2542068703-144574761-1523392838-1001\...\Host App Service) (Version: 0.273.4.369 - SweetLabs) <==== ATENÇÃO => Erro: Nenhuma correção automática foi encontrada para esta entrada. App Explorer (HKU\S-1-5-21-2542068703-144574761-1523392838-1004\...\Host App Service) (Version: 0.272.1.295 - SweetLabs) <==== ATENÇÃO => Erro: Nenhuma correção automática foi encontrada para esta entrada. App Explorer (HKU\S-1-5-21-2542068703-144574761-1523392838-500\...\Host App Service) (Version: 0.273.4.346 - SweetLabs) <==== ATENÇÃO => Erro: Nenhuma correção automática foi encontrada para esta entrada. HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\cm_64bit => removido (a) com sucesso. HKLM\Software\Classes\CLSID\{69E19770-EA24-49e2-B997-405EDBEF4C05} => removido (a) com sucesso. HKLM\Software\Classes\Drive\ShellEx\ContextMenuHandlers\cm_64bit => removido (a) com sucesso. HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\cm_64bit => removido (a) com sucesso. HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\PowerISO => removido (a) com sucesso. HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removido (a) com sucesso. HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\PowerISO => removido (a) com sucesso. HKU\S-1-5-21-2542068703-144574761-1523392838-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com => removido (a) com sucesso. HKLM\Software\Wow6432Node\MozillaPlugins\@tools.CryptoTab.com/CryptoTab Update;version=3 => removido (a) com sucesso. HKLM\Software\Wow6432Node\MozillaPlugins\@tools.CryptoTab.com/CryptoTab Update;version=9 => removido (a) com sucesso. HKLM\SOFTWARE\Google\Chrome\Extensions\iikflkcanblccfahdhdonehdalibjnif => removido (a) com sucesso. HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\efaidnbmnnnibpcajpcglclefindmkaj => removido (a) com sucesso. HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\iikflkcanblccfahdhdonehdalibjnif => removido (a) com sucesso. HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam => removido (a) com sucesso. =========== EmptyTemp: ========== BITS transfer queue => 0 B DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 207859793 B Java, Flash, Steam htmlcache => 378269169 B Windows/system/drivers => 3934151 B Edge => 0 B Chrome => 78173853 B Firefox => 131038813 B Opera => 437099448 B Temp, IE cache, history, cookies, recent: Default => 0 B ProgramData => 0 B Public => 0 B systemprofile => 0 B systemprofile32 => 63726 B LocalService => 178164 B NetworkService => 79825860 B luize => 497126914 B testet => 565422625 B Administrador => 686398819 B RecycleBin => 41617053601 B EmptyTemp: => 41.6 GB de dados temporários Removidos. ================================ O sistema precisou ser reiniciado. ==== Fim de Fixlog 11:51:49 ====