Conteúdo: Default Ardósia Uva Barbie Morango Pôr do sol Banana Folha Chocolate Madeira
Fundo: Default Ardósia Uva Barbie Morango Pôr do sol Banana Folha Chocolate Madeira
Desenho: Liso Onda Linha Retalho Madeira Rocha Couro Colméia Vertical Triângulo
Bem-vindo ao Fórum do BABOO!

Desde 2000 o Fórum do BABOO tem ajudado milhões de internautas de Windows a resolverem seus problemas e dúvidas, além de ajudar na remoção de vírus e malwares de seus computadores. Somos o único fórum brasileiro coordenado por um especialista com reconhecimento internacional pela sua competência em Windows, então se você tem uma dúvida ou problema que nenhum outro fórum resolve, poste-a aqui pois o MVP Babooadora desafios!
  

O Fórum do BABOO também conta com a participação exclusiva do administrador da área de Segurança MVP Mr.Million que tem reconhecimento internacional da Microsoft pelo seu incansável trabalho ajudando os internautas a remover vírus e malwares dos seus computadores. Se o seu computador está infectado por algum vírus, ele te ajudará a removê-lo!
  

Nosso time de especialistas também inclui Patropi  Osvaldomp  Caze  Ciro-Mota  XERLOUCO ROUMS  Tatha que responderão suas dúvidas sobre diversos assuntos.
 

Participe da nossa comunidade! 

 

Entre para seguir isso  
Seguidores 0
sergioloke

Como Separar Músicas de " Full Álbum " MP3 ??

8 posts neste tópico

Como Separar Músicas de " Full Álbum " MP3 ?? Alguém poderia me ajudar??

 

grato.

sergioloke

Compartilhar este post


Link para o post
Compartilhar em outros sites

Você está dizendo um arquivo só que tem um álbum inteiro? Se for basta baixar um programa de edição de áudio para ir salvando as partes das músicas em arquivos separados... 2.gif

Eu recomendo o Adobe Audition, é o mais prático na minha opnião, basta abrir o arquivo, selecionar com o mouse a parte que deseja gravar separada ir em File, depois clique em Save Selection As... 4.gif 4.gif

O programa é grandinho mas é muito bom... se quiser algo um pouco  mais profissional, pode até pegar o Sound Forge... 10.gif


24zdspi.png

Compartilhar este post


Link para o post
Compartilhar em outros sites

Pode usar o Audacity também, e é Freeware.  4.gif

 


Intel Core2Duo E8400 - Zalman CNPS 9300 AT - Asus P5B Deluxe WiFi/AP - 4GB DDR2 800 - EVGA 9600GT KO - Encore ENLTV - DVDRW LG H20N - Aerogate II & III- 80+120+320Gb Hard Drives - Audigy 2 - Velox 300/150 - CoolerMaster 460w - Chieftec CX-01 - Apc Back Ups ES 600 - Samsung 2232BW Plus 2ms - Status no MSN 56550af7-1eeb-4185-b032-e0437183f76c.png <BR>

Compartilhar este post


Link para o post
Compartilhar em outros sites

Data: 19/5/2005 como Separar Músicas de '' Full Álbum '' MP3 ?? Alguém poderia me ajudar??

Tem várias maneiras a mas facil é quando se vai passar essa MP3 para CD de Audio com o Nero é so usar a função dividir veja como aqui http://www.playsound.hpg.ig.com.br/nerodivide.htm

a outra já foi descrita acima mas para ficar mais facil, carrega o arquivo no seu editor de audio, eu uso mais o Cool Edit Pro , mas pode até ser o Nero Wave Edit ou Soud Forge,  selciona do final para o incio da ultima musica aí salva selecão, e deteta seleção, torna a fazer isso para cada faixa [musica] até salvar todas veja aqui mais dicas http://www.playsound.hpg.ig.com.br/cooleditedt.htm

 

 

 

 

 

 

 

 

 

Asus K8N * Sempron64 3K+ * DDR 1GB/400 * GeForce FX 6200 * Maxtor 160 Sata * GSA 4167B * Realteck AC97 * ENLTV FM * SyncMaster 17 * XP-SP2

Compartilhar este post


Link para o post
Compartilhar em outros sites

Data: 20/5/2005

Autor: cabece

Tem várias maneiras a mas facil é quando se vai passar essa MP3 para CD de Audio com o Nero é so usar a função dividir veja como aqui http://www.playsound.hpg.ig.com.br/nerodivide.htm

a outra já foi descrita acima mas para ficar mais facil, carrega o arquivo no seu editor de audio, eu uso mais o Cool Edit Pro , mas pode até ser o Nero Wave Edit ou Soud Forge,  selciona do final para o incio da ultima musica aí salva selecão, e deteta seleção, torna a fazer isso para cada faixa [musica] até salvar todas veja aqui mais dicas http://www.playsound.hpg.ig.com.br/cooleditedt.htm

 

O cool edit PRO é o Adobe Audition... ele mudou de nome, depois que a Adobe comprou virou Adobe Audition..


24zdspi.png

Compartilhar este post


Link para o post
Compartilhar em outros sites

Crie uma conta ou entre para comentar

Você precisar ser um membro para fazer um comentário

Criar uma conta

Quer postar a sua dúvida? Cadastre-se pois é rápido e fácil!


Crie uma nova conta

Entrar

Já tem uma conta? Faça o login.


Entrar Agora
Esse tópico é útil para você?
Então compartilhe e ajude outros internautas!
Entre para seguir isso  
Seguidores 0

  • Vídeos do BABOO no YouTube

  • Posts

    • Gostaria de saber se é possível remover a barra de progresso de cópia de arquivos no Windows 7. Ou seja, aquela barrinha verde que que fica na janela minimizada e que mostra o andamento da operação. Obs: É apenas a barra minimizada anexei a imagem com o progresso da cópia de arquivo apenas como exemplo.
    • Parece que resolveu meu problema. Qualquer coisa volto a postar aqui. Muito Obrigado Mr.Million pelo suporte.
    • Baixe o Malwarebytes Anti-Malware (MBAM) e salve ou imprima estas instruções: 1. Execute o MBAM e prossiga com a instalação até chegar na tela abaixo. Você deve desmarcar a opção Ativar trial gratuito do Malwarebytes Anti-Malware Pro  2. O programa de instalação será finalizado e o MBAM será executado e automaticamente atualizará o seu banco de dados. Enquanto ele faz isso, clique no menu Configurações > Detecção e proteção (à esquerda) e clique na opção Procurar rootkits. Verifique também se as duas opções mostradas abaixo estão ambas configuradas como Tratar detecções como malware: 3. Clique no menu Painel para voltar à tela principal e clique no botão Verificar. O MBAM iniciará a verificação de malwares no seu computador. Essa tarefa pode demorar bastante se houverem muitos arquivos. Aguarde a finalização de todos os processos. Se no final o MBAM detectou algum malware, inicialmente clique na opção Salvar resultados > escolha a opção Arquivo de texto (*.txt) > Salve o arquivo: Agora clique no botão Remover selecionados para as ameaças serem removidas.  Se o MBAM encontrar arquivos que não podem ser removidos, ele solicitará a reinicialização do computador (talvez mais de uma vez). Se isso acontecer, reinicie o computador imediatamente. 4. Agora abra o arquivo que você salvou no item anterior.  Selecione todo o conteúdo desse log (tecle CTRL+A), copie-o (CTRL+C) e cole-o (CTRL+V) na sua próxima resposta juntamente com um novo Log do HiJackThis .
    • Solicitação de Análise de Logs Já fiz todos os procedimentos solicitados no Tópico Oficial... - Barra de pesquisa direciona para sites estranhos
      - Quando entro no google e vou digitar a busca aparece uma barra secundária no topo da página
      - Utilizo o Windows 10 e vários programas nativos pararam de funcionar (aparece uma exclamação do lado). Já fiz a restauração do sistema e não adiantou.
      - Durante a navegação quando eu clico pra acessar algum link abre páginas completamente avulsas e propagandas ou redireciona a página que eu estava para outra.  Segue meu Log para exame:   Logfile of Trend Micro HijackThis v2.0.4
      Scan saved at 16:48:51, on 27/05/2017
      Platform: Unknown Windows (WinNT 6.02.1008)
      MSIE: Internet Explorer v11.0 (11.00.14393.0953)
      Boot mode: Normal Running processes:
      C:\PROGRA~2\GbPlugin\GbpSv.exe
      C:\Users\Vinicius\AppData\Roaming\BMelYB\IQcCQu.exe
      C:\Program Files (x86)\Bluestacks\HD-Agent.exe
      C:\Users\Vinicius\AppData\Local\background_fault\aswRD.exe
      C:\Program Files\AVAST Software\Avast\avastui.exe
      C:\Windows\SysWOW64\ctfmon.exe
      C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
      C:\Program Files (x86)\Dell Backup and Recovery\COMPONENTS\DBRUPDATE\DBRUPD.EXE
      C:\Program Files (x86)\Dell Backup and Recovery\TOASTER.EXE
      C:\Windows\SysWOW64\ctfmon.exe
      C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE
      C:\Users\Vinicius\Desktop\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.ourluckysites.com/?type=hp&ts=1492580316&z=74d8c66f66c14d5a68aa1c7g8z4t0o7wfbdedofw3t&from=che0812&uid=ST1000LM024XHN-M101MBB_S32SJ5CG314462314462
      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.ourluckysites.com/search/?type=ds&ts=1492580316&z=74d8c66f66c14d5a68aa1c7g8z4t0o7wfbdedofw3t&from=che0812&uid=ST1000LM024XHN-M101MBB_S32SJ5CG314462314462&q={searchTerms}
      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://br.yahoo.com/?fr=hp-avast&type=avastbcl
      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.ourluckysites.com/search/?type=ds&ts=1492580316&z=74d8c66f66c14d5a68aa1c7g8z4t0o7wfbdedofw3t&from=che0812&uid=ST1000LM024XHN-M101MBB_S32SJ5CG314462314462&q={searchTerms}
      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ourluckysites.com/?type=hp&ts=1492580316&z=74d8c66f66c14d5a68aa1c7g8z4t0o7wfbdedofw3t&from=che0812&uid=ST1000LM024XHN-M101MBB_S32SJ5CG314462314462
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.ourluckysites.com/?type=hp&ts=1492580316&z=74d8c66f66c14d5a68aa1c7g8z4t0o7wfbdedofw3t&from=che0812&uid=ST1000LM024XHN-M101MBB_S32SJ5CG314462314462
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.ourluckysites.com/search/?type=ds&ts=1492580316&z=74d8c66f66c14d5a68aa1c7g8z4t0o7wfbdedofw3t&from=che0812&uid=ST1000LM024XHN-M101MBB_S32SJ5CG314462314462&q={searchTerms}
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.ourluckysites.com/search/?type=ds&ts=1492580316&z=74d8c66f66c14d5a68aa1c7g8z4t0o7wfbdedofw3t&from=che0812&uid=ST1000LM024XHN-M101MBB_S32SJ5CG314462314462&q={searchTerms}
      R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ourluckysites.com/?type=hp&ts=1492580316&z=74d8c66f66c14d5a68aa1c7g8z4t0o7wfbdedofw3t&from=che0812&uid=ST1000LM024XHN-M101MBB_S32SJ5CG314462314462
      R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
      R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
      R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
      R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://none-stops.net/wpad.dat?adc2c82afbff8c524260a8ecc076198620105617
      R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
      F2 - REG:system.ini: UserInit=
      O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
      O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
      O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_73\bin\ssv.dll
      O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
      O2 - BHO: G-Buster Browser Defense - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\Program Files (x86)\GbPlugin\gbieh.dll
      O2 - BHO: G-Buster Browser Defense CEF - {C41A1C0E-EA6C-11D4-B1B8-444553540003} - C:\Program Files (x86)\GbPlugin\gbiehcef.dll
      O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_73\bin\jp2ssv.dll
      O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
      O4 - HKLM\..\Run: [DropboxOEM] "C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe" auto
      O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
      O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
      O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
      O4 - HKLM\..\Run: [IJNetworkScannerSelectorEX] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE
      O4 - HKLM\..\Run: [Adobe] C:\Users\Vinicius\AppData\Roaming\Adobe\color.vbe
      O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
      O4 - HKCU\..\Run: [OneDrive] "C:\Users\Vinicius\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
      O4 - HKCU\..\Run: [uTorrent] "C:\Users\Vinicius\AppData\Roaming\uTorrent\uTorrent.exe"  /MINIMIZED
      O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
      O4 - HKCU\..\Run: [D85D2348B46572DE] C:\Users\Vinicius\AppData\Roaming\BMelYB\IQcCQu.exe
      O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
      O4 - HKCU\..\Run: [BlueStacks Agent] C:\Program Files (x86)\Bluestacks\HD-Agent.exe
      O4 - HKCU\..\Run: [background_fault] "C:\Users\Vinicius\AppData\Local\background_fault\aswRD.exe" "C:\Users\Vinicius\AppData\Local\background_fault\bf.dll",background_fault_collector
      O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
      O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Vinicius\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Vinicius\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64"
      O4 - HKLM\..\Policies\Explorer\Run: [BtvStack] "C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe"
      O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'SERVIÇO LOCAL')
      O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'SERVIÇO DE REDE')
      O8 - Extra context menu item: &Enviar para o OneNote - res://C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll/105
      O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE/3000
      O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
      O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
      O9 - Extra button: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
      O9 - Extra 'Tools' menuitem: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
      O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
      O15 - Trusted Zone: http://www.bb.com.br
      O15 - Trusted Zone: http://www.caixa.gov.br
      O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
      O18 - Protocol: Windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
      O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
      O20 - Winlogon Notify:  GbPluginBb - C:\Program Files (x86)\GbPlugin\gbieh.dll
      O20 - Winlogon Notify:  GbPluginCef - C:\Program Files (x86)\GbPlugin\gbiehCef.dll
      O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe
      O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
      O23 - Service: BlueStacks Android Service  (BstHdAndroidSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\Bluestacks\HD-Service.exe
      O23 - Service: BlueStacks Log Rotator Service (BstHdLogRotatorSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\Bluestacks\HD-LogRotatorService.exe
      O23 - Service: BlueStacks Plus Android Service  (BstHdPlusAndroidSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\Bluestacks\HD-Plus-Service.exe
      O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
      O23 - Service: Dell Foundation Services - Dell - C:\Program Files\Dell\Dell Foundation Services\DFSSvc.exe
      O23 - Service: Dell Digital Delivery Service (DellDigitalDelivery) - Dell Products, LP. - C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
      O23 - Service: Dell Product Registration Manager (DellProdRegManager) - Aviata, Inc. - C:\Program Files (x86)\Dell Product Registration\regmgrsvc.exe
      O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
      O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
      O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
      O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
      O23 - Service: Update Service(FirefoxU) (FirefoxU) - Unknown owner - C:\Program Files (x86)\Firefox\bin\FirefoxUpdate.exe
      O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
      O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
      O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
      O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
      O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing)
      O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
      O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
      O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
      O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
      O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
      O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
      O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
      O23 - Service: Proteção de Tela de League (LolScreenSaverService) - Unknown owner - C:\Riot Games\LolScreenSaver\service\service.exe
      O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
      O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
      O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - CyberLink - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
      O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
      O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
      O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\Windows\System32\SensorDataService.exe (file missing)
      O23 - Service: SoftThinks Agent Service (SftService) - SoftThinks SAS - C:\Program Files (x86)\Dell Backup and Recovery\sftservice.exe
      O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
      O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
      O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\Windows\system32\TieringEngineService.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
      O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
      O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
      O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
      O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
      O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) --
      End of file - 14962 bytes
       

    • Zoek.exe v5.0.0.1 Updated 27-09-2015
      Tool run by Lucas on Sat 05/27/2017 at 16:00:55.78.
      Microsoft Windows 10 Pro 10.0.14393  x64
      Running in: Normal Mode No Internet Access Detected
      Launched: C:\Users\Lucas\Downloads\zoek.exe    [Scan all users] [Script inserted]  ==== System Restore Info ====================== 5/27/2017 4:02:21 PM Zoek.exe System Restore Point Created Successfully. ==== Reset Hosts File ====================== # Copyright (c) 1993-2006 Microsoft Corp. 

      # This is a sample HOSTS file used by Microsoft TCP/IP for Windows. 

      # This file contains the mappings of IP addresses to host names. Each 
      # entry should be kept on an individual line. The IP address should 
      # be placed in the first column followed by the corresponding host name. 
      # The IP address and the host name should be separated by at least one 
      # space. 

      # Additionally, comments (such as these) may be inserted on individual 
      # lines or following the machine name denoted by a '#' symbol. 

      # For example: 

      #      102.54.94.97     rhino.acme.com          # source server 
      #       38.25.63.10     x.acme.com              # x client host 
       
      127.0.0.1       localhost  ==== Empty Folders Check ====================== C:\PROGRA~2\Gigantic_en deleted successfully
      C:\PROGRA~2\Ubisoft deleted successfully
      C:\PROGRA~3\Adobe deleted successfully
      C:\PROGRA~3\Comms deleted successfully
      C:\PROGRA~3\SoftwareDistribution deleted successfully
      C:\Users\postgres\AppData\LocalLow deleted successfully
      C:\Users\Lucas\AppData\Local\ActiveSync deleted successfully
      C:\Users\Lucas\AppData\Local\Adobe deleted successfully
      C:\Users\Lucas\AppData\Local\NetworkTiles deleted successfully
      C:\Users\Lucas\AppData\Local\PeerDistRepub deleted successfully
      C:\Users\Lucas\AppData\Local\Ubisoft Game Launcher deleted successfully
      C:\Windows\serviceprofiles\networkservice\AppData\Local\Maps deleted successfully
      C:\Windows\serviceprofiles\networkservice\AppData\Local\PeerDistPub deleted successfully
      C:\Windows\serviceprofiles\networkservice\AppData\Local\PeerDistRepub deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-3263317907-2408547081-2500880260-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{A61A35E3-CADA-4E12-9203-4DCACC73BA19} deleted successfully ==== Deleting CLSID Registry Values ======================
      ==== Deleting Services ======================
      ==== FireFox Fix ====================== Deleted from C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\0ka5dy0j.default\prefs.js:
      user_pref("browser.startup.homepage", "about:home");
      user_pref("browser.search.defaultenginename", "YHS");
      user_pref("browser.search.selectedEngine", "YHS");
      user_pref("keyword.URL", true); Added to C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\0ka5dy0j.default\prefs.js:
      user_pref("browser.startup.homepage", "about:home");
      user_pref("browser.newtab.url", "about:newtab"); ProfilePath: C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\0ka5dy0j.default user.js not found
      ---- Lines Search  removed from prefs.js ----
      user_pref("browser.newtabpage.pinned", "[null,{\"url\":\"https://torrentz2.eu/\",\"title\":\"Torrent Search torrentz2\",\"frecency\":17810,\"lastVisit
      ---- FireFox user.js and prefs.js backups ----  prefs_20170527_0422_.backup ==== Deleting Files \ Folders ====================== C:\PROGRA~2\Gigantic_en not found
      C:\PROGRA~2\Ubisoft not found
      C:\Users\Lucas\AppData\Roaming\discord deleted
      C:\Users\Lucas\AppData\Roaming\Unity deleted
      C:\Users\Lucas\.android deleted
      C:\PROGRA~2\PokerOffice deleted
      C:\install.exe deleted
      C:\PROGRA~3\{0887FF4E-C52E-4C7E-9312-9A6BD34AC8DF} deleted
      C:\PROGRA~3\Package Cache deleted
      C:\Users\Lucas\AppData\Local\BTServer.log deleted
      C:\Users\Lucas\AppData\Local\Unity deleted
      C:\Windows\SysNative\config\systemprofile\AppData\Local\RtkBleServ.log deleted
      C:\Users\Lucas\AppData\LocalLow\Unity deleted
      C:\Windows\SysNative\GroupPolicy\Machine deleted
      C:\Windows\SysNative\GroupPolicy\User deleted
      C:\Windows\SysNative\GroupPolicy\GPT.INI deleted
      C:\Windows\Syswow64\GroupPolicy\gpt.ini deleted
      C:\Windows\Syswow64\SET26C.tmp deleted
      C:\Windows\Syswow64\SET2B4F.tmp deleted
      C:\Windows\Syswow64\SET2D4B.tmp deleted
      C:\Windows\Syswow64\SET3438.tmp deleted
      C:\Windows\Syswow64\SET42BC.tmp deleted
      C:\Windows\Syswow64\SET4457.tmp deleted
      C:\Windows\Syswow64\SET6E50.tmp deleted
      C:\Windows\Syswow64\SET7863.tmp deleted
      C:\Windows\Syswow64\SET8347.tmp deleted
      C:\Windows\Syswow64\SET9893.tmp deleted
      C:\Windows\Syswow64\SET9B9E.tmp deleted
      C:\Windows\Syswow64\SET9CDD.tmp deleted
      C:\Windows\Syswow64\SETA210.tmp deleted
      C:\Windows\Syswow64\SETBA76.tmp deleted
      C:\Windows\Syswow64\SETBB17.tmp deleted
      C:\Windows\Syswow64\SETCE3.tmp deleted
      C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\0ka5dy0j.default\extensions\firefox@mega.co.nz.xpi deleted
      "C:\Users\Lucas\AppData\Roaming\Albion" deleted ==== Firefox Start and Search pages ====================== ProfilePath: C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\0ka5dy0j.default
      user_pref("browser.startup.homepage", "about:home");
      user_pref("browser.newtab.url", "about:newtab"); ==== Firefox Extensions ====================== ProfilePath: C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\0ka5dy0j.default
      - Google Translator for Firefox - %ProfilePath%\extensions\translator@zoli.bod.xpi
      - Always on Top - %ProfilePath%\extensions\{E6C93316-271E-4b3d-8D7E-FE11B4350AEB}.xpi AppDir: C:\Program Files (x86)\Mozilla Firefox
      - Undetermined - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi ==== Firefox Plugins ====================== Profilepath: C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\0ka5dy0j.default
      80320392DCC61B22F0BB23DD5AD7D341    - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_171.dll -    Shockwave Flash
      D24D187FF3004EB238C2B4F84A86DCDE    - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL -    Microsoft Office 2016
      127E13DF136D1CD24B93044D0E45DF1F    - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npMeetingJoinPluginOC.dll -    Microsoft Office 2016
      ==== Chromium Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
      ccjleegmemocfpghkhpjmiccjcacackp - No path found[]
      ibbfklbaljofpaanmpaeadejijfdddco - No path found[] Chrome Cleaner Pro - Lucas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccjleegmemocfpghkhpjmiccjcacackp
      Grammarly for Chrome - Lucas\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen
      Chrome Media Router - Lucas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm ==== Chromium Fix ====================== C:\Users\Lucas\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage deleted successfully
      C:\Users\Lucas\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage-journal deleted successfully ==== Set IE to Default ====================== Old Values:
      [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
      "Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"
      [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
      "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
      [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] not found New Values:
      [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
      "Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"
      [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
      "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
      {012E1000-F331-11DB-8314-0800200C9A66} Google  Url="http://www.google.com/search?q={searchTerms}"
      {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
      {2f23ab71-4ac6-41f2-a955-ea576e553146} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02"
      {485CEA5E-5EB6-4D38-916B-C385F7F7D2E5} Google  Url="http://www.google.com/search?q={searchTerms}" ==== Reset Google Chrome ====================== C:\Users\Lucas\AppData\Local\Chromium\User Data\Default\Preferences was reset successfully
      C:\Users\Lucas\AppData\Local\Chromium\User Data\Default\Secure Preferences was reset successfully
      C:\Users\Lucas\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
      C:\Users\Lucas\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
      C:\Users\Lucas\AppData\Local\Popcorn-Time\User Data\Default\Preferences was reset successfully
      C:\Users\Lucas\AppData\Local\Popcorn-Time\User Data\Default\Secure Preferences was reset successfully
      C:\Users\Lucas\AppData\Local\Chromium\User Data\Default\Web Data was reset successfully
      C:\Users\Lucas\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
      C:\Users\Lucas\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully
      C:\Users\Lucas\AppData\Local\Popcorn-Time\User Data\Default\Web Data was reset successfully
      C:\Users\Lucas\AppData\Local\Popcorn-Time\User Data\Default\Web Data-journal was reset successfully ==== shortcuts on Users Desktops ====================== C:\Users\Lucas\Desktop\888poker.lnk - C:\Program Files (x86)\PacificPoker\bin\888poker.exe 
      C:\Users\Lucas\Desktop\AmpliTube 4.exe - Atalho.lnk - C:\Program Files (x86)\IK Multimedia\AmpliTube 4\AmpliTube 4.exe 
      C:\Users\Lucas\Desktop\Calculator.lnk -  
      C:\Users\Lucas\Desktop\Discord.lnk - C:\Users\Lucas\AppData\Local\Discord\Update.exe --processStart Discord.exe
      C:\Users\Lucas\Desktop\Documentos - Atalho.lnk - C:\Users\Lucas\Documents 
      C:\Users\Lucas\Desktop\Downloads - Atalho.lnk - C:\Users\Lucas\Downloads 
      C:\Users\Lucas\Desktop\Easy Macro Recorder.lnk - C:\Program Files (x86)\Easy Macro Recorder\Macro Recorder.exe 
      C:\Users\Lucas\Desktop\Freez Screen Video Capture.lnk - C:\Program Files (x86)\Smallvideosoft\Freez Screen Video Capture\videocapture.exe 
      C:\Users\Lucas\Desktop\Grammarly.lnk - C:\Users\Lucas\AppData\Local\GrammarlyForWindows\Update.exe --processStart GrammarlyForWindows.exe
      C:\Users\Lucas\Desktop\partypoker.lnk - C:\Programs\PartyGaming\PartyGaming.exe -P=PartyPoker
      C:\Users\Lucas\Desktop\PokerTracker 3.lnk - C:\Program Files (x86)\PokerTracker 3\PokerTracker.exe 
      C:\Users\Lucas\Desktop\Programas e Recursos - Atalho.lnk -  
      C:\Users\Lucas\Desktop\TechPowerUp GPU-Z.lnk - C:\Program Files (x86)\GPU-Z\GPU-Z.exe 
      C:\Users\Lucas\Desktop\Window On Top.lnk - C:\Program Files (x86)\Skybn\Window On Top\winTop.exe 
      C:\Users\Lucas\Desktop\Word 2016.lnk -  
      C:\Users\Lucas\Desktop\µTorrent.lnk -  
      C:\Users\Lucas\Desktop\jogos\8-Bit Armies.lnk - C:\Program Files (x86)\8-Bit Armies\ClientLauncherG.exe 
      C:\Users\Lucas\Desktop\jogos\AlbionOnline.lnk - C:\Program Files (x86)\AlbionOnline\launcher\AlbionLauncher.exe 
      C:\Users\Lucas\Desktop\jogos\Arc.lnk - C:\Program Files (x86)\Arc\ArcLauncher.exe 
      C:\Users\Lucas\Desktop\jogos\Battle.net.lnk - C:\Program Files (x86)\Battle.net\Battle.net Launcher.exe 
      C:\Users\Lucas\Desktop\jogos\Bethesda.net Launcher.lnk - C:\Program Files (x86)\Bethesda.net Launcher\BethesdaNetUpdater.exe 
      C:\Users\Lucas\Desktop\jogos\Cossacks 3.lnk - C:\Program Files (x86)\Cossacks 3\cossacks.exe 
      C:\Users\Lucas\Desktop\jogos\MirrorsEdgeCatalyst.exe - Atalho.lnk - C:\Program Files (x86)\Mirrors Edge Catalyst\Setup\MirrorsEdgeCatalyst.exe 
      C:\Users\Lucas\Desktop\jogos\Origin.lnk - C:\Program Files (x86)\Origin\Origin.exe 
      C:\Users\Lucas\Desktop\jogos\Shadow Tactics - Blades of the Shogun.lnk - C:\GOG Games\Shadow Tactics - Blades of the Shogun\Shadow Tactics.exe 
      C:\Users\Lucas\Desktop\jogos\Sid Meiers Civilization VI.lnk - C:\Program Files (x86)\Sid Meiers Civilization VI\Base\Binaries\Win64Steam\CivilizationVI.exe 
      C:\Users\Lucas\Desktop\jogos\StarCraft 2 - The Trilogy.lnk - C:\Games\StarCraft 2 - The Trilogy\StarCraft II Offline.exe 
      C:\Users\Lucas\Desktop\jogos\StarCraft II.lnk - C:\Program Files (x86)\StarCraft II\StarCraft II.exe 
      C:\Users\Lucas\Desktop\jogos\Steam.lnk - C:\Program Files (x86)\Steam\Steam.exe 
      C:\Users\Lucas\Desktop\jogos\Tyranny.lnk - C:\GOG Games\Tyranny\Tyranny.exe 
      C:\Users\Lucas\Desktop\jogos\World of Warplanes.lnk - C:\Games\World_of_Warplanes\WoWPLauncher.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\AmpliTube 3.lnk - C:\Program Files (x86)\IK Multimedia\AmpliTube 3\AmpliTube 3.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\Arduino.lnk - C:\Program Files (x86)\Arduino\arduino.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\Battle.net.lnk - C:\Program Files (x86)\Battle.net\Battle.net Launcher.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\Car Mechanic Simulator 2015.lnk - C:\Program Files (x86)\Car Mechanic Simulator 2015\cms2015.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\CPUID CPU-Z.lnk - C:\Program Files (x86)\CPUID\CPU-Z\cpuz.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\Custom Shop.lnk - C:\Program Files (x86)\IK Multimedia\Custom Shop\Custom Shop.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\EVE Online.lnk - C:\Program Files (x86)\CCP\EVE\eve.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\FIFA 16.lnk - C:\Program Files (x86)\Origin Games\FIFA 16\fifa16.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\Grey Goo.lnk - C:\Program Files (x86)\Grey Goo\ClientLauncherG.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\Guitar Pro 5.lnk - C:\Program Files (x86)\Guitar Pro 5\GP5.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\iTunes.lnk - C:\Program Files (x86)\iTunes\iTunes.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\Kerbal Space Program.lnk - C:\Games\Kerbal Space Program\Launcher.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\Linkrealms.lnk - C:\Program Files (x86)\Linkrealms\update.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\MiniLyrics.lnk - C:\Program Files (x86)\MiniLyrics\MiniLyrics.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\Movavi Video Editor 4.lnk - C:\Windows\Installer\{95B7C0F4-7434-4DFB-B900-201BFC00C00B}\NewShortcut41_254AB2CD520A4C819BDF86ADC896D541.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\Oracle VM VirtualBox.lnk - C:\Program Files (x86)\Oracle\VirtualBox\VirtualBox.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\RealPlayer Cloud.lnk - C:\Program Files (x86)\Real\RealPlayer\realplay.exe /launch:desktop
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\Rocket League.lnk - C:\Program Files (x86)\rocketleague\Binaries\Win32\RocketLeague.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\Skype.lnk - C:\Windows\Installer\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}\SkypeIcon.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\Spaera.lnk - C:\Program Files (x86)\Blazing Orb\Spaera\SpaeraRunner.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\Super HUD.lnk - C:\Program Files (x86)\Poker Pro Labs\Super HUD\SuperHUD.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\The Witcher 3 Wild Hunt.lnk - C:\Program Files (x86)\The Witcher 3 Wild Hunt\bin\x64\witcher3.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\VMware Workstation.lnk - C:\Program Files (x86)\VMware\VMware Workstation\vmware.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\ZHPCleaner.lnk - C:\Users\Lucas\AppData\Roaming\ZHP\ZHPCleaner.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\jogos\Archeage.lnk - C:\Program Files (x86)\Glyph\GlyphClient.exe  -game 120
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\jogos\FIFA 15.lnk - C:\Program Files (x86)\Origin Games\FIFA 15\fifa15.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\jogos\Glyph.lnk - C:\Program Files (x86)\Glyph\GlyphClient.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\jogos\Heroes of the Storm.lnk - C:\Program Files (x86)\Heroes of the Storm\Heroes of the Storm.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\jogos\Middle Earth - Shadow of Mordor.lnk - C:\Program Files (x86)\R.G. Mechanics\Middle Earth - Shadow of Mordor\x64\ShadowOfMordor.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\jogos\Origin.lnk - C:\Program Files (x86)\Origin\Origin.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\jogos\Rocksmith 2014 (Without Real Tone Cable).lnk - C:\Program Files (x86)\Ubisoft\Rocksmith 2014\rocksmith2014-nocable-loader.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\jogos\Rocksmith 2014.lnk - C:\Program Files (x86)\Ubisoft\Rocksmith 2014\Rocksmith2014.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\jogos\Scrolls.lnk - C:\Program Files (x86)\Scrolls\ScrollsLauncher.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\jogos\Sid Meiers Civilization Beyond Earth.lnk - C:\Program Files (x86)\Sid Meiers Civilization Beyond Earth\CivilizationBe_DX11.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\jogos\Sniper Elite 3.lnk - C:\Program Files (x86)\Sniper Elite 3\Launcher\Sniper3Launcher.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\jogos\Steam.lnk - C:\Program Files (x86)\Steam\Steam.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\jogos\Stronghold 3 x64.lnk - C:\Program Files (x86)\Firefly Studios\Stronghold 3\bin\win32_release\Stronghold3.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\jogos\Stronghold Crusader 2.lnk - C:\Program Files (x86)\Stronghold Crusader 2\bin\win32_release\Crusader2.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\jogos\The Wolf Among Us.lnk - C:\Program Files (x86)\R.G. Mechanics\The Wolf Among Us\TheWolfAmongUs.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\jogos\Total War - Rome II.lnk - C:\Program Files (x86)\R.G. Mechanics\Total War - Rome II\Rome2.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\jogos\XSplit Gamecaster.lnk - C:\Program Files (x86)\SplitmediaLabs\XSplit Gamecaster\XSplit.Gamecaster.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\pendrive 1 semestre 2015\tcc\Material Bancada\Foguete\SolidWorks Bancada\2013\0002_Bancada_0000 - Shortcut.lnk - C:\Users\Lucas\Dropbox\0002_Bancada_0000 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\poker\888poker.lnk - C:\Program Files (x86)\PacificPoker\bin\888poker.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\poker\NetBet Poker.lnk - C:\Program Files (x86)\NetBet Poker\casino.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\poker\nj.partypoker.lnk - C:\Programs\partyNJ\partyNJ.exe -P=partypokerNJ
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\poker\Titan Poker.lnk - C:\Program Files (x86)\Titan Poker\casino.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\poker\Winner Poker.lnk - C:\Program Files (x86)\Winner Poker\casino.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\poker\programas\ICM Trainer.lnk - C:\Windows\Installer\{47EA4DDF-FD99-46B3-846C-9F3F315268AD}\_ECF5B0A15121D905E30873.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\poker\programas\PokerStrategy.com Equilab.lnk - C:\Program Files (x86)\PokerStrategy.com\PokerStrategy.com Equilab\Equilab.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\puc\Circuit Wizard 2 Student Edition.lnk - C:\Program Files (x86)\New Wave Concepts\Circuit Wizard 2 SE\CktWiz.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\puc\OPPE 3.2  .lnk - C:\Program Files (x86)\HI_tecnologia\Spdsw_Pack\3.2\INST_1\OPPE\Oppe.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\puc\OPPE 3.3  .lnk - C:\Program Files (x86)\HI_tecnologia\Spdsw_Pack\3.3\INST_1\OPPE\Oppe.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\puc\PSIM 10 Demo.lnk - C:\Program Files (x86)\Powersim\PSIM10.0.2_Demo\PSIM.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\puc\SPDSW 3.2  .lnk - C:\Program Files (x86)\HI_tecnologia\Spdsw_Pack\3.2\INST_1\SPDSW\spdsw.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\puc\SPDSW 3.3  .lnk - C:\Program Files (x86)\HI_tecnologia\Spdsw_Pack\3.3\INST_1\SPDSW\spdsw.exe 
      C:\Users\Lucas\Desktop\poker\888poker.lnk - C:\Program Files (x86)\PacificPoker\bin\888poker.exe 
      C:\Users\Lucas\Desktop\poker\partypoker.lnk - C:\Programs\PartyGaming\PartyGaming.exe -P=PartyPoker
      C:\Users\Lucas\Desktop\poker\Winner Poker.lnk - C:\Users\Lucas\AppData\Local\Winner Poker\casino.exe  ==== shortcuts on All Users Desktop ====================== C:\Users\Public\Desktop\BS.Player FREE.lnk - C:\Program Files (x86)\Webteh\BSPlayer\bsplayer.exe 
      C:\Users\Public\Desktop\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner64.exe 
      C:\Users\Public\Desktop\Comprar suprimentos - HP Deskjet 2540 series.lnk - C:\Program Files (x86)\HP\HP Deskjet 2540 series\Bin\hpqDTSS.exe 
      C:\Users\Public\Desktop\CPUID CPU-Z.lnk - C:\Program Files\CPUID\CPU-Z\cpuz.exe 
      C:\Users\Public\Desktop\DAEMON Tools Pro.lnk - C:\Program Files\DAEMON Tools Pro\DTPro.exe 
      C:\Users\Public\Desktop\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 
      C:\Users\Public\Desktop\HP Deskjet 2540 series.lnk - C:\Program Files (x86)\HP\HP Deskjet 2540 series\Bin\HP Deskjet 2540 series.exe -Start UDCDevicePage
      C:\Users\Public\Desktop\Intel(R) HD Graphics Control Panel.lnk - C:\Windows\system32\GfxUIEx.exe 
      C:\Users\Public\Desktop\iTunes.lnk - C:\Program Files (x86)\iTunes\iTunes.exe 
      C:\Users\Public\Desktop\Malwarebytes.lnk - C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe 
      C:\Users\Public\Desktop\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe 
      C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk - C:\Program Files (x86)\Oracle\VirtualBox\VirtualBox.exe 
      C:\Users\Public\Desktop\Razer Cortex.lnk - C:\Program Files (x86)\Razer\Razer Cortex\CortexLauncher.exe 
      C:\Users\Public\Desktop\SharpKeys.lnk - C:\Windows\Installer\{636E94DA-99C0-448F-A931-3DAD83B4975F}\_F33C5543CA54DFFA237A37.exe 
      C:\Users\Public\Desktop\Smart View.lnk - C:\Windows\Installer\{99D9BA8C-AA54-48FC-B782-F7C506CF1ECC}\SmartView2.exe 
      C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk - C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe 
      C:\Users\Public\Desktop\Unity 5.4.1f1 (64-bit).lnk - C:\Program Files\Unity\Editor\Unity.exe 
      C:\Users\Public\Desktop\VLC media player.lnk - C:\Program Files (x86)\VideoLAN\VLC\vlc.exe 
      C:\Users\Public\Desktop\XM MT4.lnk - C:\Program Files (x86)\XM MT4\terminal.exe  ==== shortcuts in Users Start Menu ====================== C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\888poker.lnk - C:\Program Files (x86)\PacificPoker\bin\888poker.exe 
      C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Winner Poker.lnk - C:\Users\Lucas\AppData\Local\Winner Poker\casino.exe 
      C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk - C:\Users\Lucas\AppData\Local\Microsoft\OneDrive\OneDrive.exe 
      C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Recursos Opcionais.lnk - C:\Windows\System32\fodhelper.exe 
      C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Update and Privacy Settings.lnk - C:\Windows\System32\UNP\UNPUXHost.exe 
      C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe 
      C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Albion Online\AlbionOnline.lnk - C:\Program Files (x86)\AlbionOnline\launcher\AlbionLauncher.exe 
      C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Albion Online\Uninstall.lnk - C:\Program Files (x86)\AlbionOnline\uninstall.exe 
      C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\KeyTweak\KeyTweak Manual.lnk - C:\Users\Lucas\AppData\Local\VirtualStore\Program Files (x86)\KeyTweak\KeyTweak Manual.pdf 
      C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\KeyTweak\Uninstall.lnk - C:\Program Files (x86)\KeyTweak\uninstall.exe 
      C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PokerTracker 3\PokerTracker 3.lnk - C:\Program Files (x86)\PokerTracker 3\PokerTracker.exe 
      C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PokerTracker 3\Uninstall PokerTracker 3.lnk - C:\Program Files (x86)\PokerTracker 3\uninstall.exe 
      C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PokerTracker 4\PokerTracker 4 (Logging Enabled).lnk - C:\Program Files (x86)\PokerTracker 4\PokerTracker4.exe -l
      C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PokerTracker 4\PokerTracker 4.lnk - C:\Program Files (x86)\PokerTracker 4\PokerTracker4.exe 
      C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PokerTracker 4\Uninstall PokerTracker 4.lnk - C:\Program Files (x86)\PokerTracker 4\uninstall.exe 
      C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Console RAR manual.lnk - C:\Program Files (x86)\WinRAR\Rar.txt 
      C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\What is new in the latest version.lnk - C:\Program Files (x86)\WinRAR\WhatsNew.txt 
      C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR help.lnk - C:\Program Files (x86)\WinRAR\WinRAR.chm 
      C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk - C:\Program Files (x86)\WinRAR\WinRAR.exe  ==== shortcuts in All Users Start Menu ====================== C:\ProgramData\Microsoft\Windows\Start Menu\partypoker.lnk - C:\Programs\PartyGaming\PartyGaming.exe -P=PartyPoker
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe 
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Settings\AMD Settings.lnk - C:\Program Files (x86)\AMD\CNext\CNext\RadeonSettings.exe 
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bethesda.net Launcher\Bethesda.net Launcher.lnk - C:\Program Files (x86)\Bethesda.net Launcher\BethesdaNetUpdater.exe 
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bethesda.net Launcher\Uninstall Bethesda.net Launcher.lnk - C:\Program Files (x86)\Bethesda.net Launcher\unins000.exe 
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner64.exe 
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Pro\DAEMON Tools Pro.lnk - C:\Program Files\DAEMON Tools Pro\DTPro.exe 
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Pro\Image Editor.lnk - C:\Program Files\DAEMON Tools Pro\DTImgEditor.exe 
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Easy Macro Recorder\Easy Macro Recorder on the Web.lnk - C:\Program Files (x86)\Easy Macro Recorder\homepage.url 
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Easy Macro Recorder\Easy Macro Recorder.lnk - C:\Program Files (x86)\Easy Macro Recorder\Macro Recorder.exe 
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Easy Macro Recorder\Help.lnk - C:\Program Files (x86)\Easy Macro Recorder\help.chm 
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Easy Macro Recorder\Uninstall Easy Macro Recorder.lnk - C:\Program Files (x86)\Easy Macro Recorder\unins000.exe 
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\partypoker.lnk - C:\Programs\PartyGaming\PartyGaming.exe -P=PartyPoker
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Configurar Java.lnk - C:\Program Files (x86)\Java\jre1.8.0_131\bin\javacpl.exe 
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Sobre o Java.lnk - C:\Program Files (x86)\Java\jre1.8.0_131\bin\javacpl.exe -tab about
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Verificar Atualizações.lnk -  
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico\AutoPico.lnk - C:\Program Files\KMSpico\AutoPico.exe 
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico\KMSpico.lnk - C:\Program Files\KMSpico\KMSELDI.exe 
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico\Log KMSpico.lnk - C:\Program Files\KMSpico\scripts\Log.cmd 
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico\Uninstall KMSpico.lnk - C:\Program Files\KMSpico\UninsHs.exe /u0=KMSpico
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes\Malwarebytes.lnk - C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe 
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes\Uninstall Malwarebytes.lnk - C:\Program Files (x86)\Malwarebytes\Anti-Malware\unins000.exe 
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox\License (English).lnk - C:\Program Files (x86)\Oracle\VirtualBox\License_en_US.rtf 
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox\Oracle VM VirtualBox.lnk - C:\Program Files (x86)\Oracle\VirtualBox\VirtualBox.exe 
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox\User manual (CHM, English).lnk - C:\Program Files (x86)\Oracle\VirtualBox\VirtualBox.chm 
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox\User manual (PDF, English).lnk - C:\Program Files (x86)\Oracle\VirtualBox\doc\UserManual.pdf 
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\partypoker\partypoker.lnk - C:\Programs\PartyGaming\PartyGaming.exe -P=PartyPoker
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\partypoker\Uninstall partypoker.lnk - C:\programs\partygaming\PartyPoker\Uninstall\Setup.exe App_Type=U
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PostgreSQL 8.3\Command Prompt.lnk - C:\Windows\SysWOW64\cmd.exe /k set PGCLIENTENCODING=WIN1252 && set PGPORT=5432
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PostgreSQL 8.3\pgAdmin III.lnk - C:\Program Files (x86)\PostgreSQL\8.3\bin\pgAdmin3.exe 
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PostgreSQL 8.3\psql to 'postgres'.lnk - C:\Program Files (x86)\PostgreSQL\8.3\bin\psql.bat  -h localhost -p 5432 postgres "postgres" WIN1252
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PostgreSQL 8.3\Reload configuration.lnk - C:\Program Files (x86)\PostgreSQL\8.3\bin\pg_ctl.exe  reload -D "C:\Program Files (x86)\PostgreSQL\8.3\data\"
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PostgreSQL 8.3\Start service.lnk - C:\Windows\SysWOW64\net.exe  start pgsql-8.3
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PostgreSQL 8.3\Stop service.lnk - C:\Windows\SysWOW64\net.exe  stop pgsql-8.3
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PostgreSQL 8.3\Configuration files\Edit pg_hba.conf.lnk - C:\Windows\SysWOW64\notepad.exe C:\Program Files (x86)\PostgreSQL\8.3\data\pg_hba.conf
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PostgreSQL 8.3\Configuration files\Edit pg_ident.conf.lnk - C:\Windows\SysWOW64\notepad.exe C:\Program Files (x86)\PostgreSQL\8.3\data\pg_ident.conf
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PostgreSQL 8.3\Configuration files\Edit postgresql.conf.lnk - C:\Windows\SysWOW64\notepad.exe C:\Program Files (x86)\PostgreSQL\8.3\data\postgresql.conf
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PostgreSQL 8.3\Documentation\Installation Notes.lnk - C:\Program Files (x86)\PostgreSQL\8.3\Installation Notes.rtf 
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PostgreSQL 8.3\Documentation\pgAdmin Help.lnk - C:\Windows\hh.exe mk:@MSITStore:C:\Program Files (x86)\PostgreSQL\8.3\pgAdmin III\docs\en_US\pgadmin3.chm::/index.html
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PostgreSQL 8.3\Documentation\PostgreSQL Help.lnk - C:\Windows\hh.exe mk:@MSITStore:C:\Program Files (x86)\PostgreSQL\8.3\doc\postgresql.chm::/index.html
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PostgreSQL 8.3\Documentation\PostgreSQL release notes.lnk - C:\Windows\hh.exe mk:@MSITStore:C:\Program Files (x86)\PostgreSQL\8.3\doc\postgresql.chm::/release.html
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RandyRants.com\SharpKeys\SharpKeys FAQ.lnk - C:\Windows\Installer\{636E94DA-99C0-448F-A931-3DAD83B4975F}\_B1CA15029C1C01AF26BE17.exe 
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RandyRants.com\SharpKeys\SharpKeys.lnk - C:\Windows\Installer\{636E94DA-99C0-448F-A931-3DAD83B4975F}\_766E8E735A97E6B647001F.exe 
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Serviio\Open Serviio Console.lnk -  
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Serviio\Open Serviio MediaBrowser.lnk -  
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Serviio\Readme.lnk - C:\Program Files\Serviio\README.txt 
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Serviio\Release Notes.lnk - C:\Program Files\Serviio\RELEASE_NOTES.txt 
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Serviio\Serviio Console.lnk - C:\Program Files\Serviio\console\ServiioConsole.exe 
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Serviio\Start Serviio service.lnk - C:\Program Files\Serviio\bin\ServiioService.exe -start
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Serviio\Stop Serviio service.lnk - C:\Program Files\Serviio\bin\ServiioService.exe -stop
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Serviio\Uninstall Serviio.lnk - C:\Program Files (x86)\Serviio\uninstall.exe 
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VSFilter\Configuration (x64).lnk - C:\Windows\System32\rundll32.exe VSFilter.dll,DirectVobSub
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VSFilter\Uninstall (x64).lnk - C:\Program Files (x86)\VSFilter\unins000.exe 
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Console RAR manual.lnk - C:\Program Files (x86)\WinRAR\Rar.txt 
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\What is new in the latest version.lnk - C:\Program Files (x86)\WinRAR\WhatsNew.txt 
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR help.lnk - C:\Program Files (x86)\WinRAR\WinRAR.chm 
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk - C:\Program Files (x86)\WinRAR\WinRAR.exe 
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XM MT4\MetaEditor.lnk - C:\Program Files (x86)\XM MT4\metaeditor.exe 
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XM MT4\Uninstall.lnk - C:\Program Files (x86)\XM MT4\uninstall.exe 
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XM MT4\XM MT4.lnk - C:\Program Files (x86)\XM MT4\terminal.exe  ==== shortcuts in Quick Launch ====================== C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
      C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  
      C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
      C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  
      C:\Users\Lucas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\888poker.lnk - C:\Program Files (x86)\PacificPoker\bin\888poker.exe 
      C:\Users\Lucas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\BS.Player FREE.lnk - C:\Program Files (x86)\Webteh\BSPlayer\bsplayer.exe 
      C:\Users\Lucas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 
      C:\Users\Lucas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\partypoker.lnk - C:\Programs\PartyGaming\PartyGaming.exe -P=PartyPoker
      C:\Users\Lucas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
      C:\Users\Lucas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  
      C:\Users\Lucas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk -  
      C:\Users\Lucas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\76f9e4d33b60b312\Popcorn-Time.lnk - C:\Users\Lucas\AppData\Local\Popcorn-Time\Popcorn-Time.exe --user-data-dir="C:\Users\Lucas\AppData\Local\Popcorn-Time\User Data" --profile-directory=Default --app-id=hecfofbbdfadifpemejbbdcjmfmboohj
      C:\Users\Lucas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\computer.lnk -  
      C:\Users\Lucas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Control Panel.lnk -  
      C:\Users\Lucas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk -  
      C:\Users\Lucas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 
      C:\Users\Lucas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe 
      C:\Users\Lucas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Notepad.lnk - C:\Windows\system32\notepad.exe 
      C:\Users\postgres\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
      C:\Users\postgres\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -   ==== shortcuts After Repair ====================== C:\Users\Lucas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\76f9e4d33b60b312\Popcorn-Time.lnk - C:\Users\Lucas\AppData\Local\Popcorn-Time\Popcorn-Time.exe  ==== Reset IE Proxy ====================== Value(s) before fix:
      "ProxyEnable"=dword:00000000 Value(s) after fix:
      "ProxyEnable"=dword:00000000 ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully
      HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\UnityWebPlayer deleted successfully ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
      C:\Users\Lucas\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
      C:\Users\Lucas\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
      C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
      C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
      C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
      C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
      C:\Users\Lucas\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
      C:\Users\Lucas\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully
      C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
      C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
      C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully ==== Empty FireFox Cache ====================== No FireFox Cache found ==== Empty Chrome Cache ====================== C:\Users\Lucas\AppData\Local\Chromium\User Data\Default\Cache emptied successfully
      C:\Users\Lucas\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
      C:\Users\Lucas\AppData\Local\Popcorn-Time\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== No Flash Cache Found ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=1596 folders=1948 5230133766 bytes) ==== Empty Temp Folders ====================== C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied
      C:\Users\Lucas\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on Sat 05/27/2017 at 16:38:38.69 ======================
          Logfile of Trend Micro HijackThis v2.0.4
      Scan saved at 4:43:50 PM, on 5/27/2017
      Platform: Unknown Windows (WinNT 6.02.1008)
      MSIE: Internet Explorer v11.0 (11.00.14393.0953)
      Boot mode: Normal Running processes:
      C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
      C:\Users\Lucas\AppData\Local\Microsoft\OneDrive\OneDrive.exe
      C:\Program Files (x86)\Hotkey\Hotkey.exe
      C:\Users\Lucas\AppData\Local\Apps\2.0\JROKO8AW.M9G\WQT58663.9XT\poke...app_6e7fc6368d8f8800_0002.0001_7854192edeabd0f7\PSC.SideKick.exe
      C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe
      C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
      C:\Program Files (x86)\Razer\Razer Cortex\RazerCortex.exe
      C:\Users\Lucas\AppData\Local\Discord\app-0.0.297\Discord.exe
      C:\Users\Lucas\AppData\Local\Discord\app-0.0.297\Discord.exe
      C:\Users\Lucas\AppData\Local\Discord\app-0.0.297\Discord.exe
      C:\Program Files (x86)\Razer\Razer Cortex\Cef\CefSharp.BrowserSubprocess.exe
      C:\Users\Lucas\Downloads\HijackThis (1).exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
      R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
      R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
      R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
      R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
      R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
      F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe
      O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
      O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll
      O2 - BHO: Microsoft OneDrive for Business Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL
      O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll
      O4 - HKLM\..\Run: [THX Audio Control Panel] "C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe" /r
      O4 - HKLM\..\Run: [UpdReg] C:\Windows\UpdReg.EXE
      O4 - HKLM\..\Run: [RazerCortex] C:\Program Files (x86)\Razer\Razer Cortex\CortexLauncher.exe -autorun
      O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
      O4 - HKCU\..\Run: [OneDrive] "C:\Users\Lucas\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
      O4 - HKCU\..\Run: [Chromium] "c:\users\lucas\appdata\local\chromium\application\chrome.exe" --auto-launch-at-startup --profile-directory="Default" --restore-last-session
      O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
      O4 - HKCU\..\Run: [Discord] C:\Users\Lucas\AppData\Local\Discord\app-0.0.297\Discord.exe
      O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files\DAEMON Tools Pro\DTAgent.exe" -autorun
      O4 - HKCU\..\Run: [PokerStrategy.com SideKick] "C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PokerStrategy.com\PokerStrategy.com SideKick.appref-ms"
      O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
      O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Lucas\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Lucas\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\amd64"
      O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
      O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
      O4 - HKUS\S-1-5-21-3263317907-2408547081-2500880260-1004\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'postgres')
      O4 - Global Startup: Hotkey.lnk = C:\Program Files (x86)\Hotkey\Hotkey.exe
      O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE/3000
      O8 - Extra context menu item: Enviar imagem para Dispositivo Bluetooth - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\btsendto_ie_ctx.htm
      O8 - Extra context menu item: Enviar página para Dispositivo Bluetooth - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\btsendto_ie.htm
      O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office\Root\Office16\ONBttnIE.dll/105
      O8 - Extra context menu item: Send image to Bluetooth Device - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\btsendto_ie_ctx.htm
      O8 - Extra context menu item: Send page to Bluetooth Device - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\btsendto_ie.htm
      O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIE.dll
      O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIE.dll
      O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
      O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
      O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
      O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
      O9 - Extra button: @C:\Program Files (x86)\REALTEK\Realtek Bluetooth\LANG\BtServer_LANG.dll,-134 - {D870B030-8D66-423b-9B97-894D4A0DEC23} - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\btsendto_ie.htm (HKCU)
      O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\REALTEK\Realtek Bluetooth\LANG\BtServer_LANG.dll,-134 - {D870B030-8D66-423b-9B97-894D4A0DEC23} - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\btsendto_ie.htm (HKCU)
      O10 - Unknown file in Winsock LSP: c:\Windows\syswow64\wlidnsp.dll
      O10 - Unknown file in Winsock LSP: c:\Windows\syswow64\wlidnsp.dll
      O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
      O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
      O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
      O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
      O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
      O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
      O18 - Protocol: Windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
      O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
      O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
      O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
      O23 - Service: AvrcpService - Realtek Semiconductor Corporation - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\AvrcpService.exe
      O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
      O23 - Service: Serviço do Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
      O23 - Service: BTDevManager - Unknown owner - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe
      O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
      O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
      O23 - Service: Disc Soft Pro Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Pro\DiscSoftBusServicePro.exe
      O23 - Service: EasyAntiCheat - EasyAntiCheat Ltd - C:\Windows\system32\EasyAntiCheat.exe
      O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
      O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
      O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
      O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
      O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
      O23 - Service: Hi-Rez Studios Authenticate and Update Service (HiPatchService) - Hi-Rez Studios - C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
      O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - HP Inc. - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
      O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
      O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing)
      O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
      O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
      O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
      O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
      O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
      O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
      O23 - Service: Origin Web Helper Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginWebHelperService.exe
      O23 - Service: PostgreSQL Database Server 8.3 (pgsql-8.3) - PostgreSQL Global Development Group - C:\Program Files (x86)\PostgreSQL\8.3\bin\pg_ctl.exe
      O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
      O23 - Service: PowerBiosServer - Unknown owner - C:\Program Files (x86)\Hotkey\PowerBiosServer.exe
      O23 - Service: Razer Game Scanner (Razer Game Scanner Service) - Unknown owner - C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
      O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
      O23 - Service: RtkBleServ - Realtek Semiconductor Corporation - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\RtkBleServ.exe
      O23 - Service: RzKLService - Razer Inc. - C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe
      O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
      O23 - Service: @%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001 (Sense) - Unknown owner - C:\Program Files (x86)\Windows Defender Advanced Threat Protection\MsSense.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\Windows\System32\SensorDataService.exe (file missing)
      O23 - Service: Serviio - Unknown owner - C:\Program Files\Serviio\bin\ServiioService.exe
      O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
      O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
      O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
      O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\Windows\system32\TieringEngineService.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
      O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
      O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
      O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
      O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
      O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
      O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) --
      End of file - 15169 bytes
       
    • Ótimo, muito bom!! Continuando.. 1. Desabilite o seu Antivírus e AntiSpyware para não haver conflitos e Mantenha-os desativados até terminar as instruções. 2. Faça download do Zoek e execute-o. 3. Copie as linhas abaixo (selecione-as e tecle CTRL+C) e cole (CTRL+V) no espaço do Zoek: createsrpoint;
      autoclean;
      resetieproxy;
      resethosts;
      iedefaults;
      chrdefaults;
      emptyCHRcache;
      ffdefaults;
      firefoxlook;
      emptyalltemp;
      shortcutfix; 4. Feche todos os navegadores e clique em Run Script: Durante o Scan a mensagem abaixo será apresentada. Seja paciente e aguarde o término da execução do script pois a análise pode demorar alguns minutos.. 5. Caso seja solicitada a reinicialização do computador, faça isso clicando em OK 6.  O Zoek abrirá uma janela com o resultado da análise. Poste o conteúdo dessa janela e também um novo Log do HijackThis.
    • # AdwCleaner v6.047 - Logfile created 27/05/2017 at 15:08:49
      # Updated on 19/05/2017 by Malwarebytes
      # Database : 2017-05-26.6 [Server]
      # Operating System : Windows 10 Pro  (X64)
      # Username : Lucas - LUCAS
      # Running from : C:\Users\Lucas\Downloads\AdwCleaner.exe
      # Mode: Clean
      # Support : https://www.malwarebytes.com/support ***** [ Services ] ***** ***** [ Folders ] ***** [-] Folder deleted: C:\Users\Lucas\AppData\Local\YSearchUtil
      [-] Folder deleted: C:\Users\Lucas\AppData\LocalLow\.acestream
      [-] Folder deleted: C:\Users\Lucas\AppData\Roaming\.acestream
      [-] Folder deleted: C:\Users\Lucas\AppData\Roaming\acestream
      [-] Folder deleted: C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\ByteFence
      [-] Folder deleted: C:\_acestream_cache_
      [-] Folder deleted: C:\Windows\SysWOW64\config\systemprofile\AppData\Local\YSearchUtil
      ***** [ Files ] ***** [-] File deleted: C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\0ka5dy0j.default\extensions\jid1-16aeif9OQIRKxA@jetpack.xpi
      ***** [ DLL ] ***** ***** [ WMI ] ***** ***** [ Shortcuts ] ***** [-] Shortcut disinfected: C:\Users\Public\Desktop\Google Chrome.lnk
      [-] Shortcut disinfected: C:\Users\Public\Desktop\Mozilla Firefox.lnk
      [-] Shortcut disinfected: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
      [-] Shortcut disinfected: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
      [-] Shortcut disinfected: C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\Kerbal Space Program.lnk
      [-] Shortcut disinfected: C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk
      [-] Shortcut disinfected: C:\Users\Lucas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk
      ***** [ Scheduled Tasks ] ***** ***** [ Registry ] ***** [-] Key deleted: HKU\S-1-5-21-3263317907-2408547081-2500880260-1001\Software\Classes\acestream
      [#] Key deleted on reboot: HKCU\Software\Classes\acestream
      [#] Key deleted on reboot: [x64] HKCU\Software\Classes\acestream
      [-] Key deleted: HKU\S-1-5-21-3263317907-2408547081-2500880260-1001\Software\Conduit
      [#] Key deleted on reboot: HKCU\Software\Conduit
      [-] Key deleted: HKLM\SOFTWARE\Conduit
      [#] Key deleted on reboot: [x64] HKCU\Software\Conduit
      ***** [ Web browsers ] ***** [-] [C:\Users\Lucas\AppData\Local\Chromium\User Data\Default\Web data] [Search Provider] Deleted: yhs
      [-] [C:\Users\Lucas\AppData\Local\Chromium\User Data\Default] [startup_urls] Deleted: hxxps://br.search.yahoo.com/yhs/web?hspart=elm&hsimp=yhs-001&type=hdr_s_16_34_wbf_nrssi_16_32&param1=1&param2=f%3D7%26b%3Dchmm%26cc%3Dbr%26pa%3DHodor%26cd%3D2XzuyEtN2Y1L1QzuyC0CyBtC0Dzyzy0AtDyCyEzytDtD0CzytN0D0Tzu0StCyBtDtCtN1L2XzutAtFtByEtFyCtFtDtN1L1Czu1M1Q1CtByDtFtCtFtCtN1L1G1B1V1N2Y1L1Qzu2StC0E0Dzz0D0DtAzytGtCzz0AyEtGtByE0BzztGtA0BtD0CtGzz0F0CyByD0F0AtC0E0E0EyB2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAzz0E0EtBtC0A0BtGtBtDyCtAtGyE0Dzy0DtG0A0Azy0AtGyE0AtD0DtBtB0B0B0F0E0E0F2QtN0A0LzuyE%26cr%3D1665732108%26a%3Dhdr_s_16_34_wbf_nrssi_16_32%26os_ver%3D10.0%26os%3DWindows%2B10%2BPro
      [-] [C:\Users\Lucas\AppData\Local\Chromium\User Data\Default] [homepage] Deleted: hxxps://br.search.yahoo.com/yhs/web?hspart=elm&hsimp=yhs-001&type=hdr_s_16_34_wbf_nrssi_16_32&param1=1&param2=f%3D1%26b%3Dchmm%26cc%3Dbr%26pa%3DHodor%26cd%3D2XzuyEtN2Y1L1QzuyC0CyBtC0Dzyzy0AtDyCyEzytDtD0CzytN0D0Tzu0StCyBtDtCtN1L2XzutAtFtByEtFyCtFtDtN1L1Czu1M1Q1CtByDtFtCtFtCtN1L1G1B1V1N2Y1L1Qzu2StC0E0Dzz0D0DtAzytGtCzz0AyEtGtByE0BzztGtA0BtD0CtGzz0F0CyByD0F0AtC0E0E0EyB2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAzz0E0EtBtC0A0BtGtBtDyCtAtGyE0Dzy0DtG0A0Azy0AtGyE0AtD0DtBtB0B0B0F0E0E0F2QtN0A0LzuyE%26cr%3D1665732108%26a%3Dhdr_s_16_34_wbf_nrssi_16_32%26os_ver%3D10.0%26os%3DWindows%2B10%2BPro
      ************************* :: "Tracing" keys deleted
      :: Winsock settings cleared ************************* C:\AdwCleaner\AdwCleaner[C0].txt - [3928 Bytes] - [27/05/2017 15:08:49]
      C:\AdwCleaner\AdwCleaner[S0].txt - [4072 Bytes] - [27/05/2017 15:05:34] ########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [4074 Bytes] ##########
        # AdwCleaner v6.047 - Logfile created 27/05/2017 at 15:08:49
      # Updated on 19/05/2017 by Malwarebytes
      # Database : 2017-05-26.6 [Server]
      # Operating System : Windows 10 Pro  (X64)
      # Username : Lucas - LUCAS
      # Running from : C:\Users\Lucas\Downloads\AdwCleaner.exe
      # Mode: Clean
      # Support : https://www.malwarebytes.com/support ***** [ Services ] ***** ***** [ Folders ] ***** [-] Folder deleted: C:\Users\Lucas\AppData\Local\YSearchUtil
      [-] Folder deleted: C:\Users\Lucas\AppData\LocalLow\.acestream
      [-] Folder deleted: C:\Users\Lucas\AppData\Roaming\.acestream
      [-] Folder deleted: C:\Users\Lucas\AppData\Roaming\acestream
      [-] Folder deleted: C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\ByteFence
      [-] Folder deleted: C:\_acestream_cache_
      [-] Folder deleted: C:\Windows\SysWOW64\config\systemprofile\AppData\Local\YSearchUtil
      ***** [ Files ] ***** [-] File deleted: C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\0ka5dy0j.default\extensions\jid1-16aeif9OQIRKxA@jetpack.xpi
      ***** [ DLL ] ***** ***** [ WMI ] ***** ***** [ Shortcuts ] ***** [-] Shortcut disinfected: C:\Users\Public\Desktop\Google Chrome.lnk
      [-] Shortcut disinfected: C:\Users\Public\Desktop\Mozilla Firefox.lnk
      [-] Shortcut disinfected: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
      [-] Shortcut disinfected: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
      [-] Shortcut disinfected: C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\Kerbal Space Program.lnk
      [-] Shortcut disinfected: C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk
      [-] Shortcut disinfected: C:\Users\Lucas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk
      ***** [ Scheduled Tasks ] ***** ***** [ Registry ] ***** [-] Key deleted: HKU\S-1-5-21-3263317907-2408547081-2500880260-1001\Software\Classes\acestream
      [#] Key deleted on reboot: HKCU\Software\Classes\acestream
      [#] Key deleted on reboot: [x64] HKCU\Software\Classes\acestream
      [-] Key deleted: HKU\S-1-5-21-3263317907-2408547081-2500880260-1001\Software\Conduit
      [#] Key deleted on reboot: HKCU\Software\Conduit
      [-] Key deleted: HKLM\SOFTWARE\Conduit
      [#] Key deleted on reboot: [x64] HKCU\Software\Conduit
      ***** [ Web browsers ] ***** [-] [C:\Users\Lucas\AppData\Local\Chromium\User Data\Default\Web data] [Search Provider] Deleted: yhs
      [-] [C:\Users\Lucas\AppData\Local\Chromium\User Data\Default] [startup_urls] Deleted: hxxps://br.search.yahoo.com/yhs/web?hspart=elm&hsimp=yhs-001&type=hdr_s_16_34_wbf_nrssi_16_32&param1=1&param2=f%3D7%26b%3Dchmm%26cc%3Dbr%26pa%3DHodor%26cd%3D2XzuyEtN2Y1L1QzuyC0CyBtC0Dzyzy0AtDyCyEzytDtD0CzytN0D0Tzu0StCyBtDtCtN1L2XzutAtFtByEtFyCtFtDtN1L1Czu1M1Q1CtByDtFtCtFtCtN1L1G1B1V1N2Y1L1Qzu2StC0E0Dzz0D0DtAzytGtCzz0AyEtGtByE0BzztGtA0BtD0CtGzz0F0CyByD0F0AtC0E0E0EyB2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAzz0E0EtBtC0A0BtGtBtDyCtAtGyE0Dzy0DtG0A0Azy0AtGyE0AtD0DtBtB0B0B0F0E0E0F2QtN0A0LzuyE%26cr%3D1665732108%26a%3Dhdr_s_16_34_wbf_nrssi_16_32%26os_ver%3D10.0%26os%3DWindows%2B10%2BPro
      [-] [C:\Users\Lucas\AppData\Local\Chromium\User Data\Default] [homepage] Deleted: hxxps://br.search.yahoo.com/yhs/web?hspart=elm&hsimp=yhs-001&type=hdr_s_16_34_wbf_nrssi_16_32&param1=1&param2=f%3D1%26b%3Dchmm%26cc%3Dbr%26pa%3DHodor%26cd%3D2XzuyEtN2Y1L1QzuyC0CyBtC0Dzyzy0AtDyCyEzytDtD0CzytN0D0Tzu0StCyBtDtCtN1L2XzutAtFtByEtFyCtFtDtN1L1Czu1M1Q1CtByDtFtCtFtCtN1L1G1B1V1N2Y1L1Qzu2StC0E0Dzz0D0DtAzytGtCzz0AyEtGtByE0BzztGtA0BtD0CtGzz0F0CyByD0F0AtC0E0E0EyB2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAzz0E0EtBtC0A0BtGtBtDyCtAtGyE0Dzy0DtG0A0Azy0AtGyE0AtD0DtBtB0B0B0F0E0E0F2QtN0A0LzuyE%26cr%3D1665732108%26a%3Dhdr_s_16_34_wbf_nrssi_16_32%26os_ver%3D10.0%26os%3DWindows%2B10%2BPro
      ************************* :: "Tracing" keys deleted
      :: Winsock settings cleared ************************* C:\AdwCleaner\AdwCleaner[C0].txt - [3928 Bytes] - [27/05/2017 15:08:49]
      C:\AdwCleaner\AdwCleaner[S0].txt - [4072 Bytes] - [27/05/2017 15:05:34] ########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [4074 Bytes] ##########   ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
      Junkware Removal Tool (JRT) by Malwarebytes
      Version: 8.1.3 (04.10.2017)
      Operating System: Windows 10 Pro x64 
      Ran by Lucas (Administrator) on Sat 05/27/2017 at 15:13:09.12
      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
      File System: 0 
      Registry: 0  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
      Scan was completed on Sat 05/27/2017 at 15:18:53.51
      End of JRT log
      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~     Logfile of Trend Micro HijackThis v2.0.4
      Scan saved at 3:23:19 PM, on 5/27/2017
      Platform: Unknown Windows (WinNT 6.02.1008)
      MSIE: Internet Explorer v11.0 (11.00.14393.0953)
      Boot mode: Normal Running processes:
      C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
      C:\Users\Lucas\Downloads\HijackThis (1).exe
      C:\Windows\SysWOW64\DllHost.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
      R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
      R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
      R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
      R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
      R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
      F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe
      O1 - Hosts: ::1 tutorial2
      O1 - Hosts: ::1 test2
      O1 - Hosts: ::1 Projetos
      O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
      O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll
      O2 - BHO: Microsoft OneDrive for Business Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL
      O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll
      O4 - HKLM\..\Run: [THX Audio Control Panel] "C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe" /r
      O4 - HKLM\..\Run: [UpdReg] C:\Windows\UpdReg.EXE
      O4 - HKLM\..\Run: [RazerCortex] C:\Program Files (x86)\Razer\Razer Cortex\CortexLauncher.exe -autorun
      O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
      O4 - HKCU\..\Run: [OneDrive] "C:\Users\Lucas\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
      O4 - HKCU\..\Run: [Chromium] "c:\users\lucas\appdata\local\chromium\application\chrome.exe" --auto-launch-at-startup --profile-directory="Default" --restore-last-session
      O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
      O4 - HKCU\..\Run: [Discord] C:\Users\Lucas\AppData\Local\Discord\app-0.0.297\Discord.exe
      O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files\DAEMON Tools Pro\DTAgent.exe" -autorun
      O4 - HKCU\..\Run: [PokerStrategy.com SideKick] "C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PokerStrategy.com\PokerStrategy.com SideKick.appref-ms"
      O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
      O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Lucas\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Lucas\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\amd64"
      O4 - Global Startup: Hotkey.lnk = C:\Program Files (x86)\Hotkey\Hotkey.exe
      O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE/3000
      O8 - Extra context menu item: Enviar imagem para Dispositivo Bluetooth - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\btsendto_ie_ctx.htm
      O8 - Extra context menu item: Enviar página para Dispositivo Bluetooth - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\btsendto_ie.htm
      O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office\Root\Office16\ONBttnIE.dll/105
      O8 - Extra context menu item: Send image to Bluetooth Device - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\btsendto_ie_ctx.htm
      O8 - Extra context menu item: Send page to Bluetooth Device - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\btsendto_ie.htm
      O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIE.dll
      O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIE.dll
      O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
      O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
      O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
      O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
      O9 - Extra button: @C:\Program Files (x86)\REALTEK\Realtek Bluetooth\LANG\BtServer_LANG.dll,-134 - {D870B030-8D66-423b-9B97-894D4A0DEC23} - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\btsendto_ie.htm (HKCU)
      O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\REALTEK\Realtek Bluetooth\LANG\BtServer_LANG.dll,-134 - {D870B030-8D66-423b-9B97-894D4A0DEC23} - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\btsendto_ie.htm (HKCU)
      O10 - Unknown file in Winsock LSP: c:\Windows\syswow64\wlidnsp.dll
      O10 - Unknown file in Winsock LSP: c:\Windows\syswow64\wlidnsp.dll
      O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
      O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
      O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
      O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
      O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
      O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
      O18 - Protocol: Windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
      O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
      O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
      O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
      O23 - Service: AvrcpService - Realtek Semiconductor Corporation - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\AvrcpService.exe
      O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
      O23 - Service: Serviço do Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
      O23 - Service: BTDevManager - Unknown owner - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe
      O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
      O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
      O23 - Service: Disc Soft Pro Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Pro\DiscSoftBusServicePro.exe
      O23 - Service: EasyAntiCheat - EasyAntiCheat Ltd - C:\Windows\system32\EasyAntiCheat.exe
      O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
      O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
      O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
      O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
      O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
      O23 - Service: Hi-Rez Studios Authenticate and Update Service (HiPatchService) - Hi-Rez Studios - C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
      O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - HP Inc. - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
      O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
      O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing)
      O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
      O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
      O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
      O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
      O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
      O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
      O23 - Service: Origin Web Helper Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginWebHelperService.exe
      O23 - Service: PostgreSQL Database Server 8.3 (pgsql-8.3) - PostgreSQL Global Development Group - C:\Program Files (x86)\PostgreSQL\8.3\bin\pg_ctl.exe
      O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
      O23 - Service: PowerBiosServer - Unknown owner - C:\Program Files (x86)\Hotkey\PowerBiosServer.exe
      O23 - Service: Razer Game Scanner (Razer Game Scanner Service) - Unknown owner - C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
      O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
      O23 - Service: RtkBleServ - Realtek Semiconductor Corporation - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\RtkBleServ.exe
      O23 - Service: RzKLService - Razer Inc. - C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe
      O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
      O23 - Service: @%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001 (Sense) - Unknown owner - C:\Program Files (x86)\Windows Defender Advanced Threat Protection\MsSense.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\Windows\System32\SensorDataService.exe (file missing)
      O23 - Service: Serviio - Unknown owner - C:\Program Files\Serviio\bin\ServiioService.exe
      O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
      O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
      O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
      O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\Windows\system32\TieringEngineService.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
      O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
      O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
      O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
      O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
      O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
      O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) --
      End of file - 14181 bytes
         
    • digite winver no executar e poste sua versão do windows 10... Sua conta tem poderes de administrador? Se possivel poste imagem com o problema por favor...
    • 1. Desabilite o seu Antivírus e AntiSpyware para não haver conflitos e Mantenha-os desativados até terminar as instruções. 2. Faça download do AdwCleaner e salve-o na sua Área de Trabalho (desktop) 3. Execute o adwcleaner.exe Usuários do Windows 7, 8.1 ou 10: clique com o botão direito do mouse no ícone do adwcleaner.exe e selecione   4. Clique no botão Verificar e depois em Limpar 5. Salve o Log criado 6. Faça download do JRT (Junkware Removal Tool) e salve-o na sua Área de Trabalho 7. Dê um duplo-clique no arquivo JRT para executá-lo Usuários do Windows 7, 8.1 ou 10: clique com o botão direito do mouse no ícone do JRT.exe e selecione   8. O JRT começará o exame do seu Sistema. Tenha paciência pois pode demorar alguns minutos dependendo da quantidades de itens examinados 9. No final um novo arquivo JRT.txt aparecerá na sua Área de Trabalho e uma janela se abrirá com o conteúdo deste arquivo (log do JRT) 10. Selecione todo o conteúdo desse log (tecle CTRL+A), copie-o (CTRL+C) e cole-o (CTRL+V) na sua próxima resposta juntamente com o Log do AdwCleaner (item 5 acima) e o novo log do HijackThis
O site BABOO está no ar para informar e ajudar o internauta de Windows. Este site foi publicado em 1999 por Aurélio "Baboo", engenheiro e um dos maiores especialistas brasileiros em Windows, que trabalha profissionalmente com esse sistema operacional desde 1987. Desde 2004 ele é premiado anualmente pela Microsoft como MVP (Most Valuable Professional) pela sua contribuição e ajuda à comunidade de usuários de Windows.

Em 2001 foi criado o
Fórum do BABOO para ajudar o internauta brasileiro a solucionar problemas e dúvidas sobre Windows, Segurança, Office, Hardware e outros temas. Desde 2010 a Microsoft também tem premiado o Mr.Million, administrador da área de Segurança do Fórum do BABOO, pelo seu incansável trabalho ajudando os internautas a remover vírus e malwares dos seus computadores. Atualmente ele é o único MVP brasileiro de Segurança em desktop.

O BABOO é o único site brasileiro coordenado por um especialista com reconhecimento internacional pela sua competência em Windows e que participa diariamente e ativamente nos comentários e discussões do site e fórum BABOO.