Conteúdo: Default Ardósia Uva Barbie Morango Pôr do sol Banana Folha Chocolate Madeira
Fundo: Default Ardósia Uva Barbie Morango Pôr do sol Banana Folha Chocolate Madeira
Desenho: Liso Onda Linha Retalho Madeira Rocha Couro Colméia Vertical Triângulo
Bem-vindo ao Fórum do BABOO!

Desde 2000 o Fórum do BABOO tem ajudado milhões de internautas de Windows a resolverem seus problemas e dúvidas, além de ajudar na remoção de vírus e malwares de seus computadores. Somos o único fórum brasileiro coordenado por um especialista com reconhecimento internacional pela sua competência em Windows, então se você tem uma dúvida ou problema que nenhum outro fórum resolve, poste-a aqui pois o MVP Babooadora desafios!
  

O Fórum do BABOO também conta com a participação exclusiva do administrador da área de Segurança MVP Mr.Million que tem reconhecimento internacional da Microsoft pelo seu incansável trabalho ajudando os internautas a remover vírus e malwares dos seus computadores. Se o seu computador está infectado por algum vírus, ele te ajudará a removê-lo!
  

Nosso time de especialistas também inclui Patropi  Osvaldomp  Caze  Ciro-Mota  XERLOUCO ROUMS  Tatha que responderão suas dúvidas sobre diversos assuntos.
 

Participe da nossa comunidade! 

 

Entre para seguir isso  
Seguidores 0
epoduzao

onde baixar o directx 9

7 posts neste tópico

estou baixando soh q vem o arq q puxa o completo (web instaler) gostaria de baixar o directx completo para instalar em demais maquinas

onde tem ?



Security Officer for you ...


Compartilhar este post


Link para o post
Compartilhar em outros sites

www.Microsoft.com/directx


_________________________

Athlon 64 3.0+

Asus K8N

ATI Radeon 9800Pro 256Mb

HD 80GB Maxtor 8Mb Buffer

1GB DDR 400

ADSL Brasil Telecom 600/512

Modem D-Link 500G

_________________________

Compartilhar este post


Link para o post
Compartilhar em outros sites

Gostaria de saber onde fazer um download direto, e nao o arquivo de 200 e poucos kb.

alguém sabe onde?


asus a7v8x-x

athlon 1700+@2187

1024 DDR 400@375

Nvidia 6800xt 128b

DVD+RW gsa-4165b

LG L196WTQ

Compartilhar este post


Link para o post
Compartilhar em outros sites

Gostaria de saber onde fazer um download direto, e nao o arquivo de 200 e poucos kb.

alguém sabe onde?

----------------------------------------------------------------------------

Olá

Até agora não vi nenhum local para copiar todo ele direto. Acho que só tem desse jeito mesmo ( baixando o arquivo de 200 Kb para depois fazer o download ).

4.gif4.gif

Compartilhar este post


Link para o post
Compartilhar em outros sites

Crie uma conta ou entre para comentar

Você precisar ser um membro para fazer um comentário

Criar uma conta

Quer postar a sua dúvida? Cadastre-se pois é rápido e fácil!


Crie uma nova conta

Entrar

Já tem uma conta? Faça o login.


Entrar Agora
Esse tópico é útil para você?
Então compartilhe e ajude outros internautas!
Entre para seguir isso  
Seguidores 0

  • Vídeos do BABOO no YouTube

  • Posts

    • Gostaria de saber se é possível remover a barra de progresso de cópia de arquivos no Windows 7. Ou seja, aquela barrinha verde que que fica na janela minimizada e que mostra o andamento da operação. Obs: É apenas a barra minimizada anexei a imagem com o progresso da cópia de arquivo apenas como exemplo.
    • Parece que resolveu meu problema. Qualquer coisa volto a postar aqui. Muito Obrigado Mr.Million pelo suporte.
    • Baixe o Malwarebytes Anti-Malware (MBAM) e salve ou imprima estas instruções: 1. Execute o MBAM e prossiga com a instalação até chegar na tela abaixo. Você deve desmarcar a opção Ativar trial gratuito do Malwarebytes Anti-Malware Pro  2. O programa de instalação será finalizado e o MBAM será executado e automaticamente atualizará o seu banco de dados. Enquanto ele faz isso, clique no menu Configurações > Detecção e proteção (à esquerda) e clique na opção Procurar rootkits. Verifique também se as duas opções mostradas abaixo estão ambas configuradas como Tratar detecções como malware: 3. Clique no menu Painel para voltar à tela principal e clique no botão Verificar. O MBAM iniciará a verificação de malwares no seu computador. Essa tarefa pode demorar bastante se houverem muitos arquivos. Aguarde a finalização de todos os processos. Se no final o MBAM detectou algum malware, inicialmente clique na opção Salvar resultados > escolha a opção Arquivo de texto (*.txt) > Salve o arquivo: Agora clique no botão Remover selecionados para as ameaças serem removidas.  Se o MBAM encontrar arquivos que não podem ser removidos, ele solicitará a reinicialização do computador (talvez mais de uma vez). Se isso acontecer, reinicie o computador imediatamente. 4. Agora abra o arquivo que você salvou no item anterior.  Selecione todo o conteúdo desse log (tecle CTRL+A), copie-o (CTRL+C) e cole-o (CTRL+V) na sua próxima resposta juntamente com um novo Log do HiJackThis .
    • Solicitação de Análise de Logs Já fiz todos os procedimentos solicitados no Tópico Oficial... - Barra de pesquisa direciona para sites estranhos
      - Quando entro no google e vou digitar a busca aparece uma barra secundária no topo da página
      - Utilizo o Windows 10 e vários programas nativos pararam de funcionar (aparece uma exclamação do lado). Já fiz a restauração do sistema e não adiantou.
      - Durante a navegação quando eu clico pra acessar algum link abre páginas completamente avulsas e propagandas ou redireciona a página que eu estava para outra.  Segue meu Log para exame:   Logfile of Trend Micro HijackThis v2.0.4
      Scan saved at 16:48:51, on 27/05/2017
      Platform: Unknown Windows (WinNT 6.02.1008)
      MSIE: Internet Explorer v11.0 (11.00.14393.0953)
      Boot mode: Normal Running processes:
      C:\PROGRA~2\GbPlugin\GbpSv.exe
      C:\Users\Vinicius\AppData\Roaming\BMelYB\IQcCQu.exe
      C:\Program Files (x86)\Bluestacks\HD-Agent.exe
      C:\Users\Vinicius\AppData\Local\background_fault\aswRD.exe
      C:\Program Files\AVAST Software\Avast\avastui.exe
      C:\Windows\SysWOW64\ctfmon.exe
      C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
      C:\Program Files (x86)\Dell Backup and Recovery\COMPONENTS\DBRUPDATE\DBRUPD.EXE
      C:\Program Files (x86)\Dell Backup and Recovery\TOASTER.EXE
      C:\Windows\SysWOW64\ctfmon.exe
      C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE
      C:\Users\Vinicius\Desktop\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.ourluckysites.com/?type=hp&ts=1492580316&z=74d8c66f66c14d5a68aa1c7g8z4t0o7wfbdedofw3t&from=che0812&uid=ST1000LM024XHN-M101MBB_S32SJ5CG314462314462
      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.ourluckysites.com/search/?type=ds&ts=1492580316&z=74d8c66f66c14d5a68aa1c7g8z4t0o7wfbdedofw3t&from=che0812&uid=ST1000LM024XHN-M101MBB_S32SJ5CG314462314462&q={searchTerms}
      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://br.yahoo.com/?fr=hp-avast&type=avastbcl
      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.ourluckysites.com/search/?type=ds&ts=1492580316&z=74d8c66f66c14d5a68aa1c7g8z4t0o7wfbdedofw3t&from=che0812&uid=ST1000LM024XHN-M101MBB_S32SJ5CG314462314462&q={searchTerms}
      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ourluckysites.com/?type=hp&ts=1492580316&z=74d8c66f66c14d5a68aa1c7g8z4t0o7wfbdedofw3t&from=che0812&uid=ST1000LM024XHN-M101MBB_S32SJ5CG314462314462
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.ourluckysites.com/?type=hp&ts=1492580316&z=74d8c66f66c14d5a68aa1c7g8z4t0o7wfbdedofw3t&from=che0812&uid=ST1000LM024XHN-M101MBB_S32SJ5CG314462314462
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.ourluckysites.com/search/?type=ds&ts=1492580316&z=74d8c66f66c14d5a68aa1c7g8z4t0o7wfbdedofw3t&from=che0812&uid=ST1000LM024XHN-M101MBB_S32SJ5CG314462314462&q={searchTerms}
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.ourluckysites.com/search/?type=ds&ts=1492580316&z=74d8c66f66c14d5a68aa1c7g8z4t0o7wfbdedofw3t&from=che0812&uid=ST1000LM024XHN-M101MBB_S32SJ5CG314462314462&q={searchTerms}
      R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ourluckysites.com/?type=hp&ts=1492580316&z=74d8c66f66c14d5a68aa1c7g8z4t0o7wfbdedofw3t&from=che0812&uid=ST1000LM024XHN-M101MBB_S32SJ5CG314462314462
      R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
      R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
      R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
      R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://none-stops.net/wpad.dat?adc2c82afbff8c524260a8ecc076198620105617
      R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
      F2 - REG:system.ini: UserInit=
      O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
      O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
      O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_73\bin\ssv.dll
      O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
      O2 - BHO: G-Buster Browser Defense - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\Program Files (x86)\GbPlugin\gbieh.dll
      O2 - BHO: G-Buster Browser Defense CEF - {C41A1C0E-EA6C-11D4-B1B8-444553540003} - C:\Program Files (x86)\GbPlugin\gbiehcef.dll
      O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_73\bin\jp2ssv.dll
      O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
      O4 - HKLM\..\Run: [DropboxOEM] "C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe" auto
      O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
      O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
      O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
      O4 - HKLM\..\Run: [IJNetworkScannerSelectorEX] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE
      O4 - HKLM\..\Run: [Adobe] C:\Users\Vinicius\AppData\Roaming\Adobe\color.vbe
      O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
      O4 - HKCU\..\Run: [OneDrive] "C:\Users\Vinicius\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
      O4 - HKCU\..\Run: [uTorrent] "C:\Users\Vinicius\AppData\Roaming\uTorrent\uTorrent.exe"  /MINIMIZED
      O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
      O4 - HKCU\..\Run: [D85D2348B46572DE] C:\Users\Vinicius\AppData\Roaming\BMelYB\IQcCQu.exe
      O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
      O4 - HKCU\..\Run: [BlueStacks Agent] C:\Program Files (x86)\Bluestacks\HD-Agent.exe
      O4 - HKCU\..\Run: [background_fault] "C:\Users\Vinicius\AppData\Local\background_fault\aswRD.exe" "C:\Users\Vinicius\AppData\Local\background_fault\bf.dll",background_fault_collector
      O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
      O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Vinicius\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Vinicius\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64"
      O4 - HKLM\..\Policies\Explorer\Run: [BtvStack] "C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe"
      O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'SERVIÇO LOCAL')
      O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'SERVIÇO DE REDE')
      O8 - Extra context menu item: &Enviar para o OneNote - res://C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll/105
      O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE/3000
      O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
      O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
      O9 - Extra button: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
      O9 - Extra 'Tools' menuitem: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
      O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
      O15 - Trusted Zone: http://www.bb.com.br
      O15 - Trusted Zone: http://www.caixa.gov.br
      O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
      O18 - Protocol: Windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
      O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
      O20 - Winlogon Notify:  GbPluginBb - C:\Program Files (x86)\GbPlugin\gbieh.dll
      O20 - Winlogon Notify:  GbPluginCef - C:\Program Files (x86)\GbPlugin\gbiehCef.dll
      O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe
      O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
      O23 - Service: BlueStacks Android Service  (BstHdAndroidSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\Bluestacks\HD-Service.exe
      O23 - Service: BlueStacks Log Rotator Service (BstHdLogRotatorSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\Bluestacks\HD-LogRotatorService.exe
      O23 - Service: BlueStacks Plus Android Service  (BstHdPlusAndroidSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\Bluestacks\HD-Plus-Service.exe
      O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
      O23 - Service: Dell Foundation Services - Dell - C:\Program Files\Dell\Dell Foundation Services\DFSSvc.exe
      O23 - Service: Dell Digital Delivery Service (DellDigitalDelivery) - Dell Products, LP. - C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
      O23 - Service: Dell Product Registration Manager (DellProdRegManager) - Aviata, Inc. - C:\Program Files (x86)\Dell Product Registration\regmgrsvc.exe
      O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
      O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
      O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
      O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
      O23 - Service: Update Service(FirefoxU) (FirefoxU) - Unknown owner - C:\Program Files (x86)\Firefox\bin\FirefoxUpdate.exe
      O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
      O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
      O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
      O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
      O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing)
      O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
      O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
      O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
      O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
      O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
      O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
      O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
      O23 - Service: Proteção de Tela de League (LolScreenSaverService) - Unknown owner - C:\Riot Games\LolScreenSaver\service\service.exe
      O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
      O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
      O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - CyberLink - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
      O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
      O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
      O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\Windows\System32\SensorDataService.exe (file missing)
      O23 - Service: SoftThinks Agent Service (SftService) - SoftThinks SAS - C:\Program Files (x86)\Dell Backup and Recovery\sftservice.exe
      O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
      O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
      O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\Windows\system32\TieringEngineService.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
      O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
      O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
      O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
      O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
      O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) --
      End of file - 14962 bytes
       

    • Zoek.exe v5.0.0.1 Updated 27-09-2015
      Tool run by Lucas on Sat 05/27/2017 at 16:00:55.78.
      Microsoft Windows 10 Pro 10.0.14393  x64
      Running in: Normal Mode No Internet Access Detected
      Launched: C:\Users\Lucas\Downloads\zoek.exe    [Scan all users] [Script inserted]  ==== System Restore Info ====================== 5/27/2017 4:02:21 PM Zoek.exe System Restore Point Created Successfully. ==== Reset Hosts File ====================== # Copyright (c) 1993-2006 Microsoft Corp. 

      # This is a sample HOSTS file used by Microsoft TCP/IP for Windows. 

      # This file contains the mappings of IP addresses to host names. Each 
      # entry should be kept on an individual line. The IP address should 
      # be placed in the first column followed by the corresponding host name. 
      # The IP address and the host name should be separated by at least one 
      # space. 

      # Additionally, comments (such as these) may be inserted on individual 
      # lines or following the machine name denoted by a '#' symbol. 

      # For example: 

      #      102.54.94.97     rhino.acme.com          # source server 
      #       38.25.63.10     x.acme.com              # x client host 
       
      127.0.0.1       localhost  ==== Empty Folders Check ====================== C:\PROGRA~2\Gigantic_en deleted successfully
      C:\PROGRA~2\Ubisoft deleted successfully
      C:\PROGRA~3\Adobe deleted successfully
      C:\PROGRA~3\Comms deleted successfully
      C:\PROGRA~3\SoftwareDistribution deleted successfully
      C:\Users\postgres\AppData\LocalLow deleted successfully
      C:\Users\Lucas\AppData\Local\ActiveSync deleted successfully
      C:\Users\Lucas\AppData\Local\Adobe deleted successfully
      C:\Users\Lucas\AppData\Local\NetworkTiles deleted successfully
      C:\Users\Lucas\AppData\Local\PeerDistRepub deleted successfully
      C:\Users\Lucas\AppData\Local\Ubisoft Game Launcher deleted successfully
      C:\Windows\serviceprofiles\networkservice\AppData\Local\Maps deleted successfully
      C:\Windows\serviceprofiles\networkservice\AppData\Local\PeerDistPub deleted successfully
      C:\Windows\serviceprofiles\networkservice\AppData\Local\PeerDistRepub deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-3263317907-2408547081-2500880260-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{A61A35E3-CADA-4E12-9203-4DCACC73BA19} deleted successfully ==== Deleting CLSID Registry Values ======================
      ==== Deleting Services ======================
      ==== FireFox Fix ====================== Deleted from C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\0ka5dy0j.default\prefs.js:
      user_pref("browser.startup.homepage", "about:home");
      user_pref("browser.search.defaultenginename", "YHS");
      user_pref("browser.search.selectedEngine", "YHS");
      user_pref("keyword.URL", true); Added to C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\0ka5dy0j.default\prefs.js:
      user_pref("browser.startup.homepage", "about:home");
      user_pref("browser.newtab.url", "about:newtab"); ProfilePath: C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\0ka5dy0j.default user.js not found
      ---- Lines Search  removed from prefs.js ----
      user_pref("browser.newtabpage.pinned", "[null,{\"url\":\"https://torrentz2.eu/\",\"title\":\"Torrent Search torrentz2\",\"frecency\":17810,\"lastVisit
      ---- FireFox user.js and prefs.js backups ----  prefs_20170527_0422_.backup ==== Deleting Files \ Folders ====================== C:\PROGRA~2\Gigantic_en not found
      C:\PROGRA~2\Ubisoft not found
      C:\Users\Lucas\AppData\Roaming\discord deleted
      C:\Users\Lucas\AppData\Roaming\Unity deleted
      C:\Users\Lucas\.android deleted
      C:\PROGRA~2\PokerOffice deleted
      C:\install.exe deleted
      C:\PROGRA~3\{0887FF4E-C52E-4C7E-9312-9A6BD34AC8DF} deleted
      C:\PROGRA~3\Package Cache deleted
      C:\Users\Lucas\AppData\Local\BTServer.log deleted
      C:\Users\Lucas\AppData\Local\Unity deleted
      C:\Windows\SysNative\config\systemprofile\AppData\Local\RtkBleServ.log deleted
      C:\Users\Lucas\AppData\LocalLow\Unity deleted
      C:\Windows\SysNative\GroupPolicy\Machine deleted
      C:\Windows\SysNative\GroupPolicy\User deleted
      C:\Windows\SysNative\GroupPolicy\GPT.INI deleted
      C:\Windows\Syswow64\GroupPolicy\gpt.ini deleted
      C:\Windows\Syswow64\SET26C.tmp deleted
      C:\Windows\Syswow64\SET2B4F.tmp deleted
      C:\Windows\Syswow64\SET2D4B.tmp deleted
      C:\Windows\Syswow64\SET3438.tmp deleted
      C:\Windows\Syswow64\SET42BC.tmp deleted
      C:\Windows\Syswow64\SET4457.tmp deleted
      C:\Windows\Syswow64\SET6E50.tmp deleted
      C:\Windows\Syswow64\SET7863.tmp deleted
      C:\Windows\Syswow64\SET8347.tmp deleted
      C:\Windows\Syswow64\SET9893.tmp deleted
      C:\Windows\Syswow64\SET9B9E.tmp deleted
      C:\Windows\Syswow64\SET9CDD.tmp deleted
      C:\Windows\Syswow64\SETA210.tmp deleted
      C:\Windows\Syswow64\SETBA76.tmp deleted
      C:\Windows\Syswow64\SETBB17.tmp deleted
      C:\Windows\Syswow64\SETCE3.tmp deleted
      C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\0ka5dy0j.default\extensions\firefox@mega.co.nz.xpi deleted
      "C:\Users\Lucas\AppData\Roaming\Albion" deleted ==== Firefox Start and Search pages ====================== ProfilePath: C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\0ka5dy0j.default
      user_pref("browser.startup.homepage", "about:home");
      user_pref("browser.newtab.url", "about:newtab"); ==== Firefox Extensions ====================== ProfilePath: C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\0ka5dy0j.default
      - Google Translator for Firefox - %ProfilePath%\extensions\translator@zoli.bod.xpi
      - Always on Top - %ProfilePath%\extensions\{E6C93316-271E-4b3d-8D7E-FE11B4350AEB}.xpi AppDir: C:\Program Files (x86)\Mozilla Firefox
      - Undetermined - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi ==== Firefox Plugins ====================== Profilepath: C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\0ka5dy0j.default
      80320392DCC61B22F0BB23DD5AD7D341    - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_171.dll -    Shockwave Flash
      D24D187FF3004EB238C2B4F84A86DCDE    - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL -    Microsoft Office 2016
      127E13DF136D1CD24B93044D0E45DF1F    - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npMeetingJoinPluginOC.dll -    Microsoft Office 2016
      ==== Chromium Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
      ccjleegmemocfpghkhpjmiccjcacackp - No path found[]
      ibbfklbaljofpaanmpaeadejijfdddco - No path found[] Chrome Cleaner Pro - Lucas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccjleegmemocfpghkhpjmiccjcacackp
      Grammarly for Chrome - Lucas\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen
      Chrome Media Router - Lucas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm ==== Chromium Fix ====================== C:\Users\Lucas\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage deleted successfully
      C:\Users\Lucas\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage-journal deleted successfully ==== Set IE to Default ====================== Old Values:
      [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
      "Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"
      [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
      "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
      [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] not found New Values:
      [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
      "Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"
      [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
      "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
      {012E1000-F331-11DB-8314-0800200C9A66} Google  Url="http://www.google.com/search?q={searchTerms}"
      {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
      {2f23ab71-4ac6-41f2-a955-ea576e553146} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02"
      {485CEA5E-5EB6-4D38-916B-C385F7F7D2E5} Google  Url="http://www.google.com/search?q={searchTerms}" ==== Reset Google Chrome ====================== C:\Users\Lucas\AppData\Local\Chromium\User Data\Default\Preferences was reset successfully
      C:\Users\Lucas\AppData\Local\Chromium\User Data\Default\Secure Preferences was reset successfully
      C:\Users\Lucas\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
      C:\Users\Lucas\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
      C:\Users\Lucas\AppData\Local\Popcorn-Time\User Data\Default\Preferences was reset successfully
      C:\Users\Lucas\AppData\Local\Popcorn-Time\User Data\Default\Secure Preferences was reset successfully
      C:\Users\Lucas\AppData\Local\Chromium\User Data\Default\Web Data was reset successfully
      C:\Users\Lucas\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
      C:\Users\Lucas\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully
      C:\Users\Lucas\AppData\Local\Popcorn-Time\User Data\Default\Web Data was reset successfully
      C:\Users\Lucas\AppData\Local\Popcorn-Time\User Data\Default\Web Data-journal was reset successfully ==== shortcuts on Users Desktops ====================== C:\Users\Lucas\Desktop\888poker.lnk - C:\Program Files (x86)\PacificPoker\bin\888poker.exe 
      C:\Users\Lucas\Desktop\AmpliTube 4.exe - Atalho.lnk - C:\Program Files (x86)\IK Multimedia\AmpliTube 4\AmpliTube 4.exe 
      C:\Users\Lucas\Desktop\Calculator.lnk -  
      C:\Users\Lucas\Desktop\Discord.lnk - C:\Users\Lucas\AppData\Local\Discord\Update.exe --processStart Discord.exe
      C:\Users\Lucas\Desktop\Documentos - Atalho.lnk - C:\Users\Lucas\Documents 
      C:\Users\Lucas\Desktop\Downloads - Atalho.lnk - C:\Users\Lucas\Downloads 
      C:\Users\Lucas\Desktop\Easy Macro Recorder.lnk - C:\Program Files (x86)\Easy Macro Recorder\Macro Recorder.exe 
      C:\Users\Lucas\Desktop\Freez Screen Video Capture.lnk - C:\Program Files (x86)\Smallvideosoft\Freez Screen Video Capture\videocapture.exe 
      C:\Users\Lucas\Desktop\Grammarly.lnk - C:\Users\Lucas\AppData\Local\GrammarlyForWindows\Update.exe --processStart GrammarlyForWindows.exe
      C:\Users\Lucas\Desktop\partypoker.lnk - C:\Programs\PartyGaming\PartyGaming.exe -P=PartyPoker
      C:\Users\Lucas\Desktop\PokerTracker 3.lnk - C:\Program Files (x86)\PokerTracker 3\PokerTracker.exe 
      C:\Users\Lucas\Desktop\Programas e Recursos - Atalho.lnk -  
      C:\Users\Lucas\Desktop\TechPowerUp GPU-Z.lnk - C:\Program Files (x86)\GPU-Z\GPU-Z.exe 
      C:\Users\Lucas\Desktop\Window On Top.lnk - C:\Program Files (x86)\Skybn\Window On Top\winTop.exe 
      C:\Users\Lucas\Desktop\Word 2016.lnk -  
      C:\Users\Lucas\Desktop\µTorrent.lnk -  
      C:\Users\Lucas\Desktop\jogos\8-Bit Armies.lnk - C:\Program Files (x86)\8-Bit Armies\ClientLauncherG.exe 
      C:\Users\Lucas\Desktop\jogos\AlbionOnline.lnk - C:\Program Files (x86)\AlbionOnline\launcher\AlbionLauncher.exe 
      C:\Users\Lucas\Desktop\jogos\Arc.lnk - C:\Program Files (x86)\Arc\ArcLauncher.exe 
      C:\Users\Lucas\Desktop\jogos\Battle.net.lnk - C:\Program Files (x86)\Battle.net\Battle.net Launcher.exe 
      C:\Users\Lucas\Desktop\jogos\Bethesda.net Launcher.lnk - C:\Program Files (x86)\Bethesda.net Launcher\BethesdaNetUpdater.exe 
      C:\Users\Lucas\Desktop\jogos\Cossacks 3.lnk - C:\Program Files (x86)\Cossacks 3\cossacks.exe 
      C:\Users\Lucas\Desktop\jogos\MirrorsEdgeCatalyst.exe - Atalho.lnk - C:\Program Files (x86)\Mirrors Edge Catalyst\Setup\MirrorsEdgeCatalyst.exe 
      C:\Users\Lucas\Desktop\jogos\Origin.lnk - C:\Program Files (x86)\Origin\Origin.exe 
      C:\Users\Lucas\Desktop\jogos\Shadow Tactics - Blades of the Shogun.lnk - C:\GOG Games\Shadow Tactics - Blades of the Shogun\Shadow Tactics.exe 
      C:\Users\Lucas\Desktop\jogos\Sid Meiers Civilization VI.lnk - C:\Program Files (x86)\Sid Meiers Civilization VI\Base\Binaries\Win64Steam\CivilizationVI.exe 
      C:\Users\Lucas\Desktop\jogos\StarCraft 2 - The Trilogy.lnk - C:\Games\StarCraft 2 - The Trilogy\StarCraft II Offline.exe 
      C:\Users\Lucas\Desktop\jogos\StarCraft II.lnk - C:\Program Files (x86)\StarCraft II\StarCraft II.exe 
      C:\Users\Lucas\Desktop\jogos\Steam.lnk - C:\Program Files (x86)\Steam\Steam.exe 
      C:\Users\Lucas\Desktop\jogos\Tyranny.lnk - C:\GOG Games\Tyranny\Tyranny.exe 
      C:\Users\Lucas\Desktop\jogos\World of Warplanes.lnk - C:\Games\World_of_Warplanes\WoWPLauncher.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\AmpliTube 3.lnk - C:\Program Files (x86)\IK Multimedia\AmpliTube 3\AmpliTube 3.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\Arduino.lnk - C:\Program Files (x86)\Arduino\arduino.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\Battle.net.lnk - C:\Program Files (x86)\Battle.net\Battle.net Launcher.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\Car Mechanic Simulator 2015.lnk - C:\Program Files (x86)\Car Mechanic Simulator 2015\cms2015.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\CPUID CPU-Z.lnk - C:\Program Files (x86)\CPUID\CPU-Z\cpuz.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\Custom Shop.lnk - C:\Program Files (x86)\IK Multimedia\Custom Shop\Custom Shop.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\EVE Online.lnk - C:\Program Files (x86)\CCP\EVE\eve.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\FIFA 16.lnk - C:\Program Files (x86)\Origin Games\FIFA 16\fifa16.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\Grey Goo.lnk - C:\Program Files (x86)\Grey Goo\ClientLauncherG.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\Guitar Pro 5.lnk - C:\Program Files (x86)\Guitar Pro 5\GP5.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\iTunes.lnk - C:\Program Files (x86)\iTunes\iTunes.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\Kerbal Space Program.lnk - C:\Games\Kerbal Space Program\Launcher.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\Linkrealms.lnk - C:\Program Files (x86)\Linkrealms\update.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\MiniLyrics.lnk - C:\Program Files (x86)\MiniLyrics\MiniLyrics.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\Movavi Video Editor 4.lnk - C:\Windows\Installer\{95B7C0F4-7434-4DFB-B900-201BFC00C00B}\NewShortcut41_254AB2CD520A4C819BDF86ADC896D541.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\Oracle VM VirtualBox.lnk - C:\Program Files (x86)\Oracle\VirtualBox\VirtualBox.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\RealPlayer Cloud.lnk - C:\Program Files (x86)\Real\RealPlayer\realplay.exe /launch:desktop
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\Rocket League.lnk - C:\Program Files (x86)\rocketleague\Binaries\Win32\RocketLeague.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\Skype.lnk - C:\Windows\Installer\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}\SkypeIcon.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\Spaera.lnk - C:\Program Files (x86)\Blazing Orb\Spaera\SpaeraRunner.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\Super HUD.lnk - C:\Program Files (x86)\Poker Pro Labs\Super HUD\SuperHUD.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\The Witcher 3 Wild Hunt.lnk - C:\Program Files (x86)\The Witcher 3 Wild Hunt\bin\x64\witcher3.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\VMware Workstation.lnk - C:\Program Files (x86)\VMware\VMware Workstation\vmware.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\ZHPCleaner.lnk - C:\Users\Lucas\AppData\Roaming\ZHP\ZHPCleaner.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\jogos\Archeage.lnk - C:\Program Files (x86)\Glyph\GlyphClient.exe  -game 120
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\jogos\FIFA 15.lnk - C:\Program Files (x86)\Origin Games\FIFA 15\fifa15.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\jogos\Glyph.lnk - C:\Program Files (x86)\Glyph\GlyphClient.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\jogos\Heroes of the Storm.lnk - C:\Program Files (x86)\Heroes of the Storm\Heroes of the Storm.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\jogos\Middle Earth - Shadow of Mordor.lnk - C:\Program Files (x86)\R.G. Mechanics\Middle Earth - Shadow of Mordor\x64\ShadowOfMordor.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\jogos\Origin.lnk - C:\Program Files (x86)\Origin\Origin.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\jogos\Rocksmith 2014 (Without Real Tone Cable).lnk - C:\Program Files (x86)\Ubisoft\Rocksmith 2014\rocksmith2014-nocable-loader.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\jogos\Rocksmith 2014.lnk - C:\Program Files (x86)\Ubisoft\Rocksmith 2014\Rocksmith2014.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\jogos\Scrolls.lnk - C:\Program Files (x86)\Scrolls\ScrollsLauncher.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\jogos\Sid Meiers Civilization Beyond Earth.lnk - C:\Program Files (x86)\Sid Meiers Civilization Beyond Earth\CivilizationBe_DX11.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\jogos\Sniper Elite 3.lnk - C:\Program Files (x86)\Sniper Elite 3\Launcher\Sniper3Launcher.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\jogos\Steam.lnk - C:\Program Files (x86)\Steam\Steam.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\jogos\Stronghold 3 x64.lnk - C:\Program Files (x86)\Firefly Studios\Stronghold 3\bin\win32_release\Stronghold3.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\jogos\Stronghold Crusader 2.lnk - C:\Program Files (x86)\Stronghold Crusader 2\bin\win32_release\Crusader2.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\jogos\The Wolf Among Us.lnk - C:\Program Files (x86)\R.G. Mechanics\The Wolf Among Us\TheWolfAmongUs.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\jogos\Total War - Rome II.lnk - C:\Program Files (x86)\R.G. Mechanics\Total War - Rome II\Rome2.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\jogos\XSplit Gamecaster.lnk - C:\Program Files (x86)\SplitmediaLabs\XSplit Gamecaster\XSplit.Gamecaster.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\pendrive 1 semestre 2015\tcc\Material Bancada\Foguete\SolidWorks Bancada\2013\0002_Bancada_0000 - Shortcut.lnk - C:\Users\Lucas\Dropbox\0002_Bancada_0000 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\poker\888poker.lnk - C:\Program Files (x86)\PacificPoker\bin\888poker.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\poker\NetBet Poker.lnk - C:\Program Files (x86)\NetBet Poker\casino.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\poker\nj.partypoker.lnk - C:\Programs\partyNJ\partyNJ.exe -P=partypokerNJ
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\poker\Titan Poker.lnk - C:\Program Files (x86)\Titan Poker\casino.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\poker\Winner Poker.lnk - C:\Program Files (x86)\Winner Poker\casino.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\poker\programas\ICM Trainer.lnk - C:\Windows\Installer\{47EA4DDF-FD99-46B3-846C-9F3F315268AD}\_ECF5B0A15121D905E30873.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\poker\programas\PokerStrategy.com Equilab.lnk - C:\Program Files (x86)\PokerStrategy.com\PokerStrategy.com Equilab\Equilab.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\puc\Circuit Wizard 2 Student Edition.lnk - C:\Program Files (x86)\New Wave Concepts\Circuit Wizard 2 SE\CktWiz.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\puc\OPPE 3.2  .lnk - C:\Program Files (x86)\HI_tecnologia\Spdsw_Pack\3.2\INST_1\OPPE\Oppe.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\puc\OPPE 3.3  .lnk - C:\Program Files (x86)\HI_tecnologia\Spdsw_Pack\3.3\INST_1\OPPE\Oppe.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\puc\PSIM 10 Demo.lnk - C:\Program Files (x86)\Powersim\PSIM10.0.2_Demo\PSIM.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\puc\SPDSW 3.2  .lnk - C:\Program Files (x86)\HI_tecnologia\Spdsw_Pack\3.2\INST_1\SPDSW\spdsw.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\puc\SPDSW 3.3  .lnk - C:\Program Files (x86)\HI_tecnologia\Spdsw_Pack\3.3\INST_1\SPDSW\spdsw.exe 
      C:\Users\Lucas\Desktop\poker\888poker.lnk - C:\Program Files (x86)\PacificPoker\bin\888poker.exe 
      C:\Users\Lucas\Desktop\poker\partypoker.lnk - C:\Programs\PartyGaming\PartyGaming.exe -P=PartyPoker
      C:\Users\Lucas\Desktop\poker\Winner Poker.lnk - C:\Users\Lucas\AppData\Local\Winner Poker\casino.exe  ==== shortcuts on All Users Desktop ====================== C:\Users\Public\Desktop\BS.Player FREE.lnk - C:\Program Files (x86)\Webteh\BSPlayer\bsplayer.exe 
      C:\Users\Public\Desktop\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner64.exe 
      C:\Users\Public\Desktop\Comprar suprimentos - HP Deskjet 2540 series.lnk - C:\Program Files (x86)\HP\HP Deskjet 2540 series\Bin\hpqDTSS.exe 
      C:\Users\Public\Desktop\CPUID CPU-Z.lnk - C:\Program Files\CPUID\CPU-Z\cpuz.exe 
      C:\Users\Public\Desktop\DAEMON Tools Pro.lnk - C:\Program Files\DAEMON Tools Pro\DTPro.exe 
      C:\Users\Public\Desktop\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 
      C:\Users\Public\Desktop\HP Deskjet 2540 series.lnk - C:\Program Files (x86)\HP\HP Deskjet 2540 series\Bin\HP Deskjet 2540 series.exe -Start UDCDevicePage
      C:\Users\Public\Desktop\Intel(R) HD Graphics Control Panel.lnk - C:\Windows\system32\GfxUIEx.exe 
      C:\Users\Public\Desktop\iTunes.lnk - C:\Program Files (x86)\iTunes\iTunes.exe 
      C:\Users\Public\Desktop\Malwarebytes.lnk - C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe 
      C:\Users\Public\Desktop\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe 
      C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk - C:\Program Files (x86)\Oracle\VirtualBox\VirtualBox.exe 
      C:\Users\Public\Desktop\Razer Cortex.lnk - C:\Program Files (x86)\Razer\Razer Cortex\CortexLauncher.exe 
      C:\Users\Public\Desktop\SharpKeys.lnk - C:\Windows\Installer\{636E94DA-99C0-448F-A931-3DAD83B4975F}\_F33C5543CA54DFFA237A37.exe 
      C:\Users\Public\Desktop\Smart View.lnk - C:\Windows\Installer\{99D9BA8C-AA54-48FC-B782-F7C506CF1ECC}\SmartView2.exe 
      C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk - C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe 
      C:\Users\Public\Desktop\Unity 5.4.1f1 (64-bit).lnk - C:\Program Files\Unity\Editor\Unity.exe 
      C:\Users\Public\Desktop\VLC media player.lnk - C:\Program Files (x86)\VideoLAN\VLC\vlc.exe 
      C:\Users\Public\Desktop\XM MT4.lnk - C:\Program Files (x86)\XM MT4\terminal.exe  ==== shortcuts in Users Start Menu ====================== C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\888poker.lnk - C:\Program Files (x86)\PacificPoker\bin\888poker.exe 
      C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Winner Poker.lnk - C:\Users\Lucas\AppData\Local\Winner Poker\casino.exe 
      C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk - C:\Users\Lucas\AppData\Local\Microsoft\OneDrive\OneDrive.exe 
      C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Recursos Opcionais.lnk - C:\Windows\System32\fodhelper.exe 
      C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Update and Privacy Settings.lnk - C:\Windows\System32\UNP\UNPUXHost.exe 
      C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe 
      C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Albion Online\AlbionOnline.lnk - C:\Program Files (x86)\AlbionOnline\launcher\AlbionLauncher.exe 
      C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Albion Online\Uninstall.lnk - C:\Program Files (x86)\AlbionOnline\uninstall.exe 
      C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\KeyTweak\KeyTweak Manual.lnk - C:\Users\Lucas\AppData\Local\VirtualStore\Program Files (x86)\KeyTweak\KeyTweak Manual.pdf 
      C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\KeyTweak\Uninstall.lnk - C:\Program Files (x86)\KeyTweak\uninstall.exe 
      C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PokerTracker 3\PokerTracker 3.lnk - C:\Program Files (x86)\PokerTracker 3\PokerTracker.exe 
      C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PokerTracker 3\Uninstall PokerTracker 3.lnk - C:\Program Files (x86)\PokerTracker 3\uninstall.exe 
      C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PokerTracker 4\PokerTracker 4 (Logging Enabled).lnk - C:\Program Files (x86)\PokerTracker 4\PokerTracker4.exe -l
      C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PokerTracker 4\PokerTracker 4.lnk - C:\Program Files (x86)\PokerTracker 4\PokerTracker4.exe 
      C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PokerTracker 4\Uninstall PokerTracker 4.lnk - C:\Program Files (x86)\PokerTracker 4\uninstall.exe 
      C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Console RAR manual.lnk - C:\Program Files (x86)\WinRAR\Rar.txt 
      C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\What is new in the latest version.lnk - C:\Program Files (x86)\WinRAR\WhatsNew.txt 
      C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR help.lnk - C:\Program Files (x86)\WinRAR\WinRAR.chm 
      C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk - C:\Program Files (x86)\WinRAR\WinRAR.exe  ==== shortcuts in All Users Start Menu ====================== C:\ProgramData\Microsoft\Windows\Start Menu\partypoker.lnk - C:\Programs\PartyGaming\PartyGaming.exe -P=PartyPoker
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe 
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Settings\AMD Settings.lnk - C:\Program Files (x86)\AMD\CNext\CNext\RadeonSettings.exe 
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bethesda.net Launcher\Bethesda.net Launcher.lnk - C:\Program Files (x86)\Bethesda.net Launcher\BethesdaNetUpdater.exe 
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bethesda.net Launcher\Uninstall Bethesda.net Launcher.lnk - C:\Program Files (x86)\Bethesda.net Launcher\unins000.exe 
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner64.exe 
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Pro\DAEMON Tools Pro.lnk - C:\Program Files\DAEMON Tools Pro\DTPro.exe 
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Pro\Image Editor.lnk - C:\Program Files\DAEMON Tools Pro\DTImgEditor.exe 
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Easy Macro Recorder\Easy Macro Recorder on the Web.lnk - C:\Program Files (x86)\Easy Macro Recorder\homepage.url 
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Easy Macro Recorder\Easy Macro Recorder.lnk - C:\Program Files (x86)\Easy Macro Recorder\Macro Recorder.exe 
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Easy Macro Recorder\Help.lnk - C:\Program Files (x86)\Easy Macro Recorder\help.chm 
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Easy Macro Recorder\Uninstall Easy Macro Recorder.lnk - C:\Program Files (x86)\Easy Macro Recorder\unins000.exe 
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\partypoker.lnk - C:\Programs\PartyGaming\PartyGaming.exe -P=PartyPoker
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Configurar Java.lnk - C:\Program Files (x86)\Java\jre1.8.0_131\bin\javacpl.exe 
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Sobre o Java.lnk - C:\Program Files (x86)\Java\jre1.8.0_131\bin\javacpl.exe -tab about
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Verificar Atualizações.lnk -  
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico\AutoPico.lnk - C:\Program Files\KMSpico\AutoPico.exe 
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico\KMSpico.lnk - C:\Program Files\KMSpico\KMSELDI.exe 
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico\Log KMSpico.lnk - C:\Program Files\KMSpico\scripts\Log.cmd 
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico\Uninstall KMSpico.lnk - C:\Program Files\KMSpico\UninsHs.exe /u0=KMSpico
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes\Malwarebytes.lnk - C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe 
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes\Uninstall Malwarebytes.lnk - C:\Program Files (x86)\Malwarebytes\Anti-Malware\unins000.exe 
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox\License (English).lnk - C:\Program Files (x86)\Oracle\VirtualBox\License_en_US.rtf 
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox\Oracle VM VirtualBox.lnk - C:\Program Files (x86)\Oracle\VirtualBox\VirtualBox.exe 
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox\User manual (CHM, English).lnk - C:\Program Files (x86)\Oracle\VirtualBox\VirtualBox.chm 
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox\User manual (PDF, English).lnk - C:\Program Files (x86)\Oracle\VirtualBox\doc\UserManual.pdf 
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\partypoker\partypoker.lnk - C:\Programs\PartyGaming\PartyGaming.exe -P=PartyPoker
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\partypoker\Uninstall partypoker.lnk - C:\programs\partygaming\PartyPoker\Uninstall\Setup.exe App_Type=U
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PostgreSQL 8.3\Command Prompt.lnk - C:\Windows\SysWOW64\cmd.exe /k set PGCLIENTENCODING=WIN1252 && set PGPORT=5432
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PostgreSQL 8.3\pgAdmin III.lnk - C:\Program Files (x86)\PostgreSQL\8.3\bin\pgAdmin3.exe 
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PostgreSQL 8.3\psql to 'postgres'.lnk - C:\Program Files (x86)\PostgreSQL\8.3\bin\psql.bat  -h localhost -p 5432 postgres "postgres" WIN1252
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PostgreSQL 8.3\Reload configuration.lnk - C:\Program Files (x86)\PostgreSQL\8.3\bin\pg_ctl.exe  reload -D "C:\Program Files (x86)\PostgreSQL\8.3\data\"
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PostgreSQL 8.3\Start service.lnk - C:\Windows\SysWOW64\net.exe  start pgsql-8.3
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PostgreSQL 8.3\Stop service.lnk - C:\Windows\SysWOW64\net.exe  stop pgsql-8.3
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PostgreSQL 8.3\Configuration files\Edit pg_hba.conf.lnk - C:\Windows\SysWOW64\notepad.exe C:\Program Files (x86)\PostgreSQL\8.3\data\pg_hba.conf
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PostgreSQL 8.3\Configuration files\Edit pg_ident.conf.lnk - C:\Windows\SysWOW64\notepad.exe C:\Program Files (x86)\PostgreSQL\8.3\data\pg_ident.conf
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PostgreSQL 8.3\Configuration files\Edit postgresql.conf.lnk - C:\Windows\SysWOW64\notepad.exe C:\Program Files (x86)\PostgreSQL\8.3\data\postgresql.conf
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PostgreSQL 8.3\Documentation\Installation Notes.lnk - C:\Program Files (x86)\PostgreSQL\8.3\Installation Notes.rtf 
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PostgreSQL 8.3\Documentation\pgAdmin Help.lnk - C:\Windows\hh.exe mk:@MSITStore:C:\Program Files (x86)\PostgreSQL\8.3\pgAdmin III\docs\en_US\pgadmin3.chm::/index.html
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PostgreSQL 8.3\Documentation\PostgreSQL Help.lnk - C:\Windows\hh.exe mk:@MSITStore:C:\Program Files (x86)\PostgreSQL\8.3\doc\postgresql.chm::/index.html
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PostgreSQL 8.3\Documentation\PostgreSQL release notes.lnk - C:\Windows\hh.exe mk:@MSITStore:C:\Program Files (x86)\PostgreSQL\8.3\doc\postgresql.chm::/release.html
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RandyRants.com\SharpKeys\SharpKeys FAQ.lnk - C:\Windows\Installer\{636E94DA-99C0-448F-A931-3DAD83B4975F}\_B1CA15029C1C01AF26BE17.exe 
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RandyRants.com\SharpKeys\SharpKeys.lnk - C:\Windows\Installer\{636E94DA-99C0-448F-A931-3DAD83B4975F}\_766E8E735A97E6B647001F.exe 
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Serviio\Open Serviio Console.lnk -  
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Serviio\Open Serviio MediaBrowser.lnk -  
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Serviio\Readme.lnk - C:\Program Files\Serviio\README.txt 
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Serviio\Release Notes.lnk - C:\Program Files\Serviio\RELEASE_NOTES.txt 
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Serviio\Serviio Console.lnk - C:\Program Files\Serviio\console\ServiioConsole.exe 
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Serviio\Start Serviio service.lnk - C:\Program Files\Serviio\bin\ServiioService.exe -start
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Serviio\Stop Serviio service.lnk - C:\Program Files\Serviio\bin\ServiioService.exe -stop
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Serviio\Uninstall Serviio.lnk - C:\Program Files (x86)\Serviio\uninstall.exe 
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VSFilter\Configuration (x64).lnk - C:\Windows\System32\rundll32.exe VSFilter.dll,DirectVobSub
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VSFilter\Uninstall (x64).lnk - C:\Program Files (x86)\VSFilter\unins000.exe 
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Console RAR manual.lnk - C:\Program Files (x86)\WinRAR\Rar.txt 
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\What is new in the latest version.lnk - C:\Program Files (x86)\WinRAR\WhatsNew.txt 
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR help.lnk - C:\Program Files (x86)\WinRAR\WinRAR.chm 
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk - C:\Program Files (x86)\WinRAR\WinRAR.exe 
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XM MT4\MetaEditor.lnk - C:\Program Files (x86)\XM MT4\metaeditor.exe 
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XM MT4\Uninstall.lnk - C:\Program Files (x86)\XM MT4\uninstall.exe 
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XM MT4\XM MT4.lnk - C:\Program Files (x86)\XM MT4\terminal.exe  ==== shortcuts in Quick Launch ====================== C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
      C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  
      C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
      C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  
      C:\Users\Lucas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\888poker.lnk - C:\Program Files (x86)\PacificPoker\bin\888poker.exe 
      C:\Users\Lucas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\BS.Player FREE.lnk - C:\Program Files (x86)\Webteh\BSPlayer\bsplayer.exe 
      C:\Users\Lucas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 
      C:\Users\Lucas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\partypoker.lnk - C:\Programs\PartyGaming\PartyGaming.exe -P=PartyPoker
      C:\Users\Lucas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
      C:\Users\Lucas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  
      C:\Users\Lucas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk -  
      C:\Users\Lucas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\76f9e4d33b60b312\Popcorn-Time.lnk - C:\Users\Lucas\AppData\Local\Popcorn-Time\Popcorn-Time.exe --user-data-dir="C:\Users\Lucas\AppData\Local\Popcorn-Time\User Data" --profile-directory=Default --app-id=hecfofbbdfadifpemejbbdcjmfmboohj
      C:\Users\Lucas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\computer.lnk -  
      C:\Users\Lucas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Control Panel.lnk -  
      C:\Users\Lucas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk -  
      C:\Users\Lucas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 
      C:\Users\Lucas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe 
      C:\Users\Lucas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Notepad.lnk - C:\Windows\system32\notepad.exe 
      C:\Users\postgres\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
      C:\Users\postgres\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -   ==== shortcuts After Repair ====================== C:\Users\Lucas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\76f9e4d33b60b312\Popcorn-Time.lnk - C:\Users\Lucas\AppData\Local\Popcorn-Time\Popcorn-Time.exe  ==== Reset IE Proxy ====================== Value(s) before fix:
      "ProxyEnable"=dword:00000000 Value(s) after fix:
      "ProxyEnable"=dword:00000000 ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully
      HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\UnityWebPlayer deleted successfully ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
      C:\Users\Lucas\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
      C:\Users\Lucas\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
      C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
      C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
      C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
      C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
      C:\Users\Lucas\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
      C:\Users\Lucas\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully
      C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
      C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
      C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully ==== Empty FireFox Cache ====================== No FireFox Cache found ==== Empty Chrome Cache ====================== C:\Users\Lucas\AppData\Local\Chromium\User Data\Default\Cache emptied successfully
      C:\Users\Lucas\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
      C:\Users\Lucas\AppData\Local\Popcorn-Time\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== No Flash Cache Found ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=1596 folders=1948 5230133766 bytes) ==== Empty Temp Folders ====================== C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied
      C:\Users\Lucas\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on Sat 05/27/2017 at 16:38:38.69 ======================
          Logfile of Trend Micro HijackThis v2.0.4
      Scan saved at 4:43:50 PM, on 5/27/2017
      Platform: Unknown Windows (WinNT 6.02.1008)
      MSIE: Internet Explorer v11.0 (11.00.14393.0953)
      Boot mode: Normal Running processes:
      C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
      C:\Users\Lucas\AppData\Local\Microsoft\OneDrive\OneDrive.exe
      C:\Program Files (x86)\Hotkey\Hotkey.exe
      C:\Users\Lucas\AppData\Local\Apps\2.0\JROKO8AW.M9G\WQT58663.9XT\poke...app_6e7fc6368d8f8800_0002.0001_7854192edeabd0f7\PSC.SideKick.exe
      C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe
      C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
      C:\Program Files (x86)\Razer\Razer Cortex\RazerCortex.exe
      C:\Users\Lucas\AppData\Local\Discord\app-0.0.297\Discord.exe
      C:\Users\Lucas\AppData\Local\Discord\app-0.0.297\Discord.exe
      C:\Users\Lucas\AppData\Local\Discord\app-0.0.297\Discord.exe
      C:\Program Files (x86)\Razer\Razer Cortex\Cef\CefSharp.BrowserSubprocess.exe
      C:\Users\Lucas\Downloads\HijackThis (1).exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
      R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
      R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
      R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
      R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
      R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
      F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe
      O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
      O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll
      O2 - BHO: Microsoft OneDrive for Business Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL
      O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll
      O4 - HKLM\..\Run: [THX Audio Control Panel] "C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe" /r
      O4 - HKLM\..\Run: [UpdReg] C:\Windows\UpdReg.EXE
      O4 - HKLM\..\Run: [RazerCortex] C:\Program Files (x86)\Razer\Razer Cortex\CortexLauncher.exe -autorun
      O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
      O4 - HKCU\..\Run: [OneDrive] "C:\Users\Lucas\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
      O4 - HKCU\..\Run: [Chromium] "c:\users\lucas\appdata\local\chromium\application\chrome.exe" --auto-launch-at-startup --profile-directory="Default" --restore-last-session
      O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
      O4 - HKCU\..\Run: [Discord] C:\Users\Lucas\AppData\Local\Discord\app-0.0.297\Discord.exe
      O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files\DAEMON Tools Pro\DTAgent.exe" -autorun
      O4 - HKCU\..\Run: [PokerStrategy.com SideKick] "C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PokerStrategy.com\PokerStrategy.com SideKick.appref-ms"
      O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
      O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Lucas\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Lucas\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\amd64"
      O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
      O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
      O4 - HKUS\S-1-5-21-3263317907-2408547081-2500880260-1004\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'postgres')
      O4 - Global Startup: Hotkey.lnk = C:\Program Files (x86)\Hotkey\Hotkey.exe
      O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE/3000
      O8 - Extra context menu item: Enviar imagem para Dispositivo Bluetooth - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\btsendto_ie_ctx.htm
      O8 - Extra context menu item: Enviar página para Dispositivo Bluetooth - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\btsendto_ie.htm
      O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office\Root\Office16\ONBttnIE.dll/105
      O8 - Extra context menu item: Send image to Bluetooth Device - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\btsendto_ie_ctx.htm
      O8 - Extra context menu item: Send page to Bluetooth Device - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\btsendto_ie.htm
      O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIE.dll
      O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIE.dll
      O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
      O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
      O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
      O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
      O9 - Extra button: @C:\Program Files (x86)\REALTEK\Realtek Bluetooth\LANG\BtServer_LANG.dll,-134 - {D870B030-8D66-423b-9B97-894D4A0DEC23} - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\btsendto_ie.htm (HKCU)
      O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\REALTEK\Realtek Bluetooth\LANG\BtServer_LANG.dll,-134 - {D870B030-8D66-423b-9B97-894D4A0DEC23} - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\btsendto_ie.htm (HKCU)
      O10 - Unknown file in Winsock LSP: c:\Windows\syswow64\wlidnsp.dll
      O10 - Unknown file in Winsock LSP: c:\Windows\syswow64\wlidnsp.dll
      O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
      O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
      O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
      O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
      O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
      O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
      O18 - Protocol: Windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
      O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
      O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
      O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
      O23 - Service: AvrcpService - Realtek Semiconductor Corporation - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\AvrcpService.exe
      O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
      O23 - Service: Serviço do Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
      O23 - Service: BTDevManager - Unknown owner - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe
      O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
      O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
      O23 - Service: Disc Soft Pro Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Pro\DiscSoftBusServicePro.exe
      O23 - Service: EasyAntiCheat - EasyAntiCheat Ltd - C:\Windows\system32\EasyAntiCheat.exe
      O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
      O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
      O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
      O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
      O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
      O23 - Service: Hi-Rez Studios Authenticate and Update Service (HiPatchService) - Hi-Rez Studios - C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
      O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - HP Inc. - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
      O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
      O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing)
      O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
      O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
      O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
      O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
      O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
      O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
      O23 - Service: Origin Web Helper Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginWebHelperService.exe
      O23 - Service: PostgreSQL Database Server 8.3 (pgsql-8.3) - PostgreSQL Global Development Group - C:\Program Files (x86)\PostgreSQL\8.3\bin\pg_ctl.exe
      O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
      O23 - Service: PowerBiosServer - Unknown owner - C:\Program Files (x86)\Hotkey\PowerBiosServer.exe
      O23 - Service: Razer Game Scanner (Razer Game Scanner Service) - Unknown owner - C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
      O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
      O23 - Service: RtkBleServ - Realtek Semiconductor Corporation - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\RtkBleServ.exe
      O23 - Service: RzKLService - Razer Inc. - C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe
      O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
      O23 - Service: @%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001 (Sense) - Unknown owner - C:\Program Files (x86)\Windows Defender Advanced Threat Protection\MsSense.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\Windows\System32\SensorDataService.exe (file missing)
      O23 - Service: Serviio - Unknown owner - C:\Program Files\Serviio\bin\ServiioService.exe
      O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
      O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
      O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
      O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\Windows\system32\TieringEngineService.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
      O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
      O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
      O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
      O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
      O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
      O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) --
      End of file - 15169 bytes
       
    • Ótimo, muito bom!! Continuando.. 1. Desabilite o seu Antivírus e AntiSpyware para não haver conflitos e Mantenha-os desativados até terminar as instruções. 2. Faça download do Zoek e execute-o. 3. Copie as linhas abaixo (selecione-as e tecle CTRL+C) e cole (CTRL+V) no espaço do Zoek: createsrpoint;
      autoclean;
      resetieproxy;
      resethosts;
      iedefaults;
      chrdefaults;
      emptyCHRcache;
      ffdefaults;
      firefoxlook;
      emptyalltemp;
      shortcutfix; 4. Feche todos os navegadores e clique em Run Script: Durante o Scan a mensagem abaixo será apresentada. Seja paciente e aguarde o término da execução do script pois a análise pode demorar alguns minutos.. 5. Caso seja solicitada a reinicialização do computador, faça isso clicando em OK 6.  O Zoek abrirá uma janela com o resultado da análise. Poste o conteúdo dessa janela e também um novo Log do HijackThis.
    • # AdwCleaner v6.047 - Logfile created 27/05/2017 at 15:08:49
      # Updated on 19/05/2017 by Malwarebytes
      # Database : 2017-05-26.6 [Server]
      # Operating System : Windows 10 Pro  (X64)
      # Username : Lucas - LUCAS
      # Running from : C:\Users\Lucas\Downloads\AdwCleaner.exe
      # Mode: Clean
      # Support : https://www.malwarebytes.com/support ***** [ Services ] ***** ***** [ Folders ] ***** [-] Folder deleted: C:\Users\Lucas\AppData\Local\YSearchUtil
      [-] Folder deleted: C:\Users\Lucas\AppData\LocalLow\.acestream
      [-] Folder deleted: C:\Users\Lucas\AppData\Roaming\.acestream
      [-] Folder deleted: C:\Users\Lucas\AppData\Roaming\acestream
      [-] Folder deleted: C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\ByteFence
      [-] Folder deleted: C:\_acestream_cache_
      [-] Folder deleted: C:\Windows\SysWOW64\config\systemprofile\AppData\Local\YSearchUtil
      ***** [ Files ] ***** [-] File deleted: C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\0ka5dy0j.default\extensions\jid1-16aeif9OQIRKxA@jetpack.xpi
      ***** [ DLL ] ***** ***** [ WMI ] ***** ***** [ Shortcuts ] ***** [-] Shortcut disinfected: C:\Users\Public\Desktop\Google Chrome.lnk
      [-] Shortcut disinfected: C:\Users\Public\Desktop\Mozilla Firefox.lnk
      [-] Shortcut disinfected: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
      [-] Shortcut disinfected: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
      [-] Shortcut disinfected: C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\Kerbal Space Program.lnk
      [-] Shortcut disinfected: C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk
      [-] Shortcut disinfected: C:\Users\Lucas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk
      ***** [ Scheduled Tasks ] ***** ***** [ Registry ] ***** [-] Key deleted: HKU\S-1-5-21-3263317907-2408547081-2500880260-1001\Software\Classes\acestream
      [#] Key deleted on reboot: HKCU\Software\Classes\acestream
      [#] Key deleted on reboot: [x64] HKCU\Software\Classes\acestream
      [-] Key deleted: HKU\S-1-5-21-3263317907-2408547081-2500880260-1001\Software\Conduit
      [#] Key deleted on reboot: HKCU\Software\Conduit
      [-] Key deleted: HKLM\SOFTWARE\Conduit
      [#] Key deleted on reboot: [x64] HKCU\Software\Conduit
      ***** [ Web browsers ] ***** [-] [C:\Users\Lucas\AppData\Local\Chromium\User Data\Default\Web data] [Search Provider] Deleted: yhs
      [-] [C:\Users\Lucas\AppData\Local\Chromium\User Data\Default] [startup_urls] Deleted: hxxps://br.search.yahoo.com/yhs/web?hspart=elm&hsimp=yhs-001&type=hdr_s_16_34_wbf_nrssi_16_32&param1=1&param2=f%3D7%26b%3Dchmm%26cc%3Dbr%26pa%3DHodor%26cd%3D2XzuyEtN2Y1L1QzuyC0CyBtC0Dzyzy0AtDyCyEzytDtD0CzytN0D0Tzu0StCyBtDtCtN1L2XzutAtFtByEtFyCtFtDtN1L1Czu1M1Q1CtByDtFtCtFtCtN1L1G1B1V1N2Y1L1Qzu2StC0E0Dzz0D0DtAzytGtCzz0AyEtGtByE0BzztGtA0BtD0CtGzz0F0CyByD0F0AtC0E0E0EyB2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAzz0E0EtBtC0A0BtGtBtDyCtAtGyE0Dzy0DtG0A0Azy0AtGyE0AtD0DtBtB0B0B0F0E0E0F2QtN0A0LzuyE%26cr%3D1665732108%26a%3Dhdr_s_16_34_wbf_nrssi_16_32%26os_ver%3D10.0%26os%3DWindows%2B10%2BPro
      [-] [C:\Users\Lucas\AppData\Local\Chromium\User Data\Default] [homepage] Deleted: hxxps://br.search.yahoo.com/yhs/web?hspart=elm&hsimp=yhs-001&type=hdr_s_16_34_wbf_nrssi_16_32&param1=1&param2=f%3D1%26b%3Dchmm%26cc%3Dbr%26pa%3DHodor%26cd%3D2XzuyEtN2Y1L1QzuyC0CyBtC0Dzyzy0AtDyCyEzytDtD0CzytN0D0Tzu0StCyBtDtCtN1L2XzutAtFtByEtFyCtFtDtN1L1Czu1M1Q1CtByDtFtCtFtCtN1L1G1B1V1N2Y1L1Qzu2StC0E0Dzz0D0DtAzytGtCzz0AyEtGtByE0BzztGtA0BtD0CtGzz0F0CyByD0F0AtC0E0E0EyB2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAzz0E0EtBtC0A0BtGtBtDyCtAtGyE0Dzy0DtG0A0Azy0AtGyE0AtD0DtBtB0B0B0F0E0E0F2QtN0A0LzuyE%26cr%3D1665732108%26a%3Dhdr_s_16_34_wbf_nrssi_16_32%26os_ver%3D10.0%26os%3DWindows%2B10%2BPro
      ************************* :: "Tracing" keys deleted
      :: Winsock settings cleared ************************* C:\AdwCleaner\AdwCleaner[C0].txt - [3928 Bytes] - [27/05/2017 15:08:49]
      C:\AdwCleaner\AdwCleaner[S0].txt - [4072 Bytes] - [27/05/2017 15:05:34] ########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [4074 Bytes] ##########
        # AdwCleaner v6.047 - Logfile created 27/05/2017 at 15:08:49
      # Updated on 19/05/2017 by Malwarebytes
      # Database : 2017-05-26.6 [Server]
      # Operating System : Windows 10 Pro  (X64)
      # Username : Lucas - LUCAS
      # Running from : C:\Users\Lucas\Downloads\AdwCleaner.exe
      # Mode: Clean
      # Support : https://www.malwarebytes.com/support ***** [ Services ] ***** ***** [ Folders ] ***** [-] Folder deleted: C:\Users\Lucas\AppData\Local\YSearchUtil
      [-] Folder deleted: C:\Users\Lucas\AppData\LocalLow\.acestream
      [-] Folder deleted: C:\Users\Lucas\AppData\Roaming\.acestream
      [-] Folder deleted: C:\Users\Lucas\AppData\Roaming\acestream
      [-] Folder deleted: C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\ByteFence
      [-] Folder deleted: C:\_acestream_cache_
      [-] Folder deleted: C:\Windows\SysWOW64\config\systemprofile\AppData\Local\YSearchUtil
      ***** [ Files ] ***** [-] File deleted: C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\0ka5dy0j.default\extensions\jid1-16aeif9OQIRKxA@jetpack.xpi
      ***** [ DLL ] ***** ***** [ WMI ] ***** ***** [ Shortcuts ] ***** [-] Shortcut disinfected: C:\Users\Public\Desktop\Google Chrome.lnk
      [-] Shortcut disinfected: C:\Users\Public\Desktop\Mozilla Firefox.lnk
      [-] Shortcut disinfected: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
      [-] Shortcut disinfected: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
      [-] Shortcut disinfected: C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\Kerbal Space Program.lnk
      [-] Shortcut disinfected: C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk
      [-] Shortcut disinfected: C:\Users\Lucas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk
      ***** [ Scheduled Tasks ] ***** ***** [ Registry ] ***** [-] Key deleted: HKU\S-1-5-21-3263317907-2408547081-2500880260-1001\Software\Classes\acestream
      [#] Key deleted on reboot: HKCU\Software\Classes\acestream
      [#] Key deleted on reboot: [x64] HKCU\Software\Classes\acestream
      [-] Key deleted: HKU\S-1-5-21-3263317907-2408547081-2500880260-1001\Software\Conduit
      [#] Key deleted on reboot: HKCU\Software\Conduit
      [-] Key deleted: HKLM\SOFTWARE\Conduit
      [#] Key deleted on reboot: [x64] HKCU\Software\Conduit
      ***** [ Web browsers ] ***** [-] [C:\Users\Lucas\AppData\Local\Chromium\User Data\Default\Web data] [Search Provider] Deleted: yhs
      [-] [C:\Users\Lucas\AppData\Local\Chromium\User Data\Default] [startup_urls] Deleted: hxxps://br.search.yahoo.com/yhs/web?hspart=elm&hsimp=yhs-001&type=hdr_s_16_34_wbf_nrssi_16_32&param1=1&param2=f%3D7%26b%3Dchmm%26cc%3Dbr%26pa%3DHodor%26cd%3D2XzuyEtN2Y1L1QzuyC0CyBtC0Dzyzy0AtDyCyEzytDtD0CzytN0D0Tzu0StCyBtDtCtN1L2XzutAtFtByEtFyCtFtDtN1L1Czu1M1Q1CtByDtFtCtFtCtN1L1G1B1V1N2Y1L1Qzu2StC0E0Dzz0D0DtAzytGtCzz0AyEtGtByE0BzztGtA0BtD0CtGzz0F0CyByD0F0AtC0E0E0EyB2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAzz0E0EtBtC0A0BtGtBtDyCtAtGyE0Dzy0DtG0A0Azy0AtGyE0AtD0DtBtB0B0B0F0E0E0F2QtN0A0LzuyE%26cr%3D1665732108%26a%3Dhdr_s_16_34_wbf_nrssi_16_32%26os_ver%3D10.0%26os%3DWindows%2B10%2BPro
      [-] [C:\Users\Lucas\AppData\Local\Chromium\User Data\Default] [homepage] Deleted: hxxps://br.search.yahoo.com/yhs/web?hspart=elm&hsimp=yhs-001&type=hdr_s_16_34_wbf_nrssi_16_32&param1=1&param2=f%3D1%26b%3Dchmm%26cc%3Dbr%26pa%3DHodor%26cd%3D2XzuyEtN2Y1L1QzuyC0CyBtC0Dzyzy0AtDyCyEzytDtD0CzytN0D0Tzu0StCyBtDtCtN1L2XzutAtFtByEtFyCtFtDtN1L1Czu1M1Q1CtByDtFtCtFtCtN1L1G1B1V1N2Y1L1Qzu2StC0E0Dzz0D0DtAzytGtCzz0AyEtGtByE0BzztGtA0BtD0CtGzz0F0CyByD0F0AtC0E0E0EyB2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAzz0E0EtBtC0A0BtGtBtDyCtAtGyE0Dzy0DtG0A0Azy0AtGyE0AtD0DtBtB0B0B0F0E0E0F2QtN0A0LzuyE%26cr%3D1665732108%26a%3Dhdr_s_16_34_wbf_nrssi_16_32%26os_ver%3D10.0%26os%3DWindows%2B10%2BPro
      ************************* :: "Tracing" keys deleted
      :: Winsock settings cleared ************************* C:\AdwCleaner\AdwCleaner[C0].txt - [3928 Bytes] - [27/05/2017 15:08:49]
      C:\AdwCleaner\AdwCleaner[S0].txt - [4072 Bytes] - [27/05/2017 15:05:34] ########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [4074 Bytes] ##########   ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
      Junkware Removal Tool (JRT) by Malwarebytes
      Version: 8.1.3 (04.10.2017)
      Operating System: Windows 10 Pro x64 
      Ran by Lucas (Administrator) on Sat 05/27/2017 at 15:13:09.12
      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
      File System: 0 
      Registry: 0  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
      Scan was completed on Sat 05/27/2017 at 15:18:53.51
      End of JRT log
      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~     Logfile of Trend Micro HijackThis v2.0.4
      Scan saved at 3:23:19 PM, on 5/27/2017
      Platform: Unknown Windows (WinNT 6.02.1008)
      MSIE: Internet Explorer v11.0 (11.00.14393.0953)
      Boot mode: Normal Running processes:
      C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
      C:\Users\Lucas\Downloads\HijackThis (1).exe
      C:\Windows\SysWOW64\DllHost.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
      R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
      R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
      R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
      R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
      R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
      F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe
      O1 - Hosts: ::1 tutorial2
      O1 - Hosts: ::1 test2
      O1 - Hosts: ::1 Projetos
      O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
      O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll
      O2 - BHO: Microsoft OneDrive for Business Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL
      O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll
      O4 - HKLM\..\Run: [THX Audio Control Panel] "C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe" /r
      O4 - HKLM\..\Run: [UpdReg] C:\Windows\UpdReg.EXE
      O4 - HKLM\..\Run: [RazerCortex] C:\Program Files (x86)\Razer\Razer Cortex\CortexLauncher.exe -autorun
      O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
      O4 - HKCU\..\Run: [OneDrive] "C:\Users\Lucas\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
      O4 - HKCU\..\Run: [Chromium] "c:\users\lucas\appdata\local\chromium\application\chrome.exe" --auto-launch-at-startup --profile-directory="Default" --restore-last-session
      O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
      O4 - HKCU\..\Run: [Discord] C:\Users\Lucas\AppData\Local\Discord\app-0.0.297\Discord.exe
      O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files\DAEMON Tools Pro\DTAgent.exe" -autorun
      O4 - HKCU\..\Run: [PokerStrategy.com SideKick] "C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PokerStrategy.com\PokerStrategy.com SideKick.appref-ms"
      O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
      O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Lucas\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Lucas\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\amd64"
      O4 - Global Startup: Hotkey.lnk = C:\Program Files (x86)\Hotkey\Hotkey.exe
      O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE/3000
      O8 - Extra context menu item: Enviar imagem para Dispositivo Bluetooth - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\btsendto_ie_ctx.htm
      O8 - Extra context menu item: Enviar página para Dispositivo Bluetooth - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\btsendto_ie.htm
      O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office\Root\Office16\ONBttnIE.dll/105
      O8 - Extra context menu item: Send image to Bluetooth Device - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\btsendto_ie_ctx.htm
      O8 - Extra context menu item: Send page to Bluetooth Device - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\btsendto_ie.htm
      O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIE.dll
      O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIE.dll
      O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
      O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
      O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
      O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
      O9 - Extra button: @C:\Program Files (x86)\REALTEK\Realtek Bluetooth\LANG\BtServer_LANG.dll,-134 - {D870B030-8D66-423b-9B97-894D4A0DEC23} - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\btsendto_ie.htm (HKCU)
      O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\REALTEK\Realtek Bluetooth\LANG\BtServer_LANG.dll,-134 - {D870B030-8D66-423b-9B97-894D4A0DEC23} - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\btsendto_ie.htm (HKCU)
      O10 - Unknown file in Winsock LSP: c:\Windows\syswow64\wlidnsp.dll
      O10 - Unknown file in Winsock LSP: c:\Windows\syswow64\wlidnsp.dll
      O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
      O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
      O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
      O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
      O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
      O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
      O18 - Protocol: Windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
      O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
      O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
      O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
      O23 - Service: AvrcpService - Realtek Semiconductor Corporation - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\AvrcpService.exe
      O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
      O23 - Service: Serviço do Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
      O23 - Service: BTDevManager - Unknown owner - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe
      O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
      O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
      O23 - Service: Disc Soft Pro Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Pro\DiscSoftBusServicePro.exe
      O23 - Service: EasyAntiCheat - EasyAntiCheat Ltd - C:\Windows\system32\EasyAntiCheat.exe
      O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
      O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
      O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
      O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
      O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
      O23 - Service: Hi-Rez Studios Authenticate and Update Service (HiPatchService) - Hi-Rez Studios - C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
      O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - HP Inc. - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
      O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
      O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing)
      O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
      O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
      O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
      O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
      O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
      O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
      O23 - Service: Origin Web Helper Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginWebHelperService.exe
      O23 - Service: PostgreSQL Database Server 8.3 (pgsql-8.3) - PostgreSQL Global Development Group - C:\Program Files (x86)\PostgreSQL\8.3\bin\pg_ctl.exe
      O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
      O23 - Service: PowerBiosServer - Unknown owner - C:\Program Files (x86)\Hotkey\PowerBiosServer.exe
      O23 - Service: Razer Game Scanner (Razer Game Scanner Service) - Unknown owner - C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
      O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
      O23 - Service: RtkBleServ - Realtek Semiconductor Corporation - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\RtkBleServ.exe
      O23 - Service: RzKLService - Razer Inc. - C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe
      O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
      O23 - Service: @%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001 (Sense) - Unknown owner - C:\Program Files (x86)\Windows Defender Advanced Threat Protection\MsSense.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\Windows\System32\SensorDataService.exe (file missing)
      O23 - Service: Serviio - Unknown owner - C:\Program Files\Serviio\bin\ServiioService.exe
      O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
      O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
      O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
      O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\Windows\system32\TieringEngineService.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
      O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
      O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
      O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
      O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
      O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
      O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) --
      End of file - 14181 bytes
         
    • digite winver no executar e poste sua versão do windows 10... Sua conta tem poderes de administrador? Se possivel poste imagem com o problema por favor...
    • 1. Desabilite o seu Antivírus e AntiSpyware para não haver conflitos e Mantenha-os desativados até terminar as instruções. 2. Faça download do AdwCleaner e salve-o na sua Área de Trabalho (desktop) 3. Execute o adwcleaner.exe Usuários do Windows 7, 8.1 ou 10: clique com o botão direito do mouse no ícone do adwcleaner.exe e selecione   4. Clique no botão Verificar e depois em Limpar 5. Salve o Log criado 6. Faça download do JRT (Junkware Removal Tool) e salve-o na sua Área de Trabalho 7. Dê um duplo-clique no arquivo JRT para executá-lo Usuários do Windows 7, 8.1 ou 10: clique com o botão direito do mouse no ícone do JRT.exe e selecione   8. O JRT começará o exame do seu Sistema. Tenha paciência pois pode demorar alguns minutos dependendo da quantidades de itens examinados 9. No final um novo arquivo JRT.txt aparecerá na sua Área de Trabalho e uma janela se abrirá com o conteúdo deste arquivo (log do JRT) 10. Selecione todo o conteúdo desse log (tecle CTRL+A), copie-o (CTRL+C) e cole-o (CTRL+V) na sua próxima resposta juntamente com o Log do AdwCleaner (item 5 acima) e o novo log do HijackThis
O site BABOO está no ar para informar e ajudar o internauta de Windows. Este site foi publicado em 1999 por Aurélio "Baboo", engenheiro e um dos maiores especialistas brasileiros em Windows, que trabalha profissionalmente com esse sistema operacional desde 1987. Desde 2004 ele é premiado anualmente pela Microsoft como MVP (Most Valuable Professional) pela sua contribuição e ajuda à comunidade de usuários de Windows.

Em 2001 foi criado o
Fórum do BABOO para ajudar o internauta brasileiro a solucionar problemas e dúvidas sobre Windows, Segurança, Office, Hardware e outros temas. Desde 2010 a Microsoft também tem premiado o Mr.Million, administrador da área de Segurança do Fórum do BABOO, pelo seu incansável trabalho ajudando os internautas a remover vírus e malwares dos seus computadores. Atualmente ele é o único MVP brasileiro de Segurança em desktop.

O BABOO é o único site brasileiro coordenado por um especialista com reconhecimento internacional pela sua competência em Windows e que participa diariamente e ativamente nos comentários e discussões do site e fórum BABOO.