Conteúdo: Default Ardósia Uva Barbie Morango Pôr do sol Banana Folha Chocolate Madeira
Fundo: Default Ardósia Uva Barbie Morango Pôr do sol Banana Folha Chocolate Madeira
Desenho: Liso Onda Linha Retalho Madeira Rocha Couro Colméia Vertical Triângulo
Bem-vindo ao Fórum do BABOO!

Desde 2000 o Fórum do BABOO tem ajudado milhões de internautas de Windows a resolverem seus problemas e dúvidas, além de ajudar na remoção de vírus e malwares de seus computadores. Somos o único fórum brasileiro coordenado por um especialista com reconhecimento internacional pela sua competência em Windows, então se você tem uma dúvida ou problema que nenhum outro fórum resolve, poste-a aqui pois o MVP Babooadora desafios!
  

O Fórum do BABOO também conta com a participação exclusiva do administrador da área de Segurança MVP Mr.Million que tem reconhecimento internacional da Microsoft pelo seu incansável trabalho ajudando os internautas a remover vírus e malwares dos seus computadores. Se o seu computador está infectado por algum vírus, ele te ajudará a removê-lo!
  

Nosso time de especialistas também inclui Patropi  Osvaldomp  Caze  Ciro-Mota  XERLOUCO ROUMS  Tatha que responderão suas dúvidas sobre diversos assuntos.
 

Participe da nossa comunidade! 

 

Entre para seguir isso  
Seguidores 0
letin2007

MSN não entra! Erro 80072efd

12 posts neste tópico

Boa noite pessoal. (Y)

Pesquisei para ver se eu encontrava algum tópico sobre este erro, só que não encontrei nenhum que resolveu o meu problema:

Toda vez que eu tento entrar no msn, independente do usuário, ele da o erro nº 80072efd, que diz para eu tentar mais tarde.

Como eu disse, ja dei uma pesquisada, fui desde desinstalar o msn, ajustar a hora, desabilitar o ZONE ALARM e o firewall do Windows, reinstalar o AVAST, só que nenhum deles resolveu o meu problema.

Quando eu vou nas ferramentas do msn, e tento resolver os problemas por la, ele diz que os problemas estão nos "ARQUIVOS DE HOSTS" e nas "PORTAS PRINCIPAIS"

Essa imagem ta pequena mas da pra vcs terem uma idéia do que ta acontecendo...

conecomsnsz9.th.png

Me da uma força ai galera...

Não to conseguindo resolver esse problema..

Brigado :P

Compartilhar este post


Link para o post
Compartilhar em outros sites

Olá. Possíveis soluções:

RESOLUTION

To resolve this problem, use the following methods in the order in which they are presented.

Method 1: Troubleshoot Internet connectivity issues

1. Make sure that you are connected to the Internet. Windows Live OneCare installation will not likely succeed if there are Internet connectivity issues. For more information about how to troubleshoot Internet connectivity issues, click the following article number to view the article in the Microsoft Knowledge Base:

314095 (http://support.Microsoft.com/kb/314095/) How to troubleshoot possible causes of Internet connection problems in Windows XP

2. Reinstall Windows Live OneCare.

If you continue to receive the same error message, try Method 2.

Method 2: Disable the "Automatically Detect Settings" option in Microsoft Internet Explorer

1. Start Internet Explorer.

2. On the Tools menu, click Internet Options.

3. Click the Connections tab, and then click LAN Settings.

4. Clear the Automatically detect settings check box, and then click OK.

5. Click OK to close the Internet Options dialog box.

6. Reinstall Windows Live OneCare.

If you continue to receive the same error message, try Method 3.

Method 3: Remove third-party antivírus programs and firewall programs

Important This article contains information that shows you how to help lower security settings or how to turn off security features on a computer. You can make these changes to work around a specific problem. Before you make these changes, we recommend that you evaluate the risks that are associated with implementing this workaround in your particular environment. If you implement this workaround, take any appropriate additional steps to help protect the computer.Warning This workaround may make a computer or a network more vulnerable to attack by malicious users or by malicious software such as viruses. We do not recommend this workaround but are providing this information so that you can implement this workaround at your own discretion. Use this workaround at your own risk.

1. Click Start, click Run, type appwiz.cpl, and then click OK.

2. Under Currently installed programs, locate any third-party antivírus programs or firewall programs.

3. Click the program, and then click Remove.

4. Repeat step 3 for any additional programs.

5. Restart the computer.

6. Reinstall Windows Live OneCare.

Compartilhar este post


Link para o post
Compartilhar em outros sites

Amigo...

Traduzi isso dai...

E tentei todos os passos que você me disse...

Só que não resolveu o meu problema...

Eu consegui arrumar os problemas nos hosts... Em outros posts eu vi que era só colocar o numero do IP e "LOCAL HOST" no arquivo de host do msn...

Ai resolveu o problema dos hosts...

Só que eu ainda estou com o problema nas portas principais, e por isso não estou conseguindo fazer o meu login...

você tem alguma outra dica?

Desde ja, obrigado pela atenção de vcs!

Compartilhar este post


Link para o post
Compartilhar em outros sites

Olá. Bom, eu sei que você já fez isso, mas agora tenta novamente sem o firewall, pq o problema de habilitação das portas pode estar nele. Vê se dá para configurar. (Y)

Compartilhar este post


Link para o post
Compartilhar em outros sites

Olá. Bom, eu sei que você já fez isso, mas agora tenta novamente sem o firewall, pq o problema de habilitação das portas pode estar nele. Vê se dá para configurar. (Y)

Celso...

Eu ja fiz isso...

Eu desabilitei não só o ZONE ALARM como também o meu antivírus...

O FIREWALL do windows...

E... tudo isso...

Não sei o que ta acontecendo...

Bom antes de começar tudo isso o msn funcionava normal... sem nenhum pití...

Mas quando apareceu uma msg do windows dizendo que no PC havia mais de um antivírus, e que isso poderia complicar a maquina... começou a dar esse problema...

E na verdade tinha mais de um antivírus, só que apenas um esta funcionando... que é o AVAST, o outro que tem é o PANDA que minha irma instalou e acabou com o PC... Ja tentei desistalalo só que ele não sai de jeito nenhum... Se eu tento deletar a pasta dele... diz que ele esta sendo usado!

Ja fiz de tudo pra resolver o problema do Windows Live Messenger... Mais até agora tudo sem sucesso...

Ja desistalei o Internet Explorere e peguei a ultima versão... só que agora nem o IE conecta... só o FIREFOX.

Pra vcs verem que o PC ta mesmo bixado!!!

Alguém pode me dar uma ajuda?

obrigado

Compartilhar este post


Link para o post
Compartilhar em outros sites

Olá. Vai em Iniciar, Executar, regedit, ok. O que achar de Panda em Software, deleta. Vê se ajuda. (Y) Antes, verifica em pesquisar - Panda - o que achar, deleta também.

Compartilhar este post


Link para o post
Compartilhar em outros sites

Olá. Vai em Iniciar, Executar, regedit, ok. O que achar de Panda em Software, deleta. Vê se ajuda. (Y) Antes, verifica em pesquisar - Panda - o que achar, deleta também.

Tudo bem...

Eu vou ver se eu consigo deletar os registros do panda...

Talvez isso resolve o problema do msn...

Depois eu falo o que virow...

mas mesmo assim...

obrigado pelo sua atenção

Compartilhar este post


Link para o post
Compartilhar em outros sites

Estou tendo esse problema... Ontem a noite consegui acessar o msn normalmente. Mas hoje não consegui.

Atualizei para a versão 9.0 e dá o mesmo erro.

erromsndm2.th.jpg

Mas mesmo sendo o mesmo erro, parece que é diferente do que vi em outros forums. Já pesquisei em vários lugares e não consegui. Agradeço desde já.

Compartilhar este post


Link para o post
Compartilhar em outros sites

Boa noite pessoal. (Y)

Pesquisei para ver se eu encontrava algum tópico sobre este erro, só que não encontrei nenhum que resolveu o meu problema:

Toda vez que eu tento entrar no msn, independente do usuário, ele da o erro nº 80072efd, que diz para eu tentar mais tarde.

Como eu disse, ja dei uma pesquisada, fui desde desinstalar o msn, ajustar a hora, desabilitar o ZONE ALARM e o firewall do Windows, reinstalar o AVAST, só que nenhum deles resolveu o meu problema.

Quando eu vou nas ferramentas do msn, e tento resolver os problemas por la, ele diz que os problemas estão nos "ARQUIVOS DE HOSTS" e nas "PORTAS PRINCIPAIS"

Essa imagem ta pequena mas da pra vcs terem uma idéia do que ta acontecendo...

conecomsnsz9.th.png

Me da uma força ai galera...

Não to conseguindo resolver esse problema..

Brigado ;)

oLHA AMIGO EU ESTAVA COM ESSE MESMO PROBLEMA

O MEU QUANDO NÃO DAVA ESSE ERRO 80072EDF DAVA O ERRO 80048820, EU FIQUEI UMA SEMANA DANDO ESSE ERRO JA ESTAVA PARA EXCLUI O MSN E INSTALAR OUTRO, MAIS ENTREI EM UM SITE E FIZ ISSO

Renovar algumas das entradas de registro mais utilizadas também pode ajudar. Para tal, abra o Menu Iniciar e clique em Executar. Dentro da janela que foi aberta, digite as sentenças abaixo e em seguida clique em OK. Cole apenas uma de cada vez e aguarde a confirmação antes de partir para a próxima.

  • REGSVR32 softpub.dll
  • REGSVR32 wintrust.dll
  • REGSVR32 initpki.dll
  • REGSVR32 Rsaenh.dll
  • REGSVR32 Mssip32.dll
  • REGSVR32 Cryptdlg.dll
  • REGSVR32 Dssenh.dll
  • REGSVR32 Gpkcsp.dll
  • REGSVR32 Slbcsp.dll
  • REGSVR32 Sccbase.dll

E DEU CERTO, OU SEJA ESTA DANDO CERTO, TENTA AI de repente FUNCIONA.

ABRAÇÃO

Compartilhar este post


Link para o post
Compartilhar em outros sites

Pessoal, varias pessoas estão passando por essa situação, vale lembrar que mais de 90% das pessoas que usam o MSN são usuários comuns, portanto ficar passando formulas e comandos complexos não vão ajudar muito não. A solução está nas "mãos" da Microsoft que provavelmente fez alguma alteração. Quero crer que os mesmos já estão cientes do problema e buscando uma solução. Abraços a todos e entendam isso como um desabafo, pois recentemente o MSN apresentou problemas que foi reconhecido pela MS e corrigido.

Compartilhar este post


Link para o post
Compartilhar em outros sites

Pessoal, não sei se é o caso de vcs, mas tive esse problema com uma certa puculiaridade, sempre q usava meu email pra entrar no msn n conseguia, dava esse erro, quando entrava com outra conta de email pegava, o que ficou bem estranho, imaginei ser bronca ou furto de senha mas consegui entrar normalmente no meu email da hotmail, dai depois de ver muitas ideias e rodar um pouco no meio delas fiz o simples teste de desativar meu antvirus (kaspersky 6.0), fiz uma nova tentativa e finalmente meu MSN entrou, n sei com qual milagre mas entrou, dai ativei o KAV de novo e ficou tudo normal, por sorte n tentei metade das coisas q me falar, só algumas mais simples e n tive q refazer muita coisa.

espero ter ajudado!!!

Abraços

Compartilhar este post


Link para o post
Compartilhar em outros sites

Então... Se ainda naum resolveu aki vai a solução, como você mesmo disse saum arquivos de host, que significa isto: Toda vez que você digita algo ou tenta acessar algum programa o Win busca na lista de HOST os que saum permitidos, se naum tiver nenhum bloqueado isto significa que o win pode acessar tudo e no seu caso o MSN esta listado para ser bloqueado entaum você deve ir em: Explorar - Windows - system 32 - drivers - etc e na pasta etc voce vera um arquivo chamado host, ele abre com o bloco de notas e lá você vera tudo o que esta bloqueado. é só apagar o e salvar ao sair e ja era... mas apague somente o que estiver abaixo desta linha:

# localhost name resolution is handled within DNS itself.

# 127.0.0.1 localhost

# ::1 localhost

Abraços... fuiii

Espero ter ajudado a você e a muitos outros.. tb recorro aki e tm me servido bastante entaum por que naum ajudar né..

ate a proxima.

Editado por Mr.Million

Compartilhar este post


Link para o post
Compartilhar em outros sites

Crie uma conta ou entre para comentar

Você precisar ser um membro para fazer um comentário

Criar uma conta

Quer postar a sua dúvida? Cadastre-se pois é rápido e fácil!


Crie uma nova conta

Entrar

Já tem uma conta? Faça o login.


Entrar Agora
Esse tópico é útil para você?
Então compartilhe e ajude outros internautas!
Entre para seguir isso  
Seguidores 0

  • Vídeos do BABOO no YouTube

  • Posts

    • No aguardo..
    • Gostaria de saber se é possível remover a barra de progresso de cópia de arquivos no Windows 7. Ou seja, aquela barrinha verde que que fica na janela minimizada e que mostra o andamento da operação. Obs: É apenas a barra minimizada anexei a imagem com o progresso da cópia de arquivo apenas como exemplo.
    • Parece que resolveu meu problema. Qualquer coisa volto a postar aqui. Muito Obrigado Mr.Million pelo suporte.
    • Baixe o Malwarebytes Anti-Malware (MBAM) e salve ou imprima estas instruções: 1. Execute o MBAM e prossiga com a instalação até chegar na tela abaixo. Você deve desmarcar a opção Ativar trial gratuito do Malwarebytes Anti-Malware Pro  2. O programa de instalação será finalizado e o MBAM será executado e automaticamente atualizará o seu banco de dados. Enquanto ele faz isso, clique no menu Configurações > Detecção e proteção (à esquerda) e clique na opção Procurar rootkits. Verifique também se as duas opções mostradas abaixo estão ambas configuradas como Tratar detecções como malware: 3. Clique no menu Painel para voltar à tela principal e clique no botão Verificar. O MBAM iniciará a verificação de malwares no seu computador. Essa tarefa pode demorar bastante se houverem muitos arquivos. Aguarde a finalização de todos os processos. Se no final o MBAM detectou algum malware, inicialmente clique na opção Salvar resultados > escolha a opção Arquivo de texto (*.txt) > Salve o arquivo: Agora clique no botão Remover selecionados para as ameaças serem removidas.  Se o MBAM encontrar arquivos que não podem ser removidos, ele solicitará a reinicialização do computador (talvez mais de uma vez). Se isso acontecer, reinicie o computador imediatamente. 4. Agora abra o arquivo que você salvou no item anterior.  Selecione todo o conteúdo desse log (tecle CTRL+A), copie-o (CTRL+C) e cole-o (CTRL+V) na sua próxima resposta juntamente com um novo Log do HiJackThis .
    • Solicitação de Análise de Logs Já fiz todos os procedimentos solicitados no Tópico Oficial... - Barra de pesquisa direciona para sites estranhos
      - Quando entro no google e vou digitar a busca aparece uma barra secundária no topo da página
      - Utilizo o Windows 10 e vários programas nativos pararam de funcionar (aparece uma exclamação do lado). Já fiz a restauração do sistema e não adiantou.
      - Durante a navegação quando eu clico pra acessar algum link abre páginas completamente avulsas e propagandas ou redireciona a página que eu estava para outra.  Segue meu Log para exame:   Logfile of Trend Micro HijackThis v2.0.4
      Scan saved at 16:48:51, on 27/05/2017
      Platform: Unknown Windows (WinNT 6.02.1008)
      MSIE: Internet Explorer v11.0 (11.00.14393.0953)
      Boot mode: Normal Running processes:
      C:\PROGRA~2\GbPlugin\GbpSv.exe
      C:\Users\Vinicius\AppData\Roaming\BMelYB\IQcCQu.exe
      C:\Program Files (x86)\Bluestacks\HD-Agent.exe
      C:\Users\Vinicius\AppData\Local\background_fault\aswRD.exe
      C:\Program Files\AVAST Software\Avast\avastui.exe
      C:\Windows\SysWOW64\ctfmon.exe
      C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
      C:\Program Files (x86)\Dell Backup and Recovery\COMPONENTS\DBRUPDATE\DBRUPD.EXE
      C:\Program Files (x86)\Dell Backup and Recovery\TOASTER.EXE
      C:\Windows\SysWOW64\ctfmon.exe
      C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE
      C:\Users\Vinicius\Desktop\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.ourluckysites.com/?type=hp&ts=1492580316&z=74d8c66f66c14d5a68aa1c7g8z4t0o7wfbdedofw3t&from=che0812&uid=ST1000LM024XHN-M101MBB_S32SJ5CG314462314462
      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.ourluckysites.com/search/?type=ds&ts=1492580316&z=74d8c66f66c14d5a68aa1c7g8z4t0o7wfbdedofw3t&from=che0812&uid=ST1000LM024XHN-M101MBB_S32SJ5CG314462314462&q={searchTerms}
      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://br.yahoo.com/?fr=hp-avast&type=avastbcl
      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.ourluckysites.com/search/?type=ds&ts=1492580316&z=74d8c66f66c14d5a68aa1c7g8z4t0o7wfbdedofw3t&from=che0812&uid=ST1000LM024XHN-M101MBB_S32SJ5CG314462314462&q={searchTerms}
      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ourluckysites.com/?type=hp&ts=1492580316&z=74d8c66f66c14d5a68aa1c7g8z4t0o7wfbdedofw3t&from=che0812&uid=ST1000LM024XHN-M101MBB_S32SJ5CG314462314462
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.ourluckysites.com/?type=hp&ts=1492580316&z=74d8c66f66c14d5a68aa1c7g8z4t0o7wfbdedofw3t&from=che0812&uid=ST1000LM024XHN-M101MBB_S32SJ5CG314462314462
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.ourluckysites.com/search/?type=ds&ts=1492580316&z=74d8c66f66c14d5a68aa1c7g8z4t0o7wfbdedofw3t&from=che0812&uid=ST1000LM024XHN-M101MBB_S32SJ5CG314462314462&q={searchTerms}
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.ourluckysites.com/search/?type=ds&ts=1492580316&z=74d8c66f66c14d5a68aa1c7g8z4t0o7wfbdedofw3t&from=che0812&uid=ST1000LM024XHN-M101MBB_S32SJ5CG314462314462&q={searchTerms}
      R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ourluckysites.com/?type=hp&ts=1492580316&z=74d8c66f66c14d5a68aa1c7g8z4t0o7wfbdedofw3t&from=che0812&uid=ST1000LM024XHN-M101MBB_S32SJ5CG314462314462
      R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
      R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
      R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
      R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://none-stops.net/wpad.dat?adc2c82afbff8c524260a8ecc076198620105617
      R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
      F2 - REG:system.ini: UserInit=
      O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
      O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
      O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_73\bin\ssv.dll
      O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
      O2 - BHO: G-Buster Browser Defense - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\Program Files (x86)\GbPlugin\gbieh.dll
      O2 - BHO: G-Buster Browser Defense CEF - {C41A1C0E-EA6C-11D4-B1B8-444553540003} - C:\Program Files (x86)\GbPlugin\gbiehcef.dll
      O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_73\bin\jp2ssv.dll
      O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
      O4 - HKLM\..\Run: [DropboxOEM] "C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe" auto
      O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
      O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
      O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
      O4 - HKLM\..\Run: [IJNetworkScannerSelectorEX] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE
      O4 - HKLM\..\Run: [Adobe] C:\Users\Vinicius\AppData\Roaming\Adobe\color.vbe
      O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
      O4 - HKCU\..\Run: [OneDrive] "C:\Users\Vinicius\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
      O4 - HKCU\..\Run: [uTorrent] "C:\Users\Vinicius\AppData\Roaming\uTorrent\uTorrent.exe"  /MINIMIZED
      O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
      O4 - HKCU\..\Run: [D85D2348B46572DE] C:\Users\Vinicius\AppData\Roaming\BMelYB\IQcCQu.exe
      O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
      O4 - HKCU\..\Run: [BlueStacks Agent] C:\Program Files (x86)\Bluestacks\HD-Agent.exe
      O4 - HKCU\..\Run: [background_fault] "C:\Users\Vinicius\AppData\Local\background_fault\aswRD.exe" "C:\Users\Vinicius\AppData\Local\background_fault\bf.dll",background_fault_collector
      O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
      O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Vinicius\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Vinicius\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64"
      O4 - HKLM\..\Policies\Explorer\Run: [BtvStack] "C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe"
      O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'SERVIÇO LOCAL')
      O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'SERVIÇO DE REDE')
      O8 - Extra context menu item: &Enviar para o OneNote - res://C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll/105
      O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE/3000
      O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
      O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
      O9 - Extra button: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
      O9 - Extra 'Tools' menuitem: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
      O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
      O15 - Trusted Zone: http://www.bb.com.br
      O15 - Trusted Zone: http://www.caixa.gov.br
      O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
      O18 - Protocol: Windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
      O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
      O20 - Winlogon Notify:  GbPluginBb - C:\Program Files (x86)\GbPlugin\gbieh.dll
      O20 - Winlogon Notify:  GbPluginCef - C:\Program Files (x86)\GbPlugin\gbiehCef.dll
      O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe
      O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
      O23 - Service: BlueStacks Android Service  (BstHdAndroidSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\Bluestacks\HD-Service.exe
      O23 - Service: BlueStacks Log Rotator Service (BstHdLogRotatorSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\Bluestacks\HD-LogRotatorService.exe
      O23 - Service: BlueStacks Plus Android Service  (BstHdPlusAndroidSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\Bluestacks\HD-Plus-Service.exe
      O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
      O23 - Service: Dell Foundation Services - Dell - C:\Program Files\Dell\Dell Foundation Services\DFSSvc.exe
      O23 - Service: Dell Digital Delivery Service (DellDigitalDelivery) - Dell Products, LP. - C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
      O23 - Service: Dell Product Registration Manager (DellProdRegManager) - Aviata, Inc. - C:\Program Files (x86)\Dell Product Registration\regmgrsvc.exe
      O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
      O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
      O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
      O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
      O23 - Service: Update Service(FirefoxU) (FirefoxU) - Unknown owner - C:\Program Files (x86)\Firefox\bin\FirefoxUpdate.exe
      O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
      O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
      O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
      O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
      O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing)
      O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
      O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
      O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
      O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
      O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
      O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
      O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
      O23 - Service: Proteção de Tela de League (LolScreenSaverService) - Unknown owner - C:\Riot Games\LolScreenSaver\service\service.exe
      O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
      O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
      O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - CyberLink - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
      O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
      O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
      O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\Windows\System32\SensorDataService.exe (file missing)
      O23 - Service: SoftThinks Agent Service (SftService) - SoftThinks SAS - C:\Program Files (x86)\Dell Backup and Recovery\sftservice.exe
      O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
      O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
      O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\Windows\system32\TieringEngineService.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
      O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
      O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
      O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
      O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
      O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) --
      End of file - 14962 bytes
       

    • Zoek.exe v5.0.0.1 Updated 27-09-2015
      Tool run by Lucas on Sat 05/27/2017 at 16:00:55.78.
      Microsoft Windows 10 Pro 10.0.14393  x64
      Running in: Normal Mode No Internet Access Detected
      Launched: C:\Users\Lucas\Downloads\zoek.exe    [Scan all users] [Script inserted]  ==== System Restore Info ====================== 5/27/2017 4:02:21 PM Zoek.exe System Restore Point Created Successfully. ==== Reset Hosts File ====================== # Copyright (c) 1993-2006 Microsoft Corp. 

      # This is a sample HOSTS file used by Microsoft TCP/IP for Windows. 

      # This file contains the mappings of IP addresses to host names. Each 
      # entry should be kept on an individual line. The IP address should 
      # be placed in the first column followed by the corresponding host name. 
      # The IP address and the host name should be separated by at least one 
      # space. 

      # Additionally, comments (such as these) may be inserted on individual 
      # lines or following the machine name denoted by a '#' symbol. 

      # For example: 

      #      102.54.94.97     rhino.acme.com          # source server 
      #       38.25.63.10     x.acme.com              # x client host 
       
      127.0.0.1       localhost  ==== Empty Folders Check ====================== C:\PROGRA~2\Gigantic_en deleted successfully
      C:\PROGRA~2\Ubisoft deleted successfully
      C:\PROGRA~3\Adobe deleted successfully
      C:\PROGRA~3\Comms deleted successfully
      C:\PROGRA~3\SoftwareDistribution deleted successfully
      C:\Users\postgres\AppData\LocalLow deleted successfully
      C:\Users\Lucas\AppData\Local\ActiveSync deleted successfully
      C:\Users\Lucas\AppData\Local\Adobe deleted successfully
      C:\Users\Lucas\AppData\Local\NetworkTiles deleted successfully
      C:\Users\Lucas\AppData\Local\PeerDistRepub deleted successfully
      C:\Users\Lucas\AppData\Local\Ubisoft Game Launcher deleted successfully
      C:\Windows\serviceprofiles\networkservice\AppData\Local\Maps deleted successfully
      C:\Windows\serviceprofiles\networkservice\AppData\Local\PeerDistPub deleted successfully
      C:\Windows\serviceprofiles\networkservice\AppData\Local\PeerDistRepub deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-3263317907-2408547081-2500880260-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{A61A35E3-CADA-4E12-9203-4DCACC73BA19} deleted successfully ==== Deleting CLSID Registry Values ======================
      ==== Deleting Services ======================
      ==== FireFox Fix ====================== Deleted from C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\0ka5dy0j.default\prefs.js:
      user_pref("browser.startup.homepage", "about:home");
      user_pref("browser.search.defaultenginename", "YHS");
      user_pref("browser.search.selectedEngine", "YHS");
      user_pref("keyword.URL", true); Added to C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\0ka5dy0j.default\prefs.js:
      user_pref("browser.startup.homepage", "about:home");
      user_pref("browser.newtab.url", "about:newtab"); ProfilePath: C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\0ka5dy0j.default user.js not found
      ---- Lines Search  removed from prefs.js ----
      user_pref("browser.newtabpage.pinned", "[null,{\"url\":\"https://torrentz2.eu/\",\"title\":\"Torrent Search torrentz2\",\"frecency\":17810,\"lastVisit
      ---- FireFox user.js and prefs.js backups ----  prefs_20170527_0422_.backup ==== Deleting Files \ Folders ====================== C:\PROGRA~2\Gigantic_en not found
      C:\PROGRA~2\Ubisoft not found
      C:\Users\Lucas\AppData\Roaming\discord deleted
      C:\Users\Lucas\AppData\Roaming\Unity deleted
      C:\Users\Lucas\.android deleted
      C:\PROGRA~2\PokerOffice deleted
      C:\install.exe deleted
      C:\PROGRA~3\{0887FF4E-C52E-4C7E-9312-9A6BD34AC8DF} deleted
      C:\PROGRA~3\Package Cache deleted
      C:\Users\Lucas\AppData\Local\BTServer.log deleted
      C:\Users\Lucas\AppData\Local\Unity deleted
      C:\Windows\SysNative\config\systemprofile\AppData\Local\RtkBleServ.log deleted
      C:\Users\Lucas\AppData\LocalLow\Unity deleted
      C:\Windows\SysNative\GroupPolicy\Machine deleted
      C:\Windows\SysNative\GroupPolicy\User deleted
      C:\Windows\SysNative\GroupPolicy\GPT.INI deleted
      C:\Windows\Syswow64\GroupPolicy\gpt.ini deleted
      C:\Windows\Syswow64\SET26C.tmp deleted
      C:\Windows\Syswow64\SET2B4F.tmp deleted
      C:\Windows\Syswow64\SET2D4B.tmp deleted
      C:\Windows\Syswow64\SET3438.tmp deleted
      C:\Windows\Syswow64\SET42BC.tmp deleted
      C:\Windows\Syswow64\SET4457.tmp deleted
      C:\Windows\Syswow64\SET6E50.tmp deleted
      C:\Windows\Syswow64\SET7863.tmp deleted
      C:\Windows\Syswow64\SET8347.tmp deleted
      C:\Windows\Syswow64\SET9893.tmp deleted
      C:\Windows\Syswow64\SET9B9E.tmp deleted
      C:\Windows\Syswow64\SET9CDD.tmp deleted
      C:\Windows\Syswow64\SETA210.tmp deleted
      C:\Windows\Syswow64\SETBA76.tmp deleted
      C:\Windows\Syswow64\SETBB17.tmp deleted
      C:\Windows\Syswow64\SETCE3.tmp deleted
      C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\0ka5dy0j.default\extensions\firefox@mega.co.nz.xpi deleted
      "C:\Users\Lucas\AppData\Roaming\Albion" deleted ==== Firefox Start and Search pages ====================== ProfilePath: C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\0ka5dy0j.default
      user_pref("browser.startup.homepage", "about:home");
      user_pref("browser.newtab.url", "about:newtab"); ==== Firefox Extensions ====================== ProfilePath: C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\0ka5dy0j.default
      - Google Translator for Firefox - %ProfilePath%\extensions\translator@zoli.bod.xpi
      - Always on Top - %ProfilePath%\extensions\{E6C93316-271E-4b3d-8D7E-FE11B4350AEB}.xpi AppDir: C:\Program Files (x86)\Mozilla Firefox
      - Undetermined - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi ==== Firefox Plugins ====================== Profilepath: C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\0ka5dy0j.default
      80320392DCC61B22F0BB23DD5AD7D341    - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_171.dll -    Shockwave Flash
      D24D187FF3004EB238C2B4F84A86DCDE    - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL -    Microsoft Office 2016
      127E13DF136D1CD24B93044D0E45DF1F    - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npMeetingJoinPluginOC.dll -    Microsoft Office 2016
      ==== Chromium Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
      ccjleegmemocfpghkhpjmiccjcacackp - No path found[]
      ibbfklbaljofpaanmpaeadejijfdddco - No path found[] Chrome Cleaner Pro - Lucas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccjleegmemocfpghkhpjmiccjcacackp
      Grammarly for Chrome - Lucas\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen
      Chrome Media Router - Lucas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm ==== Chromium Fix ====================== C:\Users\Lucas\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage deleted successfully
      C:\Users\Lucas\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage-journal deleted successfully ==== Set IE to Default ====================== Old Values:
      [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
      "Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"
      [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
      "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
      [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] not found New Values:
      [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
      "Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"
      [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
      "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
      {012E1000-F331-11DB-8314-0800200C9A66} Google  Url="http://www.google.com/search?q={searchTerms}"
      {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
      {2f23ab71-4ac6-41f2-a955-ea576e553146} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02"
      {485CEA5E-5EB6-4D38-916B-C385F7F7D2E5} Google  Url="http://www.google.com/search?q={searchTerms}" ==== Reset Google Chrome ====================== C:\Users\Lucas\AppData\Local\Chromium\User Data\Default\Preferences was reset successfully
      C:\Users\Lucas\AppData\Local\Chromium\User Data\Default\Secure Preferences was reset successfully
      C:\Users\Lucas\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
      C:\Users\Lucas\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
      C:\Users\Lucas\AppData\Local\Popcorn-Time\User Data\Default\Preferences was reset successfully
      C:\Users\Lucas\AppData\Local\Popcorn-Time\User Data\Default\Secure Preferences was reset successfully
      C:\Users\Lucas\AppData\Local\Chromium\User Data\Default\Web Data was reset successfully
      C:\Users\Lucas\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
      C:\Users\Lucas\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully
      C:\Users\Lucas\AppData\Local\Popcorn-Time\User Data\Default\Web Data was reset successfully
      C:\Users\Lucas\AppData\Local\Popcorn-Time\User Data\Default\Web Data-journal was reset successfully ==== shortcuts on Users Desktops ====================== C:\Users\Lucas\Desktop\888poker.lnk - C:\Program Files (x86)\PacificPoker\bin\888poker.exe 
      C:\Users\Lucas\Desktop\AmpliTube 4.exe - Atalho.lnk - C:\Program Files (x86)\IK Multimedia\AmpliTube 4\AmpliTube 4.exe 
      C:\Users\Lucas\Desktop\Calculator.lnk -  
      C:\Users\Lucas\Desktop\Discord.lnk - C:\Users\Lucas\AppData\Local\Discord\Update.exe --processStart Discord.exe
      C:\Users\Lucas\Desktop\Documentos - Atalho.lnk - C:\Users\Lucas\Documents 
      C:\Users\Lucas\Desktop\Downloads - Atalho.lnk - C:\Users\Lucas\Downloads 
      C:\Users\Lucas\Desktop\Easy Macro Recorder.lnk - C:\Program Files (x86)\Easy Macro Recorder\Macro Recorder.exe 
      C:\Users\Lucas\Desktop\Freez Screen Video Capture.lnk - C:\Program Files (x86)\Smallvideosoft\Freez Screen Video Capture\videocapture.exe 
      C:\Users\Lucas\Desktop\Grammarly.lnk - C:\Users\Lucas\AppData\Local\GrammarlyForWindows\Update.exe --processStart GrammarlyForWindows.exe
      C:\Users\Lucas\Desktop\partypoker.lnk - C:\Programs\PartyGaming\PartyGaming.exe -P=PartyPoker
      C:\Users\Lucas\Desktop\PokerTracker 3.lnk - C:\Program Files (x86)\PokerTracker 3\PokerTracker.exe 
      C:\Users\Lucas\Desktop\Programas e Recursos - Atalho.lnk -  
      C:\Users\Lucas\Desktop\TechPowerUp GPU-Z.lnk - C:\Program Files (x86)\GPU-Z\GPU-Z.exe 
      C:\Users\Lucas\Desktop\Window On Top.lnk - C:\Program Files (x86)\Skybn\Window On Top\winTop.exe 
      C:\Users\Lucas\Desktop\Word 2016.lnk -  
      C:\Users\Lucas\Desktop\µTorrent.lnk -  
      C:\Users\Lucas\Desktop\jogos\8-Bit Armies.lnk - C:\Program Files (x86)\8-Bit Armies\ClientLauncherG.exe 
      C:\Users\Lucas\Desktop\jogos\AlbionOnline.lnk - C:\Program Files (x86)\AlbionOnline\launcher\AlbionLauncher.exe 
      C:\Users\Lucas\Desktop\jogos\Arc.lnk - C:\Program Files (x86)\Arc\ArcLauncher.exe 
      C:\Users\Lucas\Desktop\jogos\Battle.net.lnk - C:\Program Files (x86)\Battle.net\Battle.net Launcher.exe 
      C:\Users\Lucas\Desktop\jogos\Bethesda.net Launcher.lnk - C:\Program Files (x86)\Bethesda.net Launcher\BethesdaNetUpdater.exe 
      C:\Users\Lucas\Desktop\jogos\Cossacks 3.lnk - C:\Program Files (x86)\Cossacks 3\cossacks.exe 
      C:\Users\Lucas\Desktop\jogos\MirrorsEdgeCatalyst.exe - Atalho.lnk - C:\Program Files (x86)\Mirrors Edge Catalyst\Setup\MirrorsEdgeCatalyst.exe 
      C:\Users\Lucas\Desktop\jogos\Origin.lnk - C:\Program Files (x86)\Origin\Origin.exe 
      C:\Users\Lucas\Desktop\jogos\Shadow Tactics - Blades of the Shogun.lnk - C:\GOG Games\Shadow Tactics - Blades of the Shogun\Shadow Tactics.exe 
      C:\Users\Lucas\Desktop\jogos\Sid Meiers Civilization VI.lnk - C:\Program Files (x86)\Sid Meiers Civilization VI\Base\Binaries\Win64Steam\CivilizationVI.exe 
      C:\Users\Lucas\Desktop\jogos\StarCraft 2 - The Trilogy.lnk - C:\Games\StarCraft 2 - The Trilogy\StarCraft II Offline.exe 
      C:\Users\Lucas\Desktop\jogos\StarCraft II.lnk - C:\Program Files (x86)\StarCraft II\StarCraft II.exe 
      C:\Users\Lucas\Desktop\jogos\Steam.lnk - C:\Program Files (x86)\Steam\Steam.exe 
      C:\Users\Lucas\Desktop\jogos\Tyranny.lnk - C:\GOG Games\Tyranny\Tyranny.exe 
      C:\Users\Lucas\Desktop\jogos\World of Warplanes.lnk - C:\Games\World_of_Warplanes\WoWPLauncher.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\AmpliTube 3.lnk - C:\Program Files (x86)\IK Multimedia\AmpliTube 3\AmpliTube 3.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\Arduino.lnk - C:\Program Files (x86)\Arduino\arduino.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\Battle.net.lnk - C:\Program Files (x86)\Battle.net\Battle.net Launcher.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\Car Mechanic Simulator 2015.lnk - C:\Program Files (x86)\Car Mechanic Simulator 2015\cms2015.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\CPUID CPU-Z.lnk - C:\Program Files (x86)\CPUID\CPU-Z\cpuz.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\Custom Shop.lnk - C:\Program Files (x86)\IK Multimedia\Custom Shop\Custom Shop.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\EVE Online.lnk - C:\Program Files (x86)\CCP\EVE\eve.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\FIFA 16.lnk - C:\Program Files (x86)\Origin Games\FIFA 16\fifa16.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\Grey Goo.lnk - C:\Program Files (x86)\Grey Goo\ClientLauncherG.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\Guitar Pro 5.lnk - C:\Program Files (x86)\Guitar Pro 5\GP5.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\iTunes.lnk - C:\Program Files (x86)\iTunes\iTunes.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\Kerbal Space Program.lnk - C:\Games\Kerbal Space Program\Launcher.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\Linkrealms.lnk - C:\Program Files (x86)\Linkrealms\update.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\MiniLyrics.lnk - C:\Program Files (x86)\MiniLyrics\MiniLyrics.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\Movavi Video Editor 4.lnk - C:\Windows\Installer\{95B7C0F4-7434-4DFB-B900-201BFC00C00B}\NewShortcut41_254AB2CD520A4C819BDF86ADC896D541.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\Oracle VM VirtualBox.lnk - C:\Program Files (x86)\Oracle\VirtualBox\VirtualBox.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\RealPlayer Cloud.lnk - C:\Program Files (x86)\Real\RealPlayer\realplay.exe /launch:desktop
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\Rocket League.lnk - C:\Program Files (x86)\rocketleague\Binaries\Win32\RocketLeague.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\Skype.lnk - C:\Windows\Installer\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}\SkypeIcon.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\Spaera.lnk - C:\Program Files (x86)\Blazing Orb\Spaera\SpaeraRunner.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\Super HUD.lnk - C:\Program Files (x86)\Poker Pro Labs\Super HUD\SuperHUD.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\The Witcher 3 Wild Hunt.lnk - C:\Program Files (x86)\The Witcher 3 Wild Hunt\bin\x64\witcher3.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\VMware Workstation.lnk - C:\Program Files (x86)\VMware\VMware Workstation\vmware.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\ZHPCleaner.lnk - C:\Users\Lucas\AppData\Roaming\ZHP\ZHPCleaner.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\jogos\Archeage.lnk - C:\Program Files (x86)\Glyph\GlyphClient.exe  -game 120
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\jogos\FIFA 15.lnk - C:\Program Files (x86)\Origin Games\FIFA 15\fifa15.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\jogos\Glyph.lnk - C:\Program Files (x86)\Glyph\GlyphClient.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\jogos\Heroes of the Storm.lnk - C:\Program Files (x86)\Heroes of the Storm\Heroes of the Storm.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\jogos\Middle Earth - Shadow of Mordor.lnk - C:\Program Files (x86)\R.G. Mechanics\Middle Earth - Shadow of Mordor\x64\ShadowOfMordor.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\jogos\Origin.lnk - C:\Program Files (x86)\Origin\Origin.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\jogos\Rocksmith 2014 (Without Real Tone Cable).lnk - C:\Program Files (x86)\Ubisoft\Rocksmith 2014\rocksmith2014-nocable-loader.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\jogos\Rocksmith 2014.lnk - C:\Program Files (x86)\Ubisoft\Rocksmith 2014\Rocksmith2014.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\jogos\Scrolls.lnk - C:\Program Files (x86)\Scrolls\ScrollsLauncher.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\jogos\Sid Meiers Civilization Beyond Earth.lnk - C:\Program Files (x86)\Sid Meiers Civilization Beyond Earth\CivilizationBe_DX11.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\jogos\Sniper Elite 3.lnk - C:\Program Files (x86)\Sniper Elite 3\Launcher\Sniper3Launcher.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\jogos\Steam.lnk - C:\Program Files (x86)\Steam\Steam.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\jogos\Stronghold 3 x64.lnk - C:\Program Files (x86)\Firefly Studios\Stronghold 3\bin\win32_release\Stronghold3.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\jogos\Stronghold Crusader 2.lnk - C:\Program Files (x86)\Stronghold Crusader 2\bin\win32_release\Crusader2.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\jogos\The Wolf Among Us.lnk - C:\Program Files (x86)\R.G. Mechanics\The Wolf Among Us\TheWolfAmongUs.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\jogos\Total War - Rome II.lnk - C:\Program Files (x86)\R.G. Mechanics\Total War - Rome II\Rome2.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\jogos\XSplit Gamecaster.lnk - C:\Program Files (x86)\SplitmediaLabs\XSplit Gamecaster\XSplit.Gamecaster.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\pendrive 1 semestre 2015\tcc\Material Bancada\Foguete\SolidWorks Bancada\2013\0002_Bancada_0000 - Shortcut.lnk - C:\Users\Lucas\Dropbox\0002_Bancada_0000 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\poker\888poker.lnk - C:\Program Files (x86)\PacificPoker\bin\888poker.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\poker\NetBet Poker.lnk - C:\Program Files (x86)\NetBet Poker\casino.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\poker\nj.partypoker.lnk - C:\Programs\partyNJ\partyNJ.exe -P=partypokerNJ
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\poker\Titan Poker.lnk - C:\Program Files (x86)\Titan Poker\casino.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\poker\Winner Poker.lnk - C:\Program Files (x86)\Winner Poker\casino.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\poker\programas\ICM Trainer.lnk - C:\Windows\Installer\{47EA4DDF-FD99-46B3-846C-9F3F315268AD}\_ECF5B0A15121D905E30873.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\poker\programas\PokerStrategy.com Equilab.lnk - C:\Program Files (x86)\PokerStrategy.com\PokerStrategy.com Equilab\Equilab.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\puc\Circuit Wizard 2 Student Edition.lnk - C:\Program Files (x86)\New Wave Concepts\Circuit Wizard 2 SE\CktWiz.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\puc\OPPE 3.2  .lnk - C:\Program Files (x86)\HI_tecnologia\Spdsw_Pack\3.2\INST_1\OPPE\Oppe.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\puc\OPPE 3.3  .lnk - C:\Program Files (x86)\HI_tecnologia\Spdsw_Pack\3.3\INST_1\OPPE\Oppe.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\puc\PSIM 10 Demo.lnk - C:\Program Files (x86)\Powersim\PSIM10.0.2_Demo\PSIM.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\puc\SPDSW 3.2  .lnk - C:\Program Files (x86)\HI_tecnologia\Spdsw_Pack\3.2\INST_1\SPDSW\spdsw.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\puc\SPDSW 3.3  .lnk - C:\Program Files (x86)\HI_tecnologia\Spdsw_Pack\3.3\INST_1\SPDSW\spdsw.exe 
      C:\Users\Lucas\Desktop\poker\888poker.lnk - C:\Program Files (x86)\PacificPoker\bin\888poker.exe 
      C:\Users\Lucas\Desktop\poker\partypoker.lnk - C:\Programs\PartyGaming\PartyGaming.exe -P=PartyPoker
      C:\Users\Lucas\Desktop\poker\Winner Poker.lnk - C:\Users\Lucas\AppData\Local\Winner Poker\casino.exe  ==== shortcuts on All Users Desktop ====================== C:\Users\Public\Desktop\BS.Player FREE.lnk - C:\Program Files (x86)\Webteh\BSPlayer\bsplayer.exe 
      C:\Users\Public\Desktop\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner64.exe 
      C:\Users\Public\Desktop\Comprar suprimentos - HP Deskjet 2540 series.lnk - C:\Program Files (x86)\HP\HP Deskjet 2540 series\Bin\hpqDTSS.exe 
      C:\Users\Public\Desktop\CPUID CPU-Z.lnk - C:\Program Files\CPUID\CPU-Z\cpuz.exe 
      C:\Users\Public\Desktop\DAEMON Tools Pro.lnk - C:\Program Files\DAEMON Tools Pro\DTPro.exe 
      C:\Users\Public\Desktop\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 
      C:\Users\Public\Desktop\HP Deskjet 2540 series.lnk - C:\Program Files (x86)\HP\HP Deskjet 2540 series\Bin\HP Deskjet 2540 series.exe -Start UDCDevicePage
      C:\Users\Public\Desktop\Intel(R) HD Graphics Control Panel.lnk - C:\Windows\system32\GfxUIEx.exe 
      C:\Users\Public\Desktop\iTunes.lnk - C:\Program Files (x86)\iTunes\iTunes.exe 
      C:\Users\Public\Desktop\Malwarebytes.lnk - C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe 
      C:\Users\Public\Desktop\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe 
      C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk - C:\Program Files (x86)\Oracle\VirtualBox\VirtualBox.exe 
      C:\Users\Public\Desktop\Razer Cortex.lnk - C:\Program Files (x86)\Razer\Razer Cortex\CortexLauncher.exe 
      C:\Users\Public\Desktop\SharpKeys.lnk - C:\Windows\Installer\{636E94DA-99C0-448F-A931-3DAD83B4975F}\_F33C5543CA54DFFA237A37.exe 
      C:\Users\Public\Desktop\Smart View.lnk - C:\Windows\Installer\{99D9BA8C-AA54-48FC-B782-F7C506CF1ECC}\SmartView2.exe 
      C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk - C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe 
      C:\Users\Public\Desktop\Unity 5.4.1f1 (64-bit).lnk - C:\Program Files\Unity\Editor\Unity.exe 
      C:\Users\Public\Desktop\VLC media player.lnk - C:\Program Files (x86)\VideoLAN\VLC\vlc.exe 
      C:\Users\Public\Desktop\XM MT4.lnk - C:\Program Files (x86)\XM MT4\terminal.exe  ==== shortcuts in Users Start Menu ====================== C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\888poker.lnk - C:\Program Files (x86)\PacificPoker\bin\888poker.exe 
      C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Winner Poker.lnk - C:\Users\Lucas\AppData\Local\Winner Poker\casino.exe 
      C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk - C:\Users\Lucas\AppData\Local\Microsoft\OneDrive\OneDrive.exe 
      C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Recursos Opcionais.lnk - C:\Windows\System32\fodhelper.exe 
      C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Update and Privacy Settings.lnk - C:\Windows\System32\UNP\UNPUXHost.exe 
      C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe 
      C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Albion Online\AlbionOnline.lnk - C:\Program Files (x86)\AlbionOnline\launcher\AlbionLauncher.exe 
      C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Albion Online\Uninstall.lnk - C:\Program Files (x86)\AlbionOnline\uninstall.exe 
      C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\KeyTweak\KeyTweak Manual.lnk - C:\Users\Lucas\AppData\Local\VirtualStore\Program Files (x86)\KeyTweak\KeyTweak Manual.pdf 
      C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\KeyTweak\Uninstall.lnk - C:\Program Files (x86)\KeyTweak\uninstall.exe 
      C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PokerTracker 3\PokerTracker 3.lnk - C:\Program Files (x86)\PokerTracker 3\PokerTracker.exe 
      C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PokerTracker 3\Uninstall PokerTracker 3.lnk - C:\Program Files (x86)\PokerTracker 3\uninstall.exe 
      C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PokerTracker 4\PokerTracker 4 (Logging Enabled).lnk - C:\Program Files (x86)\PokerTracker 4\PokerTracker4.exe -l
      C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PokerTracker 4\PokerTracker 4.lnk - C:\Program Files (x86)\PokerTracker 4\PokerTracker4.exe 
      C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PokerTracker 4\Uninstall PokerTracker 4.lnk - C:\Program Files (x86)\PokerTracker 4\uninstall.exe 
      C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Console RAR manual.lnk - C:\Program Files (x86)\WinRAR\Rar.txt 
      C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\What is new in the latest version.lnk - C:\Program Files (x86)\WinRAR\WhatsNew.txt 
      C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR help.lnk - C:\Program Files (x86)\WinRAR\WinRAR.chm 
      C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk - C:\Program Files (x86)\WinRAR\WinRAR.exe  ==== shortcuts in All Users Start Menu ====================== C:\ProgramData\Microsoft\Windows\Start Menu\partypoker.lnk - C:\Programs\PartyGaming\PartyGaming.exe -P=PartyPoker
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe 
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Settings\AMD Settings.lnk - C:\Program Files (x86)\AMD\CNext\CNext\RadeonSettings.exe 
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bethesda.net Launcher\Bethesda.net Launcher.lnk - C:\Program Files (x86)\Bethesda.net Launcher\BethesdaNetUpdater.exe 
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bethesda.net Launcher\Uninstall Bethesda.net Launcher.lnk - C:\Program Files (x86)\Bethesda.net Launcher\unins000.exe 
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner64.exe 
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Pro\DAEMON Tools Pro.lnk - C:\Program Files\DAEMON Tools Pro\DTPro.exe 
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Pro\Image Editor.lnk - C:\Program Files\DAEMON Tools Pro\DTImgEditor.exe 
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Easy Macro Recorder\Easy Macro Recorder on the Web.lnk - C:\Program Files (x86)\Easy Macro Recorder\homepage.url 
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Easy Macro Recorder\Easy Macro Recorder.lnk - C:\Program Files (x86)\Easy Macro Recorder\Macro Recorder.exe 
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Easy Macro Recorder\Help.lnk - C:\Program Files (x86)\Easy Macro Recorder\help.chm 
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Easy Macro Recorder\Uninstall Easy Macro Recorder.lnk - C:\Program Files (x86)\Easy Macro Recorder\unins000.exe 
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\partypoker.lnk - C:\Programs\PartyGaming\PartyGaming.exe -P=PartyPoker
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Configurar Java.lnk - C:\Program Files (x86)\Java\jre1.8.0_131\bin\javacpl.exe 
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Sobre o Java.lnk - C:\Program Files (x86)\Java\jre1.8.0_131\bin\javacpl.exe -tab about
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Verificar Atualizações.lnk -  
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico\AutoPico.lnk - C:\Program Files\KMSpico\AutoPico.exe 
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico\KMSpico.lnk - C:\Program Files\KMSpico\KMSELDI.exe 
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico\Log KMSpico.lnk - C:\Program Files\KMSpico\scripts\Log.cmd 
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico\Uninstall KMSpico.lnk - C:\Program Files\KMSpico\UninsHs.exe /u0=KMSpico
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes\Malwarebytes.lnk - C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe 
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes\Uninstall Malwarebytes.lnk - C:\Program Files (x86)\Malwarebytes\Anti-Malware\unins000.exe 
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox\License (English).lnk - C:\Program Files (x86)\Oracle\VirtualBox\License_en_US.rtf 
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox\Oracle VM VirtualBox.lnk - C:\Program Files (x86)\Oracle\VirtualBox\VirtualBox.exe 
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox\User manual (CHM, English).lnk - C:\Program Files (x86)\Oracle\VirtualBox\VirtualBox.chm 
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox\User manual (PDF, English).lnk - C:\Program Files (x86)\Oracle\VirtualBox\doc\UserManual.pdf 
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\partypoker\partypoker.lnk - C:\Programs\PartyGaming\PartyGaming.exe -P=PartyPoker
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\partypoker\Uninstall partypoker.lnk - C:\programs\partygaming\PartyPoker\Uninstall\Setup.exe App_Type=U
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PostgreSQL 8.3\Command Prompt.lnk - C:\Windows\SysWOW64\cmd.exe /k set PGCLIENTENCODING=WIN1252 && set PGPORT=5432
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PostgreSQL 8.3\pgAdmin III.lnk - C:\Program Files (x86)\PostgreSQL\8.3\bin\pgAdmin3.exe 
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PostgreSQL 8.3\psql to 'postgres'.lnk - C:\Program Files (x86)\PostgreSQL\8.3\bin\psql.bat  -h localhost -p 5432 postgres "postgres" WIN1252
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PostgreSQL 8.3\Reload configuration.lnk - C:\Program Files (x86)\PostgreSQL\8.3\bin\pg_ctl.exe  reload -D "C:\Program Files (x86)\PostgreSQL\8.3\data\"
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PostgreSQL 8.3\Start service.lnk - C:\Windows\SysWOW64\net.exe  start pgsql-8.3
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PostgreSQL 8.3\Stop service.lnk - C:\Windows\SysWOW64\net.exe  stop pgsql-8.3
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PostgreSQL 8.3\Configuration files\Edit pg_hba.conf.lnk - C:\Windows\SysWOW64\notepad.exe C:\Program Files (x86)\PostgreSQL\8.3\data\pg_hba.conf
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PostgreSQL 8.3\Configuration files\Edit pg_ident.conf.lnk - C:\Windows\SysWOW64\notepad.exe C:\Program Files (x86)\PostgreSQL\8.3\data\pg_ident.conf
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PostgreSQL 8.3\Configuration files\Edit postgresql.conf.lnk - C:\Windows\SysWOW64\notepad.exe C:\Program Files (x86)\PostgreSQL\8.3\data\postgresql.conf
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PostgreSQL 8.3\Documentation\Installation Notes.lnk - C:\Program Files (x86)\PostgreSQL\8.3\Installation Notes.rtf 
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PostgreSQL 8.3\Documentation\pgAdmin Help.lnk - C:\Windows\hh.exe mk:@MSITStore:C:\Program Files (x86)\PostgreSQL\8.3\pgAdmin III\docs\en_US\pgadmin3.chm::/index.html
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PostgreSQL 8.3\Documentation\PostgreSQL Help.lnk - C:\Windows\hh.exe mk:@MSITStore:C:\Program Files (x86)\PostgreSQL\8.3\doc\postgresql.chm::/index.html
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PostgreSQL 8.3\Documentation\PostgreSQL release notes.lnk - C:\Windows\hh.exe mk:@MSITStore:C:\Program Files (x86)\PostgreSQL\8.3\doc\postgresql.chm::/release.html
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RandyRants.com\SharpKeys\SharpKeys FAQ.lnk - C:\Windows\Installer\{636E94DA-99C0-448F-A931-3DAD83B4975F}\_B1CA15029C1C01AF26BE17.exe 
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RandyRants.com\SharpKeys\SharpKeys.lnk - C:\Windows\Installer\{636E94DA-99C0-448F-A931-3DAD83B4975F}\_766E8E735A97E6B647001F.exe 
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Serviio\Open Serviio Console.lnk -  
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Serviio\Open Serviio MediaBrowser.lnk -  
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Serviio\Readme.lnk - C:\Program Files\Serviio\README.txt 
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Serviio\Release Notes.lnk - C:\Program Files\Serviio\RELEASE_NOTES.txt 
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Serviio\Serviio Console.lnk - C:\Program Files\Serviio\console\ServiioConsole.exe 
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Serviio\Start Serviio service.lnk - C:\Program Files\Serviio\bin\ServiioService.exe -start
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Serviio\Stop Serviio service.lnk - C:\Program Files\Serviio\bin\ServiioService.exe -stop
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Serviio\Uninstall Serviio.lnk - C:\Program Files (x86)\Serviio\uninstall.exe 
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VSFilter\Configuration (x64).lnk - C:\Windows\System32\rundll32.exe VSFilter.dll,DirectVobSub
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VSFilter\Uninstall (x64).lnk - C:\Program Files (x86)\VSFilter\unins000.exe 
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Console RAR manual.lnk - C:\Program Files (x86)\WinRAR\Rar.txt 
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\What is new in the latest version.lnk - C:\Program Files (x86)\WinRAR\WhatsNew.txt 
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR help.lnk - C:\Program Files (x86)\WinRAR\WinRAR.chm 
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk - C:\Program Files (x86)\WinRAR\WinRAR.exe 
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XM MT4\MetaEditor.lnk - C:\Program Files (x86)\XM MT4\metaeditor.exe 
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XM MT4\Uninstall.lnk - C:\Program Files (x86)\XM MT4\uninstall.exe 
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XM MT4\XM MT4.lnk - C:\Program Files (x86)\XM MT4\terminal.exe  ==== shortcuts in Quick Launch ====================== C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
      C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  
      C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
      C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  
      C:\Users\Lucas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\888poker.lnk - C:\Program Files (x86)\PacificPoker\bin\888poker.exe 
      C:\Users\Lucas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\BS.Player FREE.lnk - C:\Program Files (x86)\Webteh\BSPlayer\bsplayer.exe 
      C:\Users\Lucas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 
      C:\Users\Lucas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\partypoker.lnk - C:\Programs\PartyGaming\PartyGaming.exe -P=PartyPoker
      C:\Users\Lucas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
      C:\Users\Lucas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  
      C:\Users\Lucas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk -  
      C:\Users\Lucas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\76f9e4d33b60b312\Popcorn-Time.lnk - C:\Users\Lucas\AppData\Local\Popcorn-Time\Popcorn-Time.exe --user-data-dir="C:\Users\Lucas\AppData\Local\Popcorn-Time\User Data" --profile-directory=Default --app-id=hecfofbbdfadifpemejbbdcjmfmboohj
      C:\Users\Lucas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\computer.lnk -  
      C:\Users\Lucas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Control Panel.lnk -  
      C:\Users\Lucas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk -  
      C:\Users\Lucas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 
      C:\Users\Lucas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe 
      C:\Users\Lucas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Notepad.lnk - C:\Windows\system32\notepad.exe 
      C:\Users\postgres\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
      C:\Users\postgres\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -   ==== shortcuts After Repair ====================== C:\Users\Lucas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\76f9e4d33b60b312\Popcorn-Time.lnk - C:\Users\Lucas\AppData\Local\Popcorn-Time\Popcorn-Time.exe  ==== Reset IE Proxy ====================== Value(s) before fix:
      "ProxyEnable"=dword:00000000 Value(s) after fix:
      "ProxyEnable"=dword:00000000 ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully
      HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\UnityWebPlayer deleted successfully ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
      C:\Users\Lucas\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
      C:\Users\Lucas\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
      C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
      C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
      C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
      C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
      C:\Users\Lucas\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
      C:\Users\Lucas\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully
      C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
      C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
      C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully ==== Empty FireFox Cache ====================== No FireFox Cache found ==== Empty Chrome Cache ====================== C:\Users\Lucas\AppData\Local\Chromium\User Data\Default\Cache emptied successfully
      C:\Users\Lucas\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
      C:\Users\Lucas\AppData\Local\Popcorn-Time\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== No Flash Cache Found ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=1596 folders=1948 5230133766 bytes) ==== Empty Temp Folders ====================== C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied
      C:\Users\Lucas\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on Sat 05/27/2017 at 16:38:38.69 ======================
          Logfile of Trend Micro HijackThis v2.0.4
      Scan saved at 4:43:50 PM, on 5/27/2017
      Platform: Unknown Windows (WinNT 6.02.1008)
      MSIE: Internet Explorer v11.0 (11.00.14393.0953)
      Boot mode: Normal Running processes:
      C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
      C:\Users\Lucas\AppData\Local\Microsoft\OneDrive\OneDrive.exe
      C:\Program Files (x86)\Hotkey\Hotkey.exe
      C:\Users\Lucas\AppData\Local\Apps\2.0\JROKO8AW.M9G\WQT58663.9XT\poke...app_6e7fc6368d8f8800_0002.0001_7854192edeabd0f7\PSC.SideKick.exe
      C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe
      C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
      C:\Program Files (x86)\Razer\Razer Cortex\RazerCortex.exe
      C:\Users\Lucas\AppData\Local\Discord\app-0.0.297\Discord.exe
      C:\Users\Lucas\AppData\Local\Discord\app-0.0.297\Discord.exe
      C:\Users\Lucas\AppData\Local\Discord\app-0.0.297\Discord.exe
      C:\Program Files (x86)\Razer\Razer Cortex\Cef\CefSharp.BrowserSubprocess.exe
      C:\Users\Lucas\Downloads\HijackThis (1).exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
      R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
      R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
      R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
      R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
      R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
      F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe
      O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
      O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll
      O2 - BHO: Microsoft OneDrive for Business Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL
      O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll
      O4 - HKLM\..\Run: [THX Audio Control Panel] "C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe" /r
      O4 - HKLM\..\Run: [UpdReg] C:\Windows\UpdReg.EXE
      O4 - HKLM\..\Run: [RazerCortex] C:\Program Files (x86)\Razer\Razer Cortex\CortexLauncher.exe -autorun
      O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
      O4 - HKCU\..\Run: [OneDrive] "C:\Users\Lucas\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
      O4 - HKCU\..\Run: [Chromium] "c:\users\lucas\appdata\local\chromium\application\chrome.exe" --auto-launch-at-startup --profile-directory="Default" --restore-last-session
      O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
      O4 - HKCU\..\Run: [Discord] C:\Users\Lucas\AppData\Local\Discord\app-0.0.297\Discord.exe
      O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files\DAEMON Tools Pro\DTAgent.exe" -autorun
      O4 - HKCU\..\Run: [PokerStrategy.com SideKick] "C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PokerStrategy.com\PokerStrategy.com SideKick.appref-ms"
      O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
      O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Lucas\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Lucas\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\amd64"
      O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
      O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
      O4 - HKUS\S-1-5-21-3263317907-2408547081-2500880260-1004\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'postgres')
      O4 - Global Startup: Hotkey.lnk = C:\Program Files (x86)\Hotkey\Hotkey.exe
      O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE/3000
      O8 - Extra context menu item: Enviar imagem para Dispositivo Bluetooth - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\btsendto_ie_ctx.htm
      O8 - Extra context menu item: Enviar página para Dispositivo Bluetooth - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\btsendto_ie.htm
      O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office\Root\Office16\ONBttnIE.dll/105
      O8 - Extra context menu item: Send image to Bluetooth Device - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\btsendto_ie_ctx.htm
      O8 - Extra context menu item: Send page to Bluetooth Device - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\btsendto_ie.htm
      O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIE.dll
      O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIE.dll
      O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
      O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
      O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
      O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
      O9 - Extra button: @C:\Program Files (x86)\REALTEK\Realtek Bluetooth\LANG\BtServer_LANG.dll,-134 - {D870B030-8D66-423b-9B97-894D4A0DEC23} - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\btsendto_ie.htm (HKCU)
      O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\REALTEK\Realtek Bluetooth\LANG\BtServer_LANG.dll,-134 - {D870B030-8D66-423b-9B97-894D4A0DEC23} - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\btsendto_ie.htm (HKCU)
      O10 - Unknown file in Winsock LSP: c:\Windows\syswow64\wlidnsp.dll
      O10 - Unknown file in Winsock LSP: c:\Windows\syswow64\wlidnsp.dll
      O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
      O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
      O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
      O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
      O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
      O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
      O18 - Protocol: Windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
      O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
      O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
      O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
      O23 - Service: AvrcpService - Realtek Semiconductor Corporation - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\AvrcpService.exe
      O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
      O23 - Service: Serviço do Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
      O23 - Service: BTDevManager - Unknown owner - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe
      O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
      O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
      O23 - Service: Disc Soft Pro Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Pro\DiscSoftBusServicePro.exe
      O23 - Service: EasyAntiCheat - EasyAntiCheat Ltd - C:\Windows\system32\EasyAntiCheat.exe
      O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
      O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
      O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
      O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
      O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
      O23 - Service: Hi-Rez Studios Authenticate and Update Service (HiPatchService) - Hi-Rez Studios - C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
      O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - HP Inc. - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
      O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
      O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing)
      O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
      O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
      O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
      O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
      O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
      O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
      O23 - Service: Origin Web Helper Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginWebHelperService.exe
      O23 - Service: PostgreSQL Database Server 8.3 (pgsql-8.3) - PostgreSQL Global Development Group - C:\Program Files (x86)\PostgreSQL\8.3\bin\pg_ctl.exe
      O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
      O23 - Service: PowerBiosServer - Unknown owner - C:\Program Files (x86)\Hotkey\PowerBiosServer.exe
      O23 - Service: Razer Game Scanner (Razer Game Scanner Service) - Unknown owner - C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
      O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
      O23 - Service: RtkBleServ - Realtek Semiconductor Corporation - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\RtkBleServ.exe
      O23 - Service: RzKLService - Razer Inc. - C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe
      O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
      O23 - Service: @%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001 (Sense) - Unknown owner - C:\Program Files (x86)\Windows Defender Advanced Threat Protection\MsSense.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\Windows\System32\SensorDataService.exe (file missing)
      O23 - Service: Serviio - Unknown owner - C:\Program Files\Serviio\bin\ServiioService.exe
      O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
      O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
      O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
      O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\Windows\system32\TieringEngineService.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
      O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
      O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
      O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
      O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
      O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
      O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) --
      End of file - 15169 bytes
       
    • Ótimo, muito bom!! Continuando.. 1. Desabilite o seu Antivírus e AntiSpyware para não haver conflitos e Mantenha-os desativados até terminar as instruções. 2. Faça download do Zoek e execute-o. 3. Copie as linhas abaixo (selecione-as e tecle CTRL+C) e cole (CTRL+V) no espaço do Zoek: createsrpoint;
      autoclean;
      resetieproxy;
      resethosts;
      iedefaults;
      chrdefaults;
      emptyCHRcache;
      ffdefaults;
      firefoxlook;
      emptyalltemp;
      shortcutfix; 4. Feche todos os navegadores e clique em Run Script: Durante o Scan a mensagem abaixo será apresentada. Seja paciente e aguarde o término da execução do script pois a análise pode demorar alguns minutos.. 5. Caso seja solicitada a reinicialização do computador, faça isso clicando em OK 6.  O Zoek abrirá uma janela com o resultado da análise. Poste o conteúdo dessa janela e também um novo Log do HijackThis.
    • # AdwCleaner v6.047 - Logfile created 27/05/2017 at 15:08:49
      # Updated on 19/05/2017 by Malwarebytes
      # Database : 2017-05-26.6 [Server]
      # Operating System : Windows 10 Pro  (X64)
      # Username : Lucas - LUCAS
      # Running from : C:\Users\Lucas\Downloads\AdwCleaner.exe
      # Mode: Clean
      # Support : https://www.malwarebytes.com/support ***** [ Services ] ***** ***** [ Folders ] ***** [-] Folder deleted: C:\Users\Lucas\AppData\Local\YSearchUtil
      [-] Folder deleted: C:\Users\Lucas\AppData\LocalLow\.acestream
      [-] Folder deleted: C:\Users\Lucas\AppData\Roaming\.acestream
      [-] Folder deleted: C:\Users\Lucas\AppData\Roaming\acestream
      [-] Folder deleted: C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\ByteFence
      [-] Folder deleted: C:\_acestream_cache_
      [-] Folder deleted: C:\Windows\SysWOW64\config\systemprofile\AppData\Local\YSearchUtil
      ***** [ Files ] ***** [-] File deleted: C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\0ka5dy0j.default\extensions\jid1-16aeif9OQIRKxA@jetpack.xpi
      ***** [ DLL ] ***** ***** [ WMI ] ***** ***** [ Shortcuts ] ***** [-] Shortcut disinfected: C:\Users\Public\Desktop\Google Chrome.lnk
      [-] Shortcut disinfected: C:\Users\Public\Desktop\Mozilla Firefox.lnk
      [-] Shortcut disinfected: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
      [-] Shortcut disinfected: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
      [-] Shortcut disinfected: C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\Kerbal Space Program.lnk
      [-] Shortcut disinfected: C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk
      [-] Shortcut disinfected: C:\Users\Lucas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk
      ***** [ Scheduled Tasks ] ***** ***** [ Registry ] ***** [-] Key deleted: HKU\S-1-5-21-3263317907-2408547081-2500880260-1001\Software\Classes\acestream
      [#] Key deleted on reboot: HKCU\Software\Classes\acestream
      [#] Key deleted on reboot: [x64] HKCU\Software\Classes\acestream
      [-] Key deleted: HKU\S-1-5-21-3263317907-2408547081-2500880260-1001\Software\Conduit
      [#] Key deleted on reboot: HKCU\Software\Conduit
      [-] Key deleted: HKLM\SOFTWARE\Conduit
      [#] Key deleted on reboot: [x64] HKCU\Software\Conduit
      ***** [ Web browsers ] ***** [-] [C:\Users\Lucas\AppData\Local\Chromium\User Data\Default\Web data] [Search Provider] Deleted: yhs
      [-] [C:\Users\Lucas\AppData\Local\Chromium\User Data\Default] [startup_urls] Deleted: hxxps://br.search.yahoo.com/yhs/web?hspart=elm&hsimp=yhs-001&type=hdr_s_16_34_wbf_nrssi_16_32&param1=1&param2=f%3D7%26b%3Dchmm%26cc%3Dbr%26pa%3DHodor%26cd%3D2XzuyEtN2Y1L1QzuyC0CyBtC0Dzyzy0AtDyCyEzytDtD0CzytN0D0Tzu0StCyBtDtCtN1L2XzutAtFtByEtFyCtFtDtN1L1Czu1M1Q1CtByDtFtCtFtCtN1L1G1B1V1N2Y1L1Qzu2StC0E0Dzz0D0DtAzytGtCzz0AyEtGtByE0BzztGtA0BtD0CtGzz0F0CyByD0F0AtC0E0E0EyB2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAzz0E0EtBtC0A0BtGtBtDyCtAtGyE0Dzy0DtG0A0Azy0AtGyE0AtD0DtBtB0B0B0F0E0E0F2QtN0A0LzuyE%26cr%3D1665732108%26a%3Dhdr_s_16_34_wbf_nrssi_16_32%26os_ver%3D10.0%26os%3DWindows%2B10%2BPro
      [-] [C:\Users\Lucas\AppData\Local\Chromium\User Data\Default] [homepage] Deleted: hxxps://br.search.yahoo.com/yhs/web?hspart=elm&hsimp=yhs-001&type=hdr_s_16_34_wbf_nrssi_16_32&param1=1&param2=f%3D1%26b%3Dchmm%26cc%3Dbr%26pa%3DHodor%26cd%3D2XzuyEtN2Y1L1QzuyC0CyBtC0Dzyzy0AtDyCyEzytDtD0CzytN0D0Tzu0StCyBtDtCtN1L2XzutAtFtByEtFyCtFtDtN1L1Czu1M1Q1CtByDtFtCtFtCtN1L1G1B1V1N2Y1L1Qzu2StC0E0Dzz0D0DtAzytGtCzz0AyEtGtByE0BzztGtA0BtD0CtGzz0F0CyByD0F0AtC0E0E0EyB2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAzz0E0EtBtC0A0BtGtBtDyCtAtGyE0Dzy0DtG0A0Azy0AtGyE0AtD0DtBtB0B0B0F0E0E0F2QtN0A0LzuyE%26cr%3D1665732108%26a%3Dhdr_s_16_34_wbf_nrssi_16_32%26os_ver%3D10.0%26os%3DWindows%2B10%2BPro
      ************************* :: "Tracing" keys deleted
      :: Winsock settings cleared ************************* C:\AdwCleaner\AdwCleaner[C0].txt - [3928 Bytes] - [27/05/2017 15:08:49]
      C:\AdwCleaner\AdwCleaner[S0].txt - [4072 Bytes] - [27/05/2017 15:05:34] ########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [4074 Bytes] ##########
        # AdwCleaner v6.047 - Logfile created 27/05/2017 at 15:08:49
      # Updated on 19/05/2017 by Malwarebytes
      # Database : 2017-05-26.6 [Server]
      # Operating System : Windows 10 Pro  (X64)
      # Username : Lucas - LUCAS
      # Running from : C:\Users\Lucas\Downloads\AdwCleaner.exe
      # Mode: Clean
      # Support : https://www.malwarebytes.com/support ***** [ Services ] ***** ***** [ Folders ] ***** [-] Folder deleted: C:\Users\Lucas\AppData\Local\YSearchUtil
      [-] Folder deleted: C:\Users\Lucas\AppData\LocalLow\.acestream
      [-] Folder deleted: C:\Users\Lucas\AppData\Roaming\.acestream
      [-] Folder deleted: C:\Users\Lucas\AppData\Roaming\acestream
      [-] Folder deleted: C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\ByteFence
      [-] Folder deleted: C:\_acestream_cache_
      [-] Folder deleted: C:\Windows\SysWOW64\config\systemprofile\AppData\Local\YSearchUtil
      ***** [ Files ] ***** [-] File deleted: C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\0ka5dy0j.default\extensions\jid1-16aeif9OQIRKxA@jetpack.xpi
      ***** [ DLL ] ***** ***** [ WMI ] ***** ***** [ Shortcuts ] ***** [-] Shortcut disinfected: C:\Users\Public\Desktop\Google Chrome.lnk
      [-] Shortcut disinfected: C:\Users\Public\Desktop\Mozilla Firefox.lnk
      [-] Shortcut disinfected: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
      [-] Shortcut disinfected: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
      [-] Shortcut disinfected: C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\Kerbal Space Program.lnk
      [-] Shortcut disinfected: C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk
      [-] Shortcut disinfected: C:\Users\Lucas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk
      ***** [ Scheduled Tasks ] ***** ***** [ Registry ] ***** [-] Key deleted: HKU\S-1-5-21-3263317907-2408547081-2500880260-1001\Software\Classes\acestream
      [#] Key deleted on reboot: HKCU\Software\Classes\acestream
      [#] Key deleted on reboot: [x64] HKCU\Software\Classes\acestream
      [-] Key deleted: HKU\S-1-5-21-3263317907-2408547081-2500880260-1001\Software\Conduit
      [#] Key deleted on reboot: HKCU\Software\Conduit
      [-] Key deleted: HKLM\SOFTWARE\Conduit
      [#] Key deleted on reboot: [x64] HKCU\Software\Conduit
      ***** [ Web browsers ] ***** [-] [C:\Users\Lucas\AppData\Local\Chromium\User Data\Default\Web data] [Search Provider] Deleted: yhs
      [-] [C:\Users\Lucas\AppData\Local\Chromium\User Data\Default] [startup_urls] Deleted: hxxps://br.search.yahoo.com/yhs/web?hspart=elm&hsimp=yhs-001&type=hdr_s_16_34_wbf_nrssi_16_32&param1=1&param2=f%3D7%26b%3Dchmm%26cc%3Dbr%26pa%3DHodor%26cd%3D2XzuyEtN2Y1L1QzuyC0CyBtC0Dzyzy0AtDyCyEzytDtD0CzytN0D0Tzu0StCyBtDtCtN1L2XzutAtFtByEtFyCtFtDtN1L1Czu1M1Q1CtByDtFtCtFtCtN1L1G1B1V1N2Y1L1Qzu2StC0E0Dzz0D0DtAzytGtCzz0AyEtGtByE0BzztGtA0BtD0CtGzz0F0CyByD0F0AtC0E0E0EyB2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAzz0E0EtBtC0A0BtGtBtDyCtAtGyE0Dzy0DtG0A0Azy0AtGyE0AtD0DtBtB0B0B0F0E0E0F2QtN0A0LzuyE%26cr%3D1665732108%26a%3Dhdr_s_16_34_wbf_nrssi_16_32%26os_ver%3D10.0%26os%3DWindows%2B10%2BPro
      [-] [C:\Users\Lucas\AppData\Local\Chromium\User Data\Default] [homepage] Deleted: hxxps://br.search.yahoo.com/yhs/web?hspart=elm&hsimp=yhs-001&type=hdr_s_16_34_wbf_nrssi_16_32&param1=1&param2=f%3D1%26b%3Dchmm%26cc%3Dbr%26pa%3DHodor%26cd%3D2XzuyEtN2Y1L1QzuyC0CyBtC0Dzyzy0AtDyCyEzytDtD0CzytN0D0Tzu0StCyBtDtCtN1L2XzutAtFtByEtFyCtFtDtN1L1Czu1M1Q1CtByDtFtCtFtCtN1L1G1B1V1N2Y1L1Qzu2StC0E0Dzz0D0DtAzytGtCzz0AyEtGtByE0BzztGtA0BtD0CtGzz0F0CyByD0F0AtC0E0E0EyB2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAzz0E0EtBtC0A0BtGtBtDyCtAtGyE0Dzy0DtG0A0Azy0AtGyE0AtD0DtBtB0B0B0F0E0E0F2QtN0A0LzuyE%26cr%3D1665732108%26a%3Dhdr_s_16_34_wbf_nrssi_16_32%26os_ver%3D10.0%26os%3DWindows%2B10%2BPro
      ************************* :: "Tracing" keys deleted
      :: Winsock settings cleared ************************* C:\AdwCleaner\AdwCleaner[C0].txt - [3928 Bytes] - [27/05/2017 15:08:49]
      C:\AdwCleaner\AdwCleaner[S0].txt - [4072 Bytes] - [27/05/2017 15:05:34] ########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [4074 Bytes] ##########   ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
      Junkware Removal Tool (JRT) by Malwarebytes
      Version: 8.1.3 (04.10.2017)
      Operating System: Windows 10 Pro x64 
      Ran by Lucas (Administrator) on Sat 05/27/2017 at 15:13:09.12
      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
      File System: 0 
      Registry: 0  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
      Scan was completed on Sat 05/27/2017 at 15:18:53.51
      End of JRT log
      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~     Logfile of Trend Micro HijackThis v2.0.4
      Scan saved at 3:23:19 PM, on 5/27/2017
      Platform: Unknown Windows (WinNT 6.02.1008)
      MSIE: Internet Explorer v11.0 (11.00.14393.0953)
      Boot mode: Normal Running processes:
      C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
      C:\Users\Lucas\Downloads\HijackThis (1).exe
      C:\Windows\SysWOW64\DllHost.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
      R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
      R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
      R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
      R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
      R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
      F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe
      O1 - Hosts: ::1 tutorial2
      O1 - Hosts: ::1 test2
      O1 - Hosts: ::1 Projetos
      O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
      O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll
      O2 - BHO: Microsoft OneDrive for Business Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL
      O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll
      O4 - HKLM\..\Run: [THX Audio Control Panel] "C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe" /r
      O4 - HKLM\..\Run: [UpdReg] C:\Windows\UpdReg.EXE
      O4 - HKLM\..\Run: [RazerCortex] C:\Program Files (x86)\Razer\Razer Cortex\CortexLauncher.exe -autorun
      O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
      O4 - HKCU\..\Run: [OneDrive] "C:\Users\Lucas\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
      O4 - HKCU\..\Run: [Chromium] "c:\users\lucas\appdata\local\chromium\application\chrome.exe" --auto-launch-at-startup --profile-directory="Default" --restore-last-session
      O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
      O4 - HKCU\..\Run: [Discord] C:\Users\Lucas\AppData\Local\Discord\app-0.0.297\Discord.exe
      O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files\DAEMON Tools Pro\DTAgent.exe" -autorun
      O4 - HKCU\..\Run: [PokerStrategy.com SideKick] "C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PokerStrategy.com\PokerStrategy.com SideKick.appref-ms"
      O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
      O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Lucas\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Lucas\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\amd64"
      O4 - Global Startup: Hotkey.lnk = C:\Program Files (x86)\Hotkey\Hotkey.exe
      O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE/3000
      O8 - Extra context menu item: Enviar imagem para Dispositivo Bluetooth - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\btsendto_ie_ctx.htm
      O8 - Extra context menu item: Enviar página para Dispositivo Bluetooth - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\btsendto_ie.htm
      O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office\Root\Office16\ONBttnIE.dll/105
      O8 - Extra context menu item: Send image to Bluetooth Device - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\btsendto_ie_ctx.htm
      O8 - Extra context menu item: Send page to Bluetooth Device - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\btsendto_ie.htm
      O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIE.dll
      O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIE.dll
      O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
      O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
      O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
      O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
      O9 - Extra button: @C:\Program Files (x86)\REALTEK\Realtek Bluetooth\LANG\BtServer_LANG.dll,-134 - {D870B030-8D66-423b-9B97-894D4A0DEC23} - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\btsendto_ie.htm (HKCU)
      O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\REALTEK\Realtek Bluetooth\LANG\BtServer_LANG.dll,-134 - {D870B030-8D66-423b-9B97-894D4A0DEC23} - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\btsendto_ie.htm (HKCU)
      O10 - Unknown file in Winsock LSP: c:\Windows\syswow64\wlidnsp.dll
      O10 - Unknown file in Winsock LSP: c:\Windows\syswow64\wlidnsp.dll
      O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
      O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
      O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
      O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
      O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
      O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
      O18 - Protocol: Windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
      O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
      O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
      O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
      O23 - Service: AvrcpService - Realtek Semiconductor Corporation - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\AvrcpService.exe
      O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
      O23 - Service: Serviço do Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
      O23 - Service: BTDevManager - Unknown owner - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe
      O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
      O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
      O23 - Service: Disc Soft Pro Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Pro\DiscSoftBusServicePro.exe
      O23 - Service: EasyAntiCheat - EasyAntiCheat Ltd - C:\Windows\system32\EasyAntiCheat.exe
      O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
      O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
      O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
      O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
      O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
      O23 - Service: Hi-Rez Studios Authenticate and Update Service (HiPatchService) - Hi-Rez Studios - C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
      O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - HP Inc. - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
      O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
      O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing)
      O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
      O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
      O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
      O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
      O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
      O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
      O23 - Service: Origin Web Helper Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginWebHelperService.exe
      O23 - Service: PostgreSQL Database Server 8.3 (pgsql-8.3) - PostgreSQL Global Development Group - C:\Program Files (x86)\PostgreSQL\8.3\bin\pg_ctl.exe
      O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
      O23 - Service: PowerBiosServer - Unknown owner - C:\Program Files (x86)\Hotkey\PowerBiosServer.exe
      O23 - Service: Razer Game Scanner (Razer Game Scanner Service) - Unknown owner - C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
      O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
      O23 - Service: RtkBleServ - Realtek Semiconductor Corporation - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\RtkBleServ.exe
      O23 - Service: RzKLService - Razer Inc. - C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe
      O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
      O23 - Service: @%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001 (Sense) - Unknown owner - C:\Program Files (x86)\Windows Defender Advanced Threat Protection\MsSense.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\Windows\System32\SensorDataService.exe (file missing)
      O23 - Service: Serviio - Unknown owner - C:\Program Files\Serviio\bin\ServiioService.exe
      O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
      O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
      O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
      O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\Windows\system32\TieringEngineService.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
      O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
      O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
      O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
      O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
      O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
      O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) --
      End of file - 14181 bytes
         
O site BABOO está no ar para informar e ajudar o internauta de Windows. Este site foi publicado em 1999 por Aurélio "Baboo", engenheiro e um dos maiores especialistas brasileiros em Windows, que trabalha profissionalmente com esse sistema operacional desde 1987. Desde 2004 ele é premiado anualmente pela Microsoft como MVP (Most Valuable Professional) pela sua contribuição e ajuda à comunidade de usuários de Windows.

Em 2001 foi criado o
Fórum do BABOO para ajudar o internauta brasileiro a solucionar problemas e dúvidas sobre Windows, Segurança, Office, Hardware e outros temas. Desde 2010 a Microsoft também tem premiado o Mr.Million, administrador da área de Segurança do Fórum do BABOO, pelo seu incansável trabalho ajudando os internautas a remover vírus e malwares dos seus computadores. Atualmente ele é o único MVP brasileiro de Segurança em desktop.

O BABOO é o único site brasileiro coordenado por um especialista com reconhecimento internacional pela sua competência em Windows e que participa diariamente e ativamente nos comentários e discussões do site e fórum BABOO.