Conteúdo: Default Ardósia Uva Barbie Morango Pôr do sol Banana Folha Chocolate Madeira
Fundo: Default Ardósia Uva Barbie Morango Pôr do sol Banana Folha Chocolate Madeira
Desenho: Liso Onda Linha Retalho Madeira Rocha Couro Colméia Vertical Triângulo
Bem-vindo ao Fórum do BABOO!

Desde 2000 o Fórum do BABOO tem ajudado milhões de internautas de Windows a resolverem seus problemas e dúvidas, além de ajudar na remoção de vírus e malwares de seus computadores. Somos o único fórum brasileiro coordenado por um especialista com reconhecimento internacional pela sua competência em Windows, então se você tem uma dúvida ou problema que nenhum outro fórum resolve, poste-a aqui pois o MVP Babooadora desafios!
  

O Fórum do BABOO também conta com a participação exclusiva do administrador da área de Segurança MVP Mr.Million que tem reconhecimento internacional da Microsoft pelo seu incansável trabalho ajudando os internautas a remover vírus e malwares dos seus computadores. Se o seu computador está infectado por algum vírus, ele te ajudará a removê-lo!
  

Nosso time de especialistas também inclui Patropi  Osvaldomp  Caze  Ciro-Mota  XERLOUCO ROUMS  Tatha que responderão suas dúvidas sobre diversos assuntos.
 

Participe da nossa comunidade! 

 

Entre para seguir isso  
Seguidores 0
Paulo Vitor Neto

Dúvida na formatação

15 posts neste tópico

Olá pessoal.

Eu to com um probleminha. To tentando formatar um PC com placa mae ASUS K8V-X SE. O HD que tinha nele era Samsung de 80 GB IDE, ele ta com um arquivo corrompido e eu tenho que restaurar OU instalar o windows novamente. Só que ele para na tela "Procurando por versões anteriores do Microsoft Windows". Eu já li o tópico sobre isso aqui

-> http://www.babooforum.com.br/forum/index.php?/topic/729775-instalando-o-windows-xp-em-computadores-novos/

Só que o meu HD é IDE e não SATA, daí nao sei se posso repetir o mesmo processo. Alguém pode me responder?

 

Minha outra dúvida é que tenho um outro HD aqui, Samsung SATA 80 GB, tá com windows novinho (formatei no meu outro PC), Sem nenhum programa instalado ainda. Formatei no meu outro computador e tentei rodar nesse PC com placa mae asus, mas ele nao reconhece e dá um problema la numa tela parecida com a da BIOS, dizendo "NOTICE! The number of disks is not adequate to create a raid". Bom, pelo que eu sei, pra esse negócio de raid aí precisa de 2 HD's, mas eu coloquei só o SATA, o IDE eu tirei, daí fui procurar na BIOS como desativar essa opção e colocar Non-RAID mas não achei, alguém poderia me ajudar? Os settings da minha BIOS é igual ao do exemplo do tópico no link ali em cima. No comentário #14 o _Lucas_, membro da Equibe BABOO, disse que essas opções podem ter nomes diferentes variando de placa pra placa, e eu nao consigo achar na minha :(

Preciso formatar esse PC o quanto antes, alguém me ajude por favor :D

O sistema que to tentando instalar é o Windows XP (é SP2 ou SP3, não sei qual dos dois :S).

Compartilhar este post


Link para o post
Compartilhar em outros sites

DUVIDA 1: Aquele tutorial é para a instalação do XP em Hd's Sata... o windows XP não vinha com os drivers apropriados para os HD's SATA... O seu HD sendo IDE, você pode instalar sem problema... o Windows XP tem todos os suportes apropriados.

 

DUVIDA 2: Esse negocio de instalar windows em uma maquina e depois trocar o HD de maquina, (pelo menos comigo), nunca funcionou... sempre tive problemas com drivers... isso quando o windows consegue iniciar. Meu conselho é que você instale o windows na maquina que pretende usar o HD. É bem mais rápido e muito mais seguro.

Para resolver o problema do RAID você vai precisar do drive raid da sua placa-mãe gravado em um disquete...altere o boot para ler antes o CD\DVD...quando você iniciar a instalação do windows nas primeiras janelas você terá que apertar o F6 para que o drive seja enxergado pelo windows... depois disso instale normalmente..você vai precisar do drive raid da sua placa-mãe gravado em um disquete...altere o boot para ler antas o CD\DVD...quando você iniciar a instalação do windows nas primeiras janelas você terá que apertar o F6 para que o drive seja enxergado pelo windows... depois disso instale normalmente..


 

DIGA SE FUNCIONOU!!!

 

Compartilhar este post


Link para o post
Compartilhar em outros sites

Vou tentar o que você falou na segunda parte. Mas o problema do meu HD IDE é que para uma tela "Procurando por versões anteriores do Microsoft Windows". Já limpei tudo, tirei as memórias e limpei e tal, limpei o PC todinho, e continua travando naquela parte :S. Vo tentar e mais tarde posto aqui. Obrigado.

Compartilhar este post


Link para o post
Compartilhar em outros sites

Vou tentar o que você falou na segunda parte. Mas o problema do meu HD IDE é que para uma tela "Procurando por versões anteriores do Microsoft Windows". Já limpei tudo, tirei as memórias e limpei e tal, limpei o PC todinho, e continua travando naquela parte :S. Vo tentar e mais tarde posto aqui. Obrigado.

 

Coloque o CD do Windows XP e inicie uma instalação limpa no HD IDE, ao iniciar o processo, escolha eliminar a partição "C".

 

Saia da instalação, reinicie novamente com o CD do XP do drive e comece uma nova instalação, criando partições, formatando e instalando.

Editado por edol

''

Compartilhar este post


Link para o post
Compartilhar em outros sites

Olá pessoal.

Eu to com um probleminha. To tentando formatar um PC com placa mae ASUS K8V-X SE. O HD que tinha nele era Samsung de 80 GB IDE, ele ta com um arquivo corrompido e eu tenho que restaurar OU instalar o windows novamente. Só que ele para na tela "Procurando por versões anteriores do Microsoft Windows". Eu já li o tópico sobre isso aqui

-> http://www.babooforum.com.br/forum/index.php?/topic/729775-instalando-o-windows-xp-em-computadores-novos/

Só que o meu HD é IDE e não SATA, daí nao sei se posso repetir o mesmo processo. Alguém pode me responder?

Bem-vindo, Paulo.

 

O procedimento descrito no tópico não se aplica ao seu caso, pois o problema que ele se propõe a resolver não ocorre com HDs IDE.

 

O sintoma descrito por você é típico de problemas no HD. Faça uma verificação através do CHKDSK e observe se algum erro é relatado durante o processo.

 

Minha outra dúvida é que tenho um outro HD aqui, Samsung SATA 80 GB, tá com windows novinho (formatei no meu outro PC), Sem nenhum programa instalado ainda. Formatei no meu outro computador e tentei rodar nesse PC com placa mae asus, mas ele nao reconhece e dá um problema la numa tela parecida com a da BIOS, dizendo "NOTICE! The number of disks is not adequate to create a raid". Bom, pelo que eu sei, pra esse negócio de raid aí precisa de 2 HD's, mas eu coloquei só o SATA, o IDE eu tirei, daí fui procurar na BIOS como desativar essa opção e colocar Non-RAID mas não achei, alguém poderia me ajudar? Os settings da minha BIOS é igual ao do exemplo do tópico no link ali em cima. No comentário #14 o _Lucas_, membro da Equipe BABOO, disse que essas opções podem ter nomes diferentes variando de placa pra placa, e eu nao consigo achar na minha :(

Preciso formatar esse PC o quanto antes, alguém me ajude por favor :D

O sistema que to tentando instalar é o Windows XP (é SP2 ou SP3, não sei qual dos dois :S).

A mensagem de erro citada é proveniente da placa-mãe (BIOS) e não do Windows. Parece que alguma configuração do BIOS está definida incorretamente. Acesse as configurações do BIOS, vá até a aba "Exit" selecione a opção "Load Defaults Setups". Isto carregará as configurações de fábrica da placa-mãe e poderá corrigir alguma configuração que possa estar errada.

 

No entanto, instalar o Windows XP em um computador e inicializá-lo em outro costuma realmente gerar problemas por conta de incompatibilidade de drivers. Nesse caso, você pode tentar seguir o procedimento descrito aqui a fim de sanar o problema.

 

Boa sorte! (Y)

Compartilhar este post


Link para o post
Compartilhar em outros sites

_Lucas_, ja fiz isso que voce disse, carreguei as opções originais (Default), tentei e não dá. Ao tentar instalar o SATA, eu usei um pendrive, desabilitei a opçao "Legacy Diskette A" pra poder ler o pendrive. Baixei o driver RAID da placa mae e descompactei no pendrive, dái o PC nao encontrava o arguivo txtsetup.oem. Entao eu movi o arquivo pra fora da pasta "Disk" (a pasta onde o arquivo txtsetup.oem é colocado quando descompacto o driver RAID). E o PC localizou e tal, ai selecionei a opção "Controlador SATA/RAID Windows XP" (não lembro bem se era esse o nome da opção), e tinha outras opções la pra windows 2003 server algo assim. Ai comecei a formatar o HD normal, e quando terminou a primeira faze, a formatação parou e disse q tava faltando o arquivo viamraid.sys, cliquei em ignorar e continou a instalação, ai o PC reiniciou e ia continuar a instalação do windows, mas de novo o PC deu akela tela "NOTICE: the number of disks is not adequate to create a RAID!", ai quando tentou iniciar o windows, deu tela azul com o erro 

***STOP: 0x0000007B (0xF78D2524,0xC0000034,0x00000000,0x00000000).

Já nem sei mais o que fazer ...

Na minha BIOS não tem opção pra desativar RAID, a nao ser que esteja com nome diferente (placa mae ASUS K8V-X SE) .. :(

Editado por Paulo Vitor Neto

''

Compartilhar este post


Link para o post
Compartilhar em outros sites

Ai comecei a formatar o HD normal, e quando terminou a primeira faze, a formatação parou e disse q tava faltando o arquivo viamraid.sys, cliquei em ignorar e continou a instalação, ai o PC reiniciou e ia continuar a instalação do windows, mas de novo o PC deu akela tela "NOTICE: the number of disks is not adequate to create a RAID!", ai quando tentou iniciar o windows, deu tela azul com o erro 

***STOP: 0x0000007B (0xF78D2524,0xC0000034,0x00000000,0x00000000).

Isso está ocorrendo porque o driver da controladora SATA não foi instalado corretamente - uma vez que o arquivo "viamraid.sys" é um dos drivers e está ausente. Tente repetir o procedimento, pois pode ter dado algo errado. Se o problema persistir, tente integrar o driver no CD de instalação conforme explicado no tutorial.

 

Na minha BIOS não tem opção pra desativar RAID, a nao ser que esteja com nome diferente (placa mae ASUS K8V-X SE) .. :(

A princípio eu também não tinha encontrado essa opção no manual da sua placa-mãe. Só agora lembrei que as configurações de RAID das placas ASUS ficam em uma tela separada das configurações do BIOS.

 

Inicialize o computador, espere passar aquela tela de abertura e pressione TAB para entrar nas configurações de RAID. Verifique se não há alguma opção por lá que possa estar causando esse erro relacionado ao número de discos para criar um RAID.

 

Boa sorte! (Y)

Compartilhar este post


Link para o post
Compartilhar em outros sites

A cara, o negócio continua dando erro. To tentando formatar desde ontem...

 

Quando eu aperto TAB nao acontece nada, inicializa normal... 

Tipo, quando o sistema nao achou o arquivo txtsetup.oem, eu encontrei esse arquivo na pasta do driver e movi ele pra fora da pasta, daí o sistema reconheceu. Também achei esse arquivo viamraid só que ta sem a extensão .sys (porém nas propriedades é possivel ver q é um arquivo .sys), será q se eu mover ele pra fora da pasta da certo ?

Compartilhar este post


Link para o post
Compartilhar em outros sites

Acredito que a mensagem que diz quantidade insuficiente de disco para RAID se deve ao fato de no seu BIOS seu HD Sata está configurado como RAID. A mensagem "number of disks not adequate" se refere ao fato que precisas de 2 ou mais HDs para criar um disco RAID. Lembre que para criar um RAID todos os HDs tem que ter o mesmo barramento, ou seja, todos SATA ou todos IDE. Procure no BIOS por "Configure sata as", geralmente tem as opções IDE, AHCI e RAID. Caso esteja selecionado RAID mude para IDE, confirme as alterações e saio do BIOS. Quanto ao driver SATA/RAID, o Windows XP não traz ele nativo e não significa que tem que configurar seus HDs em RAID. Tem um aplicativo que pode adiciona-lo na sua imagem do XP. Ele vai "abrir sua ISO" e durante o processo irá perguntar se deseja anexar drivers à imagem. Basta selecionar o driver em questão que o aplicativo irá adicioná-lo e criar a nova ISO, assim não precisará mais de disquetes ou pendrives. O nome do aplicativo acredito ser nVLite.

Editado por cracco

''

Compartilhar este post


Link para o post
Compartilhar em outros sites

Quando eu aperto TAB nao acontece nada, inicializa normal... 

Paulo,

Veja se consegue acessar as configurações da controladora RAID pressionando TAB logo ao ligar o computador.

 

Como eu disse anteriormente, algumas controladoras RAID possuem o seu próprio BIOS. Na placa ASUS P5RD1-VM que eu tinha aqui, por exemplo, aparecia a tela a seguir, na qual era necessário pressionar CTRL-A para entrar nas configurações de RAID:

 

post-25395-0-65432200-1357391882.png

 

Mas isso era na minha placa. De acordo com o capítulo 3.4.2, do manual da sua placa-mãe, a tecla TAB deve dar acesso às configurações de RAID. No entanto, ao contrário do que eu afirmei anteriormente, essa tecla desse ser pressionada logo no que o computador é inicializado.
 
Não fui capaz de encontrar informações sobre o que aparece ao entrar nas configurações da controladora RAID da sua placa, mas, se você conseguir acessá-las, verifique se há alguma maneira de desativar o RAID.

 

Tipo, quando o sistema nao achou o arquivo txtsetup.oem, eu encontrei esse arquivo na pasta do driver e movi ele pra fora da pasta, daí o sistema reconheceu. Também achei esse arquivo viamraid só que ta sem a extensão .sys (porém nas propriedades é possivel ver q é um arquivo .sys), será q se eu mover ele pra fora da pasta da certo ?

Vai ser necessário testar para ver o que acontece. Mas acredito que ele encontre sim. Nesse caso, sugiro que deixe este e qualquer outro arquivo fora da pasta Disk.

 

Boa sorte! (Y)

Compartilhar este post


Link para o post
Compartilhar em outros sites

Acredito que o HD não está configurado como IDE e sim como RAID. Mudando para IDE desativará qualquer configuração RAID. Você só pode ter um disco RAID se estes estiverem configurados em RAID, estes eu digo 2 ou mais. Como só tens 1 HD que provavelmente está como RAID sempre terás a mensagem "disk number inadequate".

Tente no seu BIOS, se este for parecido com o do tutorial, no menu "advanced/onboard device configuration" e veja se há opções IDE, AHCI e RAID para seu HD Sata.

Editado por cracco

''

Compartilhar este post


Link para o post
Compartilhar em outros sites

Fiz uma pesquisa sobre sua MB e descobri que para HDs Sata você obrigatoriamente tem que criar um disco Raid, ou seja, não existe opção de configurá-los como IDE. Neste caso, ao utilizar disco Sata deverá ter dois ou mais discos para que funcione. Se pretende utilizar somente um HD este deverá ser IDE.

Compartilhar este post


Link para o post
Compartilhar em outros sites

Crie uma conta ou entre para comentar

Você precisar ser um membro para fazer um comentário

Criar uma conta

Quer postar a sua dúvida? Cadastre-se pois é rápido e fácil!


Crie uma nova conta

Entrar

Já tem uma conta? Faça o login.


Entrar Agora
Esse tópico é útil para você?
Então compartilhe e ajude outros internautas!
Entre para seguir isso  
Seguidores 0

  • Vídeos do BABOO no YouTube

  • Posts

    • Gostaria de saber se é possível remover a barra de progresso de cópia de arquivos no Windows 7. Ou seja, aquela barrinha verde que que fica na janela minimizada e que mostra o andamento da operação. Obs: É apenas a barra minimizada anexei a imagem com o progresso da cópia de arquivo apenas como exemplo.
    • Parece que resolveu meu problema. Qualquer coisa volto a postar aqui. Muito Obrigado Mr.Million pelo suporte.
    • Baixe o Malwarebytes Anti-Malware (MBAM) e salve ou imprima estas instruções: 1. Execute o MBAM e prossiga com a instalação até chegar na tela abaixo. Você deve desmarcar a opção Ativar trial gratuito do Malwarebytes Anti-Malware Pro  2. O programa de instalação será finalizado e o MBAM será executado e automaticamente atualizará o seu banco de dados. Enquanto ele faz isso, clique no menu Configurações > Detecção e proteção (à esquerda) e clique na opção Procurar rootkits. Verifique também se as duas opções mostradas abaixo estão ambas configuradas como Tratar detecções como malware: 3. Clique no menu Painel para voltar à tela principal e clique no botão Verificar. O MBAM iniciará a verificação de malwares no seu computador. Essa tarefa pode demorar bastante se houverem muitos arquivos. Aguarde a finalização de todos os processos. Se no final o MBAM detectou algum malware, inicialmente clique na opção Salvar resultados > escolha a opção Arquivo de texto (*.txt) > Salve o arquivo: Agora clique no botão Remover selecionados para as ameaças serem removidas.  Se o MBAM encontrar arquivos que não podem ser removidos, ele solicitará a reinicialização do computador (talvez mais de uma vez). Se isso acontecer, reinicie o computador imediatamente. 4. Agora abra o arquivo que você salvou no item anterior.  Selecione todo o conteúdo desse log (tecle CTRL+A), copie-o (CTRL+C) e cole-o (CTRL+V) na sua próxima resposta juntamente com um novo Log do HiJackThis .
    • Solicitação de Análise de Logs Já fiz todos os procedimentos solicitados no Tópico Oficial... - Barra de pesquisa direciona para sites estranhos
      - Quando entro no google e vou digitar a busca aparece uma barra secundária no topo da página
      - Utilizo o Windows 10 e vários programas nativos pararam de funcionar (aparece uma exclamação do lado). Já fiz a restauração do sistema e não adiantou.
      - Durante a navegação quando eu clico pra acessar algum link abre páginas completamente avulsas e propagandas ou redireciona a página que eu estava para outra.  Segue meu Log para exame:   Logfile of Trend Micro HijackThis v2.0.4
      Scan saved at 16:48:51, on 27/05/2017
      Platform: Unknown Windows (WinNT 6.02.1008)
      MSIE: Internet Explorer v11.0 (11.00.14393.0953)
      Boot mode: Normal Running processes:
      C:\PROGRA~2\GbPlugin\GbpSv.exe
      C:\Users\Vinicius\AppData\Roaming\BMelYB\IQcCQu.exe
      C:\Program Files (x86)\Bluestacks\HD-Agent.exe
      C:\Users\Vinicius\AppData\Local\background_fault\aswRD.exe
      C:\Program Files\AVAST Software\Avast\avastui.exe
      C:\Windows\SysWOW64\ctfmon.exe
      C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
      C:\Program Files (x86)\Dell Backup and Recovery\COMPONENTS\DBRUPDATE\DBRUPD.EXE
      C:\Program Files (x86)\Dell Backup and Recovery\TOASTER.EXE
      C:\Windows\SysWOW64\ctfmon.exe
      C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE
      C:\Users\Vinicius\Desktop\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.ourluckysites.com/?type=hp&ts=1492580316&z=74d8c66f66c14d5a68aa1c7g8z4t0o7wfbdedofw3t&from=che0812&uid=ST1000LM024XHN-M101MBB_S32SJ5CG314462314462
      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.ourluckysites.com/search/?type=ds&ts=1492580316&z=74d8c66f66c14d5a68aa1c7g8z4t0o7wfbdedofw3t&from=che0812&uid=ST1000LM024XHN-M101MBB_S32SJ5CG314462314462&q={searchTerms}
      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://br.yahoo.com/?fr=hp-avast&type=avastbcl
      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.ourluckysites.com/search/?type=ds&ts=1492580316&z=74d8c66f66c14d5a68aa1c7g8z4t0o7wfbdedofw3t&from=che0812&uid=ST1000LM024XHN-M101MBB_S32SJ5CG314462314462&q={searchTerms}
      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ourluckysites.com/?type=hp&ts=1492580316&z=74d8c66f66c14d5a68aa1c7g8z4t0o7wfbdedofw3t&from=che0812&uid=ST1000LM024XHN-M101MBB_S32SJ5CG314462314462
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.ourluckysites.com/?type=hp&ts=1492580316&z=74d8c66f66c14d5a68aa1c7g8z4t0o7wfbdedofw3t&from=che0812&uid=ST1000LM024XHN-M101MBB_S32SJ5CG314462314462
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.ourluckysites.com/search/?type=ds&ts=1492580316&z=74d8c66f66c14d5a68aa1c7g8z4t0o7wfbdedofw3t&from=che0812&uid=ST1000LM024XHN-M101MBB_S32SJ5CG314462314462&q={searchTerms}
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.ourluckysites.com/search/?type=ds&ts=1492580316&z=74d8c66f66c14d5a68aa1c7g8z4t0o7wfbdedofw3t&from=che0812&uid=ST1000LM024XHN-M101MBB_S32SJ5CG314462314462&q={searchTerms}
      R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ourluckysites.com/?type=hp&ts=1492580316&z=74d8c66f66c14d5a68aa1c7g8z4t0o7wfbdedofw3t&from=che0812&uid=ST1000LM024XHN-M101MBB_S32SJ5CG314462314462
      R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
      R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
      R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
      R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://none-stops.net/wpad.dat?adc2c82afbff8c524260a8ecc076198620105617
      R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
      F2 - REG:system.ini: UserInit=
      O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
      O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
      O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_73\bin\ssv.dll
      O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
      O2 - BHO: G-Buster Browser Defense - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\Program Files (x86)\GbPlugin\gbieh.dll
      O2 - BHO: G-Buster Browser Defense CEF - {C41A1C0E-EA6C-11D4-B1B8-444553540003} - C:\Program Files (x86)\GbPlugin\gbiehcef.dll
      O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_73\bin\jp2ssv.dll
      O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
      O4 - HKLM\..\Run: [DropboxOEM] "C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe" auto
      O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
      O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
      O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
      O4 - HKLM\..\Run: [IJNetworkScannerSelectorEX] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE
      O4 - HKLM\..\Run: [Adobe] C:\Users\Vinicius\AppData\Roaming\Adobe\color.vbe
      O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
      O4 - HKCU\..\Run: [OneDrive] "C:\Users\Vinicius\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
      O4 - HKCU\..\Run: [uTorrent] "C:\Users\Vinicius\AppData\Roaming\uTorrent\uTorrent.exe"  /MINIMIZED
      O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
      O4 - HKCU\..\Run: [D85D2348B46572DE] C:\Users\Vinicius\AppData\Roaming\BMelYB\IQcCQu.exe
      O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
      O4 - HKCU\..\Run: [BlueStacks Agent] C:\Program Files (x86)\Bluestacks\HD-Agent.exe
      O4 - HKCU\..\Run: [background_fault] "C:\Users\Vinicius\AppData\Local\background_fault\aswRD.exe" "C:\Users\Vinicius\AppData\Local\background_fault\bf.dll",background_fault_collector
      O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
      O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Vinicius\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Vinicius\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64"
      O4 - HKLM\..\Policies\Explorer\Run: [BtvStack] "C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe"
      O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'SERVIÇO LOCAL')
      O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'SERVIÇO DE REDE')
      O8 - Extra context menu item: &Enviar para o OneNote - res://C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll/105
      O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE/3000
      O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
      O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
      O9 - Extra button: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
      O9 - Extra 'Tools' menuitem: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
      O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
      O15 - Trusted Zone: http://www.bb.com.br
      O15 - Trusted Zone: http://www.caixa.gov.br
      O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
      O18 - Protocol: Windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
      O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
      O20 - Winlogon Notify:  GbPluginBb - C:\Program Files (x86)\GbPlugin\gbieh.dll
      O20 - Winlogon Notify:  GbPluginCef - C:\Program Files (x86)\GbPlugin\gbiehCef.dll
      O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe
      O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
      O23 - Service: BlueStacks Android Service  (BstHdAndroidSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\Bluestacks\HD-Service.exe
      O23 - Service: BlueStacks Log Rotator Service (BstHdLogRotatorSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\Bluestacks\HD-LogRotatorService.exe
      O23 - Service: BlueStacks Plus Android Service  (BstHdPlusAndroidSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\Bluestacks\HD-Plus-Service.exe
      O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
      O23 - Service: Dell Foundation Services - Dell - C:\Program Files\Dell\Dell Foundation Services\DFSSvc.exe
      O23 - Service: Dell Digital Delivery Service (DellDigitalDelivery) - Dell Products, LP. - C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
      O23 - Service: Dell Product Registration Manager (DellProdRegManager) - Aviata, Inc. - C:\Program Files (x86)\Dell Product Registration\regmgrsvc.exe
      O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
      O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
      O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
      O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
      O23 - Service: Update Service(FirefoxU) (FirefoxU) - Unknown owner - C:\Program Files (x86)\Firefox\bin\FirefoxUpdate.exe
      O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
      O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
      O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
      O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
      O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing)
      O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
      O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
      O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
      O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
      O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
      O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
      O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
      O23 - Service: Proteção de Tela de League (LolScreenSaverService) - Unknown owner - C:\Riot Games\LolScreenSaver\service\service.exe
      O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
      O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
      O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - CyberLink - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
      O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
      O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
      O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\Windows\System32\SensorDataService.exe (file missing)
      O23 - Service: SoftThinks Agent Service (SftService) - SoftThinks SAS - C:\Program Files (x86)\Dell Backup and Recovery\sftservice.exe
      O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
      O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
      O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\Windows\system32\TieringEngineService.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
      O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
      O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
      O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
      O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
      O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) --
      End of file - 14962 bytes
       

    • Zoek.exe v5.0.0.1 Updated 27-09-2015
      Tool run by Lucas on Sat 05/27/2017 at 16:00:55.78.
      Microsoft Windows 10 Pro 10.0.14393  x64
      Running in: Normal Mode No Internet Access Detected
      Launched: C:\Users\Lucas\Downloads\zoek.exe    [Scan all users] [Script inserted]  ==== System Restore Info ====================== 5/27/2017 4:02:21 PM Zoek.exe System Restore Point Created Successfully. ==== Reset Hosts File ====================== # Copyright (c) 1993-2006 Microsoft Corp. 

      # This is a sample HOSTS file used by Microsoft TCP/IP for Windows. 

      # This file contains the mappings of IP addresses to host names. Each 
      # entry should be kept on an individual line. The IP address should 
      # be placed in the first column followed by the corresponding host name. 
      # The IP address and the host name should be separated by at least one 
      # space. 

      # Additionally, comments (such as these) may be inserted on individual 
      # lines or following the machine name denoted by a '#' symbol. 

      # For example: 

      #      102.54.94.97     rhino.acme.com          # source server 
      #       38.25.63.10     x.acme.com              # x client host 
       
      127.0.0.1       localhost  ==== Empty Folders Check ====================== C:\PROGRA~2\Gigantic_en deleted successfully
      C:\PROGRA~2\Ubisoft deleted successfully
      C:\PROGRA~3\Adobe deleted successfully
      C:\PROGRA~3\Comms deleted successfully
      C:\PROGRA~3\SoftwareDistribution deleted successfully
      C:\Users\postgres\AppData\LocalLow deleted successfully
      C:\Users\Lucas\AppData\Local\ActiveSync deleted successfully
      C:\Users\Lucas\AppData\Local\Adobe deleted successfully
      C:\Users\Lucas\AppData\Local\NetworkTiles deleted successfully
      C:\Users\Lucas\AppData\Local\PeerDistRepub deleted successfully
      C:\Users\Lucas\AppData\Local\Ubisoft Game Launcher deleted successfully
      C:\Windows\serviceprofiles\networkservice\AppData\Local\Maps deleted successfully
      C:\Windows\serviceprofiles\networkservice\AppData\Local\PeerDistPub deleted successfully
      C:\Windows\serviceprofiles\networkservice\AppData\Local\PeerDistRepub deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-3263317907-2408547081-2500880260-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{A61A35E3-CADA-4E12-9203-4DCACC73BA19} deleted successfully ==== Deleting CLSID Registry Values ======================
      ==== Deleting Services ======================
      ==== FireFox Fix ====================== Deleted from C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\0ka5dy0j.default\prefs.js:
      user_pref("browser.startup.homepage", "about:home");
      user_pref("browser.search.defaultenginename", "YHS");
      user_pref("browser.search.selectedEngine", "YHS");
      user_pref("keyword.URL", true); Added to C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\0ka5dy0j.default\prefs.js:
      user_pref("browser.startup.homepage", "about:home");
      user_pref("browser.newtab.url", "about:newtab"); ProfilePath: C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\0ka5dy0j.default user.js not found
      ---- Lines Search  removed from prefs.js ----
      user_pref("browser.newtabpage.pinned", "[null,{\"url\":\"https://torrentz2.eu/\",\"title\":\"Torrent Search torrentz2\",\"frecency\":17810,\"lastVisit
      ---- FireFox user.js and prefs.js backups ----  prefs_20170527_0422_.backup ==== Deleting Files \ Folders ====================== C:\PROGRA~2\Gigantic_en not found
      C:\PROGRA~2\Ubisoft not found
      C:\Users\Lucas\AppData\Roaming\discord deleted
      C:\Users\Lucas\AppData\Roaming\Unity deleted
      C:\Users\Lucas\.android deleted
      C:\PROGRA~2\PokerOffice deleted
      C:\install.exe deleted
      C:\PROGRA~3\{0887FF4E-C52E-4C7E-9312-9A6BD34AC8DF} deleted
      C:\PROGRA~3\Package Cache deleted
      C:\Users\Lucas\AppData\Local\BTServer.log deleted
      C:\Users\Lucas\AppData\Local\Unity deleted
      C:\Windows\SysNative\config\systemprofile\AppData\Local\RtkBleServ.log deleted
      C:\Users\Lucas\AppData\LocalLow\Unity deleted
      C:\Windows\SysNative\GroupPolicy\Machine deleted
      C:\Windows\SysNative\GroupPolicy\User deleted
      C:\Windows\SysNative\GroupPolicy\GPT.INI deleted
      C:\Windows\Syswow64\GroupPolicy\gpt.ini deleted
      C:\Windows\Syswow64\SET26C.tmp deleted
      C:\Windows\Syswow64\SET2B4F.tmp deleted
      C:\Windows\Syswow64\SET2D4B.tmp deleted
      C:\Windows\Syswow64\SET3438.tmp deleted
      C:\Windows\Syswow64\SET42BC.tmp deleted
      C:\Windows\Syswow64\SET4457.tmp deleted
      C:\Windows\Syswow64\SET6E50.tmp deleted
      C:\Windows\Syswow64\SET7863.tmp deleted
      C:\Windows\Syswow64\SET8347.tmp deleted
      C:\Windows\Syswow64\SET9893.tmp deleted
      C:\Windows\Syswow64\SET9B9E.tmp deleted
      C:\Windows\Syswow64\SET9CDD.tmp deleted
      C:\Windows\Syswow64\SETA210.tmp deleted
      C:\Windows\Syswow64\SETBA76.tmp deleted
      C:\Windows\Syswow64\SETBB17.tmp deleted
      C:\Windows\Syswow64\SETCE3.tmp deleted
      C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\0ka5dy0j.default\extensions\firefox@mega.co.nz.xpi deleted
      "C:\Users\Lucas\AppData\Roaming\Albion" deleted ==== Firefox Start and Search pages ====================== ProfilePath: C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\0ka5dy0j.default
      user_pref("browser.startup.homepage", "about:home");
      user_pref("browser.newtab.url", "about:newtab"); ==== Firefox Extensions ====================== ProfilePath: C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\0ka5dy0j.default
      - Google Translator for Firefox - %ProfilePath%\extensions\translator@zoli.bod.xpi
      - Always on Top - %ProfilePath%\extensions\{E6C93316-271E-4b3d-8D7E-FE11B4350AEB}.xpi AppDir: C:\Program Files (x86)\Mozilla Firefox
      - Undetermined - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi ==== Firefox Plugins ====================== Profilepath: C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\0ka5dy0j.default
      80320392DCC61B22F0BB23DD5AD7D341    - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_171.dll -    Shockwave Flash
      D24D187FF3004EB238C2B4F84A86DCDE    - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL -    Microsoft Office 2016
      127E13DF136D1CD24B93044D0E45DF1F    - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npMeetingJoinPluginOC.dll -    Microsoft Office 2016
      ==== Chromium Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
      ccjleegmemocfpghkhpjmiccjcacackp - No path found[]
      ibbfklbaljofpaanmpaeadejijfdddco - No path found[] Chrome Cleaner Pro - Lucas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccjleegmemocfpghkhpjmiccjcacackp
      Grammarly for Chrome - Lucas\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen
      Chrome Media Router - Lucas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm ==== Chromium Fix ====================== C:\Users\Lucas\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage deleted successfully
      C:\Users\Lucas\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage-journal deleted successfully ==== Set IE to Default ====================== Old Values:
      [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
      "Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"
      [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
      "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
      [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] not found New Values:
      [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
      "Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"
      [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
      "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
      {012E1000-F331-11DB-8314-0800200C9A66} Google  Url="http://www.google.com/search?q={searchTerms}"
      {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
      {2f23ab71-4ac6-41f2-a955-ea576e553146} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02"
      {485CEA5E-5EB6-4D38-916B-C385F7F7D2E5} Google  Url="http://www.google.com/search?q={searchTerms}" ==== Reset Google Chrome ====================== C:\Users\Lucas\AppData\Local\Chromium\User Data\Default\Preferences was reset successfully
      C:\Users\Lucas\AppData\Local\Chromium\User Data\Default\Secure Preferences was reset successfully
      C:\Users\Lucas\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
      C:\Users\Lucas\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
      C:\Users\Lucas\AppData\Local\Popcorn-Time\User Data\Default\Preferences was reset successfully
      C:\Users\Lucas\AppData\Local\Popcorn-Time\User Data\Default\Secure Preferences was reset successfully
      C:\Users\Lucas\AppData\Local\Chromium\User Data\Default\Web Data was reset successfully
      C:\Users\Lucas\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
      C:\Users\Lucas\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully
      C:\Users\Lucas\AppData\Local\Popcorn-Time\User Data\Default\Web Data was reset successfully
      C:\Users\Lucas\AppData\Local\Popcorn-Time\User Data\Default\Web Data-journal was reset successfully ==== shortcuts on Users Desktops ====================== C:\Users\Lucas\Desktop\888poker.lnk - C:\Program Files (x86)\PacificPoker\bin\888poker.exe 
      C:\Users\Lucas\Desktop\AmpliTube 4.exe - Atalho.lnk - C:\Program Files (x86)\IK Multimedia\AmpliTube 4\AmpliTube 4.exe 
      C:\Users\Lucas\Desktop\Calculator.lnk -  
      C:\Users\Lucas\Desktop\Discord.lnk - C:\Users\Lucas\AppData\Local\Discord\Update.exe --processStart Discord.exe
      C:\Users\Lucas\Desktop\Documentos - Atalho.lnk - C:\Users\Lucas\Documents 
      C:\Users\Lucas\Desktop\Downloads - Atalho.lnk - C:\Users\Lucas\Downloads 
      C:\Users\Lucas\Desktop\Easy Macro Recorder.lnk - C:\Program Files (x86)\Easy Macro Recorder\Macro Recorder.exe 
      C:\Users\Lucas\Desktop\Freez Screen Video Capture.lnk - C:\Program Files (x86)\Smallvideosoft\Freez Screen Video Capture\videocapture.exe 
      C:\Users\Lucas\Desktop\Grammarly.lnk - C:\Users\Lucas\AppData\Local\GrammarlyForWindows\Update.exe --processStart GrammarlyForWindows.exe
      C:\Users\Lucas\Desktop\partypoker.lnk - C:\Programs\PartyGaming\PartyGaming.exe -P=PartyPoker
      C:\Users\Lucas\Desktop\PokerTracker 3.lnk - C:\Program Files (x86)\PokerTracker 3\PokerTracker.exe 
      C:\Users\Lucas\Desktop\Programas e Recursos - Atalho.lnk -  
      C:\Users\Lucas\Desktop\TechPowerUp GPU-Z.lnk - C:\Program Files (x86)\GPU-Z\GPU-Z.exe 
      C:\Users\Lucas\Desktop\Window On Top.lnk - C:\Program Files (x86)\Skybn\Window On Top\winTop.exe 
      C:\Users\Lucas\Desktop\Word 2016.lnk -  
      C:\Users\Lucas\Desktop\µTorrent.lnk -  
      C:\Users\Lucas\Desktop\jogos\8-Bit Armies.lnk - C:\Program Files (x86)\8-Bit Armies\ClientLauncherG.exe 
      C:\Users\Lucas\Desktop\jogos\AlbionOnline.lnk - C:\Program Files (x86)\AlbionOnline\launcher\AlbionLauncher.exe 
      C:\Users\Lucas\Desktop\jogos\Arc.lnk - C:\Program Files (x86)\Arc\ArcLauncher.exe 
      C:\Users\Lucas\Desktop\jogos\Battle.net.lnk - C:\Program Files (x86)\Battle.net\Battle.net Launcher.exe 
      C:\Users\Lucas\Desktop\jogos\Bethesda.net Launcher.lnk - C:\Program Files (x86)\Bethesda.net Launcher\BethesdaNetUpdater.exe 
      C:\Users\Lucas\Desktop\jogos\Cossacks 3.lnk - C:\Program Files (x86)\Cossacks 3\cossacks.exe 
      C:\Users\Lucas\Desktop\jogos\MirrorsEdgeCatalyst.exe - Atalho.lnk - C:\Program Files (x86)\Mirrors Edge Catalyst\Setup\MirrorsEdgeCatalyst.exe 
      C:\Users\Lucas\Desktop\jogos\Origin.lnk - C:\Program Files (x86)\Origin\Origin.exe 
      C:\Users\Lucas\Desktop\jogos\Shadow Tactics - Blades of the Shogun.lnk - C:\GOG Games\Shadow Tactics - Blades of the Shogun\Shadow Tactics.exe 
      C:\Users\Lucas\Desktop\jogos\Sid Meiers Civilization VI.lnk - C:\Program Files (x86)\Sid Meiers Civilization VI\Base\Binaries\Win64Steam\CivilizationVI.exe 
      C:\Users\Lucas\Desktop\jogos\StarCraft 2 - The Trilogy.lnk - C:\Games\StarCraft 2 - The Trilogy\StarCraft II Offline.exe 
      C:\Users\Lucas\Desktop\jogos\StarCraft II.lnk - C:\Program Files (x86)\StarCraft II\StarCraft II.exe 
      C:\Users\Lucas\Desktop\jogos\Steam.lnk - C:\Program Files (x86)\Steam\Steam.exe 
      C:\Users\Lucas\Desktop\jogos\Tyranny.lnk - C:\GOG Games\Tyranny\Tyranny.exe 
      C:\Users\Lucas\Desktop\jogos\World of Warplanes.lnk - C:\Games\World_of_Warplanes\WoWPLauncher.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\AmpliTube 3.lnk - C:\Program Files (x86)\IK Multimedia\AmpliTube 3\AmpliTube 3.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\Arduino.lnk - C:\Program Files (x86)\Arduino\arduino.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\Battle.net.lnk - C:\Program Files (x86)\Battle.net\Battle.net Launcher.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\Car Mechanic Simulator 2015.lnk - C:\Program Files (x86)\Car Mechanic Simulator 2015\cms2015.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\CPUID CPU-Z.lnk - C:\Program Files (x86)\CPUID\CPU-Z\cpuz.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\Custom Shop.lnk - C:\Program Files (x86)\IK Multimedia\Custom Shop\Custom Shop.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\EVE Online.lnk - C:\Program Files (x86)\CCP\EVE\eve.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\FIFA 16.lnk - C:\Program Files (x86)\Origin Games\FIFA 16\fifa16.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\Grey Goo.lnk - C:\Program Files (x86)\Grey Goo\ClientLauncherG.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\Guitar Pro 5.lnk - C:\Program Files (x86)\Guitar Pro 5\GP5.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\iTunes.lnk - C:\Program Files (x86)\iTunes\iTunes.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\Kerbal Space Program.lnk - C:\Games\Kerbal Space Program\Launcher.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\Linkrealms.lnk - C:\Program Files (x86)\Linkrealms\update.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\MiniLyrics.lnk - C:\Program Files (x86)\MiniLyrics\MiniLyrics.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\Movavi Video Editor 4.lnk - C:\Windows\Installer\{95B7C0F4-7434-4DFB-B900-201BFC00C00B}\NewShortcut41_254AB2CD520A4C819BDF86ADC896D541.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\Oracle VM VirtualBox.lnk - C:\Program Files (x86)\Oracle\VirtualBox\VirtualBox.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\RealPlayer Cloud.lnk - C:\Program Files (x86)\Real\RealPlayer\realplay.exe /launch:desktop
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\Rocket League.lnk - C:\Program Files (x86)\rocketleague\Binaries\Win32\RocketLeague.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\Skype.lnk - C:\Windows\Installer\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}\SkypeIcon.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\Spaera.lnk - C:\Program Files (x86)\Blazing Orb\Spaera\SpaeraRunner.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\Super HUD.lnk - C:\Program Files (x86)\Poker Pro Labs\Super HUD\SuperHUD.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\The Witcher 3 Wild Hunt.lnk - C:\Program Files (x86)\The Witcher 3 Wild Hunt\bin\x64\witcher3.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\VMware Workstation.lnk - C:\Program Files (x86)\VMware\VMware Workstation\vmware.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\ZHPCleaner.lnk - C:\Users\Lucas\AppData\Roaming\ZHP\ZHPCleaner.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\jogos\Archeage.lnk - C:\Program Files (x86)\Glyph\GlyphClient.exe  -game 120
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\jogos\FIFA 15.lnk - C:\Program Files (x86)\Origin Games\FIFA 15\fifa15.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\jogos\Glyph.lnk - C:\Program Files (x86)\Glyph\GlyphClient.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\jogos\Heroes of the Storm.lnk - C:\Program Files (x86)\Heroes of the Storm\Heroes of the Storm.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\jogos\Middle Earth - Shadow of Mordor.lnk - C:\Program Files (x86)\R.G. Mechanics\Middle Earth - Shadow of Mordor\x64\ShadowOfMordor.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\jogos\Origin.lnk - C:\Program Files (x86)\Origin\Origin.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\jogos\Rocksmith 2014 (Without Real Tone Cable).lnk - C:\Program Files (x86)\Ubisoft\Rocksmith 2014\rocksmith2014-nocable-loader.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\jogos\Rocksmith 2014.lnk - C:\Program Files (x86)\Ubisoft\Rocksmith 2014\Rocksmith2014.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\jogos\Scrolls.lnk - C:\Program Files (x86)\Scrolls\ScrollsLauncher.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\jogos\Sid Meiers Civilization Beyond Earth.lnk - C:\Program Files (x86)\Sid Meiers Civilization Beyond Earth\CivilizationBe_DX11.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\jogos\Sniper Elite 3.lnk - C:\Program Files (x86)\Sniper Elite 3\Launcher\Sniper3Launcher.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\jogos\Steam.lnk - C:\Program Files (x86)\Steam\Steam.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\jogos\Stronghold 3 x64.lnk - C:\Program Files (x86)\Firefly Studios\Stronghold 3\bin\win32_release\Stronghold3.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\jogos\Stronghold Crusader 2.lnk - C:\Program Files (x86)\Stronghold Crusader 2\bin\win32_release\Crusader2.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\jogos\The Wolf Among Us.lnk - C:\Program Files (x86)\R.G. Mechanics\The Wolf Among Us\TheWolfAmongUs.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\jogos\Total War - Rome II.lnk - C:\Program Files (x86)\R.G. Mechanics\Total War - Rome II\Rome2.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\jogos\XSplit Gamecaster.lnk - C:\Program Files (x86)\SplitmediaLabs\XSplit Gamecaster\XSplit.Gamecaster.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\pendrive 1 semestre 2015\tcc\Material Bancada\Foguete\SolidWorks Bancada\2013\0002_Bancada_0000 - Shortcut.lnk - C:\Users\Lucas\Dropbox\0002_Bancada_0000 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\poker\888poker.lnk - C:\Program Files (x86)\PacificPoker\bin\888poker.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\poker\NetBet Poker.lnk - C:\Program Files (x86)\NetBet Poker\casino.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\poker\nj.partypoker.lnk - C:\Programs\partyNJ\partyNJ.exe -P=partypokerNJ
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\poker\Titan Poker.lnk - C:\Program Files (x86)\Titan Poker\casino.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\poker\Winner Poker.lnk - C:\Program Files (x86)\Winner Poker\casino.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\poker\programas\ICM Trainer.lnk - C:\Windows\Installer\{47EA4DDF-FD99-46B3-846C-9F3F315268AD}\_ECF5B0A15121D905E30873.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\poker\programas\PokerStrategy.com Equilab.lnk - C:\Program Files (x86)\PokerStrategy.com\PokerStrategy.com Equilab\Equilab.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\puc\Circuit Wizard 2 Student Edition.lnk - C:\Program Files (x86)\New Wave Concepts\Circuit Wizard 2 SE\CktWiz.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\puc\OPPE 3.2  .lnk - C:\Program Files (x86)\HI_tecnologia\Spdsw_Pack\3.2\INST_1\OPPE\Oppe.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\puc\OPPE 3.3  .lnk - C:\Program Files (x86)\HI_tecnologia\Spdsw_Pack\3.3\INST_1\OPPE\Oppe.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\puc\PSIM 10 Demo.lnk - C:\Program Files (x86)\Powersim\PSIM10.0.2_Demo\PSIM.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\puc\SPDSW 3.2  .lnk - C:\Program Files (x86)\HI_tecnologia\Spdsw_Pack\3.2\INST_1\SPDSW\spdsw.exe 
      C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\puc\SPDSW 3.3  .lnk - C:\Program Files (x86)\HI_tecnologia\Spdsw_Pack\3.3\INST_1\SPDSW\spdsw.exe 
      C:\Users\Lucas\Desktop\poker\888poker.lnk - C:\Program Files (x86)\PacificPoker\bin\888poker.exe 
      C:\Users\Lucas\Desktop\poker\partypoker.lnk - C:\Programs\PartyGaming\PartyGaming.exe -P=PartyPoker
      C:\Users\Lucas\Desktop\poker\Winner Poker.lnk - C:\Users\Lucas\AppData\Local\Winner Poker\casino.exe  ==== shortcuts on All Users Desktop ====================== C:\Users\Public\Desktop\BS.Player FREE.lnk - C:\Program Files (x86)\Webteh\BSPlayer\bsplayer.exe 
      C:\Users\Public\Desktop\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner64.exe 
      C:\Users\Public\Desktop\Comprar suprimentos - HP Deskjet 2540 series.lnk - C:\Program Files (x86)\HP\HP Deskjet 2540 series\Bin\hpqDTSS.exe 
      C:\Users\Public\Desktop\CPUID CPU-Z.lnk - C:\Program Files\CPUID\CPU-Z\cpuz.exe 
      C:\Users\Public\Desktop\DAEMON Tools Pro.lnk - C:\Program Files\DAEMON Tools Pro\DTPro.exe 
      C:\Users\Public\Desktop\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 
      C:\Users\Public\Desktop\HP Deskjet 2540 series.lnk - C:\Program Files (x86)\HP\HP Deskjet 2540 series\Bin\HP Deskjet 2540 series.exe -Start UDCDevicePage
      C:\Users\Public\Desktop\Intel(R) HD Graphics Control Panel.lnk - C:\Windows\system32\GfxUIEx.exe 
      C:\Users\Public\Desktop\iTunes.lnk - C:\Program Files (x86)\iTunes\iTunes.exe 
      C:\Users\Public\Desktop\Malwarebytes.lnk - C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe 
      C:\Users\Public\Desktop\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe 
      C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk - C:\Program Files (x86)\Oracle\VirtualBox\VirtualBox.exe 
      C:\Users\Public\Desktop\Razer Cortex.lnk - C:\Program Files (x86)\Razer\Razer Cortex\CortexLauncher.exe 
      C:\Users\Public\Desktop\SharpKeys.lnk - C:\Windows\Installer\{636E94DA-99C0-448F-A931-3DAD83B4975F}\_F33C5543CA54DFFA237A37.exe 
      C:\Users\Public\Desktop\Smart View.lnk - C:\Windows\Installer\{99D9BA8C-AA54-48FC-B782-F7C506CF1ECC}\SmartView2.exe 
      C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk - C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe 
      C:\Users\Public\Desktop\Unity 5.4.1f1 (64-bit).lnk - C:\Program Files\Unity\Editor\Unity.exe 
      C:\Users\Public\Desktop\VLC media player.lnk - C:\Program Files (x86)\VideoLAN\VLC\vlc.exe 
      C:\Users\Public\Desktop\XM MT4.lnk - C:\Program Files (x86)\XM MT4\terminal.exe  ==== shortcuts in Users Start Menu ====================== C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\888poker.lnk - C:\Program Files (x86)\PacificPoker\bin\888poker.exe 
      C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Winner Poker.lnk - C:\Users\Lucas\AppData\Local\Winner Poker\casino.exe 
      C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk - C:\Users\Lucas\AppData\Local\Microsoft\OneDrive\OneDrive.exe 
      C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Recursos Opcionais.lnk - C:\Windows\System32\fodhelper.exe 
      C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Update and Privacy Settings.lnk - C:\Windows\System32\UNP\UNPUXHost.exe 
      C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe 
      C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Albion Online\AlbionOnline.lnk - C:\Program Files (x86)\AlbionOnline\launcher\AlbionLauncher.exe 
      C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Albion Online\Uninstall.lnk - C:\Program Files (x86)\AlbionOnline\uninstall.exe 
      C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\KeyTweak\KeyTweak Manual.lnk - C:\Users\Lucas\AppData\Local\VirtualStore\Program Files (x86)\KeyTweak\KeyTweak Manual.pdf 
      C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\KeyTweak\Uninstall.lnk - C:\Program Files (x86)\KeyTweak\uninstall.exe 
      C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PokerTracker 3\PokerTracker 3.lnk - C:\Program Files (x86)\PokerTracker 3\PokerTracker.exe 
      C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PokerTracker 3\Uninstall PokerTracker 3.lnk - C:\Program Files (x86)\PokerTracker 3\uninstall.exe 
      C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PokerTracker 4\PokerTracker 4 (Logging Enabled).lnk - C:\Program Files (x86)\PokerTracker 4\PokerTracker4.exe -l
      C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PokerTracker 4\PokerTracker 4.lnk - C:\Program Files (x86)\PokerTracker 4\PokerTracker4.exe 
      C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PokerTracker 4\Uninstall PokerTracker 4.lnk - C:\Program Files (x86)\PokerTracker 4\uninstall.exe 
      C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Console RAR manual.lnk - C:\Program Files (x86)\WinRAR\Rar.txt 
      C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\What is new in the latest version.lnk - C:\Program Files (x86)\WinRAR\WhatsNew.txt 
      C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR help.lnk - C:\Program Files (x86)\WinRAR\WinRAR.chm 
      C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk - C:\Program Files (x86)\WinRAR\WinRAR.exe  ==== shortcuts in All Users Start Menu ====================== C:\ProgramData\Microsoft\Windows\Start Menu\partypoker.lnk - C:\Programs\PartyGaming\PartyGaming.exe -P=PartyPoker
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe 
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Settings\AMD Settings.lnk - C:\Program Files (x86)\AMD\CNext\CNext\RadeonSettings.exe 
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bethesda.net Launcher\Bethesda.net Launcher.lnk - C:\Program Files (x86)\Bethesda.net Launcher\BethesdaNetUpdater.exe 
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bethesda.net Launcher\Uninstall Bethesda.net Launcher.lnk - C:\Program Files (x86)\Bethesda.net Launcher\unins000.exe 
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner64.exe 
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Pro\DAEMON Tools Pro.lnk - C:\Program Files\DAEMON Tools Pro\DTPro.exe 
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Pro\Image Editor.lnk - C:\Program Files\DAEMON Tools Pro\DTImgEditor.exe 
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Easy Macro Recorder\Easy Macro Recorder on the Web.lnk - C:\Program Files (x86)\Easy Macro Recorder\homepage.url 
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Easy Macro Recorder\Easy Macro Recorder.lnk - C:\Program Files (x86)\Easy Macro Recorder\Macro Recorder.exe 
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Easy Macro Recorder\Help.lnk - C:\Program Files (x86)\Easy Macro Recorder\help.chm 
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Easy Macro Recorder\Uninstall Easy Macro Recorder.lnk - C:\Program Files (x86)\Easy Macro Recorder\unins000.exe 
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\partypoker.lnk - C:\Programs\PartyGaming\PartyGaming.exe -P=PartyPoker
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Configurar Java.lnk - C:\Program Files (x86)\Java\jre1.8.0_131\bin\javacpl.exe 
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Sobre o Java.lnk - C:\Program Files (x86)\Java\jre1.8.0_131\bin\javacpl.exe -tab about
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Verificar Atualizações.lnk -  
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico\AutoPico.lnk - C:\Program Files\KMSpico\AutoPico.exe 
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico\KMSpico.lnk - C:\Program Files\KMSpico\KMSELDI.exe 
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico\Log KMSpico.lnk - C:\Program Files\KMSpico\scripts\Log.cmd 
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico\Uninstall KMSpico.lnk - C:\Program Files\KMSpico\UninsHs.exe /u0=KMSpico
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes\Malwarebytes.lnk - C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe 
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes\Uninstall Malwarebytes.lnk - C:\Program Files (x86)\Malwarebytes\Anti-Malware\unins000.exe 
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox\License (English).lnk - C:\Program Files (x86)\Oracle\VirtualBox\License_en_US.rtf 
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox\Oracle VM VirtualBox.lnk - C:\Program Files (x86)\Oracle\VirtualBox\VirtualBox.exe 
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox\User manual (CHM, English).lnk - C:\Program Files (x86)\Oracle\VirtualBox\VirtualBox.chm 
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox\User manual (PDF, English).lnk - C:\Program Files (x86)\Oracle\VirtualBox\doc\UserManual.pdf 
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\partypoker\partypoker.lnk - C:\Programs\PartyGaming\PartyGaming.exe -P=PartyPoker
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\partypoker\Uninstall partypoker.lnk - C:\programs\partygaming\PartyPoker\Uninstall\Setup.exe App_Type=U
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PostgreSQL 8.3\Command Prompt.lnk - C:\Windows\SysWOW64\cmd.exe /k set PGCLIENTENCODING=WIN1252 && set PGPORT=5432
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PostgreSQL 8.3\pgAdmin III.lnk - C:\Program Files (x86)\PostgreSQL\8.3\bin\pgAdmin3.exe 
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PostgreSQL 8.3\psql to 'postgres'.lnk - C:\Program Files (x86)\PostgreSQL\8.3\bin\psql.bat  -h localhost -p 5432 postgres "postgres" WIN1252
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PostgreSQL 8.3\Reload configuration.lnk - C:\Program Files (x86)\PostgreSQL\8.3\bin\pg_ctl.exe  reload -D "C:\Program Files (x86)\PostgreSQL\8.3\data\"
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PostgreSQL 8.3\Start service.lnk - C:\Windows\SysWOW64\net.exe  start pgsql-8.3
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PostgreSQL 8.3\Stop service.lnk - C:\Windows\SysWOW64\net.exe  stop pgsql-8.3
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PostgreSQL 8.3\Configuration files\Edit pg_hba.conf.lnk - C:\Windows\SysWOW64\notepad.exe C:\Program Files (x86)\PostgreSQL\8.3\data\pg_hba.conf
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PostgreSQL 8.3\Configuration files\Edit pg_ident.conf.lnk - C:\Windows\SysWOW64\notepad.exe C:\Program Files (x86)\PostgreSQL\8.3\data\pg_ident.conf
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PostgreSQL 8.3\Configuration files\Edit postgresql.conf.lnk - C:\Windows\SysWOW64\notepad.exe C:\Program Files (x86)\PostgreSQL\8.3\data\postgresql.conf
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PostgreSQL 8.3\Documentation\Installation Notes.lnk - C:\Program Files (x86)\PostgreSQL\8.3\Installation Notes.rtf 
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PostgreSQL 8.3\Documentation\pgAdmin Help.lnk - C:\Windows\hh.exe mk:@MSITStore:C:\Program Files (x86)\PostgreSQL\8.3\pgAdmin III\docs\en_US\pgadmin3.chm::/index.html
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PostgreSQL 8.3\Documentation\PostgreSQL Help.lnk - C:\Windows\hh.exe mk:@MSITStore:C:\Program Files (x86)\PostgreSQL\8.3\doc\postgresql.chm::/index.html
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PostgreSQL 8.3\Documentation\PostgreSQL release notes.lnk - C:\Windows\hh.exe mk:@MSITStore:C:\Program Files (x86)\PostgreSQL\8.3\doc\postgresql.chm::/release.html
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RandyRants.com\SharpKeys\SharpKeys FAQ.lnk - C:\Windows\Installer\{636E94DA-99C0-448F-A931-3DAD83B4975F}\_B1CA15029C1C01AF26BE17.exe 
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RandyRants.com\SharpKeys\SharpKeys.lnk - C:\Windows\Installer\{636E94DA-99C0-448F-A931-3DAD83B4975F}\_766E8E735A97E6B647001F.exe 
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Serviio\Open Serviio Console.lnk -  
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Serviio\Open Serviio MediaBrowser.lnk -  
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Serviio\Readme.lnk - C:\Program Files\Serviio\README.txt 
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Serviio\Release Notes.lnk - C:\Program Files\Serviio\RELEASE_NOTES.txt 
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Serviio\Serviio Console.lnk - C:\Program Files\Serviio\console\ServiioConsole.exe 
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Serviio\Start Serviio service.lnk - C:\Program Files\Serviio\bin\ServiioService.exe -start
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Serviio\Stop Serviio service.lnk - C:\Program Files\Serviio\bin\ServiioService.exe -stop
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Serviio\Uninstall Serviio.lnk - C:\Program Files (x86)\Serviio\uninstall.exe 
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VSFilter\Configuration (x64).lnk - C:\Windows\System32\rundll32.exe VSFilter.dll,DirectVobSub
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VSFilter\Uninstall (x64).lnk - C:\Program Files (x86)\VSFilter\unins000.exe 
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Console RAR manual.lnk - C:\Program Files (x86)\WinRAR\Rar.txt 
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\What is new in the latest version.lnk - C:\Program Files (x86)\WinRAR\WhatsNew.txt 
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR help.lnk - C:\Program Files (x86)\WinRAR\WinRAR.chm 
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk - C:\Program Files (x86)\WinRAR\WinRAR.exe 
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XM MT4\MetaEditor.lnk - C:\Program Files (x86)\XM MT4\metaeditor.exe 
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XM MT4\Uninstall.lnk - C:\Program Files (x86)\XM MT4\uninstall.exe 
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XM MT4\XM MT4.lnk - C:\Program Files (x86)\XM MT4\terminal.exe  ==== shortcuts in Quick Launch ====================== C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
      C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  
      C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
      C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  
      C:\Users\Lucas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\888poker.lnk - C:\Program Files (x86)\PacificPoker\bin\888poker.exe 
      C:\Users\Lucas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\BS.Player FREE.lnk - C:\Program Files (x86)\Webteh\BSPlayer\bsplayer.exe 
      C:\Users\Lucas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 
      C:\Users\Lucas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\partypoker.lnk - C:\Programs\PartyGaming\PartyGaming.exe -P=PartyPoker
      C:\Users\Lucas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
      C:\Users\Lucas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  
      C:\Users\Lucas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk -  
      C:\Users\Lucas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\76f9e4d33b60b312\Popcorn-Time.lnk - C:\Users\Lucas\AppData\Local\Popcorn-Time\Popcorn-Time.exe --user-data-dir="C:\Users\Lucas\AppData\Local\Popcorn-Time\User Data" --profile-directory=Default --app-id=hecfofbbdfadifpemejbbdcjmfmboohj
      C:\Users\Lucas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\computer.lnk -  
      C:\Users\Lucas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Control Panel.lnk -  
      C:\Users\Lucas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk -  
      C:\Users\Lucas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 
      C:\Users\Lucas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe 
      C:\Users\Lucas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Notepad.lnk - C:\Windows\system32\notepad.exe 
      C:\Users\postgres\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
      C:\Users\postgres\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -   ==== shortcuts After Repair ====================== C:\Users\Lucas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\76f9e4d33b60b312\Popcorn-Time.lnk - C:\Users\Lucas\AppData\Local\Popcorn-Time\Popcorn-Time.exe  ==== Reset IE Proxy ====================== Value(s) before fix:
      "ProxyEnable"=dword:00000000 Value(s) after fix:
      "ProxyEnable"=dword:00000000 ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully
      HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\UnityWebPlayer deleted successfully ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
      C:\Users\Lucas\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
      C:\Users\Lucas\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
      C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
      C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
      C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
      C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
      C:\Users\Lucas\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
      C:\Users\Lucas\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully
      C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
      C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
      C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully ==== Empty FireFox Cache ====================== No FireFox Cache found ==== Empty Chrome Cache ====================== C:\Users\Lucas\AppData\Local\Chromium\User Data\Default\Cache emptied successfully
      C:\Users\Lucas\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
      C:\Users\Lucas\AppData\Local\Popcorn-Time\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== No Flash Cache Found ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=1596 folders=1948 5230133766 bytes) ==== Empty Temp Folders ====================== C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied
      C:\Users\Lucas\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on Sat 05/27/2017 at 16:38:38.69 ======================
          Logfile of Trend Micro HijackThis v2.0.4
      Scan saved at 4:43:50 PM, on 5/27/2017
      Platform: Unknown Windows (WinNT 6.02.1008)
      MSIE: Internet Explorer v11.0 (11.00.14393.0953)
      Boot mode: Normal Running processes:
      C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
      C:\Users\Lucas\AppData\Local\Microsoft\OneDrive\OneDrive.exe
      C:\Program Files (x86)\Hotkey\Hotkey.exe
      C:\Users\Lucas\AppData\Local\Apps\2.0\JROKO8AW.M9G\WQT58663.9XT\poke...app_6e7fc6368d8f8800_0002.0001_7854192edeabd0f7\PSC.SideKick.exe
      C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe
      C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
      C:\Program Files (x86)\Razer\Razer Cortex\RazerCortex.exe
      C:\Users\Lucas\AppData\Local\Discord\app-0.0.297\Discord.exe
      C:\Users\Lucas\AppData\Local\Discord\app-0.0.297\Discord.exe
      C:\Users\Lucas\AppData\Local\Discord\app-0.0.297\Discord.exe
      C:\Program Files (x86)\Razer\Razer Cortex\Cef\CefSharp.BrowserSubprocess.exe
      C:\Users\Lucas\Downloads\HijackThis (1).exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
      R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
      R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
      R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
      R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
      R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
      F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe
      O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
      O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll
      O2 - BHO: Microsoft OneDrive for Business Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL
      O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll
      O4 - HKLM\..\Run: [THX Audio Control Panel] "C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe" /r
      O4 - HKLM\..\Run: [UpdReg] C:\Windows\UpdReg.EXE
      O4 - HKLM\..\Run: [RazerCortex] C:\Program Files (x86)\Razer\Razer Cortex\CortexLauncher.exe -autorun
      O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
      O4 - HKCU\..\Run: [OneDrive] "C:\Users\Lucas\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
      O4 - HKCU\..\Run: [Chromium] "c:\users\lucas\appdata\local\chromium\application\chrome.exe" --auto-launch-at-startup --profile-directory="Default" --restore-last-session
      O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
      O4 - HKCU\..\Run: [Discord] C:\Users\Lucas\AppData\Local\Discord\app-0.0.297\Discord.exe
      O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files\DAEMON Tools Pro\DTAgent.exe" -autorun
      O4 - HKCU\..\Run: [PokerStrategy.com SideKick] "C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PokerStrategy.com\PokerStrategy.com SideKick.appref-ms"
      O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
      O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Lucas\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Lucas\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\amd64"
      O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
      O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
      O4 - HKUS\S-1-5-21-3263317907-2408547081-2500880260-1004\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'postgres')
      O4 - Global Startup: Hotkey.lnk = C:\Program Files (x86)\Hotkey\Hotkey.exe
      O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE/3000
      O8 - Extra context menu item: Enviar imagem para Dispositivo Bluetooth - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\btsendto_ie_ctx.htm
      O8 - Extra context menu item: Enviar página para Dispositivo Bluetooth - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\btsendto_ie.htm
      O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office\Root\Office16\ONBttnIE.dll/105
      O8 - Extra context menu item: Send image to Bluetooth Device - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\btsendto_ie_ctx.htm
      O8 - Extra context menu item: Send page to Bluetooth Device - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\btsendto_ie.htm
      O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIE.dll
      O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIE.dll
      O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
      O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
      O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
      O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
      O9 - Extra button: @C:\Program Files (x86)\REALTEK\Realtek Bluetooth\LANG\BtServer_LANG.dll,-134 - {D870B030-8D66-423b-9B97-894D4A0DEC23} - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\btsendto_ie.htm (HKCU)
      O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\REALTEK\Realtek Bluetooth\LANG\BtServer_LANG.dll,-134 - {D870B030-8D66-423b-9B97-894D4A0DEC23} - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\btsendto_ie.htm (HKCU)
      O10 - Unknown file in Winsock LSP: c:\Windows\syswow64\wlidnsp.dll
      O10 - Unknown file in Winsock LSP: c:\Windows\syswow64\wlidnsp.dll
      O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
      O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
      O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
      O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
      O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
      O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
      O18 - Protocol: Windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
      O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
      O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
      O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
      O23 - Service: AvrcpService - Realtek Semiconductor Corporation - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\AvrcpService.exe
      O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
      O23 - Service: Serviço do Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
      O23 - Service: BTDevManager - Unknown owner - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe
      O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
      O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
      O23 - Service: Disc Soft Pro Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Pro\DiscSoftBusServicePro.exe
      O23 - Service: EasyAntiCheat - EasyAntiCheat Ltd - C:\Windows\system32\EasyAntiCheat.exe
      O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
      O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
      O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
      O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
      O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
      O23 - Service: Hi-Rez Studios Authenticate and Update Service (HiPatchService) - Hi-Rez Studios - C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
      O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - HP Inc. - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
      O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
      O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing)
      O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
      O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
      O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
      O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
      O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
      O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
      O23 - Service: Origin Web Helper Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginWebHelperService.exe
      O23 - Service: PostgreSQL Database Server 8.3 (pgsql-8.3) - PostgreSQL Global Development Group - C:\Program Files (x86)\PostgreSQL\8.3\bin\pg_ctl.exe
      O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
      O23 - Service: PowerBiosServer - Unknown owner - C:\Program Files (x86)\Hotkey\PowerBiosServer.exe
      O23 - Service: Razer Game Scanner (Razer Game Scanner Service) - Unknown owner - C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
      O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
      O23 - Service: RtkBleServ - Realtek Semiconductor Corporation - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\RtkBleServ.exe
      O23 - Service: RzKLService - Razer Inc. - C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe
      O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
      O23 - Service: @%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001 (Sense) - Unknown owner - C:\Program Files (x86)\Windows Defender Advanced Threat Protection\MsSense.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\Windows\System32\SensorDataService.exe (file missing)
      O23 - Service: Serviio - Unknown owner - C:\Program Files\Serviio\bin\ServiioService.exe
      O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
      O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
      O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
      O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\Windows\system32\TieringEngineService.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
      O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
      O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
      O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
      O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
      O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
      O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) --
      End of file - 15169 bytes
       
    • Ótimo, muito bom!! Continuando.. 1. Desabilite o seu Antivírus e AntiSpyware para não haver conflitos e Mantenha-os desativados até terminar as instruções. 2. Faça download do Zoek e execute-o. 3. Copie as linhas abaixo (selecione-as e tecle CTRL+C) e cole (CTRL+V) no espaço do Zoek: createsrpoint;
      autoclean;
      resetieproxy;
      resethosts;
      iedefaults;
      chrdefaults;
      emptyCHRcache;
      ffdefaults;
      firefoxlook;
      emptyalltemp;
      shortcutfix; 4. Feche todos os navegadores e clique em Run Script: Durante o Scan a mensagem abaixo será apresentada. Seja paciente e aguarde o término da execução do script pois a análise pode demorar alguns minutos.. 5. Caso seja solicitada a reinicialização do computador, faça isso clicando em OK 6.  O Zoek abrirá uma janela com o resultado da análise. Poste o conteúdo dessa janela e também um novo Log do HijackThis.
    • # AdwCleaner v6.047 - Logfile created 27/05/2017 at 15:08:49
      # Updated on 19/05/2017 by Malwarebytes
      # Database : 2017-05-26.6 [Server]
      # Operating System : Windows 10 Pro  (X64)
      # Username : Lucas - LUCAS
      # Running from : C:\Users\Lucas\Downloads\AdwCleaner.exe
      # Mode: Clean
      # Support : https://www.malwarebytes.com/support ***** [ Services ] ***** ***** [ Folders ] ***** [-] Folder deleted: C:\Users\Lucas\AppData\Local\YSearchUtil
      [-] Folder deleted: C:\Users\Lucas\AppData\LocalLow\.acestream
      [-] Folder deleted: C:\Users\Lucas\AppData\Roaming\.acestream
      [-] Folder deleted: C:\Users\Lucas\AppData\Roaming\acestream
      [-] Folder deleted: C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\ByteFence
      [-] Folder deleted: C:\_acestream_cache_
      [-] Folder deleted: C:\Windows\SysWOW64\config\systemprofile\AppData\Local\YSearchUtil
      ***** [ Files ] ***** [-] File deleted: C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\0ka5dy0j.default\extensions\jid1-16aeif9OQIRKxA@jetpack.xpi
      ***** [ DLL ] ***** ***** [ WMI ] ***** ***** [ Shortcuts ] ***** [-] Shortcut disinfected: C:\Users\Public\Desktop\Google Chrome.lnk
      [-] Shortcut disinfected: C:\Users\Public\Desktop\Mozilla Firefox.lnk
      [-] Shortcut disinfected: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
      [-] Shortcut disinfected: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
      [-] Shortcut disinfected: C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\Kerbal Space Program.lnk
      [-] Shortcut disinfected: C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk
      [-] Shortcut disinfected: C:\Users\Lucas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk
      ***** [ Scheduled Tasks ] ***** ***** [ Registry ] ***** [-] Key deleted: HKU\S-1-5-21-3263317907-2408547081-2500880260-1001\Software\Classes\acestream
      [#] Key deleted on reboot: HKCU\Software\Classes\acestream
      [#] Key deleted on reboot: [x64] HKCU\Software\Classes\acestream
      [-] Key deleted: HKU\S-1-5-21-3263317907-2408547081-2500880260-1001\Software\Conduit
      [#] Key deleted on reboot: HKCU\Software\Conduit
      [-] Key deleted: HKLM\SOFTWARE\Conduit
      [#] Key deleted on reboot: [x64] HKCU\Software\Conduit
      ***** [ Web browsers ] ***** [-] [C:\Users\Lucas\AppData\Local\Chromium\User Data\Default\Web data] [Search Provider] Deleted: yhs
      [-] [C:\Users\Lucas\AppData\Local\Chromium\User Data\Default] [startup_urls] Deleted: hxxps://br.search.yahoo.com/yhs/web?hspart=elm&hsimp=yhs-001&type=hdr_s_16_34_wbf_nrssi_16_32&param1=1&param2=f%3D7%26b%3Dchmm%26cc%3Dbr%26pa%3DHodor%26cd%3D2XzuyEtN2Y1L1QzuyC0CyBtC0Dzyzy0AtDyCyEzytDtD0CzytN0D0Tzu0StCyBtDtCtN1L2XzutAtFtByEtFyCtFtDtN1L1Czu1M1Q1CtByDtFtCtFtCtN1L1G1B1V1N2Y1L1Qzu2StC0E0Dzz0D0DtAzytGtCzz0AyEtGtByE0BzztGtA0BtD0CtGzz0F0CyByD0F0AtC0E0E0EyB2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAzz0E0EtBtC0A0BtGtBtDyCtAtGyE0Dzy0DtG0A0Azy0AtGyE0AtD0DtBtB0B0B0F0E0E0F2QtN0A0LzuyE%26cr%3D1665732108%26a%3Dhdr_s_16_34_wbf_nrssi_16_32%26os_ver%3D10.0%26os%3DWindows%2B10%2BPro
      [-] [C:\Users\Lucas\AppData\Local\Chromium\User Data\Default] [homepage] Deleted: hxxps://br.search.yahoo.com/yhs/web?hspart=elm&hsimp=yhs-001&type=hdr_s_16_34_wbf_nrssi_16_32&param1=1&param2=f%3D1%26b%3Dchmm%26cc%3Dbr%26pa%3DHodor%26cd%3D2XzuyEtN2Y1L1QzuyC0CyBtC0Dzyzy0AtDyCyEzytDtD0CzytN0D0Tzu0StCyBtDtCtN1L2XzutAtFtByEtFyCtFtDtN1L1Czu1M1Q1CtByDtFtCtFtCtN1L1G1B1V1N2Y1L1Qzu2StC0E0Dzz0D0DtAzytGtCzz0AyEtGtByE0BzztGtA0BtD0CtGzz0F0CyByD0F0AtC0E0E0EyB2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAzz0E0EtBtC0A0BtGtBtDyCtAtGyE0Dzy0DtG0A0Azy0AtGyE0AtD0DtBtB0B0B0F0E0E0F2QtN0A0LzuyE%26cr%3D1665732108%26a%3Dhdr_s_16_34_wbf_nrssi_16_32%26os_ver%3D10.0%26os%3DWindows%2B10%2BPro
      ************************* :: "Tracing" keys deleted
      :: Winsock settings cleared ************************* C:\AdwCleaner\AdwCleaner[C0].txt - [3928 Bytes] - [27/05/2017 15:08:49]
      C:\AdwCleaner\AdwCleaner[S0].txt - [4072 Bytes] - [27/05/2017 15:05:34] ########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [4074 Bytes] ##########
        # AdwCleaner v6.047 - Logfile created 27/05/2017 at 15:08:49
      # Updated on 19/05/2017 by Malwarebytes
      # Database : 2017-05-26.6 [Server]
      # Operating System : Windows 10 Pro  (X64)
      # Username : Lucas - LUCAS
      # Running from : C:\Users\Lucas\Downloads\AdwCleaner.exe
      # Mode: Clean
      # Support : https://www.malwarebytes.com/support ***** [ Services ] ***** ***** [ Folders ] ***** [-] Folder deleted: C:\Users\Lucas\AppData\Local\YSearchUtil
      [-] Folder deleted: C:\Users\Lucas\AppData\LocalLow\.acestream
      [-] Folder deleted: C:\Users\Lucas\AppData\Roaming\.acestream
      [-] Folder deleted: C:\Users\Lucas\AppData\Roaming\acestream
      [-] Folder deleted: C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\ByteFence
      [-] Folder deleted: C:\_acestream_cache_
      [-] Folder deleted: C:\Windows\SysWOW64\config\systemprofile\AppData\Local\YSearchUtil
      ***** [ Files ] ***** [-] File deleted: C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\0ka5dy0j.default\extensions\jid1-16aeif9OQIRKxA@jetpack.xpi
      ***** [ DLL ] ***** ***** [ WMI ] ***** ***** [ Shortcuts ] ***** [-] Shortcut disinfected: C:\Users\Public\Desktop\Google Chrome.lnk
      [-] Shortcut disinfected: C:\Users\Public\Desktop\Mozilla Firefox.lnk
      [-] Shortcut disinfected: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
      [-] Shortcut disinfected: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
      [-] Shortcut disinfected: C:\Users\Lucas\Desktop\lucas backup\dota\2 semestre 2015\Kerbal Space Program.lnk
      [-] Shortcut disinfected: C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk
      [-] Shortcut disinfected: C:\Users\Lucas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk
      ***** [ Scheduled Tasks ] ***** ***** [ Registry ] ***** [-] Key deleted: HKU\S-1-5-21-3263317907-2408547081-2500880260-1001\Software\Classes\acestream
      [#] Key deleted on reboot: HKCU\Software\Classes\acestream
      [#] Key deleted on reboot: [x64] HKCU\Software\Classes\acestream
      [-] Key deleted: HKU\S-1-5-21-3263317907-2408547081-2500880260-1001\Software\Conduit
      [#] Key deleted on reboot: HKCU\Software\Conduit
      [-] Key deleted: HKLM\SOFTWARE\Conduit
      [#] Key deleted on reboot: [x64] HKCU\Software\Conduit
      ***** [ Web browsers ] ***** [-] [C:\Users\Lucas\AppData\Local\Chromium\User Data\Default\Web data] [Search Provider] Deleted: yhs
      [-] [C:\Users\Lucas\AppData\Local\Chromium\User Data\Default] [startup_urls] Deleted: hxxps://br.search.yahoo.com/yhs/web?hspart=elm&hsimp=yhs-001&type=hdr_s_16_34_wbf_nrssi_16_32&param1=1&param2=f%3D7%26b%3Dchmm%26cc%3Dbr%26pa%3DHodor%26cd%3D2XzuyEtN2Y1L1QzuyC0CyBtC0Dzyzy0AtDyCyEzytDtD0CzytN0D0Tzu0StCyBtDtCtN1L2XzutAtFtByEtFyCtFtDtN1L1Czu1M1Q1CtByDtFtCtFtCtN1L1G1B1V1N2Y1L1Qzu2StC0E0Dzz0D0DtAzytGtCzz0AyEtGtByE0BzztGtA0BtD0CtGzz0F0CyByD0F0AtC0E0E0EyB2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAzz0E0EtBtC0A0BtGtBtDyCtAtGyE0Dzy0DtG0A0Azy0AtGyE0AtD0DtBtB0B0B0F0E0E0F2QtN0A0LzuyE%26cr%3D1665732108%26a%3Dhdr_s_16_34_wbf_nrssi_16_32%26os_ver%3D10.0%26os%3DWindows%2B10%2BPro
      [-] [C:\Users\Lucas\AppData\Local\Chromium\User Data\Default] [homepage] Deleted: hxxps://br.search.yahoo.com/yhs/web?hspart=elm&hsimp=yhs-001&type=hdr_s_16_34_wbf_nrssi_16_32&param1=1&param2=f%3D1%26b%3Dchmm%26cc%3Dbr%26pa%3DHodor%26cd%3D2XzuyEtN2Y1L1QzuyC0CyBtC0Dzyzy0AtDyCyEzytDtD0CzytN0D0Tzu0StCyBtDtCtN1L2XzutAtFtByEtFyCtFtDtN1L1Czu1M1Q1CtByDtFtCtFtCtN1L1G1B1V1N2Y1L1Qzu2StC0E0Dzz0D0DtAzytGtCzz0AyEtGtByE0BzztGtA0BtD0CtGzz0F0CyByD0F0AtC0E0E0EyB2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAzz0E0EtBtC0A0BtGtBtDyCtAtGyE0Dzy0DtG0A0Azy0AtGyE0AtD0DtBtB0B0B0F0E0E0F2QtN0A0LzuyE%26cr%3D1665732108%26a%3Dhdr_s_16_34_wbf_nrssi_16_32%26os_ver%3D10.0%26os%3DWindows%2B10%2BPro
      ************************* :: "Tracing" keys deleted
      :: Winsock settings cleared ************************* C:\AdwCleaner\AdwCleaner[C0].txt - [3928 Bytes] - [27/05/2017 15:08:49]
      C:\AdwCleaner\AdwCleaner[S0].txt - [4072 Bytes] - [27/05/2017 15:05:34] ########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [4074 Bytes] ##########   ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
      Junkware Removal Tool (JRT) by Malwarebytes
      Version: 8.1.3 (04.10.2017)
      Operating System: Windows 10 Pro x64 
      Ran by Lucas (Administrator) on Sat 05/27/2017 at 15:13:09.12
      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
      File System: 0 
      Registry: 0  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
      Scan was completed on Sat 05/27/2017 at 15:18:53.51
      End of JRT log
      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~     Logfile of Trend Micro HijackThis v2.0.4
      Scan saved at 3:23:19 PM, on 5/27/2017
      Platform: Unknown Windows (WinNT 6.02.1008)
      MSIE: Internet Explorer v11.0 (11.00.14393.0953)
      Boot mode: Normal Running processes:
      C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
      C:\Users\Lucas\Downloads\HijackThis (1).exe
      C:\Windows\SysWOW64\DllHost.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
      R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
      R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
      R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
      R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
      R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
      F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe
      O1 - Hosts: ::1 tutorial2
      O1 - Hosts: ::1 test2
      O1 - Hosts: ::1 Projetos
      O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
      O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll
      O2 - BHO: Microsoft OneDrive for Business Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL
      O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll
      O4 - HKLM\..\Run: [THX Audio Control Panel] "C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe" /r
      O4 - HKLM\..\Run: [UpdReg] C:\Windows\UpdReg.EXE
      O4 - HKLM\..\Run: [RazerCortex] C:\Program Files (x86)\Razer\Razer Cortex\CortexLauncher.exe -autorun
      O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
      O4 - HKCU\..\Run: [OneDrive] "C:\Users\Lucas\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
      O4 - HKCU\..\Run: [Chromium] "c:\users\lucas\appdata\local\chromium\application\chrome.exe" --auto-launch-at-startup --profile-directory="Default" --restore-last-session
      O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
      O4 - HKCU\..\Run: [Discord] C:\Users\Lucas\AppData\Local\Discord\app-0.0.297\Discord.exe
      O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files\DAEMON Tools Pro\DTAgent.exe" -autorun
      O4 - HKCU\..\Run: [PokerStrategy.com SideKick] "C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PokerStrategy.com\PokerStrategy.com SideKick.appref-ms"
      O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
      O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Lucas\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Lucas\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\amd64"
      O4 - Global Startup: Hotkey.lnk = C:\Program Files (x86)\Hotkey\Hotkey.exe
      O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE/3000
      O8 - Extra context menu item: Enviar imagem para Dispositivo Bluetooth - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\btsendto_ie_ctx.htm
      O8 - Extra context menu item: Enviar página para Dispositivo Bluetooth - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\btsendto_ie.htm
      O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office\Root\Office16\ONBttnIE.dll/105
      O8 - Extra context menu item: Send image to Bluetooth Device - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\btsendto_ie_ctx.htm
      O8 - Extra context menu item: Send page to Bluetooth Device - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\btsendto_ie.htm
      O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIE.dll
      O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIE.dll
      O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
      O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
      O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
      O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
      O9 - Extra button: @C:\Program Files (x86)\REALTEK\Realtek Bluetooth\LANG\BtServer_LANG.dll,-134 - {D870B030-8D66-423b-9B97-894D4A0DEC23} - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\btsendto_ie.htm (HKCU)
      O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\REALTEK\Realtek Bluetooth\LANG\BtServer_LANG.dll,-134 - {D870B030-8D66-423b-9B97-894D4A0DEC23} - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\btsendto_ie.htm (HKCU)
      O10 - Unknown file in Winsock LSP: c:\Windows\syswow64\wlidnsp.dll
      O10 - Unknown file in Winsock LSP: c:\Windows\syswow64\wlidnsp.dll
      O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
      O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
      O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
      O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
      O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
      O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
      O18 - Protocol: Windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
      O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
      O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
      O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
      O23 - Service: AvrcpService - Realtek Semiconductor Corporation - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\AvrcpService.exe
      O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
      O23 - Service: Serviço do Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
      O23 - Service: BTDevManager - Unknown owner - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe
      O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
      O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
      O23 - Service: Disc Soft Pro Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Pro\DiscSoftBusServicePro.exe
      O23 - Service: EasyAntiCheat - EasyAntiCheat Ltd - C:\Windows\system32\EasyAntiCheat.exe
      O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
      O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
      O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
      O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
      O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
      O23 - Service: Hi-Rez Studios Authenticate and Update Service (HiPatchService) - Hi-Rez Studios - C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
      O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - HP Inc. - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
      O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
      O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing)
      O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
      O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
      O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
      O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
      O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
      O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
      O23 - Service: Origin Web Helper Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginWebHelperService.exe
      O23 - Service: PostgreSQL Database Server 8.3 (pgsql-8.3) - PostgreSQL Global Development Group - C:\Program Files (x86)\PostgreSQL\8.3\bin\pg_ctl.exe
      O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
      O23 - Service: PowerBiosServer - Unknown owner - C:\Program Files (x86)\Hotkey\PowerBiosServer.exe
      O23 - Service: Razer Game Scanner (Razer Game Scanner Service) - Unknown owner - C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
      O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
      O23 - Service: RtkBleServ - Realtek Semiconductor Corporation - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\RtkBleServ.exe
      O23 - Service: RzKLService - Razer Inc. - C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe
      O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
      O23 - Service: @%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001 (Sense) - Unknown owner - C:\Program Files (x86)\Windows Defender Advanced Threat Protection\MsSense.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\Windows\System32\SensorDataService.exe (file missing)
      O23 - Service: Serviio - Unknown owner - C:\Program Files\Serviio\bin\ServiioService.exe
      O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
      O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
      O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
      O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\Windows\system32\TieringEngineService.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
      O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
      O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
      O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
      O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
      O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
      O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
      O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) --
      End of file - 14181 bytes
         
    • digite winver no executar e poste sua versão do windows 10... Sua conta tem poderes de administrador? Se possivel poste imagem com o problema por favor...
    • 1. Desabilite o seu Antivírus e AntiSpyware para não haver conflitos e Mantenha-os desativados até terminar as instruções. 2. Faça download do AdwCleaner e salve-o na sua Área de Trabalho (desktop) 3. Execute o adwcleaner.exe Usuários do Windows 7, 8.1 ou 10: clique com o botão direito do mouse no ícone do adwcleaner.exe e selecione   4. Clique no botão Verificar e depois em Limpar 5. Salve o Log criado 6. Faça download do JRT (Junkware Removal Tool) e salve-o na sua Área de Trabalho 7. Dê um duplo-clique no arquivo JRT para executá-lo Usuários do Windows 7, 8.1 ou 10: clique com o botão direito do mouse no ícone do JRT.exe e selecione   8. O JRT começará o exame do seu Sistema. Tenha paciência pois pode demorar alguns minutos dependendo da quantidades de itens examinados 9. No final um novo arquivo JRT.txt aparecerá na sua Área de Trabalho e uma janela se abrirá com o conteúdo deste arquivo (log do JRT) 10. Selecione todo o conteúdo desse log (tecle CTRL+A), copie-o (CTRL+C) e cole-o (CTRL+V) na sua próxima resposta juntamente com o Log do AdwCleaner (item 5 acima) e o novo log do HijackThis
O site BABOO está no ar para informar e ajudar o internauta de Windows. Este site foi publicado em 1999 por Aurélio "Baboo", engenheiro e um dos maiores especialistas brasileiros em Windows, que trabalha profissionalmente com esse sistema operacional desde 1987. Desde 2004 ele é premiado anualmente pela Microsoft como MVP (Most Valuable Professional) pela sua contribuição e ajuda à comunidade de usuários de Windows.

Em 2001 foi criado o
Fórum do BABOO para ajudar o internauta brasileiro a solucionar problemas e dúvidas sobre Windows, Segurança, Office, Hardware e outros temas. Desde 2010 a Microsoft também tem premiado o Mr.Million, administrador da área de Segurança do Fórum do BABOO, pelo seu incansável trabalho ajudando os internautas a remover vírus e malwares dos seus computadores. Atualmente ele é o único MVP brasileiro de Segurança em desktop.

O BABOO é o único site brasileiro coordenado por um especialista com reconhecimento internacional pela sua competência em Windows e que participa diariamente e ativamente nos comentários e discussões do site e fórum BABOO.