Social bookmarking
Conservar e compartilhar o endereço de PC Seguro em seu site de social bookmarking
Conservar e compartilhar o endereço de Fórum PC Brasil em seu site de social bookmarking
Estatísticas
Temos 14810 usuários registradosO último membro registrado é Josevinil
Os nossos membros postaram um total de 36047 mensagens em 3685 assuntos
Quem está conectado?
Há 28 usuários online :: 0 registrados, 0 invisíveis e 28 visitantes Nenhum
O recorde de usuários online foi de 301 em Ter 26 Out 2021, 15:28
Procurar
Top dos mais postadores
Power Max | ||||
joram | ||||
Wings [In Memoriam] | ||||
caedurodrigues | ||||
Amigo Brasileiro | ||||
luizvilarinho | ||||
Danii | ||||
Admin | ||||
Danilo Marsaro | ||||
Andreata |
Shetef Solutions & Consulting 1998 LTD
3 participantes
Página 1 de 2
Página 1 de 2 • 1, 2
Shetef Solutions & Consulting 1998 LTD
FICA APARECENDO TODA HORA PARA O ADMINISTRADOR AUTORIZAR A FAZER MODIFICAÇÕES E INSTALAR ALGUMA COISA...JÁ CLIQUEI EM NÃO E SEMPRE APARECE! JÁ VI OUTROS TÓPICOS AQUI RELATANDO O MESMO PROBLEMA, FIZ O QUE ESTAVA INDICANDO...MAS DEMOROU MUITO E NÃO RESOLVEU. CONTINUA APARECENDO! ALGUÉM PODE ME AJUDAR??
suellenramos- Iniciante
- Mensagens : 19
Reputação : 1
Data de inscrição : 15/10/2013
Re: Shetef Solutions & Consulting 1998 LTD
Oi Suellen! Seja bem vinda ao Fórum PC Brasil.
Quais procedimentos você já fez?
Se você tiver os logs (relatórios) dos programas que você já usou, poste esses logs aqui no seu tópico para que os analistas possam verificar.
Quais procedimentos você já fez?
Se você tiver os logs (relatórios) dos programas que você já usou, poste esses logs aqui no seu tópico para que os analistas possam verificar.
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
ESTE FOI O PRIMEIRO RELATÓRIO
# AdwCleaner v3.007 - Relatório criado 15/10/2013 às 23:08:15
# Atualizado 09/10/2013 por Xplode
# Sistema Operacional : Windows 7 Home Premium Service Pack 1 (64 bits)
# Usuário : Suellen Ramos - SUELLENRAMOS-PC
# Executando de : C:\Users\Suellen Ramos\Documents\Downloads\AdwCleaner.exe
# Opção : Limpar
***** [ Serviços ] *****
Serviço Deletada : winzipersvc
Serviço Deletada : WsysSvc
***** [ Arquivos / Pastas ] *****
Pasta Deletada : C:\ProgramData\baidu
Pasta Deletada : C:\ProgramData\BonanzaDealsLive
Pasta Deletada : C:\ProgramData\DealPlyLive
Pasta Deletada : C:\ProgramData\eSafe
Pasta Deletada : C:\ProgramData\Trymedia
Pasta Deletada : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZipper
Pasta Deletada : C:\Program Files (x86)\Ask.com
Pasta Deletada : C:\Program Files (x86)\BonanzaDealsLive
Pasta Deletada : C:\Program Files (x86)\Conduit
Pasta Deletada : C:\Program Files (x86)\DealPlyLive
Pasta Deletada : C:\Program Files (x86)\WinZipper
Pasta Deletada : C:\Program Files (x86)\Common Files\spigot
Pasta Deletada : C:\Users\SUELLE~1\AppData\Local\Temp\AskSearch
Pasta Deletada : C:\Users\SUELLE~1\AppData\Local\Temp\eIntaller
Pasta Deletada : C:\Users\Suellen Ramos\AppData\Local\BonanzaDealsLive
Pasta Deletada : C:\Users\Suellen Ramos\AppData\Local\Conduit
Pasta Deletada : C:\Users\Suellen Ramos\AppData\Local\DealPlyLive
Pasta Deletada : C:\Users\Suellen Ramos\AppData\LocalLow\Conduit
Pasta Deletada : C:\Users\Suellen Ramos\AppData\LocalLow\Minibar
Pasta Deletada : C:\Users\Suellen Ramos\AppData\LocalLow\PriceGong
Pasta Deletada : C:\Users\Suellen Ramos\AppData\Roaming\baidu
Pasta Deletada : C:\Users\Suellen Ramos\AppData\Roaming\DealPly
Pasta Deletada : C:\Users\Suellen Ramos\AppData\Roaming\DSite
Pasta Deletada : C:\Users\Suellen Ramos\AppData\Roaming\WinZipper
Pasta Deletada : C:\Users\Suellen Ramos\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdebcffgnijbblbinknkbefciofebcda
Arquivo Deletada : C:\Users\Suellen Ramos\AppData\Roaming\Mozilla\Firefox\Profiles\vaoopf29.default\searchplugins\Askcom.xml
Arquivo Deletada : C:\Program Files (x86)\Mozilla Firefox\searchplugins\portaldosites.xml
Arquivo Deletada : C:\Users\Suellen Ramos\AppData\Roaming\Mozilla\Firefox\Profiles\vaoopf29.default\user.js
Arquivo Deletada : C:\windows\Tasks\Dealply.job
Arquivo Deletada : C:\windows\System32\Tasks\Dealply
Arquivo Deletada : C:\windows\Tasks\DSite.job
Arquivo Deletada : C:\windows\System32\Tasks\DSite
Arquivo Deletada : C:\windows\System32\Tasks\Scheduled Update for Ask Toolbar
***** [ Atalhos ] *****
Atalho Desinfectada : C:\Users\Suellen Ramos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
***** [ Registro ] *****
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo
Chave Deletedo : HKCU\Software\Google\Chrome\Extensions\mdebcffgnijbblbinknkbefciofebcda
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\mdebcffgnijbblbinknkbefciofebcda
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dealplylive.exe
Chave Deletedo : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc
Chave Deletedo : HKLM\SOFTWARE\Classes\CrossriderApp0041896.BHO
Chave Deletedo : HKLM\SOFTWARE\Classes\CrossriderApp0041896.Sandbox
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F994E0D9-8335-48F1-99C2-A712C21F8D5F}
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Valor Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Valor Deletedo : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Chave Deletedo : HKCU\Software\b1.org
Chave Deletedo : HKCU\Software\Conduit
Chave Deletedo : HKCU\Software\Cr_Installer
Chave Deletedo : HKCU\Software\DealPlyLive
Chave Deletedo : HKCU\Software\dsiteproducts
Chave Deletedo : HKCU\Software\InstallCore
Chave Deletedo : HKCU\Software\lollipop
Chave Deletedo : HKCU\Software\Softonic
Chave Deletedo : HKCU\Software\AppDataLow\Software\AskToolbar
Chave Deletedo : HKCU\Software\AppDataLow\Software\Conduit
Chave Deletedo : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Chave Deletedo : HKCU\Software\AppDataLow\Software\Crossrider
Chave Deletedo : HKCU\Software\AppDataLow\Software\lyrixeeker
Chave Deletedo : HKCU\Software\AppDataLow\Software\PriceGong
Chave Deletedo : HKCU\Software\AppDataLow\Software\Search Settings
Chave Deletedo : HKCU\Software\AppDataLow\Software\smartbar
Chave Deletedo : HKLM\Software\b1.org
Chave Deletedo : HKLM\Software\Conduit
Chave Deletedo : HKLM\Software\delta-homesSoftware
Chave Deletedo : HKLM\Software\eSafeSecControl
Chave Deletedo : HKLM\Software\portaldositesSoftware
Chave Deletedo : HKLM\Software\V9
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Desk 365
Chave Deletedo : [x64] HKLM\SOFTWARE\b1.org
Chave Deletedo : HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
***** [ Navegadores ] *****
-\\ Internet Explorer v10.0.9200.16720
Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Configurações Restauradas : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
-\\ Mozilla Firefox v15.0.1 (pt-BR)
[ Arquivo : C:\Users\Suellen Ramos\AppData\Roaming\Mozilla\Firefox\Profiles\vaoopf29.default\prefs.js ]
-\\ Google Chrome v30.0.1599.69
[ Arquivo : C:\Users\Suellen Ramos\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [9130 octets] - [15/10/2013 21:53:53]
AdwCleaner[S0].txt - [7628 octets] - [15/10/2013 23:08:15]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [7688 octets] ##########
# Atualizado 09/10/2013 por Xplode
# Sistema Operacional : Windows 7 Home Premium Service Pack 1 (64 bits)
# Usuário : Suellen Ramos - SUELLENRAMOS-PC
# Executando de : C:\Users\Suellen Ramos\Documents\Downloads\AdwCleaner.exe
# Opção : Limpar
***** [ Serviços ] *****
Serviço Deletada : winzipersvc
Serviço Deletada : WsysSvc
***** [ Arquivos / Pastas ] *****
Pasta Deletada : C:\ProgramData\baidu
Pasta Deletada : C:\ProgramData\BonanzaDealsLive
Pasta Deletada : C:\ProgramData\DealPlyLive
Pasta Deletada : C:\ProgramData\eSafe
Pasta Deletada : C:\ProgramData\Trymedia
Pasta Deletada : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZipper
Pasta Deletada : C:\Program Files (x86)\Ask.com
Pasta Deletada : C:\Program Files (x86)\BonanzaDealsLive
Pasta Deletada : C:\Program Files (x86)\Conduit
Pasta Deletada : C:\Program Files (x86)\DealPlyLive
Pasta Deletada : C:\Program Files (x86)\WinZipper
Pasta Deletada : C:\Program Files (x86)\Common Files\spigot
Pasta Deletada : C:\Users\SUELLE~1\AppData\Local\Temp\AskSearch
Pasta Deletada : C:\Users\SUELLE~1\AppData\Local\Temp\eIntaller
Pasta Deletada : C:\Users\Suellen Ramos\AppData\Local\BonanzaDealsLive
Pasta Deletada : C:\Users\Suellen Ramos\AppData\Local\Conduit
Pasta Deletada : C:\Users\Suellen Ramos\AppData\Local\DealPlyLive
Pasta Deletada : C:\Users\Suellen Ramos\AppData\LocalLow\Conduit
Pasta Deletada : C:\Users\Suellen Ramos\AppData\LocalLow\Minibar
Pasta Deletada : C:\Users\Suellen Ramos\AppData\LocalLow\PriceGong
Pasta Deletada : C:\Users\Suellen Ramos\AppData\Roaming\baidu
Pasta Deletada : C:\Users\Suellen Ramos\AppData\Roaming\DealPly
Pasta Deletada : C:\Users\Suellen Ramos\AppData\Roaming\DSite
Pasta Deletada : C:\Users\Suellen Ramos\AppData\Roaming\WinZipper
Pasta Deletada : C:\Users\Suellen Ramos\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdebcffgnijbblbinknkbefciofebcda
Arquivo Deletada : C:\Users\Suellen Ramos\AppData\Roaming\Mozilla\Firefox\Profiles\vaoopf29.default\searchplugins\Askcom.xml
Arquivo Deletada : C:\Program Files (x86)\Mozilla Firefox\searchplugins\portaldosites.xml
Arquivo Deletada : C:\Users\Suellen Ramos\AppData\Roaming\Mozilla\Firefox\Profiles\vaoopf29.default\user.js
Arquivo Deletada : C:\windows\Tasks\Dealply.job
Arquivo Deletada : C:\windows\System32\Tasks\Dealply
Arquivo Deletada : C:\windows\Tasks\DSite.job
Arquivo Deletada : C:\windows\System32\Tasks\DSite
Arquivo Deletada : C:\windows\System32\Tasks\Scheduled Update for Ask Toolbar
***** [ Atalhos ] *****
Atalho Desinfectada : C:\Users\Suellen Ramos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
***** [ Registro ] *****
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo
Chave Deletedo : HKCU\Software\Google\Chrome\Extensions\mdebcffgnijbblbinknkbefciofebcda
Chave Deletedo : HKLM\SOFTWARE\Google\Chrome\Extensions\mdebcffgnijbblbinknkbefciofebcda
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dealplylive.exe
Chave Deletedo : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc
Chave Deletedo : HKLM\SOFTWARE\Classes\CrossriderApp0041896.BHO
Chave Deletedo : HKLM\SOFTWARE\Classes\CrossriderApp0041896.Sandbox
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}
Chave Deletedo : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Chave Deletedo : HKLM\SOFTWARE\Classes\Interface\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F994E0D9-8335-48F1-99C2-A712C21F8D5F}
Chave Deletedo : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Valor Deletedo : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Valor Deletedo : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Chave Deletedo : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Chave Deletedo : HKCU\Software\b1.org
Chave Deletedo : HKCU\Software\Conduit
Chave Deletedo : HKCU\Software\Cr_Installer
Chave Deletedo : HKCU\Software\DealPlyLive
Chave Deletedo : HKCU\Software\dsiteproducts
Chave Deletedo : HKCU\Software\InstallCore
Chave Deletedo : HKCU\Software\lollipop
Chave Deletedo : HKCU\Software\Softonic
Chave Deletedo : HKCU\Software\AppDataLow\Software\AskToolbar
Chave Deletedo : HKCU\Software\AppDataLow\Software\Conduit
Chave Deletedo : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Chave Deletedo : HKCU\Software\AppDataLow\Software\Crossrider
Chave Deletedo : HKCU\Software\AppDataLow\Software\lyrixeeker
Chave Deletedo : HKCU\Software\AppDataLow\Software\PriceGong
Chave Deletedo : HKCU\Software\AppDataLow\Software\Search Settings
Chave Deletedo : HKCU\Software\AppDataLow\Software\smartbar
Chave Deletedo : HKLM\Software\b1.org
Chave Deletedo : HKLM\Software\Conduit
Chave Deletedo : HKLM\Software\delta-homesSoftware
Chave Deletedo : HKLM\Software\eSafeSecControl
Chave Deletedo : HKLM\Software\portaldositesSoftware
Chave Deletedo : HKLM\Software\V9
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Chave Deletedo : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Desk 365
Chave Deletedo : [x64] HKLM\SOFTWARE\b1.org
Chave Deletedo : HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
***** [ Navegadores ] *****
-\\ Internet Explorer v10.0.9200.16720
Configurações Restauradas : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Configurações Restauradas : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Configurações Restauradas : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
-\\ Mozilla Firefox v15.0.1 (pt-BR)
[ Arquivo : C:\Users\Suellen Ramos\AppData\Roaming\Mozilla\Firefox\Profiles\vaoopf29.default\prefs.js ]
-\\ Google Chrome v30.0.1599.69
[ Arquivo : C:\Users\Suellen Ramos\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [9130 octets] - [15/10/2013 21:53:53]
AdwCleaner[S0].txt - [7628 octets] - [15/10/2013 23:08:15]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [7688 octets] ##########
suellenramos- Iniciante
- Mensagens : 19
Reputação : 1
Data de inscrição : 15/10/2013
SEGUNDO RELATÓRIO
Zoek.exe Version 4.0.0.5 Updated 13-October-2013
Tool run by Suellen Ramos on 15/10/2013 at 23:21:17,20.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Suellen Ramos\Desktop\zoek.exe [Script inserted]
==== System Restore Info ======================
15/10/2013 23:24:15 Zoek.exe System Restore Point Created Succesfully.
==== Creating Sample_102013_2331.zip ======================
Process C:\Users\Suellen Ramos\AppData\Local\keepvid.com.exe killed
Copied file C:\Users\Suellen Ramos\AppData\Local\ContentAgent.exe to sample\ContentAgent.exe
Copied file C:\Users\Suellen Ramos\AppData\Local\keepvid.com.exe to sample\keepvid.com.exe
sample\ContentAgent.exe renamed to 802AFF4C0CCD0CBE2C9D8CA84B7C5EC9
sample\keepvid.com.exe renamed to A5E746D3A15129ECA75F581F814AC502
C:\Users\Public\Desktop\sample_102013_2331.zip created successfully
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-2208230807-1906984956-1475362193-1001\Software\Microsoft\Internet Explorer\SearchScopes\{01E6DBCE-5334-4456-B1BF-E5DD8E2F447D} deleted successfully
HKEY_USERS\S-1-5-21-2208230807-1906984956-1475362193-1001\Software\Microsoft\Internet Explorer\SearchScopes\{4842258F-F1EC-42D1-9597-7009463CF73D} deleted successfully
HKEY_USERS\S-1-5-21-2208230807-1906984956-1475362193-1001\Software\Microsoft\Internet Explorer\SearchScopes\{A909E438-AA9C-4C8F-89BD-CD764E43595B} deleted successfully
HKEY_USERS\S-1-5-21-2208230807-1906984956-1475362193-1001\Software\Microsoft\Internet Explorer\SearchScopes\{CFC4CEE3-3E3D-4519-B4F5-56C437C01111} deleted successfully
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
==== Batch Command(s) Run By Tool======================
C:\windows\system32\appdata deleted
==== Deleting Files \ Folders ======================
C:\ProgramData\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A} deleted
C:\windows\syswow64\appdata deleted
C:\Users\Suellen Ramos\AppData\Roaming\UpdaterEX deleted
C:\Users\Suellen Ramos\AppData\Roaming\eCyber deleted
C:\Users\Suellen Ramos\AppData\Roaming\iSafe deleted
C:\Users\Suellen Ramos\AppData\Local\keepvid.dll deleted
C:\Users\Suellen Ramos\AppData\Local\libeay32.dll deleted
C:\Users\Suellen Ramos\AppData\Local\msvcp100.dll deleted
C:\Users\Suellen Ramos\AppData\Local\msvcr100.dll deleted
C:\Users\Suellen Ramos\AppData\Local\QtCore4.dll deleted
C:\Users\Suellen Ramos\AppData\Local\QtGui4.dll deleted
C:\Users\Suellen Ramos\AppData\Local\QtNetwork4.dll deleted
C:\Users\Suellen Ramos\AppData\Local\ssleay32.dll deleted
C:\Users\Suellen Ramos\AppData\Local\CRE deleted
C:\Users\Suellen Ramos\AppData\Local\APN deleted
C:\Users\Suellen Ramos\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx deleted
C:\windows\sysWoW64\config\systemprofile\AppData\LocalLow\Search Settings deleted
C:\windows\sysWoW64\config\systemprofile\AppData\LocalLow\Application Updater deleted
C:\windows\SysNative\tasks\UpdaterEX deleted
C:\windows\tasks\UpdaterEX.job deleted
C:\Users\Suellen Ramos\AppData\Roaming\Mozilla\Firefox\Profiles\vaoopf29.default\searchplugins\ashampoo-br-customized-web-search.xml deleted
C:\Users\Suellen Ramos\AppData\Roaming\Mozilla\Firefox\Profiles\vaoopf29.default\extensions\staged deleted
C:\windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE} deleted
C:\Users\Suellen Ramos\AppData\Local\ContentAgent.exe deleted
C:\Users\Suellen Ramos\AppData\Local\keepvid.com.exe deleted
==== Firefox Extensions Registry ======================
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}"="C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext" [14/09/2013 18:07]
[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]
"keepvid.com@helper.com"="C:\Users\Suellen Ramos\AppData\Local\keepvid.xpi" [14/10/2013 22:08]
==== Firefox Extensions ======================
ProfilePath: C:\Users\Suellen Ramos\AppData\Roaming\Mozilla\Firefox\Profiles\vaoopf29.default
- Undetermined - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
- Advanced SystemCare Surfing Protection - %ProfilePath%\extensions\ascsurfingprotection@iobit.com
- 4shared Desktop Plugin - %ProfilePath%\extensions\4sharedCopyLinks.xpi
AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
==== Firefox Plugins ======================
Profilepath: C:\Users\Suellen Ramos\AppData\Roaming\Mozilla\Firefox\Profiles\vaoopf29.default
D7324EB1EDCB8990F8522DE0311359E9 - C:\windows\SysWOW64\npDeployJava1.dll - Java Deployment Toolkit 7.0.250.17
0B31B0F8FA99CFD009C8FBEA9E20C9DE - C:\Users\Suellen Ramos\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll - Facebook Video Calling Plugin
15E298B5EC5B89C5994A59863969D9FF - C:\windows\SysWOW64\npmproxy.dll - Microsoft® Windows® Operating System
==== Chrome Look ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
epojlgbehpaeekopencdagbdamnkppci - No path found[]
hbcennhacfaagdopikcegfcobcadeocj - C:\Program Files (x86)\Common Files\Spigot\GC\saebay_1.0.crx[]
icdlfehblmklkikfigmjhbmmpmkmpooj - C:\Program Files (x86)\Common Files\Spigot\GC\errorassistant_1.1.crx[]
idhngdhcfkoamngbedgpaokgjbnpdiji - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx[14/08/2013 15:24]
ieadcoanfjloocmfafkebdnfefmohngj - No path found[]
mhkaekfpcppmmioggniknbnbdbcigpkk - C:\Program Files (x86)\Common Files\Spigot\GC\coupons_2.4.crx[]
nfengeggddojhakldhlpjdlddgkkjkdd - C:\Program Files (x86)\IObit\Advanced SystemCare 6\BrowerProtect\ASC_GhromePlugin.crx[11/08/2012 11:45]
pfndaklgolladniicklehhancnlgocpp - C:\Program Files (x86)\Common Files\Spigot\GC\saamazon_1.0.crx[]
RealDownloader - Suellen Ramos - Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji
Advanced SystemCare Surfing Protection - Suellen Ramos - Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd
Chrome In-App Payments service - Suellen Ramos - Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
keepvid.com - Suellen Ramos - Default\Extensions\oipolchnclfaogmpaomopjibifaabgif
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.baixaki.com.br/portal/?utm_source=core&utm_medium=ppi&utm_campaign=portal"
"Default_Page_URL"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://www.google.com"
"Start Page"="http://www.baixaki.com.br/portal/?utm_source=core&utm_medium=ppi&utm_campaign=portal"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://www.google.com"
"Start Page"="http://www.baixaki.com.br/portal/?utm_source=core&utm_medium=ppi&utm_campaign=portal"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://www.baixaki.com.br/portal/?utm_source=core&utm_medium=ppi&utm_campaign=portal"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"
==== Deleting CLSID Registry Keys ======================
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{49ED9900-38CD-453C-BBA7-3F2613317F5A} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{49ED9900-38CD-453C-BBA7-3F2613317F5A} deleted successfully
==== Deleting CLSID Registry Values ======================
==== Deleting Registry Keys ======================
HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google\Chrome\ExtensionInstallForcelist deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\epojlgbehpaeekopencdagbdamnkppci deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\hbcennhacfaagdopikcegfcobcadeocj deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\ieadcoanfjloocmfafkebdnfefmohngj deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\pfndaklgolladniicklehhancnlgocpp deleted successfully
==== Empty IE Cache ======================
C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Suellen Ramos\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Suellen Ramos\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Suellen Ramos\AppData\Local\Temp\acro_rd_dir\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Suellen Ramos\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
==== Empty FireFox Cache ======================
C:\Users\Suellen Ramos\AppData\Local\Mozilla\Firefox\Profiles\vaoopf29.default\Cache emptied successfully
==== Empty Chrome Cache ======================
C:\Users\Suellen Ramos\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\windows\Temp successfully emptied
C:\Users\SUELLE~1\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== EOF on 15/10/2013 at 23:43:30,75 ======================
Tool run by Suellen Ramos on 15/10/2013 at 23:21:17,20.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Suellen Ramos\Desktop\zoek.exe [Script inserted]
==== System Restore Info ======================
15/10/2013 23:24:15 Zoek.exe System Restore Point Created Succesfully.
==== Creating Sample_102013_2331.zip ======================
Process C:\Users\Suellen Ramos\AppData\Local\keepvid.com.exe killed
Copied file C:\Users\Suellen Ramos\AppData\Local\ContentAgent.exe to sample\ContentAgent.exe
Copied file C:\Users\Suellen Ramos\AppData\Local\keepvid.com.exe to sample\keepvid.com.exe
sample\ContentAgent.exe renamed to 802AFF4C0CCD0CBE2C9D8CA84B7C5EC9
sample\keepvid.com.exe renamed to A5E746D3A15129ECA75F581F814AC502
C:\Users\Public\Desktop\sample_102013_2331.zip created successfully
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-2208230807-1906984956-1475362193-1001\Software\Microsoft\Internet Explorer\SearchScopes\{01E6DBCE-5334-4456-B1BF-E5DD8E2F447D} deleted successfully
HKEY_USERS\S-1-5-21-2208230807-1906984956-1475362193-1001\Software\Microsoft\Internet Explorer\SearchScopes\{4842258F-F1EC-42D1-9597-7009463CF73D} deleted successfully
HKEY_USERS\S-1-5-21-2208230807-1906984956-1475362193-1001\Software\Microsoft\Internet Explorer\SearchScopes\{A909E438-AA9C-4C8F-89BD-CD764E43595B} deleted successfully
HKEY_USERS\S-1-5-21-2208230807-1906984956-1475362193-1001\Software\Microsoft\Internet Explorer\SearchScopes\{CFC4CEE3-3E3D-4519-B4F5-56C437C01111} deleted successfully
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
==== Batch Command(s) Run By Tool======================
C:\windows\system32\appdata deleted
==== Deleting Files \ Folders ======================
C:\ProgramData\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A} deleted
C:\windows\syswow64\appdata deleted
C:\Users\Suellen Ramos\AppData\Roaming\UpdaterEX deleted
C:\Users\Suellen Ramos\AppData\Roaming\eCyber deleted
C:\Users\Suellen Ramos\AppData\Roaming\iSafe deleted
C:\Users\Suellen Ramos\AppData\Local\keepvid.dll deleted
C:\Users\Suellen Ramos\AppData\Local\libeay32.dll deleted
C:\Users\Suellen Ramos\AppData\Local\msvcp100.dll deleted
C:\Users\Suellen Ramos\AppData\Local\msvcr100.dll deleted
C:\Users\Suellen Ramos\AppData\Local\QtCore4.dll deleted
C:\Users\Suellen Ramos\AppData\Local\QtGui4.dll deleted
C:\Users\Suellen Ramos\AppData\Local\QtNetwork4.dll deleted
C:\Users\Suellen Ramos\AppData\Local\ssleay32.dll deleted
C:\Users\Suellen Ramos\AppData\Local\CRE deleted
C:\Users\Suellen Ramos\AppData\Local\APN deleted
C:\Users\Suellen Ramos\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx deleted
C:\windows\sysWoW64\config\systemprofile\AppData\LocalLow\Search Settings deleted
C:\windows\sysWoW64\config\systemprofile\AppData\LocalLow\Application Updater deleted
C:\windows\SysNative\tasks\UpdaterEX deleted
C:\windows\tasks\UpdaterEX.job deleted
C:\Users\Suellen Ramos\AppData\Roaming\Mozilla\Firefox\Profiles\vaoopf29.default\searchplugins\ashampoo-br-customized-web-search.xml deleted
C:\Users\Suellen Ramos\AppData\Roaming\Mozilla\Firefox\Profiles\vaoopf29.default\extensions\staged deleted
C:\windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE} deleted
C:\Users\Suellen Ramos\AppData\Local\ContentAgent.exe deleted
C:\Users\Suellen Ramos\AppData\Local\keepvid.com.exe deleted
==== Firefox Extensions Registry ======================
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}"="C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext" [14/09/2013 18:07]
[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]
"keepvid.com@helper.com"="C:\Users\Suellen Ramos\AppData\Local\keepvid.xpi" [14/10/2013 22:08]
==== Firefox Extensions ======================
ProfilePath: C:\Users\Suellen Ramos\AppData\Roaming\Mozilla\Firefox\Profiles\vaoopf29.default
- Undetermined - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
- Advanced SystemCare Surfing Protection - %ProfilePath%\extensions\ascsurfingprotection@iobit.com
- 4shared Desktop Plugin - %ProfilePath%\extensions\4sharedCopyLinks.xpi
AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
==== Firefox Plugins ======================
Profilepath: C:\Users\Suellen Ramos\AppData\Roaming\Mozilla\Firefox\Profiles\vaoopf29.default
D7324EB1EDCB8990F8522DE0311359E9 - C:\windows\SysWOW64\npDeployJava1.dll - Java Deployment Toolkit 7.0.250.17
0B31B0F8FA99CFD009C8FBEA9E20C9DE - C:\Users\Suellen Ramos\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll - Facebook Video Calling Plugin
15E298B5EC5B89C5994A59863969D9FF - C:\windows\SysWOW64\npmproxy.dll - Microsoft® Windows® Operating System
==== Chrome Look ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
epojlgbehpaeekopencdagbdamnkppci - No path found[]
hbcennhacfaagdopikcegfcobcadeocj - C:\Program Files (x86)\Common Files\Spigot\GC\saebay_1.0.crx[]
icdlfehblmklkikfigmjhbmmpmkmpooj - C:\Program Files (x86)\Common Files\Spigot\GC\errorassistant_1.1.crx[]
idhngdhcfkoamngbedgpaokgjbnpdiji - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx[14/08/2013 15:24]
ieadcoanfjloocmfafkebdnfefmohngj - No path found[]
mhkaekfpcppmmioggniknbnbdbcigpkk - C:\Program Files (x86)\Common Files\Spigot\GC\coupons_2.4.crx[]
nfengeggddojhakldhlpjdlddgkkjkdd - C:\Program Files (x86)\IObit\Advanced SystemCare 6\BrowerProtect\ASC_GhromePlugin.crx[11/08/2012 11:45]
pfndaklgolladniicklehhancnlgocpp - C:\Program Files (x86)\Common Files\Spigot\GC\saamazon_1.0.crx[]
RealDownloader - Suellen Ramos - Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji
Advanced SystemCare Surfing Protection - Suellen Ramos - Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd
Chrome In-App Payments service - Suellen Ramos - Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
keepvid.com - Suellen Ramos - Default\Extensions\oipolchnclfaogmpaomopjibifaabgif
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.baixaki.com.br/portal/?utm_source=core&utm_medium=ppi&utm_campaign=portal"
"Default_Page_URL"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://www.google.com"
"Start Page"="http://www.baixaki.com.br/portal/?utm_source=core&utm_medium=ppi&utm_campaign=portal"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://www.google.com"
"Start Page"="http://www.baixaki.com.br/portal/?utm_source=core&utm_medium=ppi&utm_campaign=portal"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://www.baixaki.com.br/portal/?utm_source=core&utm_medium=ppi&utm_campaign=portal"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"
==== Deleting CLSID Registry Keys ======================
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{49ED9900-38CD-453C-BBA7-3F2613317F5A} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{49ED9900-38CD-453C-BBA7-3F2613317F5A} deleted successfully
==== Deleting CLSID Registry Values ======================
==== Deleting Registry Keys ======================
HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google\Chrome\ExtensionInstallForcelist deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\epojlgbehpaeekopencdagbdamnkppci deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\hbcennhacfaagdopikcegfcobcadeocj deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\ieadcoanfjloocmfafkebdnfefmohngj deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\pfndaklgolladniicklehhancnlgocpp deleted successfully
==== Empty IE Cache ======================
C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Suellen Ramos\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Suellen Ramos\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Suellen Ramos\AppData\Local\Temp\acro_rd_dir\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Suellen Ramos\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
==== Empty FireFox Cache ======================
C:\Users\Suellen Ramos\AppData\Local\Mozilla\Firefox\Profiles\vaoopf29.default\Cache emptied successfully
==== Empty Chrome Cache ======================
C:\Users\Suellen Ramos\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\windows\Temp successfully emptied
C:\Users\SUELLE~1\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== EOF on 15/10/2013 at 23:43:30,75 ======================
suellenramos- Iniciante
- Mensagens : 19
Reputação : 1
Data de inscrição : 15/10/2013
TERCEIRO RELATÓRIO
# DelFix v10.4 - Logfile created 15/10/2013 at 23:52:35
# Updated 19/07/2013 by Xplode
# Username : Suellen Ramos - SUELLENRAMOS-PC
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
~ Removing disinfection tools ...
Deleted : C:\zoek-results.log
Deleted : C:\Users\Suellen Ramos\Desktop\zoek.com
Deleted : C:\Users\Suellen Ramos\Desktop\zoek.exe
Deleted : C:\Users\Suellen Ramos\Desktop\zoek.scr
Deleted : C:\Users\Suellen Ramos\Documents\Downloads\AdwCleaner.exe
Deleted : C:\Users\Suellen Ramos\Documents\Downloads\zoek.zip
Deleted : HKLM\SOFTWARE\AdwCleaner
~ Cleaning system restore ...
Deleted : RP #146 [Windows Update | 09/14/2013 00:36:57]
Deleted : RP #147 [Windows Update | 09/14/2013 01:14:02]
Deleted : RP #148 [Windows Update | 09/18/2013 02:42:37]
Deleted : RP #149 [Windows Update | 09/23/2013 23:56:57]
Deleted : RP #150 [Windows Update | 09/29/2013 15:45:18]
Deleted : RP #151 [Windows Update | 10/06/2013 11:17:08]
Deleted : RP #152 [Windows Update | 10/10/2013 00:35:11]
Deleted : RP #153 [Windows Update | 10/10/2013 01:30:16]
Deleted : RP #154 [Instalador de Módulos do Windows | 10/15/2013 00:30:45]
Deleted : RP #155 [Windows Update | 10/15/2013 23:12:59]
Deleted : RP #156 [zoek.exe restore point | 10/16/2013 02:23:51]
New restore point created !
########## - EOF - ##########
# Updated 19/07/2013 by Xplode
# Username : Suellen Ramos - SUELLENRAMOS-PC
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
~ Removing disinfection tools ...
Deleted : C:\zoek-results.log
Deleted : C:\Users\Suellen Ramos\Desktop\zoek.com
Deleted : C:\Users\Suellen Ramos\Desktop\zoek.exe
Deleted : C:\Users\Suellen Ramos\Desktop\zoek.scr
Deleted : C:\Users\Suellen Ramos\Documents\Downloads\AdwCleaner.exe
Deleted : C:\Users\Suellen Ramos\Documents\Downloads\zoek.zip
Deleted : HKLM\SOFTWARE\AdwCleaner
~ Cleaning system restore ...
Deleted : RP #146 [Windows Update | 09/14/2013 00:36:57]
Deleted : RP #147 [Windows Update | 09/14/2013 01:14:02]
Deleted : RP #148 [Windows Update | 09/18/2013 02:42:37]
Deleted : RP #149 [Windows Update | 09/23/2013 23:56:57]
Deleted : RP #150 [Windows Update | 09/29/2013 15:45:18]
Deleted : RP #151 [Windows Update | 10/06/2013 11:17:08]
Deleted : RP #152 [Windows Update | 10/10/2013 00:35:11]
Deleted : RP #153 [Windows Update | 10/10/2013 01:30:16]
Deleted : RP #154 [Instalador de Módulos do Windows | 10/15/2013 00:30:45]
Deleted : RP #155 [Windows Update | 10/15/2013 23:12:59]
Deleted : RP #156 [zoek.exe restore point | 10/16/2013 02:23:51]
New restore point created !
########## - EOF - ##########
suellenramos- Iniciante
- Mensagens : 19
Reputação : 1
Data de inscrição : 15/10/2013
Re: Shetef Solutions & Consulting 1998 LTD
VOcÊ sabe como me ajudar ?
suellenramos- Iniciante
- Mensagens : 19
Reputação : 1
Data de inscrição : 15/10/2013
Re: Shetef Solutions & Consulting 1998 LTD
Poste também por gentileza um log do Hijackthis conforme mostra esse tópico: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
HijackThis
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 00:37:44, on 16/10/2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16720)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Program Files (x86)\Samsung\Easy Settings\MovieColorEnhancer.exe
C:\Users\Suellen Ramos\AppData\Local\aHaskZ3\CashPartners.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Suellen Ramos\Documents\Downloads\HijackThis (1).exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {00000000-6E41-4FD3-8538-502F5495E5FC} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: IESpeakDoc - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~2\IObit\ADVANC~2\BROWER~1\ASCPLU~1.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "c:\program files (x86)\real\realplayer\Update\realsched.exe" -osboot
O4 - HKLM\..\Run: [keepvid] C:\Users\Suellen Ramos\AppData\Local\keepvid.com.exe
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Suellen Ramos\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKCU\..\Run: [CashPartners] C:\Users\Suellen Ramos\AppData\Local\aHaskZ3\CashPartners.exe
O4 - HKUS\S-1-5-18\..\Run: [Advanced SystemCare 6] "C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe" /AutoStart (User 'SISTEMA')
O4 - HKUS\.DEFAULT\..\Run: [Advanced SystemCare 6] "C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe" /AutoStart (User 'Default user')
O8 - Extra context menu item: &Download All using 4shared Desktop - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] Ramos\Music\Diretório\4shared Desktop\Desktop.32/D_ALL_LINK
O8 - Extra context menu item: &Download using 4shared Desktop - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] Ramos\Music\Diretório\4shared Desktop\Desktop.32/D_ONE_LINK
O8 - Extra context menu item: E&xportar para o Microsoft Excel - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra 'Tools' menuitem: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: C:\windows\SysWOW64\nvinit.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 6 (AdvancedSystemCareService6) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: Avira Agendamento (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira Web Protection (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
O23 - Service: Atheros Bt&Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - Unknown owner - C:\windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 11784 bytes
Scan saved at 00:37:44, on 16/10/2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16720)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Program Files (x86)\Samsung\Easy Settings\MovieColorEnhancer.exe
C:\Users\Suellen Ramos\AppData\Local\aHaskZ3\CashPartners.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Suellen Ramos\Documents\Downloads\HijackThis (1).exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {00000000-6E41-4FD3-8538-502F5495E5FC} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: IESpeakDoc - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~2\IObit\ADVANC~2\BROWER~1\ASCPLU~1.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "c:\program files (x86)\real\realplayer\Update\realsched.exe" -osboot
O4 - HKLM\..\Run: [keepvid] C:\Users\Suellen Ramos\AppData\Local\keepvid.com.exe
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Suellen Ramos\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKCU\..\Run: [CashPartners] C:\Users\Suellen Ramos\AppData\Local\aHaskZ3\CashPartners.exe
O4 - HKUS\S-1-5-18\..\Run: [Advanced SystemCare 6] "C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe" /AutoStart (User 'SISTEMA')
O4 - HKUS\.DEFAULT\..\Run: [Advanced SystemCare 6] "C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe" /AutoStart (User 'Default user')
O8 - Extra context menu item: &Download All using 4shared Desktop - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] Ramos\Music\Diretório\4shared Desktop\Desktop.32/D_ALL_LINK
O8 - Extra context menu item: &Download using 4shared Desktop - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] Ramos\Music\Diretório\4shared Desktop\Desktop.32/D_ONE_LINK
O8 - Extra context menu item: E&xportar para o Microsoft Excel - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra 'Tools' menuitem: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: C:\windows\SysWOW64\nvinit.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 6 (AdvancedSystemCareService6) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: Avira Agendamento (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira Web Protection (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
O23 - Service: Atheros Bt&Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - Unknown owner - C:\windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 11784 bytes
suellenramos- Iniciante
- Mensagens : 19
Reputação : 1
Data de inscrição : 15/10/2013
Re: Shetef Solutions & Consulting 1998 LTD
pronto...e agora?
suellenramos- Iniciante
- Mensagens : 19
Reputação : 1
Data de inscrição : 15/10/2013
Re: Shetef Solutions & Consulting 1998 LTD
Vários problemas foram removidos do seu PC, mas ainda há outros. Hoje os analistas não estão por aqui, mas durante o dia eles irão te dar as dicas para completar a remoção dos problemas.
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: Shetef Solutions & Consulting 1998 LTD
ok! aguardo uma resposta de dia então obrigada
suellenramos- Iniciante
- Mensagens : 19
Reputação : 1
Data de inscrição : 15/10/2013
Re: Shetef Solutions & Consulting 1998 LTD
uma outra coisa que você pode ir fazendo enquanto isso é baixar o Malwarebytes, fazer uma verificação completa com ele e remover os problemas que ele encontrar. Para isto é só seguir as dicas deste tutorial:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
E aí quando a limpeza dele terminar você posta o log dele aqui também.
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
E aí quando a limpeza dele terminar você posta o log dele aqui também.
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: Shetef Solutions & Consulting 1998 LTD
Bom dia...
alguém online para me orientar por favor ??
alguém online para me orientar por favor ??
suellenramos- Iniciante
- Mensagens : 19
Reputação : 1
Data de inscrição : 15/10/2013
Re: Shetef Solutions & Consulting 1998 LTD
Oi Suellen! Você executou o Malwarebytes? Se tiver executado poste o log dele aqui para análise.
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: Shetef Solutions & Consulting 1998 LTD
não estou conseguindo baixar o Malwarebytes.... o link do tutorial não abre! dá erro. vc teria outro?
suellenramos- Iniciante
- Mensagens : 19
Reputação : 1
Data de inscrição : 15/10/2013
Re: Shetef Solutions & Consulting 1998 LTD
consegui...o programa está sendo executado...postarei quando acabar
suellenramos- Iniciante
- Mensagens : 19
Reputação : 1
Data de inscrição : 15/10/2013
Re: Shetef Solutions & Consulting 1998 LTD
Ok.suellenramos escreveu:consegui...o programa está sendo executado...postarei quando acabar
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: Shetef Solutions & Consulting 1998 LTD
demora tanto assim para fazer a verificação ? já tem 12 minutos...
suellenramos- Iniciante
- Mensagens : 19
Reputação : 1
Data de inscrição : 15/10/2013
Re: Shetef Solutions & Consulting 1998 LTD
Olá suellenramossuellenramos escreveu:demora tanto assim para fazer a verificação ? já tem 12 minutos...
Pode demorar um pouco sim. Isso dependerá da quantidade de arquivos existentes no PC.
Tenha paciência.
Re: Shetef Solutions & Consulting 1998 LTD
OK...estou aguardando
suellenramos- Iniciante
- Mensagens : 19
Reputação : 1
Data de inscrição : 15/10/2013
Re: Shetef Solutions & Consulting 1998 LTD
Malwarebytes Anti-Malware 1.75.0.1300
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Versão da Base de Dados: v2013.04.04.07
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16721
Suellen Ramos :: SUELLENRAMOS-PC [administrador]
16/10/2013 10:44:15
mbam-log-2013-10-16 (10-44-15).txt
Tipo de Verificação: Verificação Completa (C:\|D:\|E:\|)
Opções de verificações ativadas: Memória | Inicialização | Registro | Sistema de arquivos | Heurística/Extra | Heurística/Shuriken | PUP | PUM
Opções de verificação desativadas: P2P
Objetos escaneados: 376595
Tempo decorrido: 1 hora(s), 6 minuto(s), 53 segundo(s)
Processos de Memória Detectados: 0
(Não foram detectados ítens maliciosos)
Módulos de Memória Detectados: 0
(Não foram detectados ítens maliciosos)
Chaves de Registro Detectadas: 0
(Não foram detectados ítens maliciosos)
Valores de Registro Detectadas: 0
(Não foram detectados ítens maliciosos)
Itens de Dados no Registro Detectadas: 0
(Não foram detectados ítens maliciosos)
Pastas Detectadas: 0
(Não foram detectados ítens maliciosos)
Arquivos Detectados: 0
(Não foram detectados ítens maliciosos)
(fim)
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Versão da Base de Dados: v2013.04.04.07
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16721
Suellen Ramos :: SUELLENRAMOS-PC [administrador]
16/10/2013 10:44:15
mbam-log-2013-10-16 (10-44-15).txt
Tipo de Verificação: Verificação Completa (C:\|D:\|E:\|)
Opções de verificações ativadas: Memória | Inicialização | Registro | Sistema de arquivos | Heurística/Extra | Heurística/Shuriken | PUP | PUM
Opções de verificação desativadas: P2P
Objetos escaneados: 376595
Tempo decorrido: 1 hora(s), 6 minuto(s), 53 segundo(s)
Processos de Memória Detectados: 0
(Não foram detectados ítens maliciosos)
Módulos de Memória Detectados: 0
(Não foram detectados ítens maliciosos)
Chaves de Registro Detectadas: 0
(Não foram detectados ítens maliciosos)
Valores de Registro Detectadas: 0
(Não foram detectados ítens maliciosos)
Itens de Dados no Registro Detectadas: 0
(Não foram detectados ítens maliciosos)
Pastas Detectadas: 0
(Não foram detectados ítens maliciosos)
Arquivos Detectados: 0
(Não foram detectados ítens maliciosos)
(fim)
suellenramos- Iniciante
- Mensagens : 19
Reputação : 1
Data de inscrição : 15/10/2013
Re: Shetef Solutions & Consulting 1998 LTD
e agora ???não detectou nada ;(
suellenramos- Iniciante
- Mensagens : 19
Reputação : 1
Data de inscrição : 15/10/2013
Re: Shetef Solutions & Consulting 1998 LTD
Baixe o [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] (...de Farbar) e salve-o no Desktop
*Clique com o botão direito do mouse no FRST e selecione [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
*Aceite o contrato, clique [Scan] e ao término clique [OK] > [OK]
*Serão criados dois relatórios no Desktop: FRST.txt e Addition.txt
Acesse [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
*Clique [Selecionar arquivo...], localize o relatório FRST.txt criado no Desktop e clique [Abrir]
*Selecione 4 jours e clique [Créer le lien Cjoint]
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
*Copie e cole o link criado ao lado de Le lien a été créé:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
*Repita o procedimento para o relatório Addition.txt e cole o link
*Clique com o botão direito do mouse no FRST e selecione [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
*Aceite o contrato, clique [Scan] e ao término clique [OK] > [OK]
*Serão criados dois relatórios no Desktop: FRST.txt e Addition.txt
Acesse [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
*Clique [Selecionar arquivo...], localize o relatório FRST.txt criado no Desktop e clique [Abrir]
*Selecione 4 jours e clique [Créer le lien Cjoint]
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
*Copie e cole o link criado ao lado de Le lien a été créé:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
*Repita o procedimento para o relatório Addition.txt e cole o link
suellenramos- Iniciante
- Mensagens : 19
Reputação : 1
Data de inscrição : 15/10/2013
Re: Shetef Solutions & Consulting 1998 LTD
Baixe o arquivo fixlist.txt e salve-o no mesmo local onde encontra-se o FRST
*Clique com o botão direito do mouse no FRST e selecione [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
*Clique [Fix] e cole o relatório Fixlog.txt criado no Desktop
Reinicie o PC e informe.
*Clique com o botão direito do mouse no FRST e selecione [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
*Clique [Fix] e cole o relatório Fixlog.txt criado no Desktop
Reinicie o PC e informe.
Página 1 de 2 • 1, 2
Tópicos semelhantes
» Shetef solutions & consulting 1998 Ltd
» Shetef Solutions e Consulting (1998)
» Shetef Solutions & Consulting 1998 LTD
» Shetef Solutions & Consulting 1998 LTD
» Shetef Solutions and Consulting (1998)
» Shetef Solutions e Consulting (1998)
» Shetef Solutions & Consulting 1998 LTD
» Shetef Solutions & Consulting 1998 LTD
» Shetef Solutions and Consulting (1998)
Página 1 de 2
Permissões neste sub-fórum
Não podes responder a tópicos
|
|