RogueKiller V12.3.3.0 (x64) [Jun 13 2016] (Free) por Adlice Software mail : http://www.adlice.com/contact/ Feedback : http://forum.adlice.com Site : http://www.adlice.com/software/roguekiller/ Blog : http://www.adlice.com Sistema Operacional : Windows 8.1 (6.3.9600) 64 bits version Iniciou : Modo normal Usuário : loui [Administrador] Started from : C:\Users\loui\Desktop\RogueKillerX64.exe Modo : Deletar -- Data : 06/21/2016 22:48:13 ¤¤¤ Processos : 0 ¤¤¤ ¤¤¤ Registro : 10 ¤¤¤ [PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-2639795603-29030182-133677846-1001\Software\Microsoft\Internet Explorer\Main | Start Page : http://samsung13.msn.com/?pc=smjb -> Substituído (http://go.microsoft.com/fwlink/p/?LinkId=255141) [PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-2639795603-29030182-133677846-1001\Software\Microsoft\Internet Explorer\Main | Start Page : http://samsung13.msn.com/?pc=smjb -> Substituído (http://go.microsoft.com/fwlink/p/?LinkId=255141) [PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-2639795603-29030182-133677846-1001\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://samsung13.msn.com/?pc=smjb -> Substituído (http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome) [PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-2639795603-29030182-133677846-1001\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://samsung13.msn.com/?pc=smjb -> Substituído (http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome) [PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters | DhcpNameServer : 189.7.24.22 189.7.24.15 201.6.4.116 ([Brazil][Brazil][-]) -> Substituído () [PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters | DhcpNameServer : 189.7.24.22 189.7.24.15 201.6.4.116 ([Brazil][Brazil][-]) -> Substituído () [PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{CE0AC450-4ABB-40E2-91D8-E80A670007B9} | DhcpNameServer : 189.7.24.22 189.7.24.15 201.6.4.116 ([Brazil][Brazil][-]) -> Substituído () [PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{DF487AF6-93FC-4EB7-AF4A-C139E9F0B216} | DhcpNameServer : 10.239.0.2 8.8.8.8 8.8.4.4 ([][-][-]) -> Substituído () [PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{CE0AC450-4ABB-40E2-91D8-E80A670007B9} | DhcpNameServer : 189.7.24.22 189.7.24.15 201.6.4.116 ([Brazil][Brazil][-]) -> Substituído () [PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{DF487AF6-93FC-4EB7-AF4A-C139E9F0B216} | DhcpNameServer : 10.239.0.2 8.8.8.8 8.8.4.4 ([][-][-]) -> Substituído () ¤¤¤ Tarefas : 2 ¤¤¤ [Suspicious.Path] \Origin -- C:\Users\loui\AppData\Roaming\Origin\update.vbe -> Deletado [Suspicious.Path|VT.Unknown] \SUPatchForW10Up -- "%programdata%\Samsung\SamsungUpdatePatch\SUPatchForW10Up.exe" -> Deletado ¤¤¤ Arquivos : 0 ¤¤¤ ¤¤¤ Arquivos de hosts : 0 ¤¤¤ ¤¤¤ Antirootkit : 0 (Driver: Carregado) ¤¤¤ ¤¤¤ Navegadores : 0 ¤¤¤ ¤¤¤ Verificação da MBR : ¤¤¤ +++++ PhysicalDrive0: ST1000LM024 HN-M101MBB +++++ --- User --- [MBR] 5aef40578600422a06b842a9ae851aa2 [BSP] 980fe462507a6040b4abe904a693c5ba : Empty MBR Code Partition table: 0 - [SYSTEM][MAN-MOUNT] Basic data partition | Offset (sectors): 2048 | Size: 499 MB 1 - [MAN-MOUNT] EFI system partition | Offset (sectors): 1024000 | Size: 300 MB 2 - [MAN-MOUNT] Microsoft reserved partition | Offset (sectors): 1638400 | Size: 128 MB 3 - Basic data partition | Offset (sectors): 1900544 | Size: 930907 MB 4 - [SYSTEM][MAN-MOUNT] ??????a | Offset (sectors): 1908398081 | Size: 21010 MB 5 - [SYSTEM][MAN-MOUNT] ????? | Offset (sectors): 1951426561 | Size: 1024 MB User = LL1 ... OK User = LL2 ... OK