Malwarebytes Anti-Malware
www.malwarebytes.org

Data da Verificação: 06/02/2017
Hora da Verificação: 19:46
Ficheiro de Relatório: report-mbam.txt
Administrador: Sim

Versão: 2.2.1.1043
Base de Dados de Malware: v2017.02.06.07
Base de dados de Rootkits: v2016.11.20.01
Licença: Grátis
Proteção contra Malware: Desativado
Proteção contra Websites Maliciosos: Desativado
Autoproteção: Desativado

SO: Windows 10
CPU: x64
Sistema de Ficheiros: NTFS
Utilizador: mrpho

Tipo de Verificação: Verificação de Ameaças
Resultado: Concluída
Objetos Verificados: 342271
Tempo Decorrido: 23 min, 45 s

Memória: Ativado
Arranque: Ativado
Sistema de Ficheiros: Ativado
Arquivos: Ativado
Rootkits: Desativado
Heurísticos: Ativado
PPI: Ativado
MPI: Ativado

Processos: 0
(Nenhum item malicioso detetado)

Módulos: 4
Adware.Elex, C:\Program Files (x86)\Common Files\Services\iThemes.dll, Apagar ao Reiniciar, [ebd4603f85238ea86a46d2cd3cc4847c], 
PUP.Optional.Elex, C:\Program Files (x86)\WinArcher\Archer.dll, Apagar ao Reiniciar, [2a95eab59315dc5aa78b3240ff010bf5], 
PUP.Optional.Elex, C:\ProgramData\WinSAPSvc\WinSAP.dll, Apagar ao Reiniciar, [724d455a9e0a989e7320384130d0ba46], 
Adware.Elex, C:\Program Files (x86)\Gubed\GubedZL.dll, Apagar ao Reiniciar, [e8d7c2dd0f99d75f00cbe00c5aa6ca36], 

Chaves de Registo: 12
Adware.Elex, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\iThemes5, Movido para Quarentena, [ebd4603f85238ea86a46d2cd3cc4847c], 
PUP.Optional.Amisites.ShrtCln, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, Movido para Quarentena, [e2dda6f991173303b6aab8e3a55b34cc], 
Adware.Elex, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{82B15F1A-6C61-446C-8971-764E56E00977}, Apagar ao Reiniciar, [8e31158a62460c2ad017bb104ab6c53b], 
Adware.Elex, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Milimili, Apagar ao Reiniciar, [8c33ced17f29191da11236957b85a15f], 
PUP.Optional.Amisites.ShrtCln, HKLM\SOFTWARE\WOW6432NODE\amisitesSoftware, Movido para Quarentena, [1ca34659abfd45f1d1331e940ef26898], 
Adware.Elex, HKLM\SOFTWARE\WOW6432NODE\WinArcher, Movido para Quarentena, [3e81306f34741b1ba16c8e1a996720e0], 
PUP.Optional.Amisites.ShrtCln, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, Movido para Quarentena, [bb04257a7f2922147ce43d5e996726da], 
PUP.Optional.Elex, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Archer, Movido para Quarentena, [b00fb9e62d7b1f1730a17f0908f8f10f], 
Adware.Elex, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\GubedZL, Movido para Quarentena, [4b74b1ee9315da5caf1a6d7fee12da26], 
PUP.Optional.Elex, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\WinSAPSvc, Movido para Quarentena, [427da7f8396ff0466208295e38c89d63], 
Adware.Elex, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\WinSnare, Movido para Quarentena, [734c3b64acfcb28457d7954c619f0ff1], 
PUP.Optional.Amisites.ShrtCln, HKU\S-1-5-21-1594818643-2914223070-3406231903-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, Movido para Quarentena, [813eb6e9e9bf0234638f8f0dbd431de3], 

Valores de Registo: 5
PUP.Optional.Amisites.ShrtCln, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}|URL, http://www.amisites.com/search/?type=ds&ts=1486409906&z=a961205aa6959752e8d1bb3gazfb2qezee1tdt4ebw&from=che0812&uid=WDCXWD10JPVX-22JC3T0_WD-WX81A85R2XS5R2XS5&q={searchTerms}, Movido para Quarentena, [e2dda6f991173303b6aab8e3a55b34cc]
Adware.Elex, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{82B15F1A-6C61-446C-8971-764E56E00977}|Path, \Milimili, Apagar ao Reiniciar, [8e31158a62460c2ad017bb104ab6c53b]
PUP.Optional.Amisites.ShrtCln, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}|URL, http://www.amisites.com/search/?type=ds&ts=1486409906&z=a961205aa6959752e8d1bb3gazfb2qezee1tdt4ebw&from=che0812&uid=WDCXWD10JPVX-22JC3T0_WD-WX81A85R2XS5R2XS5&q={searchTerms}, Movido para Quarentena, [bb04257a7f2922147ce43d5e996726da]
Trojan.Elex, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\THEMES|DependOnService, iThemes5^^, Movido para Quarentena, [a41beab5129672c455a30be518e87c84]
PUP.Optional.Amisites.ShrtCln, HKU\S-1-5-21-1594818643-2914223070-3406231903-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}|URL, http://www.amisites.com/search/?type=ds&ts=1486409906&z=a961205aa6959752e8d1bb3gazfb2qezee1tdt4ebw&from=che0812&uid=WDCXWD10JPVX-22JC3T0_WD-WX81A85R2XS5R2XS5&q={searchTerms}, Movido para Quarentena, [813eb6e9e9bf0234638f8f0dbd431de3]

Dados de Registo: 17
PUP.Optional.Amisites.ShrtCln, HKLM\SOFTWARE\CLIENTS\STARTMENUINTERNET\GOOGLE CHROME\SHELL\OPEN\COMMAND, "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" http://www.amisites.com/?type=sc&ts=1486409906&z=a961205aa6959752e8d1bb3gazfb2qezee1tdt4ebw&from=che0812&uid=WDCXWD10JPVX-22JC3T0_WD-WX81A85R2XS5R2XS5, Bom: (Chrome.exe), Mau: ("C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" http://www.amisites.com/?type=sc&ts=1486409906&z=a961205aa6959752e8d1bb3gazfb2qezee1tdt4ebw&from=che0812&uid=WDCXWD10JPVX-22JC3T0_WD-WX81A85R2XS5R2XS5),Substituído,[cff0009f4464d561d51c0498a06005fb]
PUP.Optional.Amisites.ShrtCln, HKLM\SOFTWARE\CLIENTS\STARTMENUINTERNET\IEXPLORE.EXE\SHELL\OPEN\COMMAND, C:\Program Files\Internet Explorer\iexplore.exe http://www.amisites.com/?type=sc&ts=1486409906&z=a961205aa6959752e8d1bb3gazfb2qezee1tdt4ebw&from=che0812&uid=WDCXWD10JPVX-22JC3T0_WD-WX81A85R2XS5R2XS5, Bom: (iexplore.exe), Mau: (C:\Program Files\Internet Explorer\iexplore.exe http://www.amisites.com/?type=sc&ts=1486409906&z=a961205aa6959752e8d1bb3gazfb2qezee1tdt4ebw&from=che0812&uid=WDCXWD10JPVX-22JC3T0_WD-WX81A85R2XS5R2XS5),Substituído,[506f099603a542f4aa4648549769738d]
PUP.Optional.Amisites.ShrtCln, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, http://www.amisites.com/?type=hp&ts=1486409906&z=a961205aa6959752e8d1bb3gazfb2qezee1tdt4ebw&from=che0812&uid=WDCXWD10JPVX-22JC3T0_WD-WX81A85R2XS5R2XS5, Bom: (www.google.com), Mau: (http://www.amisites.com/?type=hp&ts=1486409906&z=a961205aa6959752e8d1bb3gazfb2qezee1tdt4ebw&from=che0812&uid=WDCXWD10JPVX-22JC3T0_WD-WX81A85R2XS5R2XS5),Substituído,[dee1e7b8f7b10135cb3c237a6d9303fd]
PUP.Optional.Amisites.ShrtCln, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, http://www.amisites.com/search/?type=ds&ts=1486409906&z=a961205aa6959752e8d1bb3gazfb2qezee1tdt4ebw&from=che0812&uid=WDCXWD10JPVX-22JC3T0_WD-WX81A85R2XS5R2XS5&q={searchTerms}, Bom: (www.google.com), Mau: (http://www.amisites.com/search/?type=ds&ts=1486409906&z=a961205aa6959752e8d1bb3gazfb2qezee1tdt4ebw&from=che0812&uid=WDCXWD10JPVX-22JC3T0_WD-WX81A85R2XS5R2XS5&q={searchTerms}),Substituído,[c5fa613e1197c76f8186aaf37a8630d0]
PUP.Optional.Amisites.ShrtCln, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, http://www.amisites.com/search/?type=ds&ts=1486409906&z=a961205aa6959752e8d1bb3gazfb2qezee1tdt4ebw&from=che0812&uid=WDCXWD10JPVX-22JC3T0_WD-WX81A85R2XS5R2XS5&q={searchTerms}, Bom: (www.google.com), Mau: (http://www.amisites.com/search/?type=ds&ts=1486409906&z=a961205aa6959752e8d1bb3gazfb2qezee1tdt4ebw&from=che0812&uid=WDCXWD10JPVX-22JC3T0_WD-WX81A85R2XS5R2XS5&q={searchTerms}),Substituído,[2b94881704a4c1752ed95944e61a4ab6]
PUP.Optional.Amisites.ShrtCln, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://www.amisites.com/?type=hp&ts=1486409906&z=a961205aa6959752e8d1bb3gazfb2qezee1tdt4ebw&from=che0812&uid=WDCXWD10JPVX-22JC3T0_WD-WX81A85R2XS5R2XS5, Bom: (www.google.com), Mau: (http://www.amisites.com/?type=hp&ts=1486409906&z=a961205aa6959752e8d1bb3gazfb2qezee1tdt4ebw&from=che0812&uid=WDCXWD10JPVX-22JC3T0_WD-WX81A85R2XS5R2XS5),Substituído,[685719865a4e37ffa95e99044fb1758b]
PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Bom: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Mau: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),Substituído,[8d320a95aff964d22b0022e4ed1725db]
PUP.Optional.Amisites.ShrtCln, HKLM\SOFTWARE\WOW6432NODE\CLIENTS\STARTMENUINTERNET\GOOGLE CHROME\SHELL\OPEN\COMMAND, "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" http://www.amisites.com/?type=sc&ts=1486409906&z=a961205aa6959752e8d1bb3gazfb2qezee1tdt4ebw&from=che0812&uid=WDCXWD10JPVX-22JC3T0_WD-WX81A85R2XS5R2XS5, Bom: (Chrome.exe), Mau: ("C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" http://www.amisites.com/?type=sc&ts=1486409906&z=a961205aa6959752e8d1bb3gazfb2qezee1tdt4ebw&from=che0812&uid=WDCXWD10JPVX-22JC3T0_WD-WX81A85R2XS5R2XS5),Substituído,[209f742b307852e4648de4b8956bbd43]
PUP.Optional.Amisites.ShrtCln, HKLM\SOFTWARE\WOW6432NODE\CLIENTS\STARTMENUINTERNET\IEXPLORE.EXE\SHELL\OPEN\COMMAND, C:\Program Files\Internet Explorer\iexplore.exe http://www.amisites.com/?type=sc&ts=1486409906&z=a961205aa6959752e8d1bb3gazfb2qezee1tdt4ebw&from=che0812&uid=WDCXWD10JPVX-22JC3T0_WD-WX81A85R2XS5R2XS5, Bom: (iexplore.exe), Mau: (C:\Program Files\Internet Explorer\iexplore.exe http://www.amisites.com/?type=sc&ts=1486409906&z=a961205aa6959752e8d1bb3gazfb2qezee1tdt4ebw&from=che0812&uid=WDCXWD10JPVX-22JC3T0_WD-WX81A85R2XS5R2XS5),Substituído,[724d77283d6b56e015db5c40e91730d0]
PUP.Optional.Amisites.ShrtCln, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, http://www.amisites.com/?type=hp&ts=1486409906&z=a961205aa6959752e8d1bb3gazfb2qezee1tdt4ebw&from=che0812&uid=WDCXWD10JPVX-22JC3T0_WD-WX81A85R2XS5R2XS5, Bom: (www.google.com), Mau: (http://www.amisites.com/?type=hp&ts=1486409906&z=a961205aa6959752e8d1bb3gazfb2qezee1tdt4ebw&from=che0812&uid=WDCXWD10JPVX-22JC3T0_WD-WX81A85R2XS5R2XS5),Substituído,[cff0e6b93771d264bd4a7429b8486e92]
PUP.Optional.Amisites.ShrtCln, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, http://www.amisites.com/search/?type=ds&ts=1486409906&z=a961205aa6959752e8d1bb3gazfb2qezee1tdt4ebw&from=che0812&uid=WDCXWD10JPVX-22JC3T0_WD-WX81A85R2XS5R2XS5&q={searchTerms}, Bom: (www.google.com), Mau: (http://www.amisites.com/search/?type=ds&ts=1486409906&z=a961205aa6959752e8d1bb3gazfb2qezee1tdt4ebw&from=che0812&uid=WDCXWD10JPVX-22JC3T0_WD-WX81A85R2XS5R2XS5&q={searchTerms}),Substituído,[18a77728f4b477bf798ed0cd43bdef11]
PUP.Optional.Amisites.ShrtCln, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, http://www.amisites.com/search/?type=ds&ts=1486409906&z=a961205aa6959752e8d1bb3gazfb2qezee1tdt4ebw&from=che0812&uid=WDCXWD10JPVX-22JC3T0_WD-WX81A85R2XS5R2XS5&q={searchTerms}, Bom: (www.google.com), Mau: (http://www.amisites.com/search/?type=ds&ts=1486409906&z=a961205aa6959752e8d1bb3gazfb2qezee1tdt4ebw&from=che0812&uid=WDCXWD10JPVX-22JC3T0_WD-WX81A85R2XS5R2XS5&q={searchTerms}),Substituído,[d5eae8b73771e55100075f3e27d98e72]
PUP.Optional.Amisites.ShrtCln, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://www.amisites.com/?type=hp&ts=1486409906&z=a961205aa6959752e8d1bb3gazfb2qezee1tdt4ebw&from=che0812&uid=WDCXWD10JPVX-22JC3T0_WD-WX81A85R2XS5R2XS5, Bom: (www.google.com), Mau: (http://www.amisites.com/?type=hp&ts=1486409906&z=a961205aa6959752e8d1bb3gazfb2qezee1tdt4ebw&from=che0812&uid=WDCXWD10JPVX-22JC3T0_WD-WX81A85R2XS5R2XS5),Substituído,[754a554a33752b0bc542f8a5f60a956b]
PUP.Optional.Qone8, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Bom: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Mau: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),Substituído,[417e366907a1f442e645cb3b0004758b]
PUP.Optional.Amisites.ShrtCln, HKU\S-1-5-21-1594818643-2914223070-3406231903-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://www.amisites.com/?type=hp&ts=1486409906&z=a961205aa6959752e8d1bb3gazfb2qezee1tdt4ebw&from=che0812&uid=WDCXWD10JPVX-22JC3T0_WD-WX81A85R2XS5R2XS5, Bom: (www.google.com), Mau: (http://www.amisites.com/?type=hp&ts=1486409906&z=a961205aa6959752e8d1bb3gazfb2qezee1tdt4ebw&from=che0812&uid=WDCXWD10JPVX-22JC3T0_WD-WX81A85R2XS5R2XS5),Substituído,[bf00ddc2198f73c38c7ab4e92ad6b050]
PUP.Optional.Amisites.ShrtCln, HKU\S-1-5-21-1594818643-2914223070-3406231903-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, http://www.amisites.com/?type=hp&ts=1486409906&z=a961205aa6959752e8d1bb3gazfb2qezee1tdt4ebw&from=che0812&uid=WDCXWD10JPVX-22JC3T0_WD-WX81A85R2XS5R2XS5, Bom: (www.google.com), Mau: (http://www.amisites.com/?type=hp&ts=1486409906&z=a961205aa6959752e8d1bb3gazfb2qezee1tdt4ebw&from=che0812&uid=WDCXWD10JPVX-22JC3T0_WD-WX81A85R2XS5R2XS5),Substituído,[11aef4ab46620b2b81850796758bcb35]
PUP.Optional.Amisites.ShrtCln, HKU\S-1-5-21-1594818643-2914223070-3406231903-1001_Classes\LOCAL SETTINGS\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\APPCONTAINER\STORAGE\MICROSOFT.MICROSOFTEDGE_8WEKYB3D8BBWE\MICROSOFTEDGE\MAIN|HomeButtonPage, http://www.amisites.com/?type=hp&ts=1486409906&z=a961205aa6959752e8d1bb3gazfb2qezee1tdt4ebw&from=che0812&uid=WDCXWD10JPVX-22JC3T0_WD-WX81A85R2XS5R2XS5, Bom: (http://www.google.com), Mau: (http://www.amisites.com/?type=hp&ts=1486409906&z=a961205aa6959752e8d1bb3gazfb2qezee1tdt4ebw&from=che0812&uid=WDCXWD10JPVX-22JC3T0_WD-WX81A85R2XS5R2XS5),Substituído,[10afb8e7e9bf41f57768613b0ef2a65a]

Pastas: 5
PUP.Optional.Elex, C:\Program Files (x86)\WinArcher, Apagar ao Reiniciar, [2a95eab59315dc5aa78b3240ff010bf5], 
PUP.Optional.Elex, C:\ProgramData\WinSAPSvc, Apagar ao Reiniciar, [724d455a9e0a989e7320384130d0ba46], 
PUP.Optional.Elex, C:\ProgramData\WinSAPSvc\winsap_update, Movido para Quarentena, [724d455a9e0a989e7320384130d0ba46], 
Adware.Elex, C:\Program Files (x86)\Gubed, Apagar ao Reiniciar, [e8d7c2dd0f99d75f00cbe00c5aa6ca36], 
Adware.Elex, C:\Users\mrpho\AppData\Roaming\WinSnare, Movido para Quarentena, [2e91643bf9aff442372bde0224dc51af], 

Ficheiros: 38
Adware.Elex, C:\Program Files (x86)\Common Files\Services\iThemes.dll, Apagar ao Reiniciar, [ebd4603f85238ea86a46d2cd3cc4847c], 
Adware.Elex, C:\Program Files (x86)\MIO\MIO.exe, Movido para Quarentena, [d2ed9609594f24127db61caec13f0df3], 
Adware.DotDo, C:\ProgramData\WinSAPSvc\winsap_update\Lancer.dll, Movido para Quarentena, [3887019ecddb1422a806dcf813ed629e], 
Adware.Elex, C:\ProgramData\WinSAPSvc\winsap_update\MIO.exe, Movido para Quarentena, [b40bced1eebaa492e35005c5b14fa759], 
Adware.Elex, C:\ProgramData\WinSAPSvc\winsap_update\QQBrowserFrame.dll, Movido para Quarentena, [98279b043e6a75c19b9825a9728eb44c], 
PUP.Optional.Elex, C:\Program Files (x86)\WinArcher\Archer.dll, Apagar ao Reiniciar, [2a95eab59315dc5aa78b3240ff010bf5], 
PUP.Optional.Elex, C:\Program Files (x86)\WinArcher\Packet.dll, Movido para Quarentena, [2a95eab59315dc5aa78b3240ff010bf5], 
PUP.Optional.Elex, C:\ProgramData\WinSAPSvc\WinSAP.dll, Apagar ao Reiniciar, [724d455a9e0a989e7320384130d0ba46], 
PUP.Optional.Elex, C:\ProgramData\WinSAPSvc\SETUP.dll, Movido para Quarentena, [724d455a9e0a989e7320384130d0ba46], 
PUP.Optional.Elex, C:\ProgramData\WinSAPSvc\winsap_update\39.json, Movido para Quarentena, [724d455a9e0a989e7320384130d0ba46], 
PUP.Optional.Elex, C:\ProgramData\WinSAPSvc\winsap_update\amule.msi, Movido para Quarentena, [724d455a9e0a989e7320384130d0ba46], 
PUP.Optional.Elex, C:\ProgramData\WinSAPSvc\winsap_update\Archer.dllEx.dll, Movido para Quarentena, [724d455a9e0a989e7320384130d0ba46], 
PUP.Optional.Elex, C:\ProgramData\WinSAPSvc\winsap_update\ClearLog.dll, Movido para Quarentena, [724d455a9e0a989e7320384130d0ba46], 
PUP.Optional.Elex, C:\ProgramData\WinSAPSvc\winsap_update\data.bin, Movido para Quarentena, [724d455a9e0a989e7320384130d0ba46], 
PUP.Optional.Elex, C:\ProgramData\WinSAPSvc\winsap_update\DataBase, Movido para Quarentena, [724d455a9e0a989e7320384130d0ba46], 
PUP.Optional.Elex, C:\ProgramData\WinSAPSvc\winsap_update\GubedZL.dll, Movido para Quarentena, [724d455a9e0a989e7320384130d0ba46], 
PUP.Optional.Elex, C:\ProgramData\WinSAPSvc\winsap_update\Install.dll, Movido para Quarentena, [724d455a9e0a989e7320384130d0ba46], 
PUP.Optional.Elex, C:\ProgramData\WinSAPSvc\winsap_update\Lancer.dll, Movido para Quarentena, [724d455a9e0a989e7320384130d0ba46], 
PUP.Optional.Elex, C:\ProgramData\WinSAPSvc\winsap_update\MIO.dll, Movido para Quarentena, [724d455a9e0a989e7320384130d0ba46], 
PUP.Optional.Elex, C:\ProgramData\WinSAPSvc\winsap_update\MIO.exe, Movido para Quarentena, [724d455a9e0a989e7320384130d0ba46], 
PUP.Optional.Elex, C:\ProgramData\WinSAPSvc\winsap_update\Packet.dll, Movido para Quarentena, [724d455a9e0a989e7320384130d0ba46], 
PUP.Optional.Elex, C:\ProgramData\WinSAPSvc\winsap_update\QQBrowser.exe, Movido para Quarentena, [724d455a9e0a989e7320384130d0ba46], 
PUP.Optional.Elex, C:\ProgramData\WinSAPSvc\winsap_update\QQBrowserFrame.dll, Movido para Quarentena, [724d455a9e0a989e7320384130d0ba46], 
PUP.Optional.Elex, C:\ProgramData\WinSAPSvc\winsap_update\RegKey.dll, Movido para Quarentena, [724d455a9e0a989e7320384130d0ba46], 
PUP.Optional.Elex, C:\ProgramData\WinSAPSvc\winsap_update\WinSAP.dll, Movido para Quarentena, [724d455a9e0a989e7320384130d0ba46], 
PUP.Optional.Elex, C:\ProgramData\WinSAPSvc\winsap_update\winsap_cf, Movido para Quarentena, [724d455a9e0a989e7320384130d0ba46], 
PUP.Optional.Elex, C:\ProgramData\WinSAPSvc\winsap_update\WinSnare.msi, Movido para Quarentena, [724d455a9e0a989e7320384130d0ba46], 
PUP.Optional.Amisites.ShrtCln, C:\Users\mrpho\AppData\Roaming\Mozilla\Firefox\Profiles\9fcommh6.default\searchplugins\amisites.xml, Movido para Quarentena, [c4fb0699c3e59d990c2b2f6e758bad53], 
Adware.Elex, C:\Windows\System32\Tasks\Milimili, Movido para Quarentena, [ccf3bce33f69be7850e2c60830d08878], 
Adware.Elex, C:\Program Files (x86)\Gubed\GubedZL.dll, Apagar ao Reiniciar, [e8d7c2dd0f99d75f00cbe00c5aa6ca36], 
Adware.Elex, C:\Users\mrpho\AppData\Roaming\WinSnare\WinSnare.dll, Movido para Quarentena, [2e91643bf9aff442372bde0224dc51af], 
PUP.Optional.Amisites.ShrtCln, C:\Users\mrpho\AppData\Roaming\Mozilla\Firefox\Profiles\9fcommh6.default\prefs.js, Bom: (user_pref("browser.startup.homepage", "https://www.malwarebytes.org/restorebrowser/), Mau: (user_pref("browser.startup.homepage", "http://www.amisites.com/?type=hp&ts=1486409906&z=a961205aa6959752e8d1bb3gazfb2qezee1tdt4ebw&from=che0812&uid=WDCXWD10JPVX-22JC3T0_WD-WX81A85R2XS5R2XS5");), Substituído,[942b9609495ffd39ab3b533f4cb4649c]
PUP.Optional.Youndoo, C:\Users\mrpho\AppData\Roaming\Profiles\Rzulylrward.default\prefs.js, Bom: (), Mau: (user_pref("browser.search.defaultenginename", "youndoo");), Substituído,[f5ca554a594fe452d40aec32f30d49b7]
PUP.Optional.Youndoo, C:\Users\mrpho\AppData\Roaming\Profiles\Rzulylrward.default\prefs.js, Bom: (), Mau: (illa User Preferences

/* Do not edit this file.
 *
 * If you make changes to this file while the application application exits.
 *
 * To make a manual change to prelastUpda), Substituído,[a817bae5dfc9082e845a37e724dcdb25]
PUP.Optional.Youndoo, C:\Users\mrpho\AppData\Roaming\Profiles\Rzulylrward.default\prefs.js, Bom: (), Mau: ( application exits.
 *
 * To make a manual change to prelastUpdateTime.addon-background-update-timer", 1458508383);
user_pref("app.update.lastUpdateTime.background-update-timer", 1458508863);
user_p), Substituído,[b40be3bccbdde05625b942dce81824dc]
PUP.Optional.Youndoo, C:\Users\mrpho\AppData\Roaming\Profiles\Rzulylrward.default\prefs.js, Bom: (), Mau: ();
user_pref("app.update.lastUpdateTime.background-update-timer", 1458508863);
user_pref("app.update.lastUpdateTime.blocklist-background-update-timer", 1458508503);
user_pref("app.update.lastUpdateTim), Substituído,[e4db990641676cca835b41dd29d752ae]
PUP.Optional.Youndoo, C:\Users\mrpho\AppData\Roaming\Profiles\Rzulylrward.default\prefs.js, Bom: (), Mau: (
 * To make a manual change to prelastUpdateTime.addo), Substituído,[19a65d423b6d162027b7ea34817fe020]
PUP.Optional.Youndoo, C:\Users\mrpho\AppData\Roaming\Profiles\Rzulylrward.default\prefs.js, Bom: (), Mau: ( * If you make changes to this file while the application application exits.
 *
 * To make a manual change to prelastUpdateTime.addon-background-update-timer", 1458508383)), Substituído,[3d82fda29a0ed0668e50b36bbe42bd43]

Sectores Físicos: 0
(Nenhum item malicioso detetado)


(end)