Pop-up's?

Problema resolvido. 99% da resolução é do Blue Zee e 1% do Malwarebytes Anti-Malware.

Muito obrigado ao Blue Zee.


Para o caso de te interessar aqui fica o Log, que pelo que reparei ia de encontro ao que tinhas indicado para apagar:
Malwarebytes' Anti-Malware 1.28
Versão do banco de dados: 1175
Windows 5.1.2600 Service Pack 3

19-09-2008 17:28:21
mbam-log-2008-09-19 (17-28-21).txt

Tipo de Verificação: Rápida
Objetos verificados: 45921
Tempo decorrido: 4 minute(s), 20 second(s)

Processos da Memória infectados: 0
Módulos de Memória Infectados: 7
Chaves do Registo infectadas: 18
Valores do Registo infectados: 3
Ítens do Registo infectados: 2
Pastas infectadas: 0
Ficheiros infectados: 33

Processos da Memória infectados:
(Nenhum item malicioso foi detectado)

Módulos de Memória Infectados:
D:\WINDOWS\system32\bebhfjft.dll (Trojan.Vundo.H) -> Delete on reboot.
D:\WINDOWS\system32\fccbXpqq.dll (Trojan.Vundo.H) -> Delete on reboot.
D:\WINDOWS\system32\laaxapyl.dll (Trojan.Vundo) -> Delete on reboot.
D:\WINDOWS\system32\gsoths.dll (Trojan.Vundo) -> Delete on reboot.
D:\WINDOWS\system32\rqRHBssQ.dll (Trojan.Vundo) -> Delete on reboot.
D:\WINDOWS\system32\xxyXnNhG.dll (Trojan.Vundo) -> Delete on reboot.
D:\WINDOWS\system32\efcDTKbB.dll (Trojan.Vundo) -> Delete on reboot.

Chaves do Registo infectadas:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{09c72999-5c10-41a3-a524-24661d942003} (Trojan.Vundo.H) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\rqrhbssq (Trojan.Vundo.H) -> Delete on reboot.
HKEY_CLASSES_ROOT\CLSID\{09c72999-5c10-41a3-a524-24661d942003} (Trojan.Vundo.H) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99ba28b5-ffb5-423c-898c-cad6a85bbdce} (Trojan.Vundo.H) -> Delete on reboot.
HKEY_CLASSES_ROOT\CLSID\{99ba28b5-ffb5-423c-898c-cad6a85bbdce} (Trojan.Vundo.H) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b9c71a19-b69c-4f0e-a991-395a93b43e36} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{b9c71a19-b69c-4f0e-a991-395a93b43e36} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{08f59198-dfb9-40c0-b615-d758e9126ea1} (Trojan.BHO.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{08f59198-dfb9-40c0-b615-d758e9126ea1} (Trojan.BHO.H) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\rdfa (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\contim (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\dslcnnct (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IProxyProvider (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Track System (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\aoprndtws (Trojan.Vundo) -> Quarantined and deleted successfully.

Valores do Registo infectados:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\84769806 (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\bmbb135f7f (Trojan.Vundo) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{09c72999-5c10-41a3-a524-24661d942003} (Trojan.Vundo) -> Delete on reboot.

Ítens do Registo infectados:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Notification Packages (Trojan.Vundo.H) -> Data: d:\windows\system32\fccbxpqq -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Authentication Packages (Trojan.Vundo.H) -> Data: d:\windows\system32\fccbxpqq -> Delete on reboot.

Pastas infectadas:
(Nenhum item malicioso foi detectado)

Ficheiros infectados:
D:\WINDOWS\system32\rqRHBssQ.dll (Trojan.Vundo.H) -> Delete on reboot.
D:\WINDOWS\system32\fccbXpqq.dll (Trojan.Vundo.H) -> Delete on reboot.
D:\WINDOWS\system32\qqpXbccf.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
D:\WINDOWS\system32\qqpXbccf.ini2 (Trojan.Vundo.H) -> Quarantined and deleted successfully.
D:\WINDOWS\system32\gsoths.dll (Trojan.Vundo.H) -> Delete on reboot.
D:\WINDOWS\system32\bebhfjft.dll (Trojan.Vundo.H) -> Delete on reboot.
D:\WINDOWS\system32\tfjfhbeb.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
D:\WINDOWS\system32\jsplhwhs.dll (Trojan.BHO.H) -> Delete on reboot.
D:\WINDOWS\system32\laaxapyl.dll (Trojan.Vundo) -> Delete on reboot.
D:\WINDOWS\system32\xxyXnNhG.dll (Trojan.Vundo) -> Delete on reboot.
D:\WINDOWS\system32\efcDTKbB.dll (Trojan.Vundo) -> Delete on reboot.
D:\WINDOWS\system32\geBQkiHB.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
D:\WINDOWS\system32\gpniqfev.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
D:\WINDOWS\system32\khfDurQh.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
D:\WINDOWS\system32\khfFXpoo.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
D:\WINDOWS\system32\nczjtl.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
D:\WINDOWS\system32\pufqxxfo.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
D:\WINDOWS\system32\puywfquo.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
D:\WINDOWS\system32\rqRJBTNe.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
D:\WINDOWS\system32\rqRJDuvW.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
D:\WINDOWS\system32\byXPFUli.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
D:\WINDOWS\system32\ddcBUnll.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
D:\WINDOWS\system32\ddcCRJcA.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
D:\WINDOWS\system32\hciqnuvx.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
D:\WINDOWS\system32\hiyprw.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
D:\WINDOWS\system32\ssqOfDUk.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
D:\WINDOWS\system32\wvUliigG.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
D:\WINDOWS\system32\xbnwprms.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
D:\WINDOWS\system32\efcaabXQ.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
D:\WINDOWS\cookies.ini (Malware.Trace) -> Quarantined and deleted successfully.
D:\WINDOWS\pskt.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
D:\WINDOWS\BMbb135f7f.xml (Trojan.Vundo) -> Quarantined and deleted successfully.
D:\WINDOWS\BMbb135f7f.txt (Trojan.Vundo) -> Quarantined and deleted successfully.
Clicar para expandir...
 
Última edição:
Ele eliminou um ficheiro que agora quando ligo o pc o windows da erro e diz que falta a seguinte DLL:
65tyds.gif


Mas não a consigo encontrar na net :S
 
metRo_ disse:
Ele eliminou um ficheiro que agora quando ligo o pc o windows da erro e diz que falta a seguinte DLL:

Mas não a consigo encontrar na net :S
Clicar para expandir...
Restos de malware.

Faça um scan com o HJT, localize a entrada que refere este ficheiro (apenas essa), seleccione-a e clique em Fix checked...

Feita a limpeza, reinicie o PC e não deverá voltar a ver o erro.

Se não encontrar nenhuma referência a esse ficheiro, coloque um novo log do HJT.
 
Inicie sessão ou registe-se para poder participar.
Back
Topo