Trojan, nodqq0.dll Prosze o sprawdzenie loga

szyszka1991 · 22 Kwiecień 2010 13:52

Mój problem jest taki ze ostatnio złapałem na pendriva jakieś trojany. Podczas podpinania pena, ekran zmienia rodzielczość na najmniejsza i kolory na 4 bity. Ponadto nod32 ciągle mnie informuje o trojanie nodqq0.dll niestety nie ma opcji usuń. Proszę o pomoc. Pozdrawiam

log OTL:

http://wklej.org/id/320793/

Leon1 · 22 Kwiecień 2010 14:06

Wyłącz przywracanie systemu na wszystkich dyskach.http://support.microsoft.com/kb/310405/pl

OTL w oknie Custom Scans-Fixes wklej następujący skrypt:

:OTL O4 - HKCU…\Run: [nod32] G:\Documents and Settings\User-XXX\Ustawienia lokalne\Temp\nodqq.exe () O16 - DPF: DirectAnimation Java Classes file://G:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.) O16 - DPF: Microsoft XML Parser for Java file://G:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.) O32 - AutoRun File - [2010-04-21 00:29:58 | 000,000,061 | RHS- | M] () - C:\autorun.inf – [NTFS] O32 - AutoRun File - [2010-04-21 00:29:59 | 000,000,061 | RHS- | M] () - D:\autorun.inf – [NTFS] O32 - AutoRun File - [2010-04-21 00:30:00 | 000,000,061 | RHS- | M] () - E:\autorun.inf – [NTFS] O32 - AutoRun File - [2010-04-21 00:30:01 | 000,000,061 | RHS- | M] () - G:\autorun.inf – [NTFS] O32 - AutoRun File - [2010-04-21 00:30:02 | 000,000,061 | RHS- | M] () - H:\autorun.inf – [NTFS] O33 - MountPoints2{0e1af2f1-40de-11df-8957-806d6172696f}\Shell\AutoRun\command - “” = D:\utcddeq.exe – [2010-04-20 22:22:11 | 000,127,488 | RHS- | M] () O33 - MountPoints2{0e1af2f1-40de-11df-8957-806d6172696f}\Shell\open\Command - “” = D:\utcddeq.exe – [2010-04-20 22:22:11 | 000,127,488 | RHS- | M] () O33 - MountPoints2{0e1af2f2-40de-11df-8957-806d6172696f}\Shell\AutoRun\command - “” = E:\utcddeq.exe – [2010-04-20 22:22:11 | 000,127,488 | RHS- | M] () O33 - MountPoints2{0e1af2f2-40de-11df-8957-806d6172696f}\Shell\open\Command - “” = E:\utcddeq.exe – [2010-04-20 22:22:11 | 000,127,488 | RHS- | M] () O33 - MountPoints2{0e1af2f7-40de-11df-8957-806d6172696f}\Shell\AutoRun\command - “” = G:\utcddeq.exe – [2010-04-20 22:22:11 | 000,127,488 | RHS- | M] () O33 - MountPoints2{0e1af2f7-40de-11df-8957-806d6172696f}\Shell\open\Command - “” = G:\utcddeq.exe – [2010-04-20 22:22:11 | 000,127,488 | RHS- | M] () O33 - MountPoints2{0e1af2f8-40de-11df-8957-806d6172696f}\Shell\AutoRun\command - “” = H:\utcddeq.exe – [2010-04-20 22:22:11 | 000,127,488 | RHS- | M] () O33 - MountPoints2{0e1af2f8-40de-11df-8957-806d6172696f}\Shell\open\Command - “” = H:\utcddeq.exe – [2010-04-20 22:22:11 | 000,127,488 | RHS- | M] () O33 - MountPoints2{28755f69-45ad-11df-9263-a240301bbe0f}\Shell - “” = AutoRun O33 - MountPoints2{28755f69-45ad-11df-9263-a240301bbe0f}\Shell\AutoRun\command - “” = J:\LaunchU3.exe – File not found O33 - MountPoints2{28755f6a-45ad-11df-9263-a240301bbe0f}\Shell\AutoRun\command - “” = K:\utcddeq.exe – File not found O33 - MountPoints2{28755f6a-45ad-11df-9263-a240301bbe0f}\Shell\open\Command - “” = K:\utcddeq.exe – File not found [2010-04-21 00:30:01 | 000,000,061 | RHS- | M] () – G:\autorun.inf [2010-04-20 22:22:11 | 000,127,488 | RHS- | M] () – G:\utcddeq.exe [2010-04-19 15:25:27 | 000,128,512 | RHS- | M] () – G:\r3fhr.exe :Files C:\utcddeq.exe D:\utcddeq.exe E:\utcddeq.exe H:\utcddeq.exe C:\r3fhr.exe D:\r3fhr.exe E:\r3fhr.exe H:\r3fhr.exe G:\Documents and Settings\User-XXX\Ustawienia lokalne\Temp\nodqq.exe :Reg [-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2] :Commands [emptytemp] [start explorer] [Reboot]

Kliknij w Run Fix. Zatwierdź restart komputera.

Wylecz pendriva lub kartę pamięci

Flash Disinfector http://www.searchengines.pl/index.php?s … ntry369724

potem nowy log OTL robiony opcją Run Scan