UJmedia - nedostajući dll

Učlanjen(a)
28.02.2012
Poruka
5.118
Postavi sliku Task Scheduler-a jer očigledno program taj fail traži prilikom startovanja Windowsa. Evo slika sa mog računara i pogledaj da sam sve isključio. Samo sam ostavio na Enabled aktivator za Office 2016.

Capture.PNG


Zatim otvori Task Menager i pod karticim Startup pogledaj šta se pokreće sa Windowsom. Isključi sve osim antivirusnog programa.

Postoji i jedan veoma dobar program sa kojim možeš da manipulišeš StartUp programima.
Autorun Organizer 2.27

Kod:
http://www.chemtable.com/autorun-organizer.htm
 
Poslednja izmena:
Član
Učlanjen(a)
18.06.2012
Poruka
1.272
Zadnjih tjedan - dva kod paljenja kompa (Win 10 - pro, 64-bit, verzija 1607 iskače mi upozorenje o nedostajućem "rmhnotdc.dll" koji se nalazi na adresi (trebao bi) c:\Users\Korisnik\AppData\Local\Ujmedia\ ??

Pogledajte prilog 97681

Komp sam skenirao i AV nije ništa našao!
Pomagajte!

Windows 10 pro cista instalacija ali tog foldera nema!
Capture.PNG
 
UREDNIK
Učlanjen(a)
09.12.2009
Poruka
2.312
Emsisoft Emergency Kit - Version 10.0
Last update: 9/9/2015 1:15:09 PM
User account: HP\User1

Scan settings:

Scan type: Malware Scan
Objects: Rootkits, Memory, Traces, Files

Detect PUPs: On
Scan archives: Off
ADS Scan: On
File extension filter: Off
Advanced caching: On
Direct disk access: Off

Scan start: 9/9/2015 1:16:20 PM
C:\Users\User1\AppData\Local\UTmedia\physxnetwork80.dll detected: Gen:Variant.Symmi.55586 (
cool.png

C:\Users\User1\AppData\Local\Ujmedia\VorbisMobileInit.dll detected: Trojan.GenericKD.2666805 (
cool.png

Key: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\INTERNETENHANCER_RASAPI32 detected: Application.Toolbar (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\INTERNETENHANCER_RASMANCS detected: Application.Toolbar (A)
Value: HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLETASKMGR detected: Setting.DisableTaskMgr (A)
Value: HKEY_USERS\S-1-5-21-1121488030-2124472321-2874920969-1006\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLETASKMGR detected: Setting.DisableTaskMgr (A)
Value: HKEY_USERS\S-1-5-21-1121488030-2124472321-2874920969-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLETASKMGR detected: Setting.DisableTaskMgr (A)
Value: HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLEREGISTRYTOOLS detected: Setting.DisableRegistryTools (A)
Value: HKEY_USERS\S-1-5-21-1121488030-2124472321-2874920969-1006\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLEREGISTRYTOOLS detected: Setting.DisableRegistryTools (A)
Value: HKEY_USERS\S-1-5-21-1121488030-2124472321-2874920969-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLEREGISTRYTOOLS detected: Setting.DisableRegistryTools (A)
Value: HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER -> NORUN detected: Setting.NoRun (A)
Value: HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER -> NOFOLDEROPTIONS detected: Setting.NoFolderOptions (A)
C:\Users\User1\AppData\Local\Ujmedia\VorbisMobileInit.dll detected: Trojan.GenericKD.2666805 (
cool.png

C:\Users\User1\AppData\Local\UTmedia\physxnetwork80.dll detected: Gen:Variant.Symmi.55586 (
cool.png


Scanned 82460
Found 14

Scan end: 9/9/2015 1:22:37 PM
Scan time: 0:06:17

Value: HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER -> NOFOLDEROPTIONS Quarantined Setting.NoFolderOptions (A)
Value: HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER -> NORUN Quarantined Setting.NoRun (A)
Value: HKEY_USERS\S-1-5-21-1121488030-2124472321-2874920969-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLEREGISTRYTOOLS Quarantined Setting.DisableRegistryTools (A)
Value: HKEY_USERS\S-1-5-21-1121488030-2124472321-2874920969-1006\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLEREGISTRYTOOLS Quarantined Setting.DisableRegistryTools (A)
Value: HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLEREGISTRYTOOLS Quarantined Setting.DisableRegistryTools (A)
Value: HKEY_USERS\S-1-5-21-1121488030-2124472321-2874920969-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLETASKMGR Quarantined Setting.DisableTaskMgr (A)
Value: HKEY_USERS\S-1-5-21-1121488030-2124472321-2874920969-1006\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLETASKMGR Quarantined Setting.DisableTaskMgr (A)
Value: HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLETASKMGR Quarantined Setting.DisableTaskMgr (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\INTERNETENHANCER_RASMANCS Quarantined Application.Toolbar (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\INTERNETENHANCER_RASAPI32 Quarantined Application.Toolbar (A)

Quarantined 10
Mozda mu pomogne
Kod:
https://www.emsisoft.com/en/software/
 
Član
Učlanjen(a)
20.10.2009
Poruka
123
Hvala svima!
Izgleda da je Malwaresbytes sredio stvar ali tko će ga znati nakon svih tih komšijinih programa :)!
Kod zadnjeg restarta više ne traži taj dll!
Komšija, nisam ni ja imao taj dll kod instalacije. Lepo sam napisao da se kasnije "pojavio"! tražio sam sinu igrice i voila!
Hvala svima!
 
Natrag
Top