UJmedia - nedostajući dll

[Dubioza Kolektiv]

Postavi sliku Task Scheduler-a jer očigledno program taj fail traži prilikom startovanja Windowsa. Evo slika sa mog računara i pogledaj da sam sve isključio. Samo sam ostavio na Enabled aktivator za Office 2016.




Zatim otvori Task Menager i pod karticim Startup pogledaj šta se pokreće sa Windowsom. Isključi sve osim antivirusnog programa.

Postoji i jedan veoma dobar program sa kojim možeš da manipulišeš StartUp programima.
Autorun Organizer 2.27

http://www.chemtable.com/autorun-organizer.htm

 

[Komsija76]

Zadnjih tjedan - dva kod paljenja kompa (Win 10 - pro, 64-bit, verzija 1607 iskače mi upozorenje o nedostajućem "rmhnotdc.dll" koji se nalazi na adresi (trebao bi) c:\Users\Korisnik\AppData\Local\Ujmedia\ ??

Pogledajte prilog 97681

Komp sam skenirao i AV nije ništa našao!
Pomagajte!

Windows 10 pro cista instalacija ali tog foldera nema!

 

[Dubioza Kolektiv]

Ne može njemu ni dragi Bog da pomogne

 

[BUGILIJU]

Spojler: EmsiSoft

Emsisoft Emergency Kit - Version 10.0
Last update: 9/9/2015 1:15:09 PM
User account: HP\User1

Scan settings:

Scan type: Malware Scan
Objects: Rootkits, Memory, Traces, Files

Detect PUPs: On
Scan archives: Off
ADS Scan: On
File extension filter: Off
Advanced caching: On
Direct disk access: Off

Scan start: 9/9/2015 1:16:20 PM
C:\Users\User1\AppData\Local\UTmedia\physxnetwork80.dll detected: Gen:Variant.Symmi.55586 (

C:\Users\User1\AppData\Local\Ujmedia\VorbisMobileInit.dll detected: Trojan.GenericKD.2666805 (

Key: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\INTERNETENHANCER_RASAPI32 detected: Application.Toolbar (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\INTERNETENHANCER_RASMANCS detected: Application.Toolbar (A)
Value: HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLETASKMGR detected: Setting.DisableTaskMgr (A)
Value: HKEY_USERS\S-1-5-21-1121488030-2124472321-2874920969-1006\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLETASKMGR detected: Setting.DisableTaskMgr (A)
Value: HKEY_USERS\S-1-5-21-1121488030-2124472321-2874920969-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLETASKMGR detected: Setting.DisableTaskMgr (A)
Value: HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLEREGISTRYTOOLS detected: Setting.DisableRegistryTools (A)
Value: HKEY_USERS\S-1-5-21-1121488030-2124472321-2874920969-1006\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLEREGISTRYTOOLS detected: Setting.DisableRegistryTools (A)
Value: HKEY_USERS\S-1-5-21-1121488030-2124472321-2874920969-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLEREGISTRYTOOLS detected: Setting.DisableRegistryTools (A)
Value: HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER -> NORUN detected: Setting.NoRun (A)
Value: HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER -> NOFOLDEROPTIONS detected: Setting.NoFolderOptions (A)
C:\Users\User1\AppData\Local\Ujmedia\VorbisMobileInit.dll detected: Trojan.GenericKD.2666805 (

C:\Users\User1\AppData\Local\UTmedia\physxnetwork80.dll detected: Gen:Variant.Symmi.55586 (

Scanned 82460
Found 14

Scan end: 9/9/2015 1:22:37 PM
Scan time: 0:06:17

Value: HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER -> NOFOLDEROPTIONS Quarantined Setting.NoFolderOptions (A)
Value: HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER -> NORUN Quarantined Setting.NoRun (A)
Value: HKEY_USERS\S-1-5-21-1121488030-2124472321-2874920969-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLEREGISTRYTOOLS Quarantined Setting.DisableRegistryTools (A)
Value: HKEY_USERS\S-1-5-21-1121488030-2124472321-2874920969-1006\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLEREGISTRYTOOLS Quarantined Setting.DisableRegistryTools (A)
Value: HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLEREGISTRYTOOLS Quarantined Setting.DisableRegistryTools (A)
Value: HKEY_USERS\S-1-5-21-1121488030-2124472321-2874920969-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLETASKMGR Quarantined Setting.DisableTaskMgr (A)
Value: HKEY_USERS\S-1-5-21-1121488030-2124472321-2874920969-1006\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLETASKMGR Quarantined Setting.DisableTaskMgr (A)
Value: HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLETASKMGR Quarantined Setting.DisableTaskMgr (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\INTERNETENHANCER_RASMANCS Quarantined Application.Toolbar (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\INTERNETENHANCER_RASAPI32 Quarantined Application.Toolbar (A)

Quarantined 10

Mozda mu pomogne

https://www.emsisoft.com/en/software/

 

[Zekoslav]

Hvala svima!
Izgleda da je Malwaresbytes sredio stvar ali tko će ga znati nakon svih tih komšijinih programa !
Kod zadnjeg restarta više ne traži taj dll!
Komšija, nisam ni ja imao taj dll kod instalacije. Lepo sam napisao da se kasnije "pojavio"! tražio sam sinu igrice i voila!
Hvala svima!

 

[Komsija76]

Hvala svima!
Izgleda da je Malwaresbytes sredio stvar ali tko će ga znati nakon svih tih komšijinih programa !
Kod zadnjeg restarta više ne traži taj dll!
Komšija, nisam ni ja imao taj dll kod instalacije. Lepo sam napisao da se kasnije "pojavio"! tražio sam sinu igrice i voila!
Hvala svima!

Ha ha ha nema na cemu!