Problem sa pisanjem i brisanjem

Problem sa pisanjem i brisanjem

offline
  • Pridružio: 12 Jan 2016
  • Poruke: 2

Napisano: 13 Jan 2016 2:05

Елем, већ једно добро време, имам проблема са тиме да кад год кренем нешто да пишем после неког времена (било у бросверу или на ворду) се само од себе брише аутоматски нпр. где ставим курсор у средини реченице да нешто исправим или упишем, комп аутоматски брише остатак реченице као да сво време притискам делете.

Други проблем је и то што кад хоћу да селектујем неку иконицу мене спамује комп са прозором хоћу ли да обришем ту иконицу иако ништа нисам такнуо, као да сам опет притиснуо делете и то спамује добрих... 50 пута док нагло не престане.

Проверавао сам антивирус све, каже да нема ништа, антивирус ми је Аваст ал' бесплатна верзија па вероватно ништа не ради.

Такође имам неки чудан фолдер на партиципацији /D: назива се 494c086a90da1b66f1f6 за који каже да немам овлашћења као администратор да отварам или бришем и отприлике сва ова гњаважа са брисањем ми је кренула кад се овај појавио.

Колико сам се заразио и има ли лека докторе?

Dopuna: 13 Jan 2016 2:11

Мој провајдер је СББ, тип конекције преко кабловске са бежичним рутером брзина би требало да је 30/2 mb/s.

offline
  • Research Engineer @MalwareBytes
  • Pridružio: 09 Avg 2011
  • Poruke: 15874
  • Gde živiš: Beograd

Pozdrav,

Isprati temu i dostavi izvestaje

http://www.mycity.rs/Ambulanta/Kako-otvoriti-temu-u-Ambulanti.html

offline
  • Pridružio: 12 Jan 2016
  • Poruke: 2

Napisano: 13 Jan 2016 12:13

Пробао сам да скинем FARBAR за 32бит и антивирус ми је рекао да је у питању malware Win32:Evo-gen. Сад ћу пробати друго нешто да скинем.

Dopuna: 13 Jan 2016 12:37

Ок, ево извештаја сада:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:10-01-2015 01
Ran by Aleksandra (administrator) on ALEKSANDRA-PC (13-01-2016 12:32:04)
Running from C:\Users\Aleksandra\Downloads
Loaded Profiles: Aleksandra (Available Profiles: Aleksandra)
Platform: Microsoft Windows 7 Professional Service Pack 1 (X86) Language: English (United States)
Internet Explorer Version 8 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: geekstogo.com/forum/topic/335081-frst-t.....scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastUI.exe
(Valve Corporation) C:\Program Files\Steam\Steam.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Valve Corporation) C:\Program Files\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files\Common Files\Steam\SteamService.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastUI.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Alwil Software\Avast5\AvastUI.exe [7021880 2015-12-11] (AVAST Software)
Winlogon\Notify\ScCertProp: wlnotify.dll [X]
HKU\S-1-5-21-293515537-2267544596-1745357631-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [4556048 2015-02-27] (Disc Soft Ltd)
HKU\S-1-5-21-293515537-2267544596-1745357631-1000\...\Run: [Steam] => C:\Program Files\Steam\steam.exe [3013712 2015-12-14] (Valve Corporation)
HKU\S-1-5-21-293515537-2267544596-1745357631-1000\...\MountPoints2: {9b312649-72fa-11e5-98e5-00247e8f7d3f} - H:\blank.exe
HKU\S-1-5-21-293515537-2267544596-1745357631-1000\...\MountPoints2: {a063cb99-716e-11e5-9914-00247e8f7d3f} - G:\autoplay.exe
HKU\S-1-5-21-293515537-2267544596-1745357631-1000\...\MountPoints2: {fa143ad6-4d9f-11e5-9079-00247e8f7d3f} - F:\autorun.exe
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Alwil Software\Avast5\ashShell.dll [2015-12-11] (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 89.216.1.30 89.216.1.50
Tcpip\..\Interfaces\{328D85D4-3CBF-4217-8139-837FA2C48214}: [DhcpNameServer] 89.216.1.30 89.216.1.50
Tcpip\..\Interfaces\{6F00F17F-7E2F-47F8-8D33-29A437BEBD0E}: [DhcpNameServer] 192.168.22.2 192.168.16.2 10.100.7.2 10.100.200.2
Tcpip\..\Interfaces\{BC1730EA-6C19-4113-B9A1-5201E62A7805}: [NameServer] 10.85.64.173 10.85.64.174

Internet Explorer:
==================
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2015-11-30] (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2014-01-23] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-11-10] (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2015-06-16] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Aleksandra\AppData\Roaming\Mozilla\Firefox\Profiles\f2t2hxdn.default
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-27] (Adobe Systems Inc.)
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\Alwil Software\Avast5\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\Alwil Software\Avast5\WebRep\FF [2015-12-11]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\Alwil Software\Avast5\SafePrice\FF
FF Extension: Avast SafePrice - C:\Program Files\Alwil Software\Avast5\SafePrice\FF [2015-12-11]

Chrome:
=======
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\Aleksandra\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Aleksandra\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-08-31]
CHR Extension: (Google Docs) - C:\Users\Aleksandra\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-08-31]
CHR Extension: (Google Drive) - C:\Users\Aleksandra\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-23]
CHR Extension: (YouTube) - C:\Users\Aleksandra\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-26]
CHR Extension: (Google Search) - C:\Users\Aleksandra\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Qualys BrowserCheck for Windows) - C:\Users\Aleksandra\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejhnkognlohdkpjkjongioociddgoibk [2016-01-13]
CHR Extension: (Avast SafePrice) - C:\Users\Aleksandra\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2015-10-30]
CHR Extension: (Google Sheets) - C:\Users\Aleksandra\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-08-31]
CHR Extension: (Google Docs Offline) - C:\Users\Aleksandra\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-18]
CHR Extension: (AdBlock) - C:\Users\Aleksandra\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-01-09]
CHR Extension: (Avast Online Security) - C:\Users\Aleksandra\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-11-02]
CHR Extension: (Reddit Enhancement Suite) - C:\Users\Aleksandra\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb [2016-01-11]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Aleksandra\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-31]
CHR Extension: (Gmail) - C:\Users\Aleksandra\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-08-31]
CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\Alwil Software\Avast5\WebRep\Chrome\aswWebRepChromeSp.crx [2015-11-30]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\Alwil Software\Avast5\WebRep\Chrome\aswWebRepChrome.crx [2015-11-30]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [226440 2015-12-11] (AVAST Software)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1030928 2015-02-27] (Disc Soft Ltd)
R3 Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [836176 2015-12-14] (Valve Corporation) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
U4 AvastVBoxSvc; "C:\Program Files\Alwil Software\Avast5\ng\vbox\AvastVBoxSVC.exe" [X]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24016 2015-12-11] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [81168 2015-12-18] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81728 2015-12-11] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49776 2015-12-11] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [794952 2015-12-11] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436360 2015-12-18] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [117712 2015-12-11] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [209432 2015-12-11] (AVAST Software)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [25104 2015-10-13] (Disc Soft Ltd)
R3 RICOH SmartCard Reader; C:\Windows\System32\DRIVERS\rismc32.sys [47488 2006-10-03] (RICOH Company, Ltd.)
U4 VBoxAswDrv; \??\C:\Program Files\Alwil Software\Avast5\ng\vbox\VBoxAswDrv.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-01-13 12:32 - 2016-01-13 12:32 - 00010557 _____ C:\Users\Aleksandra\Downloads\FRST.txt
2016-01-13 12:31 - 2016-01-13 12:32 - 00000000 ____D C:\FRST
2016-01-13 12:30 - 2016-01-13 12:31 - 01721856 _____ (Farbar) C:\Users\Aleksandra\Downloads\FRST.exe
2016-01-13 01:12 - 2016-01-13 01:12 - 00000000 ____D C:\Users\Aleksandra\AppData\Roaming\Qualys
2016-01-13 01:06 - 2016-01-13 01:06 - 00000000 ____D C:\Program Files\Qualys
2016-01-13 01:05 - 2016-01-13 01:05 - 02196992 _____ C:\Users\Aleksandra\Downloads\qualys-browsercheck-1.9.47.1.msi
2016-01-03 21:29 - 2016-01-03 21:29 - 00000732 _____ C:\Users\Aleksandra\AppData\Local\recently-used.xbel
2016-01-03 19:54 - 2016-01-03 19:55 - 00017993 _____ C:\Users\Aleksandra\Downloads\[kat.cr]300.rise.of.an.empire.2014.1080p.bdrip.ac3.5.1ch.dual.audio.eng.hindi.boniin.torrent
2015-12-31 18:28 - 2015-12-31 18:29 - 17384623 _____ C:\Users\Aleksandra\Downloads\European_Armor_from_the_Imperial_Ottoman_Arsena.pdf
2015-12-31 18:28 - 2015-12-31 18:29 - 03017870 _____ C:\Users\Aleksandra\Downloads\8.pdf
2015-12-30 10:16 - 2015-12-30 10:17 - 00006301 _____ C:\Users\Aleksandra\Downloads\[Evil_Genius]Berserk_v39c343v2.rar.torrent
2015-12-29 11:35 - 2015-12-29 11:35 - 00355131 _____ C:\Users\Aleksandra\Downloads\milan_nedic_serbia_signature.pdf
2015-12-25 10:18 - 2015-12-25 10:18 - 01541247 _____ C:\Users\Aleksandra\Desktop\zakonik_o_krivicnom_postupku.pdf
2015-12-25 00:10 - 2016-01-12 10:05 - 00000083 _____ C:\Users\Aleksandra\Desktop\New Text Document.txt
2015-12-22 23:25 - 2015-12-22 23:26 - 18654063 _____ C:\Users\Aleksandra\Downloads\armii_mongolo-tatar.pdf
2015-12-22 23:21 - 2015-12-22 23:21 - 01583851 _____ C:\Users\Aleksandra\Downloads\Timurid-Armours-Beginners-Kit-Guide.pdf
2015-12-22 23:20 - 2015-12-22 23:21 - 01199199 _____ C:\Users\Aleksandra\Downloads\Rus-Armours-13th-14th-centuries-Beginners-kit-guide.pdf
2015-12-17 17:19 - 2015-12-17 17:25 - 205702107 _____ C:\Users\Aleksandra\Downloads\Bohurt.zip
2015-12-17 15:43 - 2016-01-02 10:51 - 00000000 ____D C:\Users\Aleksandra\Desktop\Bohurt

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-01-13 12:31 - 2009-07-14 03:37 - 00000000 ____D C:\Windows
2016-01-13 11:49 - 2015-08-31 08:37 - 00000886 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-01-13 11:36 - 2009-07-14 05:34 - 00022016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-01-13 11:36 - 2009-07-14 05:34 - 00022016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-01-13 11:21 - 2015-10-14 13:08 - 00000000 ____D C:\Program Files\Steam
2016-01-13 11:20 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-01-09 00:48 - 2015-08-28 14:24 - 00000000 ____D C:\Users\Aleksandra\AppData\Local\Deployment
2016-01-03 19:58 - 2010-11-20 22:01 - 00793234 _____ C:\Windows\system32\PerfStringBackup.INI
2016-01-03 19:58 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\inf
2016-01-03 19:57 - 2015-10-14 07:25 - 00000000 ____D C:\Users\Aleksandra\AppData\Roaming\deluge
2015-12-19 02:32 - 2015-10-14 13:08 - 00000000 ____D C:\Program Files\Common Files\Steam
2015-12-19 01:12 - 2015-10-02 11:38 - 00000000 ___SD C:\Windows\system32\GWX
2015-12-18 19:39 - 2015-08-31 08:18 - 00436360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2015-12-18 19:39 - 2015-08-31 08:18 - 00081168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswmonflt.sys
2015-12-17 10:04 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\rescache

==================== Files in the root of some directories =======

2016-01-03 21:29 - 2016-01-03 21:29 - 0000732 _____ () C:\Users\Aleksandra\AppData\Local\recently-used.xbel

Some files in TEMP:
====================
C:\Users\Aleksandra\AppData\Local\Temp\drm_dialogs.dll
C:\Users\Aleksandra\AppData\Local\Temp\drm_dyndata_7350008.dll
C:\Users\Aleksandra\AppData\Local\Temp\W2PLupdater.exe
C:\Users\Aleksandra\AppData\Local\Temp\wartool.exe
C:\Users\Aleksandra\AppData\Local\Temp\_is2010.exe
C:\Users\Aleksandra\AppData\Local\Temp\_is2C6F.exe
C:\Users\Aleksandra\AppData\Local\Temp\_is32B6.exe
C:\Users\Aleksandra\AppData\Local\Temp\_is3D30.exe
C:\Users\Aleksandra\AppData\Local\Temp\_is475D.exe
C:\Users\Aleksandra\AppData\Local\Temp\_is4F3B.exe
C:\Users\Aleksandra\AppData\Local\Temp\_is710C.exe
C:\Users\Aleksandra\AppData\Local\Temp\_is80C5.exe
C:\Users\Aleksandra\AppData\Local\Temp\_is97CE.exe
C:\Users\Aleksandra\AppData\Local\Temp\_is9A7C.exe
C:\Users\Aleksandra\AppData\Local\Temp\_isF9DB.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-01-09 13:50

==================== End of FRST.txt ============================
mycity.rs/must-login.png

offline
  • Research Engineer @MalwareBytes
  • Pridružio: 09 Avg 2011
  • Poruke: 15874
  • Gde živiš: Beograd

Izvestaji ne pokazuju tragove aktivne infekcije na tvom racunaru. Ono sto mislim da je problem jeste ili defektan touchpad na tvom laptopu ili kako sam video nisu instalirani odgovarajuci drajveri.

Posto u Ambulanti resavamo samo probleme uzrokovane malverom, savetujem ti da otvoris temu u forumu Drajveri, pritom prateci ovo uputstvo:

http://www.mycity.rs/Drajveri/Kako-otvoriti-temu-u-forumu-Drajveri.html

Ko je trenutno na forumu
 

Ukupno su 501 korisnika na forumu :: 27 registrovanih, 4 sakrivenih i 470 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 1567 - dana 15 Jul 2016 19:18

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: A.R.Chafee.Jr., amir3045, Apok, bojan313, cicus91, djonsule, dragon986, dulentse, feniks1, goxin, indja2, ivance95, Kožedub, Markoni29, mean_machine, misa1xx, mnn2, PiterSelers, RJ, royst33, S-lash, Siniša Guša, stalker2, t84dar, Viceroy2, VJ, vlvl