Kontrola - reklamy, nelze zapnout windows defender atd.

[Tesla]

Prosím o akutní kontrolu.

Nemohu zapnout windows defender, objevují se reklamy v prohlížeči a náhodně se zapínají nová okna. "Normální" stránky se otevírají cca 1 minutu. Děkuji mnohokrát předem.

RSIT:

rsit.zip

(34.62 KiB) Staženo 139 x

[Rudy]

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

[Tesla]

Děkuji. Prohlížeč vypadá lépe... Defender stále nereáguje a nezle zapnout.

Log:

# AdwCleaner v5.003 - Logfile created 22/08/2015 at 18:07:58
# Updated 20/08/2015 by Xplode
# Database : 2015-08-20.1 [Server]
# Operating system : Windows 10 Pro (x64)
# Username : Jan Tesla - TESLA
# Running from : C:\Users\Jan Tesla\Downloads\adwcleaner_5.003.exe
# Option : Cleaning

***** [ Services ] *****


***** [ Folders ] *****

[-] Folder Deleted : C:\Program Files (x86)\Uniblue
[-] Folder Deleted : C:\ProgramData\Uniblue
[-] Folder Deleted : C:\Users\Jan Tesla\AppData\Roaming\pdfforge
[-] Folder Deleted : C:\Users\Jan Tesla\AppData\Roaming\cpuminer

***** [ Files ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****

[-] Task Deleted : amiupdaterExd
[-] Task Deleted : amiupdaterExi

***** [ Registry ] *****

[-] Key Deleted : HKLM\SOFTWARE\Classes\driverscanner
[-] Key Deleted : HKCU\Software\91b05463e48e428e1c30eab27de7efe1
[-] Key Deleted : HKCU\Software\distromatic
[-] Key Deleted : HKLM\SOFTWARE\Uniblue
[!] Key Not Deleted : [x64] HKCU\Software\distromatic
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\gpuminer

***** [ Web browsers ] *****

[-] [C:\Users\Jan Tesla\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Homepage] Deleted :
[-] [C:\Users\Jan Tesla\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Startup_URLs] Deleted : hxxp://www.trovi.com/?gd=&ctid=CT3319598&octid ... oogle.com/

*************************

:: Proxy settings cleared
:: Winsock settings cleared

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [1679 bytes] ##########

[Rudy]

Dejte nový log RSIT.

[Tesla]

log.zip

(23.61 KiB) Staženo 139 x

[Rudy]

Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:

:files
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\SECOH-QAD.exe
C:\Windows\SECOH-QAD.dll

:reg
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=-

:commands
[Purity]
[Emptytemp]
[Emptyflash]

a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.

[Tesla]

RSIT:

log.zip

(20.56 KiB) Staženo 138 x

OTM:

All processes killed
========== FILES ==========
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job moved successfully.
C:\Windows\SECOH-QAD.exe moved successfully.
LoadLibrary failed for C:\Windows\SECOH-QAD.dll
C:\Windows\SECOH-QAD.dll moved successfully.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Jan Tesla
->Temp folder emptied: 434297755 bytes
->Temporary Internet Files folder emptied: 7341025 bytes
->Java cache emptied: 48333 bytes
->FireFox cache emptied: 4001149 bytes
->Google Chrome cache emptied: 23484916 bytes
->Flash cache emptied: 507 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 20732773 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 467,00 mb


[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: Jan Tesla
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0,00 mb


OTM by OldTimer - Version 3.1.21.0 log created on 08222015_205242

Files moved on Reboot...
C:\Users\Jan Tesla\AppData\Local\Microsoft\Windows\INetCache\IE\9GKXWI66\index[1].htm moved successfully.
C:\Users\Jan Tesla\AppData\Local\Microsoft\Windows\INetCache\IE\5EQQNXZC\bounce[5].htm moved successfully.
C:\Users\Jan Tesla\AppData\Local\Microsoft\Windows\INetCache\IE\5EQQNXZC\bounce[6].htm moved successfully.
File C:\Users\Jan Tesla\AppData\Local\Microsoft\Windows\INetCache\IE\5EQQNXZC\bounce[8].htm not found!
File C:\Users\Jan Tesla\AppData\Local\Microsoft\Windows\INetCache\IE\5EQQNXZC\if[2].htm not found!
C:\Users\Jan Tesla\AppData\Local\Microsoft\Windows\INetCache\counters.dat moved successfully.
File move failed. C:\Windows\temp\winsec.log scheduled to be moved on reboot.

Registry entries deleted on Reboot...

[Rudy]

Dvouklikem na soubor C:\Program Files\trend micro\Jan Tesla.exe spusťte HijackThis. Klikněte na "Do a system scan only" a v otevřeném okně vlevo ve čtverečcích zaškrtněte:

O9 - Extra button: (no name) - {2670000A-7350-4f3c-8081-5663EE0C6C49} - (no file)
O9 - Extra button: (no name) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - (no file)
O9 - Extra button: (no name) - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - (no file)

Klikněte na >FixChecked<. Pak znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Nakonec restartujte PC.

[Tesla]

Provedeno, děkuji. Nevím jestli je to čisté, nicméně windows defender se se mnou stále nebaví.

[Rudy]

Udělejte ještě kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte.

[Tesla]

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 22.08.2015
Čas skenování: 23:04
Protokol:
Správce: Ano

Verze: 2.1.8.1057
Databáze malwaru: v2015.08.22.04
Databáze rootkitů: v2015.08.16.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto

OS: Windows 10
CPU: x64
Souborový systém: NTFS
Uživatel: Jan Tesla

Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 391241
Uplynulý čas: 4 min, 6 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 1
PUP.Optional.Winsock.HijackBoot, C:\Program Files (x86)\Security\winsec.exe, 2652, , [b923aa610e7de4520eba130804ff6c94]

Moduly: 8
PUP.Optional.Winsock.HijackBoot, C:\Program Files (x86)\Security\freebl3.dll, , [b923aa610e7de4520eba130804ff6c94],
PUP.Optional.Winsock.HijackBoot, C:\Program Files (x86)\Security\libnspr4.dll, , [b923aa610e7de4520eba130804ff6c94],
PUP.Optional.Winsock.HijackBoot, C:\Program Files (x86)\Security\libplc4.dll, , [b923aa610e7de4520eba130804ff6c94],
PUP.Optional.Winsock.HijackBoot, C:\Program Files (x86)\Security\libplds4.dll, , [b923aa610e7de4520eba130804ff6c94],
PUP.Optional.Winsock.HijackBoot, C:\Program Files (x86)\Security\nss3.dll, , [b923aa610e7de4520eba130804ff6c94],
PUP.Optional.Winsock.HijackBoot, C:\Program Files (x86)\Security\nssutil3.dll, , [b923aa610e7de4520eba130804ff6c94],
PUP.Optional.Winsock.HijackBoot, C:\Program Files (x86)\Security\securecert.dll, , [b923aa610e7de4520eba130804ff6c94],
PUP.Optional.Winsock.HijackBoot, C:\Program Files (x86)\Security\smime3.dll, , [b923aa610e7de4520eba130804ff6c94],

Klíče registru: 43
PUP.Optional.Winsock.HijackBoot, HKLM\SOFTWARE\CLASSES\TYPELIB\{076E04CC-4724-463B-93E5-91F380B7994D}, , [b923aa610e7de4520eba130804ff6c94],
PUP.Optional.Winsock.HijackBoot, HKLM\SOFTWARE\CLASSES\INTERFACE\{1B21BFBC-76DB-4F3D-A3DD-FF888303F508}, , [b923aa610e7de4520eba130804ff6c94],
PUP.Optional.Winsock.HijackBoot, HKLM\SOFTWARE\CLASSES\INTERFACE\{1EA9A3A2-187D-4677-A977-F5772B522EEC}, , [b923aa610e7de4520eba130804ff6c94],
PUP.Optional.Winsock.HijackBoot, HKLM\SOFTWARE\CLASSES\INTERFACE\{333F4E89-5038-4A40-AA3A-24BBC6C46945}, , [b923aa610e7de4520eba130804ff6c94],
PUP.Optional.Winsock.HijackBoot, HKLM\SOFTWARE\CLASSES\INTERFACE\{34C537D4-7674-409D-9194-2477AD86EDB9}, , [b923aa610e7de4520eba130804ff6c94],
PUP.Optional.Winsock.HijackBoot, HKLM\SOFTWARE\CLASSES\INTERFACE\{34FCF588-BB52-437B-9FCE-99AA05C65AF2}, , [b923aa610e7de4520eba130804ff6c94],
PUP.Optional.Winsock.HijackBoot, HKLM\SOFTWARE\CLASSES\INTERFACE\{47639A3C-4804-42E6-8877-15A580BD5954}, , [b923aa610e7de4520eba130804ff6c94],
PUP.Optional.Winsock.HijackBoot, HKLM\SOFTWARE\CLASSES\INTERFACE\{54C173EE-3D6D-4A1F-BFFF-22494BFF33A2}, , [b923aa610e7de4520eba130804ff6c94],
PUP.Optional.Winsock.HijackBoot, HKLM\SOFTWARE\CLASSES\INTERFACE\{6CDFD904-ED2F-4D90-B78B-A39CC53C9964}, , [b923aa610e7de4520eba130804ff6c94],
PUP.Optional.Winsock.HijackBoot, HKLM\SOFTWARE\CLASSES\INTERFACE\{86F40C0E-FC07-42FF-A2F5-AFB0C7F8871C}, , [b923aa610e7de4520eba130804ff6c94],
PUP.Optional.Winsock.HijackBoot, HKLM\SOFTWARE\CLASSES\INTERFACE\{C05E4A96-4295-4E69-A106-53EDD3CDF8D1}, , [b923aa610e7de4520eba130804ff6c94],
PUP.Optional.Winsock.HijackBoot, HKLM\SOFTWARE\CLASSES\INTERFACE\{C511AEC2-DD44-49B2-9927-5F9509BA27F9}, , [b923aa610e7de4520eba130804ff6c94],
PUP.Optional.Winsock.HijackBoot, HKLM\SOFTWARE\CLASSES\INTERFACE\{E58A7B44-ED8A-4513-896C-639920ACD1C4}, , [b923aa610e7de4520eba130804ff6c94],
PUP.Optional.Winsock.HijackBoot, HKLM\SOFTWARE\CLASSES\INTERFACE\{F23A9C1E-593E-4396-97E7-B69039CC767A}, , [b923aa610e7de4520eba130804ff6c94],
PUP.Optional.Winsock.HijackBoot, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{1B21BFBC-76DB-4F3D-A3DD-FF888303F508}, , [b923aa610e7de4520eba130804ff6c94],
PUP.Optional.Winsock.HijackBoot, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{1EA9A3A2-187D-4677-A977-F5772B522EEC}, , [b923aa610e7de4520eba130804ff6c94],
PUP.Optional.Winsock.HijackBoot, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{333F4E89-5038-4A40-AA3A-24BBC6C46945}, , [b923aa610e7de4520eba130804ff6c94],
PUP.Optional.Winsock.HijackBoot, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{34C537D4-7674-409D-9194-2477AD86EDB9}, , [b923aa610e7de4520eba130804ff6c94],
PUP.Optional.Winsock.HijackBoot, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{34FCF588-BB52-437B-9FCE-99AA05C65AF2}, , [b923aa610e7de4520eba130804ff6c94],
PUP.Optional.Winsock.HijackBoot, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{47639A3C-4804-42E6-8877-15A580BD5954}, , [b923aa610e7de4520eba130804ff6c94],
PUP.Optional.Winsock.HijackBoot, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{54C173EE-3D6D-4A1F-BFFF-22494BFF33A2}, , [b923aa610e7de4520eba130804ff6c94],
PUP.Optional.Winsock.HijackBoot, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{6CDFD904-ED2F-4D90-B78B-A39CC53C9964}, , [b923aa610e7de4520eba130804ff6c94],
PUP.Optional.Winsock.HijackBoot, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{86F40C0E-FC07-42FF-A2F5-AFB0C7F8871C}, , [b923aa610e7de4520eba130804ff6c94],
PUP.Optional.Winsock.HijackBoot, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{C05E4A96-4295-4E69-A106-53EDD3CDF8D1}, , [b923aa610e7de4520eba130804ff6c94],
PUP.Optional.Winsock.HijackBoot, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{C511AEC2-DD44-49B2-9927-5F9509BA27F9}, , [b923aa610e7de4520eba130804ff6c94],
PUP.Optional.Winsock.HijackBoot, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{E58A7B44-ED8A-4513-896C-639920ACD1C4}, , [b923aa610e7de4520eba130804ff6c94],
PUP.Optional.Winsock.HijackBoot, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{F23A9C1E-593E-4396-97E7-B69039CC767A}, , [b923aa610e7de4520eba130804ff6c94],
PUP.Optional.Winsock.HijackBoot, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{1B21BFBC-76DB-4F3D-A3DD-FF888303F508}, , [b923aa610e7de4520eba130804ff6c94],
PUP.Optional.Winsock.HijackBoot, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{1EA9A3A2-187D-4677-A977-F5772B522EEC}, , [b923aa610e7de4520eba130804ff6c94],
PUP.Optional.Winsock.HijackBoot, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{333F4E89-5038-4A40-AA3A-24BBC6C46945}, , [b923aa610e7de4520eba130804ff6c94],
PUP.Optional.Winsock.HijackBoot, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{34C537D4-7674-409D-9194-2477AD86EDB9}, , [b923aa610e7de4520eba130804ff6c94],
PUP.Optional.Winsock.HijackBoot, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{34FCF588-BB52-437B-9FCE-99AA05C65AF2}, , [b923aa610e7de4520eba130804ff6c94],
PUP.Optional.Winsock.HijackBoot, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{47639A3C-4804-42E6-8877-15A580BD5954}, , [b923aa610e7de4520eba130804ff6c94],
PUP.Optional.Winsock.HijackBoot, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{54C173EE-3D6D-4A1F-BFFF-22494BFF33A2}, , [b923aa610e7de4520eba130804ff6c94],
PUP.Optional.Winsock.HijackBoot, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{6CDFD904-ED2F-4D90-B78B-A39CC53C9964}, , [b923aa610e7de4520eba130804ff6c94],
PUP.Optional.Winsock.HijackBoot, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{86F40C0E-FC07-42FF-A2F5-AFB0C7F8871C}, , [b923aa610e7de4520eba130804ff6c94],
PUP.Optional.Winsock.HijackBoot, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{C05E4A96-4295-4E69-A106-53EDD3CDF8D1}, , [b923aa610e7de4520eba130804ff6c94],
PUP.Optional.Winsock.HijackBoot, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{C511AEC2-DD44-49B2-9927-5F9509BA27F9}, , [b923aa610e7de4520eba130804ff6c94],
PUP.Optional.Winsock.HijackBoot, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{E58A7B44-ED8A-4513-896C-639920ACD1C4}, , [b923aa610e7de4520eba130804ff6c94],
PUP.Optional.Winsock.HijackBoot, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{F23A9C1E-593E-4396-97E7-B69039CC767A}, , [b923aa610e7de4520eba130804ff6c94],
PUP.Optional.Winsock.HijackBoot, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{076E04CC-4724-463B-93E5-91F380B7994D}, , [b923aa610e7de4520eba130804ff6c94],
PUP.Optional.Winsock.HijackBoot, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{076E04CC-4724-463B-93E5-91F380B7994D}, , [b923aa610e7de4520eba130804ff6c94],
PUP.Optional.Winsock.HijackBoot, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\winsec, , [b923aa610e7de4520eba130804ff6c94],

Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 1
PUP.Optional.Winsock.HijackBoot, C:\Program Files (x86)\Security, , [b923aa610e7de4520eba130804ff6c94],

Soubory: 23
Trojan.Crypt, C:\Windows\SysWOW64\KBDINORIC.dll, , [2dafdd2ed8b3b482d943993a738efb05],
PUP.Optional.Winsock.HijackBoot, C:\Program Files (x86)\Security\winsec.tlb, , [b923aa610e7de4520eba130804ff6c94],
PUP.Optional.Winsock.HijackBoot, C:\Program Files (x86)\Security\freebl3.dll, , [b923aa610e7de4520eba130804ff6c94],
PUP.Optional.Winsock.HijackBoot, C:\Program Files (x86)\Security\libnspr4.dll, , [b923aa610e7de4520eba130804ff6c94],
PUP.Optional.Winsock.HijackBoot, C:\Program Files (x86)\Security\libplc4.dll, , [b923aa610e7de4520eba130804ff6c94],
PUP.Optional.Winsock.HijackBoot, C:\Program Files (x86)\Security\libplds4.dll, , [b923aa610e7de4520eba130804ff6c94],
PUP.Optional.Winsock.HijackBoot, C:\Program Files (x86)\Security\nss3.dll, , [b923aa610e7de4520eba130804ff6c94],
PUP.Optional.Winsock.HijackBoot, C:\Program Files (x86)\Security\nssckbi.dll, , [b923aa610e7de4520eba130804ff6c94],
PUP.Optional.Winsock.HijackBoot, C:\Program Files (x86)\Security\nssdbm3.dll, , [b923aa610e7de4520eba130804ff6c94],
PUP.Optional.Winsock.HijackBoot, C:\Program Files (x86)\Security\nssutil3.dll, , [b923aa610e7de4520eba130804ff6c94],
PUP.Optional.Winsock.HijackBoot, C:\Program Files (x86)\Security\secure.dll, , [b923aa610e7de4520eba130804ff6c94],
PUP.Optional.Winsock.HijackBoot, C:\Program Files (x86)\Security\secure64.dll, , [b923aa610e7de4520eba130804ff6c94],
PUP.Optional.Winsock.HijackBoot, C:\Program Files (x86)\Security\securecert.dll, , [b923aa610e7de4520eba130804ff6c94],
PUP.Optional.Winsock.HijackBoot, C:\Program Files (x86)\Security\security.exe, , [b923aa610e7de4520eba130804ff6c94],
PUP.Optional.Winsock.HijackBoot, C:\Program Files (x86)\Security\security.ini, , [b923aa610e7de4520eba130804ff6c94],
PUP.Optional.Winsock.HijackBoot, C:\Program Files (x86)\Security\security64.exe, , [b923aa610e7de4520eba130804ff6c94],
PUP.Optional.Winsock.HijackBoot, C:\Program Files (x86)\Security\smime3.dll, , [b923aa610e7de4520eba130804ff6c94],
PUP.Optional.Winsock.HijackBoot, C:\Program Files (x86)\Security\softokn3.dll, , [b923aa610e7de4520eba130804ff6c94],
PUP.Optional.Winsock.HijackBoot, C:\Program Files (x86)\Security\sqlite3.dll, , [b923aa610e7de4520eba130804ff6c94],
PUP.Optional.Winsock.HijackBoot, C:\Program Files (x86)\Security\ssl3.dll, , [b923aa610e7de4520eba130804ff6c94],
PUP.Optional.Winsock.HijackBoot, C:\Program Files (x86)\Security\winsec.exe, , [b923aa610e7de4520eba130804ff6c94],
Trojan.Agent.Gen, C:\Users\Jan Tesla\AppData\LocalGHGVdrOfmr..exe, , [766618f3474484b2e0a02229ed16837d],
Trojan.Agent.Gen, C:\Users\Jan Tesla\AppData\LocalpEdUKiHRhC.exe, , [08d4c942f19a1b1b0878dd6eff0455ab],

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)


(end)

[Rudy]

Všechny nálezy smažte.

[Tesla]

Vyčištěno, defender reáguje na kliknutí, ale stále se tváří, jako bych měl spuštěný jiný software na ochranu, což jsem samozřejmě nedělal....

[Rudy]

Žádný jiný tam nevidím (i když by tam měl být). Windef není plnohodnotný antivir. Jak se to projevuje a od kdy vám to dělá?

[Tesla]

Stahoval jsem náš školní software pře VPN. Projevuje se to tak, že když zapnu v ovladačích defender, napíše to, že už podobný program existuje a mám ho vypnout. Není plnohodnotný, ale zatím mi přes něj neprošlo nic kromě adware...