continuous warning about malware, "img.virus.analytics"

[REDACTED]

Hi everyone,

I have the same problem in this topic stared this afternoon:
[https://forum.avast.com/index.php?topic=164774.0]

"This afternoon I keep getting the same warning about malware.
I have copied the URL (with a change in the address): hXXp://img.virus.analytics.com/js/adr.js?071b83

It pops up every few minutes, or even seconds.

I am not trying to access any new or strange websites"

There is in the topic all the logfile

[essexboy]

Please uninstall YAC(Yet Another Cleaner!)  first

CAUTION :  This fix is only valid for this specific machine, using it on another may break your computer

Open notepad and copy/paste the text in the quotebox below into it:
 

CreateRestorePoint:
R2 iSafeService; C:\Program Files\Elex-tech\YAC\iSafeSvc.exe [120128 2015-01-15] (Elex do Brasil Participações Ltda)
R2 winzipersvc; C:\Program Files\WinZipper\winzipersvc.exe [424624 2015-01-12] (Taiwan Shui Mu Chih Ching Technology Limited.) <==== ATTENTION
R1 iSafeKrnl; C:\Program Files\Elex-tech\YAC\iSafeKrnl.sys [215336 2015-01-15] (Elex do Brasil Participações Ltda)
S3 iSafeKrnlBoot; C:\Windows\System32\DRIVERS\iSafeKrnlBoot.sys [40744 2015-01-15] (Elex do Brasil Participações Ltda)
R1 iSafeKrnlKit; C:\Program Files\Elex-tech\YAC\iSafeKrnlKit.sys [83112 2015-01-15] (Elex do Brasil Participações Ltda)
R1 iSafeKrnlMon; C:\Program Files\Elex-tech\YAC\iSafeKrnlMon.sys [34856 2015-01-15] (Elex do Brasil Participações Ltda)
R1 iSafeKrnlR3; C:\Program Files\Elex-tech\YAC\iSafeKrnlR3.sys [63400 2015-01-15] (Elex do Brasil Participações Ltda)
R1 iSafeNetFilter; C:\Windows\System32\DRIVERS\iSafeNetFilter.sys [44712 2015-01-03] (Elex do Brasil Participações Ltda)
2015-01-15 17:23 - 2015-01-15 17:23 - 00000000 ____D () C:\Users\Riccardo\AppData\Roaming\Elex-tech
2015-01-15 17:23 - 2015-01-15 17:23 - 00000000 ____D () C:\Program Files\Elex-tech
2015-01-15 17:23 - 2015-01-15 07:51 - 00040744 _____ (Elex do Brasil Participações Ltda) C:\Windows\system32\Drivers\iSafeKrnlBoot.sys
2015-01-15 17:23 - 2015-01-03 09:56 - 00044712 _____ (Elex do Brasil Participações Ltda) C:\Windows\system32\Drivers\iSafeNetFilter.sys
2015-01-15 17:05 - 2015-01-15 17:05 - 00000000 ____D () C:\Users\Riccardo\AppData\Local\Temp{A37DD576-C0A2-49BA-A654-56ED824F2556}
2015-01-03 09:17 - 2015-01-03 09:17 - 00000000 __SHD () C:\Users\Riccardo\AppData\Local\EmieBrowserModeList
2015-01-15 14:55 - 2014-12-12 08:10 - 00000000 ____D () C:\Users\Riccardo\AppData\Roaming\WinZipper
C:\Program Files\WinZipper
EmptyTemp:
CMD: bitsadmin /reset /allusers

 
Save this as fixlist.txt, in the same location as FRST.exe

Run FRST and press Fix
On completion a log will be generated please post that

THEN

Please download AdwCleaner by Xplode onto your desktop.

• Close all open programs and internet browsers.
• Double click on AdwCleaner.exe to run the tool.
  
• Click on Scan.
  
• After the scan is complete click on "Clean"
• Confirm each time with Ok.
  
• Your computer will be rebooted automatically. A text file will open after the restart.
• Please post the content of that logfile with your next answer.
• You can find the logfile at C:\AdwCleaner[S1].txt as well.
  

[REDACTED]

Thanks for the reply =) I think the problem is solved!

Here the logs

[essexboy]

Did you uninstall YAC ?  Any further problems