Elex-tech

Zpráva

koub · #1 Příspěvek od **koub** » 15 bře 2017 21:14

Zdravím, mám problém s viry v PC, nějak se mi tam dostal s nějakým free softwarem a nevím jak s ním ven. Někde jsem se dočetl, a byl mi doporučen JRT.
Tak klasicky stáhnu, pustím jako správce a hle! něco to našlo a odstranilo. Problém je ovšel u třech souborů (složek), které odstranit nedokáže a ani mě manuálně to nejde.
Tady je log z programu:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.2 (03.10.2017)
Operating System: Windows 10 Home x64
Ran by kubar (Administrator) on st 15. 03. 2017 at 21:01:21,24
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

File System: 3

Failed to delete: C:\Users\kubar\AppData\Roaming\elex-tech (Folder)
Failed to delete: C:\Windows\system32\drivers\isafenetfilter.sys (File)
Failed to delete: C:\Program Files (x86)\elex-tech (Folder)

Registry: 7

Failed to delete: HKLM\SYSTEM\CurrentControlSet\services\iSafeKrnl (Registry Key)
Failed to delete: HKLM\SYSTEM\CurrentControlSet\services\iSafeKrnlBoot (Registry Key)
Failed to delete: HKLM\SYSTEM\CurrentControlSet\services\iSafeKrnlKit (Registry Key)
Failed to delete: HKLM\SYSTEM\CurrentControlSet\services\iSafeKrnlR3 (Registry Key)
Failed to delete: HKLM\SYSTEM\CurrentControlSet\services\iSafeNetFilter (Registry Key)
Failed to delete: HKLM\SYSTEM\CurrentControlSet\services\iSafeService (Registry Key)
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B79D4439-0DF3-4135-AE13-9C9E4387437C} (Registry Key)

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on st 15. 03. 2017 at 21:02:02,78
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Nevíte co s tím? fakt si nevím rady a bojím se stahovat další freeware odstraňovač abych si toho nenatáhl ještě víc.
Btw. Mám teď nově nainstalovanou Aviru, které je toto úplně šumák. U windows defendru mě to nepřekvapuje, ale u Aviri celkem ano. Je to normální?

#2 Příspěvek od **Rudy** » 15 bře 2017 22:06

Zdravím!
Junkware neodstranil nic. Všude je "Failed to delete". Máte profil s plnými právy?. Pokud ano, dejte log FRST: http://forum.viry.cz/viewtopic.php?f=13&t=133100 .

koub · #3 Příspěvek od **koub** » 16 bře 2017 16:33

Postupoval jsem dle návodu ale výsledek obsahuje více znaků, než je tu povoleno, takže jsem to nahrál v archivu. Pokud to vadí, klidně to rozkouskuji a nahraji na vícekrát, ale takto mi to přijde lepší (hlavně přehlednější)

#4 Příspěvek od **Rudy** » 16 bře 2017 18:04

Není třeba. Otevřte poznámkový blok a zkopírujte do něj:

Start
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation)
HKU\S-1-5-21-495495518-1249904075-3165854488-1001\...\MountPoints2: {f626bf78-eef9-11e6-8230-c48e8f8122ca} - "F:\setup.exe"
IFEO\taskmgr.exe: [Debugger]
ShellExecuteHooks: No Name - {7F7806D8-DE44-11E6-82D2-64006A5CFC23} - C:\Users\kubar\AppData\Roaming\Kaphghibapy\Grefaph.dll -> No File
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKU\S-1-5-21-495495518-1249904075-3165854488-1001 -> {B79D4439-0DF3-4135-AE13-9C9E4387437C} URL = hxxp://www-searching.com/s.ashx?prd=opensearch&q={searchTerms}&s=H2Azamobl20603AU,2f18c99d-2ca8-46e1-b5e7-db88961a4ba2,
Edge HomeButtonPage: HKU\S-1-5-21-495495518-1249904075-3165854488-1001 -> hxxp://www.amisites.com/?type=hp&ts=1486382460 ... 339DS339DS
CHR HomePage: ChromeDefaultData -> hxxp://www.luckysearch123.com?type=hp&ts=14894 ... 6e7g2bdtat
CHR StartupUrls: ChromeDefaultData -> "hxxp://www.luckysearch123.com?type=hp&ts=14894 ... 6e7g2bdtat"
CHR DefaultSearchURL: ChromeDefaultData -> hxxp://www.luckysearch123.com/search.php?type= ... earchTerms}
CHR DefaultSearchKeyword: ChromeDefaultData -> luck
CHR Profile: C:\Users\kubar\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2017-03-15] <==== ATTENTION
HKU\S-1-5-21-495495518-1249904075-3165854488-1001\...\StartMenuInternet\ChromeHTML: -> C:\Program Files (x86)\Cansuck\Application\chrome.exe (Google Inc.) <==== ATTENTION
S2 Themes; C:\Windows\system32\themeservice.dll [70656 2016-07-16] (Microsoft Corporation) [DependOnService: iThemes5]<==== ATTENTION
S2 WinSnare; C:\Users\kubar\AppData\Roaming\WinSnare\WinSnare.dll [779776 2017-02-08] (InterSect Alliance Pty Ltd) [File not signed] <==== ATTENTION
S2 CansuckSU; "C:\Users\kubar\AppData\Local\Temp\1\Bfinstall.exe" /i [X] <==== ATTENTION
S2 Protecultsakt; C:\Program Files (x86)\Newughikeing\PlpVerfier.dll [X]
R1 iSafeKrnl; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnl.sys [262344 2016-05-23] (Elex do Brasil Participações Ltda)
S3 iSafeKrnlBoot; C:\Windows\System32\DRIVERS\iSafeKrnlBoot.sys [55056 2016-05-23] (Elex do Brasil Participações Ltda)
S1 iSafeKrnlKit; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlKit.sys [110112 2016-05-23] (Elex do Brasil Participações Ltda)
R1 iSafeKrnlR3; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlR3.sys [103904 2016-05-23] (Elex do Brasil Participações Ltda)
R1 iSafeNetFilter; C:\Windows\System32\DRIVERS\iSafeNetFilter.sys [52392 2016-05-19] (Elex do Brasil Participações Ltda)
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
C:\Windows\system32\ApnDatabase.xml
C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
C:\ProgramData\smp2.exe
C:\Users\kubar\jre-8u121-windows-x64.exe
C:\Users\kubar\TLv4.0-238-64b-win.exe
Task: {03628B6C-9516-42A8-9BD7-36DC0521B475} - \SMW_UpdateTask_Time_343036333939313337342d4a375b5a5a6c783245343741 -> No File <==== ATTENTION
Task: {7C3E5C8F-611F-4F44-8E8C-43682EB9ECE7} - System32\Tasks\1280l23A15c3397 => Rundll32.exe "C:\ProgramData\1280l23A15c3397\1280l23A15c3397.dll",lAcqxFh <==== ATTENTION
Task: {FF163EA7-C9B9-4F30-B18D-2B1930733779} - System32\Tasks\SMW_P => C:\ProgramData\smp2.exe [2017-02-10] () <==== ATTENTION

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Z logu:

Velikost slozky "C:\Users\kubar\Desktop" je 5879 MB.

To je příliš mnoho a může to zpomalovat start systému. Vytvořte v C:\Users\kubar novou složku, do níž přesuňte všechna data z plochy (kromě zástupců). Na plochu si pak dejte zástupce té složky pro snazší přístup.

koub · #5 Příspěvek od **koub** » 16 bře 2017 18:28

Fix result of Farbar Recovery Scan Tool (x64) Version: 15-03-2017
Ran by kubar (16-03-2017 18:25:41) Run:1
Running from C:\Users\kubar\Desktop
Loaded Profiles: kubar (Available Profiles: defaultuser0 & kubar)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation)
HKU\S-1-5-21-495495518-1249904075-3165854488-1001\...\MountPoints2: {f626bf78-eef9-11e6-8230-c48e8f8122ca} - "F:\setup.exe"
IFEO\taskmgr.exe: [Debugger]
ShellExecuteHooks: No Name - {7F7806D8-DE44-11E6-82D2-64006A5CFC23} - C:\Users\kubar\AppData\Roaming\Kaphghibapy\Grefaph.dll -> No File
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKU\S-1-5-21-495495518-1249904075-3165854488-1001 -> {B79D4439-0DF3-4135-AE13-9C9E4387437C} URL = hxxp://www-searching.com/s.ashx?prd=opensearch&q={searchTerms}&s=H2Azamobl20603AU,2f18c99d-2ca8-46e1-b5e7-db88961a4ba2,
Edge HomeButtonPage: HKU\S-1-5-21-495495518-1249904075-3165854488-1001 -> hxxp://www.amisites.com/?type=hp&ts=148 ... 339DS339DS
CHR HomePage: ChromeDefaultData -> hxxp://www.luckysearch123.com?type=hp&t ... 6e7g2bdtat
CHR StartupUrls: ChromeDefaultData -> "hxxp://www.luckysearch123.com?type=hp&ts=14894 ... 6e7g2bdtat"
CHR DefaultSearchURL: ChromeDefaultData -> hxxp://www.luckysearch123.com/search.ph ... g2bdtat&q={searchTerms}
CHR DefaultSearchKeyword: ChromeDefaultData -> luck
CHR Profile: C:\Users\kubar\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2017-03-15] <==== ATTENTION
HKU\S-1-5-21-495495518-1249904075-3165854488-1001\...\StartMenuInternet\ChromeHTML: -> C:\Program Files (x86)\Cansuck\Application\chrome.exe (Google Inc.) <==== ATTENTION
S2 Themes; C:\Windows\system32\themeservice.dll [70656 2016-07-16] (Microsoft Corporation) [DependOnService: iThemes5]<==== ATTENTION
S2 WinSnare; C:\Users\kubar\AppData\Roaming\WinSnare\WinSnare.dll [779776 2017-02-08] (InterSect Alliance Pty Ltd) [File not signed] <==== ATTENTION
S2 CansuckSU; "C:\Users\kubar\AppData\Local\Temp\1\Bfinstall.exe" /i [X] <==== ATTENTION
S2 Protecultsakt; C:\Program Files (x86)\Newughikeing\PlpVerfier.dll [X]
R1 iSafeKrnl; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnl.sys [262344 2016-05-23] (Elex do Brasil Participaçoes Ltda)
S3 iSafeKrnlBoot; C:\Windows\System32\DRIVERS\iSafeKrnlBoot.sys [55056 2016-05-23] (Elex do Brasil Participaçoes Ltda)
S1 iSafeKrnlKit; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlKit.sys [110112 2016-05-23] (Elex do Brasil Participaçoes Ltda)
R1 iSafeKrnlR3; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlR3.sys [103904 2016-05-23] (Elex do Brasil Participaçoes Ltda)
R1 iSafeNetFilter; C:\Windows\System32\DRIVERS\iSafeNetFilter.sys [52392 2016-05-19] (Elex do Brasil Participaçoes Ltda)
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
C:\Windows\system32\ApnDatabase.xml
C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
C:\ProgramData\smp2.exe
C:\Users\kubar\jre-8u121-windows-x64.exe
C:\Users\kubar\TLv4.0-238-64b-win.exe
Task: {03628B6C-9516-42A8-9BD7-36DC0521B475} - \SMW_UpdateTask_Time_343036333939313337342d4a375b5a5a6c783245343741 -> No File <==== ATTENTION
Task: {7C3E5C8F-611F-4F44-8E8C-43682EB9ECE7} - System32\Tasks\1280l23A15c3397 => Rundll32.exe "C:\ProgramData\1280l23A15c3397\1280l23A15c3397.dll",lAcqxFh <==== ATTENTION
Task: {FF163EA7-C9B9-4F30-B18D-2B1930733779} - System32\Tasks\SMW_P => C:\ProgramData\smp2.exe [2017-02-10] () <==== ATTENTION

EmptyTemp:
End

*****************

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value removed successfully
HKU\S-1-5-21-495495518-1249904075-3165854488-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f626bf78-eef9-11e6-8230-c48e8f8122ca} => key removed successfully
HKCR\CLSID\{f626bf78-eef9-11e6-8230-c48e8f8122ca} => key not found.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\taskmgr.exe => key removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\explorer\ShellExecuteHooks\\{7F7806D8-DE44-11E6-82D2-64006A5CFC23} => value removed successfully
HKCR\CLSID\{7F7806D8-DE44-11E6-82D2-64006A5CFC23} => key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKU\S-1-5-21-495495518-1249904075-3165854488-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B79D4439-0DF3-4135-AE13-9C9E4387437C} => key could not remove, key could be protected
HKCR\CLSID\{B79D4439-0DF3-4135-AE13-9C9E4387437C} => key not found.
HKU\S-1-5-21-495495518-1249904075-3165854488-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Main\\HomeButtonPage => value removed successfully
Chrome HomePage => removed successfully
Chrome StartupUrls => removed successfully
Chrome DefaultSearchURL => removed successfully
Chrome DefaultSearchKeyword => removed successfully
C:\Users\kubar\AppData\Local\Google\Chrome\User Data\ChromeDefaultData => moved successfully
HKU\S-1-5-21-495495518-1249904075-3165854488-1001\SOFTWARE\Clients\StartMenuInternet\ChromeHTML => key removed successfully
HKLM\System\CurrentControlSet\Services\Themes\\DependOnService => value removed successfully
HKLM\System\CurrentControlSet\Services\WinSnare => key removed successfully
WinSnare => service removed successfully
HKLM\System\CurrentControlSet\Services\CansuckSU => key removed successfully
CansuckSU => service removed successfully
HKLM\System\CurrentControlSet\Services\Protecultsakt => key removed successfully
Protecultsakt => service removed successfully
iSafeKrnl => Unable to stop service.
HKLM\System\CurrentControlSet\Services\iSafeKrnl => key could not remove, key could be protected
HKLM\System\CurrentControlSet\Services\iSafeKrnlBoot => key could not remove, key could be protected
HKLM\System\CurrentControlSet\Services\iSafeKrnlKit => key could not remove, key could be protected
iSafeKrnlR3 => Unable to stop service.
HKLM\System\CurrentControlSet\Services\iSafeKrnlR3 => key could not remove, key could be protected
iSafeNetFilter => Unable to stop service.
HKLM\System\CurrentControlSet\Services\iSafeNetFilter => key could not remove, key could be protected
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
C:\Windows\system32\ApnDatabase.xml => moved successfully
C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat => moved successfully
C:\ProgramData\smp2.exe => moved successfully
C:\Users\kubar\jre-8u121-windows-x64.exe => moved successfully
Could not move "C:\Users\kubar\TLv4.0-238-64b-win.exe" => Scheduled to move on reboot.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{03628B6C-9516-42A8-9BD7-36DC0521B475} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{03628B6C-9516-42A8-9BD7-36DC0521B475} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SMW_UpdateTask_Time_343036333939313337342d4a375b5a5a6c783245343741 => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{7C3E5C8F-611F-4F44-8E8C-43682EB9ECE7} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7C3E5C8F-611F-4F44-8E8C-43682EB9ECE7} => key removed successfully
C:\Windows\System32\Tasks\1280l23A15c3397 => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\1280l23A15c3397 => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{FF163EA7-C9B9-4F30-B18D-2B1930733779} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FF163EA7-C9B9-4F30-B18D-2B1930733779} => key removed successfully
C:\Windows\System32\Tasks\SMW_P => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SMW_P => key removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 24455321 B
Java, Flash, Steam htmlcache => 6403130 B
Windows/system/drivers => 58572572 B
Edge => 21044352 B
Chrome => 0 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 21190 B
NetworkService => 87380 B
defaultuser0 => 588289 B
kubar => 694820128 B

RecycleBin => 10248262064 B
EmptyTemp: => 10.3 GB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 16-03-2017 18:27:47)

C:\Users\kubar\TLv4.0-238-64b-win.exe => Is moved successfully

Result of scheduled keys to remove after reboot:

HKU\S-1-5-21-495495518-1249904075-3165854488-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B79D4439-0DF3-4135-AE13-9C9E4387437C} => key could not remove, key could be protected
HKLM\System\CurrentControlSet\Services\iSafeKrnl => key could not remove, key could be protected
HKLM\System\CurrentControlSet\Services\iSafeKrnlBoot => key could not remove, key could be protected
HKLM\System\CurrentControlSet\Services\iSafeKrnlKit => key could not remove, key could be protected
HKLM\System\CurrentControlSet\Services\iSafeKrnlR3 => key could not remove, key could be protected
HKLM\System\CurrentControlSet\Services\iSafeNetFilter => key could not remove, key could be protected

==== End of Fixlog 18:27:47 ====

#6 Příspěvek od **Rudy** » 16 bře 2017 19:00

Smazáno. Nastala nějaká změna?

koub · #7 Příspěvek od **koub** » 16 bře 2017 19:06

Viry jsou dle všeho fuč, ovšem stále mám problém, že mi nejde zvolit výchozí prohlížeč, ani alternativníma cestama, takže asi přistoupím k opravě flashkou. Snad to pomůže

#8 Příspěvek od **Rudy** » 16 bře 2017 19:46

Zkuste. Možná to pomůže.

koub · #9 Příspěvek od **koub** » 16 bře 2017 20:41

Ačkoliv vím, že jste pasl, že je smazáno, tak když jsem opět zapnul JRT, tak mi vyhodil opět stejné informace

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.2 (03.10.2017)
Operating System: Windows 10 Home x64
Ran by kubar (Administrator) on źt 16. 03. 2017 at 20:39:40,37
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

File System: 3

Failed to delete: C:\Users\kubar\AppData\Roaming\elex-tech (Folder)
Failed to delete: C:\Windows\system32\drivers\isafenetfilter.sys (File)
Failed to delete: C:\Program Files (x86)\elex-tech (Folder)

Registry: 8

Failed to delete: HKLM\SYSTEM\CurrentControlSet\services\iSafeKrnl (Registry Key)
Failed to delete: HKLM\SYSTEM\CurrentControlSet\services\iSafeKrnlBoot (Registry Key)
Failed to delete: HKLM\SYSTEM\CurrentControlSet\services\iSafeKrnlKit (Registry Key)
Failed to delete: HKLM\SYSTEM\CurrentControlSet\services\iSafeKrnlR3 (Registry Key)
Failed to delete: HKLM\SYSTEM\CurrentControlSet\services\iSafeNetFilter (Registry Key)
Failed to delete: HKLM\SYSTEM\CurrentControlSet\services\iSafeService (Registry Key)
Successfully deleted: HKLM\SYSTEM\CurrentControlSet\services\iSafeKrnlMon (Registry Key)
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B79D4439-0DF3-4135-AE13-9C9E4387437C} (Registry Key)

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on źt 16. 03. 2017 at 20:40:29,46
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

#10 Příspěvek od **Rudy** » 16 bře 2017 21:00

A po tomto mazání se něco změnilo?

koub · #11 Příspěvek od **koub** » 16 bře 2017 21:09

Vir se projevoval tím, že mi neustále vnucoval prohlížeče firefox a chrome. Já jsem používal operu neon. Když mi nejde změnit prohlížeč kvůli chybě ve windows, tak se vlastně nijak neprojevuje. Ale dle všeho tam jsou stále. Nebo třeba ne, jen nějaké pozůstatky. Bohužel ani složka nejde smazat protože prý nemám dostatečný oprávnění, i když jsem administrátor. Je to nějaká ludra

#12 Příspěvek od **Rudy** » 16 bře 2017 22:07

Udělejte ještě kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte.

koub · #13 Příspěvek od **koub** » 16 bře 2017 22:27

Tady je scan. Ještě mi v mezičase několikrát zahlásil, že něco našel, takže to nejspíš není vše.

Edit: teď dojela Avira čištění a report je tu:

Free Antivirus
Report file date: čtvrtek 16. března 2017 22:28

The program is running as an unrestricted full version.
Online services are available.

Licensee : Free
Serial number : 0000149996-AVHOE-0000001
Platform : Windows 10 Home
Windows version : (plain) [10.0.14393]
Boot mode : Normally booted
Username : SYSTEM
Computer name : DESKTOP-OH6C99B

Version information:
build.dat : 15.0.25.154 92770 Bytes 15.02.2017 16:55:00
AVSCAN.EXE : 15.0.25.151 1526944 Bytes 15.02.2017 15:55:53
AVSCANRC.DLL : 15.0.25.102 64552 Bytes 15.02.2017 15:55:53
LUKE.DLL : 15.0.25.148 79632 Bytes 15.02.2017 15:55:56
AVSCPLR.DLL : 15.0.25.151 152840 Bytes 15.02.2017 15:55:53
REPAIR.DLL : 15.0.25.151 707136 Bytes 15.02.2017 15:55:52
repair.rdf : 1.0.25.86 1920592 Bytes 15.03.2017 15:11:10
AVREG.DLL : 15.0.25.151 447360 Bytes 15.02.2017 15:55:52
avlode.dll : 15.0.25.151 836488 Bytes 15.02.2017 15:55:52
avlode.rdf : 14.0.5.90 166791 Bytes 12.03.2017 13:28:02
XBV00013.VDF : 8.12.107.34 2048 Bytes 27.07.2016 15:55:57
XBV00014.VDF : 8.12.107.34 2048 Bytes 27.07.2016 15:55:57
XBV00015.VDF : 8.12.107.34 2048 Bytes 27.07.2016 15:55:57
XBV00016.VDF : 8.12.107.34 2048 Bytes 27.07.2016 15:55:57
XBV00017.VDF : 8.12.107.34 2048 Bytes 27.07.2016 15:55:57
XBV00018.VDF : 8.12.107.34 2048 Bytes 27.07.2016 15:55:57
XBV00019.VDF : 8.12.107.34 2048 Bytes 27.07.2016 15:55:57
XBV00020.VDF : 8.12.107.34 2048 Bytes 27.07.2016 15:55:57
XBV00021.VDF : 8.12.107.34 2048 Bytes 27.07.2016 15:55:57
XBV00022.VDF : 8.12.107.34 2048 Bytes 27.07.2016 15:55:57
XBV00023.VDF : 8.12.107.34 2048 Bytes 27.07.2016 15:55:57
XBV00024.VDF : 8.12.107.34 2048 Bytes 27.07.2016 15:55:57
XBV00025.VDF : 8.12.107.34 2048 Bytes 27.07.2016 15:55:57
XBV00026.VDF : 8.12.107.34 2048 Bytes 27.07.2016 15:55:57
XBV00027.VDF : 8.12.107.34 2048 Bytes 27.07.2016 15:55:57
XBV00028.VDF : 8.12.107.34 2048 Bytes 27.07.2016 15:55:57
XBV00029.VDF : 8.12.107.34 2048 Bytes 27.07.2016 15:55:57
XBV00030.VDF : 8.12.107.34 2048 Bytes 27.07.2016 15:55:57
XBV00031.VDF : 8.12.107.34 2048 Bytes 27.07.2016 15:55:57
XBV00032.VDF : 8.12.107.34 2048 Bytes 27.07.2016 15:55:57
XBV00033.VDF : 8.12.107.34 2048 Bytes 27.07.2016 15:55:57
XBV00034.VDF : 8.12.107.34 2048 Bytes 27.07.2016 15:55:57
XBV00035.VDF : 8.12.107.34 2048 Bytes 27.07.2016 15:55:57
XBV00036.VDF : 8.12.107.34 2048 Bytes 27.07.2016 15:55:57
XBV00037.VDF : 8.12.107.34 2048 Bytes 27.07.2016 15:55:57
XBV00038.VDF : 8.12.107.34 2048 Bytes 27.07.2016 15:55:57
XBV00039.VDF : 8.12.107.34 2048 Bytes 27.07.2016 15:55:57
XBV00040.VDF : 8.12.107.34 2048 Bytes 27.07.2016 15:55:57
XBV00041.VDF : 8.12.107.34 2048 Bytes 27.07.2016 15:55:57
XBV00100.VDF : 8.12.158.250 2048 Bytes 11.03.2017 13:27:55
XBV00101.VDF : 8.12.158.250 2048 Bytes 11.03.2017 13:27:55
XBV00102.VDF : 8.12.158.250 2048 Bytes 11.03.2017 13:27:55
XBV00103.VDF : 8.12.158.250 2048 Bytes 11.03.2017 13:27:55
XBV00104.VDF : 8.12.158.250 2048 Bytes 11.03.2017 13:27:55
XBV00105.VDF : 8.12.158.250 2048 Bytes 11.03.2017 13:27:55
XBV00106.VDF : 8.12.158.250 2048 Bytes 11.03.2017 13:27:55
XBV00107.VDF : 8.12.158.250 2048 Bytes 11.03.2017 13:27:55
XBV00108.VDF : 8.12.158.250 2048 Bytes 11.03.2017 13:27:55
XBV00109.VDF : 8.12.158.250 2048 Bytes 11.03.2017 13:27:55
XBV00110.VDF : 8.12.158.250 2048 Bytes 11.03.2017 13:27:55
XBV00111.VDF : 8.12.158.250 2048 Bytes 11.03.2017 13:27:55
XBV00112.VDF : 8.12.158.250 2048 Bytes 11.03.2017 13:27:55
XBV00113.VDF : 8.12.158.250 2048 Bytes 11.03.2017 13:27:56
XBV00114.VDF : 8.12.158.250 2048 Bytes 11.03.2017 13:27:56
XBV00115.VDF : 8.12.158.250 2048 Bytes 11.03.2017 13:27:56
XBV00116.VDF : 8.12.158.250 2048 Bytes 11.03.2017 13:27:56
XBV00117.VDF : 8.12.158.250 2048 Bytes 11.03.2017 13:27:56
XBV00118.VDF : 8.12.158.250 2048 Bytes 11.03.2017 13:27:56
XBV00119.VDF : 8.12.158.250 2048 Bytes 11.03.2017 13:27:56
XBV00120.VDF : 8.12.158.250 2048 Bytes 11.03.2017 13:27:56
XBV00121.VDF : 8.12.158.250 2048 Bytes 11.03.2017 13:27:56
XBV00122.VDF : 8.12.158.250 2048 Bytes 11.03.2017 13:27:56
XBV00123.VDF : 8.12.158.250 2048 Bytes 11.03.2017 13:27:56
XBV00124.VDF : 8.12.158.250 2048 Bytes 11.03.2017 13:27:56
XBV00125.VDF : 8.12.158.250 2048 Bytes 11.03.2017 13:27:56
XBV00126.VDF : 8.12.158.250 2048 Bytes 11.03.2017 13:27:56
XBV00127.VDF : 8.12.158.250 2048 Bytes 11.03.2017 13:27:56
XBV00128.VDF : 8.12.158.250 2048 Bytes 11.03.2017 13:27:56
XBV00129.VDF : 8.12.158.250 2048 Bytes 11.03.2017 13:27:56
XBV00130.VDF : 8.12.158.250 2048 Bytes 11.03.2017 13:27:56
XBV00131.VDF : 8.12.158.250 2048 Bytes 11.03.2017 13:27:56
XBV00132.VDF : 8.12.158.250 2048 Bytes 11.03.2017 13:27:56
XBV00133.VDF : 8.12.158.250 2048 Bytes 11.03.2017 13:27:56
XBV00134.VDF : 8.12.158.250 2048 Bytes 11.03.2017 13:27:56
XBV00135.VDF : 8.12.158.250 2048 Bytes 11.03.2017 13:27:56
XBV00136.VDF : 8.12.158.250 2048 Bytes 11.03.2017 13:27:56
XBV00137.VDF : 8.12.158.250 2048 Bytes 11.03.2017 13:27:56
XBV00138.VDF : 8.12.158.250 2048 Bytes 11.03.2017 13:27:56
XBV00139.VDF : 8.12.158.250 2048 Bytes 11.03.2017 13:27:56
XBV00140.VDF : 8.12.158.250 2048 Bytes 11.03.2017 13:27:56
XBV00141.VDF : 8.12.158.250 2048 Bytes 11.03.2017 13:27:56
XBV00142.VDF : 8.12.158.250 2048 Bytes 11.03.2017 13:27:56
XBV00143.VDF : 8.12.158.250 2048 Bytes 11.03.2017 13:27:56
XBV00144.VDF : 8.12.158.250 2048 Bytes 11.03.2017 13:27:56
XBV00145.VDF : 8.12.158.250 2048 Bytes 11.03.2017 13:27:56
XBV00146.VDF : 8.12.158.250 2048 Bytes 11.03.2017 13:27:56
XBV00147.VDF : 8.12.158.250 2048 Bytes 11.03.2017 13:27:56
XBV00148.VDF : 8.12.158.250 2048 Bytes 11.03.2017 13:27:56
XBV00149.VDF : 8.12.158.250 2048 Bytes 11.03.2017 13:27:56
XBV00150.VDF : 8.12.158.250 2048 Bytes 11.03.2017 13:27:57
XBV00151.VDF : 8.12.158.250 2048 Bytes 11.03.2017 13:27:57
XBV00152.VDF : 8.12.158.250 2048 Bytes 11.03.2017 13:27:57
XBV00153.VDF : 8.12.158.250 2048 Bytes 11.03.2017 13:27:57
XBV00154.VDF : 8.12.158.250 2048 Bytes 11.03.2017 13:27:57
XBV00155.VDF : 8.12.158.250 2048 Bytes 11.03.2017 13:27:57
XBV00156.VDF : 8.12.158.250 2048 Bytes 11.03.2017 13:27:57
XBV00157.VDF : 8.12.158.250 2048 Bytes 11.03.2017 13:27:57
XBV00158.VDF : 8.12.158.250 2048 Bytes 11.03.2017 13:27:57
XBV00159.VDF : 8.12.158.250 2048 Bytes 11.03.2017 13:27:57
XBV00160.VDF : 8.12.158.250 2048 Bytes 11.03.2017 13:27:57
XBV00161.VDF : 8.12.158.250 2048 Bytes 11.03.2017 13:27:57
XBV00162.VDF : 8.12.158.250 2048 Bytes 11.03.2017 13:27:57
XBV00163.VDF : 8.12.158.250 2048 Bytes 11.03.2017 13:27:57
XBV00164.VDF : 8.12.158.250 2048 Bytes 11.03.2017 13:27:57
XBV00165.VDF : 8.12.158.250 2048 Bytes 11.03.2017 13:27:57
XBV00166.VDF : 8.12.158.250 2048 Bytes 11.03.2017 13:27:57
XBV00167.VDF : 8.12.158.250 2048 Bytes 11.03.2017 13:27:57
XBV00168.VDF : 8.12.158.250 2048 Bytes 11.03.2017 13:27:57
XBV00169.VDF : 8.12.158.250 2048 Bytes 11.03.2017 13:27:57
XBV00170.VDF : 8.12.158.250 2048 Bytes 11.03.2017 13:27:57
XBV00171.VDF : 8.12.158.250 2048 Bytes 11.03.2017 13:27:57
XBV00172.VDF : 8.12.158.250 2048 Bytes 11.03.2017 13:27:57
XBV00173.VDF : 8.12.158.250 2048 Bytes 11.03.2017 13:27:57
XBV00174.VDF : 8.12.158.250 2048 Bytes 11.03.2017 13:27:57
XBV00175.VDF : 8.12.158.250 2048 Bytes 11.03.2017 13:27:57
XBV00176.VDF : 8.12.158.250 2048 Bytes 11.03.2017 13:27:57
XBV00177.VDF : 8.12.158.250 2048 Bytes 11.03.2017 13:27:57
XBV00178.VDF : 8.12.158.250 2048 Bytes 11.03.2017 13:27:57
XBV00179.VDF : 8.12.158.250 2048 Bytes 11.03.2017 13:27:57
XBV00180.VDF : 8.12.158.250 2048 Bytes 11.03.2017 13:27:57
XBV00181.VDF : 8.12.158.250 2048 Bytes 11.03.2017 13:27:57
XBV00182.VDF : 8.12.158.250 2048 Bytes 11.03.2017 13:27:57
XBV00183.VDF : 8.12.158.250 2048 Bytes 11.03.2017 13:27:57
XBV00184.VDF : 8.12.158.250 2048 Bytes 11.03.2017 13:27:57
XBV00185.VDF : 8.12.158.250 2048 Bytes 11.03.2017 13:27:57
XBV00186.VDF : 8.12.158.250 2048 Bytes 11.03.2017 13:27:57
XBV00187.VDF : 8.12.158.250 2048 Bytes 11.03.2017 13:27:58
XBV00188.VDF : 8.12.158.250 2048 Bytes 11.03.2017 13:27:58
XBV00189.VDF : 8.12.158.250 2048 Bytes 11.03.2017 13:27:58
XBV00190.VDF : 8.12.158.250 2048 Bytes 11.03.2017 13:27:58
XBV00191.VDF : 8.12.158.250 2048 Bytes 11.03.2017 13:27:58
XBV00192.VDF : 8.12.158.250 2048 Bytes 11.03.2017 13:27:58
XBV00193.VDF : 8.12.158.250 2048 Bytes 11.03.2017 13:27:58
XBV00194.VDF : 8.12.158.250 2048 Bytes 11.03.2017 13:27:58
XBV00195.VDF : 8.12.158.250 2048 Bytes 11.03.2017 13:27:58
XBV00196.VDF : 8.12.158.250 2048 Bytes 11.03.2017 13:27:58
XBV00197.VDF : 8.12.158.250 2048 Bytes 11.03.2017 13:27:58
XBV00198.VDF : 8.12.158.250 2048 Bytes 11.03.2017 13:27:58
XBV00199.VDF : 8.12.158.250 2048 Bytes 11.03.2017 13:27:58
XBV00200.VDF : 8.12.158.250 2048 Bytes 11.03.2017 13:27:58
XBV00201.VDF : 8.12.158.250 2048 Bytes 11.03.2017 13:27:58
XBV00202.VDF : 8.12.158.250 2048 Bytes 11.03.2017 13:27:58
XBV00203.VDF : 8.12.158.250 2048 Bytes 11.03.2017 13:27:58
XBV00204.VDF : 8.12.158.250 2048 Bytes 11.03.2017 13:27:58
XBV00205.VDF : 8.12.158.250 2048 Bytes 11.03.2017 13:27:58
XBV00206.VDF : 8.12.158.250 2048 Bytes 11.03.2017 13:27:58
XBV00207.VDF : 8.12.158.250 2048 Bytes 11.03.2017 13:27:58
XBV00208.VDF : 8.12.158.250 2048 Bytes 11.03.2017 13:27:58
XBV00209.VDF : 8.12.158.250 2048 Bytes 11.03.2017 13:27:58
XBV00210.VDF : 8.12.158.250 2048 Bytes 11.03.2017 13:27:58
XBV00211.VDF : 8.12.158.250 2048 Bytes 11.03.2017 13:27:58
XBV00212.VDF : 8.12.158.250 2048 Bytes 11.03.2017 13:27:58
XBV00213.VDF : 8.12.158.250 2048 Bytes 11.03.2017 13:27:58
XBV00214.VDF : 8.12.158.250 2048 Bytes 11.03.2017 13:27:58
XBV00215.VDF : 8.12.158.250 2048 Bytes 11.03.2017 13:27:58
XBV00216.VDF : 8.12.158.250 2048 Bytes 11.03.2017 13:27:58
XBV00217.VDF : 8.12.158.250 2048 Bytes 11.03.2017 13:27:58
XBV00218.VDF : 8.12.158.250 2048 Bytes 11.03.2017 13:27:58
XBV00219.VDF : 8.12.158.250 2048 Bytes 11.03.2017 13:27:58
XBV00220.VDF : 8.12.158.250 2048 Bytes 11.03.2017 13:27:58
XBV00221.VDF : 8.12.158.250 2048 Bytes 11.03.2017 13:27:58
XBV00222.VDF : 8.12.158.250 2048 Bytes 11.03.2017 13:27:58
XBV00223.VDF : 8.12.158.250 2048 Bytes 11.03.2017 13:27:58
XBV00224.VDF : 8.12.158.250 2048 Bytes 11.03.2017 13:27:59
XBV00225.VDF : 8.12.158.250 2048 Bytes 11.03.2017 13:27:59
XBV00226.VDF : 8.12.158.250 2048 Bytes 11.03.2017 13:27:59
XBV00227.VDF : 8.12.158.250 2048 Bytes 11.03.2017 13:27:59
XBV00228.VDF : 8.12.158.250 2048 Bytes 11.03.2017 13:27:59
XBV00229.VDF : 8.12.158.250 2048 Bytes 11.03.2017 13:27:59
XBV00230.VDF : 8.12.158.250 2048 Bytes 11.03.2017 13:27:59
XBV00231.VDF : 8.12.158.250 2048 Bytes 11.03.2017 13:27:59
XBV00232.VDF : 8.12.158.250 2048 Bytes 11.03.2017 13:27:59
XBV00233.VDF : 8.12.158.250 2048 Bytes 11.03.2017 13:27:59
XBV00234.VDF : 8.12.158.250 2048 Bytes 11.03.2017 13:27:59
XBV00235.VDF : 8.12.158.250 2048 Bytes 11.03.2017 13:27:59
XBV00236.VDF : 8.12.158.250 2048 Bytes 11.03.2017 13:27:59
XBV00237.VDF : 8.12.158.250 2048 Bytes 11.03.2017 13:27:59
XBV00238.VDF : 8.12.158.250 2048 Bytes 11.03.2017 13:27:59
XBV00239.VDF : 8.12.158.250 2048 Bytes 11.03.2017 13:27:59
XBV00240.VDF : 8.12.158.250 2048 Bytes 11.03.2017 13:27:59
XBV00241.VDF : 8.12.158.250 2048 Bytes 11.03.2017 13:27:59
XBV00242.VDF : 8.12.158.250 2048 Bytes 11.03.2017 13:27:59
XBV00243.VDF : 8.12.158.250 2048 Bytes 11.03.2017 13:27:59
XBV00244.VDF : 8.12.158.250 2048 Bytes 11.03.2017 13:27:59
XBV00245.VDF : 8.12.158.250 2048 Bytes 11.03.2017 13:27:59
XBV00246.VDF : 8.12.158.250 2048 Bytes 11.03.2017 13:27:59
XBV00247.VDF : 8.12.158.250 2048 Bytes 11.03.2017 13:27:59
XBV00248.VDF : 8.12.158.250 2048 Bytes 11.03.2017 13:27:59
XBV00249.VDF : 8.12.158.250 2048 Bytes 11.03.2017 13:27:59
XBV00250.VDF : 8.12.158.250 2048 Bytes 11.03.2017 13:27:59
XBV00251.VDF : 8.12.158.250 2048 Bytes 11.03.2017 13:27:59
XBV00252.VDF : 8.12.158.250 2048 Bytes 11.03.2017 13:27:59
XBV00253.VDF : 8.12.158.250 2048 Bytes 11.03.2017 13:27:59
XBV00254.VDF : 8.12.158.250 2048 Bytes 11.03.2017 13:27:59
XBV00255.VDF : 8.12.158.250 2048 Bytes 11.03.2017 13:27:59
XBV00000.VDF : 7.11.70.0 66736640 Bytes 04.04.2013 15:55:57
XBV00001.VDF : 7.11.237.0 48041984 Bytes 02.06.2015 15:55:57
XBV00002.VDF : 7.12.106.228 44941312 Bytes 27.07.2016 15:55:57
XBV00003.VDF : 8.12.113.174 5299200 Bytes 22.08.2016 15:55:57
XBV00004.VDF : 8.12.118.140 3998720 Bytes 15.09.2016 15:55:57
XBV00005.VDF : 8.12.125.14 6024704 Bytes 11.10.2016 15:55:57
XBV00006.VDF : 8.12.132.226 5180928 Bytes 09.11.2016 15:55:57
XBV00007.VDF : 8.12.133.244 1884672 Bytes 16.11.2016 15:55:57
XBV00008.VDF : 8.12.137.174 2475008 Bytes 26.11.2016 15:55:57
XBV00009.VDF : 8.12.143.24 5520384 Bytes 25.12.2016 15:55:57
XBV00010.VDF : 8.12.149.62 6635008 Bytes 21.01.2017 15:55:57
XBV00011.VDF : 8.12.155.56 4918784 Bytes 16.02.2017 13:27:52
XBV00012.VDF : 8.12.158.250 3436544 Bytes 11.03.2017 13:27:53
XBV00042.VDF : 8.12.158.252 18432 Bytes 11.03.2017 13:27:53
XBV00043.VDF : 8.12.158.254 2048 Bytes 11.03.2017 13:27:54
XBV00044.VDF : 8.12.159.0 22016 Bytes 11.03.2017 13:27:54
XBV00045.VDF : 8.12.159.2 138240 Bytes 12.03.2017 13:27:54
XBV00046.VDF : 8.12.159.4 8192 Bytes 12.03.2017 13:27:54
XBV00047.VDF : 8.12.159.6 20992 Bytes 12.03.2017 13:27:54
XBV00048.VDF : 8.12.159.8 18944 Bytes 12.03.2017 16:12:37
XBV00049.VDF : 8.12.159.10 11264 Bytes 12.03.2017 11:17:16
XBV00050.VDF : 8.12.159.18 114688 Bytes 13.03.2017 11:17:16
XBV00051.VDF : 8.12.159.24 18432 Bytes 13.03.2017 11:17:16
XBV00052.VDF : 8.12.159.30 23552 Bytes 13.03.2017 13:17:19
XBV00053.VDF : 8.12.159.36 12800 Bytes 13.03.2017 13:17:19
XBV00054.VDF : 8.12.159.42 20480 Bytes 13.03.2017 15:17:22
XBV00055.VDF : 8.12.159.44 10752 Bytes 13.03.2017 17:17:17
XBV00056.VDF : 8.12.159.46 10752 Bytes 13.03.2017 19:17:21
XBV00057.VDF : 8.12.159.48 9728 Bytes 13.03.2017 19:17:21
XBV00058.VDF : 8.12.159.50 15360 Bytes 13.03.2017 09:38:26
XBV00059.VDF : 8.12.159.52 9216 Bytes 13.03.2017 09:38:31
XBV00060.VDF : 8.12.159.54 30208 Bytes 13.03.2017 09:38:34
XBV00061.VDF : 8.12.159.56 48128 Bytes 14.03.2017 09:38:47
XBV00062.VDF : 8.12.159.58 8192 Bytes 14.03.2017 09:38:47
XBV00063.VDF : 8.12.159.60 2048 Bytes 14.03.2017 09:38:47
XBV00064.VDF : 8.12.159.62 2048 Bytes 14.03.2017 09:38:47
XBV00065.VDF : 8.12.159.64 14336 Bytes 14.03.2017 16:23:23
XBV00066.VDF : 8.12.159.66 9728 Bytes 14.03.2017 16:23:23
XBV00067.VDF : 8.12.159.68 19456 Bytes 14.03.2017 16:23:23
XBV00068.VDF : 8.12.159.70 7680 Bytes 14.03.2017 16:23:23
XBV00069.VDF : 8.12.159.72 15872 Bytes 14.03.2017 16:23:23
XBV00070.VDF : 8.12.159.74 6656 Bytes 14.03.2017 18:23:30
XBV00071.VDF : 8.12.159.76 23040 Bytes 14.03.2017 20:23:28
XBV00072.VDF : 8.12.159.78 23552 Bytes 14.03.2017 05:40:29
XBV00073.VDF : 8.12.159.80 38400 Bytes 14.03.2017 13:11:11
XBV00074.VDF : 8.12.159.84 47104 Bytes 15.03.2017 13:11:11
XBV00075.VDF : 8.12.159.86 12800 Bytes 15.03.2017 13:11:11
XBV00076.VDF : 8.12.159.90 30208 Bytes 15.03.2017 15:11:10
XBV00077.VDF : 8.12.159.92 59392 Bytes 15.03.2017 15:11:10
XBV00078.VDF : 8.12.159.98 17408 Bytes 15.03.2017 17:11:07
XBV00079.VDF : 8.12.159.104 239616 Bytes 15.03.2017 23:11:09
XBV00080.VDF : 8.12.159.110 1031168 Bytes 15.03.2017 23:11:10
XBV00081.VDF : 8.12.159.116 489984 Bytes 15.03.2017 23:11:10
XBV00082.VDF : 8.12.159.122 168448 Bytes 15.03.2017 23:11:10
XBV00083.VDF : 8.12.159.128 5120 Bytes 15.03.2017 23:11:10
XBV00084.VDF : 8.12.159.134 24576 Bytes 15.03.2017 09:11:10
XBV00085.VDF : 8.12.159.144 46592 Bytes 16.03.2017 09:11:10
XBV00086.VDF : 8.12.159.150 9728 Bytes 16.03.2017 09:11:10
XBV00087.VDF : 8.12.159.156 2048 Bytes 16.03.2017 11:11:10
XBV00088.VDF : 8.12.159.168 28672 Bytes 16.03.2017 11:11:10
XBV00089.VDF : 8.12.159.174 9216 Bytes 16.03.2017 11:11:11
XBV00090.VDF : 8.12.159.180 13824 Bytes 16.03.2017 11:11:11
XBV00091.VDF : 8.12.159.184 11264 Bytes 16.03.2017 13:11:10
XBV00092.VDF : 8.12.159.188 4096 Bytes 16.03.2017 15:11:09
XBV00093.VDF : 8.12.159.190 6656 Bytes 16.03.2017 15:11:09
XBV00094.VDF : 8.12.159.196 17408 Bytes 16.03.2017 15:11:09
XBV00095.VDF : 8.12.159.202 14336 Bytes 16.03.2017 17:11:10
XBV00096.VDF : 8.12.159.208 16384 Bytes 16.03.2017 17:11:10
XBV00097.VDF : 8.12.159.214 8704 Bytes 16.03.2017 19:11:14
XBV00098.VDF : 8.12.159.220 10752 Bytes 16.03.2017 21:11:26
XBV00099.VDF : 8.12.159.222 10240 Bytes 16.03.2017 21:11:26
LOCAL000.VDF : 8.12.159.222 210960896 Bytes 16.03.2017 21:12:43
Engine version : 8.3.44.10
AEBB.DLL : 8.1.3.0 59296 Bytes 15.02.2017 15:55:50
AECORE.DLL : 8.3.12.8 262328 Bytes 13.03.2017 15:17:22
AECRYPTO.DLL : 8.2.1.0 129904 Bytes 15.02.2017 15:55:50
AEDROID.DLL : 8.4.3.392 2746280 Bytes 15.02.2017 15:55:50
AEEMU.DLL : 8.1.3.8 404328 Bytes 15.02.2017 15:55:50
AEEXP.DLL : 8.4.4.4 333728 Bytes 15.02.2017 15:55:50
AEGEN.DLL : 8.1.8.322 678648 Bytes 15.02.2017 15:55:50
AEHELP.DLL : 8.3.2.12 284584 Bytes 15.02.2017 15:55:50
AEHEUR.DLL : 8.1.4.2756 10959896 Bytes 12.03.2017 13:28:01
AELIBINF.DLL : 8.2.1.4 68464 Bytes 15.02.2017 15:55:50
AEMOBILE.DLL : 8.1.18.4 346872 Bytes 12.03.2017 13:28:02
AEOFFICE.DLL : 8.3.6.140 596728 Bytes 15.02.2017 15:55:50
AEPACK.DLL : 8.4.2.56 834360 Bytes 12.03.2017 13:28:01
AERDL.DLL : 8.2.1.54 813808 Bytes 12.03.2017 13:28:01
AESBX.DLL : 8.2.22.10 1665568 Bytes 12.03.2017 13:28:02
AESCN.DLL : 8.3.4.8 152768 Bytes 12.03.2017 13:28:01
AESCRIPT.DLL : 8.3.2.104 869104 Bytes 12.03.2017 13:28:02
AEVDF.DLL : 8.3.3.4 142184 Bytes 15.02.2017 15:55:50
AVWINLL.DLL : 15.0.25.119 35952 Bytes 15.02.2017 15:55:53
AVPREF.DLL : 15.0.25.119 63920 Bytes 15.02.2017 15:55:52
AVREP.DLL : 15.0.25.119 233400 Bytes 15.02.2017 15:55:52
AVARKT.DLL : 15.0.25.119 239608 Bytes 15.02.2017 15:55:51
SQLITE3.DLL : 15.0.25.119 473256 Bytes 15.02.2017 15:55:57
AVSMTP.DLL : 15.0.25.119 88904 Bytes 15.02.2017 15:55:53
NETNT.DLL : 15.0.25.119 25080 Bytes 15.02.2017 15:55:56
CommonImageRc.dll: 15.0.25.101 3876680 Bytes 15.02.2017 15:55:56
CommonTextRc.dll: 15.0.25.123 79976 Bytes 15.02.2017 15:55:56

Configuration settings for the scan:
Jobname.............................: Full scan
Configuration file..................: c:\program files (x86)\avira\antivirus\sysscan.avp
Reporting...........................: default
Primary action......................: Interactive
Secondary action....................: Ignore
Scan master boot sector.............: on
Scan boot sector....................: on
Boot sectors........................: C:, D:,
Process scan........................: on
Extended process scan...............: on
Scan registry.......................: on
Search for rootkits.................: on
Integrity checking of system files..: off
Scan all files......................: All files
Scan archives.......................: on
Limit recursion depth...............: 20
Smart extensions....................: on
Macrovirus heuristic................: on
File heuristic......................: extended
Skipped files.......................:

Start of the scan: čtvrtek 16. března 2017 22:28

Start scanning boot sectors:
Boot sector 'HDD1(C:)'
[INFO] No virus was found!
Boot sector 'HDD0(D:)'
[INFO] No virus was found!

Starting search for hidden objects.
Skipped boot sector scan due to incompatible format.
The registration entry <HKEY_USERS\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03162017221306272\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\1609> was successfully repaired.
The registration entry <HKEY_USERS\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03162017221312382\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\1609> was successfully repaired.
The registration entry <HKEY_USERS\S-1-5-21-495495518-1249904075-3165854488-1000-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-03162017221044483\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\1609> was successfully repaired.
The registration entry <HKEY_USERS\S-1-5-21-495495518-1249904075-3165854488-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03162017221306399\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\1609> was successfully repaired.
The registration entry <HKEY_USERS\S-1-5-21-495495518-1249904075-3165854488-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03162017221312551\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\1609> was successfully repaired.
The registration entry <HKEY_USERS\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03162017221306272\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1\1609> was successfully repaired.
The registration entry <HKEY_USERS\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03162017221312382\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1\1609> was successfully repaired.
The registration entry <HKEY_USERS\S-1-5-21-495495518-1249904075-3165854488-1000-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-03162017221044483\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1\1609> was successfully repaired.
The registration entry <HKEY_USERS\S-1-5-21-495495518-1249904075-3165854488-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03162017221306399\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1\1609> was successfully repaired.
The registration entry <HKEY_USERS\S-1-5-21-495495518-1249904075-3165854488-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03162017221312551\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1\1609> was successfully repaired.
The registration entry <HKEY_USERS\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03162017221306272\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2\1609> was successfully repaired.
The registration entry <HKEY_USERS\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03162017221312382\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2\1609> was successfully repaired.
The registration entry <HKEY_USERS\S-1-5-21-495495518-1249904075-3165854488-1000-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-03162017221044483\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2\1609> was successfully repaired.
The registration entry <HKEY_USERS\S-1-5-21-495495518-1249904075-3165854488-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03162017221306399\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2\1609> was successfully repaired.
The registration entry <HKEY_USERS\S-1-5-21-495495518-1249904075-3165854488-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03162017221312551\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2\1609> was successfully repaired.
The registration entry <HKEY_USERS\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03162017221306272\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1609> was successfully repaired.
The registration entry <HKEY_USERS\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03162017221312382\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1609> was successfully repaired.
The registration entry <HKEY_USERS\S-1-5-21-495495518-1249904075-3165854488-1000-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-03162017221044483\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1609> was successfully repaired.
The registration entry <HKEY_USERS\S-1-5-21-495495518-1249904075-3165854488-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03162017221306399\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1609> was successfully repaired.
The registration entry <HKEY_USERS\S-1-5-21-495495518-1249904075-3165854488-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03162017221312551\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1609> was successfully repaired.
The registration entry <HKEY_USERS\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03162017221306272\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1609> was successfully repaired.
The registration entry <HKEY_USERS\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03162017221312382\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1609> was successfully repaired.
The registration entry <HKEY_USERS\S-1-5-21-495495518-1249904075-3165854488-1000-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-03162017221044483\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1609> was successfully repaired.
The registration entry <HKEY_USERS\S-1-5-21-495495518-1249904075-3165854488-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03162017221306399\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1609> was successfully repaired.
The registration entry <HKEY_USERS\S-1-5-21-495495518-1249904075-3165854488-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03162017221312551\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1609> was successfully repaired.
The registration entry <HKEY_USERS\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03162017221306272\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\2500> was successfully repaired.
The registration entry <HKEY_USERS\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03162017221312382\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\2500> was successfully repaired.
The registration entry <HKEY_USERS\S-1-5-21-495495518-1249904075-3165854488-1000-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-03162017221044483\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\2500> was successfully repaired.
The registration entry <HKEY_USERS\S-1-5-21-495495518-1249904075-3165854488-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03162017221306399\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\2500> was successfully repaired.
The registration entry <HKEY_USERS\S-1-5-21-495495518-1249904075-3165854488-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03162017221312551\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\2500> was successfully repaired.
The registration entry <HKEY_USERS\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03162017221306272\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2\2500> was successfully repaired.
The registration entry <HKEY_USERS\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03162017221312382\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2\2500> was successfully repaired.
The registration entry <HKEY_USERS\S-1-5-21-495495518-1249904075-3165854488-1000-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-03162017221044483\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2\2500> was successfully repaired.
The registration entry <HKEY_USERS\S-1-5-21-495495518-1249904075-3165854488-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03162017221306399\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2\2500> was successfully repaired.
The registration entry <HKEY_USERS\S-1-5-21-495495518-1249904075-3165854488-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03162017221312551\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2\2500> was successfully repaired.
The registration entry <HKEY_USERS\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03162017221306272\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\2500> was successfully repaired.
The registration entry <HKEY_USERS\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03162017221312382\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\2500> was successfully repaired.
The registration entry <HKEY_USERS\S-1-5-21-495495518-1249904075-3165854488-1000-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-03162017221044483\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\2500> was successfully repaired.
The registration entry <HKEY_USERS\S-1-5-21-495495518-1249904075-3165854488-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03162017221306399\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\2500> was successfully repaired.
The registration entry <HKEY_USERS\S-1-5-21-495495518-1249904075-3165854488-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03162017221312551\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\2500> was successfully repaired.
The registration entry <HKEY_USERS\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03162017221306272\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\2500> was successfully repaired.
The registration entry <HKEY_USERS\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03162017221312382\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\2500> was successfully repaired.
The registration entry <HKEY_USERS\S-1-5-21-495495518-1249904075-3165854488-1000-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-03162017221044483\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\2500> was successfully repaired.
The registration entry <HKEY_USERS\S-1-5-21-495495518-1249904075-3165854488-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03162017221306399\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\2500> was successfully repaired.
The registration entry <HKEY_USERS\S-1-5-21-495495518-1249904075-3165854488-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03162017221312551\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\2500> was successfully repaired.
The registration entry <HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS\Start> was successfully repaired.
The registration entry <HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\iSafeService> could not be removed.
The registration entry <HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\iSafeService\ImagePath> could not be removed.
The registration entry <HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Kyubey> was removed successfully.
The registration entry <HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\FirefoxU> was removed successfully.

The scan of running processes will be started:
Scan process 'svchost.exe' - '88' Module(s) have been scanned
Scan process 'svchost.exe' - '38' Module(s) have been scanned
Scan process 'dwm.exe' - '54' Module(s) have been scanned
Scan process 'WS2_32.dll' - '198' Module(s) have been scanned
Module is OK -> <C:\Windows\System32\svchost.exe>
[NOTE] Process 'svchost.exe' was terminated
Module is infected -> <C:\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll>
[DETECTION] Is the TR/Trash.Gen Trojan
[WARNING] An error has occurred and the file was not deleted. ErrorID: 26003
[WARNING] The file could not be deleted!
[NOTE] Attempting to perform action using the ARK library.
[WARNING] The file could not be copied to quarantine!
[WARNING] Skipped boot sector scan due to incompatible format.
Scan process 'svchost.exe' - '94' Module(s) have been scanned
Scan process 'svchost.exe' - '76' Module(s) have been scanned
Scan process 'svchost.exe' - '96' Module(s) have been scanned
Scan process 'svchost.exe' - '82' Module(s) have been scanned
Scan process 'iSafeSvc.exe' - '68' Module(s) have been scanned
Module is infected -> <C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe>
[DETECTION] Is the TR/Trash.Gen Trojan
[WARNING] The process <iSafeSvc.exe> could not be ended. Possible cause: System error [5]: Přístup byl odepřen.
[WARNING] An error has occurred and the file was not deleted. ErrorID: 26003
[WARNING] The file could not be deleted!
[NOTE] Attempting to perform action using the ARK library.
[WARNING] The file could not be copied to quarantine!
[WARNING] Skipped boot sector scan due to incompatible format.
[WARNING] The registration entry <HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\iSafeService\ImagePath> could not be repaired.
[NOTE] It is recommended to restart your computer in order to finish the repair.
Module is infected -> <C:\Program Files (x86)\Elex-tech\YAC\MSVCR110.dll>
[DETECTION] Is the TR/Trash.Gen Trojan
[WARNING] An error has occurred and the file was not deleted. ErrorID: 26003
[WARNING] The file could not be deleted!
[NOTE] Attempting to perform action using the ARK library.
[WARNING] The file could not be copied to quarantine!
[WARNING] Skipped boot sector scan due to incompatible format.
Module is infected -> <C:\Program Files (x86)\Elex-tech\YAC\iSvc.dll>
[DETECTION] Is the TR/Trash.Gen Trojan
[WARNING] An error has occurred and the file was not deleted. ErrorID: 26003
[WARNING] The file could not be deleted!
[NOTE] Attempting to perform action using the ARK library.
[WARNING] The file could not be copied to quarantine!
[WARNING] Skipped boot sector scan due to incompatible format.
Module is infected -> <C:\Program Files (x86)\Elex-tech\YAC\iImportLib.dll>
[DETECTION] Is the TR/Trash.Gen Trojan
[WARNING] An error has occurred and the file was not deleted. ErrorID: 26003
[WARNING] The file could not be deleted!
[NOTE] Attempting to perform action using the ARK library.
[WARNING] The file could not be copied to quarantine!
[WARNING] Skipped boot sector scan due to incompatible format.
Module is infected -> <C:\Program Files (x86)\Elex-tech\YAC\sqlite3.dll>
[DETECTION] Is the TR/Trash.Gen Trojan
[WARNING] An error has occurred and the file was not deleted. ErrorID: 26003
[WARNING] The file could not be deleted!
[NOTE] Attempting to perform action using the ARK library.
[WARNING] The file could not be copied to quarantine!
[WARNING] Skipped boot sector scan due to incompatible format.
Module is infected -> <C:\Program Files (x86)\Elex-tech\YAC\libcurl.dll>
[DETECTION] Is the TR/Trash.Gen Trojan
[WARNING] An error has occurred and the file was not deleted. ErrorID: 26003
[WARNING] The file could not be deleted!
[NOTE] Attempting to perform action using the ARK library.
[WARNING] The file could not be copied to quarantine!
[WARNING] Skipped boot sector scan due to incompatible format.
Module is infected -> <C:\Program Files (x86)\Elex-tech\YAC\curlpp.dll>
[DETECTION] Is the TR/Trash.Gen Trojan
[WARNING] An error has occurred and the file was not deleted. ErrorID: 26003
[WARNING] The file could not be deleted!
[NOTE] Attempting to perform action using the ARK library.
[WARNING] The file could not be copied to quarantine!
[WARNING] Skipped boot sector scan due to incompatible format.
Module is infected -> <C:\Program Files (x86)\Elex-tech\YAC\MSVCP110.dll>
[DETECTION] Is the TR/Trash.Gen Trojan
[WARNING] An error has occurred and the file was not deleted. ErrorID: 26003
[WARNING] The file could not be deleted!
[NOTE] Attempting to perform action using the ARK library.
[WARNING] The file could not be copied to quarantine!
[WARNING] Skipped boot sector scan due to incompatible format.
Module is infected -> <C:\Program Files (x86)\Elex-tech\YAC\LIBEAY32.dll>
[DETECTION] Is the TR/Trash.Gen Trojan
[WARNING] An error has occurred and the file was not deleted. ErrorID: 26003
[WARNING] The file could not be deleted!
[NOTE] Attempting to perform action using the ARK library.
[WARNING] The file could not be copied to quarantine!
[WARNING] Skipped boot sector scan due to incompatible format.
Module is infected -> <C:\Program Files (x86)\Elex-tech\YAC\SSLEAY32.dll>
[DETECTION] Is the TR/Trash.Gen Trojan
[WARNING] An error has occurred and the file was not deleted. ErrorID: 26003
[WARNING] The file could not be deleted!
[NOTE] Attempting to perform action using the ARK library.
[WARNING] The file could not be copied to quarantine!
[WARNING] Skipped boot sector scan due to incompatible format.
Module is infected -> <C:\Program Files (x86)\Elex-tech\YAC\zlib1.dll>
[DETECTION] Is the TR/Trash.Gen Trojan
[WARNING] An error has occurred and the file was not deleted. ErrorID: 26003
[WARNING] The file could not be deleted!
[NOTE] Attempting to perform action using the ARK library.
[WARNING] The file could not be copied to quarantine!
[WARNING] Skipped boot sector scan due to incompatible format.
Module is infected -> <C:\Program Files (x86)\Elex-tech\YAC\isafepxy.dll>
[DETECTION] Is the TR/Trash.Gen Trojan
[WARNING] An error has occurred and the file was not deleted. ErrorID: 26003
[WARNING] The file could not be deleted!
[NOTE] Attempting to perform action using the ARK library.
[WARNING] The file could not be copied to quarantine!
[WARNING] Skipped boot sector scan due to incompatible format.
Module is infected -> <C:\Program Files (x86)\Elex-tech\YAC\isaferpt.dll>
[DETECTION] Is the TR/Trash.Gen Trojan
[WARNING] An error has occurred and the file was not deleted. ErrorID: 26003
[WARNING] The file could not be deleted!
[NOTE] Attempting to perform action using the ARK library.
[WARNING] The file could not be copied to quarantine!
[WARNING] Skipped boot sector scan due to incompatible format.
Module is infected -> <C:\Program Files (x86)\Elex-tech\YAC\iCommu.dll>
[DETECTION] Is the TR/Trash.Gen Trojan
[WARNING] An error has occurred and the file was not deleted. ErrorID: 26003
[WARNING] The file could not be deleted!
[NOTE] Attempting to perform action using the ARK library.
[WARNING] The file could not be copied to quarantine!
[WARNING] Skipped boot sector scan due to incompatible format.
Module is infected -> <C:\Program Files (x86)\Elex-tech\YAC\isafeupbiz.dll>
[DETECTION] Is the TR/Trash.Gen Trojan
[WARNING] An error has occurred and the file was not deleted. ErrorID: 26003
[WARNING] The file could not be deleted!
[NOTE] Attempting to perform action using the ARK library.
[WARNING] The file could not be copied to quarantine!
[WARNING] Skipped boot sector scan due to incompatible format.
Module is infected -> <C:\Program Files (x86)\Elex-tech\YAC\ipcproxy.dll>
[DETECTION] Is the TR/Trash.Gen Trojan
[WARNING] An error has occurred and the file was not deleted. ErrorID: 26003
[WARNING] The file could not be deleted!
[NOTE] Attempting to perform action using the ARK library.
[WARNING] The file could not be copied to quarantine!
[WARNING] Skipped boot sector scan due to incompatible format.
Scan process 'svchost.exe' - '84' Module(s) have been scanned
Scan process 'igfxCUIService.exe' - '40' Module(s) have been scanned
Scan process 'iSafeSvc2.exe' - '100' Module(s) have been scanned
Module is infected -> <C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc2.exe>
[DETECTION] Is the TR/Trash.Gen Trojan
[WARNING] The process <iSafeSvc2.exe> could not be ended. Possible cause: System error [5]: Přístup byl odepřen.
[WARNING] An error has occurred and the file was not deleted. ErrorID: 26003
[WARNING] The file could not be deleted!
[NOTE] Attempting to perform action using the ARK library.
[WARNING] The file could not be copied to quarantine!
[WARNING] Skipped boot sector scan due to incompatible format.
Module is infected -> <C:\Program Files (x86)\Elex-tech\YAC\MSVCR110.dll>
[DETECTION] Is the TR/Trash.Gen Trojan
[WARNING] An error has occurred and the file was not deleted. ErrorID: 26003
[WARNING] The file could not be deleted!
[NOTE] Attempting to perform action using the ARK library.
[WARNING] The file could not be copied to quarantine!
[WARNING] Skipped boot sector scan due to incompatible format.
Module is infected -> <C:\Program Files (x86)\Elex-tech\YAC\iSvc2.dll>
[DETECTION] Is the TR/Trash.Gen Trojan
[WARNING] An error has occurred and the file was not deleted. ErrorID: 26003
[WARNING] The file could not be deleted!
[NOTE] Attempting to perform action using the ARK library.
[WARNING] The file could not be copied to quarantine!
[WARNING] Skipped boot sector scan due to incompatible format.
Module is infected -> <C:\Program Files (x86)\Elex-tech\YAC\iImportLib.dll>
[DETECTION] Is the TR/Trash.Gen Trojan
[WARNING] An error has occurred and the file was not deleted. ErrorID: 26003
[WARNING] The file could not be deleted!
[NOTE] Attempting to perform action using the ARK library.
[WARNING] The file could not be copied to quarantine!
[WARNING] Skipped boot sector scan due to incompatible format.
Module is infected -> <C:\Program Files (x86)\Elex-tech\YAC\sqlite3.dll>
[DETECTION] Is the TR/Trash.Gen Trojan
[WARNING] An error has occurred and the file was not deleted. ErrorID: 26003
[WARNING] The file could not be deleted!
[NOTE] Attempting to perform action using the ARK library.
[WARNING] The file could not be copied to quarantine!
[WARNING] Skipped boot sector scan due to incompatible format.
Module is infected -> <C:\Program Files (x86)\Elex-tech\YAC\libcurl.dll>
[DETECTION] Is the TR/Trash.Gen Trojan
[WARNING] An error has occurred and the file was not deleted. ErrorID: 26003
[WARNING] The file could not be deleted!
[NOTE] Attempting to perform action using the ARK library.
[WARNING] The file could not be copied to quarantine!
[WARNING] Skipped boot sector scan due to incompatible format.
Module is infected -> <C:\Program Files (x86)\Elex-tech\YAC\curlpp.dll>
[DETECTION] Is the TR/Trash.Gen Trojan
[WARNING] An error has occurred and the file was not deleted. ErrorID: 26003
[WARNING] The file could not be deleted!
[NOTE] Attempting to perform action using the ARK library.
[WARNING] The file could not be copied to quarantine!
[WARNING] Skipped boot sector scan due to incompatible format.
Module is infected -> <C:\Program Files (x86)\Elex-tech\YAC\LIBEAY32.dll>
[DETECTION] Is the TR/Trash.Gen Trojan
[WARNING] An error has occurred and the file was not deleted. ErrorID: 26003
[WARNING] The file could not be deleted!
[NOTE] Attempting to perform action using the ARK library.
[WARNING] The file could not be copied to quarantine!
[WARNING] Skipped boot sector scan due to incompatible format.
Module is infected -> <C:\Program Files (x86)\Elex-tech\YAC\SSLEAY32.dll>
[DETECTION] Is the TR/Trash.Gen Trojan
[WARNING] An error has occurred and the file was not deleted. ErrorID: 26003
[WARNING] The file could not be deleted!
[NOTE] Attempting to perform action using the ARK library.
[WARNING] The file could not be copied to quarantine!
[WARNING] Skipped boot sector scan due to incompatible format.
Module is infected -> <C:\Program Files (x86)\Elex-tech\YAC\MSVCP110.dll>
[DETECTION] Is the TR/Trash.Gen Trojan
[WARNING] An error has occurred and the file was not deleted. ErrorID: 26003
[WARNING] The file could not be deleted!
[NOTE] Attempting to perform action using the ARK library.
[WARNING] The file could not be copied to quarantine!
[WARNING] Skipped boot sector scan due to incompatible format.
Module is infected -> <C:\Program Files (x86)\Elex-tech\YAC\zlib1.dll>
[DETECTION] Is the TR/Trash.Gen Trojan
[WARNING] An error has occurred and the file was not deleted. ErrorID: 26003
[WARNING] The file could not be deleted!
[NOTE] Attempting to perform action using the ARK library.
[WARNING] The file could not be copied to quarantine!
[WARNING] Skipped boot sector scan due to incompatible format.
Module is infected -> <C:\Program Files (x86)\Elex-tech\YAC\iSafebs.dll>
[DETECTION] Is the TR/Trash.Gen Trojan
[WARNING] An error has occurred and the file was not deleted. ErrorID: 26003
[WARNING] The file could not be deleted!
[NOTE] Attempting to perform action using the ARK library.
[WARNING] The file could not be copied to quarantine!
[WARNING] Skipped boot sector scan due to incompatible format.
Module is infected -> <C:\Program Files (x86)\Elex-tech\YAC\iSafeAdless.dll>
[DETECTION] Is the TR/Trash.Gen Trojan
[WARNING] An error has occurred and the file was not deleted. ErrorID: 26003
[WARNING] The file could not be deleted!
[NOTE] Attempting to perform action using the ARK library.
[WARNING] The file could not be copied to quarantine!
[WARNING] Skipped boot sector scan due to incompatible format.
Module is infected -> <C:\Program Files (x86)\Elex-tech\YAC\iCommu.dll>
[DETECTION] Is the TR/Trash.Gen Trojan
[WARNING] An error has occurred and the file was not deleted. ErrorID: 26003
[WARNING] The file could not be deleted!
[NOTE] Attempting to perform action using the ARK library.
[WARNING] The file could not be copied to quarantine!
[WARNING] Skipped boot sector scan due to incompatible format.
Module is infected -> <C:\Program Files (x86)\Elex-tech\YAC\isafepxy.dll>
[DETECTION] Is the TR/Trash.Gen Trojan
[WARNING] An error has occurred and the file was not deleted. ErrorID: 26003
[WARNING] The file could not be deleted!
[NOTE] Attempting to perform action using the ARK library.
[WARNING] The file could not be copied to quarantine!
[WARNING] Skipped boot sector scan due to incompatible format.
Module is infected -> <C:\Program Files (x86)\Elex-tech\YAC\iSafenpf.dll>
[DETECTION] Is the TR/Trash.Gen Trojan
[WARNING] An error has occurred and the file was not deleted. ErrorID: 26003
[WARNING] The file could not be deleted!
[NOTE] Attempting to perform action using the ARK library.
[WARNING] The file could not be copied to quarantine!
[WARNING] Skipped boot sector scan due to incompatible format.
Module is infected -> <C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlCall.dll>
[DETECTION] Is the TR/Trash.Gen Trojan
[WARNING] An error has occurred and the file was not deleted. ErrorID: 26003
[WARNING] The file could not be deleted!
[NOTE] Attempting to perform action using the ARK library.
[WARNING] The file could not be copied to quarantine!
[WARNING] Skipped boot sector scan due to incompatible format.
Module is infected -> <C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlMonCall.dll>
[DETECTION] Is the TR/Trash.Gen Trojan
[WARNING] An error has occurred and the file was not deleted. ErrorID: 26003
[WARNING] The file could not be deleted!
[NOTE] Attempting to perform action using the ARK library.
[WARNING] The file could not be copied to quarantine!
[WARNING] Skipped boot sector scan due to incompatible format.
Module is infected -> <C:\Program Files (x86)\Elex-tech\YAC\iSafeDisp.dll>
[DETECTION] Is the TR/Trash.Gen Trojan
[WARNING] An error has occurred and the file was not deleted. ErrorID: 26003
[WARNING] The file could not be deleted!
[NOTE] Attempting to perform action using the ARK library.
[WARNING] The file could not be copied to quarantine!
[WARNING] Skipped boot sector scan due to incompatible format.
Scan process 'svchost.exe' - '42' Module(s) have been scanned
Scan process 'svchost.exe' - '62' Module(s) have been scanned
Scan process 'svchost.exe' - '66' Module(s) have been scanned
Scan process 'spoolsv.exe' - '81' Module(s) have been scanned
Scan process 'sched.exe' - '69' Module(s) have been scanned
Scan process 'SearchIndexer.exe' - '51' Module(s) have been scanned
Scan process 'avguard.exe' - '131' Module(s) have been scanned
Scan process 'Avira.ServiceHost.exe' - '109' Module(s) have been scanned
Scan process 'OfficeClickToRun.exe' - '84' Module(s) have been scanned
Scan process 'Avira.VpnService.exe' - '79' Module(s) have been scanned
Scan process 'EwServer.exe' - '27' Module(s) have been scanned
Scan process 'Kyubey.exe' - '40' Module(s) have been scanned
Module is infected -> <C:\Users\kubar\AppData\Roaming\Kyubey\Kyubey.exe>
[DETECTION] Contains virus patterns of Adware ADWARE/ELEX.kqseq
[NOTE] Process 'Kyubey.exe' was terminated
[WARNING] An error has occurred and the file was not deleted. ErrorID: 26004
[WARNING] The source file could not be found.
[NOTE] Attempting to perform action using the ARK library.
[WARNING] The file could not be copied to quarantine!
[WARNING] Skipped boot sector scan due to incompatible format.
[NOTE] The registration entry <HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Kyubey\ImagePath> was successfully repaired.
Scan process 'hamachi-2.exe' - '66' Module(s) have been scanned
Scan process 'LMIGuardianSvc.exe' - '36' Module(s) have been scanned
Scan process 'svchost.exe' - '99' Module(s) have been scanned
Scan process 'sqlservr.exe' - '97' Module(s) have been scanned
Scan process 'NVDisplay.Container.exe' - '37' Module(s) have been scanned
Scan process 'Avira.SystemSpeedup.SpeedupService.exe' - '109' Module(s) have been scanned
Scan process 'remotesolverdispatcherservice.exe' - '25' Module(s) have been scanned
Scan process 'sqlbrowser.exe' - '20' Module(s) have been scanned
Scan process 'sqlwriter.exe' - '33' Module(s) have been scanned
Scan process 'svchost.exe' - '42' Module(s) have been scanned
Scan process 'svchost.exe' - '42' Module(s) have been scanned
Scan process 'dispatcher.exe' - '20' Module(s) have been scanned
Scan process 'conhost.exe' - '28' Module(s) have been scanned
Scan process 'wmiprvse.exe' - '58' Module(s) have been scanned
Scan process 'avshadow.exe' - '45' Module(s) have been scanned
Scan process 'sihost.exe' - '72' Module(s) have been scanned
Scan process 'svchost.exe' - '114' Module(s) have been scanned
Scan process 'PresentationFontCache.exe' - '44' Module(s) have been scanned
Scan process 'taskhostw.exe' - '65' Module(s) have been scanned
Scan process 'DNSAPI.dll' - '290' Module(s) have been scanned
Module is OK -> <C:\Windows\Explorer.EXE>
[NOTE] Process 'explorer.exe' was terminated
Module is infected -> <C:\Program Files (x86)\Elex-tech\YAC\iDskDllPatch64.dll>
[DETECTION] Is the TR/Trash.Gen Trojan
[WARNING] An error has occurred and the file was not deleted. ErrorID: 26003
[WARNING] The file could not be deleted!
[NOTE] Attempting to perform action using the ARK library.
[WARNING] The file could not be copied to quarantine!
[WARNING] Skipped boot sector scan due to incompatible format.
Scan process 'SearchUI.exe' - '140' Module(s) have been scanned
Scan process 'iSafeTray.exe' - '92' Module(s) have been scanned
Module is infected -> <C:\Program Files (x86)\Elex-tech\YAC\iSafeTray.exe>
[DETECTION] Is the TR/Trash.Gen Trojan
[WARNING] The process <iSafeTray.exe> could not be ended. Possible cause: System error [5]: Přístup byl odepřen.
[WARNING] An error has occurred and the file was not deleted. ErrorID: 26003
[WARNING] The file could not be deleted!
[NOTE] Attempting to perform action using the ARK library.
[WARNING] The file could not be copied to quarantine!
[WARNING] Skipped boot sector scan due to incompatible format.
Module is infected -> <C:\Program Files (x86)\Elex-tech\YAC\iSafeBase.dll>
[DETECTION] Is the TR/Trash.Gen Trojan
[WARNING] An error has occurred and the file was not deleted. ErrorID: 26003
[WARNING] The file could not be deleted!
[NOTE] Attempting to perform action using the ARK library.
[WARNING] The file could not be copied to quarantine!
[WARNING] Skipped boot sector scan due to incompatible format.
Module is infected -> <C:\Program Files (x86)\Elex-tech\YAC\iImportLib.dll>
[DETECTION] Is the TR/Trash.Gen Trojan
[WARNING] An error has occurred and the file was not deleted. ErrorID: 26003
[WARNING] The file could not be deleted!
[NOTE] Attempting to perform action using the ARK library.
[WARNING] The file could not be copied to quarantine!
[WARNING] Skipped boot sector scan due to incompatible format.
Module is infected -> <C:\Program Files (x86)\Elex-tech\YAC\ouilibx.dll>
[DETECTION] Is the TR/Trash.Gen Trojan
[WARNING] An error has occurred and the file was not deleted. ErrorID: 26003
[WARNING] The file could not be deleted!
[NOTE] Attempting to perform action using the ARK library.
[WARNING] The file could not be copied to quarantine!
[WARNING] Skipped boot sector scan due to incompatible format.
Module is infected -> <C:\Program Files (x86)\Elex-tech\YAC\iCommon.dll>
[DETECTION] Is the TR/Trash.Gen Trojan
[WARNING] An error has occurred and the file was not deleted. ErrorID: 26003
[WARNING] The file could not be deleted!
[NOTE] Attempting to perform action using the ARK library.
[WARNING] The file could not be copied to quarantine!
[WARNING] Skipped boot sector scan due to incompatible format.
Module is infected -> <C:\Program Files (x86)\Elex-tech\YAC\MSVCP110.dll>
[DETECTION] Is the TR/Trash.Gen Trojan
[WARNING] An error has occurred and the file was not deleted. ErrorID: 26003
[WARNING] The file could not be deleted!
[NOTE] Attempting to perform action using the ARK library.
[WARNING] The file could not be copied to quarantine!
[WARNING] Skipped boot sector scan due to incompatible format.
Module is infected -> <C:\Program Files (x86)\Elex-tech\YAC\isafepxy.dll>
[DETECTION] Is the TR/Trash.Gen Trojan
[WARNING] An error has occurred and the file was not deleted. ErrorID: 26003
[WARNING] The file could not be deleted!
[NOTE] Attempting to perform action using the ARK library.
[WARNING] The file could not be copied to quarantine!
[WARNING] Skipped boot sector scan due to incompatible format.
Module is infected -> <C:\Program Files (x86)\Elex-tech\YAC\isaferpt.dll>
[DETECTION] Is the TR/Trash.Gen Trojan
[WARNING] An error has occurred and the file was not deleted. ErrorID: 26003
[WARNING] The file could not be deleted!
[NOTE] Attempting to perform action using the ARK library.
[WARNING] The file could not be copied to quarantine!
[WARNING] Skipped boot sector scan due to incompatible format.
Module is infected -> <C:\Program Files (x86)\Elex-tech\YAC\MSVCR110.dll>
[DETECTION] Is the TR/Trash.Gen Trojan
[WARNING] An error has occurred and the file was not deleted. ErrorID: 26003
[WARNING] The file could not be deleted!
[NOTE] Attempting to perform action using the ARK library.
[WARNING] The file could not be copied to quarantine!
[WARNING] Skipped boot sector scan due to incompatible format.
Module is infected -> <C:\Program Files (x86)\Elex-tech\YAC\sqlite3.dll>
[DETECTION] Is the TR/Trash.Gen Trojan
[WARNING] An error has occurred and the file was not deleted. ErrorID: 26003
[WARNING] The file could not be deleted!
[NOTE] Attempting to perform action using the ARK library.
[WARNING] The file could not be copied to quarantine!
[WARNING] Skipped boot sector scan due to incompatible format.
Module is infected -> <C:\Program Files (x86)\Elex-tech\YAC\isafemc.dll>
[DETECTION] Is the TR/Trash.Gen Trojan
[WARNING] An error has occurred and the file was not deleted. ErrorID: 26003
[WARNING] The file could not be deleted!
[NOTE] Attempting to perform action using the ARK library.
[WARNING] The file could not be copied to quarantine!
[WARNING] Skipped boot sector scan due to incompatible format.
Module is infected -> <C:\Program Files (x86)\Elex-tech\YAC\libcurl.dll>
[DETECTION] Is the TR/Trash.Gen Trojan
[WARNING] An error has occurred and the file was not deleted. ErrorID: 26003
[WARNING] The file could not be deleted!
[NOTE] Attempting to perform action using the ARK library.
[WARNING] The file could not be copied to quarantine!
[WARNING] Skipped boot sector scan due to incompatible format.
Module is infected -> <C:\Program Files (x86)\Elex-tech\YAC\curlpp.dll>
[DETECTION] Is the TR/Trash.Gen Trojan
[WARNING] An error has occurred and the file was not deleted. ErrorID: 26003
[WARNING] The file could not be deleted!
[NOTE] Attempting to perform action using the ARK library.
[WARNING] The file could not be copied to quarantine!
[WARNING] Skipped boot sector scan due to incompatible format.
Module is infected -> <C:\Program Files (x86)\Elex-tech\YAC\libpng.dll>
[DETECTION] Is the TR/Trash.Gen Trojan
[WARNING] An error has occurred and the file was not deleted. ErrorID: 26003
[WARNING] The file could not be deleted!
[NOTE] Attempting to perform action using the ARK library.
[WARNING] The file could not be copied to quarantine!
[WARNING] Skipped boot sector scan due to incompatible format.
Module is infected -> <C:\Program Files (x86)\Elex-tech\YAC\LIBEAY32.dll>
[DETECTION] Is the TR/Trash.Gen Trojan
[WARNING] An error has occurred and the file was not deleted. ErrorID: 26003
[WARNING] The file could not be deleted!
[NOTE] Attempting to perform action using the ARK library.
[WARNING] The file could not be copied to quarantine!
[WARNING] Skipped boot sector scan due to incompatible format.
Module is infected -> <C:\Program Files (x86)\Elex-tech\YAC\SSLEAY32.dll>
[DETECTION] Is the TR/Trash.Gen Trojan
[WARNING] An error has occurred and the file was not deleted. ErrorID: 26003
[WARNING] The file could not be deleted!
[NOTE] Attempting to perform action using the ARK library.
[WARNING] The file could not be copied to quarantine!
[WARNING] Skipped boot sector scan due to incompatible format.
Module is infected -> <C:\Program Files (x86)\Elex-tech\YAC\zlib1.dll>
[DETECTION] Is the TR/Trash.Gen Trojan
[WARNING] An error has occurred and the file was not deleted. ErrorID: 26003
[WARNING] The file could not be deleted!
[NOTE] Attempting to perform action using the ARK library.
[WARNING] The file could not be copied to quarantine!
[WARNING] Skipped boot sector scan due to incompatible format.
Module is infected -> <C:\Program Files (x86)\Elex-tech\YAC\iCommu.dll>
[DETECTION] Is the TR/Trash.Gen Trojan
[WARNING] An error has occurred and the file was not deleted. ErrorID: 26003
[WARNING] The file could not be deleted!
[NOTE] Attempting to perform action using the ARK library.
[WARNING] The file could not be copied to quarantine!
[WARNING] Skipped boot sector scan due to incompatible format.
Module is infected -> <C:\Program Files (x86)\Elex-tech\YAC\iTPNodisturb.dll>
[DETECTION] Is the TR/Trash.Gen Trojan
[WARNING] An error has occurred and the file was not deleted. ErrorID: 26003
[WARNING] The file could not be deleted!
[NOTE] Attempting to perform action using the ARK library.
[WARNING] The file could not be copied to quarantine!
[WARNING] Skipped boot sector scan due to incompatible format.
Module is infected -> <C:\Program Files (x86)\Elex-tech\YAC\iTPProtect.dll>
[DETECTION] Is the TR/Trash.Gen Trojan
[WARNING] An error has occurred and the file was not deleted. ErrorID: 26003
[WARNING] The file could not be deleted!
[NOTE] Attempting to perform action using the ARK library.
[WARNING] The file could not be copied to quarantine!
[WARNING] Skipped boot sector scan due to incompatible format.
Module is infected -> <C:\Program Files (x86)\Elex-tech\YAC\iTPDesk.dll>
[DETECTION] Is the TR/Trash.Gen Trojan
[WARNING] An error has occurred and the file was not deleted. ErrorID: 26003
[WARNING] The file could not be deleted!
[NOTE] Attempting to perform action using the ARK library.
[WARNING] The file could not be copied to quarantine!
[WARNING] Skipped boot sector scan due to incompatible format.
Module is infected -> <C:\Program Files (x86)\Elex-tech\YAC\iTPFloaty.dll>
[DETECTION] Is the TR/Trash.Gen Trojan
[WARNING] An error has occurred and the file was not deleted. ErrorID: 26003
[WARNING] The file could not be deleted!
[NOTE] Attempting to perform action using the ARK library.
[WARNING] The file could not be copied to quarantine!
[WARNING] Skipped boot sector scan due to incompatible format.
Module is infected -> <C:\Program Files (x86)\Elex-tech\YAC\iTPPush.dll>
[DETECTION] Is the TR/Trash.Gen Trojan
[WARNING] An error has occurred and the file was not deleted. ErrorID: 26003
[WARNING] The file could not be deleted!
[NOTE] Attempting to perform action using the ARK library.
[WARNING] The file could not be copied to quarantine!
[WARNING] Skipped boot sector scan due to incompatible format.
Module is infected -> <C:\Program Files (x86)\Elex-tech\YAC\iTPMsgCenter.dll>
[DETECTION] Is the TR/Trash.Gen Trojan
[WARNING] An error has occurred and the file was not deleted. ErrorID: 26003
[WARNING] The file could not be deleted!
[NOTE] Attempting to perform action using the ARK library.
[WARNING] The file could not be copied to quarantine!
[WARNING] Skipped boot sector scan due to incompatible format.
Module is infected -> <C:\Program Files (x86)\Elex-tech\YAC\iTPAutoClean.dll>
[DETECTION] Is the TR/Trash.Gen Trojan
[WARNING] An error has occurred and the file was not deleted. ErrorID: 26003
[WARNING] The file could not be deleted!
[NOTE] Attempting to perform action using the ARK library.
[WARNING] The file could not be copied to quarantine!
[WARNING] Skipped boot sector scan due to incompatible format.
Scan process 'dashost.exe' - '22' Module(s) have been scanned
Scan process 'svchost.exe' - '38' Module(s) have been scanned
Scan process 'DTAgent.exe' - '50' Module(s) have been scanned
Scan process 'DiscSoftBusServiceLite.exe' - '38' Module(s) have been scanned
Scan process 'avgnt.exe' - '88' Module(s) have been scanned
Scan process 'svchost.exe' - '67' Module(s) have been scanned
Scan process 'FirefoxUpdate.exe' - '52' Module(s) have been scanned
Module is infected -> <C:\Program Files (x86)\Firefox\bin\FirefoxUpdate.exe>
[DETECTION] Is the TR/Dropper.xrzet Trojan
[NOTE] Process 'FirefoxUpdate.exe' was terminated
[NOTE] The file was moved to the quarantine directory under the name '38c6f84f.qua'!
[NOTE] The registration entry <HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\FirefoxU\ImagePath> was successfully repaired.
Scan process 'AUDIODG.EXE' - '41' Module(s) have been scanned
Scan process 'Skype.exe' - '185' Module(s) have been scanned
Scan process 'SkypeBrowserHost.exe' - '90' Module(s) have been scanned
Scan process 'SkypeHost.exe' - '127' Module(s) have been scanned
Scan process 'ShellExperienceHost.exe' - '94' Module(s) have been scanned
Scan process 'chrome.exe' - '166' Module(s) have been scanned
Module is infected -> <C:\Program Files (x86)\Cansuck\Application\chrome.exe>
[DETECTION] Is the TR/Trash.Gen Trojan
[NOTE] Process 'chrome.exe' was terminated
[NOTE] The file was moved to the quarantine directory under the name '17878475.qua'!
Module is infected -> <C:\Program Files (x86)\Cansuck\Application\chrome_elf.dll>
[DETECTION] Is the TR/Trash.Gen Trojan
[NOTE] The file was moved to the quarantine directory under the name '2a91a5da.qua'!
Scan process 'chrome.exe' - '55' Module(s) have been scanned
Module is infected -> <C:\Program Files (x86)\Cansuck\Application\chrome.exe>
[DETECTION] Is the TR/Trash.Gen Trojan
[WARNING] The process <chrome.exe> could not be ended. Possible cause: System error [5]: Přístup byl odepřen.
[NOTE] The file could not be copied to quarantine!
[NOTE] The file does not exist!
Module is infected -> <C:\Program Files (x86)\Cansuck\Application\chrome_elf.dll>
[DETECTION] Is the TR/Trash.Gen Trojan
[NOTE] The file could not be copied to quarantine!
[NOTE] The file does not exist!
Module is infected -> <C:\Program Files (x86)\Cansuck\Application\chrome_watcher.dll>
[DETECTION] Is the TR/Trash.Gen Trojan
[NOTE] The file was moved to the quarantine directory under the name '766ea3fb.qua'!
Scan process 'chrome.exe' - '88' Module(s) have been scanned
Module is infected -> <C:\Program Files (x86)\Cansuck\Application\chrome.exe>
[DETECTION] Is the TR/Trash.Gen Trojan
[WARNING] The process <chrome.exe> could not be ended. Possible cause: System error [5]: Přístup byl odepřen.
[NOTE] The file could not be copied to quarantine!
[NOTE] The file does not exist!
Module is infected -> <C:\Program Files (x86)\Cansuck\Application\chrome_elf.dll>
[DETECTION] Is the TR/Trash.Gen Trojan
[NOTE] The file could not be copied to quarantine!
[NOTE] The file does not exist!
Module is infected -> <C:\Program Files (x86)\Cansuck\Application\D3DCompiler_47.dll>
[DETECTION] Is the TR/Trash.Gen Trojan
[NOTE] The file was moved to the quarantine directory under the name '32fab463.qua'!
Module is infected -> <C:\Program Files (x86)\Cansuck\Application\libglesv2.dll>
[DETECTION] Is the TR/Trash.Gen Trojan
[NOTE] The file was moved to the quarantine directory under the name '4dffc226.qua'!
Module is infected -> <C:\Program Files (x86)\Cansuck\Application\libegl.dll>
[DETECTION] Is the TR/Trash.Gen Trojan
[NOTE] The file was moved to the quarantine directory under the name '5404e240.qua'!
Scan process 'chrome.exe' - '63' Module(s) have been scanned
Module is infected -> <C:\Program Files (x86)\Cansuck\Application\chrome.exe>
[DETECTION] Is the TR/Trash.Gen Trojan
[WARNING] The process <chrome.exe> could not be ended. Possible cause: System error [5]: Přístup byl odepřen.
[NOTE] The file could not be copied to quarantine!
[NOTE] The file does not exist!
Module is infected -> <C:\Program Files (x86)\Cansuck\Application\chrome_elf.dll>
[DETECTION] Is the TR/Trash.Gen Trojan
[NOTE] The file could not be copied to quarantine!
[NOTE] The file does not exist!
Scan process 'chrome.exe' - '63' Module(s) have been scanned
Module is infected -> <C:\Program Files (x86)\Cansuck\Application\chrome.exe>
[DETECTION] Is the TR/Trash.Gen Trojan
[WARNING] The process <chrome.exe> could not be ended. Possible cause: System error [5]: Přístup byl odepřen.
[NOTE] The file could not be copied to quarantine!
[NOTE] The file does not exist!
Module is infected -> <C:\Program Files (x86)\Cansuck\Application\chrome_elf.dll>
[DETECTION] Is the TR/Trash.Gen Trojan
[NOTE] The file could not be copied to quarantine!
[NOTE] The file does not exist!
Scan process 'chrome.exe' - '63' Module(s) have been scanned
Module is infected -> <C:\Program Files (x86)\Cansuck\Application\chrome.exe>
[DETECTION] Is the TR/Trash.Gen Trojan
[WARNING] The process <chrome.exe> could not be ended. Possible cause: System error [5]: Přístup byl odepřen.
[NOTE] The file could not be copied to quarantine!
[NOTE] The file does not exist!
Module is infected -> <C:\Program Files (x86)\Cansuck\Application\chrome_elf.dll>
[DETECTION] Is the TR/Trash.Gen Trojan
[NOTE] The file could not be copied to quarantine!
[NOTE] The file does not exist!
Scan process 'chrome.exe' - '63' Module(s) have been scanned
Module is infected -> <C:\Program Files (x86)\Cansuck\Application\chrome.exe>
[DETECTION] Is the TR/Trash.Gen Trojan
[WARNING] The process <chrome.exe> could not be ended. Possible cause: System error [5]: Přístup byl odepřen.
[NOTE] The file could not be copied to quarantine!
[NOTE] The file does not exist!
Module is infected -> <C:\Program Files (x86)\Cansuck\Application\chrome_elf.dll>
[DETECTION] Is the TR/Trash.Gen Trojan
[NOTE] The file could not be copied to quarantine!
[NOTE] The file does not exist!
Scan process 'cmd.exe' - '18' Module(s) have been scanned
Scan process 'conhost.exe' - '32' Module(s) have been scanned
Scan process 'java.exe' - '60' Module(s) have been scanned
Scan process 'rundll32.exe' - '47' Module(s) have been scanned
Scan process 'chrome.exe' - '63' Module(s) have been scanned
Module is infected -> <C:\Program Files (x86)\Cansuck\Application\chrome.exe>
[DETECTION] Is the TR/Trash.Gen Trojan
[WARNING] The process <chrome.exe> could not be ended. Possible cause: System error [5]: Přístup byl odepřen.
[NOTE] The file could not be copied to quarantine!
[NOTE] The file does not exist!
Module is infected -> <C:\Program Files (x86)\Cansuck\Application\chrome_elf.dll>
[DETECTION] Is the TR/Trash.Gen Trojan
[NOTE] The file could not be copied to quarantine!
[NOTE] The file does not exist!
Scan process 'TLv4.0-238-64b-win.exe' - '85' Module(s) have been scanned
Scan process 'javaw.exe' - '91' Module(s) have been scanned
Scan process 'GameBarPresenceWriter.exe' - '23' Module(s) have been scanned
Scan process 'chrome.exe' - '63' Module(s) have been scanned
Module is infected -> <C:\Program Files (x86)\Cansuck\Application\chrome.exe>
[DETECTION] Is the TR/Trash.Gen Trojan
[WARNING] The process <chrome.exe> could not be ended. Possible cause: System error [5]: Přístup byl odepřen.
[NOTE] The file could not be copied to quarantine!
[NOTE] The file does not exist!
Module is infected -> <C:\Program Files (x86)\Cansuck\Application\chrome_elf.dll>
[DETECTION] Is the TR/Trash.Gen Trojan
[NOTE] The file could not be copied to quarantine!
[NOTE] The file does not exist!
Scan process 'mbamservice.exe' - '111' Module(s) have been scanned
Scan process 'mbamtray.exe' - '78' Module(s) have been scanned
Scan process 'mbam.exe' - '164' Module(s) have been scanned
Scan process 'fontdrvhost.exe' - '10' Module(s) have been scanned
Scan process 'taskhostw.exe' - '67' Module(s) have been scanned
Scan process 'smartscreen.exe' - '44' Module(s) have been scanned
Scan process 'avscan.exe' - '120' Module(s) have been scanned
Scan process 'RuntimeBroker.exe' - '19' Module(s) have been scanned
Scan process 'vssvc.exe' - '37' Module(s) have been scanned
Scan process 'svchost.exe' - '33' Module(s) have been scanned
Scan process 'winlogon.exe' - '38' Module(s) have been scanned
Scan process 'lsass.exe' - '75' Module(s) have been scanned
Scan process 'mbam.exe' - '96' Module(s) have been scanned
Scan process 'launchtm.exe' - '37' Module(s) have been scanned
Scan process 'consent.exe' - '4' Module(s) have been scanned
Scan process 'RuntimeBroker.exe' - '65' Module(s) have been scanned
Scan process 'svchost.exe' - '54' Module(s) have been scanned
Scan process 'wmiprvse.exe' - '31' Module(s) have been scanned
Scan process 'DllHost.exe' - '33' Module(s) have been scanned
Scan process 'vssvc.exe' - '37' Module(s) have been scanned
Scan process 'svchost.exe' - '33' Module(s) have been scanned
Scan process '%windir%\system32\seclogon.dll' - '262' Module(s) have been scanned
Module is OK -> <C:\Windows\explorer.exe>
[NOTE] Process 'explorer.exe' was terminated
Module is infected -> <C:\Program Files (x86)\Elex-tech\YAC\iDskDllPatch64.dll>
[DETECTION] Is the TR/Trash.Gen Trojan
[WARNING] The file could not be copied to quarantine!
[WARNING] Skipped boot sector scan due to incompatible format.
Scan process 'SkypeBrowserHost.exe' - '88' Module(s) have been scanned
Scan process 'ShellExperienceHost.exe' - '95' Module(s) have been scanned
Scan process 'SearchUI.exe' - '136' Module(s) have been scanned
Scan process 'taskhostw.exe' - '39' Module(s) have been scanned
Scan process 'SettingSyncHost.exe' - '92' Module(s) have been scanned
Scan process 'cmd.exe' - '16' Module(s) have been scanned
Scan process 'conhost.exe' - '32' Module(s) have been scanned
Scan process 'java.exe' - '58' Module(s) have been scanned
Scan process 'TLv4.0-238-64b-win.exe' - '85' Module(s) have been scanned
Scan process 'javaw.exe' - '91' Module(s) have been scanned
Scan process 'GameBarPresenceWriter.exe' - '23' Module(s) have been scanned
Scan process 'C:\Windows\SYSTEM32\dxgi.dll' - '223' Module(s) have been scanned
Module is OK -> <C:\Windows\explorer.exe>
[NOTE] Process 'explorer.exe' was terminated
Module is infected -> <C:\Program Files (x86)\Elex-tech\YAC\iDskDllPatch64.dll>
[DETECTION] Is the TR/Trash.Gen Trojan
[WARNING] The file could not be copied to quarantine!
[WARNING] Skipped boot sector scan due to incompatible format.
Scan process 'ShellExperienceHost.exe' - '95' Module(s) have been scanned
Scan process 'SearchUI.exe' - '136' Module(s) have been scanned
Scan process 'backgroundTaskHost.exe' - '67' Module(s) have been scanned
Scan process 'NETDIS-WSDEVNT-In-TCP-Active' - '211' Module(s) have been scanned
Module is OK -> <C:\Windows\explorer.exe>
[NOTE] Process 'explorer.exe' was terminated
Module is infected -> <C:\Program Files (x86)\Elex-tech\YAC\iDskDllPatch64.dll>
[DETECTION] Is the TR/Trash.Gen Trojan
[WARNING] The file could not be copied to quarantine!
[WARNING] Skipped boot sector scan due to incompatible format.
Scan process 'ShellExperienceHost.exe' - '72' Module(s) have been scanned
Scan process 'backgroundTaskHost.exe' - '71' Module(s) have been scanned
Scan process 'RuntimeBroker.exe' - '47' Module(s) have been scanned
Scan process 'C:\Windows\SysWOW64\CRYPT32.dll' - '207' Module(s) have been scanned
Module is OK -> <C:\Windows\explorer.exe>
[NOTE] Process 'explorer.exe' was terminated
Module is infected -> <C:\Program Files (x86)\Elex-tech\YAC\iDskDllPatch64.dll>
[DETECTION] Is the TR/Trash.Gen Trojan
[WARNING] The file could not be copied to quarantine!
[WARNING] Skipped boot sector scan due to incompatible format.
Scan process 'ShellExperienceHost.exe' - '72' Module(s) have been scanned
Scan process 'ApplicationFrameHost.exe' - '51' Module(s) have been scanned
Scan process 'RuntimeBroker.exe' - '59' Module(s) have been scanned
Scan process 'smartscreen.exe' - '44' Module(s) have been scanned
Scan process 'SearchProtocolHost.exe' - '30' Module(s) have been scanned
Scan process 'SearchFilterHost.exe' - '23' Module(s) have been scanned
Scan process 'explorer.exe' - '210' Module(s) have been scanned
Module is OK -> <C:\Windows\explorer.exe>
[NOTE] Process 'explorer.exe' was terminated
Module is infected -> <C:\Program Files (x86)\Elex-tech\YAC\iDskDllPatch64.dll>
[DETECTION] Is the TR/Trash.Gen Trojan
[WARNING] The file could not be copied to quarantine!
[WARNING] Skipped boot sector scan due to incompatible format.
Scan process 'ShellExperienceHost.exe' - '72' Module(s) have been scanned
[WARN] GetSHA256: SHA - Cannot open the file: \\?\C:\Users\kubar\AppData\Roaming\Kyubey\Kyubey.exe
[WARN] Can't get creation date of file: \\?\C:\Users\kubar\AppData\Roaming\Kyubey\Kyubey.exe. Error: Can't get file attributes: no such file or directory
[WARN] GetSHA256: SHA - Cannot open the file: \\?\C:\Users\kubar\AppData\Roaming\Kyubey\Kyubey.exe
[WARN] Can't get creation date of file: \\?\C:\Users\kubar\AppData\Roaming\Kyubey\Kyubey.exe. Error: Can't get file attributes: no such file or directory
The registration entry <HKEY_USERS\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03162017221306272\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\1609> was removed successfully.
The registration entry <HKEY_USERS\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03162017221312382\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\1609> was removed successfully.
The registration entry <HKEY_USERS\S-1-5-21-495495518-1249904075-3165854488-1000-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-03162017221044483\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\1609> was removed successfully.
The registration entry <HKEY_USERS\S-1-5-21-495495518-1249904075-3165854488-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03162017221306399\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\1609> was removed successfully.
The registration entry <HKEY_USERS\S-1-5-21-495495518-1249904075-3165854488-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03162017221312551\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\1609> was removed successfully.
The registration entry <HKEY_USERS\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03162017221306272\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1\1609> was removed successfully.
The registration entry <HKEY_USERS\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03162017221312382\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1\1609> was removed successfully.
The registration entry <HKEY_USERS\S-1-5-21-495495518-1249904075-3165854488-1000-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-03162017221044483\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1\1609> was removed successfully.
The registration entry <HKEY_USERS\S-1-5-21-495495518-1249904075-3165854488-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03162017221306399\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1\1609> was removed successfully.
The registration entry <HKEY_USERS\S-1-5-21-495495518-1249904075-3165854488-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03162017221312551\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1\1609> was removed successfully.
The registration entry <HKEY_USERS\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03162017221306272\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2\1609> was removed successfully.
The registration entry <HKEY_USERS\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03162017221312382\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2\1609> was removed successfully.
The registration entry <HKEY_USERS\S-1-5-21-495495518-1249904075-3165854488-1000-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-03162017221044483\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2\1609> was removed successfully.
The registration entry <HKEY_USERS\S-1-5-21-495495518-1249904075-3165854488-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03162017221306399\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2\1609> was removed successfully.
The registration entry <HKEY_USERS\S-1-5-21-495495518-1249904075-3165854488-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03162017221312551\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2\1609> was removed successfully.
The registration entry <HKEY_USERS\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03162017221306272\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1609> was removed successfully.
The registration entry <HKEY_USERS\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03162017221312382\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1609> was removed successfully.
The registration entry <HKEY_USERS\S-1-5-21-495495518-1249904075-3165854488-1000-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-03162017221044483\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1609> was removed successfully.
The registration entry <HKEY_USERS\S-1-5-21-495495518-1249904075-3165854488-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03162017221306399\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1609> was removed successfully.
The registration entry <HKEY_USERS\S-1-5-21-495495518-1249904075-3165854488-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03162017221312551\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1609> was removed successfully.
The registration entry <HKEY_USERS\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03162017221306272\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1609> was removed successfully.
The registration entry <HKEY_USERS\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03162017221312382\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1609> was removed successfully.
The registration entry <HKEY_USERS\S-1-5-21-495495518-1249904075-3165854488-1000-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-03162017221044483\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1609> was removed successfully.
The registration entry <HKEY_USERS\S-1-5-21-495495518-1249904075-3165854488-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03162017221306399\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1609> was removed successfully.
The registration entry <HKEY_USERS\S-1-5-21-495495518-1249904075-3165854488-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03162017221312551\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\1609> was removed successfully.
The registration entry <HKEY_USERS\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03162017221306272\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\2500> was removed successfully.
The registration entry <HKEY_USERS\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03162017221312382\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\2500> was removed successfully.
The registration entry <HKEY_USERS\S-1-5-21-495495518-1249904075-3165854488-1000-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-03162017221044483\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\2500> was removed successfully.
The registration entry <HKEY_USERS\S-1-5-21-495495518-1249904075-3165854488-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03162017221306399\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\2500> was removed successfully.
The registration entry <HKEY_USERS\S-1-5-21-495495518-1249904075-3165854488-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03162017221312551\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\2500> was removed successfully.
The registration entry <HKEY_USERS\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03162017221306272\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2\2500> was removed successfully.
The registration entry <HKEY_USERS\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03162017221312382\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2\2500> was removed successfully.
The registration entry <HKEY_USERS\S-1-5-21-495495518-1249904075-3165854488-1000-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-03162017221044483\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2\2500> was removed successfully.
The registration entry <HKEY_USERS\S-1-5-21-495495518-1249904075-3165854488-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03162017221306399\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2\2500> was removed successfully.
The registration entry <HKEY_USERS\S-1-5-21-495495518-1249904075-3165854488-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03162017221312551\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2\2500> was removed successfully.
The registration entry <HKEY_USERS\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03162017221306272\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\2500> was removed successfully.
The registration entry <HKEY_USERS\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03162017221312382\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\2500> was removed successfully.
The registration entry <HKEY_USERS\S-1-5-21-495495518-1249904075-3165854488-1000-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-03162017221044483\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\2500> was removed successfully.
The registration entry <HKEY_USERS\S-1-5-21-495495518-1249904075-3165854488-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03162017221306399\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\2500> was removed successfully.
The registration entry <HKEY_USERS\S-1-5-21-495495518-1249904075-3165854488-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03162017221312551\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\2500> was removed successfully.
The registration entry <HKEY_USERS\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03162017221306272\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\2500> was removed successfully.
The registration entry <HKEY_USERS\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03162017221312382\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\2500> was removed successfully.
The registration entry <HKEY_USERS\S-1-5-21-495495518-1249904075-3165854488-1000-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-03162017221044483\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\2500> was removed successfully.
The registration entry <HKEY_USERS\S-1-5-21-495495518-1249904075-3165854488-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03162017221306399\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\2500> was removed successfully.
The registration entry <HKEY_USERS\S-1-5-21-495495518-1249904075-3165854488-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03162017221312551\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\2500> was removed successfully.
The registration entry <HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\iSafeService> could not be removed.
The registration entry <HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\iSafeService\ImagePath> could not be removed.

Starting to scan executable files (registry):
C:\Program Files (x86)\Elex-tech\YAC\iDskDllPatch64.dll
[DETECTION] Is the TR/Trash.Gen Trojan
[WARNING] The file could not be copied to quarantine!
[WARNING] Skipped boot sector scan due to incompatible format.
[NOTE] The file is scheduled for deleting after reboot.
[NOTE] It is recommended to restart your computer in order to finish the repair.
C:\Users\kubar\AppData\Roaming\Kyubey\Kyubey.exe
[DETECTION] Contains virus patterns of Adware ADWARE/ELEX.kqseq
[WARNING] The file could not be copied to quarantine!
[WARNING] Skipped boot sector scan due to incompatible format.
[NOTE] The file is scheduled for deleting after reboot.
[NOTE] It is recommended to restart your computer in order to finish the repair.
C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe
[DETECTION] Is the TR/Trash.Gen Trojan
[WARNING] The file could not be copied to quarantine!
[WARNING] Skipped boot sector scan due to incompatible format.
[NOTE] The file is scheduled for deleting after reboot.
[NOTE] It is recommended to restart your computer in order to finish the repair.
[WARNING] The registration entry <HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\iSafeService\ImagePath> could not be repaired.
[NOTE] It is recommended to restart your computer in order to finish the repair.
C:\Program Files (x86)\Firefox\bin\FirefoxUpdate.exe
[DETECTION] Is the TR/Dropper.xrzet Trojan
[NOTE] The file could not be copied to quarantine!
[NOTE] The file does not exist!

#14 Příspěvek od **Rudy** » 17 bře 2017 17:57

Všechny nálezy MBAM smažte.

VIRY.CZ

Elex-tech

Elex-tech

Re: Elex-tech

Re: Elex-tech

Re: Elex-tech

Re: Elex-tech

Re: Elex-tech

Re: Elex-tech

Re: Elex-tech

Re: Elex-tech

Re: Elex-tech

Re: Elex-tech

Re: Elex-tech

Re: Elex-tech

Re: Elex-tech