Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 14-11-2014 Ran by Selma at 2014-11-16 13:06:00 Run:1 Running from C:\Users\Selma\Desktop Loaded Profile: Selma (Available profiles: Selma & Invité) Boot Mode: Safe Mode (with Networking) ============================================== Content of fixlist: ***************** start CloseProcesses: (Elex do Brasil Participações Ltda) C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe (Elex do Brasil Participações Ltda) C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc2.exe (Elex do Brasil Participações Ltda) C:\Program Files (x86)\Elex-tech\YAC\iSafeTray.exe DisableService: iSafeService R2 iSafeService; C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe [118048 2014-11-05] (Elex do Brasil Participações Ltda) R1 iSafeKrnl; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnl.sys [248488 2014-11-05] (Elex do Brasil Participações Ltda) S3 iSafeKrnlBoot; C:\Windows\System32\DRIVERS\iSafeKrnlBoot.sys [45224 2014-11-05] (Elex do Brasil Participações Ltda) R1 iSafeKrnlKit; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlKit.sys [99496 2014-11-05] (Elex do Brasil Participações Ltda) R1 iSafeKrnlR3; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlR3.sys [65704 2014-11-05] (Elex do Brasil Participações Ltda) R1 iSafeNetFilter; C:\Windows\System32\DRIVERS\iSafeNetFilter.sys [49320 2014-11-03] (Elex do Brasil Participações Ltda) File: C:\Program Files (x86)\Elex-tech\YAC\iStart.exe File: C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe File: C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnl.sys File: C:\Windows\System32\DRIVERS\iSafeKrnlBoot.sys File: C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlKit.sys File: C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlR3.sys File: C:\Windows\System32\DRIVERS\iSafeNetFilter.sys File: C:\Users\Selma\AppData\Local\Temp\avgnt.exe RemoveDirectory: C:\Users\Selma\AppData\Roaming\Elex-tech RemoveDirectory: C:\Program Files (x86)\Elex-tech Task: {38B40D96-4495-4E19-BFC7-45A4399D4DB9} - \APSnotifierPP1 No Task File Task: {675D4CDB-39AB-46BB-8AAB-AA0AA19DFC47} - \APSnotifierPP3 No Task File Task: {966F126F-A572-4A8F-BA5C-C4A8712355FF} - \SpeedUpMyPC Startup No Task File Task: {9F4E6F44-F389-42E6-862A-C6CF3E7FF287} - \APSnotifierPP2 No Task File Task: {C68B845D-44D7-4B2E-BD20-B79D97E4F46A} - \SpeedUpMyPC Maintenance No Task File Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-240529973-2975974449-2026987148-1001Core.job => C:\Users\Selma\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-240529973-2975974449-2026987148-1001UA.job => C:\Users\Selma\AppData\Local\Google\Update\GoogleUpdate.exe end ***************** Processes closed successfully. C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe => No running process found C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc2.exe => No running process found C:\Program Files (x86)\Elex-tech\YAC\iSafeTray.exe => No running process found iSafeService service was disabled iSafeService => Service deleted successfully. iSafeKrnl => Service deleted successfully. iSafeKrnlBoot => Service deleted successfully. iSafeKrnlKit => Service stopped successfully. iSafeKrnlKit => Service deleted successfully. iSafeKrnlR3 => Service deleted successfully. iSafeNetFilter => Service stopped successfully. iSafeNetFilter => Service deleted successfully. ========================= File: C:\Program Files (x86)\Elex-tech\YAC\iStart.exe ======================== MD5: 21AC38F696EA20C39C956EF6A7DD4B11 Creation and modification date: 2014-11-11 17:10 - 2014-11-05 14:10 Size: 0301864 Attributes: ----A Company Name: Elex do Brasil Participações Ltda Internal Name: iStart.exe Original Name: iStart.exe Product Name: YAC Security Protection Description: iStart File Version: 5.6.81.18408 Product Version: 5.6.81.18408 Copyright: Copyright (c) 2011-2014 Elex do Brasil Participações Ltda ====== End Of File: ====== ========================= File: C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe ======================== MD5: 11F6F9216D8F77EAC196B07D66E819EA Creation and modification date: 2014-11-11 17:10 - 2014-11-05 14:05 Size: 0118048 Attributes: ----A Company Name: Elex do Brasil Participações Ltda Internal Name: iSafeSvc.exe Original Name: iSafeSvc.exe Product Name: YAC Security Protection Description: iSafeSvc File Version: 4.0.0.1 Product Version: 4.0.0.1 Copyright: Copyright (c) 2011-2014 Elex do Brasil Participações Ltda ====== End Of File: ====== ========================= File: C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnl.sys ======================== MD5: B3ABCBCFC524F2204FE7645D45619BF0 Creation and modification date: 2014-11-11 17:10 - 2014-11-05 14:10 Size: 0248488 Attributes: ----A Company Name: Elex do Brasil Participações Ltda Internal Name: iSafeKrnl.sys Original Name: iSafeKrnl.sys Product Name: YAC Security Protection Description: iSafe Kernel Driver File Version: 5.6.81.18408 Product Version: 5.6.81.18408 Copyright: Copyright (c) 2011-2014 Elex do Brasil Participações Ltda ====== End Of File: ====== ========================= File: C:\Windows\System32\DRIVERS\iSafeKrnlBoot.sys ======================== MD5: 6DB506C282E6AABD391C2AC281D793D3 Creation and modification date: 2014-11-11 17:10 - 2014-11-05 14:10 Size: 0045224 Attributes: ----A Company Name: Elex do Brasil Participações Ltda Internal Name: iSafeKrnlBoot.sys Original Name: iSafeKrnlBoot.sys Product Name: YAC Security Protection Description: iSafe Kernel Boot Driver File Version: 5.6.81.18408 Product Version: 5.6.81.18408 Copyright: Copyright (c) 2011-2014 Elex do Brasil Participações Ltda ====== End Of File: ====== ========================= File: C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlKit.sys ======================== MD5: 073F9B99815F581DFC3318C4A98F7BAF Creation and modification date: 2014-11-11 17:10 - 2014-11-05 14:10 Size: 0099496 Attributes: ----A Company Name: Elex do Brasil Participações Ltda Internal Name: iSafeKrnlKit.sys Original Name: iSafeKrnlKit.sys Product Name: YAC Security Protection Description: iSafe Kernel Kit Driver File Version: 5.6.81.18408 Product Version: 5.6.81.18408 Copyright: Copyright (c) 2011-2014 Elex do Brasil Participações Ltda ====== End Of File: ====== ========================= File: C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlR3.sys ======================== MD5: 781D9379B7A5D26A65F2AC6E68775811 Creation and modification date: 2014-11-11 17:10 - 2014-11-05 14:10 Size: 0065704 Attributes: ----A Company Name: Elex do Brasil Participações Ltda Internal Name: iSafeKrnlR3.sys Original Name: iSafeKrnlR3.sys Product Name: YAC Security Protection Description: iSafe Kernel Ring3 Driver File Version: 5.6.81.18408 Product Version: 5.6.81.18408 Copyright: Copyright (c) 2011-2014 Elex do Brasil Participações Ltda ====== End Of File: ====== ========================= File: C:\Windows\System32\DRIVERS\iSafeNetFilter.sys ======================== MD5: F7A5EDB11A6BDD2E73FC1DDA4C64A068 Creation and modification date: 2014-11-11 17:10 - 2014-11-03 10:04 Size: 0049320 Attributes: ----A Company Name: Elex do Brasil Participações Ltda Internal Name: iSafeNetFilter.sys Original Name: iSafeNetFilter.sys Product Name: YAC Security Protection Description: iSafeNetFilter SDK WFP Driver (WPP) File Version: 1.4.3.9 built by: WinDDK Product Version: 1.4.3.9 Copyright: Copyright (c) 2011-2013 Elex do Brasil Participações Ltda ====== End Of File: ====== ========================= File: C:\Users\Selma\AppData\Local\Temp\avgnt.exe ======================== MD5: Creation and modification date: 2014-11-11 17:16 - 2014-11-11 21:54 Size: 0000000 Attributes: ----D Company Name: Internal Name: Original Name: Product Name: Description: File Version: Product Version: Copyright: ====== End Of File: ====== "C:\Users\Selma\AppData\Roaming\Elex-tech" => Removed successfully. "C:\Program Files (x86)\Elex-tech" => Removed successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{38B40D96-4495-4E19-BFC7-45A4399D4DB9}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{38B40D96-4495-4E19-BFC7-45A4399D4DB9}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\APSnotifierPP1" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{675D4CDB-39AB-46BB-8AAB-AA0AA19DFC47}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{675D4CDB-39AB-46BB-8AAB-AA0AA19DFC47}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\APSnotifierPP3" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{966F126F-A572-4A8F-BA5C-C4A8712355FF}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{966F126F-A572-4A8F-BA5C-C4A8712355FF}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SpeedUpMyPC Startup" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9F4E6F44-F389-42E6-862A-C6CF3E7FF287}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9F4E6F44-F389-42E6-862A-C6CF3E7FF287}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\APSnotifierPP2" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C68B845D-44D7-4B2E-BD20-B79D97E4F46A}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C68B845D-44D7-4B2E-BD20-B79D97E4F46A}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SpeedUpMyPC Maintenance" => Key deleted successfully. C:\Windows\Tasks\Adobe Flash Player Updater.job => Moved successfully. C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-240529973-2975974449-2026987148-1001Core.job => Moved successfully. C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-240529973-2975974449-2026987148-1001UA.job => Moved successfully. The system needed a reboot. ==== End of Fixlog ====