Script ZHPFix [MD5.A17E980EE4232504892EA2B759C140F7] [SPRF][28/09/2014] (...) -- C:\Users\Sony\Desktop\EmsisoftEmergencyKit.exe [158337536] [MD5.C3654425B4BCBCF0B734643C4CC848DC] [SPRF][18/08/2014] (.AVM Software Inc. - Paltalk Messenger Setup.) -- C:\Users\Sony\Desktop\pal_install_ar_u40756062_a729_r109882_p153.exe [1758592] [MD5.4C8D1F5370E0D3486D662C552D3ADD75] - (.Elex do Brasil Participações Ltda - YACTray.) -- C:\Program Files (x86)\iSafe\iSafeTray.exe [1018184] [PID.2316] =>Trojan.Staser [MD5.11F6F9216D8F77EAC196B07D66E819EA] - (.Elex do Brasil Participações Ltda - iSafeSvc.) -- C:\Program Files (x86)\iSafe\iSafeSvc.exe [118048] [PID.976] =>Trojan.Staser [MD5.A03A95B389479B2ADE3A288FA2EA11D1] - (.Elex do Brasil Participações Ltda - iSafeSvc2.) -- C:\Program Files (x86)\iSafe\iSafeSvc2.exe [118048] [PID.472] =>Trojan.Staser [MD5.A426FEFD9BB72506D435FD0183F48C2D] - (...) -- C:\Program Files (x86)\iSafe\ipcdl.exe [2228896] [PID.4912] =>Trojan.Staser O23 - Service: iSafeService (iSafeService) . (.Elex do Brasil Participações Ltda - iSafeSvc.) - C:\Program Files (x86)\iSafe\iSafeSvc.exe =>Trojan.Staser O41 - Driver: (iSafeKrnl) . (.Elex do Brasil Participações Ltda - iSafe Kernel Driver.) - C:\Program Files (x86)\iSafe\iSafeKrnl.sys O41 - Driver: (iSafeKrnlKit) . (.Elex do Brasil Participações Ltda - iSafe Kernel Kit Driver.) - C:\Program Files (x86)\iSafe\iSafeKrnlKit.sys O41 - Driver: (iSafeKrnlR3) . (.Elex do Brasil Participações Ltda - iSafe Kernel Ring3 Driver.) - C:\Program Files (x86)\iSafe\iSafeKrnlR3.sys O41 - Driver: (iSafeNetFilter) . (.Elex do Brasil Participações Ltda - iSafeNetFilter SDK WFP Driver (WPP).) - C:\Program Files (x86)\iSafe\iSafeNetFilter.sys =>Trojan.Staser O42 - Logiciel: Yet Another Cleaner! - (.ELEX DO BRASIL PARTICIPAÇÕES LTDA.) [HKLM][64Bits] -- iSafe =>PUP.YetAnotherCleaner O43 - CFD: 01/10/2014 - 21:07:09 - [] ----D C:\Program Files (x86)\iSafe =>Trojan.Staser O43 - CFD: 01/10/2014 - 18:24:20 - [] ----D C:\Users\Sony\AppData\Roaming\isafe =>Trojan.Staser O58 - SDL:08/08/2014 - 06:24:04 ---A- . (.Elex do Brasil Participações Ltda - iSafe Kernel Boot Driver.) -- C:\Windows\System32\Drivers\iSafeKrnlBoot.sys [45248] O64 - Services: CurCS - 08/08/2014 - C:\Program Files (x86)\iSafe\iSafeKrnl.sys (iSafeKrnl) .(.Elex do Brasil Participações Ltda - iSafe Kernel Driver.) - LEGACY_ISAFEKRNL O64 - Services: CurCS - 08/08/2014 - C:\Program Files (x86)\iSafe\iSafeKrnlKit.sys (iSafeKrnlKit) .(.Elex do Brasil Participações Ltda - iSafe Kernel Kit Driver.) - LEGACY_ISAFEKRNLKIT O64 - Services: CurCS - 08/08/2014 - C:\Program Files (x86)\iSafe\iSafeKrnlR3.sys (iSafeKrnlR3) .(.Elex do Brasil Participações Ltda - iSafe Kernel Ring3 Driver.) - LEGACY_ISAFEKRNLR3 O64 - Services: CurCS - 06/08/2014 - C:\Program Files (x86)\iSafe\iSafeNetFilter.sys (iSafeNetFilter) .(.Elex do Brasil Participações Ltda - iSafeNetFilter SDK WFP Driver (WPP).) - LEGACY_ISAFENETFILTER =>Trojan.Staser HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\iSafeSvc2_RASAPI32 =>Trojan.Staser HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\iSafeSvc2_RASMANCS =>Trojan.Staser SR - | Auto 08/08/2014 118048 | (iSafeService) . (.Elex do Brasil Participações Ltda.) - C:\Program Files (x86)\iSafe\iSafeSvc.exe =>Trojan.Staser [HKLM\SYSTEM\CurrentControlSet\Services\iSafeService] =>Trojan.Staser^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\iSafe] =>PUP.YetAnotherCleaner^ C:\Program Files (x86)\iSafe =>Trojan.Staser^ C:\Users\Sony\AppData\Roaming\isafe =>Trojan.Staser^ C:\Program Files (x86)\iSafe\iSafeTray.exe =>Trojan.Staser^ C:\Program Files (x86)\iSafe\iSafeSvc.exe =>Trojan.Staser^ C:\Program Files (x86)\iSafe\iSafeSvc2.exe =>Trojan.Staser^ C:\Program Files (x86)\iSafe\ipcdl.exe =>Trojan.Staser^ O44 - LFC:[MD5.C9333D514A67E9F14D36B79F7CA30659] - 01/10/2014 - 20:58:01 ---A- . (...) -- C:\EamClean.log [4990] O44 - LFC:[MD5.8919C2D4EB6B3850D18B87C4D9B99C69] - 29/09/2014 - 20:17:08 ---A- . (...) -- C:\Windows\IE11_main.log [2190] O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\CleanHlp.sys . (...) -- C:\Windows\System32\Drivers\CleanHlp.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\CleanHlp.sys . (...) -- C:\Windows\System32\Drivers\CleanHlp.sys (.not file.) R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 [MD5.51138BEEA3E2C21EC44D0932C71762A8] - (...) -- ysWOW64\RunDll32.exe [0] [PID.2612] O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft .) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation O43 - CFD: 30/08/2014 - 01:38:48 - [0] ----D C:\Program Files (x86)\360 O58 - SDL:21/08/2014 - 13:22:35 ---A- . (.360???? - 360Efimon Driver.) -- C:\Windows\SysWOW64\drivers\efimon.sys [23752] O69 - SBI: SearchScopes [HKCU] {0191A6B0-1154-4C22-9182-23A95BBE92D9} [DefaultScope] - (Google) - http://www.google.com O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - http://www.bing.com ShortcutFix FirewallRaz EmptyTemp EmptyFlash Proxyfix Sysrestore