CAUTION : This fix is only valid for this specific machine, using it on another may break your computer
Open notepad and copy/paste the text in the quotebox below into it:
CreateRestorePoint:
Startup: C:\Users\giuseppe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\hqghumeaylnlf.lnk [2015-04-29]
ShortcutTarget: hqghumeaylnlf.lnk -> C:\ProgramData\{eefadb26-5815-8f1e-eefa-adb265816c99}\hqghumeaylnlf.exe (No File)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
SearchScopes: HKLM -> {D070635C-C7F6-4276-89B5-1515E8D5029E} URL = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=irmsd0103aw&cd=2XzuyEtN2Y1L1QzutB0C0DtDyD0AyDtD0FyD0B0DtCyBzy0AtN0D0Tzu0SyByBtAtN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1R&cr=1674502914&ir=
BHO: PriceLess -> {61b2b740-a6c2-4040-ac8c-a837968dd5a0} -> C:\Program Files (x86)\PriceLess\MryjCB6qrtNqwL.x64.dll No File
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
R2 iSafeService; C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe [118048 2015-05-19] (Elex do Brasil Participações Ltda)
R1 iSafeKrnl; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnl.sys [260856 2015-05-19] (Elex do Brasil Participações Ltda)
S3 iSafeKrnlBoot; C:\Windows\System32\DRIVERS\iSafeKrnlBoot.sys [53568 2015-05-19] (Elex do Brasil Participações Ltda)
R1 iSafeKrnlKit; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlKit.sys [108616 2015-05-19] (Elex do Brasil Participações Ltda)
R1 iSafeKrnlMon; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlMon.sys [50944 2015-05-19] (Elex do Brasil Participações Ltda)
R1 iSafeKrnlR3; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlR3.sys [102416 2015-05-19] (Elex do Brasil Participações Ltda)
R1 iSafeNetFilter; C:\Windows\System32\DRIVERS\iSafeNetFilter.sys [52392 2015-04-17] (Elex do Brasil Participações Ltda)
2015-05-19 22:40 - 2015-05-19 22:40 - 00001939 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\YAC.lnk
2015-05-19 22:40 - 2015-05-19 22:40 - 00001933 _____ () C:\Users\Public\Desktop\YAC.lnk
2015-05-19 22:40 - 2015-05-19 22:40 - 00000000 ____D () C:\Users\giuseppe\AppData\Roaming\Elex-tech
2015-05-19 22:40 - 2015-05-19 22:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YAC
2015-05-19 22:40 - 2015-05-19 22:40 - 00000000 ____D () C:\Program Files (x86)\Elex-tech
2015-05-19 22:40 - 2015-05-19 04:24 - 00053568 _____ (Elex do Brasil Participações Ltda) C:\WINDOWS\system32\Drivers\iSafeKrnlBoot.sys
2015-05-19 22:40 - 2015-04-17 04:43 - 00052392 _____ (Elex do Brasil Participações Ltda) C:\WINDOWS\system32\Drivers\iSafeNetFilter.sys
2015-04-29 13:01 - 2015-04-29 13:01 - 00000000 ____D () C:\ProgramData\793542a40000283f
2015-04-29 12:59 - 2015-04-29 12:59 - 00000000 ____D () C:\ProgramData\9909624042912638731
2015-04-29 12:58 - 2015-05-01 17:54 - 00000000 ____D () C:\ProgramData\{4cafc808-5364-5e48-4caf-fc8085362021}
2015-04-29 12:58 - 2015-04-29 13:24 - 00000000 ____D () C:\ProgramData\{eefadb26-5815-8f1e-eefa-adb265816c99}
2015-04-29 12:58 - 2015-04-29 12:58 - 00000000 ____D () C:\ProgramData\jdlicfdllcjnjlglnoloimmgljdeceic
2015-01-03 21:46 - 2015-01-03 21:46 - 0000000 _____ () C:\Users\giuseppe\AppData\Local\{6305B9B1-0F75-459E-B3AE-8AFF059896DB}
CustomCLSID: HKU\S-1-5-21-4180691199-2805999498-1949340087-1002_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\giuseppe\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-4180691199-2805999498-1949340087-1002_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\giuseppe\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-4180691199-2805999498-1949340087-1002_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\giuseppe\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-4180691199-2805999498-1949340087-1002_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\giuseppe\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-4180691199-2805999498-1949340087-1002_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\giuseppe\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-4180691199-2805999498-1949340087-1002_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\giuseppe\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File
Task: {4EA2A6D5-A837-4DC6-A022-29BF87A12637} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-05-11] (Google Inc.)
Task: {6E37D386-1A1C-491F-B841-C77992221790} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-05-11] (Google Inc.)
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
C:\Program Files (x86)\Elex-tech
C:\ProgramData\{eefadb26-5815-8f1e-eefa-adb265816c99}
C:\Program Files (x86)\PriceLess
C:\Windows\System32\DRIVERS\iSafeNetFilter.sys
C:\Windows\System32\DRIVERS\iSafeKrnlBoot.sys
Reg: reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
Reg: reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
RemoveProxy:
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: ipconfig /flushdns
CMD: netsh winsock reset catalog
CMD: netsh int ip reset c:\resetlog.txt
CMD: ipconfig /release
CMD: ipconfig /renew
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
EmptyTemp:
CMD: bitsadmin /reset /allusers
Save this as fixlist.txt, in the same location as FRST.exe
https://dl.dropboxusercontent.com/u/73555776/FRSTfix.JPG
Run FRST and press Fix
On completion a log will be generated please post that
THEN
Please download AdwCleaner by Xplode onto your desktop.
[*]Close all open programs and internet browsers.
[*]Double click on AdwCleaner.exe to run the tool.
[*]Click on Scan.
[*]After the scan is complete click on “Clean”
[*]Confirm each time with Ok.
[*]Your computer will be rebooted automatically. A text file will open after the restart.
[*]Please post the content of that logfile with your next answer.
[*]You can find the logfile at C:\AdwCleaner[S0].txt as well.
