How to remove isafekrnl.sys

isafekrnl.sys

The module isafekrnl.sys has been detected as PUP.ELEX

isafekrnl.sys
Remove isafekrnl.sys

File Details

Product Name:

YAC Security Protection
Company Name:

Elex do Brasil Participações Ltda
MD5: 5e07045ceae146804475434227649883
Size: 256 KB
First Published: 2017-05-21 03:01:55 (7 years ago)
Latest Published: 2020-11-16 23:02:31 (4 years ago)
Status: PUP.ELEX (on last analysis)
Analysis Date: 2020-11-16 23:02:31 (4 years ago)

Overview

Signed By: Elex do Brasil Participações Ltda
Status: Valid

Common Places:

%programfiles%\elex-tech\yac
%programfiles%\elex-tech.quarantined\yac
%temp%\ist5332.tmp\sys\x64
%temp%\istcc09.tmp\sys\x64
%temp%\istca6f.tmp\sys\x64
%temp%\ist4161.tmp\sys\x64
%sysdrive%\adwcleaner\quarantine\files\ttrzbiwbftrphsyswotxgiymvycbwfok\yac
%sysdrive%\adwcleaner\quarantine\files\hnejfgjgzqgwsaagtcjzctwkxkwixhhr\yac
%temp%\isteda.tmp\sys\x64
%temp%\istd3bf.tmp\sys\x64

File Names:

iSafeKrnl.sys
isafekrnl.sys

Geography:

19.3%
17.3%
11.2%
5.9%
5.7%
4.8%
4.6%
4.3%
3.9%
2.8%
1.7%
1.5%
1.2%
1.2%
0.9%
0.9%
0.9%
0.9%
0.8%
0.8%
0.8%
0.6%
0.6%
0.6%
0.6%
0.5%
0.5%
0.5%
0.3%
0.3%
0.3%
0.3%
0.3%
0.3%
0.3%
0.3%
0.3%
0.3%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%
0.2%

OS Version:

Windows 7 47.9%
Windows 10 39.6%
Windows 8.1 8.1%
Windows 8 3.5%
Windows XP 0.8%
Windows Vista 0.2%

Analysis

Subsystem: Native
PE Type: pe
OS Bitness: 64
Image Base: 0x0000000000010000
Entry Address: 0x0003f968

PE Sections:

Name Size of data MD5
.text 29696 41fa44e6974c29d12df35a8c1f1d15f7
.rdata 23552 27fb80f5b5c86a9279259d34172a746f
.data 73216 faf954383be67307cbb016bc5c3c9e50
.pdata 5120 b605b7d979b156857199d13a28cce967
PAGE 95232 d8de272430ed2103e95b108c9967cda2
INIT 8704 801d3d02b063d1814a660e86135102ce
.rsrc 1024 c7c1ea9813ba33fc6036986c0d41d0f3
.reloc 4096 3661fa218e958d250e30d9ac14494a20

More information:

Search on Virustotal
Download GridinSoft Anti-Malware - Removal tool for isafekrnl.sys
copyright for information about isafekrnl.sys