Fix result of Farbar Recovery Scan Tool (x64) Version: 3-08-2019 Ran by DRJMLAPS (04-08-2019 14:13:03) Run:2 Running from C:\Users\DRJMLAPS\Desktop Loaded Profiles: DRJMLAPS (Available Profiles: DRJMLAPS & Ewa) Boot Mode: Safe Mode (minimal) ============================================== fixlist content: ***************** CreateRestorePoint: CloseProcesses: RemoveProxy: S2 SegurazoIC; C:\Program Files (x86)\Segurazo\SegurazoIC.exe [4472936 2019-07-26] (Digital Communications Inc. -> Digital Communications Inc) S2 SegurazoSvc; C:\Program Files (x86)\Segurazo\SegurazoService.exe [251496 2019-07-26] (Digital Communications Inc. -> Digital Communications Inc) S1 SEGURAZOKD; C:\Program Files (x86)\Segurazo\SegurazoKD.sys [84256 2019-07-26] (Digital Communications Inc. -> Digital Communications Inc) 2019-08-02 19:10 - 2019-08-04 11:22 - 000000000 ____D C:\Program Files (x86)\Segurazo 2019-08-02 19:10 - 2019-08-02 19:33 - 000000000 ____D C:\ProgramData\Segurazo 2019-08-02 19:10 - 2019-08-02 19:11 - 000000000 ____D C:\Users\DRJMLAPS\AppData\Roaming\segurazoclient 2019-08-02 19:10 - 2019-08-02 19:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Segurazo 2019-08-02 19:09 - 2019-08-02 19:09 - 000000000 ____D C:\Users\DRJMLAPS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory HKU\S-1-5-21-3658386750-666024021-1030785675-1002\...\Policies\system: [shell] explorer.exe <==== ATTENTION HKU\S-1-5-21-3658386750-666024021-1030785675-1002\...\Winlogon: [Shell] C:\Windows\explorer.exe [3229696 2016-08-29] (Microsoft Windows -> Microsoft Corporation) <==== ATTENTION Lsa: [Notification Packages] DPPassFilter scecli SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = R0 MfeEpeOpal; C:\Windows\System32\Drivers\MfeEpeOpal.sys [91176 2013-02-21] (McAfee, Inc. -> McAfee, Inc.) R0 MfeEpePc; C:\Windows\System32\Drivers\MfeEpePc.sys [158760 2013-02-21] (McAfee, Inc. -> McAfee, Inc.) S3 utmzmzmw; C:\Windows\SysWOW64\Drivers\utmzmzmw.sys [7168 2016-11-13] () [File not signed] 2019-08-03 16:59 - 2018-07-02 17:49 - 000000000 ____D C:\Windows\System32\Tasks\Avast Software 2019-08-02 19:32 - 2016-03-25 17:36 - 000000000 ____D C:\Program Files (x86)\FormatFactory 2019-08-02 19:10 - 2019-06-03 16:37 - 000000000 ____D C:\FFOutput ContextMenuHandlers1: [FormatFactoryShell] -> {A3888923-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files (x86)\FormatFactory\ShellEx64_106.dll -> No File ContextMenuHandlers4: [FormatFactoryShell] -> {A3888923-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files (x86)\FormatFactory\ShellEx64_106.dll -> No File ContextMenuHandlers1: [SimpleShlExt] -> [CC]{45203D3B-3D73-4497-8AFE-D29950AC6C55} => -> No File ContextMenuHandlers2: [SimpleShlExt] -> [CC]{45203D3B-3D73-4497-8AFE-D29950AC6C55} => -> No File EmptyTemp: ***************** Error: Restore point can only be created in normal mode. Processes closed successfully. ========= RemoveProxy: ========= "HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully "HKU\S-1-5-21-3658386750-666024021-1030785675-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully "HKU\S-1-5-21-3658386750-666024021-1030785675-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully ========= End of RemoveProxy: ========= "HKLM\System\CurrentControlSet\Services\SegurazoIC" => removed successfully SegurazoIC => service removed successfully HKLM\System\CurrentControlSet\Services\SegurazoSvc => removed successfully SegurazoSvc => service removed successfully HKLM\System\CurrentControlSet\Services\SEGURAZOKD => removed successfully SEGURAZOKD => service removed successfully C:\Program Files (x86)\Segurazo => moved successfully C:\ProgramData\Segurazo => moved successfully C:\Users\DRJMLAPS\AppData\Roaming\segurazoclient => moved successfully C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Segurazo => moved successfully "C:\Users\DRJMLAPS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory" => not found "HKU\S-1-5-21-3658386750-666024021-1030785675-1002\Software\Microsoft\Windows\CurrentVersion\Policies\system\\shell" => removed successfully "HKU\S-1-5-21-3658386750-666024021-1030785675-1002\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell" => removed successfully HKLM\System\CurrentControlSet\Control\Lsa\\Notification Packages => value restored successfully HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully MfeEpeOpal => Unable to stop service. HKLM\System\CurrentControlSet\Services\MfeEpeOpal => removed successfully MfeEpeOpal => service removed successfully MfeEpePc => Unable to stop service. HKLM\System\CurrentControlSet\Services\MfeEpePc => removed successfully MfeEpePc => service removed successfully HKLM\System\CurrentControlSet\Services\utmzmzmw => removed successfully utmzmzmw => service removed successfully C:\Windows\System32\Tasks\Avast Software => moved successfully "C:\Program Files (x86)\FormatFactory" => not found C:\FFOutput => moved successfully HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\FormatFactoryShell => not found HKLM\Software\Classes\CLSID\{A3888923-CFD3-4A6B-89BF-08E6B95716E8} => removed successfully HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\FormatFactoryShell => not found HKLM\Software\Classes\CLSID\{A3888923-CFD3-4A6B-89BF-08E6B95716E8} => not found HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\SimpleShlExt => removed successfully HKLM\Software\Classes\CLSID\[CC]{45203D3B-3D73-4497-8AFE-D29950AC6C55} => not found HKLM\Software\Classes\Drive\ShellEx\ContextMenuHandlers\SimpleShlExt => removed successfully HKLM\Software\Classes\CLSID\[CC]{45203D3B-3D73-4497-8AFE-D29950AC6C55} => not found =========== EmptyTemp: ========== BITS transfer queue => 0 B DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 12881818 B Java, Flash, Steam htmlcache => 291 B Windows/system/drivers => 12792 B Edge => 0 B Chrome => 0 B Firefox => 22502951 B Opera => 0 B Temp, IE cache, history, cookies, recent: Users => 0 B Default => 0 B Public => 0 B ProgramData => 0 B systemprofile => 0 B systemprofile32 => 0 B LocalService => 0 B NetworkService => 0 B DRJMLAPS => 70476 B Ewa => 0 B RecycleBin => 2363704 B EmptyTemp: => 36.1 MB temporary data Removed. ================================ The system needed a reboot. ==== End of Fixlog 14:13:29 ====