Fix result of Farbar Recovery Scan Tool (x64) Version: 3-08-2019
Ran by DRJMLAPS (03-08-2019 16:56:40) Run:1
Running from C:\Users\DRJMLAPS\Desktop
Loaded Profiles: DRJMLAPS (Available Profiles: DRJMLAPS & Ewa)
Boot Mode: Normal
==============================================

fixlist content:
*****************
CreateRestorePoint:
CloseProcesses:
Hosts:
RemoveProxy:
HKU\S-1-5-21-3658386750-666024021-1030785675-1002\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO-x32: No Name -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> No File
BHO-x32: No Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> No File
R2 SegurazoIC; C:\Program Files (x86)\Segurazo\SegurazoIC.exe [4472936 2019-07-26]
R2 SegurazoSvc; C:\Program Files (x86)\Segurazo\SegurazoService.exe [251496 2019-07-26]
R1 SEGURAZOKD; C:\Program Files (x86)\Segurazo\SegurazoKD.sys [84256 2019-07-26]
U3 aswbdisk; no ImagePath
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
2019-08-02 19:10 - 2019-08-03 11:22 - 000000000 ____D C:\Program Files (x86)\Segurazo
2019-08-02 19:10 - 2019-08-02 19:33 - 000000000 ____D C:\ProgramData\Segurazo
2019-08-02 19:10 - 2019-08-02 19:11 - 000000000 ____D C:\Users\DRJMLAPS\AppData\Roaming\segurazoclient
2019-08-02 19:10 - 2019-08-02 19:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Segurazo
Task: {13817986-C0E5-40CB-AC16-61E140CF7273} - \Norton Internet Security\Norton Error Analyzer -> No File
Task: {568F2467-9781-485D-98BA-B03D21303B8A} - \Microsoft\Windows\Media Center\StartRecording -> No File
Task: {8456A254-5687-4810-AC50-0366106DABFE} - \Norton Internet Security\Norton Error Processor -> No File
Task: {8F5292FB-2C00-4538-A3FF-B4818F07B90A} - \Microsoft\Windows\Media Center\mcupdate_scheduled -> No File
Task: {9E2896AC-E89B-4402-99DE-FD6876D94009} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2047368 2019-07-31]
Task: {EB02381F-D652-4B1C-894A-712498C62C51} - \Microsoft\Windows\MUI\LPRemove -> No File
Task: {7E1855EB-2A77-4553-AA14-B0424CA07B20} - System32\Tasks\{40E202FA-ABE9-4E32-930A-36F57CBCD9F5} => C:\Windows\system32\pcalua.exe -a C:\Users\DRJMLAPS\Downloads\JavaUninstallTool.exe -d C:\Users\DRJMLAPS\Downloads
EmptyTemp:
cmd: ipconfig /flushdns

*****************

Restore point was successfully created.
Processes closed successfully.
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

========= RemoveProxy: =========

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => removed successfully
HKU\S-1-5-21-3658386750-666024021-1030785675-1002\SOFTWARE\Policies\Microsoft\Internet Explorer => removed successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
"HKU\S-1-5-21-3658386750-666024021-1030785675-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-21-3658386750-666024021-1030785675-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully


========= End of RemoveProxy: =========

HKU\S-1-5-21-3658386750-666024021-1030785675-1002\SOFTWARE\Policies\Microsoft\Internet Explorer => not found
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => removed successfully
HKLM\Software\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => not found
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => not found
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} => not found
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9} => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9} => not found
SegurazoIC => Unable to stop service.
HKLM\System\CurrentControlSet\Services\SegurazoIC => could not remove, key could be protected
SegurazoSvc => Unable to stop service.
HKLM\System\CurrentControlSet\Services\SegurazoSvc => could not remove, key could be protected
SEGURAZOKD => Unable to stop service.
HKLM\System\CurrentControlSet\Services\SEGURAZOKD => could not remove, key could be protected
HKLM\System\CurrentControlSet\Services\aswbdisk => removed successfully
aswbdisk => service removed successfully
HKLM\System\CurrentControlSet\Services\catchme => removed successfully
catchme => service removed successfully

"C:\Program Files (x86)\Segurazo" folder move:

Could not move "C:\Program Files (x86)\Segurazo" => Scheduled to move on reboot.


"C:\ProgramData\Segurazo" folder move:

Could not move "C:\ProgramData\Segurazo" => Scheduled to move on reboot.


"C:\Users\DRJMLAPS\AppData\Roaming\segurazoclient" folder move:

Could not move "C:\Users\DRJMLAPS\AppData\Roaming\segurazoclient" => Scheduled to move on reboot.


"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Segurazo" folder move:

Could not move "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Segurazo" => Scheduled to move on reboot.

"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{13817986-C0E5-40CB-AC16-61E140CF7273}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{13817986-C0E5-40CB-AC16-61E140CF7273}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Norton Internet Security\Norton Error Analyzer" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{568F2467-9781-485D-98BA-B03D21303B8A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{568F2467-9781-485D-98BA-B03D21303B8A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\StartRecording" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8456A254-5687-4810-AC50-0366106DABFE}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8456A254-5687-4810-AC50-0366106DABFE}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Norton Internet Security\Norton Error Processor" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8F5292FB-2C00-4538-A3FF-B4818F07B90A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8F5292FB-2C00-4538-A3FF-B4818F07B90A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\mcupdate_scheduled" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{9E2896AC-E89B-4402-99DE-FD6876D94009}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9E2896AC-E89B-4402-99DE-FD6876D94009}" => removed successfully
C:\Windows\System32\Tasks\Avast Software\Overseer => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Avast Software\Overseer" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{EB02381F-D652-4B1C-894A-712498C62C51}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EB02381F-D652-4B1C-894A-712498C62C51}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\MUI\LPRemove" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7E1855EB-2A77-4553-AA14-B0424CA07B20}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7E1855EB-2A77-4553-AA14-B0424CA07B20}" => removed successfully
C:\Windows\System32\Tasks\{40E202FA-ABE9-4E32-930A-36F57CBCD9F5} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{40E202FA-ABE9-4E32-930A-36F57CBCD9F5}" => removed successfully

========= ipconfig /flushdns =========


Configuration IP de Windows

Cache de r‚solution DNS vid‚.

========= End of CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 45152915 B
Java, Flash, Steam htmlcache => 1185 B
Windows/system/drivers => 2506281 B
Edge => 0 B
Chrome => 0 B
Firefox => 40925574 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 128 B
systemprofile32 => 33186 B
LocalService => 0 B
NetworkService => 2838 B
DRJMLAPS => 29804149 B
Ewa => 1462 B

RecycleBin => 8033 B
EmptyTemp: => 112.9 MB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 03-08-2019 17:03:42)

C:\Program Files (x86)\Segurazo => Could not move
C:\ProgramData\Segurazo => Could not move
C:\Users\DRJMLAPS\AppData\Roaming\segurazoclient => Could not move
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Segurazo => Could not move

Result of scheduled keys to remove after reboot:

HKLM\System\CurrentControlSet\Services\SegurazoIC => could not remove, key could be protected
HKLM\System\CurrentControlSet\Services\SegurazoSvc => could not remove, key could be protected
HKLM\System\CurrentControlSet\Services\SEGURAZOKD => could not remove, key could be protected

==== End of Fixlog 17:04:17 ====