Script Zhpfix O38 - TASK: {D4387AAC-3BA8-4463-9884-E9170D43072B} [64Bits][\App Explorer] - (.SweetLabs, Inc - Host App Service Updater.) -- C:\Users\Jacques Gaborieau\AppData\Local\Host App Service\Engine\HostAppServiceUpdater.exe [7399080] C:\WINDOWS\System32\Tasks\App Explorer - (.SweetLabs, Inc.) -- C:\Users\Jacques Gaborieau\AppData\Local\Host App Service\Engine\HostAppServiceUpdater.exe [/LOGON] O4 - HKCU\..\Run: [HP OfficeJet Pro 6970 (NET)] . (. - .) -- 1. O4 - HKUS\S-1-5-21-1881323833-2427591475-425529412-1001\..\Run: [HP OfficeJet Pro 6970 (NET)] . (. - .) -- 1. G2 - GCE: Preference [Jacques Gaborieau][User Data\Default\Extensions] [icpgjfneehieebagbmdbhnlpiopdcmna] New Tab Redirect G2 - GCE: Preference [Jacques Gaborieau][User Data\Default\Extensions] [idgeoanibcknhniccgaoaiolihidecjn] New Tab Page by Speed Dial Team G2 - GCE: Preference [Jacques Gaborieau][User Data\Default\Extensions] [nahhmpbckpgdidfnmfkfgiflpjijilce] Search Manager G2 - GCE: Preference [Jacques Gaborieau][User Data\Default\Extensions] [pdpcpceofkopegffcdnffeenbfdldock] Secured Search Extension G2 - GCE: Preference [Jacques Gaborieau][User Data\Default\Extensions] [pilplloabdedfmialnfchjomjmpjcoej] Search Manager IE Restricted Site Good: webcompanion.com O3 - Toolbar: 0x4F4F922EF067D84B956049F468E843D2 - [HKCU]{2E924F4F-67F0-4BD8-9560-49F468E843D2} . (...) -- (.not file.) O3 - Toolbar: 0x00 - [HKLM]{AD42CFE2-C0AD-487E-8224-C2AEF09F4CEB} . (...) -- (.not file.) O4 - GS\Programs [defaultuser0]: Lenovo App Explorer.lnk . (.SweetLabs, Inc - Host App Service.) C:\Users\Jacques Gaborieau\AppData\Local\Host App Service\Engine\HostAppService.exe /OPEN"defd46ddcae7ce35ae9673132f9cf2200f2f1563" O4 - GS\Programs [Jacques Gaborieau]: Lenovo App Explorer.lnk . (.SweetLabs, Inc - Host App Service.) C:\Users\Jacques Gaborieau\AppData\Local\Host App Service\Engine\HostAppService.exe /OPEN"defd46ddcae7ce35ae9673132f9cf2200f2f1563" O4 - GS\Programs [Public]: Lenovo App Explorer.lnk . (.SweetLabs, Inc - Host App Service.) C:\Users\Jacques Gaborieau\AppData\Local\Host App Service\Engine\HostAppService.exe /OPEN"defd46ddcae7ce35ae9673132f9cf2200f2f1563" HKLM\SOFTWARE\AVAST Software =>.AVAST Software HKLM\SOFTWARE\WOW6432Node\AVAST Software =>.AVAST Software HKLM\SOFTWARE\WOW6432Node\McAfee =>.McAfee Inc. HKCU\SOFTWARE\AVAST Software =>.AVAST Software HKCU\SOFTWARE\AvastAdSDK =>.Avast Software s.r.o HKCU\SOFTWARE\Browser Cleanup =>.Avast Software s.r.o HKCU\SOFTWARE\Lavasoft =>.Lavasoft HKU\.DEFAULT\SOFTWARE\Avast Software =>.AVAST Software HKU\.DEFAULT\SOFTWARE\Browser Cleanup =>.Avast Software s.r.o HKU\.DEFAULT\SOFTWARE\McAfee =>.McAfee Inc. HKU\S-1-5-21-1881323833-2427591475-425529412-1001\SOFTWARE\AVAST Software =>.AVAST Software HKU\S-1-5-21-1881323833-2427591475-425529412-1001\SOFTWARE\AvastAdSDK =>.Avast Software s.r.o HKU\S-1-5-21-1881323833-2427591475-425529412-1001\SOFTWARE\Browser Cleanup =>.Avast Software s.r.o HKU\.DEFAULT\Software\ByteFence HKU\S-1-5-18\Software\ByteFence HKU\S-1-5-21-1881323833-2427591475-425529412-1001\Software\csastats HKU\S-1-5-21-1881323833-2427591475-425529412-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com HKCU\Software\Lavasoft\Web Companion HKCU\Software\csastats HKCU\Software\undefined HKCU\Software\ProductSetup HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com HKLM\SOFTWARE\Wow6432Node\Lavasoft\Web Companion HKLM\SOFTWARE\Segurazo HKLM\SOFTWARE\WOW6432Node\Segurazo HKLM\SOFTWARE\WOW6432Node\SegurazoAntivirus HKLM\SOFTWARE\WOW6432Node\Torch HKCU\SOFTWARE\App Host Service HKCU\SOFTWARE\Torch HKU\S-1-5-21-1881323833-2427591475-425529412-1001\SOFTWARE\App Host Service HKU\S-1-5-21-1881323833-2427591475-425529412-1001\SOFTWARE\ProductSetup HKU\S-1-5-21-1881323833-2427591475-425529412-1001\SOFTWARE\Torch HKU\S-1-5-21-1881323833-2427591475-425529412-1001\SOFTWARE\undefined O43 - CFD: 18/09/2019 - [] D -- C:\ProgramData\AVAST Software =>.AVAST Software O43 - CFD: 13/04/2017 - [0] D -- C:\Program Files (x86)\Common Files\AV =>.Avast O45 - LFCP:[MD5.B4C48620A44545EFA1EA906372BCEE4F] 20/09/2019 A -- C:\WINDOWS\Prefetch\CENTBROWSERUPDATER.EXE-0AE74C81.pf =>PUP.Optional.CertifiedToolbar O45 - LFCP:[MD5.EC9B9908ED9A405304CFBC3646375195] 20/09/2019 A -- C:\WINDOWS\Prefetch\SEGURAZOCLIENT.EXE-56121933.pf =>SUP.Optional.Segurazo O45 - LFCP:[MD5.6956FACE2BFA0649A6EF4683E57408EC] 20/09/2019 A -- C:\WINDOWS\Prefetch\SEGURAZOUNINSTALLER.EXE-C2533E75.pf =>SUP.Optional.Segurazo O108 - CMH1: PDFsamEnhanced_ManagerExt [64Bits] - {9ADBE344-48D8-4317-8CD7-13DA9095B33B} . (.Orphan.) O69 - SBI: prefs.js [Jacques Gaborieau - x2j640oq.default-nightly] user_pref("dom.forms.autocomplete.formautofill", true); HKLM\SOFTWARE\Microsoft\Tracing\segurazoclient_RASAPI32 HKLM\SOFTWARE\Microsoft\Tracing\segurazoclient_RASMANCS HKLM\SOFTWARE\Microsoft\Tracing\SegurazoService_RASAPI32 HKLM\SOFTWARE\Microsoft\Tracing\SegurazoService_RASMANCS HKLM\SOFTWARE\Microsoft\Tracing\SegurazoUninstaller_RASAPI32 HKLM\SOFTWARE\Microsoft\Tracing\SegurazoUninstaller_RASMANCS C:\Users\Jacques Gaborieau\AppData\Local\{4EE078BC-6A48-1404-07D0-31EC23B8CD74} C:\Users\Jacques Gaborieau\AppData\Local\{4EE078BC-6A48-1404-07D0-31EC23B8CD74}\HowToRemove C:\Users\Jacques Gaborieau\AppData\Local\{4EE078BC-6A48-1404-07D0-31EC23B8CD74}\lenoson C:\Users\Jacques Gaborieau\AppData\Local\{4EE078BC-6A48-1404-07D0-31EC23B8CD74}\tosiri C:\Users\Jacques Gaborieau\AppData\Local\{4EE078BC-6A48-1404-07D0-31EC23B8CD74}\uninst.exe C:\Users\Jacques Gaborieau\AppData\Local\{4EE078BC-6A48-1404-07D0-31EC23B8CD74}\uninstp.dat C:\Users\Jacques Gaborieau\AppData\Local\{4EE078BC-6A48-1404-07D0-31EC23B8CD74}\HowToRemove\chromium-min.jpg C:\Users\Jacques Gaborieau\AppData\Local\{4EE078BC-6A48-1404-07D0-31EC23B8CD74}\HowToRemove\control panel-min-min.JPG C:\Users\Jacques Gaborieau\AppData\Local\{4EE078BC-6A48-1404-07D0-31EC23B8CD74}\HowToRemove\down.png C:\Users\Jacques Gaborieau\AppData\Local\{4EE078BC-6A48-1404-07D0-31EC23B8CD74}\HowToRemove\ff menu.JPG C:\Users\Jacques Gaborieau\AppData\Local\{4EE078BC-6A48-1404-07D0-31EC23B8CD74}\HowToRemove\ff search engine-min.png C:\Users\Jacques Gaborieau\AppData\Local\{4EE078BC-6A48-1404-07D0-31EC23B8CD74}\HowToRemove\HowToRemove.html C:\Users\Jacques Gaborieau\AppData\Local\{4EE078BC-6A48-1404-07D0-31EC23B8CD74}\HowToRemove\hp-min ff.png C:\Users\Jacques Gaborieau\AppData\Local\{4EE078BC-6A48-1404-07D0-31EC23B8CD74}\HowToRemove\hp-min ie.png C:\Users\Jacques Gaborieau\AppData\Local\{4EE078BC-6A48-1404-07D0-31EC23B8CD74}\HowToRemove\search engine.gif C:\Users\Jacques Gaborieau\AppData\Local\{4EE078BC-6A48-1404-07D0-31EC23B8CD74}\HowToRemove\setup pages.gif C:\Users\Jacques Gaborieau\AppData\Local\{4EE078BC-6A48-1404-07D0-31EC23B8CD74}\HowToRemove\sp-min.png C:\Users\Jacques Gaborieau\AppData\Local\{4EE078BC-6A48-1404-07D0-31EC23B8CD74}\HowToRemove\start-min.jpg C:\Users\Jacques Gaborieau\AppData\Local\{4EE078BC-6A48-1404-07D0-31EC23B8CD74}\HowToRemove\up.png HKLM\SYSTEM\CurrentControlSet\Services\SEGURAZOKD C:\Program Files (x86)\Segurazo\SegurazoKD.sys HKLM\SYSTEM\CurrentControlSet\Services\SegurazoSvc C:\Program Files (x86)\Segurazo\SegurazoService.exe C:\Users\Jacques Gaborieau\AppData\Local\Host App Service\Engine\HostAppServiceUpdater.exe C:\WINDOWS\System32\Tasks\App Explorer C:\Users\Jacques Gaborieau\AppData\Local\Google\Chrome\User Data\Default\Extensions\icpgjfneehieebagbmdbhnlpiopdcmna C:\Users\Jacques Gaborieau\AppData\Local\Google\Chrome\User Data\Default\Extensions\idgeoanibcknhniccgaoaiolihidecjn C:\Users\Jacques Gaborieau\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce C:\Users\Jacques Gaborieau\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdpcpceofkopegffcdnffeenbfdldock C:\Users\Jacques Gaborieau\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Segurazo C:\ProgramData\ByteFence C:\ProgramData\Segurazo C:\Users\Jacques Gaborieau\AppData\Roaming\segurazoclient C:\WINDOWS\Prefetch\CENTBROWSERUPDATER.EXE-0AE74C81.pf C:\WINDOWS\Prefetch\SEGURAZOCLIENT.EXE-56121933.pf C:\WINDOWS\Prefetch\SEGURAZOUNINSTALLER.EXE-C2533E75.pf HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\PDFsamEnhanced_ManagerExt HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\segurazoclient_RASAPI32 HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\segurazoclient_RASMANCS HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SegurazoService_RASAPI32 HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SegurazoService_RASMANCS HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SegurazoUninstaller_RASAPI32 HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SegurazoUninstaller_RASMANCS C:\Users\Jacques Gaborieau\AppData\Local\Google\Chrome\User Data\Default\File System\000 HKU\.DEFAULT\Software\ByteFence HKU\S-1-5-18\Software\ByteFence HKU\S-1-5-21-1881323833-2427591475-425529412-1001\Software\csastats HKU\S-1-5-21-1881323833-2427591475-425529412-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com HKCU\Software\Lavasoft\Web Companion HKCU\Software\csastats HKCU\Software\undefined HKCU\Software\ProductSetup HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com HKLM\SOFTWARE\Wow6432Node\Lavasoft\Web Companion [HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Jacques Gaborieau\Desktop\ccsetup561.exe.FriendlyAppName [HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Jacques Gaborieau\Desktop\ccsetup561.exe.ApplicationCompany [HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Jacques Gaborieau\Downloads\ccsetup561.exe.FriendlyAppName [HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Jacques Gaborieau\Downloads\ccsetup561.exe.ApplicationCompany [HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Jacques Gaborieau\Desktop\vlc-3.0.8-win64.exe.FriendlyAppName [HKU\S-1-5-21-1881323833-2427591475-425529412-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Jacques Gaborieau\Desktop\ccsetup561.exe.FriendlyAppName [HKU\S-1-5-21-1881323833-2427591475-425529412-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Jacques Gaborieau\Desktop\ccsetup561.exe.ApplicationCompany [HKU\S-1-5-21-1881323833-2427591475-425529412-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Jacques Gaborieau\Downloads\ccsetup561.exe.FriendlyAppName [HKU\S-1-5-21-1881323833-2427591475-425529412-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Jacques Gaborieau\Downloads\ccsetup561.exe.ApplicationCompany [HKU\S-1-5-21-1881323833-2427591475-425529412-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Jacques Gaborieau\Desktop\vlc-3.0.8-win64.exe.FriendlyAppName [0F7E0DF0322A8671137D1B293F2CA818] [04/06/2019] (.SweetLabs Inc..) - C:\Users\Jacques Gaborieau\AppData\Local\Host App Service\Engine\HostAppService.exe [0F7E0DF0322A8671137D1B293F2CA818] [04/06/2019] (.SweetLabs Inc..) - C:\Users\Jacques Gaborieau\AppData\Local\Host App Service\Engine\HostAppServiceUpdater.exe [0F7E0DF0322A8671137D1B293F2CA818] [04/06/2019] (.SweetLabs Inc..) - C:\Users\Jacques Gaborieau\AppData\Local\Host App Service\Uninstall.exe [12DFC245BB37B84C6DA2FBA4E421B62E] [29/08/2019] (.Digital Communications Inc..) - C:\Program Files (x86)\Segurazo\segurazoclient.exe [12DFC245BB37B84C6DA2FBA4E421B62E] [29/08/2019] (.Digital Communications Inc..) - C:\Program Files (x86)\Segurazo\SegurazoIC.exe [12DFC245BB37B84C6DA2FBA4E421B62E] [29/08/2019] (.Digital Communications Inc..) - C:\Program Files (x86)\Segurazo\SegurazoKD.sys [12DFC245BB37B84C6DA2FBA4E421B62E] [29/08/2019] (.Digital Communications Inc..) - C:\Program Files (x86)\Segurazo\SegurazoService.exe [12DFC245BB37B84C6DA2FBA4E421B62E] [29/08/2019] (.Digital Communications Inc..) - C:\Program Files (x86)\Segurazo\SegurazoUninstaller.exe [12DFC245BB37B84C6DA2FBA4E421B62E] [29/08/2019] (.Digital Communications Inc..) - C:\ProgramData\Segurazo\b\SegurazoClient.exe [12DFC245BB37B84C6DA2FBA4E421B62E] [29/08/2019] (.Digital Communications Inc..) - C:\ProgramData\Segurazo\b\SegurazoEngine.dll [12DFC245BB37B84C6DA2FBA4E421B62E] [29/08/2019] (.Digital Communications Inc..) - C:\ProgramData\Segurazo\b\SegurazoService.exe [12DFC245BB37B84C6DA2FBA4E421B62E] [29/08/2019] (.Digital Communications Inc..) - C:\ProgramData\Segurazo\b\SegurazoShell64_v10149.dll [12DFC245BB37B84C6DA2FBA4E421B62E] [29/08/2019] (.Digital Communications Inc..) - C:\ProgramData\Segurazo\b\SegurazoShell86_v10149.dll [12DFC245BB37B84C6DA2FBA4E421B62E] [29/08/2019] (.Digital Communications Inc..) - C:\ProgramData\Segurazo\b\SegurazoTools.dll [12DFC245BB37B84C6DA2FBA4E421B62E] [29/08/2019] (.Digital Communications Inc..) - C:\ProgramData\Segurazo\b\SegurazoUninstaller.exe EmptyPrefetch EmptyClsid