

Script Zhpfix
O23 - Service: DiscountfinderService (DiscountfinderService) . (...) - C:\ProgramData\Qassa+\DFService.exe (.not file.)
SR - System [11/11/2012] [   30568]  avgtp (avgtp) . (.AVG Technologies.) - C:\Windows\system32\drivers\avgtpx64.sys  =>.AVG Technologies®
SR - System [00/00/0000] [       0]   (upsmart) . (...) - C:\Windows\System32\drivers\upsmart.sys (.not file.) [Unsigned]SR - Demand [00/00/0000] [       0]  gdrv (gdrv) . (...) - C:\Windows\gdrv.sys (.not file.) [Unsigned]
O4 - HKCU\..\Run: [CCleaner Smart Cleaning] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner64.exe  =>.Piriform Ltd®
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe [Unsigned]  =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe [Unsigned]  =>.Microsoft Corporation
O4 - HKLM\..\Wow6432Node\Run: [deadsurfv1.1] . (. - .) -- C:\Users\SUMicro\AppData\Local\Apps\2.0\H33MJAXZ.4CB\4D0PQ214.H6Z\dead..tion_0000000000000000_0001.0002_058d90b7aa34d6de\deadsurfv1.2.exe (.Not File.)
O4 - HKLM\..\Wow6432Node\Run: [pipilajeux] . (. - .) -- C:\Users\SUMicro\AppData\Local\Apps\2.0\H33MJAXZ.4CB\4D0PQ214.H6Z\pipi..tion_0000000000000000_0001.0002_0dbb9696134c628a\pipilajeux.exe (.Not File.)
O4 - HKLM\..\Wow6432Node\Run: [soulcodev1._2] . (. - .) -- C:\Users\SUMicro\AppData\Local\Apps\2.0\H33MJAXZ.4CB\4D0PQ214.H6Z\soul..tion_0000000000000000_0001.0002_41d9d682e7b47003\soulcodev1.2.exe (.Not File.)
O4 - HKLM\..\Wow6432Node\Run: [AvgUi] . (. - .) -- C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe (.Not File.)
O90 - PUC: "4255D12C079AAF24CAA8958B7CDCAC13" [HKLM] . (.QuickTime.) -- C:\Windows\Installer\{C21D5524-A970-42FA-AC8A-59B8C7CDCA31}\ARPPRODUCTICON.exe
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION]:ByteFence.exe
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\Cover Designer
HKLM\Software\Classes\CLSID\{73FCA462-9BD5-4065-A73F-A8E5F6904EF7}
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\MyPhoneExplorer
HKLM\Software\Classes\CLSID\{A372C6DF-7A85-41B1-B3B0-D1E24073DCBF}
HKLM\SOFTWARE\AdsFix  =>.g3n-h@ckm@n
HKLM\SOFTWARE\AVG  =>.AVG Software
HKLM\SOFTWARE\AVG Persistent  =>.AVG Software
HKLM\SOFTWARE\WOW6432Node\AVG  =>.AVG Software
HKCU\SOFTWARE\Avg  =>.AVG Software
HKCU\SOFTWARE\AVG SafePrice  =>.AVG Software
HKCU\SOFTWARE\Browser Cleanup  =>.Avast Software s.r.o
HKCU\SOFTWARE\Lavalys  =>.Lavalys
HKCU\SOFTWARE\Safer Networking Limited  =>.Safer Networking Limited
HKU\S-1-5-21-307583734-2264425077-543724504-1000\SOFTWARE\Avg  =>.AVG Software
HKU\S-1-5-21-307583734-2264425077-543724504-1000\SOFTWARE\AVG SafePrice  =>.AVG Software
HKU\S-1-5-21-307583734-2264425077-543724504-1000\SOFTWARE\Browser Cleanup  =>.Avast Software s.r.o
HKU\S-1-5-21-307583734-2264425077-543724504-1000\SOFTWARE\Lavalys  =>.Lavalys
HKU\S-1-5-21-307583734-2264425077-543724504-1000\SOFTWARE\Safer Networking Limited  =>.Safer Networking Limited
O43 - CFD: 13/07/2019 - [] D -- C:\Program Files (x86)\AVG  =>.AVG Software
O43 - CFD: 29/07/2012 - [] D -- C:\Program Files (x86)\Lavalys  =>.Lavalys
O43 - CFD: 21/06/2017 - [0] D -- C:\Program Files (x86)\Lavasoft  =>.Lavasoft
O43 - CFD: 22/06/2017 - [] D -- C:\Program Files (x86)\Spybot - Search & Destroy  =>.SaferNetworking
O43 - CFD: 12/12/2015 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp  =>.AVG Software
O43 - CFD: 29/07/2012 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavalys  =>.Lavalys
O43 - CFD: 12/07/2019 - [] D -- C:\ProgramData\Avg  =>.AVG Software
O43 - CFD: 21/06/2017 - [0] D -- C:\ProgramData\Lavasoft  =>.Lavasoft
O43 - CFD: 22/06/2017 - [] D -- C:\ProgramData\Spybot - Search & Destroy  =>.SaferNetworking
O43 - CFD: 13/07/2019 - [] D -- C:\Users\SUMicro\AppData\Roaming\AVG  =>.AVG Software
O43 - CFD: 13/07/2019 - [] D -- C:\Users\SUMicro\AppData\Local\Avg  =>.AVG Software
O43 - CFD: 05/02/2016 - [0] SHD -- C:\Users\SUMicro\AppData\Local\EmieSiteList  =>.ATTENTION
O43 - CFD: 05/02/2016 - [0] SHD -- C:\Users\SUMicro\AppData\Local\EmieUserList  =>.ATTENTION
O43 - CFD: 25/10/2016 - [] D -- C:\Users\SUMicro\AppData\Local\MFAData  =>.AVG Software
O43 - CFD: 30/05/2018 - [] D -- C:\Windows\System32\Config\systemprofile\AppData\Local\Avg  =>.AVG Software
O43 - CFD: 30/05/2018 - []  -- C:\Windows\System32\Config\systemprofile\AppData\Local\AvgSetupLog  =>.AVG Software
O43 - CFD: 11/07/2015 - [] D -- C:\Windows\System32\Config\systemprofile\AppData\Local\MFAData  =>.AVG Software
O108 - CMH1: Cover Designer [64Bits] - {73FCA462-9BD5-4065-A73F-A8E5F6904EF7} . (.Orphan.) [Unsigned]
O108 - CMH1: MyPhoneExplorer [64Bits] - {A372C6DF-7A85-41B1-B3B0-D1E24073DCBF} . (.Orphan.) [Unsigned]
[MD5.D7C8F629A87765492DAA8856DE7A9CCC] [WIS][2016/03/06 00:43:31] (.AVG Technologies CZ, s.r.o. - Visual Studio 2012 x86 Redistributables.) -- C:\Windows\Installer\2a9cf0.msi  [40960]  =>.AVG Technologies CZ, s.r.o.
[MD5.59D0F30F102B382B13DD66A97A09E110] [WIS][2016/03/06 00:43:32] (.AVG Technologies - Visual Studio 2012 x64 Redistributables.) -- C:\Windows\Installer\2a9cf6.msi  [13684736]  =>.AVG Technologies
[MD5.7E2B71002787ADB50AC6FE7D4499C668] [WIS][2016/03/06 00:43:39] (.AVG Technologies - Visual Studio 2008 x64 Redistributables.) -- C:\Windows\Installer\8ecc88.msi  [8544256]  =>.AVG Technologies
C:\Windows\Installer\10405fb.msp
C:\Windows\Installer\111db50.msp
C:\Windows\Installer\151d13.msp
C:\Windows\Installer\18d163f.msp
C:\Windows\Installer\18d34bf.msp
C:\Windows\Installer\18e2254.msp
C:\Windows\Installer\bbb00.msp
C:\Windows\Installer\bf88a.msp
C:\Windows\Installer\c32a9.msp
C:\Windows\Installer\c41a4.msp
C:\Windows\Installer\c6906.msp
C:\Windows\Installer\c7f4b.msp
C:\Windows\Installer\cc363.msp
C:\Windows\Installer\ccad6.msp
C:\Windows\Installer\ccbb8c.msp
C:\Windows\Installer\ccc045.msp
C:\Windows\Installer\ccfc13.msp
C:\Windows\Installer\cf40a1.msp
C:\Windows\Installer\cf6d7f.msp
C:\Windows\Installer\d0a7d.msp
C:\Windows\Installer\d7852.msp
C:\Windows\Installer\e21010.msp
C:\Windows\Installer\e3a53.msp
C:\Windows\Installer\e596e.msp
C:\Windows\Installer\ef78a.msp
C:\Windows\Installer\f6495.msp
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:E:\Logiciels\wcg_boinc_6.10.58_windows_intelx86.exe
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files\Norton Security\Engine\22.17.3.50\NortonSecurity.exe
[HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:E:\Logiciels\CaisseEpargne.exe
[HKU\S-1-5-21-307583734-2264425077-543724504-1000\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:E:\Logiciels\wcg_boinc_6.10.58_windows_intelx86.exe
[HKU\S-1-5-21-307583734-2264425077-543724504-1000\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Program Files\Norton Security\Engine\22.17.3.50\NortonSecurity.exe
[HKU\S-1-5-21-307583734-2264425077-543724504-1000\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:E:\Logiciels\CaisseEpargne.exe
C:\Windows\SysWOW64\lavasofttcpservice.dll
C:\Windows\System32\lavasofttcpservice.dll
EmptyPrefetch
EmptyClsid