Script ZHPFix EmptyFlash EmptyTemp EmptyCLSID EmptyPrefetch CreateRestorePoint O4 - HKCU\..\Run: [Discord] . (. - .) -- Discord.exe O4 - HKUS\S-1-5-21-3805239714-2290026042-1328272563-1002\..\Run: [Discord] . (. - .) -- Discord.exe IE Restricted Site Good: webcompanion.com O4 - GS\TaskBar [Antoine]: Discord.lnk . (.GitHub - Update.) C:\Users\Antoine\AppData\Local\Discord\Update.exe --processStart Discord.exe O4 - GS\TaskBar [PC]: Discord.lnk . (.GitHub - Update.) C:\Users\Antoine\AppData\Local\Discord\Update.exe --processStart Discord.exe HKU\S-1-5-21-3805239714-2290026042-1328272563-1002\Software\csastats HKU\S-1-5-21-3805239714-2290026042-1328272563-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com HKCU\Software\Lavasoft\Web Companion HKCU\Software\csastats HKCU\Software\undefined HKCU\Software\ProductSetup HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com HKLM\SOFTWARE\Wow6432Node\Lavasoft\Web Companion HKLM\SOFTWARE\Lavasoft\Web Companion HKLM\SOFTWARE\POLICIES\Mozilla\Firefox HKCU\SOFTWARE\1fcec38f-e773-5444-8669-32b8eb41524b HKCU\SOFTWARE\6a8de3ec-77bc-5daa-a2f5-144fe44d3ebc HKCU\SOFTWARE\Discord HKCU\SOFTWARE\WebBar HKU\S-1-5-21-3805239714-2290026042-1328272563-1002\SOFTWARE\1fcec38f-e773-5444-8669-32b8eb41524b HKU\S-1-5-21-3805239714-2290026042-1328272563-1002\SOFTWARE\6a8de3ec-77bc-5daa-a2f5-144fe44d3ebc HKU\S-1-5-21-3805239714-2290026042-1328272563-1002\SOFTWARE\Discord HKU\S-1-5-21-3805239714-2290026042-1328272563-1002\SOFTWARE\ProductSetup HKU\S-1-5-21-3805239714-2290026042-1328272563-1002\SOFTWARE\undefined HKU\S-1-5-21-3805239714-2290026042-1328272563-1002\SOFTWARE\WebBar HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Goodgame Empire C:\Users\Antoine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc C:\Users\Antoine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Goodgame Empire HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\WinRAR32 HKLM\Software\Classes\CLSID\{B41DB860-8EE4-11D2-9906-E49FADC173CA} HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\WinRAR32 HKU\S-1-5-21-3805239714-2290026042-1328272563-1002\Software\csastats HKU\S-1-5-21-3805239714-2290026042-1328272563-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com HKCU\Software\Lavasoft\Web Companion HKCU\Software\csastats HKCU\Software\undefined HKCU\Software\ProductSetup HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com HKLM\SOFTWARE\Wow6432Node\Lavasoft\Web Companion HKLM\SOFTWARE\Lavasoft\Web Companion HKLM\SOFTWARE\POLICIES\Mozilla\Firefox [HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Antoine\Desktop\MBSetup.exe.FriendlyAppName [HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Antoine\Desktop\MBSetup.exe.ApplicationCompany [HKU\S-1-5-21-3805239714-2290026042-1328272563-1002\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Antoine\Desktop\MBSetup.exe.FriendlyAppName [HKU\S-1-5-21-3805239714-2290026042-1328272563-1002\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]:C:\Users\Antoine\Desktop\MBSetup.exe.ApplicationCompany [01E20D5BE0B5190B1DBFDE9BEF380D9A] [22/09/2021] (.Discord Inc..) - C:\Users\Antoine\AppData\Local\Discord\app-1.0.9003\Discord.exe [02D6AAEAB3924859805EBB529E314DE0] [24/05/2021] (.Discord Inc..) - C:\Users\Antoine\AppData\Local\Discord\Update.exe [0E21A75F74D4984F3E60FB423695295F] [16/12/2020] (.Discord Inc..) - C:\Users\Antoine\AppData\Local\DiscordCanary\Update.exe ~ µTorrent v3.5.5.46074 (P2P) O42 - Logiciel: µTorrent - (.BitTorrent Inc..) [HKCU][64Bits] -- uTorrent HKCU\SOFTWARE\BitTorrent HKU\S-1-5-21-3805239714-2290026042-1328272563-1002\SOFTWARE\BitTorrent O43 - CFD: 03/10/2021 - [] D -- C:\Users\Antoine\AppData\Roaming\uTorrent O43 - CFD: 11/09/2021 - [] D -- C:\Users\Antoine\AppData\Local\BitTorrentHelper O87 - FAEL: "{C17AAAD0-42D7-48C4-9B22-4F5F755FB967}" [Out-None-P17-TRUE] .(.BitTorrent Inc. - µTorrent.) -- C:\Users\Antoine\AppData\Roaming\uTorrent\uTorrent.exe O87 - FAEL: "{3AD167D3-9EC6-4235-B2C1-9421DD5C650E}" [In-None-P17-TRUE] .(.BitTorrent Inc. - µTorrent.) -- C:\Users\Antoine\AppData\Roaming\uTorrent\uTorrent.exe O87 - FAEL: "{BA7EDD67-8480-4B23-BDE7-4F6F53D6BB85}" [In-None-P6-TRUE] .(.BitTorrent Inc. - µTorrent.) -- C:\Users\Antoine\AppData\Roaming\uTorrent\uTorrent.exe O87 - FAEL: "{A5C6C156-C656-4268-A7C9-7CA2D140BA0E}" [In-None-P17-TRUE] .(.BitTorrent Inc. - µTorrent.) -- C:\Users\Antoine\AppData\Roaming\uTorrent\uTorrent.exe O87 - FAEL: "{FB8AAEB6-AFB9-44DE-A071-6B5F7CAB8C82}" [Out-None-P6-TRUE] .(.BitTorrent Inc. - µTorrent.) -- C:\Users\Antoine\AppData\Roaming\uTorrent\uTorrent.exe O87 - FAEL: "{F6AE69F7-5F9D-4F8E-8327-C0B09269F7A7}" [In-None-P6-TRUE] .(.BitTorrent Inc. - µTorrent.) -- C:\Users\Antoine\AppData\Roaming\uTorrent\uTorrent.exe [6F13BCD50963D2F309439E37FD459C7C] [11/09/2021] (.BitTorrent Inc.) - C:\Users\Antoine\AppData\Roaming\uTorrent\uTorrent.exe O42 - Logiciel: µTorrent - (.BitTorrent Inc..) [HKCU][64Bits] -- uTorrent =>BitTorrent (P2P) P2 - EXT FILE: (.Avira Software.) -- C:\Program Files\Mozilla Firefox\browser\features\doh-rollout@mozilla.org.xpi [Unsigned] =>.Avira Software P2 - EXT FILE: (.Avira Software.) -- C:\Program Files\Mozilla Firefox\browser\features\formautofill@mozilla.org.xpi [Unsigned] =>.Avira Software P2 - EXT FILE: (.Avira Software.) -- C:\Program Files\Mozilla Firefox\browser\features\pictureinpicture@mozilla.org.xpi [Unsigned] =>.Avira Software P2 - EXT FILE: (.Avira Software.) -- C:\Program Files\Mozilla Firefox\browser\features\screenshots@mozilla.org.xpi [Unsigned] =>.Avira Software P2 - EXT FILE: (.Avira Software.) -- C:\Program Files\Mozilla Firefox\browser\features\webcompat-reporter@mozilla.org.xpi [Unsigned] =>.Avira Software P2 - EXT FILE: (.Avira Software.) -- C:\Program Files\Mozilla Firefox\browser\features\webcompat@mozilla.org.xpi [Unsigned] =>.Avira Software HKLM\SOFTWARE\AVG =>.AVG Software HKCU\SOFTWARE\AVG =>.AVG Software HKU\S-1-5-21-3805239714-2290026042-1328272563-1002\SOFTWARE\AvastAdSDK =>.Avast Software s.r.o HKU\S-1-5-21-3805239714-2290026042-1328272563-1002\SOFTWARE\AVG =>.AVG Software O43 - CFD: 03/09/2021 - [] D -- C:\ProgramData\AVG =>.AVG Software HKCU\SOFTWARE\AvastAdSDK =>.Avast Software s.r.o HKCU\SOFTWARE\BitTorrent =>.BitTorrent (P2P) HKU\S-1-5-21-3805239714-2290026042-1328272563-1002\SOFTWARE\BitTorrent =>.BitTorrent (P2P) O43 - CFD: 11/09/2021 - [] D -- C:\Users\Antoine\AppData\Local\BitTorrentHelper O87 - FAEL: "{C17AAAD0-42D7-48C4-9B22-4F5F755FB967}" [Out-None-P17-TRUE] .(.BitTorrent Inc. - µTorrent.) -- C:\Users\Antoine\AppData\Roaming\uTorrent\uTorrent.exe =>BitTorrent (P2P) O87 - FAEL: "{3AD167D3-9EC6-4235-B2C1-9421DD5C650E}" [In-None-P17-TRUE] .(.BitTorrent Inc. - µTorrent.) -- C:\Users\Antoine\AppData\Roaming\uTorrent\uTorrent.exe =>BitTorrent (P2P) O87 - FAEL: "{BA7EDD67-8480-4B23-BDE7-4F6F53D6BB85}" [In-None-P6-TRUE] .(.BitTorrent Inc. - µTorrent.) -- C:\Users\Antoine\AppData\Roaming\uTorrent\uTorrent.exe =>BitTorrent (P2P) O87 - FAEL: "{A5C6C156-C656-4268-A7C9-7CA2D140BA0E}" [In-None-P17-TRUE] .(.BitTorrent Inc. - µTorrent.) -- C:\Users\Antoine\AppData\Roaming\uTorrent\uTorrent.exe =>BitTorrent (P2P) O87 - FAEL: "{FB8AAEB6-AFB9-44DE-A071-6B5F7CAB8C82}" [Out-None-P6-TRUE] .(.BitTorrent Inc. - µTorrent.) -- C:\Users\Antoine\AppData\Roaming\uTorrent\uTorrent.exe =>BitTorrent (P2P) O87 - FAEL: "{F6AE69F7-5F9D-4F8E-8327-C0B09269F7A7}" [In-None-P6-TRUE] .(.BitTorrent Inc. - µTorrent.) -- C:\Users\Antoine\AppData\Roaming\uTorrent\uTorrent.exe =>BitTorrent (P2P) https://nicolascoolman.eu/forum/Topic/repaquetage-et-infection/ =>BitTorrent (P2P) https://nicolascoolman.eu/forum/Topic/warning-eventlogapp-evenement-dapplication/ =>Warning.EventLogApp [6F13BCD50963D2F309439E37FD459C7C] [11/09/2021] (.BitTorrent Inc.) - C:\Users\Antoine\AppData\Roaming\uTorrent\uTorrent.exe =>BitTorrent (P2P) HKU\S-1-5-21-3805239714-2290026042-1328272563-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com =>PUP.Optional.LavasoftWebCompanion HKCU\Software\Lavasoft\Web Companion =>PUP.Optional.LavasoftWebCompanion HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com =>PUP.Optional.LavasoftWebCompanion HKLM\SOFTWARE\Wow6432Node\Lavasoft\Web Companion =>PUP.Optional.LavasoftWebCompanion HKLM\SOFTWARE\Lavasoft\Web Companion =>PUP.Optional.LavasoftWebCompanion HKLM\SOFTWARE\WOW6432Node\Lavasoft =>.Lavasoft HKCU\SOFTWARE\Lavasoft =>.Lavasoft HKU\S-1-5-21-3805239714-2290026042-1328272563-1002\SOFTWARE\Lavasoft =>.Lavasoft HKU\S-1-5-21-3805239714-2290026042-1328272563-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com =>PUP.Optional.LavasoftWebCompanion HKCU\Software\Lavasoft\Web Companion =>PUP.Optional.LavasoftWebCompanion HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com =>PUP.Optional.LavasoftWebCompanion HKLM\SOFTWARE\Wow6432Node\Lavasoft\Web Companion =>PUP.Optional.LavasoftWebCompanion HKLM\SOFTWARE\Lavasoft\Web Companion =>PUP.Optional.LavasoftWebCompanion