Start::
CloseProcesses:
CreateRestorePoint:
(Corel Corporation -> WinZip Computing) C:\Program Files\WinZip\WzPreloader.exe
HKLM\...\Run: [WinZip UN] => C:\Program Files\WinZip\WZUpdateNotifier.exe [2814096 2019-10-14] (Corel Corporation -> Corel Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Préchargeur.lnk [2020-01-16]
ShortcutTarget: WinZip Préchargeur.lnk -> C:\Program Files\WinZip\WzPreloader.exe (Corel Corporation -> WinZip Computing)
Task: {198EC682-D32C-4446-963F-F1A81E5FCCA4} - System32\Tasks\WinZip Update Notifier 3 => C:\Program Files\WinZip\WZUpdateNotifier.exe [2814096 2019-10-14] (Corel Corporation -> Corel Corporation)
Task: {5A37FAAD-84C3-4337-BAAB-472F8B10267B} - System32\Tasks\WinZip Update Notifier 2 => C:\Program Files\WinZip\WZUpdateNotifier.exe [2814096 2019-10-14] (Corel Corporation -> Corel Corporation)
Task: {DDB4FE7D-D858-41B8-B592-9E0D8ACDBFDB} - System32\Tasks\WinZip Update Notifier 1 => C:\Program Files\WinZip\WZUpdateNotifier.exe [2814096 2019-10-14] (Corel Corporation -> Corel Corporation)
Tcpip\..\Interfaces\{34dae277-ef9a-4e13-b946-7772a31dd4d7}: [DhcpNameServer] 172.168.162.2
CHR Notifications: Default -> hxxps://dutchingextrack.pro; hxxps://fr.softonic.com; hxxps://igeek.vraiforum.com; hxxps://mail.google.com; hxxps://postimg.cc; hxxps://toesuddenlyon.com; hxxps://top-chef.forumactif.org; hxxps://vww.torrent9.cz; hxxps://ww2.emule-island.co; hxxps://www.1formatik.com; hxxps://www.baise3x.com; hxxps://www.bestgamesvault.com; hxxps://www.cnetfrance.fr; hxxps://www.conrad.ch; hxxps://www.cowcotland.com; hxxps://www.emule-island.org; hxxps://www.fnac.com; hxxps://www.gamekult.com; hxxps://www.hardwarecooking.fr; hxxps://www.localsnapsext.com; hxxps://www.plaisirexpress.com; hxxps://www.techmania.ch; hxxps://www.torrent9.pl; hxxps://www.tvlibertes.com; hxxps://www.wondershare.net; hxxps://www1a.debrahinton.pro; hxxps://yoursuperprize.com
CHR HKLM\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh]
CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh]
S3 McSecDashboardService; C:\Program Files\McAfeeDashboard\McSecDashboardService.exe [1270536 2019-02-26] (McAfee, Inc. -> McAfee, Inc.)
S3 tap0901; C:\Windows\System32\drivers\tap0901.sys [36168 2019-10-18] (McAfee, Inc. -> The OpenVPN Project
AV: McAfee VirusScan (Enabled - Up to date) {8BCDACFA-D264-3528-5EF8-E94FD0BC1FBC}
FW: Pare-feu McAfee (Enabled) {B3F62DDF-980B-3470-75A7-407A2E6F58C7}
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files\McAfee\MfeAV\AMSIExt.dll that did not meet the Windows signing level requirements.
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files\McAfee\MfeAV\AMSIExt.dll that did not meet the Windows signing level requirements.
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files\McAfee\MfeAV\AMSIExt.dll that did not meet the Windows signing level requirements.
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files\McAfee\MfeAV\AMSIExt.dll that did not meet the Windows signing level requirements.
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files\McAfee\MfeAV\AMSIExt.dll that did not meet the Windows signing level requirements.
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\McAfee\MfeAV\AMSIExt.dll that did not meet the Windows signing level requirements.
WinZip 24.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C24125}) (Version: 24.0.13650 - Corel Corporation)
CustomCLSID: HKU\S-1-5-21-1050169656-2538382810-1326222184-1001_Classes\CLSID\{CB2B673F-D441-4CD4-AFBE-DC4037CA4220}\InprocServer32 -> C:\Program Files\WinZip\adxloader64.WinZipExpressForOffice.dll (Corel Corporation -> )
ContextMenuHandlers1: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2019-10-14] (Corel Corporation -> WinZip Computing)
ContextMenuHandlers4: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2019-10-14] (Corel Corporation -> WinZip Computing)
ContextMenuHandlers6: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2019-10-14] (Corel Corporation -> WinZip Computing)
FirewallRules: [{F8E329F6-3B27-4FAB-90B7-879EFB3C41E2}] => (Allow) C:\Users\ericb\AppData\Roaming\BitTorrent\BitTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{16F87BE4-B5B1-421B-87EE-A7BEC3F5745A}] => (Allow) C:\Users\ericb\AppData\Roaming\BitTorrent\BitTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{F8E329F6-3B27-4FAB-90B7-879EFB3C41E2}] => (Allow) C:\Users\ericb\AppData\Roaming\BitTorrent\BitTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{16F87BE4-B5B1-421B-87EE-A7BEC3F5745A}] => (Allow) C:\Users\ericb\AppData\Roaming\BitTorrent\BitTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
S3 McSecDashboardService; C:\Program Files\McAfeeDashboard\McSecDashboardService.exe [1270536 2019-02-26] (McAfee, Inc. -> McAfee, Inc.)
S3 tap0901; C:\Windows\System32\drivers\tap0901.sys [36168 2019-10-18] (McAfee, Inc. -> The OpenVPN Project
C:\Users\ericb\AppData\Roaming\BitTorrent
C:\Program Files\McAfeeDashboard
C:\Windows\System32\drivers\tap0901.sys 
Tcpip\..\Interfaces\{59b58583-f9cf-495c-b2d2-34a592b8b83e}: [DhcpNameServer] 185.123.227.250
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
cmd: cscript %windir%\System32\slmgr.vbs /dli
EmptyTemp:
Cmd: ipconfig /flushdns
End::