Script ZHPFix
EmptyFlash
EmptyTemp
SysRestore

O23 - Service: flowhlp (flowhlp) . (...) - C:\Windows\System32\drivers\flowhlp.dat {6274BCC996A322D6FD7A194701878545}
O23 - Service: Tower Photograph (gemeloki) . (...) - C:\Program Files\2944157f-2ee9-4d74-8ffc-9600d9faddbc1492635663\prot2944157f-2ee9-4d74-8ffc-9600d9faddbc.tmpfs  =>Adware.CrossRider
SS - Boot   [05/05/2017] [  134248]  flowhlp (flowhlp) . (...) - C:\Windows\System32\drivers\flowhlp.dat {6274BCC996A322D6FD7A194701878545}
SR - Auto   [19/04/2017] [  230400]  Tower Photograph (gemeloki) . (...) - C:\Program Files\2944157f-2ee9-4d74-8ffc-9600d9faddbc1492635663\prot2944157f-2ee9-4d74-8ffc-9600d9faddbc.tmpfs  =>Adware.CrossRider
SS - Boot   [25/07/2016] [  324224]  flowhlp (flowhlp) . (...) - C:\Windows\System32\drivers\flowhlp.dat {6274BCC996A322D6FD7A194701878545}
SR - Auto   [25/07/2016] [  324224]  Tower Photograph (gemeloki) . (...) - C:\Program Files\2944157f-2ee9-4d74-8ffc-9600d9faddbc1492635663\prot2944157f-2ee9-4d74-8ffc-9600d9faddbc.tmpfs  =>Adware.CrossRider

O39 - APT: Unknown - (...) -- C:\WINDOWS\System32\Tasks\Aritey Schedule  [6108] 
O39 - APT: Unknown - (.Legitimate.) -- C:\WINDOWS\System32\Tasks\CreateExplorerShellUnelevatedTask  [3646] 
O39 - APT: Unknown - (...) -- C:\WINDOWS\System32\Tasks\Pritc  [3036] 
O39 - APT: Unknown - (...) -- C:\WINDOWS\System32\Tasks\SMW_UpdateTask_Time_323633353331333236302d3437415a556c2a3223346c41  [4414] 
O39 - APT: Unknown - (...) -- C:\WINDOWS\System32\Tasks\{6CE27DAD-E462-4538-AD6C-560EF9389D42}  [3244] 
O39 - APT: Unknown - (...) -- C:\WINDOWS\System32\Tasks\{8F0EBAB6-2064-8F29-B0A4-59D1C6B0FD2E}  [3884] 
O39 - APT: Unknown - (...) -- C:\WINDOWS\System32\Tasks\{CE33BCA0-4BA8-4B12-A90B-F43EF7F55E27}  [3234] 
O39 - APT: Unknown - (...) -- C:\WINDOWS\System32\Tasks\{E071AFCD-57DA-1866-DC06-195A93EF8915}  [4184] 
[MD5.00000000000000000000000000000000] [APT] [OneDrive Standalone Update Task] (...) -- C:\Users\Elodie\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe (.not file.)   [0] (.Activate.)   =>.Superfluous.Empty 
[MD5.00000000000000000000000000000000] [APT] [Opera scheduled Autoupdate 1441960716] (...) -- C:\Users\Elodie\AppData\Local\Programs\Opera\launcher.exe (.not file.)   [0] (.Activate.)   =>.Superfluous.Empty 
[MD5.C2EBA16E81B7F38670A2FC452F97AA3C] [APT] [Pritc] (.Chengdu Xingju Infinite Technology Co.,Ltd..) -- C:\Users\Elodie\AppData\Local\Temp\30018\setup.exe   [1437184] (.Activate.) 
[MD5.00000000000000000000000000000000] [APT] [SMW_UpdateTask_Time_323633353331333236302d3437415a556c2a3223346c41] (...) -- C:\ProgramData\SearchModule\smhe.js" smu.exe (.not file.)   [0] (.Activate.)   =>.Superfluous.Empty 
[MD5.00000000000000000000000000000000] [APT] [{6CE27DAD-E462-4538-AD6C-560EF9389D42}] (...) -- C:\WINDOWS\b5d03e1f945670f32c436bd75cae4dcd.exe (.not file.)   [0] (.Activate.)   =>.Superfluous.Empty 
[MD5.00000000000000000000000000000000] [APT] [{CE33BCA0-4BA8-4B12-A90B-F43EF7F55E27}] (...) -- C:\Program Files\YeaDesktop\unins000.exe (.not file.)   [0] (.Activate.)   =>PUP.Optional.Zusy 
[MD5.B2E89751A16303469A5962C778F0D04B] [APT] [{E071AFCD-57DA-1866-DC06-195A93EF8915}] (...) -- C:\ProgramData\{BB4CB084-0CE7-072F-66D3-BCA9D22EEC64}\8A174D56-3DBC-FAFD-4A8B-923760C782DE.exe   [2026496] (.Activate.)   =>Adware.CrossRider 
[MD5.23985274780D27117C470AA259B79B30] [APT] [Apple\AppleSoftwareUpdate] (.Apple Inc..) -- C:\Program Files\Apple Software Update\SoftwareUpdate.exe   [569416] (.Activate.)   =>.Apple Inc.® 
[MD5.00000000000000000000000000000000] [APT] [Lenovo\Lenovo Customer Feedback Program 35] (...) -- C:\Program Files\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe (.not file.)   [0] (.Activate.)   =>.Superfluous.Empty 
[MD5.00000000000000000000000000000000] [APT] [Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan] (...) -- c:\Program Files\Microsoft Security Client\MpCmdRun.exe (.not file.)   [0] (.Activate.)   =>.Superfluous.Empty 
O39 - APT: OneDrive Standalone Update Task - (...) -- C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task  [2824]  (.Orphan.)   =>.Superfluous.Orphan 
O39 - APT: OneDrive Standalone Update Task - (...) -- C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2  [3280]  (.Orphan.)   =>.Superfluous.Orphan 
O39 - APT: Opera scheduled Autoupdate 1441960716 - (...) -- C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1441960716  [3594]  (.Orphan.)   =>.Superfluous.Orphan 
O39 - APT: Pritc - (.Chengdu Xingju Infinite Technology Co.,Ltd..) -- C:\WINDOWS\System32\Tasks\Pritc  [3036] 
O39 - APT: SMW_UpdateTask_Time_323633353331333236302d3437415a556c2a3223346c41 - (...) -- C:\WINDOWS\System32\Tasks\SMW_UpdateTask_Time_323633353331333236302d3437415a556c2a3223346c41  [4414]  (.Orphan.)   =>.Superfluous.Orphan 
O39 - APT: {6CE27DAD-E462-4538-AD6C-560EF9389D42} - (...) -- C:\WINDOWS\System32\Tasks\{6CE27DAD-E462-4538-AD6C-560EF9389D42}  [3244]  (.Orphan.)   =>.Superfluous.Orphan 
O39 - APT: {CE33BCA0-4BA8-4B12-A90B-F43EF7F55E27} - (...) -- C:\WINDOWS\System32\Tasks\{CE33BCA0-4BA8-4B12-A90B-F43EF7F55E27}  [3234]  (.Orphan.)   =>PUP.Optional.Zusy 
O39 - APT: {E071AFCD-57DA-1866-DC06-195A93EF8915} - (...) -- C:\WINDOWS\System32\Tasks\{E071AFCD-57DA-1866-DC06-195A93EF8915}  [4184]   =>Adware.CrossRider 

[MD5.20EE5B11FC69945DB113652D77F9F3EA] - (.bhim - rass.) -- C:\Program Files\InstallShield Installation Information\2X3T25AHM5BFYEO0T4P26MX9O0QAMCCTDU6Y1QRHS4PQO6JFSWDTJMSPA4EBOA5\NwhUekPvdK.exe [519168] [PID.11980]

O4 - HKCU\..\Run: [1Q4YCM0WO5OY324] . (.WWGU6 - WWGU6A.) -- C:\Program Files\1RW20S2Z1Z\1RW20S2Z1.exe 
O4 - HKCU\..\Run: [U9Y0ACFU92HDED5] . (.WWGU6 - WWGU6A.) -- C:\Program Files\1TVF5ASB1A\1TVF5ASB1.exe 
O4 - HKCU\..\Run: [42422791] . (.5aldoun - wika.) -- C:\Users\Elodie\AppData\Roaming\32264157\407887.exe 
O4 - HKCU\..\Run: [KpRH7A9cEE.exe] . (.for - smart.) -- C:\Program Files\Bonjour\IVK504NJZ6T7CN\KpRH7A9cEE.exe 
O4 - HKCU\..\Run: [7C8536QXKGMC2TS] . (.WWGU6 - WWGU6A.) -- C:\Program Files\Q2F8W9CMYC\Q2F8W9CMY.exe 
O4 - HKCU\..\Run: [5DDSGW9Y2YZS7O8] C:\Program Files\SpeeDownloader\PF56Z.exe (.not file.)   =>Adware.SpeeDownloader 
O4 - HKCU\..\Run: [CNDZK1QIYXBBFND] . (.WWGU6 - WWGU6A.) -- C:\Program Files\6UZ4K4TV75\6UZ4K4TV7.exe 
O4 - HKCU\..\Run: [0I33VAZGJBADEXX] . (.WWGU6 - WWGU6A.) -- C:\Program Files\2IGQXF5WV9\2IGQXF5WV.exe 
O4 - HKCU\..\Run: [5D7QHHJZU2OVZEO] . (.WWGU6 - WWGU6A.) -- C:\Program Files\TCXBL23GUV\OT519D6R5.exe 
O4 - HKCU\..\Run: [DQIX3SEGPPLQCO4] . (.WWGU6 - WWGU6A.) -- C:\Program Files\XK7E753B6Z\XK7E753B6.exe 
O4 - HKCU\..\Run: [37286910] . (.5aldoun - wika.) -- C:\Users\Elodie\AppData\Roaming\61948186\126738.exe 
O4 - HKCU\..\Run: [6GFOSOGHRYVMEC1] . (.WWGU6 - WWGU6A.) -- C:\Program Files\QCVNS9H3M5\GAB23WMN6.exe 
O4 - HKCU\..\Run: [H6BR7N08N2XGZYB] C:\Program Files\SpeeDownloader\THUY3.exe (.not file.)   =>Adware.SpeeDownloader 
O4 - HKCU\..\Run: [FA7N3YZZSCXZKV7] . (.WWGU6 - WWGU6A.) -- C:\Program Files\HNWQIYDWGD\HNWQIYDWG.exe 
O4 - HKCU\..\Run: [Pritc] . (.Chengdu Xingju Infinite Technology Co.,Ltd. - Application.) -- C:\Users\Elodie\AppData\Local\Temp\30018\setup.exe 
O4 - HKCU\..\Run: [QY6AQN2MTLY0WMB] . (.WWGU6 - WWGU6A.) -- C:\Program Files\7VFVJC4U16\Q9A9PJ5ED.exe 
O4 - HKCU\..\Run: [6S69CXZCWUZPEOU] . (.WWGU6 - WWGU6A.) -- C:\Program Files\4KL09E3QR6\4KL09E3QR.exe 
O4 - HKCU\..\Run: [F8OWD5ZGKIGDJOL] . (.WWGU6 - WWGU6A.) -- C:\Program Files\Y0662RMDG4\54US2UIXA.exe 
O4 - HKCU\..\Run: [RGAELUFEKZS45BU] . (.WWGU6 - WWGU6A.) -- C:\Program Files\AXZHCIJCXW\PQ5T2JGRM.exe 
O4 - HKCU\..\Run: [RAVWUO7H28A3MN1] . (.WWGU6 - WWGU6A.) -- C:\Program Files\REVLJUZ5Y2\4320RU56X.exe 
O4 - HKCU\..\Run: [8VZZEJT5KCJHGHL] . (.Copyright © 7553 - 5S4%LZL0.) -- C:\Program Files\GUE2G6KHXJ\TJKHO5QIX.exe 
O4 - HKCU\..\Run: [H77W87CD1HGBZSI] . (.Copyright © 7553 - 5S4%LZL0.) -- C:\Program Files\5KOOOAZX8C\5KOOOAZX8.exe 
O4 - HKCU\..\Run: [37FLVLX9Y943HJW] . (.Copyright © 7553 - 5S4%LZL0.) -- C:\Program Files\V87DIBNZUM\2CVZIFJJO.exe 
O4 - HKCU\..\Run: [FYOQS6ZE0G9C1W7] . (.Copyright © 7553 - 5S4%LZL0.) -- C:\Program Files\OP60WP29LG\OP60WP29L.exe 
O4 - HKCU\..\Run: [CVHL3E7N3IGJ65Y] . (.Copyright © 7553 - 5S4%LZL0.) -- C:\Program Files\5S9P0Y4Q22\5S9P0Y4Q2.exe 
O4 - HKCU\..\Run: [HEM9TX0L333E9F1] . (.Copyright © 7553 - 5S4%LZL0.) -- C:\Program Files\A4YMZ6M1DJ\EPNOFBQ70.exe 
O4 - HKCU\..\Run: [60QM868N51D0JXO] . (.Copyright © 7553 - 5S4%LZL0.) -- C:\Program Files\E05Q9TZYI8\E05Q9TZYI.exe 
O4 - HKCU\..\Run: [QQVT1MOAHBV1GY0] . (.Copyright © 7553 - 5S4%LZL0.) -- C:\Program Files\7HGTH981VN\7HGTH981V.exe 
O4 - HKCU\..\Run: [NCF9HINOVGQF2IP] . (.YWQ6MDM5Z - YWQ6MD.) -- C:\Program Files\HGBJRZHITS\HGBJRZHIT.exe 
O4 - HKCU\..\Run: [VJQ34KJH08L49XJ] . (.YWQ6MDM5Z - YWQ6MD.) -- C:\Program Files\614RQ516L7\QUZSY74RE.exe 
O4 - HKCU\..\Run: [AAB4W6QS7GIOKSO] . (.YWQ6MDM5Z - YWQ6MD.) -- C:\Program Files\9OXR3ZE40H\66Y7J1MQT.exe 
O4 - HKCU\..\Run: [2JLB8SW8D6G0KKM] . (.YWQ6MDM5Z - YWQ6MD.) -- C:\Program Files\5P8FFWF69V\5P8FFWF69.exe 
O4 - HKCU\..\Run: [G7J6DCBYFN8AX6Q] . (.YWQ6MDM5Z - YWQ6MD.) -- C:\Program Files\RTISQGTP2G\RTISQGTP2.exe 
O4 - HKCU\..\Run: [2W08PK08M3EBE1E] . (.YWQ6MDM5Z - YWQ6MD.) -- C:\Program Files\3RBZTG1DCV\3RBZTG1DC.exe 
O4 - HKCU\..\Run: [RDZ3ML2TBIZMG2V] . (.YWQ6MDM5Z - YWQ6MD.) -- C:\Program Files\71TL61ASAZ\71TL61ASA.exe 
O4 - HKCU\..\Run: [78QQDK5WRWDSSQ8] . (.YWQ6MDM5Z - YWQ6MD.) -- C:\Program Files\EI5HUHLIUA\4WIBAGXKT.exe 
O4 - HKCU\..\Run: [VGVTJVI5NV6X448] . (.YWQ6MDM5Z - YWQ6MD.) -- C:\Program Files\XOVFR4269L\XOVFR4269.exe 
O4 - HKCU\..\Run: [K9Z7ST87KXCKBEF] . (.Copyright © 9457 - ZGAA071.) -- C:\Program Files\Q4RS1WILS2\3TX79VOMS.exe 
O4 - HKCU\..\Run: [TRLJ2MSI8KG0W4E] . (.Copyright © 9457 - ZGAA071.) -- C:\Program Files\LTPPEVROOS\WH2EU4RE5.exe 
O4 - HKCU\..\Run: [LBXN55L9WKHE5UF] . (.Copyright © 9457 - ZGAA071.) -- C:\Program Files\IAQ6UXZAG1\23L7201VA.exe 
O4 - HKCU\..\Run: [U49XIRA54ZT2DEG] . (.Copyright © 9457 - ZGAA071.) -- C:\Program Files\D0XDXPI47O\0DHHLXOVN.exe 
O4 - HKCU\..\Run: [K7C93E8LN2ARIDO] . (.Copyright © 9457 - ZGAA071.) -- C:\Program Files\384YOQ52M1\384YOQ52M.exe 
O4 - HKCU\..\Run: [3WUVPC1OKYEAL2V] . (.Copyright © 9457 - ZGAA071.) -- C:\Program Files\Y02IOC4Y24\ITXJWE6JW.exe 
O4 - HKCU\..\Run: [U3X0GLUBWZVRFDV] . (.YK - YKFHBO7.) -- C:\Program Files\ZFAK1ZHEXG\C4HY9YNFW.exe 
O4 - HKCU\..\Run: [I0KPZHTKY1LFU1Y] . (.YK - YKFHBO7.) -- C:\Program Files\ZFAK1ZHEXG\ZFAK1ZHEX.exe 
O4 - HKCU\..\Run: [MWXYLEZBY806GRI] . (.M5V6CY9M - M5V.) -- C:\Program Files\RCNKLGOHED\B5HLTJQ28.exe 

G0 - GCSP: Preferences [User Data\Default][HomePage] http://seen-on-screen.thewhizmarketing.com 
P2 - EXT FILE: (...) -- C:\Users\Elodie\AppData\Roaming\Mozilla\Firefox\Profiles\ro3tdvdr.default\searchplugins\dj5tfawq.xml 

O4 - GS\Desktop [Administrateur]: Comptes Elodie - Raccourci.lnk . (...) C:\Users\Elodie\Comptes Elodie.ods 
O4 - GS\Desktop [Administrateur]: Continue Last version Installation.lnk . (.Hobacuda - Hobepim Setup.) C:\Users\Elodie\AppData\Local\Temp\ICReinstall_736F.tmp.exe /chnl=lv_nochpc "/productTitle=Last version" /RR /mnl 
O4 - GS\Desktop [Administrateur]: Continuer Installation de Wondershare Video Editor 6.1.0.lnk . (...) C:\Users\Elodie\AppData\Local\Temp\ICReinstall_wondershare-video-editor-6.1.0.exe /ppn:YyhwYgxaFRAiP211FM5W /mnl /RR 
O4 - GS\Quicklaunch [Administrateur]: À¶Ô¹ٷ½¿Í»§¶Ë.lnk . (.浙江盛和网络科技有限公司 - 蓝月官方客户端.) C:\Users\Elodie\AppData\Roaming\À¶Ô¹ٷ½¿Í»§¶Ë\À¶Ô¹ٷ½¿Í»§¶Ë.exe   {3E830146C7C17F0ABFE1A634ACA4FBB2} 
O4 - GS\Desktop [Elodie]: Continue Last version Installation.lnk . (.Hobacuda - Hobepim Setup.) C:\Users\Elodie\AppData\Local\Temp\ICReinstall_736F.tmp.exe /chnl=lv_nochpc "/productTitle=Last version" /RR /mnl 
O4 - GS\Desktop [Elodie]: Continuer Installation de Wondershare Video Editor 6.1.0.lnk . (...) C:\Users\Elodie\AppData\Local\Temp\ICReinstall_wondershare-video-editor-6.1.0.exe /ppn:YyhwYgxaFRAiP211FM5W /mnl /RR 
O4 - GS\Quicklaunch [Elodie]: À¶Ô¹ٷ½¿Í»§¶Ë.lnk . (.浙江盛和网络科技有限公司 - 蓝月官方客户端.) C:\Users\Elodie\AppData\Roaming\À¶Ô¹ٷ½¿Í»§¶Ë\À¶Ô¹ٷ½¿Í»§¶Ë.exe   {3E830146C7C17F0ABFE1A634ACA4FBB2} 
O4 - GS\Desktop [Inès]: Continue Last version Installation.lnk . (.Hobacuda - Hobepim Setup.) C:\Users\Elodie\AppData\Local\Temp\ICReinstall_736F.tmp.exe /chnl=lv_nochpc "/productTitle=Last version" /RR /mnl 
O4 - GS\Desktop [Inès]: Continuer Installation de Wondershare Video Editor 6.1.0.lnk . (...) C:\Users\Elodie\AppData\Local\Temp\ICReinstall_wondershare-video-editor-6.1.0.exe /ppn:YyhwYgxaFRAiP211FM5W /mnl /RR 
O4 - GS\Quicklaunch [Inès]: À¶Ô¹ٷ½¿Í»§¶Ë.lnk . (.浙江盛和网络科技有限公司 - 蓝月官方客户端.) C:\Users\Elodie\AppData\Roaming\À¶Ô¹ٷ½¿Í»§¶Ë\À¶Ô¹ٷ½¿Í»§¶Ë.exe   {3E830146C7C17F0ABFE1A634ACA4FBB2} 
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 82.163.143.176 82.163.142.178   =>Adware.DNSUnlocker 

HKLM\SOFTWARE\XiSoftware
HKLM\SOFTWARE\xkopu.exe
HKLM\SOFTWARE\Zberpy
O42 - Logiciel: AdBlocker - (.Star Line.) [HKLM] -- {D39B0192-9F6F-48F9-8FBF-21F6A6B4C3F2}_is1     
HKLM\SOFTWARE\6E8FBC8774904E7FB23C829771911B00   =>Adware.CrossRider 
HKCU\SOFTWARE\6E8FBC8774904E7FB23C829771911B00   =>Adware.CrossRider 
HKCU\SOFTWARE\favorites     
O43 - CFD: 28/05/2017 - [] D -- C:\Program Files\04J66ZH7M0   =>Adware.Wizzcaster 
O43 - CFD: 21/04/2017 - [] D -- C:\Program Files\198X0TBNYE   =>Adware.Wizzcaster 
O43 - CFD: 19/04/2017 - [] D -- C:\Program Files\1RW20S2Z1Z   =>Adware.Wizzcaster 
O43 - CFD: 19/04/2017 - [] D -- C:\Program Files\1TVF5ASB1A   =>Adware.Wizzcaster 
O43 - CFD: 29/05/2017 - [] D -- C:\Program Files\2944157f-2ee9-4d74-8ffc-9600d9faddbc1492635663   =>Adware.CrossRider 
O43 - CFD: 28/05/2017 - [] D -- C:\Program Files\2ABAZAWLGO   =>Adware.Wizzcaster 
O43 - CFD: 19/04/2017 - [] D -- C:\Program Files\2IGQXF5WV9   =>Adware.Wizzcaster 
O43 - CFD: 20/04/2017 - [] D -- C:\Program Files\384YOQ52M1   =>Adware.Wizzcaster 
O43 - CFD: 19/04/2017 - [] D -- C:\Program Files\3RBZTG1DCV   =>Adware.Wizzcaster 
O43 - CFD: 19/04/2017 - [] D -- C:\Program Files\4KL09E3QR6   =>Adware.Wizzcaster 
O43 - CFD: 28/05/2017 - [] D -- C:\Program Files\4PXSQ1KP4W   =>Adware.Wizzcaster 
O43 - CFD: 19/04/2017 - [] D -- C:\Program Files\5KOOOAZX8C   =>Adware.Wizzcaster 
O43 - CFD: 19/04/2017 - [] D -- C:\Program Files\5P8FFWF69V   =>Adware.Wizzcaster 
O43 - CFD: 19/04/2017 - [] D -- C:\Program Files\5S9P0Y4Q22   =>Adware.Wizzcaster 
O43 - CFD: 19/04/2017 - [] D -- C:\Program Files\614RQ516L7   =>Adware.Wizzcaster 
O43 - CFD: 21/04/2017 - [] D -- C:\Program Files\6B3PRUSOO8   =>Adware.Wizzcaster 
O43 - CFD: 19/04/2017 - [] D -- C:\Program Files\6UZ4K4TV75   =>Adware.Wizzcaster 
O43 - CFD: 20/04/2017 - [] D -- C:\Program Files\71TL61ASAZ   =>Adware.Wizzcaster 
O43 - CFD: 19/04/2017 - [] D -- C:\Program Files\7GKCAqnovI 
O43 - CFD: 19/04/2017 - [] D -- C:\Program Files\7HGTH981VN   =>Adware.Wizzcaster 
O43 - CFD: 19/04/2017 - [] D -- C:\Program Files\7VFVJC4U16   =>Adware.Wizzcaster 
O43 - CFD: 21/04/2017 - [] D -- C:\Program Files\8DYBJ9418M   =>Adware.Wizzcaster 
O43 - CFD: 19/04/2017 - [] D -- C:\Program Files\9OXR3ZE40H   =>Adware.Wizzcaster 
O43 - CFD: 19/04/2017 - [] D -- C:\Program Files\A4YMZ6M1DJ   =>Adware.Wizzcaster 
O43 - CFD: 19/04/2017 - [] D -- C:\Program Files\Aritey Schedule 
O43 - CFD: 19/04/2017 - [] D -- C:\Program Files\AXZHCIJCXW   =>Adware.Wizzcaster 
O43 - CFD: 28/05/2017 - [] D -- C:\Program Files\CWRMJZLN77 
O43 - CFD: 20/04/2017 - [] D -- C:\Program Files\D0XDXPI47O   =>Adware.Wizzcaster 
O43 - CFD: 22/05/2017 - [] D -- C:\Program Files\dj5tfawq 
O43 - CFD: 19/04/2017 - [] D -- C:\Program Files\E05Q9TZYI8   =>Adware.Wizzcaster 
O43 - CFD: 20/04/2017 - [] D -- C:\Program Files\EI5HUHLIUA   =>Adware.Wizzcaster 
O43 - CFD: 19/04/2017 - [] D -- C:\Program Files\EL4V0O783C   =>Adware.Wizzcaster 
O43 - CFD: 21/04/2017 - [] D -- C:\Program Files\FPVA5RH7T9   =>Adware.Wizzcaster 
O43 - CFD: 22/04/2017 - [] D -- C:\Program Files\GDB8HZA056 
O43 - CFD: 21/04/2017 - [] D -- C:\Program Files\GF378GR8LS   =>Adware.Wizzcaster 
O43 - CFD: 19/04/2017 - [] D -- C:\Program Files\GUE2G6KHXJ   =>Adware.Wizzcaster 
O43 - CFD: 22/04/2017 - [] D -- C:\Program Files\GUM2C06.tmp   =>.Google Inc® 
O43 - CFD: 22/04/2017 - [] D -- C:\Program Files\GUMFAFF.tmp   =>.Google Inc® 
O43 - CFD: 28/05/2017 - [] D -- C:\Program Files\H4524Y3E57   =>Adware.Wizzcaster 
O43 - CFD: 19/04/2017 - [] D -- C:\Program Files\HGBJRZHITS   =>Adware.Wizzcaster 
O43 - CFD: 19/04/2017 - [] D -- C:\Program Files\HNWQIYDWGD   =>Adware.Wizzcaster 
O43 - CFD: 20/04/2017 - [] D -- C:\Program Files\IAQ6UXZAG1   =>Adware.Wizzcaster 
O43 - CFD: 20/04/2017 - [] D -- C:\Program Files\KPAP9YO0IU   =>Adware.Wizzcaster 
O43 - CFD: 22/04/2017 - [] D -- C:\Program Files\L5HZXDYQZW   =>Adware.Wizzcaster 
O43 - CFD: 05/05/2017 - [] D -- C:\Program Files\lll 
O43 - CFD: 20/04/2017 - [] D -- C:\Program Files\LTPPEVROOS   =>Adware.Wizzcaster 
O43 - CFD: 28/05/2017 - [] D -- C:\Program Files\LZZXZ5HTOB 
O43 - CFD: 22/04/2017 - [] D -- C:\Program Files\NHZUH26JZM 
O43 - CFD: 19/04/2017 - [] D -- C:\Program Files\OP60WP29LG   =>Adware.Wizzcaster 
O43 - CFD: 05/05/2017 - [] D -- C:\Program Files\OZYYP93XZP   =>Adware.Wizzcaster 
O43 - CFD: 20/04/2017 - [] D -- C:\Program Files\p7PF1kSz7Z 
O43 - CFD: 19/04/2017 - [] D -- C:\Program Files\Q2F8W9CMYC   =>Adware.Wizzcaster 
O43 - CFD: 20/04/2017 - [] D -- C:\Program Files\Q4RS1WILS2   =>Adware.Wizzcaster 
O43 - CFD: 19/04/2017 - [] D -- C:\Program Files\QCVNS9H3M5   =>Adware.Wizzcaster 
O43 - CFD: 20/04/2017 - [] D -- C:\Program Files\RCNKLGOHED   =>Adware.Wizzcaster 
O43 - CFD: 19/04/2017 - [] D -- C:\Program Files\REVLJUZ5Y2   =>Adware.Wizzcaster 
O43 - CFD: 21/04/2017 - [] D -- C:\Program Files\RFFWDZO724   =>Adware.Wizzcaster 
O43 - CFD: 19/04/2017 - [] D -- C:\Program Files\RTISQGTP2G   =>Adware.Wizzcaster 
O43 - CFD: 19/04/2017 - [] D -- C:\Program Files\TCXBL23GUV   =>Adware.Wizzcaster 
O43 - CFD: 21/04/2017 - [] D -- C:\Program Files\TNWTK6S452   =>Adware.Wizzcaster 
O43 - CFD: 26/04/2017 - [] D -- C:\Program Files\TtWvPEDCRx 
O43 - CFD: 21/04/2017 - [] D -- C:\Program Files\U2ULYTXP3X   =>Adware.Wizzcaster 
O43 - CFD: 20/04/2017 - [] D -- C:\Program Files\U911P09C0I   =>Adware.Wizzcaster 
O43 - CFD: 19/04/2017 - [] D -- C:\Program Files\V87DIBNZUM   =>Adware.Wizzcaster 
O43 - CFD: 21/04/2017 - [] D -- C:\Program Files\V954MBARBT   =>Adware.Wizzcaster 
O43 - CFD: 05/05/2017 - [] D -- C:\Program Files\VQYPM0HLX7   =>Adware.Wizzcaster 
O43 - CFD: 21/04/2017 - [] D -- C:\Program Files\WQS8PETOZP   =>Adware.Wizzcaster 
O43 - CFD: 19/04/2017 - [] D -- C:\Program Files\XK7E753B6Z   =>Adware.Wizzcaster 
O43 - CFD: 20/04/2017 - [] D -- C:\Program Files\XOVFR4269L   =>Adware.Wizzcaster 
O43 - CFD: 20/04/2017 - [] D -- C:\Program Files\Y02IOC4Y24   =>Adware.Wizzcaster 
O43 - CFD: 19/04/2017 - [] D -- C:\Program Files\Y0662RMDG4   =>Adware.Wizzcaster 
O43 - CFD: 20/04/2017 - [] D -- C:\Program Files\YSN7N6FUD8   =>Adware.Wizzcaster 
O43 - CFD: 20/04/2017 - [] D -- C:\Program Files\ZFAK1ZHEXG   =>Adware.Wizzcaster 
O43 - CFD: 19/04/2017 - [] D -- C:\Users\Elodie\AppData\Roaming\32264157 
O43 - CFD: 19/04/2017 - [] D -- C:\Users\Elodie\AppData\Roaming\61948186 
O43 - CFD: 20/04/2017 - [0] D -- C:\Users\Elodie\AppData\Roaming\Serticult
O43 - CFD: 22/04/2017 - [0] SHD -- C:\Users\Elodie\AppData\Roaming\ZF9lYlJZXFxfXgxx 
O43 - CFD: 22/04/2017 - [] D -- C:\Users\Elodie\AppData\Roaming\À¶Ô¹ٷ½¿Í»§¶Ë 
O43 - CFD: 19/04/2017 - [0] D -- C:\Users\Elodie\AppData\Local\Berrch 
O43 - CFD: 19/04/2017 - [] D -- C:\Users\Elodie\AppData\Local\CrashRpt   =>.Superfluous.CrashReports 
O43 - CFD: 26/04/2017 - [] SHD -- C:\Users\Elodie\AppData\Local\kemgadeojglibflomicgnfeopkdfflnw 
O43 - CFD: 19/04/2017 - [0] D -- C:\Users\Elodie\AppData\Local\Phecerghtstenage 
O43 - CFD: 05/05/2017 - [] D -- C:\ProgramData\{BB4CB084-0CE7-072F-66D3-BCA9D22EEC64}   =>Adware.CrossRider 
O45 - LFCP:[MD5.1445F816BBD5CDA6FEA81BBF4C4F0C24] 28/05/2017 A -- C:\WINDOWS\Prefetch\APPTRAILERS.EXE-8195856D.pf   =>Adware.AppTrailers 
O45 - LFCP:[MD5.20443C8E55561327BDB51A43BE02CC9F] 22/04/2017 A -- C:\WINDOWS\Prefetch\SPEEDOWNLOADER.EXE-B3AA49FE.pf   =>Adware.SpeeDownloader 
O45 - LFCP:[MD5.E10DA2405D0F69493ACA16D0D6E821FE] 19/04/2017 A -- C:\WINDOWS\Prefetch\SPEEDOWNLOADER.TMP-013B33B3.pf   =>Adware.SpeeDownloader 
O45 - LFCP:[MD5.D957FBCAEA61E6314164254190AA92E0] 19/04/2017 A -- C:\WINDOWS\Prefetch\SPEEDOWNLOADER.TMP-580E7B7D.pf   =>Adware.SpeeDownloader 
O45 - LFCP:[MD5.4D10DB7C067272A42405E3DBB7392025] 19/04/2017 A -- C:\WINDOWS\Prefetch\YEADESKTOP51471.TMP-44049D11.pf   =>PUP.Optional.Zusy 
O46 - SEH:ShellExecuteHooks - (no name) - [HKLM] - {6AECE236-233F-11E7-8797-64006A5CFC23} . (...) -- C:\Program Files\Lsitanafach\Chikoiedplunpy.dll (.not file.) 
O46 - SEH:ShellExecuteHooks - (no name) - [HKLM] - {5F51FFFE-7463-4220-B711-E5B9ACB8EDFE} . (...) -- C:\ProgramData\igfxDH.dll (.not file.) 

O58 - SDL:2017/04/26 23:41:12 A . (...) -- C:\WINDOWS\System32\drivers\NetUtils2016.sys   [695192]   =>.Superfluous.Netutils 

C:\Users\Elodie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_cdncache-a.akamaihd.net_0.localstorage   =>.Superfluous.AkamaiHD 
C:\Users\Elodie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_cdncache-a.akamaihd.net_0.localstorage-journal   =>.Superfluous.AkamaiHD 
C:\Program Files\Aritey Schedule\local32spl.dll   =>.Superfluous.Elex 
HKLM\SYSTEM\CurrentControlSet\Control\Print\Providers\hgsamczs   =>.Superfluous.Elex