Publicité
Publicité
Format du document : text/plain
Prévisualisation
Script ZHPFix
ShortcutFix
ProxyFix
O4 - HKCU\..\Run: [apphide] . (...) -- C:\Program Files (x86)\baidu\pps.exe
O4 - HKUS\S-1-5-21-692853632-3589028717-1466329706-1000\..\Run: [apphide] . (...) -- C:\Program Files (x86)\baidu\pps.exe
O43 - CFD: 2011/10/16 16:53:54 - [] D -- C:\ProgramData\{A0559A84-0A11-425F-BFFC-532378694B25}
O43 - CFD: 2011/03/15 21:30:04 - [] D -- C:\ProgramData\{A2A58654-12AA-408A-B411-58A76959BE7F}
O4 - HKCU\..\Run: [Spybot-S&D Cleaning] . (.Safer-Networking Ltd. - Search results cleaner.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe
O4 - HKLM\..\Wow6432Node\Run: [EaseUS EPM tray] C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.5\bin\EpmNews.exe (.not file.)
O4 - HKUS\.DEFAULT\..\Run: [SpybotPostWindows10UpgradeReInstall] . (.Safer-Networking Ltd. - Makes sure Spybot 2 is there on Windows 10..) -- C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe
O4 - HKUS\S-1-5-18\..\Run: [SpybotPostWindows10UpgradeReInstall] . (.Safer-Networking Ltd. - Makes sure Spybot 2 is there on Windows 10..) -- C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe
O4 - HKUS\S-1-5-21-692853632-3589028717-1466329706-1000\..\Run: [Spybot-S&D Cleaning] . (.Safer-Networking Ltd. - Search results cleaner.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe
O42 - Logiciel: Spybot - Search & Destroy - (.Safer-Networking Ltd..) [HKLM][64Bits] -- {B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1
HKLM\SOFTWARE\Wow6432Node\Safer Networking Limited
HKCU\SOFTWARE\Safer Networking Limited
O43 - CFD: 2013/10/03 15:22:17 - [] D -- C:\Program Files (x86)\Spybot - Search & Destroy
O43 - CFD: 2015/08/17 19:27:19 - [] D -- C:\Program Files (x86)\Spybot - Search & Destroy 2
O43 - CFD: 2015/07/23 15:18:38 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dalloz Action
O43 - CFD: 2013/10/16 09:48:40 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
O43 - CFD: 2015/04/09 08:02:44 - [] D -- C:\ProgramData\Spybot - Search & Destroy
O53 - SMSR:HKLM\...\startupreg\MyDriveConnect.exe [Key] . (...) -- C:\Program Files (x86)\MyDrive Connect\MyDriveConnect.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\SDTray [Key] . (.Safer-Networking Ltd. - Spybot - Search & Destroy tray access.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
SS - Disabled [2013/05/16 10:56:30] [ 1817560] Spybot-S&D 2 Scanner Service (SDScannerService) . (.Safer-Networking Ltd..) - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
SS - Disabled [2013/05/16 10:56:34] [ 1033688] Spybot-S&D 2 Updating Service (SDUpdateService) . (.Safer-Networking Ltd..) - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
SS - Disabled [2013/05/15 13:21:32] [ 171928] Spybot-S&D 2 Security Center Service (SDWSCService) . (.Safer-Networking Ltd..) - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: Modified
[MD5.00000000000000000000000000000000] [APT] [cfr3011] (...) -- C:\PROGRA~2\FASTSE~1\cfr3011.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [nVKRpsBEu7lyTylwWh3Yc3mx] (...) -- C:\Users\TEISSIER\AppData\Roaming\nVKRpsBEu7lyTylwWh3Yc3mx.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [rrwYCDO0hTNgYri44saTEkR6OA] (...) -- C:\Users\TEISSIER\AppData\Roaming\rrwYCDO0hTNgYri44saTEkR6OA.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [Uhiurraii] (...) -- C:\ProgramData\Uhiurraii\1.0.4.1\criutnas.exe (.not file.) [0]
O39 - APT: nVKRpsBEu7lyTylwWh3Yc3mx - (...) -- C:\Windows\Tasks\nVKRpsBEu7lyTylwWh3Yc3mx.job [1032]
O39 - APT: rrwYCDO0hTNgYri44saTEkR6OA - (...) -- C:\Windows\Tasks\rrwYCDO0hTNgYri44saTEkR6OA.job [1036]
O39 - APT: cfr3011 - (...) -- C:\Windows\System32\Tasks\cfr3011 [3094]
O39 - APT: nVKRpsBEu7lyTylwWh3Yc3mx - (...) -- C:\Windows\System32\Tasks\nVKRpsBEu7lyTylwWh3Yc3mx [4070]
O39 - APT: rrwYCDO0hTNgYri44saTEkR6OA - (...) -- C:\Windows\System32\Tasks\rrwYCDO0hTNgYri44saTEkR6OA [4074]
O39 - APT: Uhiurraii - (...) -- C:\Windows\System32\Tasks\Uhiurraii [3430]
HKCU\SOFTWARE\StormAlertsApp
3 - CFD: 2015/08/17 14:51:19 - [] D -- C:\Program Files (x86)\Software
3 - CFD: 2015/08/17 14:04:58 - [] D -- C:\Users\JOUTE\AppData\Local\Installer
3 - CFD: 2015/08/17 13:46:44 - [] D -- C:\Users\JOUTE\AppData\Local\Software
O53 - SMSR:HKLM\...\startupreg\HCDNClient [Key] . (...) -- C:\IQIYI Video\Common\QyKernel.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\SmartWeb [Key] . (...) -- C:\Users\TEISSIER\AppData\Local\SmartWeb\SmartWebHelper.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\Super Optimizer [Key] . (...) -- C:\Program Files (x86)\Super Optimizer\SupOptLauncher.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\YTDownloader [Key] . (...) -- C:\Program Files (x86)\YTDownloader\YTDownloader.exe (.not file.)
O61 - LFC: 2015/08/17 14:04:56 A . (.Copyright (C) 2014.) -- C:\Users\TEISSIER\AppData\Local\Installer\Install_13129\DCYTDownloader.exe [1446912]
O69 - SBI: prefs.js [TEISSIER - 2nexe5d8.default] user_pref("browser.search.searchengine.desc", "this is my first firefox searchEngine");
O69 - SBI: prefs.js [TEISSIER - 2nexe5d8.default] user_pref("browser.search.searchengine.ptid", "cmi");
O69 - SBI: prefs.js [TEISSIER - 2nexe5d8.default] user_pref("browser.search.searchengine.uid", "ST9320325AS_6VD3EZQHXXXX6VD3EZQH");
O69 - SBI: prefs.js [TEISSIER - 2nexe5d8.default] user_pref("extensions.enabledAddons", "deskCutv2%40gmail.com:0.0.10,defsearchp%40gmail.com:1.0.0.1039,%7B972ce4c6-7e08-4474-a285-3[...]
O87 - FAEL: "{96F72E41-E3F9-42F5-8D05-D1D868E945D3}" [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe (.not file.)
O87 - FAEL: "{0C7427DE-07D4-4A58-8121-B8BE7AC231A4}" [In-None-P17-TRUE] .(...) -- C:\Users\TEISSIER\AppData\Roaming\IQIYI Video\LStyle\GpUpdate.exe (.not file.)
O87 - FAEL: "{6E8DD5CA-730D-4899-83D8-FB05B3EC48B5}" [In-None-P17-TRUE] .(...) -- C:\IQIYI Video\GeePlayer\GeePlayer.exe (.not file.)
O87 - FAEL: "{86CA5A17-8835-4093-BE52-152012D1068A}" [In-None-P17-TRUE] .(...) -- C:\Users\TEISSIER\AppData\Roaming\IQIYI Video\LStyle\QyUpdate.exe (.not file.)
O87 - FAEL: "{51E44E80-5CDD-4BD1-BA57-975ECE5B6F95}" [In-None-P17-TRUE] .(...) -- C:\IQIYI Video\LStyle\QyClient.exe (.not file.)
O87 - FAEL: "{EB2E9595-DCB8-4B50-BB11-71F6F0649599}" [In-None-P17-TRUE] .(...) -- C:\IQIYI Video\LStyle\QyWebPlayer.exe (.not file.)
O87 - FAEL: "{6C4C3C79-1647-4AE3-BD5A-9B685A612A0B}" [In-None-P17-TRUE] .(...) -- C:\IQIYI Video\Common\QyKernel.exe (.not file.)
O87 - FAEL: "{5E99FBBE-CC4D-43C1-8603-7B690C47EA5E}" [In-None-P17-TRUE] .(...) -- C:\IQIYI Video\LStyle\QyPlayer.exe (.not file.)
O87 - FAEL: "{564F0927-3CF5-4257-8736-D42737ED66C0}" [In-None-P17-TRUE] .(...) -- C:\Users\TEISSIER\AppData\Roaming\IQIYI Video\LStyle\QyUpdate.exe (.not file.)
O87 - FAEL: "{B4D47164-6E13-4B25-A614-5B7E56348ECA}" [In-None-P17-TRUE] .(...) -- C:\IQIYI Video\LStyle\QyClient.exe (.not file.)
O87 - FAEL: "{39815719-20E9-4046-8F91-EFA6CDD2F5B3}" [In-None-P17-TRUE] .(...) -- C:\IQIYI Video\LStyle\QyWebPlayer.exe (.not file.)
O87 - FAEL: "{A6AB498E-6213-4F91-ABCD-1A3CE1EBE568}" [In-None-P17-TRUE] .(...) -- C:\IQIYI Video\Common\QyKernel.exe (.not file.)
O87 - FAEL: "{BCDF2CF7-7269-43FF-BA4C-87FC2B7A5B14}" [In-None-P17-TRUE] .(...) -- C:\IQIYI Video\LStyle\QyPlayer.exe (.not file.)
O87 - FAEL: "{36DF3605-CE94-4D64-9616-B12A40D019BA}" [In-None-P17-TRUE] .(...) -- C:\Users\TEISSIER\AppData\Roaming\IQIYI Video\LStyle\QyUpdate.exe (.not file.)
O87 - FAEL: "{0801131B-06ED-457C-A1A5-6B0F54D6D8E9}" [In-None-P17-TRUE] .(...) -- C:\IQIYI Video\LStyle\QyClient.exe (.not file.)
O87 - FAEL: "{BB7F2E3D-AA73-4427-904D-C01F7C2343BF}" [In-None-P17-TRUE] .(...) -- C:\IQIYI Video\LStyle\QyWebPlayer.exe (.not file.)
O87 - FAEL: "{961B676D-F4FF-41D9-8AB9-D778FAAAFFD7}" [In-None-P17-TRUE] .(...) -- C:\IQIYI Video\Common\QyKernel.exe (.not file.)
O87 - FAEL: "{83E290A0-2CFF-4D2F-90EE-E50213572BEB}" [In-None-P17-TRUE] .(...) -- C:\IQIYI Video\LStyle\QyPlayer.exe (.not file.)
O87 - FAEL: "{1DF2426A-F8C9-4078-94BE-15F6037B1AAA}" [In-None-P17-TRUE] .(...) -- C:\Users\TEISSIER\AppData\Roaming\IQIYI Video\GeePlayer\GpUpdate.exe (.not file.)
O87 - FAEL: "{5A458B9B-99C7-4308-8580-6F869EDCC07A}" [In-None-P17-TRUE] .(...) -- C:\IQIYI Video\GeePlayer\GeePlayer\GeePlayer.exe (.not file.)
[MD5.] [WIS][2012/12/12 22:17:38] (.Kreapixel - Windows Installer.) -- C:\Windows\Installer\1034fec2.msi [8369152]
HKLM\SOFTWARE\Microsoft\Tracing\StormAlerts_RASAPI32
HKLM\SOFTWARE\Microsoft\Tracing\StormAlerts_RASMANCS
HKCU\SOFTWARE\nVKRpsBEu7lyTylwWh3Yc3mx
HKCU\SOFTWARE\rrwYCDO0hTNgYri44saTEkR6OA
C:\Windows\Tasks\nVKRpsBEu7lyTylwWh3Yc3mx.job
C:\Windows\Tasks\rrwYCDO0hTNgYri44saTEkR6OA.job
C:\Windows\System32\Tasks\cfr3011
C:\Windows\System32\Tasks\nVKRpsBEu7lyTylwWh3Yc3mx
C:\Windows\System32\Tasks\rrwYCDO0hTNgYri44saTEkR6OA
C:\Windows\System32\Tasks\Uhiurraii
C:\Program Files (x86)\Software
C:\Users\JOUTE\AppData\Local\Installer
C:\Users\JOUTE\AppData\Local\Software
C:\Users\JOUTE\AppData\Local\Installer\Install_13129\DCYTDownloader.exe
C:\Windows\Installer\1034fec2.msi
HKLM64\SOFTWARE\Microsoft\Tracing\StormAlerts_RASAPI32
HKLM64\SOFTWARE\Microsoft\Tracing\StormAlerts_RASMANCS
EmptyPrefetch
EmptyFlash
FirewallRAZ
EmptyTemp
EMPTYCLSID
HostFix
ShortcutFix
ProxyFix
O4 - HKCU\..\Run: [apphide] . (...) -- C:\Program Files (x86)\baidu\pps.exe
O4 - HKUS\S-1-5-21-692853632-3589028717-1466329706-1000\..\Run: [apphide] . (...) -- C:\Program Files (x86)\baidu\pps.exe
O43 - CFD: 2011/10/16 16:53:54 - [] D -- C:\ProgramData\{A0559A84-0A11-425F-BFFC-532378694B25}
O43 - CFD: 2011/03/15 21:30:04 - [] D -- C:\ProgramData\{A2A58654-12AA-408A-B411-58A76959BE7F}
O4 - HKCU\..\Run: [Spybot-S&D Cleaning] . (.Safer-Networking Ltd. - Search results cleaner.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe
O4 - HKLM\..\Wow6432Node\Run: [EaseUS EPM tray] C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.5\bin\EpmNews.exe (.not file.)
O4 - HKUS\.DEFAULT\..\Run: [SpybotPostWindows10UpgradeReInstall] . (.Safer-Networking Ltd. - Makes sure Spybot 2 is there on Windows 10..) -- C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe
O4 - HKUS\S-1-5-18\..\Run: [SpybotPostWindows10UpgradeReInstall] . (.Safer-Networking Ltd. - Makes sure Spybot 2 is there on Windows 10..) -- C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe
O4 - HKUS\S-1-5-21-692853632-3589028717-1466329706-1000\..\Run: [Spybot-S&D Cleaning] . (.Safer-Networking Ltd. - Search results cleaner.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe
O42 - Logiciel: Spybot - Search & Destroy - (.Safer-Networking Ltd..) [HKLM][64Bits] -- {B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1
HKLM\SOFTWARE\Wow6432Node\Safer Networking Limited
HKCU\SOFTWARE\Safer Networking Limited
O43 - CFD: 2013/10/03 15:22:17 - [] D -- C:\Program Files (x86)\Spybot - Search & Destroy
O43 - CFD: 2015/08/17 19:27:19 - [] D -- C:\Program Files (x86)\Spybot - Search & Destroy 2
O43 - CFD: 2015/07/23 15:18:38 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dalloz Action
O43 - CFD: 2013/10/16 09:48:40 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
O43 - CFD: 2015/04/09 08:02:44 - [] D -- C:\ProgramData\Spybot - Search & Destroy
O53 - SMSR:HKLM\...\startupreg\MyDriveConnect.exe [Key] . (...) -- C:\Program Files (x86)\MyDrive Connect\MyDriveConnect.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\SDTray [Key] . (.Safer-Networking Ltd. - Spybot - Search & Destroy tray access.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
SS - Disabled [2013/05/16 10:56:30] [ 1817560] Spybot-S&D 2 Scanner Service (SDScannerService) . (.Safer-Networking Ltd..) - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
SS - Disabled [2013/05/16 10:56:34] [ 1033688] Spybot-S&D 2 Updating Service (SDUpdateService) . (.Safer-Networking Ltd..) - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
SS - Disabled [2013/05/15 13:21:32] [ 171928] Spybot-S&D 2 Security Center Service (SDWSCService) . (.Safer-Networking Ltd..) - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: Modified
[MD5.00000000000000000000000000000000] [APT] [cfr3011] (...) -- C:\PROGRA~2\FASTSE~1\cfr3011.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [nVKRpsBEu7lyTylwWh3Yc3mx] (...) -- C:\Users\TEISSIER\AppData\Roaming\nVKRpsBEu7lyTylwWh3Yc3mx.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [rrwYCDO0hTNgYri44saTEkR6OA] (...) -- C:\Users\TEISSIER\AppData\Roaming\rrwYCDO0hTNgYri44saTEkR6OA.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [Uhiurraii] (...) -- C:\ProgramData\Uhiurraii\1.0.4.1\criutnas.exe (.not file.) [0]
O39 - APT: nVKRpsBEu7lyTylwWh3Yc3mx - (...) -- C:\Windows\Tasks\nVKRpsBEu7lyTylwWh3Yc3mx.job [1032]
O39 - APT: rrwYCDO0hTNgYri44saTEkR6OA - (...) -- C:\Windows\Tasks\rrwYCDO0hTNgYri44saTEkR6OA.job [1036]
O39 - APT: cfr3011 - (...) -- C:\Windows\System32\Tasks\cfr3011 [3094]
O39 - APT: nVKRpsBEu7lyTylwWh3Yc3mx - (...) -- C:\Windows\System32\Tasks\nVKRpsBEu7lyTylwWh3Yc3mx [4070]
O39 - APT: rrwYCDO0hTNgYri44saTEkR6OA - (...) -- C:\Windows\System32\Tasks\rrwYCDO0hTNgYri44saTEkR6OA [4074]
O39 - APT: Uhiurraii - (...) -- C:\Windows\System32\Tasks\Uhiurraii [3430]
HKCU\SOFTWARE\StormAlertsApp
3 - CFD: 2015/08/17 14:51:19 - [] D -- C:\Program Files (x86)\Software
3 - CFD: 2015/08/17 14:04:58 - [] D -- C:\Users\JOUTE\AppData\Local\Installer
3 - CFD: 2015/08/17 13:46:44 - [] D -- C:\Users\JOUTE\AppData\Local\Software
O53 - SMSR:HKLM\...\startupreg\HCDNClient [Key] . (...) -- C:\IQIYI Video\Common\QyKernel.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\SmartWeb [Key] . (...) -- C:\Users\TEISSIER\AppData\Local\SmartWeb\SmartWebHelper.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\Super Optimizer [Key] . (...) -- C:\Program Files (x86)\Super Optimizer\SupOptLauncher.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\YTDownloader [Key] . (...) -- C:\Program Files (x86)\YTDownloader\YTDownloader.exe (.not file.)
O61 - LFC: 2015/08/17 14:04:56 A . (.Copyright (C) 2014.) -- C:\Users\TEISSIER\AppData\Local\Installer\Install_13129\DCYTDownloader.exe [1446912]
O69 - SBI: prefs.js [TEISSIER - 2nexe5d8.default] user_pref("browser.search.searchengine.desc", "this is my first firefox searchEngine");
O69 - SBI: prefs.js [TEISSIER - 2nexe5d8.default] user_pref("browser.search.searchengine.ptid", "cmi");
O69 - SBI: prefs.js [TEISSIER - 2nexe5d8.default] user_pref("browser.search.searchengine.uid", "ST9320325AS_6VD3EZQHXXXX6VD3EZQH");
O69 - SBI: prefs.js [TEISSIER - 2nexe5d8.default] user_pref("extensions.enabledAddons", "deskCutv2%40gmail.com:0.0.10,defsearchp%40gmail.com:1.0.0.1039,%7B972ce4c6-7e08-4474-a285-3[...]
O87 - FAEL: "{96F72E41-E3F9-42F5-8D05-D1D868E945D3}" [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe (.not file.)
O87 - FAEL: "{0C7427DE-07D4-4A58-8121-B8BE7AC231A4}" [In-None-P17-TRUE] .(...) -- C:\Users\TEISSIER\AppData\Roaming\IQIYI Video\LStyle\GpUpdate.exe (.not file.)
O87 - FAEL: "{6E8DD5CA-730D-4899-83D8-FB05B3EC48B5}" [In-None-P17-TRUE] .(...) -- C:\IQIYI Video\GeePlayer\GeePlayer.exe (.not file.)
O87 - FAEL: "{86CA5A17-8835-4093-BE52-152012D1068A}" [In-None-P17-TRUE] .(...) -- C:\Users\TEISSIER\AppData\Roaming\IQIYI Video\LStyle\QyUpdate.exe (.not file.)
O87 - FAEL: "{51E44E80-5CDD-4BD1-BA57-975ECE5B6F95}" [In-None-P17-TRUE] .(...) -- C:\IQIYI Video\LStyle\QyClient.exe (.not file.)
O87 - FAEL: "{EB2E9595-DCB8-4B50-BB11-71F6F0649599}" [In-None-P17-TRUE] .(...) -- C:\IQIYI Video\LStyle\QyWebPlayer.exe (.not file.)
O87 - FAEL: "{6C4C3C79-1647-4AE3-BD5A-9B685A612A0B}" [In-None-P17-TRUE] .(...) -- C:\IQIYI Video\Common\QyKernel.exe (.not file.)
O87 - FAEL: "{5E99FBBE-CC4D-43C1-8603-7B690C47EA5E}" [In-None-P17-TRUE] .(...) -- C:\IQIYI Video\LStyle\QyPlayer.exe (.not file.)
O87 - FAEL: "{564F0927-3CF5-4257-8736-D42737ED66C0}" [In-None-P17-TRUE] .(...) -- C:\Users\TEISSIER\AppData\Roaming\IQIYI Video\LStyle\QyUpdate.exe (.not file.)
O87 - FAEL: "{B4D47164-6E13-4B25-A614-5B7E56348ECA}" [In-None-P17-TRUE] .(...) -- C:\IQIYI Video\LStyle\QyClient.exe (.not file.)
O87 - FAEL: "{39815719-20E9-4046-8F91-EFA6CDD2F5B3}" [In-None-P17-TRUE] .(...) -- C:\IQIYI Video\LStyle\QyWebPlayer.exe (.not file.)
O87 - FAEL: "{A6AB498E-6213-4F91-ABCD-1A3CE1EBE568}" [In-None-P17-TRUE] .(...) -- C:\IQIYI Video\Common\QyKernel.exe (.not file.)
O87 - FAEL: "{BCDF2CF7-7269-43FF-BA4C-87FC2B7A5B14}" [In-None-P17-TRUE] .(...) -- C:\IQIYI Video\LStyle\QyPlayer.exe (.not file.)
O87 - FAEL: "{36DF3605-CE94-4D64-9616-B12A40D019BA}" [In-None-P17-TRUE] .(...) -- C:\Users\TEISSIER\AppData\Roaming\IQIYI Video\LStyle\QyUpdate.exe (.not file.)
O87 - FAEL: "{0801131B-06ED-457C-A1A5-6B0F54D6D8E9}" [In-None-P17-TRUE] .(...) -- C:\IQIYI Video\LStyle\QyClient.exe (.not file.)
O87 - FAEL: "{BB7F2E3D-AA73-4427-904D-C01F7C2343BF}" [In-None-P17-TRUE] .(...) -- C:\IQIYI Video\LStyle\QyWebPlayer.exe (.not file.)
O87 - FAEL: "{961B676D-F4FF-41D9-8AB9-D778FAAAFFD7}" [In-None-P17-TRUE] .(...) -- C:\IQIYI Video\Common\QyKernel.exe (.not file.)
O87 - FAEL: "{83E290A0-2CFF-4D2F-90EE-E50213572BEB}" [In-None-P17-TRUE] .(...) -- C:\IQIYI Video\LStyle\QyPlayer.exe (.not file.)
O87 - FAEL: "{1DF2426A-F8C9-4078-94BE-15F6037B1AAA}" [In-None-P17-TRUE] .(...) -- C:\Users\TEISSIER\AppData\Roaming\IQIYI Video\GeePlayer\GpUpdate.exe (.not file.)
O87 - FAEL: "{5A458B9B-99C7-4308-8580-6F869EDCC07A}" [In-None-P17-TRUE] .(...) -- C:\IQIYI Video\GeePlayer\GeePlayer\GeePlayer.exe (.not file.)
[MD5.] [WIS][2012/12/12 22:17:38] (.Kreapixel - Windows Installer.) -- C:\Windows\Installer\1034fec2.msi [8369152]
HKLM\SOFTWARE\Microsoft\Tracing\StormAlerts_RASAPI32
HKLM\SOFTWARE\Microsoft\Tracing\StormAlerts_RASMANCS
HKCU\SOFTWARE\nVKRpsBEu7lyTylwWh3Yc3mx
HKCU\SOFTWARE\rrwYCDO0hTNgYri44saTEkR6OA
C:\Windows\Tasks\nVKRpsBEu7lyTylwWh3Yc3mx.job
C:\Windows\Tasks\rrwYCDO0hTNgYri44saTEkR6OA.job
C:\Windows\System32\Tasks\cfr3011
C:\Windows\System32\Tasks\nVKRpsBEu7lyTylwWh3Yc3mx
C:\Windows\System32\Tasks\rrwYCDO0hTNgYri44saTEkR6OA
C:\Windows\System32\Tasks\Uhiurraii
C:\Program Files (x86)\Software
C:\Users\JOUTE\AppData\Local\Installer
C:\Users\JOUTE\AppData\Local\Software
C:\Users\JOUTE\AppData\Local\Installer\Install_13129\DCYTDownloader.exe
C:\Windows\Installer\1034fec2.msi
HKLM64\SOFTWARE\Microsoft\Tracing\StormAlerts_RASAPI32
HKLM64\SOFTWARE\Microsoft\Tracing\StormAlerts_RASMANCS
EmptyPrefetch
EmptyFlash
FirewallRAZ
EmptyTemp
EMPTYCLSID
HostFix