strange Laptop infection/hijack win 7 system

  Blubottle 11:09 14 Jul 15

Just switched on my laptop and I seem to have aquired a chinese system scanner called QIY were all icon functions within it are in chinese, also during boot up and on the blue windows welcome screen there is a comic style lions head icon in the upper right hand side of screen.On the desktop the is a gadjet which is a percentage clock with a rocket and when I click on it it takes off. I am baffled by this, I have tried uninstalling it but cannot get rid of completely. l, laptop running win7 pro kaspersky, malwarebytes, advanced system care, some help please

  Govan1x 11:24 14 Jul 15

Maybe give Malwarebytes or Hitmanpro a run to see if they find it.

  Fruit Bat /\0/\ 12:19 14 Jul 15

The full command line for uninstalling 爱奇艺影音 is C:\Program Files\IQIYI Video\Common\QyUninstaller.exe. Note that if you will type this command in Start / Run Note you might receive a notification for admin rights. The program's main executable file has a size of 396.60 KB (406120 bytes) on disk and is named CrashReport.exe.

The executable files below are installed along with 爱奇艺影音. They occupy about 6.89 MB (7229304 bytes) on disk.

CrashReport.exe (396.60 KB) HCDNClient.exe (572.10 KB) QyFragment.exe (1.36 MB) QyKernel.exe (492.10 KB)

Directories left on disk: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\????\????????

The files below are left behind on your disk when you remove 爱奇艺影音: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\????\?????.lnk C:\ProgramData\Microsoft\Windows\Start Menu\Programs\????\??????.lnk C:\ProgramData\Microsoft\Windows\Start Menu\Programs\????\????????\?????.lnk C:\ProgramData\Microsoft\Windows\Start Menu\Programs\????\????????\??????.lnk

Registry keys: HKEYCLASSESROOT\TypeLib{E1D75F62-CBBD-45C7-9D1D-6B5ECEC2E006} HKEYLOCALMACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\IQIYI Video

Registry values that are not removed from your PC: HKEYCLASSESROOT\CLSID{307B3CDB-9EE3-4137-9D18-F9AD6537ECEB}\InprocServer32\ HKEYCLASSESROOT\CLSID{FB4F6285-4C32-49F2-950F-A5998F9CEC6C}\InprocServer32\ HKEYCLASSESROOT\HCDNProxy\ HKEYCLASSESROOT\qygameclient\DefaultIcon\

from click here

  Secret-Squirrel 12:31 14 Jul 15

Just switched on my laptop...........

Because your problem started so very recently (and FB's advice says that the uninstaller leaves so much stuff behind) then a Windows "System Restore" will undo all those pesky changes. See here if you've never used it before.

  elvisman113 13:32 16 Jul 15

I just encountered this on my parent's PC. I looked through the latest installed programs and found a bunch of stuff (Unity web player, ffsecure, Adobe Flash, and some others). I would give the full list, but I started a system restore.

This thread is now locked and can not be replied to.

Surface Pro (2017) vs Surface Pro 4

20 groundbreaking 3D animation techniques

How to mine Bitcoin on Mac