Répondre à : A7KGEquN.vbs 2016-09-08T13:17:43+00:00
kink06
Post count: 0

Les risques sont gros la machine risque de devenir un pc zombie
Un peu de lecture concernant les dangers et le risque
http://forum.malekal.com/danger-des-cracks-t893.html” onclick=”window.open(this.href);return false; :(

  • Lances ZHPFix, exécuter en tant qu’administrateur sous Windows : 7/8 et Vista

    A l’aide de la souris (clic gauche maintenu), sélectionne et copie (clic droit/copier) le contenu de l’encadré ci-dessous

    Script ZHPFix =>
    ShortcutFix
    G2 - GCE: Preference [User DataDefault] [bbjciahceamgodcoidkjpchnokgfpphh] Funmoods v.2.1.4 (Activé) =>PUP.Funmoods
    G2 - GCE: Preference [User DataDefault] [cjpglkicenollcignonpgiafdgfeehoj] Nouvel onglet v.9.4.1.1 (Activé) =>Adware.SearchYa
    G2 - GCE: Preference [User DataDefault] [gaiilaahiahdejapggenmdmafpmbipje] DealPly v.3.5.3.0 (Activé) =>PUP.DealPly
    M2 - MFEP: prefs.js [Nayo - 47woh48s.default49ffxtbr-bs@UtilityChest_49.com] [] Utility Chest v1.2 (..) =>Adware.MyWebSearch
    P2 - FPN: [HKLM] [@UtilityChest_49.com/Plugin] - (...) -- C:Program FilesUtilityChest_49bar1.binNP49Stub.dll (.not file.) =>Adware.MyWebSearch
    O15 - Trusted Zone: [HKCU...Domains] *.chat-land.com =>Hijacker.ChercheUS
    O15 - Trusted Zone: [HKCU...Domains] *.chat-land.net =>Hijacker.ChercheUS
    O15 - Trusted Zone: [HKCU...Domains] *.search-web.net => Infection BT (Hijacker.ChercheUS)
    O23 - Service: Utility ChestService (UtilityChest_49Service) . (...) - C:Program FilesUTILIT~2bar1.bin49barsvc.exe (.not file.) =>Adware.MyWebSearch
    [MD5.00000000000000000000000000000000] [APT] [{BA39D9D6-A3FB-47BE-B950-C76E09D6837B}] (...) -- C:UsersNayoDownloadsMyWebFaceSetup2.3.50.49.GRfox000.exe (.not file.) [0] =>PUP.MyWebFace
    O45 - LFCP:[MD5.38C053F418D4E245604F1685DF58F66B] - 21/10/2013 - 11:39:44 ---A- - C:WindowsPrefetchFUNMOODSSRV.EXE-A96A5AC7.pf =>PUP.Funmoods
    O69 - SBI: SearchScopes [HKCU] ${searchCLSID} - (Funmoods) - http://start.funmoods.com =>PUP.Funmoods
    O90 - PUC: "E0710AC8E9E65A34EAF1588A82028B74" . (.FreeCompressor.) -- C:WindowsInstaller{8CA0170E-6E9E-43A5-AE1F-85A82820B847}ARPPRODUCTICON.exe => Infection PUP (Adware.SPointer)
    [MD5.93D9EEBCFD18DFFBDB7F0724F313831C] [WIS][23/01/2010] (.Secure Digital Services - FreeCompressor.) -- C:WindowsInstaller2dcc058.msi [2442240] =>Adware.SPointer
    SS - | Auto 10/07/1658 0 | (UtilityChest_49Service) . (...) - C:Program FilesUTILIT~2bar1.bin49barsvc.exe =>Adware.MyWebSearch
    [HKLMSoftwareGoogleChromeExtensionsbbjciahceamgodcoidkjpchnokgfpphh] =>PUP.Funmoods^
    [HKLMSoftwareGoogleChromeExtensionscjpglkicenollcignonpgiafdgfeehoj] =>Adware.SearchYa^
    [HKLMSoftwareGoogleChromeExtensionsgaiilaahiahdejapggenmdmafpmbipje] =>PUP.DealPly^
    [HKLMSYSTEMCurrentControlSetServicesUtilityChest_49Service] =>Adware.MyWebSearch^
    [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components1B812BD0725DF36459D5BA985C9193C4] =>PUP.Kiwee
    [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components2514EB7147619DA498D025C07B3421DD] =>PUP.Kiwee
    [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components73962F57F2FA32C43A431C9C05459330] =>PUP.OfferBox
    [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18ComponentsB63FC54A3B9D36449AD536B3C29D2A97] =>PUP.OfferBox
    [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18ComponentsC512D8DDA7F6553429ACE05EC3197DAB] =>PUP.OfferBox
    [HKLMSoftwareClassesInstallerFeaturesE0710AC8E9E65A34EAF1588A82028B74] =>Adware.SPointer
    [HKLMSoftwareClassesInstallerProductsE0710AC8E9E65A34EAF1588A82028B74] =>Adware.SPointer
    [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18ProductsE0710AC8E9E65A34EAF1588A82028B74] =>Adware.SPointer
    [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components28EB4629F5E20FB449E3ED25A5D22E66] =>PUP.Offerbox^
    C:UsersNayoAppDataLocalGoogleChromeUser DataDefaultExtensionsbbjciahceamgodcoidkjpchnokgfpphh =>PUP.Funmoods^
    C:UsersNayoAppDataLocalGoogleChromeUser DataDefaultExtensionscjpglkicenollcignonpgiafdgfeehoj =>Adware.SearchYa^
    C:UsersNayoAppDataLocalGoogleChromeUser DataDefaultExtensionsgaiilaahiahdejapggenmdmafpmbipje =>PUP.DealPly^
    C:UsersNayoAppDataRoamingMozillaFirefoxProfiles47woh48s.defaultextensions49ffxtbr-bs@UtilityChest_49.com =>Adware.MyWebSearch^
    C:WindowsInstaller2dcc058.msi =>Adware.SPointer^
    R5 - HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,MigrateProxy = 1 => Internet Explorer Allows Proxy Settings Remotely
    O24 - Desktop General: BackupWallPaper - .(...) - C:WindowsWebWallpaperimg2.jpg => Desktop General Personal WallPaper
    O24 - Desktop General: WallPaper - .(...) - C:WindowsWebWallpaperimg2.jpg => Desktop General Personal WallPaper
    O55 - MWPS:[HKLM...PoliciesSystem] - "FilterAdministratorToken"=0 => Le compte "Administrateur" n'est pas soumis aux approbations
    O55 - MWPS:[HKLM...PoliciesSystem] - "EnableUIADesktopToggle"=0 => Disable Vista UIAccess applications (UAC)
    O56 - MWPE:[HKCU...policiesExplorer] - "HonorAutoRunSetting"=0 => Microsoft ne contrôle pas le comportement de la mise à jour actuelle
    O56 - MWPE:[HKLM...policiesExplorer] - "HonorAutoRunSetting"=0 => Microsoft ne contrôle pas le comportement de la mise à jour actuelle
    [HKLMSOFTWAREMicrosoftSecurity CenterSvc] AntiSpywareOverride: Modified => SECURITE : AntiSpyware Désactivé
    [HKLMSOFTWAREMicrosoftSecurity CenterSvc] AntiVirusOverride: Modified => SECURITE : Antivirus désactivé
    O3 - ToolbarWebBrowser: (no name) - [HKCU]{414B6D9D-4A95-4E8D-B5B1-149DD2D93BB3} Clé orpheline => Conduit Softonic Toolbar
    [MD5.ED92900BF225E26A4E54C2C14FA1424F] [SPRF][9/09/2011] (.Ask.com - AskIC Dynamic Link Library.) -- C:UsersNayoAppDataLocalTempAskSLib.dll [246440]
    [HKCUSoftwareMicrosoftWindowsCurrentVersionApp ManagementARPCacheVuze_Remote Toolbar] =>Toolbar.Conduit
    G2 - GCE: Preference [User DataDefault] [mamnihopcnbfnbfnnneplcohmnkkpipb] Illimitux v.1.0 (Désactivé) => CrackStreaming.Illimitux
    [MD5.00000000000000000000000000000000] [APT] [Ad-Aware Update (Weekly)] (...) -- C:Program FilesLavasoftAd-AwareAd-AwareAdmin.exe (.not file.) [0] => Lavasoft
    [MD5.00000000000000000000000000000000] [APT] [{113A9899-6CEC-4158-81ED-62A0D11E5D35}] (...) -- C:UsersNayoAppDataLocalTempPacSteamT_-_060708_+_MAJ_050209_FR_+_tutorielPacSteamT-060708.exe (.not file.) [0] => Fichier absent
    [MD5.00000000000000000000000000000000] [APT] [{119F5467-E0AC-402E-B33F-4DC6C3072A71}] (...) -- C:UsersNayoDownloadsNimbus.exe (.not file.) [0] => Fichier absent
    [MD5.00000000000000000000000000000000] [APT] [{3D7D85D7-ACCF-4F57-8650-FA7C4EEBA856}] (...) -- C:UsersNayoDownloadsmyboxscript.exe (.not file.) [0] => Fichier absent
    [MD5.00000000000000000000000000000000] [APT] [{43F0FBA4-2E7E-422C-9532-E8CFF1B3911A}] (...) -- C:Program FilesNoteWorthy Composer 2 ViewerUninstall.exe (.not file.) [0] => Fichier absent
    [MD5.00000000000000000000000000000000] [APT] [{449384B0-ED1F-4F87-8F41-0419AE858F0D}] (...) -- C:UsersNayoDownloadsxchat-2.8.7f.exe (.not file.) [0] => Fichier absent
    [MD5.00000000000000000000000000000000] [APT] [{4E6CEA81-59DC-45A6-965D-5A61D2FED488}] (...) -- C:UsersNayoDownloadsWolfET.exe (.not file.) [0] => Fichier absent
    O45 - LFCP:[MD5.8B79BB4C78E2C98760017CA2A99E1222] - 5/11/2013 - 15:33:57 ---A- - C:WindowsPrefetch30.0.1599.101_30.0.1599.69_CH-7E20DB33.pf => Fichier du dossier Prefetcher
    C:Autodesk.3ds.Max.2009.32bit.64bitAutodesk.3ds.Max.2009.32bit.64bit3dsMax2009.Keygen64bitXF-MAX2k9-64bit-KG.exe => Crack, KeyGen, Keymaker - Possible Malware
    C:UsersNayoDownloadsMIRC.v7.17.Cracked-EATCrackmIRC.exe => Crack, KeyGen, Keymaker - Possible Malware
    C:UsersNayoDownloadsMIRC.v7.17.Cracked-EATCrackmIRC.reg => Crack, KeyGen, Keymaker - Possible Malware
    C:UsersNayoDownloadsMIRC.v7.17.Cracked-EATmirc717.exe => Crack, KeyGen, Keymaker - Possible Malware
    C:Autodesk.3ds.Max.2009.32bit.64bitAutodesk.3ds.Max.2009.32bit.64bit3dsMax2009.Keygen64bitXF-MAX2k9-64bit-KG.exe => Crack, KeyGen, Keymaker - Possible Malware
    C:UsersNayoDownloadsMIRC.v7.17.Cracked-EATCrackmIRC.exe => Crack, KeyGen, Keymaker - Possible Malware
    C:UsersNayoDownloadsMIRC.v7.17.Cracked-EATCrackmIRC.reg => Crack, KeyGen, Keymaker - Possible Malware
    C:UsersNayoDownloadsMIRC.v7.17.Cracked-EATmirc717.exe => Crack, KeyGen, Keymaker - Possible Malware
    O87 - FAEL: "TCP Query User{8C343241-0EFE-4BBE-B4C8-E81808FF2FD6}C:usersnayodownloadsalfascriptv258alfascriptv258mirc.exe" |In - Public - P6 - TRUE | .(...) -- C:usersnayodownloadsalfascriptv258alfascriptv258mirc.exe (.not file.) => Fichier absent
    O87 - FAEL: "UDP Query User{3E62566C-1EC4-4E07-8DD8-B843DFFF0C41}C:usersnayodownloadsalfascriptv258alfascriptv258mirc.exe" |In - Public - P17 - TRUE | .(...) -- C:usersnayodownloadsalfascriptv258alfascriptv258mirc.exe (.not file.) => Fichier absent
    O87 - FAEL: "TCP Query User{DEB4FBD0-668B-42F2-8189-EE14BFDE0C4F}C:program filesalfascriptv2.58mirc.exe" |In - Public - P6 - TRUE | .(...) -- C:program filesalfascriptv2.58mirc.exe (.not file.) => Fichier absent
    O51 - MPSK:{37b03eaa-f36c-11e1-97b6-806e6f6e6963}AutoRuncommand. (...) -- E:Autorun.exe (.not file.) => Microsoft Windows NT or Infection USB
    O87 - FAEL: "UDP Query User{F871B6EA-E53D-4FD6-8126-7BC6C03F85E4}C:program filesalfascriptv2.58mirc.exe" |In - Public - P17 - TRUE | .(...) -- C:program filesalfascriptv2.58mirc.exe (.not file.) => Fichier absent
    O87 - FAEL: "TCP Query User{E79A7883-2249-42A0-83F7-B3ED54F2E8FC}C:program filesalfascriptv2.58mirc.exe" |In - Private - P6 - TRUE | .(...) -- C:program filesalfascriptv2.58mirc.exe (.not file.) => Fichier absent
    O87 - FAEL: "UDP Query User{07DD1065-9860-4BEC-98BF-AB173CD011B4}C:program filesalfascriptv2.58mirc.exe" |In - Private - P17 - TRUE | .(...) -- C:program filesalfascriptv2.58mirc.exe (.not file.) => Fichier absent
    [MD5.00000000000000000000000000000000] [APT] [{59A42D4C-568E-412D-BC25-24CB07350016}] (...) -- C:UsersNayoDownloadsET_Ultimate_Installer_1.6_beta.exe (.not file.) [0] => Fichier absent
    [MD5.00000000000000000000000000000000] [APT] [{A9D78D33-D511-4B71-B9BE-0918D4CD4169}] (...) -- C:UsersNayoAppDataLocalTempTemp1_GeForce_3D_Vision_CD_v1.08_WinVista_int.zipGeForce_3D_Vision_CD_v1.08_intLaunch.exe (.not file.) [0] => Fichier absent
    [MD5.00000000000000000000000000000000] [APT] [{C95B71A5-FAFD-43B1-A96A-1E422D1FC475}] (...) -- C:UsersNayoDownloads15.49_nforce_winvista_win7_32bit_international_whql.exe (.not file.) [0] => Fichier absent
    O42 - Logiciel: BSmaxScript 7.2 - (...) [HKCU] -- BSmaxScript 7.2 => BSmaxScript
    O43 - CFD: 11/01/2013 - 20:32:57 - [50,287] ----D C:Program FilesBSmaxScript[7.2] => BSmaxScript
    O43 - CFD: 6/06/2009 - 20:03:53 - [0] ----D C:ProgramDataGameScanner => Empty Folder not necessary
    O45 - LFCP:[MD5.16FB822DD0328B7D51F4871301E28136] - 21/10/2013 - 10:51:23 ---A- - C:WindowsPrefetchSETUPFREEVOIPDEAL.TMP-AEDDF0D5.pf => Unnecessary Temporary File
    O45 - LFCP:[MD5.272BF680DB31D4522863CF4D0998366F] - 21/10/2013 - 10:51:26 ---A- - C:WindowsPrefetchSETUPFREEVOIPDEAL.TMP-231241BE.pf => Unnecessary Temporary File
    SysRestore
    EmptyFlash
    EmptyCLSID
    Firewallraz
    EmptyTemp

    1. Clique sur Importer
    2. Puis Clic sur “GO

  • Confirmes les nettoyages des données en cliquant sur “Oui

  • Une fois le scan terminé rends toi sur le bureau, le fichier ZHPFixReport à été crée.
  • Héberge le rapport ZHPFixReport sur SosUpload, puis copie/colle le lien fourni dans ta prochaine réponse.