Bonjour,

voilà je vous explique mon problème. Avast n’arrête pas de m’afficher la même fenêtre toute les 5 à 10 minutes, ça devient pesant.
Cela m’indique une menace détectée, mais après plusieurs scan avec avast, spybot, malwarebytes anti-malware, adwcleaner, etc… rien à faire.
Aucun de ces logiciels ne détecte de menace. Aidez-moi s’il vous plaît, je ne sais plus quoi faire.

Merci

http://i59.tinypic.com/2nbenok_th.jpg

bonjour.

vous écrivez en anglais, je vais poster d’abord les instructions et les logiciels malveillants dissolvant donner continuité.

Télécharger OTL sur votre bureau
Lien secondaire www.itxassociates.com/OT-Tools/OTL.exe
• Double-cliquez sur l’icône pour l’exécuter. Assurez-vous que toutes les autres fenêtres sont fermées et de le laisser fonctionner sans interruption.

https://dl.dropboxusercontent.com/u/73555776/OTL_Main_Tutorial.gif

sélectionnez Tous les utilisateurs

• Sélectionnez LOP et Pureté
• Dans la boîte d’analyse personnalisée collez ce dans
netsvcs
BASESERVICES
%SYSTEMDRIVE%*.exe
/md5start
rpcss.*
/md5stop
CREATERESTOREPOINT

• Cliquez sur le bouton Run Scan. Ne changez pas les paramètres, sauf indication dit de le faire. Le scan ne prendra pas longtemps.
• Lorsque l’analyse est terminée, il va ouvrir deux fenêtres de bloc-notes. OTL.Txt et Extras.Txt. Ceux-ci sont enregistrés dans le même endroit que OTL.

• Fixez les deux journaux

Hello,

Sorry for the late. I downloaded OTL and did the scan with the settings you told me, but in the end I get the text file “OTL.txt”. I didn’t have “extra.txt”.

OTL.txt attached

Hi the problem file is one of the Java dll’s . Normally I would use Combofix to locate the exact file but, as you have windows 8 that will not work

I will try FRST and see if that will help me locate it, if not then you may have to uninstall Java temporarily and I will remove the remnants

Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

[*]Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
[*]Select both shortcut and additions at the bottom
[*]Press Scan button.

https://dl.dropboxusercontent.com/u/73555776/frst.JPG

[*]It will produce a log called FRST.txt in the same directory the tool is run from.
[*]Please attach all 3 logs generated.

Ok

FRST.txt, Shortcut.txt and Addition.txt attached

Hi,

I uninstalled Java from my pc but the problem is still there

OK I am currently trying to locate the malware but it is very well hidden, as you are on 8.1 my tools are limited… But I will get it

Thank you for giving me your valuable time

I will initially empty all your temp folders, does this appear in all browsers ?

Warning This fix is only relevant for this system and no other, using on another computer may cause problems

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

Run OTL

[*]Under the Custom Scans/Fixes box at the bottom, paste in the following

https://dl.dropbox.com/u/73555776/OTL_Fix.GIF

:Commands
[CREATERESTOREPOINT]

:Commands
[resethosts]
[emptytemp]
[Reboot]

[*]Then click the Run Fix button at the top
[*]Let the program run unhindered, reboot the PC when it is done

Thank you, the problem is solved. Thank you for your help and your time

OK looks like it was in one of the temp folders, hence I did not see it :-[

Subject to no further problems

I will remove my tools now and give some recommendations, but, I would like you to run for 24 hours or so and come back if you have any problems

Now the best part of the day ----- Your log now appears clean

A good workman always cleans up after himself so…The following will implement some cleanup procedures as well as reset System Restore points:

Download and run Delfix

https://dl.dropboxusercontent.com/u/73555776/delfix.JPG

: Keep Java Updated :

WARNING: Java is the #1 exploited program at this time. The Department of Homeland Security recommends that computer users disable Java
See this article and this article.
I would recommend that you completely uninstall Java unless you need it to run an important software.
In that instance I would recommend that you disable Java in your browsers until you need it for that software and then enable it. (See How to diasble Java in your web browser and How to unplug Java from the browser)

Now that you are clean, to help protect your computer in the future I recommend that you get the following free programmes:

CryptoPrevent install this programme to lock down and prevent crypto ransome ware

https://dl.dropboxusercontent.com/u/73555776/CryptoPrevent.JPG

Malwarebytes.

Update and run weekly to keep your system clean

It is critical to have both a firewall and anti virus to protect your system and to keep them updated.

To learn more about how to protect yourself while on the internet read this little guide Best security practices Keep safe

Ok, all the tasks have been performed. Thank you again

Thanks once again essexboy for your help
problem was solved.

Bonjour à tous
J’ai le même problème, j’ai importé OTL et vous joins le .Txt
Je serai heureux de recevoir votre aide.
Merci d’avance

bonjour.

Votre alerte est un autre problème
vous écrivez en anglais?

S’il vous plaît télécharger Farbar Recovery Scan Tool et enregistrez-le sur votre bureau.

Note: Vous devez exécuter la version compatible avec votre système. Si vous n’êtes pas sûr de la version correspondant à votre système de les télécharger et d’essayer de les faire fonctionner. Un seul d’entre eux de s’exécuter sur votre système, qui sera la version correcte.

[*]Faites un cliquez droit pour exécuter en tant qu’administrateur (sous Windows XP cliquez sur Exécuter après avoir reçu le Windows Sécurité d’avertissement- Ouvrir un fichier). Lorsque l’outil s’ouvre, cliquez sur yes pour avertissement.
[*]Sélectionnez additions à la base.
[*]Appuyez sur Scan .

https://dl.dropboxusercontent.com/u/73555776/frst.JPG

[*]Il va produire un dossier appelé FRST.txt dans le même répertoire que l’outil est exécuté à partir.
[*]S’il vous plaît joindre les deux journaux générés.

Hello
Many thanks for your answer and sorry for my poor English.
So, I dowloaded Farbar and the result is attached

Note in addition that today ther is no notification by Avast all 5/10 mn. Is the problem solved ?

Did you do anything specific that you are aware of ?

Please download AdwCleaner by Xplode onto your desktop.

[*]Close all open programs and internet browsers.
[*]Double click on AdwCleaner.exe to run the tool.
[*]Click on Scan.
[*]After the scan is complete click on “Clean”
[*]Confirm each time with Ok.
[*]Your computer will be rebooted automatically. A text file will open after the restart.
[*]Please post the content of that logfile with your next answer.
[*]You can find the logfile at C:\AdwCleaner[S1].txt as well.

;D

Firstly Thanx for all.

For your first question : nothing special, I just close my computer and rebooted the day after.

Today I ran AdwCleaner tool and clean all, you ca find the logfile attached

Shame as we are trying to locate the cause for this … Oh well… Are you experiencing any other problems ?