problème avec storm alert récurantRésolu/Fermé

Question

bonjour a tous et merci pour ce que vous faites pour la communauté,
je viens de faire un scan avec adw cleaner est voici le rapport.
pouvez vous m'aider s'il vous plait.

# AdwCleaner v4.107 - Rapport créé le 16/01/2015 à 12:51:41
# Mis à jour le 07/01/2015 par Xplode
# Database : 2015-01-13.2 [Live]
# Système d'exploitation : Windows 8 Pro  (64 bits)
# Nom d'utilisateur : stitou - NOTES
# Exécuté depuis : C:\Users\super user clivo\Downloads\adwcleaner_4-107_fr_430277.exe
# Option : Scanner

***** [ Services ] *****


***** [ Fichiers / Dossiers ] *****

Dossier Présent : C:\Users\super user clivo\AppData\Local\StormAlert
Fichier Présent : C:\Users\super user clivo\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
Fichier Présent : C:\Users\super user clivo\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal

***** [ Tâches planifiées ] *****


***** [ Raccourcis ] *****


***** [ Registre ] *****


***** [ Navigateurs ] *****

-\ Internet Explorer v10.0.9200.17183


-\ Mozilla Firefox v34.0.5 (x86 fr)


-\ Google Chrome v


*************************

AdwCleaner[R0].txt - [17954 octets] - [12/01/2015 18:39:22]
AdwCleaner[R1].txt - [2190 octets] - [12/01/2015 23:02:33]
AdwCleaner[R2].txt - [1423 octets] - [13/01/2015 10:19:03]
AdwCleaner[R3].txt - [1543 octets] - [14/01/2015 08:33:50]
AdwCleaner[R4].txt - [1464 octets] - [16/01/2015 11:12:50]
AdwCleaner[R5].txt - [1342 octets] - [16/01/2015 12:51:41]
AdwCleaner[S0].txt - [16757 octets] - [12/01/2015 18:56:57]
AdwCleaner[S1].txt - [2265 octets] - [12/01/2015 23:21:52]
AdwCleaner[S2].txt - [1487 octets] - [13/01/2015 10:32:30]
AdwCleaner[S3].txt - [1607 octets] - [14/01/2015 08:35:38]
AdwCleaner[S4].txt - [1527 octets] - [16/01/2015 11:14:26]

########## EOF - C:\AdwCleaner\AdwCleaner[R5].txt - [1703 octets] ##########

Malekal_morte- · Answer

Salut,

Fais nettoyer sur AdwCleaner,


puis :

Suis ce tutoriel FRST: https://www.malekal.com/tutoriel-farbar-recovery-scan-tool-frst/
Cela va générer trois rapports FRST :
* FRST.txt
* Shortcut.txt
* Additionnal.txt

Envoie comme expliqué, ces trois rapports sur le site pjjoint et donne les trois liens pjjoint de ces rapports afin qu'ils puissent être consultés.

stitou60 · Answer

http://pjjoint.malekal.com/files.php?id=FRST_20150117_i11n9k8n12y5

http://pjjoint.malekal.com/files.php?id=20150117_w13q11o6c11s7

désolé pour le retard

stitou60 · Answer

http://pjjoint.malekal.com/files.php?id=20150117_k9t15j7l8s9

Malekal_morte- · Answer

Voici la correction à effectuer avec FRST.
Tu peux t'inspirer de cette note explicative avec des captures d'écran pour t'aider: https://www.malekal.com/tutoriel-farbar-recovery-scan-tool-frst/#fix

Ouvre le bloc-notes : Touche Windows + R, dans le champs executer, tape notepad et OK.
Copie/colle dedans ce qui suit : 


 R2 tXyKNZcbp; C:\ProgramData\kZWttquTjB	XyKNZcbp.exe [2726776 2015-01-04] (Rational Thought Solutions) 
 2015-01-16 14:53 - 2015-01-17 09:25 - 00000000 ____D () C:\Users\super user clivo\AppData\Local\StormAlert  
 2015-01-04 19:03 - 2015-01-04 19:03 - 01330664 _____ (smart-saverplus) C:\Users\super user clivo\AppData\Roaming\XOGNBC.exe 
 2015-01-04 19:02 - 2015-01-04 19:02 - 01965032 _____ (smart-saverplus) C:\Users\super user clivo\AppData\Roaming\IXKGURW.exe 
 2015-01-04 19:01 - 2015-01-04 19:01 - 00000000 ____D () C:\ProgramData\kZWttquTjB 
 2015-01-04 14:14 - 2015-01-04 14:14 - 01330664 _____ (Object Browser) C:\Users\super user clivo\AppData\Roaming\EIQWMN.exe 
 2015-01-04 14:10 - 2015-01-04 14:10 - 01965032 _____ (Object Browser) C:\Users\super user clivo\AppData\Roaming\XBPD.exe  
 2015-01-04 14:09 - 2015-01-04 19:54 - 00000000 ____D () C:\Users\super user clivo\AppData\Roaming\BitTorrent  
 2015-01-04 14:09 - 2015-01-04 14:09 - 00000000 ____D () C:\Users\Public\Documents\ShopperPro  
 2015-01-04 14:02 - 2015-01-04 14:02 - 01512936 _____ (HQ-VideoV04.01) C:\Users\super user clivo\AppData\Roaming\JZEXWBQ.exe 
 2015-01-04 14:01 - 2015-01-04 14:01 - 02001384 _____ (HQ-VideoV04.01) C:\Users\super user clivo\AppData\Roaming\NBRZTR.exe 
 2015-01-04 14:14 - 2015-01-04 14:14 - 1330664 _____ (Object Browser) C:\Users\super user clivo\AppData\Roaming\EIQWMN.exe 
 2015-01-04 19:02 - 2015-01-04 19:02 - 1965032 _____ (smart-saverplus) C:\Users\super user clivo\AppData\Roaming\IXKGURW.exe 
 2015-01-04 14:02 - 2015-01-04 14:02 - 1512936 _____ (HQ-VideoV04.01) C:\Users\super user clivo\AppData\Roaming\JZEXWBQ.exe 
 2015-01-04 14:01 - 2015-01-04 14:01 - 2001384 _____ (HQ-VideoV04.01) C:\Users\super user clivo\AppData\Roaming\NBRZTR.exe 
 2015-01-04 14:10 - 2015-01-04 14:10 - 1965032 _____ (Object Browser) C:\Users\super user clivo\AppData\Roaming\XBPD.exe  
 2015-01-04 19:03 - 2015-01-04 19:03 - 1330664 _____ (smart-saverplus) C:\Users\super user clivo\AppData\Roaming\XOGNBC.exe 


Une fois, le texte coller dans le bloc-note.
Menu Fichier puis Enregistrer sous.
A gauche, place toi sur le bureau.
Dans le champs en bas, nom du fichier mets : fixlist.txt
Clic sur Enregistrer - cela va créer un fichier fixlist.txt sur le bureau.

Relance FRST et clic sur le bouton Fix
Selon comment un redémarrage est nécessaire (pas obligatoire).
Un fichier texte apparaît, copie/colle le contenu ici dans un nouveau message. 

Redémarre l'ordinateur

stitou60 · Answer

ix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 17-01-2015 01
Ran by stitou at 2015-01-17 12:42:44 Run:1
Running from C:\Users\super user clivo\Desktop
Loaded Profiles: stitou (Available profiles: stitou)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
R2 tXyKNZcbp; C:\ProgramData\kZWttquTjB	XyKNZcbp.exe [2726776 2015-01-04] (Rational Thought Solutions) 

 2015-01-16 14:53 - 2015-01-17 09:25 - 00000000 ____D () C:\Users\super user clivo\AppData\Local\StormAlert  

 2015-01-04 19:03 - 2015-01-04 19:03 - 01330664 _____ (smart-saverplus) C:\Users\super user clivo\AppData\Roaming\XOGNBC.exe 

 2015-01-04 19:02 - 2015-01-04 19:02 - 01965032 _____ (smart-saverplus) C:\Users\super user clivo\AppData\Roaming\IXKGURW.exe 

 2015-01-04 19:01 - 2015-01-04 19:01 - 00000000 ____D () C:\ProgramData\kZWttquTjB 

 2015-01-04 14:14 - 2015-01-04 14:14 - 01330664 _____ (Object Browser) C:\Users\super user clivo\AppData\Roaming\EIQWMN.exe 

 2015-01-04 14:10 - 2015-01-04 14:10 - 01965032 _____ (Object Browser) C:\Users\super user clivo\AppData\Roaming\XBPD.exe  

 2015-01-04 14:09 - 2015-01-04 19:54 - 00000000 ____D () C:\Users\super user clivo\AppData\Roaming\BitTorrent  

 2015-01-04 14:09 - 2015-01-04 14:09 - 00000000 ____D () C:\Users\Public\Documents\ShopperPro  

 2015-01-04 14:02 - 2015-01-04 14:02 - 01512936 _____ (HQ-VideoV04.01) C:\Users\super user clivo\AppData\Roaming\JZEXWBQ.exe 

 2015-01-04 14:01 - 2015-01-04 14:01 - 02001384 _____ (HQ-VideoV04.01) C:\Users\super user clivo\AppData\Roaming\NBRZTR.exe 

 2015-01-04 14:14 - 2015-01-04 14:14 - 1330664 _____ (Object Browser) C:\Users\super user clivo\AppData\Roaming\EIQWMN.exe 

 2015-01-04 19:02 - 2015-01-04 19:02 - 1965032 _____ (smart-saverplus) C:\Users\super user clivo\AppData\Roaming\IXKGURW.exe 

 2015-01-04 14:02 - 2015-01-04 14:02 - 1512936 _____ (HQ-VideoV04.01) C:\Users\super user clivo\AppData\Roaming\JZEXWBQ.exe 

 2015-01-04 14:01 - 2015-01-04 14:01 - 2001384 _____ (HQ-VideoV04.01) C:\Users\super user clivo\AppData\Roaming\NBRZTR.exe 

 2015-01-04 14:10 - 2015-01-04 14:10 - 1965032 _____ (Object Browser) C:\Users\super user clivo\AppData\Roaming\XBPD.exe  

 2015-01-04 19:03 - 2015-01-04 19:03 - 1330664 _____ (smart-saverplus) C:\Users\super user clivo\AppData\Roaming\XOGNBC.exe 


*****************

tXyKNZcbp => Unable to stop service
tXyKNZcbp => Service deleted successfully.
C:\Users\super user clivo\AppData\Local\StormAlert => Moved successfully.
C:\Users\super user clivo\AppData\Roaming\XOGNBC.exe => Moved successfully.
C:\Users\super user clivo\AppData\Roaming\IXKGURW.exe => Moved successfully.

"C:\ProgramData\kZWttquTjB" directory move:

Could not move "C:\ProgramData\kZWttquTjB\info.dat" => Scheduled to move on reboot.
Could not move "C:\ProgramData\kZWttquTjB	XyKNZcbp.dat" => Scheduled to move on reboot.
C:\ProgramData\kZWttquTjB	XyKNZcbp.exe => Moved successfully.
C:\ProgramData\kZWttquTjB	XyKNZcbp.exe.config => Moved successfully.
Could not move "C:\ProgramData\kZWttquTjB\dat\bLgNlrmX.dll" => Scheduled to move on reboot.
Could not move "C:\ProgramData\kZWttquTjB\dat\ianuKecYQTc.dll" => Scheduled to move on reboot.
Could not move "C:\ProgramData\kZWttquTjB\dat\KJANWt.exe" => Scheduled to move on reboot.
Could not move "C:\ProgramData\kZWttquTjB\dat\KJANWt.exe.config" => Scheduled to move on reboot.
Could not move "C:\ProgramData\kZWttquTjB\dat\PKeIgKF.exe" => Scheduled to move on reboot.
Could not move "C:\ProgramData\kZWttquTjB\dat\PKeIgKF.exe.config" => Scheduled to move on reboot.
Could not move "C:\ProgramData\kZWttquTjB" directory. => Scheduled to move on reboot.

C:\Users\super user clivo\AppData\Roaming\EIQWMN.exe => Moved successfully.
C:\Users\super user clivo\AppData\Roaming\XBPD.exe => Moved successfully.
C:\Users\super user clivo\AppData\Roaming\BitTorrent => Moved successfully.
C:\Users\Public\Documents\ShopperPro => Moved successfully.
C:\Users\super user clivo\AppData\Roaming\JZEXWBQ.exe => Moved successfully.
C:\Users\super user clivo\AppData\Roaming\NBRZTR.exe => Moved successfully.
"C:\Users\super user clivo\AppData\Roaming\EIQWMN.exe" => File/Directory not found.
"C:\Users\super user clivo\AppData\Roaming\IXKGURW.exe" => File/Directory not found.
"C:\Users\super user clivo\AppData\Roaming\JZEXWBQ.exe" => File/Directory not found.
"C:\Users\super user clivo\AppData\Roaming\NBRZTR.exe" => File/Directory not found.
"C:\Users\super user clivo\AppData\Roaming\XBPD.exe" => File/Directory not found.
"C:\Users\super user clivo\AppData\Roaming\XOGNBC.exe" => File/Directory not found.

=> Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2015-01-17 12:45:09)<=

C:\ProgramData\kZWttquTjB\info.dat => Is moved successfully.
C:\ProgramData\kZWttquTjB	XyKNZcbp.dat => Is moved successfully.
C:\ProgramData\kZWttquTjB\dat\bLgNlrmX.dll => Is moved successfully.
C:\ProgramData\kZWttquTjB\dat\ianuKecYQTc.dll => Is moved successfully.
C:\ProgramData\kZWttquTjB\dat\KJANWt.exe => Is moved successfully.
C:\ProgramData\kZWttquTjB\dat\KJANWt.exe.config => Is moved successfully.
C:\ProgramData\kZWttquTjB\dat\PKeIgKF.exe => Is moved successfully.
C:\ProgramData\kZWttquTjB\dat\PKeIgKF.exe.config => Is moved successfully.
C:\ProgramData\kZWttquTjB => Is moved successfully.

==== End of Fixlog 12:45:09 ====

stitou60 · Answer

tout est ok merci beaucoup.
moi je suis dans le batiment, expert en volet roulant, si un jour vous avez un probleme moteur, ce sera a mon tour de vous aidez.
et avec grand plaisir

Malekal_morte- · Answer

ok =)

Voila, c'est terminé, tu peux supprimer les programmes utilisés.

Quelques conseils :


Installe Malwarebyte's Anti-Malware : https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
Fais des scans réguliers avec, il est efficace.
(sauf si tu es sur un netbook)

Pour prévenir les sites malicieux, tu peux installer Blockulicious : https://forum.malekal.com/viewtopic.php?t=46656&start=


Pour ne plus te faire avoir.
A lire - Programmes parasites / PUPs : https://www.malekal.com/adwares-pup-protection/ 


Le reste de la sécurité : http://forum.malekal.com/comment-securiser-son-ordinateur.html

Problème avec storm alert récurant

7 réponses

Discussions similaires

Newsletters