ads by name, au secours

Aide à la désinfection pour supprimer les virus, adwares, ransomwares, trojans.

Modérateurs : Mods Windows, Helper

sebperry

ads by name, au secours

par sebperry »

bonsoir,

j'ai comme beaucoup de monde semble t'il un problème avec ads by name ? comment m'en sortir ?

j'ai déjà suivi quelques conseils des différents forums, mais rien n'y fait, à l'aide ....

merci d'avance...
Malekal_morte
Messages : 112131
Inscription : 10 sept. 2005 13:57

Re: ads by name, au secours

par Malekal_morte »

Salut,



Voici la correction à effectuer avec FRST.
Tu peux t'inspirer de cette note explicative avec des captures d'écran pour t'aider: https://www.malekal.com/tutorial-farbar ... -frst/#fix

Ouvre le bloc-notes : Touche Windows + R, dans le champs executer, tape notepad et OK.
Copie/colle dedans ce qui suit :

HKLM\...\Run: [tuto4pc_fr_52] => [X]
HKLM\...\Run: [tuto4pc_fr_41] => [X]
2015-04-16 21:44 - 2015-04-16 21:44 - 00000000 ____D () C:\Users\Michèle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MiPony
2015-04-16 21:44 - 2015-04-16 21:44 - 00000000 ____D () C:\Users\Michèle\AppData\Roaming\1H1Q1V1N1N1O1R
2015-04-16 21:44 - 2015-04-16 21:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiPony
2015-04-11 20:45 - 2015-04-15 17:47 - 00000004 _____ () C:\Windows\system32\029B560A371F4E00AB32838EBC01B9E7
2015-04-11 20:29 - 2015-04-11 20:29 - 00001072 _____ () C:\Windows\Tasks\WarkXJfv42QCeam00h4Os8v.job
2015-04-11 20:29 - 2015-04-11 20:29 - 00001046 _____ () C:\Windows\Tasks\xgWabfylhn.job
2015-04-15 18:42 - 2015-02-04 15:24 - 00000000 ____D () C:\Program Files\e481c068-cb27-4a11-99e6-23edbdb0d4c4
2015-01-25 18:12 - 2015-01-25 18:12 - 0001248 _____ () C:\Users\Michèle\AppData\Roaming\KHXQ
2015-01-25 18:12 - 2015-03-11 16:46 - 0000935 _____ () C:\Users\Michèle\AppData\Roaming\ZB
Task: C:\Windows\Tasks\KHXQ.job => C:\Users\Michýÿle\AppData\Roaming\KHXQ.exe <==== ATTENTION
Task: C:\Windows\Tasks\WarkXJfv42QCeam00h4Os8v.job => C:\Windows\system32\config\systemprofile\AppData\Roaming\WarkXJfv42QCeam00h4Os8v.exe <==== ATTENTION
Task: C:\Windows\Tasks\xgWabfylhn.job => C:\Windows\system32\config\systemprofile\AppData\Roaming\xgWabfylhn.exe <==== ATTENTION
Task: C:\Windows\Tasks\ZB.job => C:\Users\Michýÿle\AppData\Roaming\ZB.exe <==== ATTENTION
Task: {52AC67A0-6EAE-418C-973C-376ADDA7541E} - \345bcd86-3e1c-43aa-9891-f76c977dab22-1-7 No Task File <==== ATTENTION
Task: {58AD95B0-8A91-4642-9DB3-566D7739776F} - \disco_savings_updating_service No Task File <==== ATTENTION
Task: {6E2F8C57-0A76-4703-84F0-2FA4A9FA39CF} - \345bcd86-3e1c-43aa-9891-f76c977dab22-1-6 No Task File <==== ATTENTION
Task: {826D8BA3-E2B3-4C23-8EC6-C836B1071241} - \globalUpdateUpdateTaskMachineCore No Task File <==== ATTENTION
Task: {891B2AE2-DFC7-40AB-AE76-6FADAF0E778A} - \345bcd86-3e1c-43aa-9891-f76c977dab22-7 No Task File <==== ATTENTION
Task: {8BD71867-6E45-4321-AB8D-3F415A51B4AA} - \disco_savings_notification_service No Task File <==== ATTENTION
Task: {B3E9C9A1-2DB4-46BD-82A5-045A380B2F80} - \345bcd86-3e1c-43aa-9891-f76c977dab22-4 No Task File <==== ATTENTION
Task: {E17A8678-3CB2-4DA5-9264-8464944F5340} - \345bcd86-3e1c-43aa-9891-f76c977dab22-6 No Task File <==== ATTENTION
Task: {E1BE97B1-B62B-4C9D-9C16-8098BFE21C18} - \globalUpdateUpdateTaskMachineUA No Task File <==== ATTENTION
Task: {F220DD27-136C-4B2D-9BCC-7C0D61E57C60} - \345bcd86-3e1c-43aa-9891-f76c977dab22-5 No Task File <==== ATTENTION

Une fois, le texte coller dans le bloc-note.
Menu Fichier puis Enregistrer sous.
A gauche, place toi sur le bureau.
Dans le champs en bas, nom du fichier mets : fixlist.txt
Clic sur Enregistrer - cela va créer un fichier fixlist.txt sur le bureau.

Relance FRST et clic sur le bouton Fix
Selon comment un redémarrage est nécessaire (pas obligatoire).
Un fichier texte apparaît, copie/colle le contenu ici dans un nouveau message.

Redémarre l'ordinateur



puis réinitialise tes navigateurs:
==================================
Réinitialise tes navigateurs et ou manuellement reparamètre tes navigateurs WEB (page de démarrage, moteur de recherche etc) mais aussi supprimer/désactiver les extensions inutiles/parasites :
* Firefox : http://forum.malekal.com/firefox-extens ... 36057.html
* Google Chrome : http://forum.malekal.com/google-chrome- ... 35837.html
* Internet Explorer et modules complémentaires / moteurs de recherche : http://forum.malekal.com/


Si les publicités persistent sur Firefox, fais ceci :


Exporte tes favoris : https://support.mozilla.org/fr/kb/expor ... chier-html
Désinstalle Mozille Firefox en cochant l'option de suppression du profil.

Affiche les fichiers cachés et systèmes : http://forum.malekal.com/afficher-les-f ... 18239.html

Désinstalle Firefox.

Le dossier à supprimer est dans :
Mon Ordinateur => Disque C => Utilisateurs => Ton user => AppData => Roaming
clic droit sur le dossier Mozilla puis renommer
renomme le en Mozilla.old

Mon Ordinateur => Disque C => Program Files => supprime le dossier Mozilla.

Réinstalle Firefox à partir de ce lien : http://telecharger.malekal.com/download ... a-firefox/

Réimporte tes favoris.
Première règle élémentaire de sécurité : on réfléchit puis on clic et pas l'inverse - Les fichiers/programmes c'est comme les bonbons, quand ça vient d'un inconnu, on n'accepte pas !
Comment protéger son PC des virus
Windows 11 : Compatibilité, Configuration minimale requise, télécharger ISO et installer Windows 11

Comment demander de l'aide sur le forum
Partagez malekal.com : n'hésitez pas à partager les articles qui vous plaisent sur la page Facebook du site.
sebperry

Re: ads by name, au secours

par sebperry »

voici ce que j'obtiens après l'utilisation de FRTS :

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 15-04-2015 04
Ran by Michèle at 2015-04-16 22:09:44 Run:1
Running from C:\Users\Michèle\Desktop
Loaded Profiles: Michèle & Daniel (Available profiles: Michèle & Daniel)
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
HKLM\...\Run: [tuto4pc_fr_52] => [X]
HKLM\...\Run: [tuto4pc_fr_41] => [X]
2015-04-16 21:44 - 2015-04-16 21:44 - 00000000 ____D () C:\Users\Michèle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MiPony
2015-04-16 21:44 - 2015-04-16 21:44 - 00000000 ____D () C:\Users\Michèle\AppData\Roaming\1H1Q1V1N1N1O1R
2015-04-16 21:44 - 2015-04-16 21:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiPony
2015-04-11 20:45 - 2015-04-15 17:47 - 00000004 _____ () C:\Windows\system32\029B560A371F4E00AB32838EBC01B9E7
2015-04-11 20:29 - 2015-04-11 20:29 - 00001072 _____ () C:\Windows\Tasks\WarkXJfv42QCeam00h4Os8v.job
2015-04-11 20:29 - 2015-04-11 20:29 - 00001046 _____ () C:\Windows\Tasks\xgWabfylhn.job
2015-04-15 18:42 - 2015-02-04 15:24 - 00000000 ____D () C:\Program Files\e481c068-cb27-4a11-99e6-23edbdb0d4c4
2015-01-25 18:12 - 2015-01-25 18:12 - 0001248 _____ () C:\Users\Michèle\AppData\Roaming\KHXQ
2015-01-25 18:12 - 2015-03-11 16:46 - 0000935 _____ () C:\Users\Michèle\AppData\Roaming\ZB
Task: C:\Windows\Tasks\KHXQ.job => C:\Users\Michýÿle\AppData\Roaming\KHXQ.exe <==== ATTENTION
Task: C:\Windows\Tasks\WarkXJfv42QCeam00h4Os8v.job => C:\Windows\system32\config\systemprofile\AppData\Roaming\WarkXJfv42QCeam00h4Os8v.exe <==== ATTENTION
Task: C:\Windows\Tasks\xgWabfylhn.job => C:\Windows\system32\config\systemprofile\AppData\Roaming\xgWabfylhn.exe <==== ATTENTION
Task: C:\Windows\Tasks\ZB.job => C:\Users\Michýÿle\AppData\Roaming\ZB.exe <==== ATTENTION
Task: {52AC67A0-6EAE-418C-973C-376ADDA7541E} - \345bcd86-3e1c-43aa-9891-f76c977dab22-1-7 No Task File <==== ATTENTION
Task: {58AD95B0-8A91-4642-9DB3-566D7739776F} - \disco_savings_updating_service No Task File <==== ATTENTION
Task: {6E2F8C57-0A76-4703-84F0-2FA4A9FA39CF} - \345bcd86-3e1c-43aa-9891-f76c977dab22-1-6 No Task File <==== ATTENTION
Task: {826D8BA3-E2B3-4C23-8EC6-C836B1071241} - \globalUpdateUpdateTaskMachineCore No Task File <==== ATTENTION
Task: {891B2AE2-DFC7-40AB-AE76-6FADAF0E778A} - \345bcd86-3e1c-43aa-9891-f76c977dab22-7 No Task File <==== ATTENTION
Task: {8BD71867-6E45-4321-AB8D-3F415A51B4AA} - \disco_savings_notification_service No Task File <==== ATTENTION
Task: {B3E9C9A1-2DB4-46BD-82A5-045A380B2F80} - \345bcd86-3e1c-43aa-9891-f76c977dab22-4 No Task File <==== ATTENTION
Task: {E17A8678-3CB2-4DA5-9264-8464944F5340} - \345bcd86-3e1c-43aa-9891-f76c977dab22-6 No Task File <==== ATTENTION
Task: {E1BE97B1-B62B-4C9D-9C16-8098BFE21C18} - \globalUpdateUpdateTaskMachineUA No Task File <==== ATTENTION
Task: {F220DD27-136C-4B2D-9BCC-7C0D61E57C60} - \345bcd86-3e1c-43aa-9891-f76c977dab22-5 No Task File <==== ATTENTION

*****************

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\tuto4pc_fr_52 => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\tuto4pc_fr_41 => value deleted successfully.
C:\Users\Michèle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MiPony => Moved successfully.
C:\Users\Michèle\AppData\Roaming\1H1Q1V1N1N1O1R => Moved successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiPony => Moved successfully.
C:\Windows\system32\029B560A371F4E00AB32838EBC01B9E7 => Moved successfully.
C:\Windows\Tasks\WarkXJfv42QCeam00h4Os8v.job => Moved successfully.
C:\Windows\Tasks\xgWabfylhn.job => Moved successfully.
C:\Program Files\e481c068-cb27-4a11-99e6-23edbdb0d4c4 => Moved successfully.
C:\Users\Michèle\AppData\Roaming\KHXQ => Moved successfully.
C:\Users\Michèle\AppData\Roaming\ZB => Moved successfully.
C:\Windows\Tasks\KHXQ.job => Moved successfully.
C:\Windows\Tasks\WarkXJfv42QCeam00h4Os8v.job not found.
C:\Windows\Tasks\xgWabfylhn.job not found.
C:\Windows\Tasks\ZB.job => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{52AC67A0-6EAE-418C-973C-376ADDA7541E}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{52AC67A0-6EAE-418C-973C-376ADDA7541E}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\345bcd86-3e1c-43aa-9891-f76c977dab22-1-7" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{58AD95B0-8A91-4642-9DB3-566D7739776F}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{58AD95B0-8A91-4642-9DB3-566D7739776F}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\disco_savings_updating_service" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{6E2F8C57-0A76-4703-84F0-2FA4A9FA39CF}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6E2F8C57-0A76-4703-84F0-2FA4A9FA39CF}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\345bcd86-3e1c-43aa-9891-f76c977dab22-1-6" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{826D8BA3-E2B3-4C23-8EC6-C836B1071241}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{826D8BA3-E2B3-4C23-8EC6-C836B1071241}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\globalUpdateUpdateTaskMachineCore" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{891B2AE2-DFC7-40AB-AE76-6FADAF0E778A}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{891B2AE2-DFC7-40AB-AE76-6FADAF0E778A}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\345bcd86-3e1c-43aa-9891-f76c977dab22-7" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{8BD71867-6E45-4321-AB8D-3F415A51B4AA}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8BD71867-6E45-4321-AB8D-3F415A51B4AA}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\disco_savings_notification_service" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B3E9C9A1-2DB4-46BD-82A5-045A380B2F80}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B3E9C9A1-2DB4-46BD-82A5-045A380B2F80}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\345bcd86-3e1c-43aa-9891-f76c977dab22-4" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{E17A8678-3CB2-4DA5-9264-8464944F5340}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E17A8678-3CB2-4DA5-9264-8464944F5340}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\345bcd86-3e1c-43aa-9891-f76c977dab22-6" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E1BE97B1-B62B-4C9D-9C16-8098BFE21C18}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E1BE97B1-B62B-4C9D-9C16-8098BFE21C18}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\globalUpdateUpdateTaskMachineUA" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{F220DD27-136C-4B2D-9BCC-7C0D61E57C60}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F220DD27-136C-4B2D-9BCC-7C0D61E57C60}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\345bcd86-3e1c-43aa-9891-f76c977dab22-5" => Key deleted successfully.

==== End of Fixlog 22:09:45 ====
sebperry

Re: ads by name, au secours

par sebperry »

j'ai un autre soucis, je ne trouve pas le fichier appdata, malgré les indications fournies

------------------------------

c'est bon, c'est trouvé
sebperry

Re: ads by name, au secours

par sebperry »

ca a l'air de bien fonctionner !!!! mon père (parce ce que c'est son ordinateur qui avait ce problème et pas le mien), sera très content, je t'en remercie !!!!!
Malekal_morte
Messages : 112131
Inscription : 10 sept. 2005 13:57

Re: ads by name, au secours

par Malekal_morte »

PDT_008

Voila, c'est terminé, tu peux supprimer les programmes utilisés.

Quelques conseils :



Pour prévenir les sites malicieux, tu peux installer Blockulicious : http://forum.malekal.com/blockulicious- ... 46656.html


Pour ne plus te faire avoir.
A lire - Programmes parasites / PUPs : https://www.malekal.com/adwares-pup-protection/


Le reste de la sécurité : http://forum.malekal.com/comment-securi ... ateur.html
Première règle élémentaire de sécurité : on réfléchit puis on clic et pas l'inverse - Les fichiers/programmes c'est comme les bonbons, quand ça vient d'un inconnu, on n'accepte pas !
Comment protéger son PC des virus
Windows 11 : Compatibilité, Configuration minimale requise, télécharger ISO et installer Windows 11

Comment demander de l'aide sur le forum
Partagez malekal.com : n'hésitez pas à partager les articles qui vous plaisent sur la page Facebook du site.

Revenir à « Supprimer/Desinfecter les virus (Trojan, Adwares, Ransomwares, Backdoor, Spywares) »