Ransomware, fichiers cryptés. pouvez-vous m'aider? SVP

Aide à la désinfection pour supprimer les virus, adwares, ransomwares, trojans.

Modérateurs : Mods Windows, Helper

toshhh

Ransomware, fichiers cryptés. pouvez-vous m'aider? SVP

par toshhh »

Bonsoir, mon pc a été victime d'un ransomware hier. Je pense avoir supprimé ts les fichiers infectés, mais malheureusement, mes fichiers, images, doc,... sont toujours cryptés. N'ayant pas pu restaurer mon système, je n'ai pu récupérer des versions précédentes et j'ai essayé tous les logiciels sans succès (kaspersky xorist decryptor, shadow explorer,...) Pourriez-vous m'aider à récupérer tous mes fichiers?

Merci d'avance pour votre aide! Je vous joins mon rapport OTL, merci!
Vous ne pouvez pas consulter les pièces jointes insérées à ce message.
toshhh

Re: RansomwaRapporre, fichiers cryptés. pouvez-vous m'aider?

par toshhh »

Voici, si besoin, mon rapport OTL après correction:

========== OTL ==========
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{8e5025c2-8ea3-430d-80b8-a14151068a6d} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\ not found.
File C:\Program Files (x86)\01NET.com\prxtb01NE.dll not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{ba14329e-9550-4989-b3f2-9732e92d17cc} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ba14329e-9550-4989-b3f2-9732e92d17cc}\ not found.
File C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{FE69C007-C452-4d3e-86D2-1730DF8BC871} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FE69C007-C452-4d3e-86D2-1730DF8BC871}\ not found.
File C:\Program Files (x86)\SimilarSites\SimilarSites.dll not found.
Registry value HKEY_USERS\S-1-5-21-2441022858-2713650315-137430747-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{8e5025c2-8ea3-430d-80b8-a14151068a6d} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\ not found.
File C:\Program Files (x86)\01NET.com\prxtb01NE.dll not found.
Registry value HKEY_USERS\S-1-5-21-2441022858-2713650315-137430747-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{ba14329e-9550-4989-b3f2-9732e92d17cc} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ba14329e-9550-4989-b3f2-9732e92d17cc}\ not found.
File C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll not found.
Registry value HKEY_USERS\S-1-5-21-2441022858-2713650315-137430747-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{FE69C007-C452-4d3e-86D2-1730DF8BC871} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FE69C007-C452-4d3e-86D2-1730DF8BC871}\ not found.
File C:\Program Files (x86)\SimilarSites\SimilarSites.dll not found.
Registry value HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{336D0C35-8A85-403a-B9D2-65C292C39087}\ not found.
File C:\Program Files\IB Updater\Firefox not found.
Folder C:\Users\Manon\AppData\Roaming\mozilla\Firefox\extensions\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{336D0C35-8A85-403a-B9D2-65C292C39087}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{336D0C35-8A85-403a-B9D2-65C292C39087}\ not found.
File C:\Program Files\IB Updater\Extension64.dll not found.
64bit-Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1ED9DA0-AFD0-4b90-AC6A-D3874F591014}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C1ED9DA0-AFD0-4b90-AC6A-D3874F591014}\ not found.
File C:\Program Files (x86)\Search Results Toolbar\Datamngr\x64\BrowserConnection.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{336D0C35-8A85-403a-B9D2-65C292C39087}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{336D0C35-8A85-403a-B9D2-65C292C39087}\ not found.
File C:\Program Files\IB Updater\Extension32.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}\ not found.
File C:\Program Files (x86)\Incredibar.com\incredibar\1.5.11.14\bh\incredibar.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\ not found.
File C:\Program Files (x86)\01NET.com\prxtb01NE.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}\ not found.
File C:\Program Files (x86)\AVG Secure Search\13.3.0.17\AVG Secure Search_toolbar.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ba14329e-9550-4989-b3f2-9732e92d17cc}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ba14329e-9550-4989-b3f2-9732e92d17cc}\ not found.
File C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1ED9DA0-AFD0-4b90-AC6A-D3874F591014}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C1ED9DA0-AFD0-4b90-AC6A-D3874F591014}\ not found.
File C:\Program Files (x86)\Search Results Toolbar\Datamngr\BrowserConnection.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}\ not found.
File C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{f34c9277-6577-4dff-b2d7-7d58092f272f}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f34c9277-6577-4dff-b2d7-7d58092f272f}\ not found.
File C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\searchresultsDx.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}\ not found.
File C:\Program Files (x86)\Yontoo\YontooIEClient.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{8dcb7100-df86-4384-8842-8fa844297b3f} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8dcb7100-df86-4384-8842-8fa844297b3f}\ not found.
File C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{8e5025c2-8ea3-430d-80b8-a14151068a6d} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8e5025c2-8ea3-430d-80b8-a14151068a6d}\ not found.
File C:\Program Files (x86)\01NET.com\prxtb01NE.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{95B7759C-8C7F-4BF1-B163-73684A933233} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}\ not found.
File C:\Program Files (x86)\AVG Secure Search\13.3.0.17\AVG Secure Search_toolbar.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{ba14329e-9550-4989-b3f2-9732e92d17cc} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ba14329e-9550-4989-b3f2-9732e92d17cc}\ not found.
File C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{f34c9277-6577-4dff-b2d7-7d58092f272f} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f34c9277-6577-4dff-b2d7-7d58092f272f}\ not found.
File C:\Program Files (x86)\Search Results Toolbar\Datamngr\SRTOOL~1\searchresultsDx.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{F9639E4A-801B-4843-AEE3-03D9DA199E77} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F9639E4A-801B-4843-AEE3-03D9DA199E77}\ not found.
File C:\Program Files (x86)\Incredibar.com\incredibar\1.5.11.14\incredibarTlbr.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{FE69C007-C452-4d3e-86D2-1730DF8BC871} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FE69C007-C452-4d3e-86D2-1730DF8BC871}\ not found.
File C:\Program Files (x86)\SimilarSites\SimilarSites.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\10 not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SearchProtectAll not found.
File C:\Program Files (x86)\SearchProtect\bin\cltmng.exe not found.
Registry value HKEY_USERS\S-1-5-21-2441022858-2713650315-137430747-1000\Software\Microsoft\Windows\CurrentVersion\Run\\SearchProtect not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{807DF5E0-4EF7-48a8-A405-239F3E29FFA9}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{807DF5E0-4EF7-48a8-A405-239F3E29FFA9}\ not found.
File C:\Program Files (x86)\SimilarSites\SimilarSites.dll not found.
File C:\Users\Manon\wgsdgsdgdsgsd.exe not found.
Folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG\ not found.
Folder C:\ProgramData\Wincert\ not found.
Folder C:\ProgramData\3330F\ not found.
File C:\ProgramData\dsgsdgdsgdsgw.pad not found.
File C:\ProgramData\dsgsdgdsgdsgw.js not found.
File C:\ProgramData\dsgsdgdsgdsgw.pad not found.
C:\Users\Manon\AppData\Roaming\SearchProtect\Res folder moved successfully.
C:\Users\Manon\AppData\Roaming\SearchProtect folder moved successfully.
Folder C:\Users\Manon\AppData\Roaming\SimilarSites\ not found.

OTL by OldTimer - Version 3.2.69.0 log created on 04232015_023050







Encore merci pour l'aide
Malekal_morte
Messages : 111560
Inscription : 10 sept. 2005 13:57

Re: Ransomware, fichiers cryptés. pouvez-vous m'aider? SVP

par Malekal_morte »

Salut,

OTL est dépassé :

Tu as été infecté par un Ransomware chiffreurs de fichiers.

Ces derniers vont essentiellement par des pièces jointes malicieux dans des emails ou des Exploits WEB.

Il n'y a pas vraiment de solution pour récupérer les documents.

Si tu veux vérifier l'ordinateur :

Suis ce tutoriel FRST: https://www.malekal.com/tutorial-farbar ... tool-frst/
Télécharge et lance le scan FRST, cela va générer trois rapports FRST :
* FRST.txt
* Shortcut.txt
* Additionnal.txt

Envoie comme expliqué, ces trois rapports sur le site http://pjjoint.malekal.com et donne les trois liens pjjoint de ces rapports afin qu'ils puissent être consultés.
Première règle élémentaire de sécurité : on réfléchit puis on clic et pas l'inverse - Les fichiers/programmes c'est comme les bonbons, quand ça vient d'un inconnu, on n'accepte pas !
Comment protéger son PC des virus
Windows 11 : Compatibilité, Configuration minimale requise, télécharger ISO et installer Windows 11

Comment demander de l'aide sur le forum
Partagez malekal.com : n'hésitez pas à partager les articles qui vous plaisent sur la page Facebook du site.
  • Sujets similaires
    Réponses
    Vues
    Dernier message

Revenir à « Supprimer/Desinfecter les virus (Trojan, Adwares, Ransomwares, Backdoor, Spywares) »