Répondre à : Disque Dur Externe inaccessible car fichiers transformés en raccourcis 2016-09-08T13:19:04+00:00

SOSVirus : Dépannage PC Gratuit Forums Aide à la désinfection – Forum Virus Sécurité Disque Dur Externe inaccessible car fichiers transformés en raccourcis Répondre à : Disque Dur Externe inaccessible car fichiers transformés en raccourcis

DaleCooper
Nombre d'articles : 0

Le F est accessible, un grand merci !

Voici le rapport adwCleaner:

# AdwCleaner v3.012 – Report created 19/11/2013 at 14:00:01
# Updated 11/11/2013 by Xplode
# Operating System : Windows 7 Enterprise Service Pack 1 (64 bits)
# Username : berber – BERBER1
# Running from : C:UsersberberDesktopadwcleaner.exe
# Option : Clean

***** [ Services ] *****

Service Deleted : IBUpdaterService
[#] Service Deleted : Yontoo Desktop Updater

***** [ Files / Folders ] *****

Folder Deleted : C:ProgramDataIBUpdaterService
Folder Deleted : C:ProgramDataTarma Installer
Folder Deleted : C:Program Files (x86)SpecialSavings
Folder Deleted : C:Program Files (x86)Yontoo
Folder Deleted : C:UsersberberAppDataLocaliac
Folder Deleted : C:UsersberberAppDataRoamingfile scout
Folder Deleted : C:UsersberberAppDataRoamingSpecialSavings
Folder Deleted : C:UsersberberAppDataLocalGoogleChromeUser DataDefaultExtensionsbfcpnihmbfoaeoakalclfalkdepgiaje

***** [ Shortcuts ] *****

***** [ Registry ] *****

Value Deleted : HKCUSoftwareMozillaFirefoxExtensions [SpecialSavings@SpecialSavings.com]
Value Deleted : HKLMSOFTWAREMozillaFirefoxExtensions [SpecialSavings@SpecialSavings.com]
Key Deleted : HKLMSOFTWAREGoogleChromeExtensionsbfcpnihmbfoaeoakalclfalkdepgiaje
Key Deleted : HKLMSOFTWAREGoogleChromeExtensionsniapdbllcanepiiimjjndipklodoedlc
Key Deleted : HKLMSOFTWAREClassesAppIDAddonsFramework.DLL
Key Deleted : HKLMSOFTWAREClassesAppIDButtonSite.DLL
Key Deleted : HKLMSOFTWAREClassesAppIDPropertySync.EXE
Key Deleted : HKLMSOFTWAREClassesAppIDScriptHost.DLL
Key Deleted : HKLMSOFTWAREClassesAppIDsecman.DLL
Key Deleted : HKLMSOFTWAREClassesAppIDYontooIEClient.DLL
Key Deleted : HKLMSOFTWAREClassesprotector_dll.protectorbho
Key Deleted : HKLMSOFTWAREClassesprotector_dll.protectorbho.1
Key Deleted : HKLMSOFTWAREClassesScriptHost.Tool
Key Deleted : HKLMSOFTWAREClassesScriptHost.Tool.1
Key Deleted : HKLMSOFTWAREClassesYontooIEClient.Api
Key Deleted : HKLMSOFTWAREClassesYontooIEClient.Api.1
Key Deleted : HKLMSOFTWAREClassesYontooIEClient.Layers
Key Deleted : HKLMSOFTWAREClassesYontooIEClient.Layers.1
Key Deleted : HKLMSOFTWAREClassesAppID{18B9B16E-716F-43DF-A6AD-512C7D2EB983}
Key Deleted : HKLMSOFTWAREClassesAppID{19975B78-1907-4DD6-A437-4C48120F46A4}
Key Deleted : HKLMSOFTWAREClassesAppID{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Key Deleted : HKLMSOFTWAREClassesAppID{562B9316-C08A-444A-9482-62080DD851AE}
Key Deleted : HKLMSOFTWAREClassesAppID{562B9317-C08A-444A-9482-62080DD851AE}
Key Deleted : HKLMSOFTWAREClassesAppID{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Key Deleted : HKLMSOFTWAREClassesCLSID{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLMSOFTWAREClassesCLSID{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLMSOFTWAREClassesCLSID{43969E3F-3E7C-4911-A8F1-79C6CA6AC731}
Key Deleted : HKLMSOFTWAREClassesCLSID{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLMSOFTWAREClassesCLSID{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLMSOFTWAREClassesCLSID{826D7151-8D99-434B-8540-082B8C2AE556}
Key Deleted : HKLMSOFTWAREClassesCLSID{938958E8-355C-49FF-92B0-53C1B87ACEA9}
Key Deleted : HKLMSOFTWAREClassesCLSID{99066096-8989-4612-841F-621A01D54AD7}
Key Deleted : HKLMSOFTWAREClassesCLSID{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKLMSOFTWAREClassesCLSID{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLMSOFTWAREClassesCLSID{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKLMSOFTWAREClassesCLSID{FE9271F2-6EFD-44B0-A826-84C829536E93}
Key Deleted : HKLMSOFTWAREClassesInterface{045F91B3-695F-423A-98C7-8DE3C47AA020}
Key Deleted : HKLMSOFTWAREClassesInterface{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLMSOFTWAREClassesInterface{1348BD1B-C32A-41A7-9BD4-5377AA1AB925}
Key Deleted : HKLMSOFTWAREClassesInterface{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Deleted : HKLMSOFTWAREClassesInterface{395AFE6E-8308-48DB-89BE-ED5F4AA3D3EC}
Key Deleted : HKLMSOFTWAREClassesInterface{43969E3F-3E7C-4911-A8F1-79C6CA6AC731}
Key Deleted : HKLMSOFTWAREClassesInterface{43B390F0-6BA2-45CA-ABF2-5DB0CEE9B49D}
Key Deleted : HKLMSOFTWAREClassesInterface{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLMSOFTWAREClassesInterface{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Deleted : HKLMSOFTWAREClassesInterface{93CF54F5-CFAA-4440-B588-8ED0DFAD5C21}
Key Deleted : HKLMSOFTWAREClassesInterface{94CADA2E-1D3F-419F-8A3D-06C58EDF53C8}
Key Deleted : HKLMSOFTWAREClassesInterface{9E52EB8B-8DD9-4605-AD36-D352BCD482F2}
Key Deleted : HKLMSOFTWAREClassesInterface{A1440EC3-F0FA-407A-B811-DE6668C06D29}
Key Deleted : HKLMSOFTWAREClassesInterface{B9A84AD0-5777-46FD-8B8F-1EBD06750FBC}
Key Deleted : HKLMSOFTWAREClassesInterface{C1995F88-1C7F-40D7-B0FA-6F107F6308B8}
Key Deleted : HKLMSOFTWAREClassesInterface{C815E3DA-0823-49B0-9270-D1771D58B317}
Key Deleted : HKLMSOFTWAREClassesInterface{D3BC53E7-0437-4C97-90EE-2CD6FF47FB14}
Key Deleted : HKLMSOFTWAREClassesInterface{E4A994B0-5550-4680-A4C6-B9470B888069}
Key Deleted : HKLMSOFTWAREClassesTypeLib{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Key Deleted : HKLMSOFTWAREClassesTypeLib{D372567D-67C1-4B29-B3F0-159B52B3E967}
Key Deleted : HKLMSOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLMSOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{938958E8-355C-49FF-92B0-53C1B87ACEA9}
Key Deleted : HKLMSOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionExtStats{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionExtStats{938958E8-355C-49FF-92B0-53C1B87ACEA9}
Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionExtStats{BC7E25D7-4681-46A3-AF5A-9A1B865783ED}
Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionExtStats{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionExtStats{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionExtStats{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionExtSettings{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionExtSettings{938958E8-355C-49FF-92B0-53C1B87ACEA9}
Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionExtSettings{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionExtSettings{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKLMSOFTWAREMicrosoftWindowsCurrentVersionExtPreApproved{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLMSOFTWAREMicrosoftWindowsCurrentVersionExtPreApproved{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKLMSOFTWAREMicrosoftWindowsCurrentVersionExtPreApproved{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCUSoftwareMicrosoftInternet ExplorerSearchScopes{70D46D94-BF1E-45ED-B567-48701376298E}
Value Deleted : HKLMSOFTWAREMicrosoftInternet ExplorerToolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
Key Deleted : [x64] HKLMSOFTWAREClassesInterface{045F91B3-695F-423A-98C7-8DE3C47AA020}
Key Deleted : [x64] HKLMSOFTWAREClassesInterface{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : [x64] HKLMSOFTWAREClassesInterface{1348BD1B-C32A-41A7-9BD4-5377AA1AB925}
Key Deleted : [x64] HKLMSOFTWAREClassesInterface{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Deleted : [x64] HKLMSOFTWAREClassesInterface{23119123-0854-469D-807A-171568457991}
Key Deleted : [x64] HKLMSOFTWAREClassesInterface{36B445BF-1B84-466A-A623-A360A8CFF8C3}
Key Deleted : [x64] HKLMSOFTWAREClassesInterface{395AFE6E-8308-48DB-89BE-ED5F4AA3D3EC}
Key Deleted : [x64] HKLMSOFTWAREClassesInterface{43969E3F-3E7C-4911-A8F1-79C6CA6AC731}
Key Deleted : [x64] HKLMSOFTWAREClassesInterface{43B390F0-6BA2-45CA-ABF2-5DB0CEE9B49D}
Key Deleted : [x64] HKLMSOFTWAREClassesInterface{6CBF5C01-C876-481B-867E-111CB1D2A7D6}
Key Deleted : [x64] HKLMSOFTWAREClassesInterface{93CF54F5-CFAA-4440-B588-8ED0DFAD5C21}
Key Deleted : [x64] HKLMSOFTWAREClassesInterface{94CADA2E-1D3F-419F-8A3D-06C58EDF53C8}
Key Deleted : [x64] HKLMSOFTWAREClassesInterface{9E52EB8B-8DD9-4605-AD36-D352BCD482F2}
Key Deleted : [x64] HKLMSOFTWAREClassesInterface{A1440EC3-F0FA-407A-B811-DE6668C06D29}
Key Deleted : [x64] HKLMSOFTWAREClassesInterface{B9A84AD0-5777-46FD-8B8F-1EBD06750FBC}
Key Deleted : [x64] HKLMSOFTWAREClassesInterface{C1995F88-1C7F-40D7-B0FA-6F107F6308B8}
Key Deleted : [x64] HKLMSOFTWAREClassesInterface{C815E3DA-0823-49B0-9270-D1771D58B317}
Key Deleted : [x64] HKLMSOFTWAREClassesInterface{D3BC53E7-0437-4C97-90EE-2CD6FF47FB14}
Key Deleted : [x64] HKLMSOFTWAREClassesInterface{D97143C2-4282-496B-BDC4-7EC852F1497C}
Key Deleted : [x64] HKLMSOFTWAREClassesInterface{E4A994B0-5550-4680-A4C6-B9470B888069}
Key Deleted : HKCUSoftwarefilescout
Key Deleted : HKLMSOFTWAREMicrosoftWindowsCurrentVersionUninstallSpecialSavings
Key Deleted : HKLMSOFTWAREMicrosoftWindowsCurrentVersionUninstallUpdater Service
Key Deleted : [x64] HKLMSOFTWARETarma Installer
Key Deleted : [x64] HKLMSOFTWAREMicrosoftWindowsCurrentVersionUninstall{889DF117-14D1-44EE-9F31-C5FB5D47F68B}

***** [ Browsers ] *****

-\ Internet Explorer v10.0.9200.16720

-\ Google Chrome v31.0.1650.57

[ File : C:UsersberberAppDataLocalGoogleChromeUser DataDefaultpreferences ]

*************************

AdwCleaner[R0].txt – [9961 octets] – [19/11/2013 13:58:45]
AdwCleaner[S0].txt – [9874 octets] – [19/11/2013 14:00:01]

########## EOF – C:AdwCleanerAdwCleaner[S0].txt – [9934 octets] ##########





Et le rapport de MBAM qui a effectivement trouvé deux malwares:

Malwarebytes Anti-Malware (Essai) 1.75.0.1300
http://www.malwarebytes.org

Version de la base de données: v2013.11.19.06

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16721
berber :: BERBER1 [administrateur]

Protection: Activé

19/11/2013 14:16:33
mbam-log-2013-11-19 (14-16-33).txt

Type d’examen: Examen rapide
Options d’examen activées: Mémoire | Démarrage | Registre | Système de fichiers | Heuristique/Extra | Heuristique/Shuriken | PUP | PUM
Options d’examen désactivées: P2P
Elément(s) analysé(s): 230191
Temps écoulé: 4 minute(s), 55 seconde(s)

Processus mémoire détecté(s): 0
(Aucun élément nuisible détecté)

Module(s) mémoire détecté(s): 0
(Aucun élément nuisible détecté)

Clé(s) du Registre détectée(s): 1
HKLMSOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution OptionsHEMXCCAPE.EXE (Spyware.Passwords.ED) -> Mis en quarantaine et supprimé avec succès.

Valeur(s) du Registre détectée(s): 0
(Aucun élément nuisible détecté)

Elément(s) de données du Registre détecté(s): 0
(Aucun élément nuisible détecté)

Dossier(s) détecté(s): 0
(Aucun élément nuisible détecté)

Fichier(s) détecté(s): 1
C:ProgramDataActiveU0hemxccape.exe (Spyware.Passwords.ED) -> Mis en quarantaine et supprimé avec succès.

(fin)