Attaque Crypto Wall

Bonjour
Et merci bcp pour la réponse rapide...mais je ne trouve pas le lien de téléchargement de Frst, les différents liens ne m'envoie pas vers un téléchargement...je suis fort démunie...

32 bits : https://telecharger.malekal.com/download/frst/
64 bits : https://telecharger.malekal.com/download/frst-64-bits/

Ca y est, merci.
Voici les " liens:
- https://pjjoint.malekal.com/files.php?id=FRST_20141222_l7i6c8d5q9
- https://pjjoint.malekal.com/files.php?id=20141222_t12k14j7w7c8
- https://pjjoint.malekal.com/files.php?id=20141222_o117h8m6p14

Voici le résultat:
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 22-12-2014 01
Ran by JPD at 2014-12-22 21:07:38 Run:1
Running from C:\Documents and Settings\JPD\Bureau
Loaded Profile: JPD (Available profiles: JPD)
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
C:\Documents and Settings\BIT DEFENDER 2013\autorun.exe
C:\Windows\Tasks\At10.job
C:\Windows\Tasks\At12.job
C:\Windows\Tasks\At14.job
C:\Windows\Tasks\At16.job
C:\Windows\Tasks\At18.job
C:\Windows\Tasks\At2.job
C:\Windows\Tasks\At20.job
C:\Windows\Tasks\At22.job
C:\Windows\Tasks\At24.job
C:\Windows\Tasks\At26.job
C:\Windows\Tasks\At28.job
C:\Windows\Tasks\At30.job
C:\Windows\Tasks\At32.job
C:\Windows\Tasks\At34.job
C:\Windows\Tasks\At36.job
C:\Windows\Tasks\At38.job
C:\Windows\Tasks\At4.job
C:\Windows\Tasks\At40.job
C:\Windows\Tasks\At42.job
C:\Windows\Tasks\At44.job
C:\Windows\Tasks\At46.job
C:\Windows\Tasks\At48.job
C:\Windows\Tasks\At50.job
C:\Windows\Tasks\At52.job
C:\Windows\Tasks\At54.job
C:\Windows\Tasks\At56.job
C:\Windows\Tasks\At58.job
C:\Windows\Tasks\At6.job
C:\Windows\Tasks\At60.job
C:\Windows\Tasks\At62.job
C:\Windows\Tasks\At64.job
C:\Windows\Tasks\At66.job
C:\Windows\Tasks\At68.job
C:\Windows\Tasks\At70.job
C:\Windows\Tasks\At72.job
C:\Windows\Tasks\At74.job
C:\Windows\Tasks\At76.job
C:\Windows\Tasks\At78.job
C:\Windows\Tasks\At8.job
C:\Windows\Tasks\At80.job
C:\Windows\Tasks\At82.job
C:\Windows\Tasks\At84.job
C:\Windows\Tasks\At86.job
C:\Windows\Tasks\At88.job
C:\Windows\Tasks\At90.job
C:\Windows\Tasks\At92.job
C:\Windows\Tasks\At94.job
C:\Windows\Tasks\At96.job

*****************

C:\Documents and Settings\BIT DEFENDER 2013\autorun.exe => Moved successfully.
C:\Windows\Tasks\At10.job => Moved successfully.
C:\Windows\Tasks\At12.job => Moved successfully.
C:\Windows\Tasks\At14.job => Moved successfully.
C:\Windows\Tasks\At16.job => Moved successfully.
C:\Windows\Tasks\At18.job => Moved successfully.
C:\Windows\Tasks\At2.job => Moved successfully.
C:\Windows\Tasks\At20.job => Moved successfully.
C:\Windows\Tasks\At22.job => Moved successfully.
C:\Windows\Tasks\At24.job => Moved successfully.
C:\Windows\Tasks\At26.job => Moved successfully.
C:\Windows\Tasks\At28.job => Moved successfully.
C:\Windows\Tasks\At30.job => Moved successfully.
C:\Windows\Tasks\At32.job => Moved successfully.
C:\Windows\Tasks\At34.job => Moved successfully.
C:\Windows\Tasks\At36.job => Moved successfully.
C:\Windows\Tasks\At38.job => Moved successfully.
C:\Windows\Tasks\At4.job => Moved successfully.
C:\Windows\Tasks\At40.job => Moved successfully.
C:\Windows\Tasks\At42.job => Moved successfully.
C:\Windows\Tasks\At44.job => Moved successfully.
C:\Windows\Tasks\At46.job => Moved successfully.
C:\Windows\Tasks\At48.job => Moved successfully.
C:\Windows\Tasks\At50.job => Moved successfully.
C:\Windows\Tasks\At52.job => Moved successfully.
C:\Windows\Tasks\At54.job => Moved successfully.
C:\Windows\Tasks\At56.job => Moved successfully.
C:\Windows\Tasks\At58.job => Moved successfully.
C:\Windows\Tasks\At6.job => Moved successfully.
C:\Windows\Tasks\At60.job => Moved successfully.
C:\Windows\Tasks\At62.job => Moved successfully.
C:\Windows\Tasks\At64.job => Moved successfully.
C:\Windows\Tasks\At66.job => Moved successfully.
C:\Windows\Tasks\At68.job => Moved successfully.
C:\Windows\Tasks\At70.job => Moved successfully.
C:\Windows\Tasks\At72.job => Moved successfully.
C:\Windows\Tasks\At74.job => Moved successfully.
C:\Windows\Tasks\At76.job => Moved successfully.
C:\Windows\Tasks\At78.job => Moved successfully.
C:\Windows\Tasks\At8.job => Moved successfully.
C:\Windows\Tasks\At80.job => Moved successfully.
C:\Windows\Tasks\At82.job => Moved successfully.
C:\Windows\Tasks\At84.job => Moved successfully.
C:\Windows\Tasks\At86.job => Moved successfully.
C:\Windows\Tasks\At88.job => Moved successfully.
C:\Windows\Tasks\At90.job => Moved successfully.
C:\Windows\Tasks\At92.job => Moved successfully.
C:\Windows\Tasks\At94.job => Moved successfully.
C:\Windows\Tasks\At96.job => Moved successfully.

==== End of Fixlog 21:07:41 ====

C'est noté, merci.
Par contre je n'arrive pas à supprimer les fichiers DECRYPT ("impossible de lire à partir du fichier ou de la disquette source").

Un grand merci pour tous ces conseils !
Bonne fin d'année

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 22-12-2014 01
Ran by JPD at 2014-12-23 20:40:07 Run:2
Running from C:\Documents and Settings\JPD\Bureau
Loaded Profile: JPD (Available profiles: JPD)
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
2014-12-22 11:43 - 2014-10-07 19:07 - 00000000 ___HD () C:\9a01173
2014-12-22 11:43 - 2014-12-22 11:43 - 00008700 _____ () C:\Documents and Settings\NetworkService\DECRYPT_INSTRUCTION.HTML
2014-12-22 11:43 - 2014-12-22 11:43 - 00008700 _____ () C:\Documents and Settings\DECRYPT_INSTRUCTION.HTML
2014-12-22 11:43 - 2014-12-22 11:43 - 00008700 _____ () C:\DECRYPT_INSTRUCTION.HTML
2014-12-22 11:43 - 2014-12-22 11:43 - 00004636 _____ () C:\Documents and Settings\NetworkService\DECRYPT_INSTRUCTION.TXT
2014-12-22 11:43 - 2014-12-22 11:43 - 00004636 _____ () C:\Documents and Settings\DECRYPT_INSTRUCTION.TXT
2014-12-22 11:43 - 2014-12-22 11:43 - 00004636 _____ () C:\DECRYPT_INSTRUCTION.TXT
2014-12-22 11:43 - 2014-12-22 11:43 - 00000278 _____ () C:\Documents and Settings\NetworkService\DECRYPT_INSTRUCTION.URL
2014-12-22 11:43 - 2014-12-22 11:43 - 00000278 _____ () C:\Documents and Settings\DECRYPT_INSTRUCTION.URL
2014-12-22 11:43 - 2014-12-22 11:43 - 00000278 _____ () C:\DECRYPT_INSTRUCTION.URL
2014-12-22 11:41 - 2014-12-22 11:41 - 00008700 _____ () C:\Documents and Settings\LocalService\Local Settings\DECRYPT_INSTRUCTION.HTML
2014-12-22 11:41 - 2014-12-22 11:41 - 00008700 _____ () C:\Documents and Settings\LocalService\Local Settings\Application Data\DECRYPT_INSTRUCTION.HTML
2014-12-22 11:41 - 2014-12-22 11:41 - 00008700 _____ () C:\Documents and Settings\LocalService\DECRYPT_INSTRUCTION.HTML
2014-12-22 11:41 - 2014-12-22 11:41 - 00008700 _____ () C:\Documents and Settings\LocalService\Application Data\DECRYPT_INSTRUCTION.HTML
2014-12-22 11:41 - 2014-12-22 11:41 - 00008700 _____ () C:\Documents and Settings\JPD\DECRYPT_INSTRUCTION.HTML
2014-12-22 11:41 - 2014-12-22 11:41 - 00004636 _____ () C:\Documents and Settings\LocalService\Local Settings\DECRYPT_INSTRUCTION.TXT
2014-12-22 11:41 - 2014-12-22 11:41 - 00004636 _____ () C:\Documents and Settings\LocalService\Local Settings\Application Data\DECRYPT_INSTRUCTION.TXT
2014-12-22 11:41 - 2014-12-22 11:41 - 00004636 _____ () C:\Documents and Settings\LocalService\DECRYPT_INSTRUCTION.TXT
2014-12-22 11:41 - 2014-12-22 11:41 - 00004636 _____ () C:\Documents and Settings\LocalService\Application Data\DECRYPT_INSTRUCTION.TXT
2014-12-22 11:41 - 2014-12-22 11:41 - 00004636 _____ () C:\Documents and Settings\JPD\DECRYPT_INSTRUCTION.TXT
2014-12-22 11:41 - 2014-12-22 11:41 - 00000278 _____ () C:\Documents and Settings\LocalService\Local Settings\DECRYPT_INSTRUCTION.URL
2014-12-22 11:41 - 2014-12-22 11:41 - 00000278 _____ () C:\Documents and Settings\LocalService\Local Settings\Application Data\DECRYPT_INSTRUCTION.URL
2014-12-22 11:41 - 2014-12-22 11:41 - 00000278 _____ () C:\Documents and Settings\LocalService\DECRYPT_INSTRUCTION.URL
2014-12-22 11:41 - 2014-12-22 11:41 - 00000278 _____ () C:\Documents and Settings\LocalService\Application Data\DECRYPT_INSTRUCTION.URL
2014-12-22 11:41 - 2014-12-22 11:41 - 00000278 _____ () C:\Documents and Settings\JPD\DECRYPT_INSTRUCTION.URL
2014-12-22 11:35 - 2014-12-22 11:35 - 00008700 _____ () C:\Documents and Settings\JPD\Local Settings\DECRYPT_INSTRUCTION.HTML
2014-12-22 11:35 - 2014-12-22 11:35 - 00008700 _____ () C:\Documents and Settings\JPD\Local Settings\Application Data\DECRYPT_INSTRUCTION.HTML
2014-12-22 11:35 - 2014-12-22 11:35 - 00004636 _____ () C:\Documents and Settings\JPD\Local Settings\DECRYPT_INSTRUCTION.TXT
2014-12-22 11:35 - 2014-12-22 11:35 - 00004636 _____ () C:\Documents and Settings\JPD\Local Settings\Application Data\DECRYPT_INSTRUCTION.TXT
2014-12-22 11:35 - 2014-12-22 11:35 - 00000278 _____ () C:\Documents and Settings\JPD\Local Settings\DECRYPT_INSTRUCTION.URL
2014-12-22 11:35 - 2014-12-22 11:35 - 00000278 _____ () C:\Documents and Settings\JPD\Local Settings\Application Data\DECRYPT_INSTRUCTION.URL

*****************

C:\9a01173 => Moved successfully.
C:\Documents and Settings\NetworkService\DECRYPT_INSTRUCTION.HTML => Moved successfully.
"C:\Documents and Settings\DECRYPT_INSTRUCTION.HTML" => File/Directory not found.
"C:\DECRYPT_INSTRUCTION.HTML" => File/Directory not found.
C:\Documents and Settings\NetworkService\DECRYPT_INSTRUCTION.TXT => Moved successfully.
"C:\Documents and Settings\DECRYPT_INSTRUCTION.TXT" => File/Directory not found.
"C:\DECRYPT_INSTRUCTION.TXT" => File/Directory not found.
C:\Documents and Settings\NetworkService\DECRYPT_INSTRUCTION.URL => Moved successfully.
"C:\Documents and Settings\DECRYPT_INSTRUCTION.URL" => File/Directory not found.
"C:\DECRYPT_INSTRUCTION.URL" => File/Directory not found.
C:\Documents and Settings\LocalService\Local Settings\DECRYPT_INSTRUCTION.HTML => Moved successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\DECRYPT_INSTRUCTION.HTML => Moved successfully.
C:\Documents and Settings\LocalService\DECRYPT_INSTRUCTION.HTML => Moved successfully.
C:\Documents and Settings\LocalService\Application Data\DECRYPT_INSTRUCTION.HTML => Moved successfully.
C:\Documents and Settings\JPD\DECRYPT_INSTRUCTION.HTML => Moved successfully.
C:\Documents and Settings\LocalService\Local Settings\DECRYPT_INSTRUCTION.TXT => Moved successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\DECRYPT_INSTRUCTION.TXT => Moved successfully.
C:\Documents and Settings\LocalService\DECRYPT_INSTRUCTION.TXT => Moved successfully.
C:\Documents and Settings\LocalService\Application Data\DECRYPT_INSTRUCTION.TXT => Moved successfully.
C:\Documents and Settings\JPD\DECRYPT_INSTRUCTION.TXT => Moved successfully.
C:\Documents and Settings\LocalService\Local Settings\DECRYPT_INSTRUCTION.URL => Moved successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\DECRYPT_INSTRUCTION.URL => Moved successfully.
C:\Documents and Settings\LocalService\DECRYPT_INSTRUCTION.URL => Moved successfully.
C:\Documents and Settings\LocalService\Application Data\DECRYPT_INSTRUCTION.URL => Moved successfully.
C:\Documents and Settings\JPD\DECRYPT_INSTRUCTION.URL => Moved successfully.
C:\Documents and Settings\JPD\Local Settings\DECRYPT_INSTRUCTION.HTML => Moved successfully.
C:\Documents and Settings\JPD\Local Settings\Application Data\DECRYPT_INSTRUCTION.HTML => Moved successfully.
C:\Documents and Settings\JPD\Local Settings\DECRYPT_INSTRUCTION.TXT => Moved successfully.
C:\Documents and Settings\JPD\Local Settings\Application Data\DECRYPT_INSTRUCTION.TXT => Moved successfully.
C:\Documents and Settings\JPD\Local Settings\DECRYPT_INSTRUCTION.URL => Moved successfully.
C:\Documents and Settings\JPD\Local Settings\Application Data\DECRYPT_INSTRUCTION.URL => Moved successfully.

==== End of Fixlog 20:40:09 ====

il en reste ?