Interprétation de mes résultats

[karineb]

Bonjour!

Je vous écris à propos d'un rootkit "Winf32/Sirefef" détecté dans la mémoire vive de mon ordinateur portable par mon antivirus Nod32 (mais l'antivirus ne peut le supprimer).
Je vous montre l'image de la détection par Nod32:
http://1drv.ms/1mRaknY

J'ai lu que Roguekiller pouvait m'aider à me débarrasser de Win32/Sirefef, alors j'ai lancé une analyse, dont voici le résultat (plus bas).

Pouvez-vous m'aider à interpréter ces résultats et me dire s'il y a quelque chose à supprimer de mon ordinateur? Je suis une débutante, alors je ne veux surtout pas perdre mes fichiers ou bousiller mes programmes.

Merci!

RogueKiller V8.8.15 [Mar 27 2014] par Adlice Software
mail : http://www.adlice.com/contact/
Remontees : http://forum.adlice.com
Site Web : http://www.surlatoile.org/RogueKiller/
Blog : http://www.adlice.com

Systeme d'exploitation : Windows Vista (6.0.6002 Service Pack 2) 32 bits version
Demarrage : Mode normal
Utilisateur : Karine [Droits d'admin]
Mode : Recherche -- Date : 05/12/2014 14:02:21
| ARK || FAK || MBR |

¤¤¤ Processus malicieux : 0 ¤¤¤

¤¤¤ Entrees de registre : 8 ¤¤¤
[HJ POL][PUM] HKLM\[...]\System : DisableRegistryTools (0) -> TROUVÉ
[HJ POL][PUM] HKLM\[...]\System : EnableLUA (0) -> TROUVÉ
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowPrinters (0) -> TROUVÉ
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowRun (0) -> TROUVÉ
[HJ DESK][PUM] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> TROUVÉ
[HJ DESK][PUM] HKCU\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> TROUVÉ
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> TROUVÉ
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> TROUVÉ

¤¤¤ Tâches planifiées : 0 ¤¤¤

¤¤¤ Entrées Startup : 0 ¤¤¤

¤¤¤ Navigateurs web : 0 ¤¤¤

¤¤¤ Addons navigateur : 0 ¤¤¤

¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤

¤¤¤ Driver : [CHARGE] ¤¤¤

¤¤¤ Ruches Externes: ¤¤¤
-> D:\windows\system32\config\SYSTEM | DRVINFO [Drv - D:] | SYSTEMINFO [Sys - x:] [Sys32 - FOUND] | USERINFO [Startup - NOT_FOUND]
-> D:\windows\system32\config\SOFTWARE | DRVINFO [Drv - D:] | SYSTEMINFO [Sys - x:] [Sys32 - FOUND] | USERINFO [Startup - NOT_FOUND]
-> D:\windows\system32\config\SECURITY | DRVINFO [Drv - D:] | SYSTEMINFO [Sys - x:] [Sys32 - FOUND] | USERINFO [Startup - NOT_FOUND]
-> D:\Users\Default\NTUSER.DAT | DRVINFO [Drv - D:] | SYSTEMINFO [Sys - x:] [Sys32 - FOUND] | USERINFO [Startup - NOT_FOUND]

¤¤¤ Infection :  ¤¤¤

¤¤¤ Fichier HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts


127.0.0.1       localhost
::1             localhost


¤¤¤ MBR Verif: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) ST9200420ASG ATA Device +++++
--- User ---
[MBR] d61ab0c0e99223fe84dfba8e8f791dc5
[BSP] 540d34836f1486d71d50712469e7c384 : Windows Vista MBR Code
Partition table:
0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 70 MB
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 145408 | Size: 2048 MB
2 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 4339712 | Size: 188662 MB
User = LL1 ... OK!
User = LL2 ... OK!

Termine : << RKreport[0]_S_05122014_140221.txt >>

[Tigzy]

Bonjour,
Il n'est pas detecté :/
Il faudrait faire une analyse avec Malwarebytes AntiRootkit

[karineb]

Bonjour,
Merci beaucoup pour votre réponse!
Comme je m'emporte vite dans ce genre de situation, j'avais aussi envoyé une alerte à Nod32 et j'ai obtenu une réponse d'un technicien. Il m'a fait faire une analyse avec ESET SysRescue (mode "boot" au démarrage) et le résultat est le même que celui que vous m'indiquez: le rootkit n'est pas détecté.

Une petite recherche sur Internet m'a amenée à cette page, où des utilisateurs ont le même problème que moi:
https://forum.eset.com/topic/2459-cleaning-win32sirefef-trojan/

N'y connaissant pas grand chose et ayant peur de supprimer des éléments importants de mon ordinateur, je pense que je vais demander une intervention à distance pour le nettoyage.
Encore une fois, merci d'avoir pris le temps de me répondre, c'est très apprécié!

[Tigzy]

Le problème c'est que le rapport ne dit absolument pas quel objet est detecté, difficile de faire mieux :/

[karineb]

Le problème c'est que le rapport ne dit absolument pas quel objet est detecté, difficile de faire mieux :/

Je comprends et pour le moment, toutes les analyses effectuées se sont révélées peu concluantes.
J'avais fait une analyse avec l'outil anti-toolkit de Spybot Search & Destroy et il m'indiquait que des photos de famille dans mon ordinateur depuis 2008 était à supprimer.

Le 13 mai, j'ai fait une autre analyse avec Spybot S&D (pas l'anti-toolkit, le programme standard): je peux vous copier le résultat, mais je ne sais pas si cela vous sera utile.

Search results from Spybot - Search & Destroy

2014-05-13 00:56:25
Scan took 01:03:37.
111 items found.

Complitly: [SBI $3378259D] Settings (Registry Key, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\dlfienamagdnkekbbbocojppncdambda

Complitly: [SBI $5DB75812] Interface (Registry Key, nothing done)
  HKEY_CLASSES_ROOT\Interface\{C9AE652B-8C99-4AC2-B556-8B501182874E}

Complitly: [SBI $F77B8047] Type library (Registry Key, nothing done)
  HKEY_CLASSES_ROOT\TypeLib\{01BCB858-2F62-4F06-A8F4-48F927C15333}

Complitly: [SBI $471C063E] Settings (Registry Key, nothing done)
  HKEY_CLASSES_ROOT\AppID\{442F13BC-2031-42D5-9520-437F65271153}

Complitly: [SBI $C3A7FBCB] Settings (Registry Key, nothing done)
  HKEY_CLASSES_ROOT\AppID\Complitly.DLL

Complitly: [SBI $DF537DCB] User settings (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-1693713743-1498391413-3122329190-1000\Software\Complitly

Complitly: [SBI $D99E9709] Settings (Registry Key, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\SimplyGen

Complitly: [SBI $52ABDAA1] Settings (Registry Key, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dlfienamagdnkekbbbocojppncdambda

Win32.Downloader.gen: [SBI $E6AD2227] Program directory (Directory, nothing done)
  C:\Users\Karine\AppData\Local\Conduit\

Win32.Downloader.gen: [SBI $F65FFCFA]  Library (File, nothing done)
  C:\Program Files\Conduit\Community Alerts\Alert.dll
  Properties.size=532064
  Properties.md5=2A2935CE273513F881439D2FECA78E51
  Properties.filedate=1281440882
  Properties.filedatetext=2010-08-10 13:48:02

Oscardelta.Toolbar: [SBI $FC70D376] Settings (Registry Value, nothing done)
  HKEY_USERS\S-1-5-21-1693713743-1498391413-3122329190-1000\Software\Conduit\FF\smartbar.machineId

Macromedia.FlashPlayer.Cookies: [SBI $1EF45977]  Text file (File, nothing done)
  C:\Users\Karine\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HVXYBLGV\skype.com\#ui\preferences.sol
  Properties.size=0
  Properties.md5=D41D8CD98F00B204E9800998ECF8427E


[** Ici, il y a plein de "tracking cookie" affichés, que j'aurais pu supprimer. Je les ai enlevés pour ne pas que ce message dépasse 20000 caractères]
 

7-Zip: [SBI $12C3A52C] Folder history (Registry Value, nothing done)
  HKEY_USERS\S-1-5-21-1693713743-1498391413-3122329190-1000\Software\7-ZIP\FM\FolderHistory

7-Zip: [SBI $3D5692BD] Last used folder (Registry Change, nothing done)
  HKEY_USERS\S-1-5-21-1693713743-1498391413-3122329190-1000\Software\7-ZIP\FM\PanelPath0

Internet Explorer: [SBI $1E8157BE] Typed URL list (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-1693713743-1498391413-3122329190-1000\Software\Microsoft\Internet Explorer\TypedURLs

MS Media Player: [SBI $E48560B4] Recent file list (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-1693713743-1498391413-3122329190-1000\Software\Microsoft\MediaPlayer\Player\RecentFileList

MS Media Player: [SBI $735D57D7] Recent open directory (Registry Change, nothing done)
  HKEY_USERS\S-1-5-21-1693713743-1498391413-3122329190-1000\Software\Microsoft\MediaPlayer\Player\Settings\OpenDir

MS Media Player: [SBI $3B9B7B9A] Last CD record path (Registry Change, nothing done)
  HKEY_USERS\S-1-5-21-1693713743-1498391413-3122329190-1000\Software\Microsoft\MediaPlayer\Preferences\CDRecordPath

MS Media Player: [SBI $3B46EBCE] Manually modified tags history (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-1693713743-1498391413-3122329190-1000\Software\Microsoft\MediaPlayer\AutoComplete\MediaEdit

MS Direct3D: [SBI $7FB7B83F] Most recent application (Registry Change, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Direct3D\MostRecentApplication\Name

MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)
  HKEY_USERS\.DEFAULT\Software\Microsoft\Direct3D\MostRecentApplication\Name

MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)
  HKEY_USERS\S-1-5-21-1693713743-1498391413-3122329190-1000\Software\Microsoft\Direct3D\MostRecentApplication\Name

MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)
  HKEY_USERS\S-1-5-18\Software\Microsoft\Direct3D\MostRecentApplication\Name

MS DirectDraw: [SBI $EB49D5AF] Most recent application (Registry Change, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DirectDraw\MostRecentApplication\Name

MS DirectInput: [SBI $9A063C91] Most recent application (Registry Change, nothing done)
  HKEY_USERS\S-1-5-21-1693713743-1498391413-3122329190-1000\Software\Microsoft\DirectInput\MostRecentApplication\Name

MS DirectInput: [SBI $7B184199] Most recent application ID (Registry Change, nothing done)
  HKEY_USERS\S-1-5-21-1693713743-1498391413-3122329190-1000\Software\Microsoft\DirectInput\MostRecentApplication\Id

MS Office 12.0: [SBI $31A61065] Internet history (Registry Value, nothing done)
  HKEY_USERS\S-1-5-21-1693713743-1498391413-3122329190-1000\Software\Microsoft\Office\12.0\Common\Internet\UseRWHlinkNavigation

MS Office 12.0 (Excel): [SBI $546355D5] Recent Cartel List (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-1693713743-1498391413-3122329190-1000\Software\Microsoft\Office\12.0\Excel\File MRU

MS Office 12.0 (Word): [SBI $E357B233] Recent Document List (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-1693713743-1498391413-3122329190-1000\Software\Microsoft\Office\12.0\Word\File MRU

MS Wordpad: [SBI $4C02334D] Recent file list (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-1693713743-1498391413-3122329190-1000\Software\Microsoft\Windows\CurrentVersion\Applets\Wordpad\Recent File List

Windows: [SBI $1E4E2003] Drivers installation paths (Registry Change, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\Installation Sources

Windows.OpenWith: [SBI $9A5665E7] Open with list - .AIF extension (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-1693713743-1498391413-3122329190-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.AIF\OpenWithList

Windows.OpenWith: [SBI $48691F6C] Open with list - .ASD extension (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-1693713743-1498391413-3122329190-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ASD\OpenWithList

Windows.OpenWith: [SBI $F7204896] Open with list - .AVI extension (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-1693713743-1498391413-3122329190-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.AVI\OpenWithList

Windows.OpenWith: [SBI $A1C94E79] Open with list - .BMP extension (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-1693713743-1498391413-3122329190-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BMP\OpenWithList

Windows Explorer: [SBI $A2C7B3CD] Recent wallpaper list (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-1693713743-1498391413-3122329190-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Wallpaper\MRU

Windows Explorer: [SBI $7308A845] Run history (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-1693713743-1498391413-3122329190-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\RunMRU

Windows Explorer: [SBI $2026AFB6] User Assistant history IE (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-1693713743-1498391413-3122329190-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{5E6AB780-7743-11CF-A12B-00AA004AE837}\Count

Windows Explorer: [SBI $6107D172] User Assistant history files (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-1693713743-1498391413-3122329190-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count

Windows Explorer: [SBI $D20DA0AD] Recent file global history (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-1693713743-1498391413-3122329190-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs

Windows Media SDK: [SBI $37AAEDE6] Computer name (Registry Change, nothing done)
  HKEY_USERS\S-1-5-21-1693713743-1498391413-3122329190-1000\Software\Microsoft\Windows Media\WMSDK\General\ComputerName

Windows Media SDK: [SBI $CAA58B6E] Unique ID (Registry Change, nothing done)
  HKEY_USERS\S-1-5-21-1693713743-1498391413-3122329190-1000\Software\Microsoft\Windows Media\WMSDK\General\UniqueID

Windows Media SDK: [SBI $BACCD0DA] Volume serial number (Registry Value, nothing done)
  HKEY_USERS\S-1-5-21-1693713743-1498391413-3122329190-1000\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber

WinRAR: [SBI $0B56E92B] Recent file list (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-1693713743-1498391413-3122329190-1000\Software\WinRAR\ArcHistory

WinRAR: [SBI $A59A1C0A] Recent exe file list (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-1693713743-1498391413-3122329190-1000\Software\WinRAR\DialogEditHistory\ArcName

WinRAR: [SBI $B84F9965] Last used directory (Registry Change, nothing done)
  HKEY_USERS\S-1-5-21-1693713743-1498391413-3122329190-1000\Software\WinRAR\General\LastFolder

Cookie: [SBI $49804B54] Browser: Cookie (3520) (Browser: Cookie, nothing done)
 

Cache: [SBI $49804B54] Browser: Cache (122) (Browser: Cache, nothing done)
 

Historique: [SBI $49804B54] Browser: History (10027) (Browser: History, nothing done)
 

Cookie: [SBI $49804B54] Browser: Cookie (6518) (Browser: Cookie, nothing done)
 

Historique: [SBI $49804B54] Browser: History (37797) (Browser: History, nothing done)
 


--- Spybot - Search & Destroy version: 2.3.39.131  DLL (build: 20140425) ---

2014-04-25 blindman.exe (2.3.39.151)
2014-04-25 explorer.exe (2.3.39.181)
2014-04-25 SDBootCD.exe (2.3.39.109)
2014-04-25 SDCleaner.exe (2.3.39.110)
2014-04-25 SDDelFile.exe (2.3.39.94)
2013-06-18 SDDisableProxy.exe
2014-04-25 SDFiles.exe (2.3.39.135)
2013-03-20 SDFileScanHelper.exe (2.1.16.1)
2014-04-25 SDFSSvc.exe (2.3.39.217)
2014-04-25 SDHelp.exe (2.3.39.1)
2014-04-25 SDHookHelper.exe (2.3.39.2)
2014-04-25 SDHookInst32.exe (2.3.39.2)
2014-04-25 SDImmunize.exe (2.3.39.130)
2014-04-25 SDLogReport.exe (2.3.39.107)
2014-04-25 SDOnAccess.exe (2.3.39.11)
2014-04-25 SDPESetup.exe (2.3.39.3)
2014-04-25 SDPEStart.exe (2.3.39.86)
2014-04-25 SDPhoneScan.exe (2.3.39.28)
2014-04-25 SDPRE.exe (2.3.39.22)
2014-04-25 SDPrepPos.exe (2.3.39.15)
2014-04-25 SDQuarantine.exe (2.3.39.103)
2014-04-25 SDRootAlyzer.exe (2.3.39.116)
2014-04-25 SDSBIEdit.exe (2.3.39.39)
2014-04-25 SDScan.exe (2.3.39.181)
2014-04-25 SDScript.exe (2.3.39.54)
2014-04-25 SDSettings.exe (2.3.39.139)
2014-04-25 SDShell.exe (2.3.39.2)
2014-04-25 SDShred.exe (2.3.39.108)
2014-04-25 SDSysRepair.exe (2.3.39.102)
2014-04-25 SDTools.exe (2.3.39.157)
2014-04-25 SDTray.exe (2.3.39.129)
2014-04-25 SDUpdate.exe (2.3.39.94)
2014-04-25 SDUpdSvc.exe (2.3.39.77)
2014-04-25 SDWelcome.exe (2.3.39.130)
2014-04-25 SDWSCSvc.exe (2.3.39.2)
2013-06-19 spybotsd2-translation-frx.exe
2014-05-12 unins000.exe (51.1052.0.0)
1999-12-02 xcacls.exe
2012-08-23 borlndmm.dll (10.0.2288.42451)
2012-09-05 DelZip190.dll (1.9.0.107)
2012-09-10 libeay32.dll (1.0.0.4)
2012-09-10 libssl32.dll (1.0.0.4)
2014-04-25 NotificationSpreader.dll
2014-04-25 SDAdvancedCheckLibrary.dll (2.3.39.98)
2014-04-25 SDAV.dll
2014-04-25 SDECon32.dll (2.3.39.114)
2014-04-25 SDEvents.dll (2.3.39.2)
2014-04-25 SDFileScanLibrary.dll (2.3.39.14)
2014-04-25 SDHook32.dll (2.3.39.2)
2014-04-25 SDImmunizeLibrary.dll (2.3.39.2)
2014-04-25 SDLicense.dll (2.3.39.0)
2014-04-25 SDLists.dll (2.3.39.4)
2014-04-25 SDResources.dll (2.3.39.7)
2014-04-25 SDScanLibrary.dll (2.3.39.131)
2014-04-25 SDTasks.dll (2.3.39.15)
2013-12-19 SDWinLogon.dll (2.3.37.0)
2012-08-23 sqlite3.dll
2012-09-10 ssleay32.dll (1.0.0.4)
2014-04-25 Tools.dll (2.3.39.36)
2014-03-05 Includes\Adware-000.sbi (*)
2014-01-08 Includes\Adware-001.sbi (*)
2014-05-06 Includes\Adware-C.sbi (*)
2014-01-13 Includes\Adware.sbi (*)
2014-01-13 Includes\AdwareC.sbi (*)
2010-08-13 Includes\Cookies.sbi (*)
2014-01-08 Includes\Dialer-000.sbi (*)
2014-01-08 Includes\Dialer-001.sbi (*)
2014-01-08 Includes\Dialer-C.sbi (*)
2014-01-13 Includes\Dialer.sbi (*)
2014-01-13 Includes\DialerC.sbi (*)
2014-01-09 Includes\Fraud-000.sbi (*)
2014-01-09 Includes\Fraud-001.sbi (*)
2014-03-31 Includes\Fraud-002.sbi (*)
2014-01-09 Includes\Fraud-003.sbi (*)
2012-11-14 Includes\HeavyDuty.sbi (*)
2014-01-08 Includes\Hijackers-000.sbi (*)
2014-01-08 Includes\Hijackers-001.sbi (*)
2014-01-08 Includes\Hijackers-C.sbi (*)
2014-01-13 Includes\Hijackers.sbi (*)
2014-01-13 Includes\HijackersC.sbi (*)
2014-01-08 Includes\iPhone-000.sbi (*)
2014-01-08 Includes\iPhone.sbi (*)
2014-01-08 Includes\Keyloggers-000.sbi (*)
2014-03-19 Includes\Keyloggers-C.sbi (*)
2014-01-13 Includes\Keyloggers.sbi (*)
2014-01-13 Includes\KeyloggersC.sbi (*)
2014-01-09 Includes\Malware-001.sbi (*)
2014-01-09 Includes\Malware-002.sbi (*)
2014-02-05 Includes\Malware-003.sbi (*)
2014-01-28 Includes\Malware-004.sbi (*)
2014-04-15 Includes\Malware-005.sbi (*)
2014-02-26 Includes\Malware-006.sbi (*)
2014-01-09 Includes\Malware-007.sbi (*)
2014-04-30 Includes\Malware-C.sbi (*)
2014-01-13 Includes\Malware.sbi (*)
2013-12-23 Includes\MalwareC.sbi (*)
2014-01-15 Includes\PUPS-000.sbi (*)
2014-01-15 Includes\PUPS-001.sbi (*)
2014-01-15 Includes\PUPS-002.sbi (*)
2014-05-06 Includes\PUPS-C.sbi (*)
2012-11-14 Includes\PUPS.sbi (*)
2014-01-07 Includes\PUPSC.sbi (*)
2014-01-08 Includes\Security-000.sbi (*)
2014-01-08 Includes\Security-C.sbi (*)
2014-01-21 Includes\Security.sbi (*)
2014-01-21 Includes\SecurityC.sbi (*)
2014-01-08 Includes\Spyware-000.sbi (*)
2014-01-08 Includes\Spyware-001.sbi (*)
2014-01-08 Includes\Spyware-C.sbi (*)
2014-01-21 Includes\Spyware.sbi (*)
2014-01-21 Includes\SpywareC.sbi (*)
2011-06-07 Includes\Tracks.sbi (*)
2012-11-19 Includes\Tracks.uti (*)
2014-01-15 Includes\Trojans-000.sbi (*)
2014-01-15 Includes\Trojans-001.sbi (*)
2014-01-15 Includes\Trojans-002.sbi (*)
2014-01-15 Includes\Trojans-003.sbi (*)
2014-01-15 Includes\Trojans-004.sbi (*)
2014-03-19 Includes\Trojans-005.sbi (*)
2014-01-15 Includes\Trojans-006.sbi (*)
2014-01-15 Includes\Trojans-007.sbi (*)
2014-01-15 Includes\Trojans-008.sbi (*)
2014-01-15 Includes\Trojans-009.sbi (*)
2014-05-06 Includes\Trojans-C.sbi (*)
2014-01-15 Includes\Trojans-OG-000.sbi (*)
2014-01-15 Includes\Trojans-TD-000.sbi (*)
2014-01-15 Includes\Trojans-VM-000.sbi (*)
2014-01-15 Includes\Trojans-VM-001.sbi (*)
2014-01-15 Includes\Trojans-VM-002.sbi (*)
2014-01-15 Includes\Trojans-VM-003.sbi (*)
2014-01-15 Includes\Trojans-VM-004.sbi (*)
2014-01-15 Includes\Trojans-VM-005.sbi (*)
2014-01-15 Includes\Trojans-VM-006.sbi (*)
2014-01-15 Includes\Trojans-VM-007.sbi (*)
2014-01-15 Includes\Trojans-VM-008.sbi (*)
2014-01-15 Includes\Trojans-VM-009.sbi (*)
2014-01-15 Includes\Trojans-VM-010.sbi (*)
2014-01-15 Includes\Trojans-VM-011.sbi (*)
2014-01-15 Includes\Trojans-VM-012.sbi (*)
2014-01-15 Includes\Trojans-VM-013.sbi (*)
2014-01-15 Includes\Trojans-VM-014.sbi (*)
2014-01-15 Includes\Trojans-VM-015.sbi (*)
2014-01-15 Includes\Trojans-VM-016.sbi (*)
2014-01-15 Includes\Trojans-VM-017.sbi (*)
2014-01-15 Includes\Trojans-VM-018.sbi (*)
2014-01-15 Includes\Trojans-VM-019.sbi (*)
2014-01-15 Includes\Trojans-VM-020.sbi (*)
2014-01-15 Includes\Trojans-VM-021.sbi (*)
2014-01-15 Includes\Trojans-VM-022.sbi (*)
2014-01-15 Includes\Trojans-VM-023.sbi (*)
2014-01-15 Includes\Trojans-VM-024.sbi (*)
2014-01-15 Includes\Trojans-ZB-000.sbi (*)
2014-01-15 Includes\Trojans-ZL-000.sbi (*)
2014-01-09 Includes\Trojans.sbi (*)
2014-01-16 Includes\TrojansC-01.sbi (*)
2014-01-16 Includes\TrojansC-02.sbi (*)
2014-01-16 Includes\TrojansC-03.sbi (*)
2014-01-16 Includes\TrojansC-04.sbi (*)
2014-01-16 Includes\TrojansC-05.sbi (*)
2014-01-09 Includes\TrojansC.sbi (*)

[Tigzy]

Spybot, c'est pas top...
Si Malwarebytes ne trouve rien, je pense que c'est pas la peine d'aller plus loin. Toutes les variantes de ZeroAccess sont connues et détectées par RogueKiller et Malwarebytes

[karineb]

Bonjour,
Je vais essayer avec Malwarebytes en fin de semaine, merci!
Si ça ne donne rien, je vais mettre ce problème en attente, car j'ai besoin de mon ordinateur quotidiennement pour mon travail. Ça sera plus calme à partir de juillet, alors je pourrai y consacrer tout le temps nécessaire.