Bonjour,
Ma question est simple. J ai le rapport Avira qui montre 4 entrées de registres invisibles. Comment être sûr que les entrées ne sont pas infectées.
Merci
Code :
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
| Avira Free Antivirus
Report file date: 3 février 2012 09:52
Scanning for 3363733 virus strains and unwanted programs.
The program is running as an unrestricted full version.
Online services are available:
Licensee : Avira AntiVir Personal - Free Antivirus
Serial number : 0000149996-ADJIE-0000001
Platform : Windows 7 x64
Windows version : (Service Pack 1) [6.1.7601]
Boot mode : Normally booted
Username : amer
Computer name : AMER-PC
Version information:
BUILD.DAT : 12.0.0.849 Bytes 2011-09-23 20:19:00
AVSCAN.EXE : 12.1.0.17 490448 Bytes 2011-09-23 23:04:46
AVSCAN.DLL : 12.1.0.17 54224 Bytes 2011-09-23 18:34:56
LUKE.DLL : 12.1.0.17 68304 Bytes 2011-09-23 17:55:16
AVSCPLR.DLL : 12.1.0.21 99536 Bytes 2012-02-03 14:39:03
AVREG.DLL : 12.1.0.27 227536 Bytes 2012-02-03 14:39:03
VBASE000.VDF : 7.10.0.0 19875328 Bytes 2009-11-06 01:18:34
VBASE001.VDF : 7.11.0.0 13342208 Bytes 2010-12-14 16:07:39
VBASE002.VDF : 7.11.19.170 14374912 Bytes 2011-12-20 14:38:40
VBASE003.VDF : 7.11.21.238 4472832 Bytes 2012-02-01 14:38:50
VBASE004.VDF : 7.11.21.239 2048 Bytes 2012-02-01 14:38:50
VBASE005.VDF : 7.11.21.240 2048 Bytes 2012-02-01 14:38:50
VBASE006.VDF : 7.11.21.241 2048 Bytes 2012-02-01 14:38:50
VBASE007.VDF : 7.11.21.242 2048 Bytes 2012-02-01 14:38:50
VBASE008.VDF : 7.11.21.243 2048 Bytes 2012-02-01 14:38:50
VBASE009.VDF : 7.11.21.244 2048 Bytes 2012-02-01 14:38:50
VBASE010.VDF : 7.11.21.245 2048 Bytes 2012-02-01 14:38:51
VBASE011.VDF : 7.11.21.246 2048 Bytes 2012-02-01 14:38:51
VBASE012.VDF : 7.11.21.247 2048 Bytes 2012-02-01 14:38:51
VBASE013.VDF : 7.11.22.33 1486848 Bytes 2012-02-03 14:38:53
VBASE014.VDF : 7.11.22.34 2048 Bytes 2012-02-03 14:38:54
VBASE015.VDF : 7.11.22.35 2048 Bytes 2012-02-03 14:38:54
VBASE016.VDF : 7.11.22.36 2048 Bytes 2012-02-03 14:38:54
VBASE017.VDF : 7.11.22.37 2048 Bytes 2012-02-03 14:38:54
VBASE018.VDF : 7.11.22.38 2048 Bytes 2012-02-03 14:38:54
VBASE019.VDF : 7.11.22.39 2048 Bytes 2012-02-03 14:38:54
VBASE020.VDF : 7.11.22.40 2048 Bytes 2012-02-03 14:38:54
VBASE021.VDF : 7.11.22.41 2048 Bytes 2012-02-03 14:38:54
VBASE022.VDF : 7.11.22.42 2048 Bytes 2012-02-03 14:38:54
VBASE023.VDF : 7.11.22.43 2048 Bytes 2012-02-03 14:38:55
VBASE024.VDF : 7.11.22.44 2048 Bytes 2012-02-03 14:38:55
VBASE025.VDF : 7.11.22.45 2048 Bytes 2012-02-03 14:38:55
VBASE026.VDF : 7.11.22.46 2048 Bytes 2012-02-03 14:38:55
VBASE027.VDF : 7.11.22.47 2048 Bytes 2012-02-03 14:38:55
VBASE028.VDF : 7.11.22.48 2048 Bytes 2012-02-03 14:38:55
VBASE029.VDF : 7.11.22.49 2048 Bytes 2012-02-03 14:38:55
VBASE030.VDF : 7.11.22.50 2048 Bytes 2012-02-03 14:38:55
VBASE031.VDF : 7.11.22.53 61952 Bytes 2012-02-03 14:38:56
Engineversion : 8.2.8.48
AEVDF.DLL : 8.1.2.2 106868 Bytes 2012-02-03 14:39:03
AESCRIPT.DLL : 8.1.4.3 438649 Bytes 2012-02-03 14:39:02
AESCN.DLL : 8.1.8.2 131444 Bytes 2012-02-03 14:39:02
AESBX.DLL : 8.2.4.5 434549 Bytes 2012-02-03 14:39:03
AERDL.DLL : 8.1.9.15 639348 Bytes 2011-09-09 04:16:06
AEPACK.DLL : 8.2.16.2 799095 Bytes 2012-02-03 14:39:02
AEOFFICE.DLL : 8.1.2.25 201084 Bytes 2012-02-03 14:39:01
AEHEUR.DLL : 8.1.3.24 4387190 Bytes 2012-02-03 14:39:01
AEHELP.DLL : 8.1.19.0 254327 Bytes 2012-02-03 14:38:57
AEGEN.DLL : 8.1.5.21 409971 Bytes 2012-02-03 14:38:57
AEEMU.DLL : 8.1.3.0 393589 Bytes 2011-09-02 04:46:01
AECORE.DLL : 8.1.25.3 201079 Bytes 2012-02-03 14:38:56
AEBB.DLL : 8.1.1.0 53618 Bytes 2011-09-02 04:46:01
AVWINLL.DLL : 12.1.0.17 27344 Bytes 2011-09-23 17:13:18
AVPREF.DLL : 12.1.0.17 51920 Bytes 2011-09-23 16:53:57
AVREP.DLL : 12.1.0.17 179408 Bytes 2011-09-23 16:55:01
AVARKT.DLL : 12.1.0.17 223184 Bytes 2011-09-23 16:25:26
AVEVTLOG.DLL : 12.1.0.17 169168 Bytes 2011-09-23 16:34:37
SQLITE3.DLL : 3.7.0.0 398288 Bytes 2011-09-16 07:05:58
AVSMTP.DLL : 12.1.0.17 62928 Bytes 2011-09-23 17:03:47
NETNT.DLL : 12.1.0.17 17104 Bytes 2011-09-23 17:58:06
RCIMAGE.DLL : 12.1.0.17 4450000 Bytes 2011-09-23 18:37:25
RCTEXT.DLL : 12.1.0.16 96208 Bytes 2011-09-23 18:37:24
Configuration settings for the scan:
Jobname.............................: Complete system scan
Configuration file..................: C:\Program Files (x86)\Avira\AntiVir Desktop\sysscan.avp
Logging.............................: default
Primary action......................: interactive
Secondary action....................: ignore
Scan master boot sector.............: on
Scan boot sector....................: on
Boot sectors........................: C:, D:,
Process scan........................: on
Extended process scan...............: on
Scan registry.......................: on
Search for rootkits.................: on
Integrity checking of system files..: off
Scan all files......................: All files
Scan archives.......................: on
Recursion depth.....................: 20
Smart extensions....................: on
Macro heuristic.....................: on
File heuristic......................: extended
Start of the scan: 3 février 2012 09:52
Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
[INFO] Please restart the search with Administrator rights
Master boot sector HD1
[INFO] No virus was found!
[INFO] Please restart the search with Administrator rights
Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
[INFO] Please restart the search with Administrator rights
Boot sector 'D:\'
[INFO] No virus was found!
[INFO] Please restart the search with Administrator rights
Starting search for hidden objects.
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{00020D75-0000-0000-C000-000000000046}\ShellFolder\attributes
[NOTE] The registry entry is invisible.
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Applets\SysTray\BattMeter\Flyout\381b4222-f694-41f0-9685-ff5bb260df2e
[NOTE] The registry entry is invisible.
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Applets\SysTray\BattMeter\Flyout\8c5e7fda-e8bf-4a96-9a85-a6e23a8c635c
[NOTE] The registry entry is invisible.
Hidden driver
[NOTE] A memory modification has been detected, which could potentially be used to hide file access attempts.
The scan of running processes will be started
Scan process 'chrome.exe' - '48' Module(s) have been scanned
Scan process 'chrome.exe' - '48' Module(s) have been scanned
Scan process 'chrome.exe' - '48' Module(s) have been scanned
Scan process 'avscan.exe' - '80' Module(s) have been scanned
Scan process 'avcenter.exe' - '109' Module(s) have been scanned
Scan process 'AcroRd32.exe' - '64' Module(s) have been scanned
Scan process 'AcroRd32.exe' - '33' Module(s) have been scanned
Scan process 'googletalkplugin.exe' - '67' Module(s) have been scanned
Scan process 'chrome.exe' - '43' Module(s) have been scanned
Scan process 'chrome.exe' - '64' Module(s) have been scanned
Scan process 'rundll32.exe' - '51' Module(s) have been scanned
Scan process 'chrome.exe' - '48' Module(s) have been scanned
Scan process 'chrome.exe' - '48' Module(s) have been scanned
Scan process 'chrome.exe' - '48' Module(s) have been scanned
Scan process 'chrome.exe' - '128' Module(s) have been scanned
Scan process 'avgnt.exe' - '77' Module(s) have been scanned
Scan process 'mbamgui.exe' - '36' Module(s) have been scanned
Scan process 'acrotray.exe' - '28' Module(s) have been scanned
Scan process 'netsession_win.exe' - '57' Module(s) have been scanned
Scan process 'tvnserver.exe' - '28' Module(s) have been scanned
Scan process 'IAStorIcon.exe' - '51' Module(s) have been scanned
Scan process 'PDVDDXSrv.exe' - '46' Module(s) have been scanned
Scan process 'InputDirector.exe' - '46' Module(s) have been scanned
Scan process 'netsession_win.exe' - '38' Module(s) have been scanned
Scan process 'ISUSPM.exe' - '35' Module(s) have been scanned
Starting to scan executable files (registry).
The registry was scanned ( '3059' files ).
Starting the file scan:
Begin scan in 'C:\' <OS>
Begin scan in 'D:\' <DATAPART1>
End of the scan: 3 février 2012 13:21
Used time: 3:28:36 Hour(s)
The scan has been done completely.
75183 Scanned directories
2092862 Files were scanned
0 Viruses and/or unwanted programs were found
0 Files were classified as suspicious
0 Files were deleted
0 Viruses and unwanted programs were repaired
0 Files were moved to quarantine
0 Files were renamed
0 Files cannot be scanned
2092862 Files not concerned
15238 Archives were scanned
0 Warnings
4 Notes
1550908 Objects were scanned with rootkit scan
4 Hidden objects were found |
03/02/2012, 19h57
rapport avira: 4 entree de registres invisibles
00
