Publicité
Publicité
Format du document : text/plain
Prévisualisation
############################## | UsbFix V 7.104 | [Recherche]
Utilisateur: MARLENE (Administrateur) # ACCUEIL
Mis � jour le 06/02/2013 par El Desaparecido
Lanc� � 18:14:23 | 06/02/2013
Site Web: http://sosvirus.org/index.php
Contact: contact@sosvirus.org
PC: ACER (Veriton M460) (X86-based PC)
CPU: Intel(R) Pentium(R) Dual CPU E2140 @ 1.60GHz (1596)
RAM -> [Total : 3062 | Free : 2779]
BIOS: Default System BIOS
BOOT: Fail-safe with network boot
OS: Microsoft Windows XP Professionnel (5.1.2600 32-Bit) # Service Pack 3
WB: Windows Internet Explorer 7.0.5730.13
SC: Security Center Service [(!) Disabled]
WU: Windows Update Service [Enabled]
FW: Windows FireWall Service [(!) Disabled]
C:\ (%systemdrive%) -> Disque fixe # 72 Go (24 Go libre(s) - 33%) [ACER] # NTFS
D:\ -> Disque fixe # 72 Go (34 Go libre(s) - 47%) [ACERDATA] # FAT32
E:\ -> CD-ROM
G:\ -> Disque amovible # 967 Mo (167 Mo libre(s) - 17%) [REDKEY] # FAT
################## | Processus Actif |
C:\WINDOWS\System32\smss.exe (552)
C:\WINDOWS\system32\winlogon.exe (632)
C:\WINDOWS\system32\services.exe (676)
C:\WINDOWS\system32\lsass.exe (688)
C:\WINDOWS\system32\svchost.exe (844)
C:\WINDOWS\system32\svchost.exe (1116)
C:\WINDOWS\Explorer.EXE (1488)
C:\UsbFix\Go.exe (164)
################## | �l�ments infectieux |
################## | Registre |
Pr�sent! HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\policies\System|DisableRegistryTools
Pr�sent! HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\policies\System|DisableRegistryTools
Pr�sent! HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\policies\System|DisableTaskMgr
Pr�sent! HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\policies\System|DisableTaskMgr
Pr�sent! HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System|DisableTaskMgr
Pr�sent! HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\explorer|NoFolderOptions
################## | Mountpoints2 |
HKCU\.\.\.\.\Explorer\MountPoints2\{0ac82328-4c33-11de-a8e1-00192142e690}
Shell\AutoRun\Command = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycled\ctfmon.exe
Shell\Open(&0)\Command = Recycled\ctfmon.exe
HKCU\.\.\.\.\Explorer\MountPoints2\{a9ab15bd-07d8-11dd-a7b6-00192142e690}
Shell\Auto\Command = Start.exe
Shell\AutoRun\Command = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Start.exe
################## | Vaccin |
(!) Cet ordinateur n'est pas vaccin�!
################## | E.O.F | http://sosvirus.org |
Utilisateur: MARLENE (Administrateur) # ACCUEIL
Mis � jour le 06/02/2013 par El Desaparecido
Lanc� � 18:14:23 | 06/02/2013
Site Web: http://sosvirus.org/index.php
Contact: contact@sosvirus.org
PC: ACER (Veriton M460) (X86-based PC)
CPU: Intel(R) Pentium(R) Dual CPU E2140 @ 1.60GHz (1596)
RAM -> [Total : 3062 | Free : 2779]
BIOS: Default System BIOS
BOOT: Fail-safe with network boot
OS: Microsoft Windows XP Professionnel (5.1.2600 32-Bit) # Service Pack 3
WB: Windows Internet Explorer 7.0.5730.13
SC: Security Center Service [(!) Disabled]
WU: Windows Update Service [Enabled]
FW: Windows FireWall Service [(!) Disabled]
C:\ (%systemdrive%) -> Disque fixe # 72 Go (24 Go libre(s) - 33%) [ACER] # NTFS
D:\ -> Disque fixe # 72 Go (34 Go libre(s) - 47%) [ACERDATA] # FAT32
E:\ -> CD-ROM
G:\ -> Disque amovible # 967 Mo (167 Mo libre(s) - 17%) [REDKEY] # FAT
################## | Processus Actif |
C:\WINDOWS\System32\smss.exe (552)
C:\WINDOWS\system32\winlogon.exe (632)
C:\WINDOWS\system32\services.exe (676)
C:\WINDOWS\system32\lsass.exe (688)
C:\WINDOWS\system32\svchost.exe (844)
C:\WINDOWS\system32\svchost.exe (1116)
C:\WINDOWS\Explorer.EXE (1488)
C:\UsbFix\Go.exe (164)
################## | �l�ments infectieux |
################## | Registre |
Pr�sent! HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\policies\System|DisableRegistryTools
Pr�sent! HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\policies\System|DisableRegistryTools
Pr�sent! HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\policies\System|DisableTaskMgr
Pr�sent! HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\policies\System|DisableTaskMgr
Pr�sent! HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System|DisableTaskMgr
Pr�sent! HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\explorer|NoFolderOptions
################## | Mountpoints2 |
HKCU\.\.\.\.\Explorer\MountPoints2\{0ac82328-4c33-11de-a8e1-00192142e690}
Shell\AutoRun\Command = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycled\ctfmon.exe
Shell\Open(&0)\Command = Recycled\ctfmon.exe
HKCU\.\.\.\.\Explorer\MountPoints2\{a9ab15bd-07d8-11dd-a7b6-00192142e690}
Shell\Auto\Command = Start.exe
Shell\AutoRun\Command = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Start.exe
################## | Vaccin |
(!) Cet ordinateur n'est pas vaccin�!
################## | E.O.F | http://sosvirus.org |