Probleme windows xp
Probleme windows xp - Virus/Spywares - Windows & Software
Sujets relatifs:
- Problème lancement double script windows
- probleme windows xp media center
- Problème démarrage Windows XP Professionnel SP2
- Problème affichage Windows 7 et TV LCD
- Gros probleme: impossible d'ouvrir n'importe quel fichier...
- Probleme copie fichiers Windows Vista vers hdd externe
- Installation Windows7 , problème avec Windows Boot Manager
- [Resolu]Probleme installation Windows 7 sur un RAid 0
- Petit problème au démarrage de Windows XP
- Windows 7 et XP : problème partition
Marsh Posté le 24-05-2009 à 22:12:10
Bonjour à tous,
Alors mon probleme se situe..je ne sais pas trop ou en fait certains de mes logiciels ne fonctionnent pas ou s'arretent apres une erreur programme... par exemple quand je veux lancer windows media player classic cela me fait le probleme suivant : runtime error! R6002 floating point support not loaded... et les autres programmes comme msn s'arretent sans raison... meme apres re-installation.. donc j'ai un log combofix :
ComboFix 09-05-24.01 - brucejun 24/05/2009 21:53.1 - NTFSx86
Lancé depuis: d:\dl\ComboFix.exe
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\program files\Internet Explorer\fxavx.ini
c:\windows\system32\crss.exe
c:\windows\system32\dnscon70.dll
c:\windows\system32\mstcpcon20.dll
c:\windows\system32\netmanage.dll
c:\windows\system32\netused.dll
c:\windows\system32\sr1000r.dll
c:\windows\Temp\_ISTMPI.DIR\autorun.inf
c:\windows\Temp\_ISTMPI.DIR\mmc32.exe
c:\windows\Temp\log.txt
F:\Autorun.inf
.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_DNSCON
-------\Legacy_NETMANAGER
-------\Service_dnscon
-------\Service_NetManager
((((((((((((((((((((((((((((( Fichiers créés du 2009-04-24 au 2009-05-24 ))))))))))))))))))))))))))))))))))))
.
2009-05-23 11:49 . 2009-05-23 11:49 -------- d-----w c:\program files\Microsoft
2009-05-09 09:38 . 2009-05-09 11:42 -------- d-----w c:\documents and settings\brucejun.BRUCE\Application Data\PhotoFiltre Studio X
2009-05-09 09:38 . 2009-05-09 09:38 -------- d-----w c:\program files\PhotoFiltre Studio X
2009-05-04 11:44 . 2009-05-04 11:44 -------- d-----w c:\documents and settings\invite\Local Settings\Application Data\Thunderbird
2009-05-04 11:44 . 2009-05-04 11:44 -------- d-----w c:\documents and settings\invite\Application Data\Thunderbird
2009-05-03 22:07 . 2009-05-03 22:07 -------- d-----w c:\program files\Gadwin Systems
2009-04-25 00:10 . 2009-02-07 05:43 24576 ----a-w c:\documents and settings\brucejun.BRUCE\Application Data\Mozilla\Firefox\Profiles\s5hr3n3t.default\extensions\{6AC85730-7D0F-4de0-B3FA-21142DD85326}\platform\WINNT\components\ColorZilla.dll
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-05-24 17:36 . 2008-05-03 08:41 -------- d-----w c:\program files\eMule
2009-05-24 14:31 . 2008-07-31 08:51 -------- d-----w c:\documents and settings\brucejun.BRUCE\Application Data\uTorrent
2009-05-23 14:26 . 2008-05-03 07:50 -------- d-----w c:\program files\Winamp
2009-05-23 12:52 . 2008-05-03 09:01 -------- d-----w c:\program files\Mozilla Thunderbird
2009-05-23 11:49 . 2008-07-23 19:22 -------- d-----w c:\program files\Windows Live
2009-05-22 11:32 . 2008-05-03 07:45 -------- d-----w c:\program files\MPC 6.4.02 (feat.RV9)
2009-05-18 19:56 . 2008-07-28 10:24 -------- d-----w c:\documents and settings\brucejun.BRUCE\Application Data\Media Player Classic
2009-05-17 13:44 . 2008-08-28 10:09 -------- d-----w c:\documents and settings\brucejun.BRUCE\Application Data\U3
2009-05-14 01:00 . 2008-06-12 11:07 -------- d-----w c:\documents and settings\All Users\Application Data\Microsoft Help
2009-05-13 20:28 . 2008-07-28 10:11 334368 -c--a-w c:\documents and settings\brucejun.BRUCE\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-04-20 22:03 . 2009-04-20 22:03 334752 ----a-w c:\documents and settings\invite\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-04-17 01:15 . 2001-08-28 12:00 63854 ----a-w c:\windows\system32\perfc00C.dat
2009-04-17 01:15 . 2001-08-28 12:00 445434 ----a-w c:\windows\system32\perfh00C.dat
2009-04-04 18:24 . 2009-04-04 18:24 1074 ----a-w c:\windows\Fonts\VAGROU01.PFM
2009-04-02 17:44 . 2008-12-05 03:00 -------- d-----w c:\documents and settings\All Users\Application Data\FLEXnet
2009-03-28 21:24 . 2009-03-28 21:24 -------- d-----w c:\program files\Windows Live Safety Center
2009-03-28 13:36 . 2009-03-15 19:59 -------- d-----w c:\documents and settings\brucejun.BRUCE\Application Data\Audacity
2009-03-06 14:46 . 2004-08-03 22:54 286208 ----a-w c:\windows\system32\pdh.dll
2009-02-28 12:06 . 2009-02-28 12:06 392728 ----a-w c:\documents and settings\brucejun.BRUCE\Application Data\Microsoft\Services Windows Live\Services Windows Live.dll
2009-02-28 12:06 . 2009-02-28 12:06 311044 ----a-w c:\documents and settings\brucejun.BRUCE\Application Data\Microsoft\Services Windows Live\Raccourci Windows Live Messenger.exe
2009-02-28 12:06 . 2009-02-28 12:06 264956 ----a-w c:\documents and settings\brucejun.BRUCE\Application Data\Microsoft\Services Windows Live\Raccourci Galerie de Photos Windows Live.exe
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-02-06 4063488]
"STYLEXP"="c:\program files\TGTSoft\StyleXP\StyleXP.exe" [2005-08-18 1537794]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-03 15360]
"Gadwin PrintScreen"="c:\program files\Gadwin Systems\PrintScreen\PrintScreen.exe" [2008-12-09 673536]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-03 15360]
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32
"mixer"= DrvTrNTm.dll
"wave"= DrvTrNTm.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]
@="Driver"
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Adobe Gamma Loader.lnk]
path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\Adobe Gamma Loader.lnk
backup=c:\windows\pss\Adobe Gamma Loader.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^PalTalk.lnk]
path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\PalTalk.lnk
backup=c:\windows\pss\PalTalk.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^brucejun.BRUCE^Menu Démarrer^Programmes^Démarrage^No-IP DUC.lnk]
path=c:\documents and settings\brucejun.BRUCE\Menu Démarrer\Programmes\Démarrage\No-IP DUC.lnk
backup=c:\windows\pss\No-IP DUC.lnkStartup
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avast!
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\eMule\\emule.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Steam\\SteamApps\\jin_price3@hotmail.com\\counter-strike\\hl.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\GlobalSCAPE\\CuteFTP 7 Professional\\ftpte.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"4662:TCP"= 4662:TCP:tcp
"4672:UDP"= 4672:UDP:udp
"33293:TCP"= 33293:TCP:torrent
"33293:UDP"= 33293:UDP:torrent2
"1863:TCP"= 1863:TCP:msn
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
"1025:TCP"= 1025:TCP:paltalk
"1025:UDP"= 1025:UDP:paltalkd
R4 Adnsoo;Adnsoo; [x]
R4 KeenfinderSrch Service;KeenfinderSrch Service;c:\program files\KeenfinderSrch\keenfinder.exe [x]
--- Autres Services/Pilotes en mémoire ---
*Deregistered* - AFD
*Deregistered* - ALG
*Deregistered* - Arp1394
*Deregistered* - Ati HotKey Poller
*Deregistered* - ATI Smart
*Deregistered* - AudioSrv
*Deregistered* - audstub
*Deregistered* - Beep
*Deregistered* - Browser
*Deregistered* - Cdfs
*Deregistered* - cpuidlep
*Deregistered* - CryptSvc
*Deregistered* - DcomLaunch
*Deregistered* - Dhcp
*Deregistered* - dmio
*Deregistered* - dmload
*Deregistered* - dmserver
*Deregistered* - Dnscache
*Deregistered* - ERSvc
*Deregistered* - EventSystem
*Deregistered* - Fastfat
*Deregistered* - Fips
*Deregistered* - FltMgr
*Deregistered* - Ftdisk
*Deregistered* - giveio
*Deregistered* - Gpc
*Deregistered* - helpsvc
*Deregistered* - HidServ
*Deregistered* - IpNat
*Deregistered* - IPSec
*Deregistered* - KSecDD
*Deregistered* - lanmanserver
*Deregistered* - lanmanworkstation
*Deregistered* - LmHosts
*Deregistered* - mnmdd
*Deregistered* - Mouclass
*Deregistered* - MountMgr
*Deregistered* - MRxDAV
*Deregistered* - MRxSmb
*Deregistered* - Msfs
*Deregistered* - mssmbios
*Deregistered* - Mup
*Deregistered* - NDIS
*Deregistered* - NdisTapi
*Deregistered* - Ndisuio
*Deregistered* - NdisWan
*Deregistered* - NDProxy
*Deregistered* - NetBIOS
*Deregistered* - NetBT
*Deregistered* - Netman
*Deregistered* - Nla
*Deregistered* - Npfs
*Deregistered* - Ntfs
*Deregistered* - Null
*Deregistered* - PartMgr
*Deregistered* - ParVdm
*Deregistered* - PolicyAgent
*Deregistered* - PptpMiniport
*Deregistered* - ProtectedStorage
*Deregistered* - PSched
*Deregistered* - RasAcd
*Deregistered* - Rasl2tp
*Deregistered* - RasPppoe
*Deregistered* - Raspti
*Deregistered* - Rdbss
*Deregistered* - RDPCDD
*Deregistered* - rdpdr
*Deregistered* - RemoteRegistry
*Deregistered* - RpcSs
*Deregistered* - SamSs
*Deregistered* - SCDEmu
*Deregistered* - Schedule
*Deregistered* - seclogon
*Deregistered* - SENS
*Deregistered* - SharedAccess
*Deregistered* - ShellHWDetection
*Deregistered* - speedfan
*Deregistered* - Spooler
*Deregistered* - sptd
*Deregistered* - sr
*Deregistered* - srservice
*Deregistered* - Srv
*Deregistered* - StarOpen
*Deregistered* - StyleXPHelper
*Deregistered* - StyleXPService
*Deregistered* - swenum
*Deregistered* - Tcpip
*Deregistered* - TermDD
*Deregistered* - TermService
*Deregistered* - Themes
*Deregistered* - TrkWks
*Deregistered* - UMWdf
*Deregistered* - Update
*Deregistered* - VgaSave
*Deregistered* - vncmirror
*Deregistered* - VolSnap
*Deregistered* - W32Time
*Deregistered* - Wanarp
*Deregistered* - WebClient
*Deregistered* - winmgmt
*Deregistered* - wscsvc
*Deregistered* - wuauserv
*Deregistered* - WZCSVC
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{29416362-B89D-7901-4966-2723988C650E}]
C:\WINDOWS:reg32update.exe
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{D05086E9-1E73-F74B-2C30-D7E921166BC7}]
c:\windows\system32\sg32update.exe
.
.
------- Examen supplémentaire -------
.
uInternet Connection Wizard,ShellNext = https://login.live.com/ppsecure/sha1auth.srf?lc=1036
uInternet Settings,ProxyOverride = *.local
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: {307D61FF-BB71-4392-ADA4-34BB6B47A250} = 192.168.1.1
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
FF - ProfilePath - c:\documents and settings\brucejun.BRUCE\Application Data\Mozilla\Firefox\Profiles\s5hr3n3t.default\
FF - prefs.js: browser.startup.homepage - www.google.fr
FF - prefs.js: keyword.URL - hxxp://search.live.com/results.aspx?mkt=fr-FR&FORM=MIMWA5&q=
FF - component: c:\documents and settings\brucejun.BRUCE\Application Data\Mozilla\Firefox\Profiles\s5hr3n3t.default\extensions\{6AC85730-7D0F-4de0-B3FA-21142DD85326}\platform\WINNT\components\ColorZilla.dll
FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npOGAPlugin.dll
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-05-24 21:57
Windows 5.1.2600 Service Pack 2 NTFS
Recherche de processus cachés ...
Recherche d'éléments en démarrage automatique cachés ...
Recherche de fichiers cachés ...
Scan terminé avec succès
Fichiers cachés: 0
**************************************************************************
.
--------------------- DLLs chargées dans les processus actifs ---------------------
- - - - - - - > 'winlogon.exe'(812)
c:\windows\system32\Ati2evxx.dll
- - - - - - - > 'explorer.exe'(552)
c:\windows\system32\ntshrui.dll
c:\windows\system32\NETSHELL.dll
c:\windows\system32\credui.dll
c:\windows\system32\stobject.dll
.
------------------------ Autres processus actifs ------------------------
.
c:\windows\system32\ati2evxx.exe
c:\program files\TGTSoft\StyleXP\StyleXPService.exe
c:\windows\system32\ati2evxx.exe
c:\windows\system32\wdfmgr.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Heure de fin: 2009-05-24 22:01 - La machine a redémarré
ComboFix-quarantined-files.txt 2009-05-24 20:00
Avant-CF: 12 952 092 672 octets libres
Après-CF: 14 813 556 736 octets libres
WindowsXP-KB310994-SP2-Home-BootDisk-FRA.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professionnel" /noexecute=optin /fastdetect /bootlogo
signature(a430a42)disk(0)rdisk(0)partition(1)\WINDOWS=""
275 --- E O F --- 2009-05-14 01:00
merci de m'aider