Olimpo Informatico

[Aihuttunen]

Ho un problema di disconnessione ogni 5 ore ESATTE... in molti mi hanno detto di fare un log con hijackthis, ma questo, così come gmer e avenger, appena aperti si richiudono immediatamente, e mi hanno detto che un problema simile quasi sicuramente dipende da una variante di linkoptimizer... ho lanciato scan con il tool della symantec e di prevx, ma non hanno trovato nulla... ho fatto una scansione con virit, che ha levato qualcosa, ma alla fin fine i problemi dell'impossibilità di aprire hijackthis, avenger e gmer e di disconnessione ogni 5 ore persistono... attendo delucidazioni ed aiuti da chi ne capisce sicuramente più di me... ho visto che errori simili nell'apertura di quei 3 programma si hanno anche in questo topic http://forum.zeusnews.com/viewtopic.php?t=17994 dove è stato risolto, ma i link che consigliano di scaricare lì non sono più disponibili.

Chiedo quindi umilmente aiuto, e ringrazio in anticipo.

[Aihuttunen]

Dopo parecchio lavoro sono riuscito a far andare hijackthis... ecco il log:



Logfile of HijackThis v1.99.1
Scan saved at 8.56.01, on 01/02/2007
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\CTsvcCDA.exe
C:\Programmi\Executive Software\Diskeeper\DkService.exe
C:\Programmi\File comuni\Microsoft Shared\VS7Debug\mdm.exe
C:\Programmi\Eset\nod32krn.exe
C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\Mixer.exe
C:\Programmi\ATI Technologies\HydraVision\HydraDM.exe
c:\windows\system32\dllcache\win32\winlogon.exe
C:\Programmi\Java\jre1.5.0_10\bin\jusched.exe
c:\windows\system32\dllcache\win32\csrss.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\Eset\nod32kui.exe
C:\Programmi\DAEMON Tools\daemon.exe
C:\Programmi\File comuni\Real\Update_OB\realsched.exe
C:\WINDOWS\System32\GSICON.EXE
C:\WINDOWS\System32\dslagent.exe
C:\Programmi\Creative\MediaSource\Detector\CTDetect.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE
C:\PROGRAMMI\VEXPLITE\viritsvc.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\Temp\MegaLab.it\Tools anti-Gromozon\_a_i_g_i_a_c_k_t_h_i_s.exe
C:\WINDOWS\System32\wuauclt.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.google.it/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.unige.it:8080
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
R3 - Default URLSearchHook is missing
F2 - REG:system.ini: UserInit=c:\windows\system32\userinit.exe,"c:\windows\nvidiatop.exe","c:\windows\asuspack.exe","c:\windows\ciscotool.exe",
O1 - Hosts: AmsServer
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O3 - Toolbar: DAP Bar - {62999427-33FC-4baf-9C9C-BCE6BD127F08} - C:\PROGRA~1\DAP\dapiebar.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: PDFCreator Toolbar - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Programmi\PDFCreator Toolbar\v3.0.0.0\PDFCreator_Toolbar.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [HydraVisionDesktopManager] C:\Programmi\ATI Technologies\HydraVision\HydraDM.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmi\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [EPSON Stylus C64 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /P23 "EPSON Stylus C64 Series" /O6 "USB001" /M "Stylus C64"
O4 - HKLM\..\Run: [nod32kui] "C:\Programmi\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Programmi\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [TkBellExe] "C:\Programmi\File comuni\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [DiskeeperSystray] "C:\Programmi\Executive Software\Diskeeper\DkIcon.exe"
O4 - HKLM\..\Run: [Name of App] C:\Programmi\SAMSUNG\FW LiveUpdate\Liveupdate.exe
O4 - HKLM\..\Run: [GSICONEXE] GSICON.EXE
O4 - HKLM\..\Run: [DSLAGENTEXE] dslagent.exe USB
O4 - HKLM\..\RunOnce: [WIAWizardMenu] RUNDLL32.EXE C:\WINDOWS\System32\sti_ci.dll,WiaCreateWizardMenu
O4 - HKCU\..\Run: [Creative Detector] C:\Programmi\Creative\MediaSource\Detector\CTDetect.exe /R
O4 - HKCU\..\Run: [EPSON Stylus C64 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /P23 "EPSON Stylus C64 Series" /M "Stylus C64" /EF "HKCU"
O8 - Extra context menu item: &Download with &DAP - C:\PROGRA~1\DAP\dapextie.htm
O8 - Extra context menu item: Download &all with DAP - C:\PROGRA~1\DAP\dapextie2.htm
O8 - Extra context menu item: Download with NetPumper - C:\Programmi\NetPumper\AddUrl.htm
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_10\bin\npjpi150_10.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_10\bin\npjpi150_10.dll
O9 - Extra button: Run DAP - {669695BC-A811-4A9D-8CDF-BA8C795F261C} - C:\PROGRA~1\DAP\DAP.EXE
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\MSMSGS.EXE
O15 - Trusted Zone: www.linkautomatici.com
O15 - Trusted Zone: www.master69.biz
O15 - Trusted Zone: www.yeak.net
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/default/kavwebscan_unicode.cab
O16 - DPF: {11111111-1111-1111-1111-116501000727} - mhtml:file://C:\NO_SUCH_MHT.MHT!http://64.49.194.96/mariutto2.exe
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {6814A9EF-FBF1-46B2-A46E-56B401079C26} - http://www.dialer-shop.com/cexe/b200999.exe
O16 - DPF: {68253470-5D4F-4CDF-8D9C-353C14A2F013} (SVPorsche Control) - http://www.seemedia.co.kr/products/lu/sm22/185/SVPorsche.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {FCF289D4-0AC8-4ED8-BE31-E8AF09606AB5} (download_35mb_com.applet) - http://www.35mb.com/downloadapplet.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - AppInit_DLLs:
O23 - Service: Adobe LM Service - Unknown owner - C:\Programmi\File comuni\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe
O23 - Service: Diskeeper - Executive Software International, Inc. - C:\Programmi\Executive Software\Diskeeper\DkService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NetVgu - Unknown owner - C:\Programmi\File comuni\Microsoft Shared\ozf.exe (file missing)
O23 - Service: NOD32 Kernel Service (NOD32krn) - Unknown owner - C:\Programmi\Eset\nod32krn.exe
O23 - Service: NTLOAD - Unknown owner - c:\windows\system32\dllcache\win32\winlogon.exe
O23 - Service: NTSVCMGR - Unknown owner - c:\windows\system32\dllcache\win32\winlogon.exe
O23 - Service: Gestione Sistema MultiUtenza (systaccpp) - Unknown owner - C:\WINDOWS\Downlo~1\zuanfe\rkn0uvb.exe (file missing)
O23 - Service: Virit eXplorer Lite (viritsvclite) - TG Soft Sas www.tgsoft.it - C:\PROGRAMMI\VEXPLITE\viritsvc.exe



Attendo delucidazioni grazie

[chemicalbit]

[chemicalbit]

[Aihuttunen]

[chemicalbit]

Hai iniziato a fixare quelli che ti ho detto?

[Aihuttunen]

no aspetto così appena uno mi dice tutti quelli da fixare li fixo tutti insieme

[chemicalbit]

Inizia a fixare quelli.

A volte fixando una cosa, si risolvono anche altri problemi.
O viceversa fixando una cosa, si scoprono altri problemi che prima rimanevano nascoste.

Insomma, perché aspettare?

[Smjert]