windows\system\service.exe errore

dreammark

windows\system\service.exe errore

Ho questo problema, dopo che lavoro un po, mi appare questa videata e un count-down di 60 secondi.

c:windows\system\service.exe
programma terminato con errore non previsto stato 0

Cortesemente mi potete aiutare.
GRAZIE 1000
Marco

Logfile of HijackThis v1.99.1
Scan saved at 21.40.20, on 30/10/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16850)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Programmi\Hp\HP Software Update\HPWuSchd2.exe
C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
C:\Programmi\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\Programmi\HPQ\Quick Launch Buttons\EabServr.exe
C:\WINDOWS\system32\rundll32.exe
C:\Programmi\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Programmi\Java\jre6\bin\jusched.exe
C:\Programmi\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\Spybot - Search & Destroy\TeaTimer.exe
C:\Programmi\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Programmi\Vidalia Bundle\Vidalia\vidalia.exe
C:\Programmi\Apache Group\Apache2\bin\Apache.exe
C:\Programmi\Messenger\msmsgs.exe
C:\Programmi\Windows Live\Messenger\msnmsgr.exe
C:\Programmi\WIDCOMM\Software Bluetooth\bin\btwdins.exe
C:\Programmi\Cisco Systems\VPN Client\cvpnd.exe
C:\Programmi\Java\jre6\bin\jqs.exe
C:\Programmi\Apache Group\Apache2\bin\Apache.exe
C:\Programmi\File comuni\LightScribe\LSSrvc.exe
C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Programmi\MySQL\MySQL Server 4.1\bin\mysqld-nt.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\iPod\bin\iPodService.exe
C:\Programmi\HPQ\SHARED\HPQWMI.exe
C:\Programmi\Windows Live\Contacts\wlcomm.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Programmi\Maxthon\Maxthon.exe
C:\Program Files\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = xxxxxyyyyylibero.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = xxxxxgo.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = xxxxxgo.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = xxxxxgo.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = xxxxxgo.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 213.246.236.74:8080
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Guida per l'accesso a Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Programmi\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {af69de43-7d58-4638-b6fa-ce66b5ad205d} - C:\Programmi\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - C:\Programmi\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Programmi\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - C:\Programmi\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programmi\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [ATIPTA] "C:\Programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Programmi\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Programmi\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
O4 - HKLM\..\Run: [eabconfg.cpl] C:\Programmi\HPQ\Quick Launch Buttons\EabServr.exe /Start
O4 - HKLM\..\Run: [Cpqset] C:\Programmi\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [BIH] C:\WINDOWS\system32\rundll32.exe bih.dll,InitGauge
O4 - HKLM\..\Run: [USB2Check] RUNDLL32.EXE "C:\WINDOWS\system32\PCLECoInst.dll",CheckUSBController
O4 - HKLM\..\Run: [avgnt] "C:\Programmi\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmi\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [iTunesHelper] C:\Programmi\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Programmi\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Vidalia] "C:\Programmi\Vidalia Bundle\Vidalia\vidalia.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Programmi\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [msnmsgr] "C:\Programmi\Windows Live\Messenger\msnmsgr.exe" /background
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Invia a &Bluetooth - C:\Programmi\WIDCOMM\Software Bluetooth\btsendto_ie_ctx.htm
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Programmi\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Programmi\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O11 - Options group: [java_sun] Java (Sun)
O14 - IERESET.INF: START_PAGE_URL=xxxxxyyyyyhp.com
O16 - DPF: {0084C3C2-4B0E-11D1-8064-0060977B0E09} (Attachmate Edit3270 Class) - xxxxxappl.seda.it/hostview/AXClient/at3270.CAB
O16 - DPF: {0DF0058D-5B88-11D1-B7C7-0006296A7CDE} (AtmCommandBar Class) - xxxxxappl.seda.it/hostview/AXClient/atcommon.CAB
O16 - DPF: {1356B571-7919-11CF-A2DA-08005A48F0E4} (Attachmate Configuration Object - TN3270) - xxxxxappl.seda.it/hostview/AXClient/TN327.CAB
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - xxxxxgo.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {23BFA621-48D9-11D2-B3D4-000629ED42AF} (Attachmate Custom Code Page Installer) - xxxxxappl.seda.it/hostview/axclient/aucpdnld.cab
O16 - DPF: {2D168880-539F-4967-BA11-F7C2862B9E1D} (CPlayFirstDiaperDashControl Object) - xxxxxyyyyyshockwave.com/content/diaperdash/sis/DiaperDashWeb.1.0.0.4.cab
O16 - DPF: {3DC1AC46-CA1A-11CF-BECD-08005A9B94B7} (Attachmate Screen3270 Object) - xxxxxappl.seda.it/hostview/AXClient/as3270.CAB
O16 - DPF: {3E5C2E12-57B6-11D1-8956-0006291171A1} (Attachmate Browser Frame Class) - xxxxxappl.seda.it/hostview/AXClient/ataction.CAB
O16 - DPF: {5DA9D8E0-5A57-11CF-9E36-00C0930198C0} (Pegasus ImagN' 32-bit (Windowed) ActiveX Control v4.00) - xxxxx212.109.149.253/LNetCam.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - xxxxxupdate.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1139435806828
O16 - DPF: {7D731A83-6C80-4EA4-9646-5E06A0513274} (Sandlot Loader Control) - xxxxxyyyyyshockwave.com/content/snailmail/sis/slgwebinstall.cab
O16 - DPF: {7F37B328-86F5-11CF-B401-08005AC024EB} (Attachmate Session Object) - xxxxxappl.seda.it/hostview/AXClient/ascommon.CAB
O16 - DPF: {7F8B2500-3B5D-474C-B828-C766ECE3AB3C} (ATLmosquito1 Class) - xxxxxvoceviva-vip.tiscali.it/netphone/ocx/mosquito.cab
O16 - DPF: {C79D3167-6133-4E7C-821C-5C114611022D} (CamImage Class) - xxxxxyyyyyscform.unifi.it/webcam/pro/CameraControl.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - xxxxxfpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - xxxxxyyyyyshockwave.com/content/zuma/sis/popcaploader_v10.cab
O16 - DPF: {E13F1132-4CA0-4005-84D3-51406E27D269} (BTDownloadCtrl Control) - xxxxxyyyyyshockwave.com/content/thinktanks/sis/BTDownloadCtrl.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{54ACE526-163A-4D42-8468-2A37A3C23EE0}: NameServer = 10.0.0.2
O17 - HKLM\System\CCS\Services\Tcpip\..\{A90488C5-CDD6-4D3E-8485-90DF57114D98}: NameServer = 10.0.0.2
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FILECO~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: dimsntfy - %SystemRoot%\System32\dimsntfy.dll (file missing)
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Acunetix WVS Scheduler (AcuWVSScheduler) - Unknown owner - C:\Programmi\Acunetix\Web Vulnerability Scanner 4\WVSScheduler.exe (file missing)
O23 - Service: Acunetix WVS Scheduler v5 (AcuWVSSchedulerv5) - Unknown owner - C:\Programmi\Acunetix\Web Vulnerability Scanner 5\WVSScheduler.exe (file missing)
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Programmi\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Programmi\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apache2 - Unknown owner - C:\Programmi\Apache Group\Apache2\bin\Apache.exe" -k runservice (file missing)
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Servizio trasferimento intelligente in background (BITS) - Unknown owner - %fystemRoot%\system32\svchost.exe (file missing)
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Programmi\WIDCOMM\Software Bluetooth\bin\btwdins.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Programmi\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: Servizio di Google Update (gupdate1c9ce92c6f5c574) (gupdate1c9ce92c6f5c574) - Unknown owner - C:\Programmi\Google\Update\GoogleUpdate.exe" /svc (file missing)
O23 - Service: Google Software Updater (gusvc) - Google - C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Programmi\HPQ\SHARED\HPQWMI.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Servizio iPod (iPodService) - Apple Computer, Inc. - C:\Programmi\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (javaquickstarterservice) - Unknown owner - C:\Programmi\Java\jre6\bin\jqs.exe" -service -config "C:\Programmi\Java\jre6\lib\deploy\jqs\jqs.conf (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Programmi\File comuni\LightScribe\LSSrvc.exe
O23 - Service: MySQL - Unknown owner - C:\Programmi\MySQL\MySQL.exe (file missing)
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
O23 - Service: Remote Administrator Service (r_server) - Unknown owner - C:\WINDOWS\system32\r_server.exe" /service (file missing)
O23 - Service: ServiceLayer - Nokia. - C:\Programmi\File comuni\PCSuite\Services\ServiceLayer.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Unknown owner - C:\Programmi\File comuni\Ulead Systems\DVD\ULCDRSvr.exe (file missing)
O23 - Service: Aggiornamenti automatici (wuauserv) - Unknown owner - %fystemroot%\system32\svchost.exe (file missing)
 

dreammark

Scusate per questo doppio post, ma vorrei chiarire meglio la problematica.
Se accendo il pc portatile con il wireless attivo, dopo che mi appare il desktop, si blocca con la clessidra.
Se accendo il pc poratile senza wirless attivo (disattivato da bottone), funziona tutto, poi dopo un po che lavoro mi appare l'errore indicato ne post precedente.
Potete cortesemente verificare. GRAZIE

wolf.otakar

Ciao dreammark,

@dreammark said:

...... mi appare questa videata e un count-down di 60 secondi.

come questa?

dreammark

La finestra è molto simile ma la dicitura è diversa.
Non sono riuscito a fare il copia schermo della dicitura e appena si ripresenta (non so quando) lo faccio .
All'interno della finestra c'è indicato windows\system32\service.exe.

wolf.otakar

Ciao dreammark,

installa questa patch e scansiona con questo tools.

Per impedire l'arresto di XP, procedi così:

start --> esegui --> command --> dalla finestra DOS --> digita shutdown.exe ?a --> premi invio!