Punto informatico Network
Login Esegui login | Non sei registrato? Iscriviti ora (è gratuito!)
Username: Password:
  • Annuncio Pubblicitario

Problemino con Win2003 Server

Un virus si è intromesso nel tuo computer? Vuoi navigare in tutta sicurezza? Sono sicure le transazione online? Come impedire a malintenzionati di intromettersi nel tuo pc? Come proteggere i tuoi dati? Qui trovi le risposte a queste ed altre domande

Rispondi al messaggio

Problemino con Win2003 Server

Messaggioda paxy » lun feb 26, 2007 11:21 am

[acc2]
Salve a tutti voi, sono nuovo del forum, ho un piccolo problema su un server di dominio, compare in continuazione il messaggio di errore da parte di IE dicendo Impossibile connettersi al indirizzo "http:///".
Non riesco a capire dove è l'inghippo o se è un virus, Vi prego aiutatemi con qualche consiglio.
Scusate se ho sbagliato sezione per inserire la domanda.[/b]
Avatar utente
paxy
Neo Iscritto
Neo Iscritto
 
Messaggi: 5
Iscritto il: lun feb 26, 2007 10:59 am
Top

Messaggioda crazy.cat » lun feb 26, 2007 11:27 am

L'errore compare quando navighi e non riesci a connetterti a niente?

Prova a postare un log della scansione di hijackthis
http://www.MegaLab.it/2286
Quando i molti governano, pensano solo a contentar sé stessi, si ha allora la tirannia più balorda e più odiosa: la tirannia mascherata da libertà.
Avatar utente
crazy.cat
MLI Hero
MLI Hero
 
Messaggi: 30959
Iscritto il: lun gen 12, 2004 1:38 pm
Località: Mestre
Top

Messaggioda paxy » lun feb 26, 2007 11:40 am

crazy.cat ha scritto:L'errore compare quando navighi e non riesci a connetterti a niente?

Prova a postare un log della scansione di hijackthis
http://www.MegaLab.it/2286


Grazie per avermi risposto intanto, l'errore compare in continuazione, anche se non navigo, e posso connettermi sempre, è come se ci fosse un qualcosa che tenta di stabilire una connessione e non vi riesce, per quanto riguarda il log hijackthis il prog lo devo far girare in modalità provvissoria oppure no?
Avatar utente
paxy
Neo Iscritto
Neo Iscritto
 
Messaggi: 5
Iscritto il: lun feb 26, 2007 10:59 am
Top
Top

Messaggioda crazy.cat » lun feb 26, 2007 11:44 am

Dalla modalità normale fai la scansione con hijackthis
Quando i molti governano, pensano solo a contentar sé stessi, si ha allora la tirannia più balorda e più odiosa: la tirannia mascherata da libertà.
Avatar utente
crazy.cat
MLI Hero
MLI Hero
 
Messaggi: 30959
Iscritto il: lun gen 12, 2004 1:38 pm
Località: Mestre
Top

Messaggioda paxy » lun feb 26, 2007 11:58 am

Questo è il log risultato dalla scansione:
Logfile of HijackThis v1.99.1
Scan saved at 10.54.53, on 26/02/2007
Platform: Windows 2003 SP1 (WinNT 5.02.3790)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)

Running processes:
C:\Documents and Settings\Administrator\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\Windows Defender\MsMpEng.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\File comuni\Symantec Shared\ccSetMgr.exe
C:\Programmi\File comuni\Symantec Shared\ccEvtMgr.exe
C:\Programmi\File comuni\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\msdtc.exe
C:\PROGRA~1\APC\POWERC~1\agent\pbeagent.exe
C:\PROGRA~1\APC\POWERC~1\server\PBESER~1.EXE
C:\WINDOWS\system32\cisvc.exe
C:\Programmi\SAV\Symantec AntiVirus\DefWatch.exe
C:\WINDOWS\system32\Dfssvc.exe
C:\WINDOWS\System32\dns.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\Symantec\NORTON~1\GHOSTS~2.EXE
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\WINDOWS\system32\CBA\pds.exe
C:\WINDOWS\System32\ismserv.exe
C:\Programmi\File comuni\Microsoft Shared\VS7Debug\mdm.exe
C:\PROGRA~1\Symantec\SYMANT~1\NSCTOP.EXE
C:\WINDOWS\system32\ntfrs.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\File comuni\Symantec Shared\Reporting Agents\Win32\ReporterSvc.exe
C:\Programmi\SAV\Symantec AntiVirus\Rtvscan.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\wins.exe
C:\WINDOWS\system32\tcpsvcs.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\alg.exe
c:\windows\system32\inetsrv\w3wp.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\Explorer.EXE
C:\Programmi\Symantec\Norton Ghost 2003\GhostStartTrayApp.exe
C:\Programmi\File comuni\Symantec Shared\ccApp.exe
C:\PROGRA~1\SAV\SYMANT~1\VPTray.exe
C:\Programmi\Windows Defender\MSASCui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\WinZip\WZQKPICK.EXE
C:\Programmi\Internet Explorer\IEXPLORE.EXE
C:\Programmi\Internet Explorer\iexplore.exe
C:\Documents and Settings\Administrator\Desktop\Nuova cartella\analizyer.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 192.168.100.254:8080
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O4 - HKLM\..\Run: [GhostStartTrayApp] C:\Programmi\Symantec\Norton Ghost 2003\GhostStartTrayApp.exe
O4 - HKLM\..\Run: [ccApp] "C:\Programmi\File comuni\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SAV\SYMANT~1\VPTray.exe
O4 - HKLM\..\Run: [Windows Defender] "C:\Programmi\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [KIT3] C:\WINDOWS\system32\spool\hpprintspool.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Super Utilities] C:\Programmi\SuperLogix\Super Utilities\SuperUtil.exe /min
O4 - Global Startup: Avvio veloce di Adobe Reader.lnk = C:\Programmi\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programmi\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Programmi\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Shorten URL - http://www.cjb.net/menuext.html
O10 - Broken Internet access because of LSP provider 'c:\documents and settings\administrator\windows\system32\mswsock.dll' missing
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resourc ... oscan8.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = ipsiagubbio.local
O17 - HKLM\Software\..\Telephony: DomainName = ipsiagubbio.local
O17 - HKLM\System\CCS\Services\Tcpip\..\{186CAAF5-5058-40AB-8E54-DC4C50D7E208}: NameServer = 192.168.100.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{5473BA5D-C9EF-40DE-A2DF-6D19EE017A9B}: NameServer = 212.216.112.112,212.216.172.62
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = ipsiagubbio.local
O17 - HKLM\System\CS1\Services\Tcpip\..\{186CAAF5-5058-40AB-8E54-DC4C50D7E208}: NameServer = 192.168.100.1
O20 - Winlogon Notify: dimsntfy - dimsntfy.dll (file missing)
O20 - Winlogon Notify: NavLogon - C:\WINDOWS\system32\NavLogon.dll
O23 - Service: Servizio di verifica compatibilità applicazioni (AeLookupSvc) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Servizio Gateway di livello applicazione (ALG) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\System32\alg.exe (file missing)
O23 - Service: APC PBE Agent (APCPBEAgent) - APC - C:\PROGRA~1\APC\POWERC~1\agent\pbeagent.exe
O23 - Service: APC PBE Server (APCPBEServer) - APC - C:\PROGRA~1\APC\POWERC~1\server\PBESER~1.EXE
O23 - Service: Gestione applicazione (AppMgmt) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Servizio stato di ASP.NET (aspnet_state) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe (file missing)
O23 - Service: Audio Windows (AudioSrv) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: Servizio trasferimento intelligente in background (BITS) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Browser di computer (Browser) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\ccSetMgr.exe
O23 - Service: Servizio di indicizzazione (CiSvc) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\system32\cisvc.exe (file missing)
O23 - Service: Servizi di crittografia (CryptSvc) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Utilità di avvio processi server DCOM (DcomLaunch) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Programmi\SAV\Symantec AntiVirus\DefWatch.exe
O23 - Service: File system distribuito (Dfs) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\system32\Dfssvc.exe (file missing)
O23 - Service: Client DHCP (Dhcp) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Server DHCP (DHCPServer) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\system32\tcpsvcs.exe (file missing)
O23 - Service: Servizio amministrativo di Gestione disco logico (dmadmin) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\System32\dmadmin.exe (file missing)
O23 - Service: Gestione dischi logici (dmserver) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: Server DNS (DNS) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\System32\dns.exe (file missing)
O23 - Service: Client DNS (Dnscache) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Servizio di segnalazione errori (ERSvc) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: Registro eventi (Eventlog) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\system32\services.exe (file missing)
O23 - Service: GhostStartService - Symantec Corporation - C:\PROGRA~1\Symantec\NORTON~1\GHOSTS~2.EXE
O23 - Service: Guida in linea e supporto tecnico (helpsvc) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: Intel PDS - LANDesk Software Ltd. - C:\WINDOWS\system32\CBA\pds.exe
O23 - Service: Messaggistica tra siti (IsmServ) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\System32\ismserv.exe (file missing)
O23 - Service: Centro distribuzione chiave Kerberos (kdc) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: Server (lanmanserver) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Workstation (lanmanworkstation) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Helper NetBIOS di TCP/IP (LmHosts) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Accesso rete (Netlogon) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Connessioni di rete (Netman) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: NLA (Network Location Awareness) (Nla) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Symantec System Center Discovery Service (NSCTOP) - Symantec Corporation - C:\PROGRA~1\Symantec\SYMANT~1\NSCTOP.EXE
O23 - Service: Replica file (NtFrs) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\system32\ntfrs.exe (file missing)
O23 - Service: Provider supporto protezione LM NT (NtLmSsp) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Archivi rimovibili (NtmsSvc) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Plug and Play (PlugPlay) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\system32\services.exe (file missing)
O23 - Service: Servizi IPSEC (PolicyAgent) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Archiviazione protetta (ProtectedStorage) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Auto Connection Manager di Accesso remoto (RasAuto) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Connection Manager di Accesso remoto (RasMan) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Routing e Accesso remoto (RemoteAccess) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Registro di sistema remoto (RemoteRegistry) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Reporting Agents (Reporting) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\Reporting Agents\Win32\ReporterSvc.exe
O23 - Service: RPC Locator (RpcLocator) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\system32\locator.exe (file missing)
O23 - Service: RPC (Remote Procedure Call) (RpcSs) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Provider Gruppo di criteri risultante (RSoPProv) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\system32\RSoPProv.exe (file missing)
O23 - Service: Helper console di amministrazione speciale (sacsvr) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: Gestione account di protezione (SAM) (SamSs) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Smart card (SCardSvr) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\System32\SCardSvr.exe (file missing)
O23 - Service: Utilità di pianificazione (Schedule) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: Accesso secondario (seclogon) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: Notifica eventi di sistema (SENS) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Rilevamento hardware shell (ShellHWDetection) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Spooler di stampa (Spooler) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\system32\spoolsv.exe (file missing)
O23 - Service: Microsoft Software Shadow Copy Provider (swprv) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Programmi\SAV\Symantec AntiVirus\Rtvscan.exe
O23 - Service: Avvisi e registri di prestazioni (SysmonLog) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\system32\smlogsvc.exe (file missing)
O23 - Service: Telefonia (TapiSrv) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: Servizi terminal (TermService) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: Manutenzione collegamenti distribuiti client (TrkWks) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Upload Manager (uploadmgr) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: Servizio dischi virtuali (vds) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\System32\vds.exe (file missing)
O23 - Service: Copia shadow del volume (VSS) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\System32\vssvc.exe (file missing)
O23 - Service: Ora di Windows (W32Time) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Servizio Pubblicazione sul Web (W3SVC) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: Servizio rilevamento automatico proxy WinHTTP (WinHttpAutoProxySvc) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Strumentazione gestione Windows (winmgmt) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: WINS (Windows Internet Name Service) (WINS) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\System32\wins.exe (file missing)
O23 - Service: Servizio Numero di serie per dispositivi multimediali portatili (WmdmPmSN) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: Estensioni driver di Strumentazione gestione Windows (Wmi) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: Aggiornamenti automatici (wuauserv) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Configurazione senza fili (WZCSVC) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: Servizio Provisioning di rete (xmlprov) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\System32\svchost.exe (file missing)
Avatar utente
paxy
Neo Iscritto
Neo Iscritto
 
Messaggi: 5
Iscritto il: lun feb 26, 2007 10:59 am
Top

Messaggioda crazy.cat » lun feb 26, 2007 12:04 pm

Come è stato installato quel pc?

Ci sono riferimenti per quasi tutti i file di windows in cartelle sbagliate
C:\Documents and Settings\Administrator\WINDOWS\system32\svchost.exe

Adesso leggo il resto del log perché ci sono dei nomi strani in ogni caso.
Quando i molti governano, pensano solo a contentar sé stessi, si ha allora la tirannia più balorda e più odiosa: la tirannia mascherata da libertà.
Avatar utente
crazy.cat
MLI Hero
MLI Hero
 
Messaggi: 30959
Iscritto il: lun gen 12, 2004 1:38 pm
Località: Mestre
Top

Messaggioda crazy.cat » lun feb 26, 2007 12:18 pm

Leggi qui come usare Lspfix
http://www.MegaLab.it/2406
per ripulire questa riga
O10 - Broken Internet access because of LSP provider 'c:\documents and settings\administrator\windows\system32\mswsock.dll' missing

C'è anche questo file in posizione molto strana.
C:\Documents and Settings\Administrator\WINDOWS\System32\smss.exe

E poi c'è questa marea di servizi fasulli (o windows 2003 li crea in questo modo?)
Se vuoi eliminarli devi usare questo sistema
http://www.MegaLab.it/2578

O23 - Service: Servizio di verifica compatibilità applicazioni (AeLookupSvc) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Servizio Gateway di livello applicazione (ALG) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Gestione applicazione (AppMgmt) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Servizio stato di ASP.NET (aspnet_state) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe (file missing)
O23 - Service: Audio Windows (AudioSrv) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: Servizio trasferimento intelligente in background (BITS) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Browser di computer (Browser) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\ccSetMgr.exe
O23 - Service: Servizio di indicizzazione (CiSvc) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\system32\cisvc.exe (file missing)
O23 - Service: Servizi di crittografia (CryptSvc) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Utilità di avvio processi server DCOM (DcomLaunch) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Programmi\SAV\Symantec AntiVirus\DefWatch.exe
O23 - Service: File system distribuito (Dfs) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\system32\Dfssvc.exe (file missing)
O23 - Service: Client DHCP (Dhcp) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Server DHCP (DHCPServer) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\system32\tcpsvcs.exe (file missing)
O23 - Service: Servizio amministrativo di Gestione disco logico (dmadmin) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\System32\dmadmin.exe (file missing)
O23 - Service: Gestione dischi logici (dmserver) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: Server DNS (DNS) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\System32\dns.exe (file missing)
O23 - Service: Client DNS (Dnscache) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Servizio di segnalazione errori (ERSvc) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: Registro eventi (Eventlog) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\system32\services.exe (file missing)
O23 - Service: Guida in linea e supporto tecnico (helpsvc) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: Messaggistica tra siti (IsmServ) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\System32\ismserv.exe (file missing)
O23 - Service: Centro distribuzione chiave Kerberos (kdc) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: Server (lanmanserver) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Workstation (lanmanworkstation) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Helper NetBIOS di TCP/IP (LmHosts) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Accesso rete (Netlogon) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Connessioni di rete (Netman) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: NLA (Network Location Awareness) (Nla) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Replica file (NtFrs) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\system32\ntfrs.exe (file missing)
O23 - Service: Provider supporto protezione LM NT (NtLmSsp) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Archivi rimovibili (NtmsSvc) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Plug and Play (PlugPlay) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\system32\services.exe (file missing)
O23 - Service: Servizi IPSEC (PolicyAgent) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Archiviazione protetta (ProtectedStorage) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Auto Connection Manager di Accesso remoto (RasAuto) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Connection Manager di Accesso remoto (RasMan) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Routing e Accesso remoto (RemoteAccess) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Registro di sistema remoto (RemoteRegistry) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: RPC Locator (RpcLocator) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\system32\locator.exe (file missing)
O23 - Service: RPC (Remote Procedure Call) (RpcSs) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Provider Gruppo di criteri risultante (RSoPProv) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\system32\RSoPProv.exe (file missing)
O23 - Service: Helper console di amministrazione speciale (sacsvr) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: Gestione account di protezione (SAM) (SamSs) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Smart card (SCardSvr) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\System32\SCardSvr.exe (file missing)
O23 - Service: Utilità di pianificazione (Schedule) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: Accesso secondario (seclogon) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: Notifica eventi di sistema (SENS) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Rilevamento hardware shell (ShellHWDetection) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Spooler di stampa (Spooler) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\system32\spoolsv.exe (file missing)
O23 - Service: Microsoft Software Shadow Copy Provider (swprv) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: Avvisi e registri di prestazioni (SysmonLog) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\system32\smlogsvc.exe (file missing)
O23 - Service: Telefonia (TapiSrv) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: Servizi terminal (TermService) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: Manutenzione collegamenti distribuiti client (TrkWks) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Upload Manager (uploadmgr) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: Servizio dischi virtuali (vds) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\System32\vds.exe (file missing)
O23 - Service: Copia shadow del volume (VSS) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\System32\vssvc.exe (file missing)
O23 - Service: Ora di Windows (W32Time) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Servizio Pubblicazione sul Web (W3SVC) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: Servizio rilevamento automatico proxy WinHTTP (WinHttpAutoProxySvc) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Strumentazione gestione Windows (winmgmt) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: WINS (Windows Internet Name Service) (WINS) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\System32\wins.exe (file missing)
O23 - Service: Servizio Numero di serie per dispositivi multimediali portatili (WmdmPmSN) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: Estensioni driver di Strumentazione gestione Windows (Wmi) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: Aggiornamenti automatici (wuauserv) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Configurazione senza fili (WZCSVC) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: Servizio Provisioning di rete (xmlprov) - Unknown owner - C:\Documents and Settings\Administrator\WINDOWS\System32\svchost.exe (file missing)
Quando i molti governano, pensano solo a contentar sé stessi, si ha allora la tirannia più balorda e più odiosa: la tirannia mascherata da libertà.
Avatar utente
crazy.cat
MLI Hero
MLI Hero
 
Messaggi: 30959
Iscritto il: lun gen 12, 2004 1:38 pm
Località: Mestre
Top

Messaggioda paxy » mar mar 06, 2007 12:35 pm

Dopo lungo penare siamo riusciti a risolvere il problema ricorrendo alla utility Trojan Remover v.6.5.7
Ora però, nonostante nella macchina funzionino "egregiamente" i suoi servizi di server di dominio, all'avvio non visualizza il desktop, unico metodo per visionare la macchina è con il task maneger, quale può essere la causa? cosa mi consigli di fare?
Ciao
Avatar utente
paxy
Neo Iscritto
Neo Iscritto
 
Messaggi: 5
Iscritto il: lun feb 26, 2007 10:59 am
Top
Rispondi al messaggio

Torna a Sicurezza

Chi c’è in linea

Visitano il forum: Nessuno e 4 ospiti

Powered by phpBB © 2002, 2005, 2007, 2008 phpBB Group
Traduzione Italiana phpBB.it

megalab.it: testata telematica quotidiana registrata al Tribunale di Cosenza n. 22/09 del 13.08.2009, editore Master New Media S.r.l.; © Copyright 2008 Master New Media S.r.l. a socio unico - P.I. 02947530784. GRUPPO EDIZIONI MASTER Spa Tutti i diritti sono riservati. Per la pubblicità: Master Advertising