ciao a tutti gestisco una piccola lan e ho come server antivirus il sophos!!! da una settimana a questa parte alcuni pc hanno dei problemi!!! uno di questi è che a volte si spegne da solo , un altro problemi con office , non fa fare più copia e incolla, e man mano sempre più pc stanno prendendo questo problema!!! ho fatto tremila scansioni con bitdeffender online, sophos, HijackThis, etc, ma non rileva nulla!!! ora vi allego il file di log che ho fatto su un pc windows 2000, per cortesia dattegli un occhiata
e poi fattemi sapere se notate qualcosa di strano:
Logfile of HijackThis v1.99.1
Scan saved at 12.10.46, on 04/04/2007
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v5.51 SP2 (5.51.4807.2300)
Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\Programmi\Sophos\Sophos Anti-Virus\SavService.exe
C:\WINNT\system32\spoolsv.exe
C:\WINNT\SYSTEM32\DWRCS.EXE
C:\WINNT\System32\svchost.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\r_server.exe
C:\Programmi\Sophos\Sophos Anti-Virus\SAVAdminService.exe
C:\WINNT\system32\MSTask.exe
C:\Programmi\Sophos\Remote Management System\ManagementAgentNT.exe
C:\Programmi\Sophos\AutoUpdate\ALsvc.exe
C:\Programmi\Sophos\Remote Management System\RouterNT.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\System32\mspmspsv.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\Explorer.EXE
C:\WINNT\SYSTEM32\DWRCST.exe
C:\WINNT\system32\RunDll32.exe
C:\WINNT\System32\sistray.EXE
C:\WINNT\System32\khooker.exe
C:\WINNT\system32\internat.exe
C:\Programmi\Sophos\AutoUpdate\ALMon.exe
C:\Documents and Settings\Administrator\Desktop\HijackThis.exe
C:\Programmi\Internet Explorer\IEXPLORE.EXE
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [SiS Tray] C:\WINNT\System32\sistray.EXE
O4 - HKLM\..\Run: [SiS KHooker] C:\WINNT\System32\khooker.exe
O4 - HKCU\..\Run: [internat.exe] internat.exe
O4 - Global Startup: AutoUpdate Monitor.lnk = C:\Programmi\Sophos\AutoUpdate\ALMon.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programmi\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/reso...an8/oscan8.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.4.1_07) - http://srv-promil/metro/download/j2r...ows-i586-i.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://srv-promil/metro/download/swflash.cab
O17 - HKLM\System\CS2\Services\Tcpip\..\{2C5576DC-D971-45C5-9CA7-D325563E7E41}: NameServer = 10.22.252.240,10.22.246.240
O20 - Winlogon Notify: nwprovau - C:\WINNT\SYSTEM32\nwprovau.dll
O23 - Service: Servizio amministrativo di Gestione disco logico (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: DameWare Mini Remote Control (DWMRCS) - DameWare Development LLC - C:\WINNT\SYSTEM32\DWRCS.EXE
O23 - Service: OracleClientCache80 - Unknown owner - C:\orant\BIN\ONRSD80.EXE
O23 - Service: Remote Administrator Service (r_server) - Unknown owner - C:\WINNT\system32\r_server.exe" /service (file missing)
O23 - Service: Crea report sullo stato di Sophos Anti-Virus (SAVAdminService) - Sophos Plc - C:\Programmi\Sophos\Sophos Anti-Virus\SAVAdminService.exe
O23 - Service: Sophos Anti-Virus (SAVService) - Sophos Plc - C:\Programmi\Sophos\Sophos Anti-Virus\SavService.exe
O23 - Service: Sophos Agent - Unknown owner - C:\Programmi\Sophos\Remote Management System\ManagementAgentNT.exe" -service -name Agent (file missing)
O23 - Service: Sophos AutoUpdate Service - Sophos Plc - C:\Programmi\Sophos\AutoUpdate\ALsvc.exe
O23 - Service: Sophos Message Router - Unknown owner - C:\Programmi\Sophos\Remote Management System\RouterNT.exe" -service -name Router -ORBListenEndpoints iiop://:8193/ssl_port=8194 (file missing)
grazie in anticipo a tutti
Rispondi quotando
