[NickM]

Цитата Elemental:

Начата транзакция установщика Windows: http://js.mykings.top:280/helloworld.msi. ИД клиентского процесса: 4924. »

Цитата Elemental:

Кроме того, в планировщике обнаружил задачу под названием Mysa »

Вам прямая дорога в ветку по лечению от вредонсоных программ. Довольно таки известный часто встречаемый в обращениях пользователей, в последнее время, зловред который прячется в WMI.

[Elemental]

Цитата NickM:

Вам прямая дорога в ветку по лечению от вредонсоных программ. Довольно таки известный, в последнее время, зловред который прячется в WMI. »

Эмм... А как он хоть называется? А то по запросу Mysa ничего не находится...

[NickM]

(1), (2), (3) еще на antimalware в ветке по uVS можно почитать

[Elemental]

Вот еще результат диагностики DCDIAG

Цитата:

Domain Controller Diagnosis Performing initial setup: Done gathering initial info. Doing initial required tests Testing server: Default-First-Site-Name\NT2 Starting test: Connectivity The host 41a1cb2a-0788-4e54-82ec-ed935dccc9e2._msdcs.dinamoltd.local co uld not be resolved to an IP address. Check the DNS server, DHCP, server name, etc Although the Guid DNS name (41a1cb2a-0788-4e54-82ec-ed935dccc9e2._msdcs.dinamoltd.local) couldn't be resolved, the server name (NT2.dinamoltd.local) resolved to the IP address (176.60.67.82) and was pingable. Check that the IP address is registered correctly with the DNS server. ......................... NT2 failed test Connectivity Doing primary tests Testing server: Default-First-Site-Name\NT2 Skipping all tests, because server NT2 is not responding to directory service requests Running partition tests on : ForestDnsZones Starting test: CrossRefValidation ......................... ForestDnsZones passed test CrossRefValidation Starting test: CheckSDRefDom ......................... ForestDnsZones passed test CheckSDRefDom Running partition tests on : DomainDnsZones Starting test: CrossRefValidation ......................... DomainDnsZones passed test CrossRefValidation Starting test: CheckSDRefDom ......................... DomainDnsZones passed test CheckSDRefDom Running partition tests on : Schema Starting test: CrossRefValidation ......................... Schema passed test CrossRefValidation Starting test: CheckSDRefDom ......................... Schema passed test CheckSDRefDom Running partition tests on : Configuration Starting test: CrossRefValidation ......................... Configuration passed test CrossRefValidation Starting test: CheckSDRefDom ......................... Configuration passed test CheckSDRefDom Running partition tests on : dinamoltd Starting test: CrossRefValidation ......................... dinamoltd passed test CrossRefValidation Starting test: CheckSDRefDom ......................... dinamoltd passed test CheckSDRefDom Running enterprise tests on : dinamoltd.local Starting test: Intersite ......................... dinamoltd.local passed test Intersite Starting test: FsmoCheck ......................... dinamoltd.local passed test FsmoCheck

Расширенный тест с помощью dcdiag /v /test:dns

Скрытый текст

C:\Documents and Settings\Администратор.PE840>I:\TOOLS\dcdiag /v /test:dns

Domain Controller Diagnosis

Performing initial setup:
* Verifying that the local machine NT2, is a DC.
* Connecting to directory service on server NT2.
* Collecting site info.
* Identifying all servers.
* Identifying all NC cross-refs.
* Found 1 DC(s). Testing 1 of them.
Done gathering initial info.

Doing initial required tests

Testing server: Default-First-Site-Name\NT2
Starting test: Connectivity
* Active Directory LDAP Services Check
The host 41a1cb2a-0788-4e54-82ec-ed935dccc9e2._msdcs.dinamoltd.local co
uld not be resolved to an
IP address. Check the DNS server, DHCP, server name, etc
Although the Guid DNS name
(41a1cb2a-0788-4e54-82ec-ed935dccc9e2._msdcs.dinamoltd.local) couldn't
be resolved, the server name (NT2.dinamoltd.local) resolved to the IP
address (176.60.67.82) and was pingable. Check that the IP address is
registered correctly with the DNS server.
......................... NT2 failed test Connectivity

Doing primary tests

Testing server: Default-First-Site-Name\NT2
Test omitted by user request: Replications
Test omitted by user request: Topology
Test omitted by user request: CutoffServers
Test omitted by user request: NCSecDesc
Test omitted by user request: NetLogons
Test omitted by user request: Advertising
Test omitted by user request: KnowsOfRoleHolders
Test omitted by user request: RidManager
Test omitted by user request: MachineAccount
Test omitted by user request: Services
Test omitted by user request: OutboundSecureChannels
Test omitted by user request: ObjectsReplicated
Test omitted by user request: frssysvol
Test omitted by user request: frsevent
Test omitted by user request: kccevent
Test omitted by user request: systemlog
Test omitted by user request: VerifyReplicas
Test omitted by user request: VerifyReferences
Test omitted by user request: VerifyEnterpriseReferences
Test omitted by user request: CheckSecurityError

DNS Tests are running and not hung. Please wait a few minutes...

Running partition tests on : ForestDnsZones
Test omitted by user request: CrossRefValidation
Test omitted by user request: CheckSDRefDom

Running partition tests on : DomainDnsZones
Test omitted by user request: CrossRefValidation
Test omitted by user request: CheckSDRefDom

Running partition tests on : Schema
Test omitted by user request: CrossRefValidation
Test omitted by user request: CheckSDRefDom

Running partition tests on : Configuration
Test omitted by user request: CrossRefValidation
Test omitted by user request: CheckSDRefDom

Running partition tests on : dinamoltd
Test omitted by user request: CrossRefValidation
Test omitted by user request: CheckSDRefDom

Running enterprise tests on : dinamoltd.local
Test omitted by user request: Intersite
Test omitted by user request: FsmoCheck
Starting test: DNS
Test results for domain controllers:

DC: NT2.dinamoltd.local
Domain: dinamoltd.local


TEST: Authentication (Auth)
Authentication test: Successfully completed

TEST: Basic (Basc)
Error: No LDAP connectivity
Microsoft(R) Windows(R) Server 2003, Enterprise Edition (Serv
ice Pack level: 2.0) is supported
NETLOGON service is running
kdc service is running
DNSCACHE service is running
DNS service is running
DC is a DNS server
Network adapters information:
Adapter [00000008] Broadcom NetXtreme Gigabit Ethernet:
MAC address is 00:10:18:55:96:E6
Warning: IP address is dynamic (can be a misconfiguration)
IP address: 176.60.67.82
DNS servers:
Warning: 134.17.124.1 (<name unavailable>) [Invalid]
Warning: 134.17.124.2 (<name unavailable>) [Invalid]
Error: all DNS servers are invalid
Error: The A record for this DC was not found
[Error details: 9003 (Type: Win32 - Description: DNS-имя не су
ществует.) - dinamoltd.local]
The SOA record for the Active Directory zone was not found
The Active Directory zone on this DC/DNS server was found (pri
mary)
Root zone on this DC/DNS server was not found

TEST: Forwarders/Root hints (Forw)
Recursion is enabled
Forwarders are not configured on this DNS server
Root hint Information:
Name: a.root-servers.net. IP: 198.41.0.4 [Valid]
Name: b.root-servers.net. IP: 128.9.0.107 [Invalid (unreach
able)]
Name: c.root-servers.net. IP: 192.33.4.12 [Valid]
Name: d.root-servers.net. IP: 128.8.10.90 [Invalid (unreach
able)]
Name: d.root-servers.net. IP: 199.7.91.13 [Valid]
Name: e.root-servers.net. IP: 192.203.230.10 [Valid]
Name: f.root-servers.net. IP: 192.5.5.241 [Valid]
Name: g.root-servers.net. IP: 192.112.36.4 [Valid]
Name: h.root-servers.net. IP: 128.63.2.53 [Valid]
Name: h.root-servers.net. IP: 198.97.190.53 [Valid]
Name: i.root-servers.net. IP: 192.36.148.17 [Valid]
Name: j.root-servers.net. IP: 198.41.0.10 [Valid]
Name: k.root-servers.net. IP: 193.0.14.129 [Valid]
Name: l.root-servers.net. IP: 198.32.64.12 [Invalid (unreac
hable)]
Name: l.root-servers.net. IP: 199.7.83.42 [Valid]
Name: m.root-servers.net. IP: 202.12.27.33 [Valid]

TEST: Delegations (Del)
Delegation information for the zone: dinamoltd.local.
Delegated domain name: _msdcs.dinamoltd.local.
DNS server: nt2.dinamoltd.local. IP:10.10.1.2 [Valid]
DNS server: nt2.dinamoltd.local. IP:176.60.67.82 [Valid]


TEST: Dynamic update (Dyn)
Dynamic update is enabled on the zone dinamoltd.local.
Test record _dcdiag_test_record added successfully in zone din
amoltd.local.
Test record _dcdiag_test_record deleted successfully in zone d
inamoltd.local.

TEST: Records registration (RReg)
Error: Record registrations cannot be found for all the network a
dapters

Summary of test results for DNS servers used by the above domain contro
llers:

DNS server: 128.8.10.90 (d.root-servers.net.)
1 test failure on this DNS server
This is not a valid DNS server. PTR record query for the 1.0.0.12
7.in-addr.arpa. failed on the DNS server 128.8.10.90
[Error details: 1460 (Type: Win32 - Description: Возврат из опера
ции произошел из-за превышения времени ожидания.)]

DNS server: 128.9.0.107 (b.root-servers.net.)
1 test failure on this DNS server
This is not a valid DNS server. PTR record query for the 1.0.0.12
7.in-addr.arpa. failed on the DNS server 128.9.0.107
[Error details: 1460 (Type: Win32 - Description: Возврат из опера
ции произошел из-за превышения времени ожидания.)]

DNS server: 134.17.124.1 (<name unavailable>)
1 test failure on this DNS server
This is a valid DNS server
Name resolution is not functional. _ldap._tcp.dinamoltd.local. fa
iled on the DNS server 134.17.124.1
[Error details: 9003 (Type: Win32 - Description: DNS-имя не сущес
твует.)]

DNS server: 134.17.124.2 (<name unavailable>)
1 test failure on this DNS server
This is a valid DNS server
Name resolution is not functional. _ldap._tcp.dinamoltd.local. fa
iled on the DNS server 134.17.124.2
[Error details: 9003 (Type: Win32 - Description: DNS-имя не сущес
твует.)]

DNS server: 198.32.64.12 (l.root-servers.net.)
1 test failure on this DNS server
This is not a valid DNS server. PTR record query for the 1.0.0.12
7.in-addr.arpa. failed on the DNS server 198.32.64.12
[Error details: 1460 (Type: Win32 - Description: Возврат из опера
ции произошел из-за превышения времени ожидания.)]

DNS server: 202.12.27.33 (m.root-servers.net.)
All tests passed on this DNS server
This is a valid DNS server

DNS server: 199.7.91.13 (d.root-servers.net.)
All tests passed on this DNS server
This is a valid DNS server

DNS server: 199.7.83.42 (l.root-servers.net.)
All tests passed on this DNS server
This is a valid DNS server

DNS server: 198.97.190.53 (h.root-servers.net.)
All tests passed on this DNS server
This is a valid DNS server

DNS server: 198.41.0.4 (a.root-servers.net.)
All tests passed on this DNS server
This is a valid DNS server

DNS server: 198.41.0.10 (j.root-servers.net.)
All tests passed on this DNS server
This is a valid DNS server

DNS server: 193.0.14.129 (k.root-servers.net.)
All tests passed on this DNS server
This is a valid DNS server

DNS server: 192.5.5.241 (f.root-servers.net.)
All tests passed on this DNS server
This is a valid DNS server

DNS server: 192.36.148.17 (i.root-servers.net.)
All tests passed on this DNS server
This is a valid DNS server

DNS server: 192.33.4.12 (c.root-servers.net.)
All tests passed on this DNS server
This is a valid DNS server

DNS server: 192.203.230.10 (e.root-servers.net.)
All tests passed on this DNS server
This is a valid DNS server

DNS server: 192.112.36.4 (g.root-servers.net.)
All tests passed on this DNS server
This is a valid DNS server

DNS server: 176.60.67.82 (nt2.dinamoltd.local.)
All tests passed on this DNS server
This is a valid DNS server
Delegation to the domain _msdcs.dinamoltd.local. is operational

DNS server: 128.63.2.53 (h.root-servers.net.)
All tests passed on this DNS server
This is a valid DNS server

DNS server: 10.10.1.2 (nt2.dinamoltd.local.)
All tests passed on this DNS server
This is a valid DNS server
Delegation to the domain _msdcs.dinamoltd.local. is operational

Summary of DNS test results:

Auth Basc Forw Del Dyn RReg Ext
________________________________________________________________
Domain: dinamoltd.local
NT2 PASS FAIL PASS PASS PASS FAIL n/a

......................... dinamoltd.local failed test DNS