عابرسبيل
زيزوومي جديد
غير متصل
الجهاز الخاص بالعمل يقوم بإعادة نفسه بين فترة واخرى ..
وكنت اتوقع انه بسبب حرارة الجهاز لكن لم تكن الحرارة هي السبب ..
الجهاز مركب عليه برنامج سكادا .. والبرنامج اتوقع الاشكاليه تقع فيه ..
أحببت ان تشاركوني الرأي .. قبل اتخاذ القرار الاخير وإرساله للشركه لإعادة تثبيت البرنامج ..
تقرير الهاك
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 8:29:00 PM, on 28-May-11
Platform: Windows 2000 SP2 (WinNT 5.00.2195)
MSIE: Internet Explorer v5.00 SP2 (5.00.2920.0000)
Boot mode: Normal
Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\WINNT\System32\svchost.exe
C:\Program Files\Schneider Automation\Monitor Pro\FactoryLink\BIN\usdlicenseserver.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\XWAYDRV\XIPCONNECT.EXE
C:\XWAYDRV\xipdrv.exe
C:\WINNT\Explorer.EXE
C:\WINNT\System32\hkcmd.exe
C:\WINNT\System32\internat.exe
C:\MSSQL7\Binn\sqlmangr.exe
C:\PROGRA~1\SCHNEI~1\MONITO~1\FACTOR~1\bin\Runmgr.exe
C:\PROGRA~1\SCHNEI~1\MONITO~1\FACTOR~1\bin\rtmon.EXE
C:\PROGRA~1\SCHNEI~1\MONITO~1\FACTOR~1\bin\edi.EXE
C:\PROGRA~1\SCHNEI~1\MONITO~1\FACTOR~1\bin\alarmsrv.EXE
C:\PROGRA~1\SCHNEI~1\MONITO~1\FACTOR~1\bin\opc_server.EXE
C:\PROGRA~1\SCHNEI~1\MONITO~1\FACTOR~1\bin\odbchist.EXE
C:\PROGRA~1\SCHNEI~1\MONITO~1\FACTOR~1\bin\tecom.EXE
C:\PROGRA~1\SCHNEI~1\MONITO~1\FACTOR~1\bin\al_doi.EXE
C:\PROGRA~1\SCHNEI~1\MONITO~1\FACTOR~1\bin\fltimer.EXE
C:\PROGRA~1\SCHNEI~1\MONITO~1\FACTOR~1\bin\scale.EXE
C:\PROGRA~1\SCHNEI~1\MONITO~1\FACTOR~1\bin\al_log.EXE
C:\PROGRA~1\SCHNEI~1\MONITO~1\FACTOR~1\bin\dplogger.EXE
C:\PROGRA~1\SCHNEI~1\MONITO~1\FACTOR~1\bin\iml.EXE
C:\PROGRA~1\SCHNEI~1\MONITO~1\FACTOR~1\bin\dblog.EXE
C:\Program Files\Schneider Automation\Monitor Pro\Client Builder\Program\Client Builder.exe
C:\PROGRA~1\SCHNEI~1\MONITO~1\FACTOR~1\bin\Runmgr.exe
C:\WINNT\System32\taskmgr.exe
C:\Zyzoom_Forum_Tools\zyzoom.exe
C:\Zyzoom_Forum_Tools\zHijak.com
O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [IgfxTray] C:\WINNT\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINNT\System32\hkcmd.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINNT\System32\spool\drivers\w32x86\3\hpztsb04.exe
O4 - HKCU\..\Run: [internat.exe] internat.exe
O4 - HKUS\S-1-5-21-1645522239-839522115-725345543-1002\..\RunOnce: [^SetupICWDesktop] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1.exe /desktop (User 'SVC_FLAutostart')
O4 - HKUS\.DEFAULT\..\RunOnce: [^SetupICWDesktop] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1.exe /desktop (User 'Default user')
O4 - .DEFAULT Startup: mp7start.lnk = C:\mp7start.bat (User 'Default user')
O4 - Startup: mp7start.lnk = C:\mp7start.bat
O4 - Global Startup: EPSON Status Monitor 3 Environment Check.lnk = C:\WINNT\system32\spool\drivers\w32x86\3\E_SRCV03.EXE
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Service Manager.lnk = C:\MSSQL7\Binn\sqlmangr.exe
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINNT\System32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINNT\System32\browseui.dll
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: FactoryLink Autostart Service - Unknown owner - C:\Program Files\Schneider Automation\Monitor Pro\FactoryLink\BIN\FLAutoStart.exe
O23 - Service: FactoryLink License Manager - USDATA Corporation - C:\Program Files\Schneider Automation\Monitor Pro\FactoryLink\BIN\usdlicenseserver.exe
O23 - Service: Xway TCP/IP (XipConnect) - Schneider Automation - C:\XWAYDRV\XIPCONNECT.EXE
--
End of file - 4014 bytes
...................................................................................................
تقرير رن سكنر
....................................................................................................
قائمه البرامج المثبته
====== ??????? ???? ??????? ======
X86 WIN_2000 2195 Service Pack 2
====== ????? ??????? ??????? ======
BuddyTalk 1.0
CCleaner
Creative Modem Blaster V.90 DI5663
Dell ResourceCD
EPSON Printer Software
HP DeskJet 1220C Printer
hp deskjet 845c series (Remove only)
HP LaserJet 1200 Uninstaller
Intel(R) PRO Ethernet Adapter and Software
Microsoft Office 2000 Premium
Microsoft SQL Server 7.0
Norton PartitionMagic
Norton PartitionMagic 8.0
OFSconf V 2.0.824 IE26
OPC Factory Server Version 2.0D (build 841) Server Station
PC-Linq
PL7 Pro V4.3
Remote Desktop Connection
Remote Desktop Web Connection
Schneider Automation Monitor Pro 7 Service Pack 1
Schneider Automation Monitor Pro 7.0
Schneider Automation Monitor Pro Add-Ons
Schneider Automation Monitor Pro Device Interfaces
SoundMAX
UNITELWAY WDM Driver
WebFldrs
WinZip
XIP Driver
XWAY Driver Manager
لعلي ما نسيت شي ,,,
وكنت اتوقع انه بسبب حرارة الجهاز لكن لم تكن الحرارة هي السبب ..
الجهاز مركب عليه برنامج سكادا .. والبرنامج اتوقع الاشكاليه تقع فيه ..
أحببت ان تشاركوني الرأي .. قبل اتخاذ القرار الاخير وإرساله للشركه لإعادة تثبيت البرنامج ..
تقرير الهاك
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 8:29:00 PM, on 28-May-11
Platform: Windows 2000 SP2 (WinNT 5.00.2195)
MSIE: Internet Explorer v5.00 SP2 (5.00.2920.0000)
Boot mode: Normal
Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\WINNT\System32\svchost.exe
C:\Program Files\Schneider Automation\Monitor Pro\FactoryLink\BIN\usdlicenseserver.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\XWAYDRV\XIPCONNECT.EXE
C:\XWAYDRV\xipdrv.exe
C:\WINNT\Explorer.EXE
C:\WINNT\System32\hkcmd.exe
C:\WINNT\System32\internat.exe
C:\MSSQL7\Binn\sqlmangr.exe
C:\PROGRA~1\SCHNEI~1\MONITO~1\FACTOR~1\bin\Runmgr.exe
C:\PROGRA~1\SCHNEI~1\MONITO~1\FACTOR~1\bin\rtmon.EXE
C:\PROGRA~1\SCHNEI~1\MONITO~1\FACTOR~1\bin\edi.EXE
C:\PROGRA~1\SCHNEI~1\MONITO~1\FACTOR~1\bin\alarmsrv.EXE
C:\PROGRA~1\SCHNEI~1\MONITO~1\FACTOR~1\bin\opc_server.EXE
C:\PROGRA~1\SCHNEI~1\MONITO~1\FACTOR~1\bin\odbchist.EXE
C:\PROGRA~1\SCHNEI~1\MONITO~1\FACTOR~1\bin\tecom.EXE
C:\PROGRA~1\SCHNEI~1\MONITO~1\FACTOR~1\bin\al_doi.EXE
C:\PROGRA~1\SCHNEI~1\MONITO~1\FACTOR~1\bin\fltimer.EXE
C:\PROGRA~1\SCHNEI~1\MONITO~1\FACTOR~1\bin\scale.EXE
C:\PROGRA~1\SCHNEI~1\MONITO~1\FACTOR~1\bin\al_log.EXE
C:\PROGRA~1\SCHNEI~1\MONITO~1\FACTOR~1\bin\dplogger.EXE
C:\PROGRA~1\SCHNEI~1\MONITO~1\FACTOR~1\bin\iml.EXE
C:\PROGRA~1\SCHNEI~1\MONITO~1\FACTOR~1\bin\dblog.EXE
C:\Program Files\Schneider Automation\Monitor Pro\Client Builder\Program\Client Builder.exe
C:\PROGRA~1\SCHNEI~1\MONITO~1\FACTOR~1\bin\Runmgr.exe
C:\WINNT\System32\taskmgr.exe
C:\Zyzoom_Forum_Tools\zyzoom.exe
C:\Zyzoom_Forum_Tools\zHijak.com
O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [IgfxTray] C:\WINNT\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINNT\System32\hkcmd.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINNT\System32\spool\drivers\w32x86\3\hpztsb04.exe
O4 - HKCU\..\Run: [internat.exe] internat.exe
O4 - HKUS\S-1-5-21-1645522239-839522115-725345543-1002\..\RunOnce: [^SetupICWDesktop] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1.exe /desktop (User 'SVC_FLAutostart')
O4 - HKUS\.DEFAULT\..\RunOnce: [^SetupICWDesktop] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1.exe /desktop (User 'Default user')
O4 - .DEFAULT Startup: mp7start.lnk = C:\mp7start.bat (User 'Default user')
O4 - Startup: mp7start.lnk = C:\mp7start.bat
O4 - Global Startup: EPSON Status Monitor 3 Environment Check.lnk = C:\WINNT\system32\spool\drivers\w32x86\3\E_SRCV03.EXE
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Service Manager.lnk = C:\MSSQL7\Binn\sqlmangr.exe
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINNT\System32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINNT\System32\browseui.dll
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: FactoryLink Autostart Service - Unknown owner - C:\Program Files\Schneider Automation\Monitor Pro\FactoryLink\BIN\FLAutoStart.exe
O23 - Service: FactoryLink License Manager - USDATA Corporation - C:\Program Files\Schneider Automation\Monitor Pro\FactoryLink\BIN\usdlicenseserver.exe
O23 - Service: Xway TCP/IP (XipConnect) - Schneider Automation - C:\XWAYDRV\XIPCONNECT.EXE
--
End of file - 4014 bytes
...................................................................................................
تقرير رن سكنر
يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي
....................................................................................................
قائمه البرامج المثبته
====== ??????? ???? ??????? ======
X86 WIN_2000 2195 Service Pack 2
====== ????? ??????? ??????? ======
BuddyTalk 1.0
CCleaner
Creative Modem Blaster V.90 DI5663
Dell ResourceCD
EPSON Printer Software
HP DeskJet 1220C Printer
hp deskjet 845c series (Remove only)
HP LaserJet 1200 Uninstaller
Intel(R) PRO Ethernet Adapter and Software
Microsoft Office 2000 Premium
Microsoft SQL Server 7.0
Norton PartitionMagic
Norton PartitionMagic 8.0
OFSconf V 2.0.824 IE26
OPC Factory Server Version 2.0D (build 841) Server Station
PC-Linq
PL7 Pro V4.3
Remote Desktop Connection
Remote Desktop Web Connection
Schneider Automation Monitor Pro 7 Service Pack 1
Schneider Automation Monitor Pro 7.0
Schneider Automation Monitor Pro Add-Ons
Schneider Automation Monitor Pro Device Interfaces
SoundMAX
UNITELWAY WDM Driver
WebFldrs
WinZip
XIP Driver
XWAY Driver Manager
لعلي ما نسيت شي ,,,
