الجهاز يفصل فجأة

[al_amera]

:km-0y00001 (143): السـلآمـ عليكمـ و رحمة الله :km-0y00001 (143):
حيـاكمـ الله

***

من غير إطـالة الجهاز يفصل فجأة أثناء التشغيل و هذه التقارير !

قـائمة البرامـج المثبتة


====== معلومات نظام التشغيل ======

X86 WIN_7 7600


====== قائمة البرامج المثبتة ======

µTorrent
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader X (10.1.3) - Arabic
AIMP2
AVG PC Tuneup
CCleaner
Cheat Engine 6.1
EASEUS Partition Master 9.1.0 Home Edition
FIFA 09 Demo
GOM Player
Internet Download Manager
Microsoft Visual C++ 2005 Redistributable - KB2467175
Mozilla Firefox 15.0.1 (x86 ar)
Mozilla Maintenance Service
Need for Speed Underground 2 Demo
Norton Internet Security
Pro Evolution Soccer 2010
Real Alternative 1.9.0
Storm Codec
WinRAR 4.20 (32-بت)
Yahoo! Messenger
Your Uninstaller! 7

تقرير الهـايجـاك

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 06:15:34 م, on 22/09/2012
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v9.00 (9.00.8112.16448)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\Norton Internet Security\Norton Internet Security\Engine\19.1.0.28\ccSvcHst.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Zyzoom_Forum_Tools\zyzoom.exe
C:\Zyzoom_Forum_Tools\zHijak.com

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Norton Internet Security\Engine\19.1.0.28\coIEPlg.dll
O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Norton Internet Security\Engine\19.1.0.28\IPS\IPSBHO.DLL
O2 - BHO: McAfee Social Protection Beta BHO - {b81eac74-1eda-4e15-994e-76c38c1dee91} - mscoree.dll (file missing)
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Norton Internet Security\Engine\19.1.0.28\coIEPlg.dll
O4 - HKLM\..\Run: [StormCodec_Helper] "C:\Program Files\Ringz Studio\Storm Codec\StormSet.exe" /S /opti
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: تحميل الكل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: تحميل بواسطة Internet Download Manager - C:\Program Files\Internet Download Manager\IEExt.htm
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (file missing)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton Internet Security\Engine\19.1.0.28\ccSvcHst.exe

--
End of file - 4258 bytes

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

مشكـورين مُسبقـاً .. :king:

​

 

[al_amera]

====== سجل أخطاء النظام ======

Computer Name: tabark-PC
Event Code: 4101
Message: Display driver igfx stopped responding and has successfully recovered.
Record Number: 993
Source Name: Display
Time Written: 20120806020153.000000-000
Event Type: Warning
User:

Computer Name: tabark-PC
Event Code: 4101
Message: Display driver igfx stopped responding and has successfully recovered.
Record Number: 992
Source Name: Display
Time Written: 20120806020139.000000-000
Event Type: Warning
User:

Computer Name: tabark-PC
Event Code: 4101
Message: Display driver igfx stopped responding and has successfully recovered.
Record Number: 987
Source Name: Display
Time Written: 20120806015757.000000-000
Event Type: Warning
User:

Computer Name: tabark-PC
Event Code: 7023
Message: The Windows Defender service terminated with the following error:
%%-2147024882
Record Number: 437
Source Name: Service Control Manager
Time Written: 20120805181354.541058-000
Event Type: Error
User:

Computer Name: 37L4247D28-05
Event Code: 7026
Message: The following boot-start or system-start driver(s) failed to load:
cdrom
Record Number: 109
Source Name: Service Control Manager
Time Written: 20120805180424.787712-000
Event Type: Error
User:



===== سجل أخطاء البرامج =====

Computer Name: tabark-PC
Event Code: 1530
Message: Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards.

DETAIL -
1 user registry handles leaked from \Registry\User\S-1-5-21-4238801724-792063657-1844701444-1000:
Process 468 (\Device\HarddiskVolume2\Windows\System32\winlogon.exe) has opened key \REGISTRY\USER\S-1-5-21-4238801724-792063657-1844701444-1000

Record Number: 340
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20120805182722.660106-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM

Computer Name: tabark-PC
Event Code: 1015
Message: Detailed HRESULT. Returned hr=0xC004F022, Original hr=0x80049E00
Record Number: 328
Source Name: Microsoft-Windows-Security-SPP
Time Written: 20120805182329.000000-000
Event Type: Warning
User:

Computer Name: tabark-PC
Event Code: 6000
Message: The winlogon notification subscriber <GPClient> was unavailable to handle a notification event.
Record Number: 229
Source Name: Microsoft-Windows-Winlogon
Time Written: 20120805181353.000000-000
Event Type: Warning
User:

Computer Name: tabark-PC
Event Code: 6001
Message: The winlogon notification subscriber <GPClient> failed a notification event.
Record Number: 227
Source Name: Microsoft-Windows-Winlogon
Time Written: 20120805181352.000000-000
Event Type: Warning
User:

Computer Name: tabark-PC
Event Code: 1008
Message: The Windows Search Service is starting up and attempting to remove the old search index {Reason: Full Index Reset}.

Record Number: 191
Source Name: Microsoft-Windows-Search
Time Written: 20120805181154.000000-000
Event Type: Warning
User:



===== السجل الأمني =====

Computer Name: 37L4247D28-05
Event Code: 4735
Message: A security-enabled local group was changed.

Subject:
Security ID: S-1-5-18
Account Name: 37L4247D28-05$
Account Domain: WORKGROUP
Logon ID: 0x3e7

Group:
Security ID: S-1-5-32-551
Group Name: Backup Operators
Group Domain: Builtin

Changed Attributes:
SAM Account Name: -
SID History: -

Additional Information:
Privileges: -
Record Number: 5
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20120805180401.278471-000
Event Type: Audit Success
User:

Computer Name: 37L4247D28-05
Event Code: 4731
Message: A security-enabled local group was created.

Subject:
Security ID: S-1-5-18
Account Name: 37L4247D28-05$
Account Domain: WORKGROUP
Logon ID: 0x3e7

New Group:
Security ID: S-1-5-32-551
Group Name: Backup Operators
Group Domain: Builtin

Attributes:
SAM Account Name: Backup Operators
SID History: -

Additional Information:
Privileges: -
Record Number: 4
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20120805180401.278471-000
Event Type: Audit Success
User:

Computer Name: 37L4247D28-05
Event Code: 4902
Message: The Per-user audit policy table was created.

Number of Elements: 0
Policy ID: 0x2312e
Record Number: 3
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20120805180401.106871-000
Event Type: Audit Success
User:

Computer Name: 37L4247D28-05
Event Code: 4624
Message: An account was successfully logged on.

Subject:
Security ID: S-1-0-0
Account Name: -
Account Domain: -
Logon ID: 0x0

Logon Type: 0

New Logon:
Security ID: S-1-5-18
Account Name: SYSTEM
Account Domain: NT AUTHORITY
Logon ID: 0x3e7
Logon GUID: {00000000-0000-0000-0000-000000000000}

Process Information:
Process ID: 0x4
Process Name:

Network Information:
Workstation Name: -
Source Network Address: -
Source Port: -

Detailed Authentication Information:
Logon Process: -
Authentication Package: -
Transited Services: -
Package Name (NTLM only): -
Key Length: 0

This event is generated when a logon session is created. It is generated on the computer that was accessed.

The subject fields indicate the account on the local system which requested the logon. This is most commonly a service such as the Server service, or a local process such as Winlogon.exe or Services.exe.

The logon type field indicates the kind of logon that occurred. The most common types are 2 (interactive) and 3 (network).

The New Logon fields indicate the account for whom the new logon was created, i.e. the account that was logged on.

The network fields indicate where a remote logon request originated. Workstation name is not always available and may be left blank in some cases.

The authentication information fields provide detailed information about this specific logon request.
- Logon GUID is a unique identifier that can be used to correlate this event with a KDC event.
- Transited services indicate which intermediate services have participated in this logon request.
- Package name indicates which sub-protocol was used among the NTLM protocols.
- Key length indicates the length of the generated session key. This will be 0 if no session key was requested.
Record Number: 2
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20120805180359.812069-000
Event Type: Audit Success
User:

Computer Name: 37L4247D28-05
Event Code: 4608
Message: Windows is starting up.

This event is logged when LSASS.EXE starts and the auditing subsystem is initialized.
Record Number: 1
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20120805180359.749668-000
Event Type: Audit Success
User:



===== تقرير انهيار البرامج =====

==================================================
Process File : mbamgui.exe
Event Name : Stopped working
Event Time : 21/09/2012 05:47:39 م
User Name : tabark
Exception Code : 0x40000015
Exception Offset : 0x00038bb5
Fault Module Name : mbamgui.exe
Fault Module Version: 1.65.0.0
Process Path : C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
Report File Size : 6,974
Report File Path : C:\Users\tabark\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppCrash_mbamgui.exe_4fb05ca466b82b4df28554df06ceb1bcf534f7_0624d789\Report.wer
==================================================

==================================================
Process File : firefox.exe
Event Name : Stopped responding and was closed
Event Time : 21/09/2012 10:55:52 م
User Name : tabark
Exception Code :
Exception Offset :
Fault Module Name :
Fault Module Version:
Process Path : C:\Program Files\Mozilla Firefox\firefox.exe
Report File Size : 24,074
Report File Path : C:\Users\tabark\AppData\Local\Microsoft\Windows\WER\ReportArchive\AppHang_firefox.exe_dd84601c1fde8286324b639f67e34b4c13e48fd_0dd7f836\Report.wer
==================================================




===== تقرير الشاشة الزرقاء =====
​

 

[الخفـوق]

وعلـيكم السلام والرحمه


اختي متى صارت المشكله وعند تشغيل اي برنامج ؟


حملي الاداه من الموضوع التالي //

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

واعملي تقرير نقاط بدء التشغـيل


واحفظيه بملف مضغوط وارفعيه على مركز تحميل



​

 

[الخفـوق]

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

​

الملف المضاف بمشاركة خبير الصيانة​

​

وبالماوس دبل كلك على الملف ... بعدها راح يفتح لك واجهة الاداة​

​

اعمل كما بالشرح ...

​

​

​

​

​

​

​

ثم ​

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

[/URL]​

 

[كفاح الجريح]

k: + 5
بالاضافة لذلك نزلي برنامج فحص حرارة الجهاز وارفعي صورة

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي