مشكله / عند تشغيل اى فيلم يقوم الجهاز بعمل ريستارت فجأه

[love_my_days]

مشكلتى هى اننى كلما قمت بتشغيل اى فيلم على اى من برامج الميديا يقوم الجهاز بعمل ريستارت فجأه
ولا اعرف ما العمل
ارجوكم افيدونى افادكم الله

 

[dяăģôŋ]

عطل برامج الحمايه
حمل هذه الاداة واحفظها على سطح المكتب

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

عند تشغيلها بتظهر لك رسالة ,, اضغط على >> Yes
بعدها بتظهر لك رساله ثانيه ,, اضغط على >> Yes
انتظر حتى الاداة تنتهي من فحص جهازك ,,, وبشكل تلقائي يعاد تشغيل جهازك ,,
وبعد اعادة التشغيل ,, سوف تبدأ الاداة بالفحص مرره ثانيه
انتظر حتى يظهر لك تقرير ,, انسخه والصقه بردك القادم
--------------------------------------------
( 2 )
واعمل تقرير للهايجاك

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

اذا انتهى التحميل ==> شغل البرنامج ==> واضغط على Do a system scan and save log
لحظات ويظهر لك تقرير ,, انسخه والصقه بردك القادم​

 

[love_my_days]

اكثر الله من امثالك يا اخى
جارى التحميل والتقرير بالرد القادم

 

[love_my_days]

ComboFix 08-09-20.05 - sasa 09/22/2008 23:54:06.1 - FAT32x86
Microsoft Windows XP Professional 5.1.2600.2.1256.1.1033.18.285 [GMT 7:00]
Running from: C:\Documents and Settings\sasa\Desktop\ComboFix.exe
* Created a new restore point
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
((((((((((((((((((((((((( Files Created from 2008-08-22 to 2008-09-22 )))))))))))))))))))))))))))))))
.
No new files created in this timespan
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-09-22 16:56 32 --sha-w C:\WINDOWS\system32\drivers\fidbox2.idx
2008-09-22 16:56 32 --sha-w C:\WINDOWS\system32\drivers\fidbox2.dat
2008-09-22 16:56 32 --sha-w C:\WINDOWS\system32\drivers\fidbox.idx
2008-09-22 16:56 32 --sha-w C:\WINDOWS\system32\drivers\fidbox.dat
2008-09-22 16:56 --------- d-----w C:\Program Files\microsoft frontpage
2008-09-22 12:20 --------- d-----w C:\Program Files\Common Files\xing shared
2008-09-22 12:19 --------- d-----w C:\Program Files\Real
2008-09-22 12:19 --------- d-----w C:\Program Files\Common Files\Real
2008-09-22 12:14 --------- d-----w C:\Documents and Settings\sasa\Application Data\COWON
2008-09-22 12:13 --------- d-----w C:\Program Files\JetAudio
2008-09-22 12:13 --------- d-----w C:\Program Files\Common Files\COWON
2008-09-22 12:03 --------- d-----w C:\Program Files\K-Lite Codec Pack
2008-09-22 12:02 --------- d-----w C:\Documents and Settings\sasa\Application Data\Media Player Classic
2008-09-20 07:05 --------- d-----w C:\Program Files\MSXML 6.0
2008-09-20 07:02 --------- d-----w C:\Program Files\MSXML 4.0
2008-09-19 18:29 96,976 ----a-w C:\WINDOWS\system32\drivers\klin.dat
2008-09-19 18:29 87,855 ----a-w C:\WINDOWS\system32\drivers\klick.dat
2008-09-19 18:29 112,144 ----a-w C:\WINDOWS\system32\drivers\kl1.sys
2008-09-19 18:14 --------- d-----w C:\Program Files\sisagp
2008-09-19 18:13 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-09-19 18:13 --------- d-----w C:\Program Files\SiS VGA Utilities V3.67f
2008-09-19 18:12 --------- d-----w C:\Program Files\Common Files\InstallShield
2008-09-19 18:06 82,898 ----a-w C:\WINDOWS\uninstall.exe
2008-09-19 18:05 --------- d-----w C:\Program Files\GRETECH
2008-09-19 18:05 --------- d-----w C:\Documents and Settings\sasa\Application Data\GRETECH
2008-09-19 18:05 --------- d-----w C:\Documents and Settings\All Users\Application Data\GRETECH
2008-09-19 18:04 --------- d-----w C:\Program Files\Winamp
2008-09-19 18:04 --------- d-----w C:\Program Files\codeXpack
2008-09-19 18:04 --------- d-----w C:\Documents and Settings\sasa\Application Data\Winamp
2008-09-19 18:00 --------- d-----w C:\Program Files\Kaspersky Lab
2008-09-19 18:00 --------- d-----w C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2008-09-19 17:39 --------- d-----w C:\Program Files\LClock
2008-09-19 17:38 --------- d-----w C:\Program Files\Windows Media Connect 2
2008-09-19 17:38 --------- d-----w C:\Program Files\Unlocker
2008-09-19 17:38 --------- d-----w C:\Program Files\Microsoft PowerToys
2008-09-19 17:38 --------- d-----w C:\Program Files\HashTab Shell Extension
2008-07-18 15:10 94,920 ----a-w C:\WINDOWS\system32\cdm.dll
2008-07-18 15:10 53,448 ----a-w C:\WINDOWS\system32\wuauclt.exe
2008-07-18 15:10 45,768 ----a-w C:\WINDOWS\system32\wups2.dll
2008-07-18 15:10 36,552 ----a-w C:\WINDOWS\system32\wups.dll
2008-07-18 15:09 563,912 ----a-w C:\WINDOWS\system32\wuapi.dll
2008-07-18 15:09 325,832 ----a-w C:\WINDOWS\system32\wucltui.dll
2008-07-18 15:09 205,000 ----a-w C:\WINDOWS\system32\wuweb.dll
2008-07-18 15:09 1,811,656 ----a-w C:\WINDOWS\system32\wuaueng.dll
2008-07-07 20:06 253,952 ----a-w C:\WINDOWS\system32\es.dll
2008-07-07 20:06 253,952 ------w C:\WINDOWS\system32\dllcache\es.dll
2008-06-24 16:28 74,240 ----a-w C:\WINDOWS\system32\mscms.dll
2008-06-24 16:28 74,240 ------w C:\WINDOWS\system32\dllcache\mscms.dll
2008-06-24 11:12 295,936 ----a-w C:\WINDOWS\system32\wmpeffects.dll
2008-06-24 03:57 3,592,192 ------w C:\WINDOWS\system32\dllcache\mshtml.dll
2008-06-23 09:20 70,656 ------w C:\WINDOWS\system32\dllcache\ie4uinit.exe
2008-06-23 09:20 625,664 ------w C:\WINDOWS\system32\dllcache\iexplore.exe
2008-06-23 09:20 13,824 ------w C:\WINDOWS\system32\dllcache\ieudinit.exe
.
------- Sigcheck -------
11/23/2006 01:53 PM 1225728 e43ab183eb2c25f6d55b4918100b04f8 C:\WINDOWS\explorer.exe
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [08/04/2004 12:56 AM 15360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"UnlockerAssistant"="C:\Program Files\Unlocker\UnlockerAssistant.exe" [09/07/2006 01:19 PM 15872]
"LClock"="C:\Program Files\LClock\LClock.exe" [09/19/2004 12:27 PM 65536]
"Vistadrv"="C:\WINDOWS\system32\vsdrv.exe" [07/30/2006 03:37 AM 121089]
"WinampAgent"="C:\Program Files\Winamp\winampa.exe" [04/02/2008 01:49 AM 36352]
"AVP"="C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe" [06/28/2007 12:51 PM 218376]
"SoundMan"="SOUNDMAN.EXE" [06/21/2006 03:42 AM 577536 C:\WINDOWS\SOUNDMAN.EXE]
"SiSPower"="SiSPower.dll" [06/09/2005 11:01 AM 49152 C:\WINDOWS\system32\SiSPower.dll]
"Resume copy"="copyfstq.exe" [06/10/2003 09:35 PM 57344 C:\WINDOWS\copyfstq.exe]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [08/04/2004 12:56 AM 15360]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Utility Tray.lnk - C:\WINDOWS\system32\sistray.exe [2008-09-20 266240]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoSMConfigurePrograms"= 1 (0x1)
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoSMConfigurePrograms"= 1 (0x1)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.divxa32"= msaud32_divx.acm
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
R3 klim5;Kaspersky Anti-Virus NDIS Filter;C:\WINDOWS\system32\DRIVERS\klim5.sys [04/04/2007 02:58 PM 24344]
R3 SISNICXP;SiS PCI Fast Ethernet Adapter Driver for NDIS51;C:\WINDOWS\system32\DRIVERS\sisnicxp.sys [02/14/2006 02:02 PM 32768]
S3 FXDRV;FXDRV;H:\Fxdrv.sys [ ]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
WudfServiceGroup REG_SZ hex(7):57,00,55,00,44,00,46,00,53,00,76,00,63,00,00,00,00,00
.
- - - - ORPHANS REMOVED - - - -
HKU-Default-RunOnce-nltide3 - rundll32 advpack.dll
HKU-Default-RunOnce-nltide2 - rundll32 advpack.dll

.
------- Supplementary Scan -------
.
R0 -: HKCU-Main,Start Page = hxxp://www.google.com.eg/
.
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

Rootkit scan 2008-09-22 23:57:02
Windows 5.1.2600 Service Pack 2 FAT NTAPI
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\WudfPf]
"ImagePath"="hex(2):73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,44,00,52,00,49,00,56,00,45,00,52,00,53,00,5c,00,57,00,75,00,64,00,66,00,50,00,66,00,2e,00,73,00,79,00,73,00,00,00"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\WudfRd]
"ImagePath"="hex(2):73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,44,00,52,00,49,00,56,00,45,00,52,00,53,00,5c,00,77,00,75,00,64,00,66,00,72,00,64,00,2e,00,73,00,79,00,73,00,00,00"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\WudfSvc]
"ImagePath"="hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,74,00,25,00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,73,00,76,00,63,00,68,00,6f,00,73,00,74,00,2e,00,65,00,78,00,65,00,20,00,2d,00,6b,00,20,00,57,00,75,00,64,00,66,00,53,00,65,00,72,00,76,00,69,00,63,00,65,00,47,00,72,00,6f,00,75,00,70,00,00,00"
"ServiceDll"="hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,74,00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,57,00,55,00,44,00,46,00,53,00,76,00,63,00,2e,00,64,00,6c,00,6c,00,00,00"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\WudfPf]
"ImagePath"="hex(2):73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,44,00,52,00,49,00,56,00,45,00,52,00,53,00,5c,00,57,00,75,00,64,00,66,00,50,00,66,00,2e,00,73,00,79,00,73,00,00,00"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\WudfRd]
"ImagePath"="hex(2):73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,44,00,52,00,49,00,56,00,45,00,52,00,53,00,5c,00,77,00,75,00,64,00,66,00,72,00,64,00,2e,00,73,00,79,00,73,00,00,00"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\WudfSvc]
"ImagePath"="hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,74,00,25,00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,73,00,76,00,63,00,68,00,6f,00,73,00,74,00,2e,00,65,00,78,00,65,00,20,00,2d,00,6b,00,20,00,57,00,75,00,64,00,66,00,53,00,65,00,72,00,76,00,69,00,63,00,65,00,47,00,72,00,6f,00,75,00,70,00,00,00"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\WudfSvc]
"ImagePath"="hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,74,00,25,00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,73,00,76,00,63,00,68,00,6f,00,73,00,74,00,2e,00,65,00,78,00,65,00,20,00,2d,00,6b,00,20,00,57,00,75,00,64,00,66,00,53,00,65,00,72,00,76,00,69,00,63,00,65,00,47,00,72,00,6f,00,75,00,70,00,00,00"
"ServiceDll"="hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,74,00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,57,00,55,00,44,00,46,00,53,00,76,00,63,00,2e,00,64,00,6c,00,6c,00,00,00"
.
Completion time: 09/22/2008 23:58:45 - machine was rebooted
ComboFix-quarantined-files.txt 2008-09-22 16:58:40
Pre-Run: 3,737,493,504 bytes free
Post-Run: 3,763,081,216 bytes free
147 --- E O F --- 2008-09-22 11:14:32

 

[love_my_days]

Logfile of HijackThis v1.99.1
Scan saved at 12:01:05 ص, on 23/09/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\LClock\LClock.exe
C:\Program Files\Winamp\winampa.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\sistray.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Documents and Settings\sasa\Desktop\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [SiSPower] Rundll32.exe SiSPower.dll,ModeAgent
O4 - HKLM\..\Run: [UnlockerAssistant] C:\Program Files\Unlocker\UnlockerAssistant.exe -H
O4 - HKLM\..\Run: [LClock] C:\Program Files\LClock\LClock.exe
O4 - HKLM\..\Run: [Vistadrv] C:\WINDOWS\system32\vsdrv.exe
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [Resume copy] copyfstq.exe /startup
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Utility Tray.lnk = C:\WINDOWS\system32\sistray.exe
O9 - Extra button: Web Anti-Virus statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\SCIEPlgn.dll
O11 - Options group: [INTERNATIONAL] International*
O20 - Winlogon Notify: klogon - C:\WINDOWS\system32\klogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\wpdshserviceobj.dll
O23 - Service: Kaspersky Internet Security 7.0 (AVP) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe" -r (file missing)
O23 - Service: Windows Driver Foundation - User-mode Driver Framework (WudfSvc) - Unknown owner - hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,74,00,25,00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,73,00,76,00,63,00,68,00,6f,00,73,00,74,00,2e,00,65,00,78,00,65,00,20,00,2d,00,6b,00,20,00,57,00,75,00,64,00,66,00,53,00,65,00,72,00,76,00,69,00,63,00,65,00,47,00,72,00,6f,00,75,00,70,00,00,00 (file missing)

 

[dяăģôŋ]

تقريرك مافيه اصابات كثيره
اذا مامشئ الحال بعد الحذف والتنظيف

جرب افلام غير الى بجهازك اذا اشتغلت من غير مشاكل
معناه افلامك شبه معطوبه
............................................................................................................
طبق الشرح التالى على جهازك

......................................................................................................................

حدد التالى

O11 - Options group: [INTERNATIONAL] International*

O23 - Service: Windows Driver Foundation - User-mode Driver Framework (WudfSvc) - Unknown owner - hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,5 2,00,6f,00,6f,00,74,00,25,00,5c,00,73,00,79,00,73, 00,74,00,65,00,6d,00,33,00,32,00,5c,00,73,00,76,00 ,63,00,68,00,6f,00,73,00,74,00,2e,00,65,00,78,00,6 5,00,20,00,2d,00,6b,00,20,00,57,00,75,00,64,00,66, 00,53,00,65,00,72,00,76,00,69,00,63,00,65,00,47,00 ,72,00,6f,00,75,00,70,00,00,00 (file missing)


طريقة الحذف

ثم نزل هذه الاداة واتبع الشرح التالي

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

التوافق : ويندوز اكسبي فقط



شرح الاستخدام ,,,,,,
عند تشغيل ملف الاداة تظهر لك هذه الشاشه ,, انتظر ( وتابع مع الصور )

وعند ظهور هذه الشاشه ,, اضغط على Close ليتم اعادة تشغيل جهازك (( لتكملة عملية التنظيف ))

وتقرير اخر​

 

[Demo-dashDemo-dash is verified member.]

المعذره بتعديل العنوان لينم عن محتواه وذلك على حسب قوانين المنتدى
بالتوفيق
​