Jump to content


Photo

sound and video problems


  • This topic is locked This topic is locked
29 replies to this topic

#16 ranchhand

ranchhand

    Moderator

  • Moderators
  • 1,480 posts
  • LocationMidwest

Posted 20 May 2013 - 03:19 AM

Bizarrely, Vlan player and media player classic play dvds fine.

 

That tells me that WMP has wimped out on you, just like it does with thousands of other users. Chances are it is the codecs that it uses. You can research this until you die of old age and never find out why it does what it is doing. I use Media Player Classic all the time and made it the default for my unit and never looked back.

As far as Youtube...make sure you have the latest version of Flash and Java.

Go HERE and download Speccy (free); run it (it does not install, just click and it launches). Give it a few seconds to scan your system, then click on File >Save Snapshot, and add it as an attachment to your next post.


  • dashwood95 likes this

Fishing Fanatic - gimme a fishing rod, point me North and turn me loose.


#17 Angoid

Angoid

    Administeriosis Extremus

  • Administrators
  • 1,595 posts
  • LocationEast Midlands, UK

Posted 20 May 2013 - 10:09 AM

It's been ages since I last used Everest, but I think there should be a button to allow you to save the details into a text file?  If so, use that to create a text file and then copy and paste the contents into your next reply.  Please copy and pate rather than attaching any log file created.  We will see anything we need and disregard anything that's irrelevant.

 

If still no joy, then you could try Piriform's Speccy and posting the results from that instead (although I think Everest is more thorough).

 

Edit: Usual problem - thread had rolled over to Page 2 and I didn't spot it - sorry Ranchhand as I've not really added any value to what you said


If you don't know what eschatology is then don't worry; it's not the end of the world.
Please do not send uninvited PMs requesting support; post into the appropriate forum instead and we'll all learn. See our Private messaging policy.


#18 Patti

Patti

    Moderator

  • Moderators
  • 160 posts
  • LocationOntario, Canada

Posted 20 May 2013 - 12:46 PM

Open Everest, click on the Computer icon in the right pane, then click on Summary. In the toolbar menu, click on Report>Quick Report - Summary  and choose Plain Text. Copy/paste to here what is in the Summary section of the text file.



#19 dave567

dave567

    Member

  • Members
  • Pip
  • 25 posts

Posted 20 May 2013 - 08:07 PM

Operating System
Microsoft Windows XP Professional 32-bit SP3
CPU
AMD Athlon XP
Thoroughbred 0.13um Technology
RAM
2.00GB DDR @ 133MHz (2-3-3-6)
Motherboard
MICRO-STAR INTERNATIONAL CO., LTD MS-6738 (Socket A) 48 °C
Graphics
AL1716 (1024x768@60Hz)
32MB S3 Graphics ProSavageDDR (MSI)
Hard Drives
54GB Seagate ST360012A (ATA) 46 °C
Optical Drives
MAT****A CD-RW CW-8572
Audio
Realtek AC'97 Audio for VIA Audio Controller

#20 rob

rob

    Member

  • Silver Star Member
  • Pip
  • 438 posts
  • LocationTampa

Posted 20 May 2013 - 10:14 PM

I think you just have a older system that either you pump $$$ into for little gain, or you start saving $$$ for better system.

  The 32MB video memory is like 10 years ago.  As I said earlier, you could try Start>Run>MSCONFIG> Enter, go to start up tab and uncheck most of the auto-running programs.  You can Google for start up programs to disable or to see what some do.  I would not pump $$$ Into it if it were me.  Maybe some friend has a better Video card lying around?  Or Ram that you could increase. 

   I also think a AMD Athlon XP chip is pretty old.  Sorry.  Go ahead and wait for others' advice, esp AMD people!!

Good Luck, dave567!!



#21 Patti

Patti

    Moderator

  • Moderators
  • 160 posts
  • LocationOntario, Canada

Posted 21 May 2013 - 10:34 AM

 Maybe some friend has a better Video card lying around?  Or Ram that you could increase. 

 

 

According to motherboard specs, system is already running with max RAM.  The onboard sound and video are a drain on system resources, but not much can be done about that save for buying older sound and video cards, and according to the manual, the AGP 4x/2x slot is optional, so that particular system may or may not have one, and I don't know how difficult (or worth it)  it might be to find and purchase a PCI graphics card.

 

Other than the recommendations already made (unchecking some/most auto-running programs, updating Flash and Java, etc.) and hoping for the best, there really isn't anything more that I can think of at this time to add to them.


  • rob likes this

#22 rob

rob

    Member

  • Silver Star Member
  • Pip
  • 438 posts
  • LocationTampa

Posted 21 May 2013 - 12:09 PM

Good Post, Patti!!



#23 dave567

dave567

    Member

  • Members
  • Pip
  • 25 posts

Posted 21 May 2013 - 07:47 PM

hi rob and patti

well i know its old but the previous owner said youtube etc worked fine and it now has 4 times more ram!

can you let me know which services can safely be disabled in msconfig to see if that helps?

also another problem im having is my web browser seems to refuse  to go to certain sites and my wonmdows firewall seems to keep disabling itself!help!



#24 dashwood95

dashwood95

    Administrator

  • Administrators
  • 1,153 posts
  • LocationChitown Suburbia

Posted 22 May 2013 - 12:16 AM

Sounds to me like you might want to work with Broni in the malware forum before you do anything else.  

 

 

 


Please do so just to be safe.  It's possible you could have some baddies lying around, and one of the things he'll have you do will tell us more about what is running.

 

After that we can discuss disabling things.

 

Although a common list of things to disable in startup are messengers, office, adobe reader or other products, itunes, etc.  No programs NEED to start every time you boot if they are not necessary for Windows to run.  All you're doing is bogging down the system and tying up RAM.

 

And before you go through MSCONFIG you should go into the programs themselves and look at the tools/options for shutting off start on bootup.  Skype has it for example.  Then if they don't have it, you can uncheck them in MSConfig.


  • Phzzz likes this

Dash-Queen of Typos
HKEd's Personal Cheerleader #1
Phzzz Fan #1 - Efabes Fan #1 - Angoid Fan #1 - Manunkind Fan #1 - Stargazer Fan #1
If life throws you lemons.....THROW EM BACK!
Struggling is not a sign of weakness unless you refuse to get back up and fight.


#25 Patti

Patti

    Moderator

  • Moderators
  • 160 posts
  • LocationOntario, Canada

Posted 22 May 2013 - 10:36 AM

also another problem im having is my web browser seems to refuse  to go to certain sites and my wonmdows firewall seems to keep disabling itself!help!

 

Dashie is right, that sure sounds like you may be dealing with a malware problem.  My method of approach would be slightly different, though, as I mentioned much earlier in this thread, but since I don't know your experience or comfort level with backing up anything you'd be loathe to lose (e.g., documents, pictures, videos, etc.), wiping the partition and doing a clean install of the operating system (provided, of course, that you have the install CD for XP and any other applications that require install CD),  I'm just putting that out there again as another option that you might want to consider. If you're interested  but not sure whether  that option is right for you, post a query in the Fdisk, Dual-Boot, File System and Partition Problems subforum, and the responses that you get there might help you to decide whether that option is right for you or not.


  • Phzzz and manunkind like this

#26 dave567

dave567

    Member

  • Members
  • Pip
  • 25 posts

Posted 22 May 2013 - 10:39 PM

well its not malware i dont think-ran combo fix and malware bytes.the firewall thing was AVG turning it off in favour of its own....so ive posted the log and really need advice on what to disable through msconfig as i believe this pc should be able to play youtube streaming clips!

 

ComboFix 13-05-22.01 - DAVID 22/05/2013  22:24:21.1.1 - x86
Microsoft Windows XP Professional  5.1.2600.3.1252.1.1033.18.2015.1675 [GMT 1:00]
Running from: c:\documents and settings\DAVID\Desktop\ComboFix.exe
AV: AVG Internet Security 2013 *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
FW: AVG Internet Security 2013 *Disabled* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\DAVID\WINDOWS
c:\windows\system32\Cache
c:\windows\system32\Cache\075884af680ff6dc.fb
c:\windows\system32\Cache\227113dfa1ca894d.fb
c:\windows\system32\Cache\49fbbc5a8678d502.fb
c:\windows\system32\Cache\5c54eb1a1655b076.fb
c:\windows\system32\Cache\613e8ce7ab7106af.fb
c:\windows\system32\Cache\633a76311867bd11.fb
c:\windows\system32\Cache\691f14230153a9e1.fb
c:\windows\system32\Cache\6952aa6226d9fab0.fb
c:\windows\system32\Cache\6cb409d7ac73d9f1.fb
c:\windows\system32\Cache\7614bd6cfa99e546.fb
c:\windows\system32\Cache\77664b6ccc36be9f.fb
c:\windows\system32\Cache\881b3593316772f0.fb
c:\windows\system32\Cache\98657d0579ae1930.fb
c:\windows\system32\Cache\c4e10d1be905349b.fb
c:\windows\system32\Cache\d5c0f4e7bbe35bf3.fb
c:\windows\system32\Cache\d9ca663388d21ec0.fb
c:\windows\system32\Cache\f2cda51fd108941f.fb
c:\windows\system32\Cache\f34d8db84131d925.fb
c:\windows\system32\SET4E.tmp
c:\windows\system32\SET52.tmp
c:\windows\system32\SET5A.tmp
.
.
(((((((((((((((((((((((((   Files Created from 2013-04-22 to 2013-05-22  )))))))))))))))))))))))))))))))
.
.
2013-05-21 22:50 . 2013-05-21 22:50 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2013-05-21 22:41 . 2013-05-21 22:41 35144 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2013-05-21 19:52 . 2013-05-21 19:52 -------- d-----w- c:\program files\Common Files\Umbrella
2013-05-21 19:51 . 2013-05-21 20:56 -------- d-----w- c:\documents and settings\DAVID\Application Data\Maxthon3
2013-05-21 19:51 . 2013-05-21 19:51 -------- d-----w- c:\program files\Maxthon
2013-05-20 20:02 . 2013-05-20 20:02 -------- d-----w- c:\program files\Speccy
2013-05-19 17:37 . 2013-05-19 17:37 -------- d-----w- c:\documents and settings\DAVID\Application Data\CompuClever
2013-05-19 17:37 . 2013-05-19 17:39 -------- d-----w- c:\program files\CompuClever
2013-05-19 13:31 . 2013-05-19 13:31 -------- d-----w- c:\documents and settings\DAVID\Application Data\Oracle
2013-05-19 12:20 . 2013-05-19 12:20 -------- d-----w- c:\documents and settings\MATTY\Local Settings\Application Data\AVG SafeGuard toolbar
2013-05-19 12:19 . 2013-05-19 12:19 -------- d-----w- c:\documents and settings\MATTY\Application Data\AVG2013
2013-05-19 12:19 . 2013-05-19 12:19 -------- d-----w- c:\documents and settings\MATTY\Local Settings\Application Data\Avg2013
2013-05-19 12:18 . 2013-05-19 12:18 -------- d-----w- c:\documents and settings\JIM\Local Settings\Application Data\AVG SafeGuard toolbar
2013-05-19 12:18 . 2013-05-19 12:18 -------- d-----w- c:\documents and settings\JIM\Application Data\AVG2013
2013-05-19 12:18 . 2013-05-19 12:18 -------- d-----w- c:\documents and settings\JIM\Local Settings\Application Data\Avg2013
2013-05-19 12:16 . 2013-05-19 12:16 -------- d-----w- c:\documents and settings\HOL\Local Settings\Application Data\AVG SafeGuard toolbar
2013-05-19 12:16 . 2013-05-19 12:16 -------- d-----w- c:\documents and settings\HOL\Application Data\AVG2013
2013-05-19 12:16 . 2013-05-19 12:16 -------- d-----w- c:\documents and settings\HOL\Local Settings\Application Data\Avg2013
2013-05-12 12:50 . 2013-05-12 12:50 -------- d-----w- c:\program files\VIA
2013-05-12 12:49 . 2000-01-01 00:00 13976 ----a-w- c:\windows\system32\drivers\videX32.sys
2013-05-12 12:49 . 2004-08-03 21:41 11868 ----a-w- c:\windows\system32\drivers\mdmxsdk.sys
2013-05-12 12:49 . 2008-04-13 23:11 86016 ----a-w- c:\windows\system32\mdmxsdk.dll
2013-05-12 12:45 . 2013-05-12 12:45 -------- d-----w- c:\program files\S3
2013-05-12 12:37 . 2013-05-12 12:37 -------- d-----w- c:\documents and settings\DAVID\Local Settings\Application Data\SlimWare Utilities Inc
2013-05-12 12:37 . 2013-05-12 12:37 -------- d-----w- c:\program files\SlimDrivers
2013-05-12 11:55 . 2013-05-12 11:55 -------- dc----w- c:\documents and settings\TEMP
2013-05-12 11:50 . 2008-04-14 00:12 221184 ----a-w- c:\windows\system32\wmpns.dll
2013-05-11 12:33 . 2013-05-11 12:33 -------- d-----w- c:\documents and settings\DEB\Application Data\TuneUp Software
2013-05-11 12:33 . 2013-05-11 12:33 -------- d-----w- c:\documents and settings\DEB\Application Data\AVG SafeGuard toolbar
2013-05-11 12:33 . 2013-05-20 18:19 -------- d-----w- c:\program files\AVG SafeGuard toolbar
2013-05-11 12:28 . 2013-05-11 12:28 -------- d-----w- c:\documents and settings\DEB\Local Settings\Application Data\MFAData
2013-05-11 10:37 . 2013-05-11 10:37 209472 ----a-w- c:\program files\Internet Explorer\PLUGINS\nppdf32.dll
2013-05-09 21:41 . 2013-05-19 22:44 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-05-09 21:41 . 2013-05-19 22:44 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-05-09 19:47 . 2013-05-09 19:51 -------- d-----w- c:\documents and settings\DAVID\Local Settings\Application Data\jZip
2013-05-09 19:26 . 2013-05-09 19:26 -------- d-----w- c:\documents and settings\All Users\Application Data\APN
2013-05-09 17:20 . 2013-05-09 17:20 -------- d-----w- c:\documents and settings\Default User\Application Data\TuneUp Software
2013-05-09 17:13 . 2013-05-09 17:13 -------- d-----w- c:\documents and settings\DEB\Local Settings\Application Data\Google
2013-05-09 17:12 . 2013-05-09 17:12 -------- d-----w- c:\documents and settings\DEB\Local Settings\Application Data\AVG SafeGuard toolbar
2013-05-09 17:12 . 2013-05-09 17:12 -------- d-----w- c:\documents and settings\DEB\Application Data\AVG2013
2013-05-09 17:12 . 2013-05-11 12:34 -------- d-----w- c:\documents and settings\DEB\Local Settings\Application Data\Avg2013
2013-05-07 22:17 . 2013-05-07 22:17 -------- d-----w- c:\documents and settings\DAVID\Application Data\AVG2013
2013-05-07 22:15 . 2013-05-07 22:15 -------- d-----w- c:\windows\system32\config\systemprofile\Application Data\AVG2013
2013-05-07 22:14 . 2013-05-07 22:14 -------- d-----w- c:\documents and settings\DAVID\Local Settings\Application Data\AVG SafeGuard toolbar
2013-05-07 22:14 . 2013-05-07 22:14 -------- d-----w- c:\documents and settings\DAVID\Application Data\TuneUp Software
2013-05-07 22:14 . 2013-05-07 22:14 -------- d-----w- c:\documents and settings\All Users\Application Data\AVG SafeGuard toolbar
2013-05-07 22:14 . 2013-05-07 22:14 -------- d-----w- c:\documents and settings\DAVID\Application Data\AVG SafeGuard toolbar
2013-05-07 22:14 . 2013-05-20 18:19 37664 ----a-w- c:\windows\system32\drivers\avgtpx86.sys
2013-05-07 22:13 . 2013-05-07 22:14 -------- d-----w- c:\program files\Common Files\AVG Secure Search
2013-05-07 22:11 . 2013-05-07 22:11 -------- dc----w- C:\$AVG
2013-05-07 22:11 . 2013-05-07 22:15 -------- d-----w- c:\documents and settings\All Users\Application Data\AVG2013
2013-05-07 22:09 . 2013-05-07 22:09 -------- d-----w- c:\program files\AVG
2013-05-07 22:06 . 2013-05-22 20:31 -------- d-----w- c:\documents and settings\All Users\Application Data\MFAData
2013-05-07 22:06 . 2013-05-09 19:40 -------- d-----w- c:\documents and settings\DAVID\Local Settings\Application Data\Avg2013
2013-05-07 22:06 . 2013-05-07 22:06 -------- d--h--w- c:\documents and settings\All Users\Application Data\Common Files
2013-05-07 22:06 . 2013-05-07 22:06 -------- d-----w- c:\documents and settings\DAVID\Local Settings\Application Data\MFAData
2013-05-07 22:02 . 2013-05-19 20:09 -------- d-----w- c:\program files\Google
2013-05-07 22:02 . 2013-05-19 20:08 -------- d-----w- c:\documents and settings\DAVID\Local Settings\Application Data\Google
2013-05-07 21:32 . 2013-05-07 21:32 -------- d-----w- c:\documents and settings\DAVID\Application Data\Panda Security
2013-05-07 21:30 . 2013-05-07 21:30 -------- d-----w- c:\documents and settings\All Users\Application Data\Panda Security
2013-05-07 20:54 . 2013-05-07 20:54 -------- d-----w- c:\documents and settings\DAVID\Application Data\Avast Ad Blocker
2013-05-07 20:42 . 2013-05-07 20:42 -------- d-----w- c:\windows\system32\wbem\Repository
2013-05-07 20:41 . 2013-05-07 20:41 -------- d-----w- c:\program files\Common Files\Java
2013-05-07 19:57 . 2004-08-07 00:18 13894 -c--a-w- c:\windows\system32\dllcache\OLDA27.tmp
2013-05-07 19:57 . 2004-08-07 00:18 113222 -c--a-w- c:\windows\system32\dllcache\OLDA24.tmp
2013-05-07 19:57 . 2004-08-07 00:18 4677 -c--a-w- c:\windows\system32\dllcache\OLDA1E.tmp
2013-05-07 19:57 . 2004-08-07 00:18 29760 -c--a-w- c:\windows\system32\dllcache\OLDA21.tmp
2013-05-07 19:57 . 2004-08-07 00:18 41029 -c--a-w- c:\windows\system32\dllcache\OLDA1B.tmp
2013-05-07 19:57 . 2004-08-07 00:18 36937 -c--a-w- c:\windows\system32\dllcache\OLDA18.tmp
2013-05-07 19:56 . 2004-08-07 00:18 5632 -c--a-w- c:\windows\system32\dllcache\OLD9FC.tmp
2013-05-07 19:56 . 2010-07-12 12:55 218112 -c--a-w- c:\windows\system32\dllcache\OLD9F9.tmp
2013-05-07 19:56 . 2008-04-14 00:11 156672 -c--a-w- c:\windows\system32\dllcache\OLD9F0.tmp
2013-05-07 19:56 . 2008-04-14 00:11 156672 -c--a-w- c:\windows\system32\dllcache\OLD9ED.tmp
2013-05-07 19:56 . 2008-04-14 00:11 156672 -c--a-w- c:\windows\system32\dllcache\OLD9EA.tmp
2013-05-07 19:56 . 2004-08-07 00:18 119808 -c--a-w- c:\windows\system32\dllcache\OLD9E7.tmp
2013-05-07 19:56 . 2008-04-14 00:11 65536 -c--a-w- c:\windows\system32\dllcache\OLD9E4.tmp
2013-05-07 19:56 . 2008-04-14 00:11 72704 -c--a-w- c:\windows\system32\dllcache\OLD9E1.tmp
2013-05-07 19:56 . 2004-08-07 00:18 35328 -c--a-w- c:\windows\system32\dllcache\OLD9DE.tmp
2013-05-07 19:56 . 2008-04-14 00:11 79360 -c--a-w- c:\windows\system32\dllcache\OLD9DB.tmp
2013-05-07 19:55 . 2004-08-07 00:18 31232 -c--a-w- c:\windows\system32\dllcache\OLD9D2.tmp
2013-05-07 19:55 . 2004-08-07 00:18 41600 -c--a-w- c:\windows\system32\dllcache\OLD9CF.tmp
2013-05-07 19:55 . 2004-08-07 00:18 9216 -c--a-w- c:\windows\system32\dllcache\OLD9BD.tmp
2013-05-07 19:55 . 2004-08-07 00:18 5632 -c--a-w- c:\windows\system32\dllcache\OLD9AB.tmp
2013-05-07 19:55 . 2004-08-07 00:18 73728 -c--a-w- c:\windows\system32\dllcache\OLD9A8.tmp
2013-05-07 19:55 . 2004-08-07 00:18 4608 -c--a-w- c:\windows\system32\dllcache\OLD9A5.tmp
2013-05-07 19:55 . 2004-08-07 00:18 48256 -c--a-w- c:\windows\system32\dllcache\OLD9A2.tmp
2013-05-07 19:55 . 2008-04-14 00:11 86073 -c--a-w- c:\windows\system32\dllcache\OLD99B.tmp
2013-05-07 19:55 . 2008-04-14 00:11 426041 -c--a-w- c:\windows\system32\dllcache\OLD998.tmp
2013-05-07 19:54 . 2008-04-14 00:11 76288 -c--a-w- c:\windows\system32\dllcache\OLD975.tmp
2013-05-07 19:54 . 2008-04-14 00:11 65024 -c--a-w- c:\windows\system32\dllcache\OLD972.tmp
2013-05-07 19:54 . 2004-08-07 00:18 32339 -c--a-w- c:\windows\system32\dllcache\OLD96F.tmp
2013-05-07 19:54 . 2004-08-07 00:18 14336 -c--a-w- c:\windows\system32\dllcache\OLD953.tmp
2013-05-07 19:53 . 2008-04-14 00:10 10240 -c--a-w- c:\windows\system32\dllcache\OLD933.tmp
2013-05-07 19:53 . 2004-08-04 02:32 455168 -c--a-w- c:\windows\system32\dllcache\OLD92E.tmp
2013-05-07 19:53 . 2004-08-04 02:32 44032 -c--a-w- c:\windows\system32\dllcache\OLD92B.tmp
2013-05-07 19:53 . 2008-04-14 00:11 571392 -c--a-w- c:\windows\system32\dllcache\OLD928.tmp
2013-05-07 19:53 . 2004-08-07 00:18 185344 -c--a-w- c:\windows\system32\dllcache\OLD925.tmp
2013-05-07 19:53 . 2004-08-07 00:18 19464 -c--a-w- c:\windows\system32\dllcache\OLD91C.tmp
2013-05-07 19:53 . 2004-08-07 00:18 21896 -c--a-w- c:\windows\system32\dllcache\OLD915.tmp
2013-05-07 19:53 . 2004-08-07 00:18 13192 -c--a-w- c:\windows\system32\dllcache\OLD912.tmp
2013-05-07 19:53 . 2004-08-07 00:18 16896 -c--a-w- c:\windows\system32\dllcache\OLD8E6.tmp
2013-05-07 19:51 . 2004-08-07 00:17 25088 -c--a-w- c:\windows\system32\dllcache\OLD867.tmp
2013-05-07 19:51 . 2004-08-07 00:17 18944 -c--a-w- c:\windows\system32\dllcache\OLD84A.tmp
2013-05-07 19:51 . 2004-08-07 00:17 42573 -c--a-w- c:\windows\system32\dllcache\OLD847.tmp
2013-05-07 19:51 . 2004-08-07 00:17 2178131 -c--a-w- c:\windows\system32\dllcache\OLD844.tmp
2013-05-07 19:51 . 2004-08-07 00:17 66113 -c--a-w- c:\windows\system32\dllcache\OLD841.tmp
2013-05-07 19:51 . 2001-08-17 22:36 26112 -c--a-w- c:\windows\system32\dllcache\OLD830.tmp
2013-05-07 19:51 . 2001-08-17 22:36 57856 -c--a-w- c:\windows\system32\dllcache\OLD825.tmp
2013-05-07 19:50 . 2004-08-07 00:17 79872 -c--a-w- c:\windows\system32\dllcache\OLD7F8.tmp
2013-05-07 19:50 . 2004-08-07 00:17 79872 -c--a-w- c:\windows\system32\dllcache\OLD7F5.tmp
2013-05-07 19:50 . 2004-08-07 00:17 42574 -c--a-w- c:\windows\system32\dllcache\OLD7EC.tmp
2013-05-07 19:50 . 2004-08-07 00:17 753236 -c--a-w- c:\windows\system32\dllcache\OLD7E9.tmp
2013-05-07 19:50 . 2004-08-07 00:17 48706 -c--a-w- c:\windows\system32\dllcache\OLD7E6.tmp
2013-05-07 19:50 . 2008-04-14 00:11 26112 -c--a-w- c:\windows\system32\dllcache\OLD7D8.tmp
2013-05-07 19:50 . 2001-08-17 22:36 23040 -c--a-w- c:\windows\system32\dllcache\OLD7CF.tmp
2013-05-07 19:50 . 2004-08-07 00:17 14848 -c--a-w- c:\windows\system32\dllcache\OLD7CB.tmp
2013-05-07 19:49 . 2004-08-07 00:17 16384 -c--a-w- c:\windows\system32\dllcache\OLD7BD.tmp
2013-05-07 19:49 . 2008-04-14 00:11 77824 -c--a-w- c:\windows\system32\dllcache\OLD7BA.tmp
2013-05-07 19:49 . 2004-08-07 00:17 9728 -c--a-w- c:\windows\system32\dllcache\OLD7B7.tmp
2013-05-07 19:49 . 2004-08-07 00:17 131584 -c--a-w- c:\windows\system32\dllcache\OLD787.tmp
2013-05-07 19:49 . 2004-08-07 00:17 11264 -c--a-w- c:\windows\system32\dllcache\OLD784.tmp
2013-05-07 19:49 . 2004-08-07 00:17 6144 -c--a-w- c:\windows\system32\dllcache\OLD781.tmp
2013-05-07 19:49 . 2008-04-14 00:10 67584 -c--a-w- c:\windows\system32\dllcache\OLD77E.tmp
2013-05-07 19:49 . 2008-04-13 16:43 70144 -c--a-w- c:\windows\system32\dllcache\OLD77B.tmp
2013-05-07 19:48 . 2008-04-14 00:11 482304 -c--a-w- c:\windows\system32\dllcache\OLD778.tmp
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-04-16 22:17 . 2004-08-04 04:56 920064 ----a-w- c:\windows\system32\wininet.dll
2013-04-16 22:17 . 2004-08-04 04:56 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2013-04-16 22:17 . 2004-08-04 04:56 43520 ----a-w- c:\windows\system32\licmgr10.dll
2013-04-12 23:28 . 2004-08-04 02:59 385024 ----a-w- c:\windows\system32\html.iec
2013-04-10 01:31 . 2004-08-04 03:17 1876352 ----a-w- c:\windows\system32\win32k.sys
2013-04-05 18:52 . 2013-04-05 18:53 861088 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-04-05 18:52 . 2013-04-05 18:53 782240 ----a-w- c:\windows\system32\deployJava1.dll
2013-04-04 04:35 . 2013-04-16 20:58 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-03-29 01:53 . 2013-02-26 22:40 208184 ----a-w- c:\windows\system32\drivers\avgidsdriverx.sys
2013-03-21 02:08 . 2013-02-14 02:52 182072 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2013-03-08 08:36 . 2004-08-04 04:56 293376 ----a-w- c:\windows\system32\winsrv.dll
2013-03-07 01:28 . 2004-08-04 03:20 2193408 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-03-07 00:50 . 2004-08-03 22:59 2070016 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-03-06 23:33 . 2013-03-28 17:15 164736 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-03-06 23:33 . 2013-03-28 17:15 49248 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-03-06 23:33 . 2013-03-28 17:15 66336 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-03-01 09:32 . 2013-03-01 09:32 22328 ----a-w- c:\windows\system32\drivers\avgidsshimx.sys
2013-02-27 07:56 . 2013-03-23 19:15 2067456 ----a-w- c:\windows\system32\mstscax.dll
2013-04-17 18:49 . 2013-04-17 18:48 263064 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AVG_UI"="c:\program files\AVG\AVG2013\avgui.exe" [2013-04-28 4408368]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ   c:\progra~1\AVG\AVG2013\avgrsx.exe /sync /restart\0autoche\0autoche
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk
backup=c:\windows\pss\Microsoft Office.lnkCommon Startup
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BingDesktop
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
c:\windows\system32\dumprep 0 -k [X]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MxDock
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2013-04-04 21:06 958576 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
2008-04-14 00:12 15360 ----a-w- c:\windows\system32\ctfmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 00:12 1695232 --sh--w- c:\program files\Messenger\msmsgs.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]
2007-04-16 15:28 577536 ----a-w- c:\windows\soundman.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2013-03-12 06:32 253816 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vProt]
2013-05-20 18:19 1226928 ----a-w- c:\program files\AVG SafeGuard toolbar\vprot.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VTPreset]
2000-01-01 00:00 45056 ----a-w- c:\windows\system32\VTPreset.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\wextract_cleanup0]
2009-03-08 04:32 128512 ----a-w- c:\windows\system32\advpack.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"WMPNetworkSvc"=3 (0x3)
"vToolbarUpdater15.2.0"=2 (0x2)
"MozillaMaintenance"=3 (0x3)
"MBAMService"=2 (0x2)
"MBAMScheduler"=2 (0x2)
"JavaQuickStarterService"=2 (0x2)
"iPod Service"=3 (0x3)
"idsvc"=3 (0x3)
"avgwd"=2 (0x2)
"AVGIDSAgent"=2 (0x2)
"avgfws"=2 (0x2)
"Apple Mobile Device"=2 (0x2)
"AdobeFlashPlayerUpdateSvc"=3 (0x3)
"SProtection"=2 (0x2)
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\Vuze\\Azureus.exe"=
"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"c:\\Program Files\\AVG\\AVG2013\\avgmfapx.exe"=
"c:\\Program Files\\AVG\\AVG2013\\avgnsx.exe"=
"c:\\Program Files\\AVG\\AVG2013\\avgdiagex.exe"=
"c:\\Program Files\\AVG\\AVG2013\\avgemcx.exe"=
"c:\\Program Files\\Maxthon\\Bin\\MxUp.exe"=
"c:\\Program Files\\ExpressFiles\\ExpressFiles.exe"=
"c:\\Program Files\\ExpressFiles\\expressdl.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Maxthon\\Bin\\Maxthon.exe"=
"c:\\WINDOWS\\system32\\sessmgr.exe"=
.
R0 aswRvrt;aswRvrt;c:\windows\system32\drivers\aswRvrt.sys [28/03/2013 18:15 49248]
R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [08/02/2013 04:37 60216]
R0 Avglogx;AVG Logging Driver;c:\windows\system32\drivers\avglogx.sys [08/02/2013 04:37 245048]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [08/02/2013 04:37 39224]
R1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [26/02/2013 23:40 208184]
R1 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [01/03/2013 10:32 22328]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [08/02/2013 04:37 170808]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [14/02/2013 03:52 182072]
R1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [07/05/2013 23:14 37664]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [28/03/2013 18:15 66336]
R2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2013\avgwdsvc.exe [18/04/2013 04:34 283136]
R3 Avgfwdx;Avgfwdx;c:\windows\system32\drivers\avgfwdx.sys [12/01/2012 19:52 30944]
S2 avgfws;AVG Firewall;c:\program files\AVG\AVG2013\avgfws.exe [10/04/2013 11:07 1428472]
S2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2013\avgidsagent.exe [14/05/2013 00:54 4937264]
S3 aswVmm;aswVmm;c:\windows\system32\drivers\aswVmm.sys [28/03/2013 18:15 164736]
S3 Avgfwfd;AVG network filter service;c:\windows\system32\drivers\avgfwdx.sys [12/01/2012 19:52 30944]
S3 mbamchameleon;mbamchameleon;c:\windows\system32\drivers\mbamchameleon.sys [21/05/2013 23:41 35144]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [30/03/2013 14:50 21104]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [21/05/2013 23:50 40776]
S4 MBAMScheduler;MBAMScheduler;c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe [30/03/2013 14:50 398184]
S4 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [30/03/2013 14:50 682344]
S4 SProtection;SProtection;c:\program files\Common Files\Umbrella\Umbrella.exe [10/05/2013 09:39 2833448]
S4 vToolbarUpdater15.2.0;vToolbarUpdater15.2.0;c:\program files\Common Files\AVG Secure Search\vToolbarUpdater\15.2.0\ToolbarUpdater.exe [20/05/2013 19:19 1015984]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ   Pml Driver HPZ12 Net Driver HPZ12
.
Contents of the 'Scheduled Tasks' folder
.
2013-05-20 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-05-09 22:44]
.
.
------- Supplementary Scan -------
.
uStart Page = about:blank
mStart Page = hxxp://www.safesearch.net/?utm_medium=ie&utm_campaign=21&utm_source=sm&utm_content=1&utm_term=ECB313B0363A4281
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
TCP: DhcpNameServer = 194.168.4.100 194.168.8.100
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\Common Files\AVG Secure Search\ViProtocolInstaller\15.2.0\ViProtocol.dll
FF - ProfilePath - c:\documents and settings\DAVID\Application Data\Mozilla\Firefox\Profiles\315hkl5o.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.safesearch.net/search?q={searchTerms}&utm_medium=ff&utm_campaign=21&utm_source=sm&utm_content=1&utm_term=ECB313B0363A4281
FF - prefs.js: browser.search.selectedEngine - SafeSearch
FF - prefs.js: browser.startup.homepage - hxxp://www.google.co.uk/
FF - prefs.js: keyword.URL - hxxp://www.safesearch.net/search?q=
FF - prefs.js: network.proxy.type - 0
FF - ExtSQL: 2013-03-28 18:37; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - ExtSQL: 2013-04-29 21:32; testpilot@labs.mozilla.com; c:\documents and settings\DAVID\Application Data\Mozilla\Firefox\Profiles\315hkl5o.default\extensions\testpilot@labs.mozilla.com.xpi
FF - user.js: extensions.autoDisableScopes - 0 
FF - user.js: extensions.shownSelectionUI - true
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-{95B7759C-8C7F-4BF1-B163-73684A933233} - (no file)
MSConfigStartUp-CARPService - carpserv.exe
AddRemove-ExpressFiles - c:\program files\ExpressFiles\uninstall.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-05-22 22:32
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...  
.
scanning hidden autostart entries ... 
.
scanning hidden files ...  
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
Completion time: 2013-05-22  22:35:33
ComboFix-quarantined-files.txt  2013-05-22 21:35
.
Pre-Run: 46,706,274,304 bytes free
Post-Run: 47,168,901,120 bytes free
.
- - End Of File - - F0B59107DD28BDA52F1857A0FC224EA0


#27 rob

rob

    Member

  • Silver Star Member
  • Pip
  • 438 posts
  • LocationTampa

Posted 23 May 2013 - 02:25 AM

dave,

   plz post all this in Malware forum.  You / we are out of suggestions.  You definitely have a issue if Windows Firewall keeps disabling!  Broni can get you going if you listen and do what he tells you.

G Luck, rob


  • Phzzz likes this

#28 Angoid

Angoid

    Administeriosis Extremus

  • Administrators
  • 1,595 posts
  • LocationEast Midlands, UK

Posted 23 May 2013 - 11:38 AM

Dave567, Rob is right .... pop over into the Malicious Code Removal section of the forum and start off by following these instructions.

 

If Windows Firewall keeps getting turned off, then you *definitely* have a malware problem!  It has no reason to turn itself off 'just because'!  However, it another firewall is present, the Windows one will turn itself off in favour of the other one.  This is known as "graceful degrading" and is by design.

 

Malware can slow your PC down to the point of unusability.  A friend of mine once had a PC that was unusably slow, and after removing all the malicious software it ran like greased lightning.  Once you have done this and got the all-clear in the malicious code removal room, come back here and we'll continue if it's appropriate to do so.

 

Just running programs like Combofix on a "scattergun" basis can do more harm than good.


  • Phzzz and rob like this

If you don't know what eschatology is then don't worry; it's not the end of the world.
Please do not send uninvited PMs requesting support; post into the appropriate forum instead and we'll all learn. See our Private messaging policy.


#29 DanPenny

DanPenny

    Member

  • Members
  • Pip
  • 1 posts
  • LocationAlberta Canada

Posted 12 September 2013 - 07:06 PM

Sorry, my post was outdated.


It's a good day when you learn someting.

--------------------------------------------------


#30 rob

rob

    Member

  • Silver Star Member
  • Pip
  • 438 posts
  • LocationTampa

Posted 13 September 2013 - 02:07 PM

Well, someone else (Dashie) suggested malware.  But also have we ever established dial-up vs cable/DSL?  This computer should be limited to email/word and general surfing.  In other words, Malware or not!!