Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

System Slow, Won't Burn CDs Now


  • Please log in to reply

#31
1972vet

1972vet

    Trusted Helper

  • Malware Removal
  • 99 posts
Probably not related to whatever it was that you downloaded. Combofix already removed what it found as malicious so...it may relate to some update to your operating system. Whatever runs in normal mode isn't running entirely in safe mode so that's the difference. To finish this up, we should run an ESET scan:
Please note that disabling your on board antivirus product is not necessary while you scan with ESET online scanner Here. Click the Run ESET Online Scanner button. Another window will open...here, please accept the agreement, then click the Start button.

When prompted, install the needed software to perform the scan . When it finishes with the install, make sure to check the box titled Scan archives (the Remove found threats box should already be checked by default).

Next, click the "Advanced Settings" link. Please make sure all boxes are checked except for "Use custom proxy settings". then click the Start button.

When it completes, use notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt
Copy and paste that log with your next reply, along with a description of any remaining problems. Thanks!
  • 0

Advertisements


#32
Blazinice

Blazinice

    Member

  • Topic Starter
  • Member
  • PipPip
  • 53 posts
Here are the results of the scan:

[email protected] as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=e3f169982797494ab00c5147230ab1cf
# engine=13999
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2013-06-05 03:14:23
# local_time=2013-06-04 11:14:23 (-0500, Eastern Daylight Time)
# country="United States"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5122 16777213 100 88 7633271 119076659 0 0
# compatibility_mode=5893 16776574 100 94 375840 121945513 0 0
# scanned=296289
# found=3
# cleaned=3
# scan_time=8620
sh=8366982237340B9E05968BC3F942D7B3BC9C6FAC ft=0 fh=0000000000000000 vn="JS/Redirector.NCI trojan (deleted - quarantined)" ac=C fn="C:\Users\Shane Livingston\AppData\Roaming\Mozilla\Firefox\Profiles\6guzfwxp.default\extensions\[email protected]"
sh=13F869D91EF4EFA6C18D986629084AD530BB101E ft=1 fh=88dceb5e1c4d0d44 vn="Win32/OpenCandy application (deleted - quarantined)" ac=C fn="C:\Users\Shane Livingston\Downloads\winzip155.exe"
sh=CA37F63B18E29311499AD538A03FA136A6C80858 ft=0 fh=0000000000000000 vn="a variant of Win32/Bundled.Toolbar.Ask application (deleted - quarantined)" ac=C fn="C:\Windows\Installer\822d833.msi"

I still can't burn CDs when it's not in safe mode. And every once in a while my computer is freezing up when I leave for a while. I have to restart to be able to do anything again.
  • 0

#33
1972vet

1972vet

    Trusted Helper

  • Malware Removal
  • 99 posts
Although we've learned that your CD burner works, and works fine but only in safe mode, booting into safe mode just to burn a cd (for some) can be inconvenient. As such, there are a couple things you could try to determine which application is running at startup that is interfering with your cd burn attempts.

1) Download the free utility "StartupLite" available from MalwareBytes
2) Use the MSCONFIG utility on board with all Windows platforms

...Open your MBAM utility and click the More Tools tab. Locate "StartupLite" (lower right corner) and click the link. An Internet Explorer window will open to the MBAM download page. Click the "Get StartUpLite" download link there and then locate the downloaded installer file here:
c:/users/whatevernameyouuse/downloads
...or just click to run the application when the download completes (if you are given that option).

There will be a list rendered of any unnecessary programs running at startup. Make note of anything in that list and post that information back here on your next reply. Thanks!
  • 0

#34
Blazinice

Blazinice

    Member

  • Topic Starter
  • Member
  • PipPip
  • 53 posts
I tried that... it said it blocked something at startup but I didn't catch what it was. I'm still unable to burn unless I'm in safe mode. I also got an error message that said my computer had recovered from a blue screen.

Edited by Blazinice, 09 June 2013 - 05:53 AM.

  • 0

#35
1972vet

1972vet

    Trusted Helper

  • Malware Removal
  • 99 posts

I tried that... it said it blocked something at startup but I didn't catch what it was. I'm still unable to burn unless I'm in safe mode. I also got an error message that said my computer had recovered from a blue screen.

I suggested two things so you need to tell me which one you tried. What said it blocked something at startup? What were you doing when you received the blue screen?
  • 0

#36
Blazinice

Blazinice

    Member

  • Topic Starter
  • Member
  • PipPip
  • 53 posts
I ran StartupLite... it blocked a Quicktime Task - C:\programfiles(x86)\quicktime\qttask.exe

I wasn't at the computer when the blue screen happened... I left it running, came back later, it had restarted and the message telling me it had recovered was up when I logged back on.
  • 0

#37
1972vet

1972vet

    Trusted Helper

  • Malware Removal
  • 99 posts
Let's take a look at what "old" drivers may still be installed from other programs that you may have either uninstalled in the past, or tried to uninstall but failed...under such circumstances, some driver files can remain installed (and running), and those drivers can indeed cause stability problems for you:

1) Open the "Start" menu and type CMD into the "Search programs and files" box.
2) The search should return the command prompt icon, probably listed at the top. Right-click on it and select "Run as administrator". Answer Yes to the UAC prompt.
3) At the cmd prompt, type or copy and paste:
set devmgr_show_nonpresent_devices=1
...and press enter. (Note that nothing seems to happen--this is expected. We are actually setting an environment variable which is going to help us to see hidden devices)
4) On the next cmd prompt line, type in:
devmgmt.msc
...and press enter. This will launch the Windows Device Manager Console.
5) In the Device Manager Console, from the "View" menu, select "Show Hidden Devices".

Note:
This is NOT the same as just selecting 'Show Hidden Devices' from within the menu of the normal default view in device manager. This method exposes the super hidden drivers/devices from having changed the environment variable.

Now, scroll down to and click "Non-Plug and Play Drivers" in the listing. You will see not only the items that Windows currently detects as installed on your pc (these are the usual items displayed), but you will also see drivers, devices, and services which have been loaded in the past but were not uninstalled, not uninstalled properly, or are not currently started.

These are identified by those drivers listed which are grayed out...

Please scroll through that listing and make note of all the "grayed out" items present there. Be careful to note the item precisely as it appears. Create a list of them and post that information back here in your next reply. Thanks!
  • 0

#38
Blazinice

Blazinice

    Member

  • Topic Starter
  • Member
  • PipPip
  • 53 posts
I don't see anything grayed out... I took a screenshot and am uploading it.

Attached Thumbnails

  • drivers.jpg

  • 0

#39
1972vet

1972vet

    Trusted Helper

  • Malware Removal
  • 99 posts
Ok, thanks...that's actually good news. As it seems to be nothing more than the interference which comes by either McAfee's security suite or in combination with it and the "SuperAnti-Spyware" program, then I think if it were my system, I'd either be content with burning my CD's in safe mode, or finding another security solution beyond those two mentioned.

All that aside, are you having any other issues?
  • 0

#40
Blazinice

Blazinice

    Member

  • Topic Starter
  • Member
  • PipPip
  • 53 posts
No, the burning is the main problem.
  • 0

Advertisements


#41
1972vet

1972vet

    Trusted Helper

  • Malware Removal
  • 99 posts
Great, thanks! It would seem then that the file you downloaded made no claim to the start menu...which implies THAT file isn't causing any interference. Although the startup lite program hasn't indicated any unnecessary starting programs, it doesn't mean that the programs you DO have running on startup are all playing nicely with other software on your system.

You can troubleshoot this by using the msconfig utility. Click start-->type "msconfig" in the "Search programs and files" box. Find the utility in those search results and click on it...when it opens, click the "startup" tab.

From there you can stop those programs from running on startup by removing the check from the box. We're going to do just that, but we'll need to do it by stopping only ONE of those programs at a time...to do that, after removing the check from the box:

Click the Apply button and "OK" it, then reboot the system. When the system comes up, try to burn your CD. If still unsuccessful, return to the msconfig utility, replace the check in the box for the program you just tested, and go to the next one in the list to remove THAT checked box. Again, apply it, ok it and reboot. On returning to a stable desktop, try again to burn your cd and do likewise until you find the offending program.

When you finish, please post back your results to let us know which program was causing the interference with your CD burner. Thanks!
  • 0

#42
1972vet

1972vet

    Trusted Helper

  • Malware Removal
  • 99 posts
Still with us Blazinice? Have you finished with the last instruction yet?
  • 0

#43
Blazinice

Blazinice

    Member

  • Topic Starter
  • Member
  • PipPip
  • 53 posts
I am, I've just had a crazy week... I'll try to get to complete that step tomorrow, I have a feeling it's going to take some time to disable them one by one.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP