Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Windows explorer performance issue: part 2


  • Please log in to reply
15 replies to this topic

#1 OmnisScio

OmnisScio

  • Members
  • 38 posts
  • OFFLINE
  •  
  • Local time:09:30 AM

Posted 27 August 2015 - 04:43 AM

Recently I have started experiencing poor performance on my computer when trying to access the D drive, though sometimes it works fine.

 

I used AVG to scan the system and it found 2 Trojans. 

 

I was told to come here for further assistance regarding those Trojans, as apparently AVG most likely has not completely removed them.

 

 

For further details, this is part 1 of the topic: http://www.bleepingcomputer.com/forums/t/583371/windows-explorer-performance-issue/



BC AdBot (Login to Remove)

 


m

#2 buddy215

buddy215

  • BC Advisor
  • 12,596 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:04:30 PM

Posted 27 August 2015 - 09:24 AM

Check AVG's logs to find a description and location of the two trojans it found and quarantined. Post what you found.

 

Use these programs to find and remove adware and malware.

 

Use CCleaner to remove Temporary files, program caches, cookies, logs, etc. Use the Default settings. No need to use the

Registry Cleaning Tool...risky. Pay close attention while installing and UNcheck offers of toolbars....especially Google.

After install, open CCleaner and run by clicking on the Run Cleaner button in the bottom right corner.

CCleaner - PC Optimization and Cleaning - Free Download

 

Download Malwarebytes' Anti-Malware from Here 
Double-click mbam-setup-2.X.X.XXXX.exe to install the application (X's are the current version number).

  • Make sure a checkmark is placed next to Launch Malwarebytes' Anti-Malware, then click Finish.
  • Once MBAM opens, when it says Your databases are out of date, click the Fix Now button.
  • Click the Settings tab at the top, and then in the left column, select Detections and Protections, and if not already checked place a checkmark in the selection box for Scan for rootkits.
  • Click the Scan tab at the top of the program window, select Threat Scan and click the Scan Now button.
  • If you receive a message that updates are available, click the Update Now button (the update will be downloaded, installed, and the scan will start).
  • The scan may take some time to finish,so please be patient.
  • If potential threats are detected, ensure that Quarantine is selected as the Action for all the listed items, and click the Apply Actions button.
  • While still on the Scan tab, click the link for View detailed log, and in the window that opens click the Export button, select Text file (*.txt), and save the log to your Desktop.
  • The log is automatically saved by MBAM and can also be viewed by clicking the History tab and then selecting Application Logs.

 

Download AdwCleaner by Xplode onto your desktop.

  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Scan button.
  • When the scan has finished click on Clean button.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.
  • download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss

A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”


#3 OmnisScio

OmnisScio
  • Topic Starter

  • Members
  • 38 posts
  • OFFLINE
  •  
  • Local time:09:30 AM

Posted 27 August 2015 - 10:10 PM

Firstly, the results of the AVG scan:

 

Both trojans were software 'cracks', one for 32 bit version, the other 64 bit of the same program. 

 

So far I have done the Malware scan. These are the results:

 

_______________________________________________________________________________________________________

Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 28/08/2015
Scan Time: 12:22 PM
Logfile: results malware.txt
Administrator: Yes
 
Version: 2.1.8.1057
Malware Database: v2015.08.28.01
Rootkit Database: v2015.08.16.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
 
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: User
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 351427
Time Elapsed: 9 min, 55 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 6
PUP.Optional.TidyNetwork.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{72A6AB0F-2FA8-4C73-9FCB-1E62A608F001}, , [2a07907e1c6f26104a623466ee145aa6], 
PUP.Optional.TidyNetwork.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\DRAGDROP\{70BC1CDB-0744-4172-BDA0-B5A487D00C3A}, , [c36e4dc164277bbb2aea58dc6f949f61], 
PUP.Optional.TNT.A, HKU\S-1-5-21-1974866304-1498288346-1119571346-1000\SOFTWARE\TNT2, , [042da36bf596cc6a3416e24fcb38c33d], 
PUP.Optional.TidyNetwork.A, HKU\S-1-5-21-1974866304-1498288346-1119571346-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\DRAGDROP\{70BC1CDB-0744-4172-BDA0-B5A487D00C3A}, , [6cc5d737ef9c77bfee272e0601029b65], 
PUP.Optional.TNT.A, HKU\S-1-5-21-1974866304-1498288346-1119571346-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{72A6AB0F-2FA8-4C73-9FCB-1E62A608F001}, , [33fea8661b7094a26aa441e402018e72], 
PUP.Optional.TNT.A, HKU\S-1-5-21-1974866304-1498288346-1119571346-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{D0399B37-3E72-4FDC-BE59-A1F35EFBCB54}, , [43eec04ee6a54ee845caa58046bdf808], 
 
Registry Values: 2
PUP.Optional.TNT.A, HKU\S-1-5-21-1974866304-1498288346-1119571346-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{72A6AB0F-2FA8-4C73-9FCB-1E62A608F001}|AppName, TNT2User.exe, , [33fea8661b7094a26aa441e402018e72]
PUP.Optional.TNT.A, HKU\S-1-5-21-1974866304-1498288346-1119571346-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{D0399B37-3E72-4FDC-BE59-A1F35EFBCB54}|OSDFileURL, file:///C:/Users/User/AppData/Local/TNT2/Profiles/10953/yah10953.xml, , [43eec04ee6a54ee845caa58046bdf808]
 
Registry Data: 0
(No malicious items detected)
 
Folders: 1
PUP.Optional.TermTutor.A, C:\Program Files (x86)\Mozilla Firefox\extensions\termtutor@termtutor.com, , [59d84dc1bbd016206b2f50b9c83b0ef2], 
 
Files: 18
PUP.Optional.InstallCore, C:\Users\User\AppData\Roaming\0F1L1I1P0H1L1E1E1F\Winamp Packages\uninstaller.exe, , [ae837d914d3e51e534d47d654cb555ab], 
PUP.Optional.APNToolBar.A, C:\Windows\Temp\7zSAD52.tmp\Offercast3410_AVG_.exe, , [8ea3917d513a60d6cf960c987988be42], 
PUP.Optional.Vitruvian.A, C:\Program Files (x86)\Mozilla Firefox\browser\defaults\preferences\!vitruvian-autoenable.js, , [a19055b9484333033ed36ec57b88cf31], 
PUP.Optional.Vitruvian.A, C:\Program Files (x86)\Mozilla Firefox\defaults\preferences\!vitruvian-autoenable.js, , [270a32dc117a63d321f146edb2519c64], 
PUP.Optional.Vitruvian.A, C:\Program Files (x86)\Mozilla Firefox\vitruvian-autoenable.cfg, , [d65b23ebaeddde58f320a0930bf81be5], 
PUP.Optional.Vitruvian.A, C:\Program Files (x86)\Mozilla Firefox\browser\defaults\preferences\!vitruvian-csp.js, , [3df454ba1d6ef046ed1ee5565ba806fa], 
PUP.Optional.Vitruvian.A, C:\Program Files (x86)\Mozilla Firefox\defaults\preferences\!vitruvian-csp.js, , [5bd69d71f992e94d3dcfee4d887bbf41], 
PUP.Optional.Vitruvian.A, C:\Users\User\AppData\Local\Temp\vitruvian-installer-install-v0001, , [f9383ed0d1badd59a1107b216b99e21e], 
PUP.Optional.Vitruvian.A, C:\Users\User\AppData\Local\Temp\vitruvian-installer-processes-v0001, , [2a07808ecebd9c9ae3ce108c9f651fe1], 
PUP.Optional.Vitruvian.A, C:\Users\User\AppData\Local\Temp\vitruvian-installer-softwareregkeys-v0001, , [b47dd836b3d8ea4cfbb6811bd43054ac], 
PUP.Optional.TermTutor.A, C:\Program Files (x86)\Mozilla Firefox\extensions\termtutor@termtutor.com\bootstrap.js, , [59d84dc1bbd016206b2f50b9c83b0ef2], 
PUP.Optional.TermTutor.A, C:\Program Files (x86)\Mozilla Firefox\extensions\termtutor@termtutor.com\browser.js, , [59d84dc1bbd016206b2f50b9c83b0ef2], 
PUP.Optional.TermTutor.A, C:\Program Files (x86)\Mozilla Firefox\extensions\termtutor@termtutor.com\browser.xul, , [59d84dc1bbd016206b2f50b9c83b0ef2], 
PUP.Optional.TermTutor.A, C:\Program Files (x86)\Mozilla Firefox\extensions\termtutor@termtutor.com\chrome.manifest, , [59d84dc1bbd016206b2f50b9c83b0ef2], 
PUP.Optional.TermTutor.A, C:\Program Files (x86)\Mozilla Firefox\extensions\termtutor@termtutor.com\icon-48.png, , [59d84dc1bbd016206b2f50b9c83b0ef2], 
PUP.Optional.TermTutor.A, C:\Program Files (x86)\Mozilla Firefox\extensions\termtutor@termtutor.com\icon-64.png, , [59d84dc1bbd016206b2f50b9c83b0ef2], 
PUP.Optional.TermTutor.A, C:\Program Files (x86)\Mozilla Firefox\extensions\termtutor@termtutor.com\install.rdf, , [59d84dc1bbd016206b2f50b9c83b0ef2], 
PUP.Optional.TermTutor.A, C:\Program Files (x86)\Mozilla Firefox\extensions\termtutor@termtutor.com\plugin-api.js, , [59d84dc1bbd016206b2f50b9c83b0ef2], 
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)
_________________________________________________________________________________________________________________________________________________
 
The AdwCleaner results:
 
# AdwCleaner v5.004 - Logfile created 28/08/2015 at 13:32:15
# Updated 26/08/2015 by Xplode
# Database : 2015-08-25.1 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : User - USER-PC
# Running from : C:\Users\User\Desktop\AdwCleaner.exe
# Option : Cleaning
 
***** [ Services ] *****
 
 
***** [ Folders ] *****
 
[-] Folder Deleted : C:\ProgramData\DownloadManager
 
***** [ Files ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Scheduled tasks ] *****
 
 
***** [ Registry ] *****
 
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{02F878DF-E2BE-4B85-8CB4-A0D2D4E2ED7F}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2AF343DD-3102-4F9D-AC95-DCA4C95382C7}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3137BC14-D8D7-4B67-8FFA-2E0B2E9D541B}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4CA2AC92-971B-47B1-ACB6-357B552155AC}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{52C5395B-1FCD-47FA-A834-FD830701C2D5}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{5D3DCC39-9233-4330-94E9-DA92BE49CA1A}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{615FACDF-DADB-440D-AC91-8AAB0AE9E3AD}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{762D463B-C45A-456D-A80D-8689C297C91E}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{7A6BE473-7960-44D0-BD54-D23DA76353DF}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{803F550E-BAAE-42BB-8917-64BA0006AB17}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8D5BC51D-C9D3-43B9-B728-B30677B7C7E8}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{991C9D8D-A789-4DB9-BDFC-5F33398B04BF}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A5ACC874-D943-483F-A2D1-14598D51F872}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B0474212-0D9D-4361-90B3-B89D1A44275D}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{BFDE183A-C6FE-41D2-80F9-586C29210AC2}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{DD260902-9420-4055-A956-9152EB4F3E6A}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EB1F9F3C-5526-4DAE-BD4B-3EAA7715DA9F}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F1912128-469A-4138-AA26-9699C15BB13E}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F68DC16C-9C2B-455B-8853-7E4D34BAA3F4}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FBA8498F-B3A0-4942-A2BF-E0CB7BC7E000}
 
***** [ Web browsers ] *****
 
[-] [C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Default_Search_Provider_Data] Deleted : 
 
*************************
 
:: Winsock settings cleared
 
########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [2639 bytes] ##########
 

Edited by OmnisScio, 27 August 2015 - 10:36 PM.


#4 buddy215

buddy215

  • BC Advisor
  • 12,596 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:04:30 PM

Posted 28 August 2015 - 04:20 AM

After posting the results of JRT and Eset scans do this:

Rerun MBAM and allow it to remove/ quarantine what it found. Correct the settings to allow it to scan for rootkits as shown below.

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled Change to Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss

A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”


#5 OmnisScio

OmnisScio
  • Topic Starter

  • Members
  • 38 posts
  • OFFLINE
  •  
  • Local time:09:30 AM

Posted 03 September 2015 - 04:39 AM

I have done the JRT and Eset.

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.6.0 (08.31.2015:1)
OS: Windows 7 Home Premium x64
Ran by User on Thu 03/09/2015 at 12:56:33.94
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Tasks
 
 
 
~~~ Registry Values
 
Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{87DD1C61-CB88-4758-8F03-F1739D9550EE}
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{87DD1C61-CB88-4758-8F03-F1739D9550EE}
 
 
 
~~~ Registry Keys
 
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{87DD1C61-CB88-4758-8F03-F1739D9550EE}
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
Successfully deleted: [Folder] C:\Users\User\AppData\Roaming\0F1L1I1P0H1L1E1E1F
 
 
 
~~~ Chrome
 
 
[C:\Users\User\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset
 
[C:\Users\User\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:
 
[C:\Users\User\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset
 
[C:\Users\User\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[]
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Thu 03/09/2015 at 13:03:31.08
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
 
 
D:\from old 500gb hdd\user\AppData\Local\Temp\burnsetup.exe a variant of Win32/Toolbar.Conduit.H potentially unwanted application deleted - quarantined
D:\from old 500gb hdd\user\AppData\Local\Temp\prismsetup.exe a variant of Win32/Toolbar.Conduit.H potentially unwanted application deleted - quarantined
D:\from old 500gb hdd\user\AppData\Local\Temp\vpsetup.exe a variant of Win32/Toolbar.Conduit.H potentially unwanted application deleted - quarantined
D:\from old 500gb hdd\user\AppData\Local\Temp\ICReinstall\cnet_BitMeter2_zip.exe a variant of Win32/InstallCore.D potentially unwanted application cleaned by deleting - quarantined
D:\from old 500gb hdd\user\AppData\Local\Temp\is-5R5CR.tmp\InstallManager.exe Win32/InstallMonetizer.AZ potentially unwanted application deleted - quarantined
D:\from old 500gb hdd\user\Downloads\debutpsetup.exe a variant of Win32/Toolbar.Conduit.H potentially unwanted application deleted - quarantined
D:\Software\Core-Temp-installer.exe Win32/Somoto.Q potentially unwanted application deleted - quarantined
D:\Software\winamp5666_full_all_inst.exe a variant of Win32/InstallCore.UE potentially unwanted application cleaned by deleting - quarantined
 


#6 buddy215

buddy215

  • BC Advisor
  • 12,596 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:04:30 PM

Posted 03 September 2015 - 05:51 AM

Did you do this:

Rerun MBAM and allow it to remove/ quarantine what it found. Correct the settings to allow it to scan for rootkits as shown below.

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled Change to Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
 

Post the three lists mentioned below using CCleaner:

 

Open CCleaner and click on Tools. Choose Startups. On that page you will see a list of Windows Startups and at the top tabs for each browser and Scheduled Tasks.

At the bottom right of that page you will see a button when clicked will allow you to Copy and Paste the list of Windows Startups and Scheduled Tasks into your next

post. Please do that.

 

Open CCleaner and click on Tools. Choose Uninstall. On that page you will see a list of programs installed on your computer and at the bottom right of that page you

will see a button when clicked will allow you to Copy and Paste that list in your next post. Please do that.


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss

A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”


#7 OmnisScio

OmnisScio
  • Topic Starter

  • Members
  • 38 posts
  • OFFLINE
  •  
  • Local time:09:30 AM

Posted 04 September 2015 - 04:57 AM

I did MBAm again.

____________________________________________________________________________

 

Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 4/09/2015
Scan Time: 10:20 AM
Logfile: MLB results.txt
Administrator: Yes
 
Version: 2.1.8.1057
Malware Database: v2015.09.03.07
Rootkit Database: v2015.08.16.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
 
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: User
 
Scan Type: Custom Scan
Result: Completed
Objects Scanned: 1127941
Time Elapsed: 8 hr, 11 min, 43 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 0
(No malicious items detected)
 
Registry Values: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Folders: 0
(No malicious items detected)
 
Files: 13
PUP.RiskWare.Tool.CK, D:\Downloads\Adobe Photoshop CS6 13.0.1 Final  Multilanguage (cracked dll) [ChingLiu]\cracked dll\32 bit\amtlib.dll, , [d7ac78b3b8d387af5b623e5750b202fe], 
PUP.RiskWare.Tool.CK, D:\Downloads\Adobe Photoshop CS6 13.0.1 Final  Multilanguage (cracked dll) [ChingLiu]\cracked dll\64 bit\amtlib.dll, , [95ee71ba94f75ed8776fd2c344be4cb4], 
RiskWare.Tool.HCK, D:\Downloads\Corel VideoStudio Ultimate X8 18.5.0.23 SP2 (x64) + Content\keygen.exe, , [f0934cdf3754211512ead4a214edec14], 
RiskWare.Tool.CK, D:\from old 500gb hdd\Downloads\Adobe.CS3.Design.Premium-Keymaker\acs3dp-k.rar, , [f68dcc5fb9d2241266247606db2538c8], 
PUP.RiskWare.Tool.CK, D:\Software\Adobe\Adobe Media Encoder CS6\amtlib.dll, , [176cff2cc0cb9f97be28deb7e919916f], 
PUP.RiskWare.Tool.CK, D:\Software\Adobe Flash CC\Adobe Flash CC\adobe.photoshop.cc-patch-painter.exe, , [ef94a5864f3cb0867eaeaa1ea859dd23], 
PUP.RiskWare.Tool.CK, D:\Software\Adobe Flash CC\Adobe Flash Professional CC 13.0.0.759 Multilingual\crack\adobe.photoshop.cc-patch-painter.exe, , [2b58ce5d3e4d66d095979038a25f6b95], 
PUP.RiskWare.Tool.CK, D:\Software\Adobe Flash CC\Adobe Flash Professional CC 13.0.0.759 Multilingual\crack\patch.rar, , [86fd54d7e8a3b284be6eac1ce51c15eb], 
PUP.RiskWare.Tool.CK, D:\Software\Adobe Flash Pro CS6\DLL FILE\32bit\amtlib.dll, , [9ee5cf5cd2b93303922bf5a0966c7789], 
PUP.RiskWare.Tool.CK, D:\Software\Adobe Flash Pro CS6\DLL FILE\64bit\amtlib.dll, , [8ef57ab12665191d8e58ebaa2ad832ce], 
PUP.RiskWare.Tool.CK, D:\Software\Adobe Flash Pro CS6\DLL FILE\Original - 32bit\Flash Pro\amtlib.dll, , [95eef2395c2f1f171ba25441917156aa], 
PUP.RiskWare.Tool.CK, D:\Software\Adobe Photoshop CS6\Adobe Photoshop CS6 (64 Bit)\amtlib.dll, , [562d9c8f58331f177b6b5e37bd45a55b], 
PUP.Optional.APNToolBar, C:\Program Files (x86)\AVG\AVG2015\Notification\avg_ask_tb.exe, , [a5dee249b2d9ed49a65a65564db42ad6], 
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)
=============================================================================================================================================
 
Windows startup
_____________________________________________________________________________________________________________________________________________
 
Yes HKCU:Run AdobeBridge
Yes HKCU:Run BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} Nero AG "C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe"
Yes HKCU:Run CCleaner Monitoring Piriform Ltd "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
Yes HKCU:Run EA Core "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent
Yes HKCU:Run Steam Valve Corporation "C:\Program Files (x86)\Steam\steam.exe" -silent
Yes HKLM:Run Adobe ARM Adobe Systems Incorporated "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
Yes HKLM:Run AdobeAAMUpdater-1.0 Adobe Systems Incorporated "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
Yes HKLM:Run AdobeCEPServiceManager Adobe Systems Incorporated "C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe" -launchedbylogin
Yes HKLM:Run AdobeCS5ServiceManager Adobe Systems Incorporated "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
Yes HKLM:Run AdobeCS6ServiceManager Adobe Systems Incorporated "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
Yes HKLM:Run AVG_UI AVG Technologies CZ, s.r.o. "C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAYONLY
Yes HKLM:Run BCSSync Microsoft Corporation "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
Yes HKLM:Run NvBackend NVIDIA Corporation "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
Yes HKLM:Run ShadowPlay Microsoft Corporation C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
Yes HKLM:Run SwitchBoard Adobe Systems Incorporated C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
 
 
Scheduled tasks
______________________________________________________________________________________________________________________________
 
Yes Task Adobe Flash Player Updater Adobe Systems Incorporated C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Yes Task AdobeAAMUpdater-1.0-User-PC-User Adobe Systems Incorporated C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe -mode=scheduled
Yes Task AutoKMS C:\Windows\AutoKMS\AutoKMS.exe
Yes Task CCleanerSkipUAC Piriform Ltd "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
Yes Task GoogleUpdateTaskMachineCore Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Yes Task GoogleUpdateTaskMachineUA Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
 
 
Installed programs
_______________________________________________________________________________________________________________________________
 
7-Zip 9.20 14/02/2015
Adobe AIR Adobe Systems Incorporated 22/09/2014 3.1.0.4880
Adobe Creative Suite 5 Master Collection Adobe Systems Incorporated 22/09/2014 8.16 GB 5.0
Adobe Flash Player 18 ActiveX Adobe Systems Incorporated 12/08/2015 8.30 MB 18.0.0.232
Adobe Flash Player 18 NPAPI Adobe Systems Incorporated 12/08/2015 8.85 MB 18.0.0.232
Adobe Flash Professional CC Adobe Systems Incorporated 12/05/2015 2.20 GB 13.0
Adobe Flash Professional CS6 Adobe Systems Incorporated 22/09/2014 2.57 GB 12.0
Adobe Help Manager Adobe Systems Incorporated 22/09/2014 4.0.244
Adobe Media Player Adobe Systems Incorporated 22/09/2014 1.8
Adobe Photoshop CS6 Adobe Systems Incorporated 12/11/2014 2.49 GB 13.0
Adobe Reader X (10.1.12) Adobe Systems Incorporated 20/09/2014 117 MB 10.1.12
Agarest Zero Idea Factory 13/06/2015
Agarest: Generations of War Idea Factory 12/01/2015
Agarest: Generations of War 2 Idea Factory 15/06/2015
Age of Mythology: Extended Edition SkyBox Labs 16/06/2015
Age of Wonders GOG.com 6/12/2014 303 MB 2.0.0.13
AMD System Monitor Advanced Micro Devices, Inc. 25/07/2015 1.48 MB 1.0.9
Anki 16/09/2014
Archeage Trion Worlds, Inc. 17/09/2014
Assassin's Creed Brotherhood Ubisoft Montreal 31/12/2014
Assassin's Creed II Ubisoft Montreal 23/12/2014
Atlantica Nexon America 19/07/2015 50128
AVG 2015 AVG Technologies 3/09/2015 2015.0.6140
Bastion Supergiant Games 10/05/2015
Battle for Wesnoth 1.10.7 17/11/2014 1.10.7
Battle for Wesnoth 1.12.0 1/12/2014 1.12.0
Battle.net Blizzard Entertainment 31/08/2014
CCleaner Piriform 28/08/2015 5.09
Chantelise EasyGameStation 19/06/2015
Core Temp 1.0 RC6 Alcpu 22/10/2014 2.00 MB 1.0
Divinity: Original Sin Larian Studios 5/11/2014
FINAL FANTASY VII Square Enix 16/08/2015
FINAL FANTASY VIII SQUARE ENIX 14/08/2015
Flexible Survival Nuku Valente 16/03/2015 37.7 MB 1.7.214
Glyph Trion Worlds, Inc. 16/09/2014 77.9 MB
GOG.com Downloader version 3.6.0 GOG.com 15/11/2014 2.19 MB 3.6.0
Google Chrome Google Inc. 27/08/2014 45.0.2454.85
Hearthstone Blizzard Entertainment 7/12/2014
HuniePop HuniePot 1/05/2015
Hyperdimension Neptunia Re;Birth1 Idea Factory, Inc. 21/06/2015
Java 8 Update 25 Oracle Corporation 21/10/2014 73.3 MB 8.0.250
Java 8 Update 25 (64-bit) Oracle Corporation 21/10/2014 85.3 MB 8.0.250
Java SE Development Kit 8 Update 20 (64-bit) Oracle Corporation 14/09/2014 314 MB 8.0.200.26
Long Live The Queen Hanako Games 14/06/2015
Malwarebytes Anti-Malware version 2.1.8.1057 Malwarebytes Corporation 28/08/2015 64.5 MB 2.1.8.1057
Mass Effect 2 Electronic Arts, Inc. 14/12/2014 1.00
Microsoft .NET Framework 4.5.2 Microsoft Corporation 11/03/2015 38.8 MB 4.5.51209
Microsoft Office Professional Plus 2010 Microsoft Corporation 1/01/2008 14.0.7015.1000
Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 22/09/2014 300 KB 8.0.59193
Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Corporation 22/09/2014 572 KB 8.0.61000
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Corporation 22/09/2014 780 KB 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Corporation 6/11/2014 788 KB 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 7/12/2014 240 KB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Corporation 22/09/2014 588 KB 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 6/11/2014 600 KB 9.0.30729.6161
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 Microsoft Corporation 7/06/2015 13.8 MB 10.0.40219
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 Microsoft Corporation 7/06/2015 15.0 MB 10.0.40219
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 Microsoft Corporation 16/06/2015 20.5 MB 11.0.61030.0
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 Microsoft Corporation 16/06/2015 17.3 MB 11.0.61030.0
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 Microsoft Corporation 16/06/2015 20.5 MB 12.0.30501.0
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 Microsoft Corporation 16/06/2015 17.1 MB 12.0.30501.0
Microsoft WSE 3.0 Runtime Microsoft Corp. 18/05/2015 942 KB 3.0.5305.0
Microsoft XNA Framework Redistributable 3.1 Microsoft Corporation 10/05/2015 7.55 MB 3.1.10527.0
Microsoft XNA Framework Redistributable 4.0 Microsoft Corporation 1/07/2015 8.03 MB 4.0.20823.0
MotioninJoy Gamepad tool 0.7.1001 www.motioninjoy.com 28/08/2014 3.89 MB 0.7.1001
Mount and Blade GOG.com 15/11/2014 542 MB 2.0.0.4
Mozilla Firefox 32.0 (x86 en-GB) Mozilla 4/09/2014 75.0 MB 32.0
Mozilla Maintenance Service Mozilla 4/09/2014 220 KB 32.0
Nero 7 Premium Nero AG 1/01/2008 517 MB 7.02.5043
Neverwinter Nights 2 Complete GOG.com 19/06/2015 11.6 GB 2.1.0.6
Neverwinter Nights Platinum Edition 12/11/2014
Nexon Game Manager 19/07/2015
NVIDIA 3D Vision Controller Driver 352.65 NVIDIA Corporation 30/07/2015 352.65
NVIDIA 3D Vision Driver 353.62 NVIDIA Corporation 30/07/2015 353.62
NVIDIA GeForce Experience 2.5.12.11 NVIDIA Corporation 30/07/2015 2.5.12.11
NVIDIA Graphics Driver 353.62 NVIDIA Corporation 30/07/2015 353.62
NVIDIA HD Audio Driver 1.3.34.3 NVIDIA Corporation 30/07/2015 1.3.34.3
NVIDIA PhysX System Software 9.15.0428 NVIDIA Corporation 1/06/2015 9.15.0428
PCSX2 - Playstation 2 Emulator 25/03/2015
PunkBuster Services Even Balance, Inc. 1/01/2015 0.990
Recettear: An Item Shop's Tale EasyGameStation 13/06/2015
RGSS-RTP Standard Enterbrain 30/04/2015 1.04
RPG MAKER VX Ace RTP Enterbrain 12/05/2015 194 MB 1.00
Shadowrun Returns Harebrained Schemes 28/11/2014
Shadowrun: Dragonfall - Director's Cut Harebrained Schemes 1/12/2014
Sid Meier's Civilization 4 Firaxis Games 7/02/2015 1.74
Sid Meier's Civilization 4 - Beyond the Sword Firaxis Games 7/02/2015 3.1.9
SixaxisDriver 0.91 xPAD, Inc. 28/08/2014
Star Wars: Knights of the Old Republic BioWare 22/05/2015
StarCraft II Blizzard Entertainment 31/08/2014
Starless Nymphomaniacs' Paradise JAST USA 5/06/2015 1.0
Steam Valve Corporation 14/08/2015 2.10.91.91
Sudeki GOG.com 28/11/2014 5.50 GB 2.1.0.7
TERA En Masse Entertainment 28/08/2014 1.6
Terraria Re-Logic 12/01/2015
Tixati 6/09/2014
Unity Web Player Unity Technologies ApS 3/01/2015 12.0 MB 4.6.1f1
Uplay Ubisoft 23/12/2014 4.9
Valkyria Chronicles™ SEGA 6/06/2015
Visual Studio 2012 x64 Redistributables AVG Technologies 25/08/2015 1.89 MB 14.0.0.1
Visual Studio 2012 x86 Redistributables AVG Technologies CZ, s.r.o. 25/08/2015 1.69 MB 14.0.0.1
VLC media player 2.0.0 VideoLAN 28/08/2014 2.0.0
Wacom Tablet Wacom Technology Corp. 27/01/2015 6.3.11w3
WebTablet FB Plugin 32 bit Wacom Technology Corp. 27/01/2015 2.1.0.7
WebTablet FB Plugin 64 bit Wacom Technology Corp. 27/01/2015 2.1.0.7
Winamp Nullsoft, Inc 14/09/2014 5.666 
Winamp Packages 14/09/2014
WinCDEmu Bazis 2/03/2015 3.6
WinRAR archiver 1/01/2008
X-Blades Topware Interactive 24/03/2015
XCOM: Enemy Unknown Firaxis Games 27/08/2014


#8 buddy215

buddy215

  • BC Advisor
  • 12,596 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:04:30 PM

Posted 04 September 2015 - 08:08 AM

Do I need to tell you how risky and illegal it is to download and use cracked/ pirated programs? Probaly not....

 

You didn't allow MBAM to remove what it found....

 

Suggest disabling these Windows Startups: Use CCleaner by clicking on each item to highlight and then choosing Disable, Remove or Uninstall on right.

Yes HKCU:Run AdobeBridge
Yes HKCU:Run BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} Nero AG "C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe"
Yes HKCU:Run CCleaner Monitoring Piriform Ltd "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
Yes HKCU:Run Steam Valve Corporation "C:\Program Files (x86)\Steam\steam.exe" -silent
Yes HKLM:Run Adobe ARM Adobe Systems Incorporated "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
Yes HKLM:Run AdobeAAMUpdater-1.0 Adobe Systems Incorporated "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
Yes HKLM:Run AdobeCEPServiceManager Adobe Systems Incorporated "C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe" -launchedbylogin
Yes HKLM:Run AdobeCS5ServiceManager Adobe Systems Incorporated "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
Yes HKLM:Run AdobeCS6ServiceManager Adobe Systems Incorporated "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
Yes HKLM:Run NvBackend NVIDIA Corporation "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
Yes HKLM:Run ShadowPlay Microsoft Corporation C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
Yes HKLM:Run SwitchBoard Adobe Systems Incorporated C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
 
Suggest Disabling these tasks:
Yes Task Adobe Flash Player Updater Adobe Systems Incorporated C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Yes Task AdobeAAMUpdater-1.0-User-PC-User Adobe Systems Incorporated C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe -mode=scheduled
Yes Task AutoKMS C:\Windows\AutoKMS\AutoKMS.exe
Yes Task CCleanerSkipUAC Piriform Ltd "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
Yes Task GoogleUpdateTaskMachineCore Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Yes Task GoogleUpdateTaskMachineUA Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
 
Suggest Uninstalling these programs:
Adobe Reader X (10.1.12) Adobe Systems Incorporated 20/09/2014 117 MB 10.1.12  Or Update
Java 8 Update 25 Oracle Corporation 21/10/2014 73.3 MB 8.0.250  Old Java are malware magnets
Java 8 Update 25 (64-bit) Oracle Corporation 21/10/2014 85.3 MB 8.0.250
Java SE Development Kit 8 Update 20 (64-bit) Oracle Corporation 14/09/2014 314 MB 8.0.200.26
Mozilla Firefox 32.0 (x86 en-GB) Mozilla 4/09/2014 75.0 MB 32.0  Or Update
Unity Web Player Unity Technologies ApS 3/01/2015 12.0 MB 4.6.1f1
Winamp Nullsoft, Inc 14/09/2014 5.666 
Winamp Packages 14/09/2014
 
 
 
 

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss

A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”


#9 OmnisScio

OmnisScio
  • Topic Starter

  • Members
  • 38 posts
  • OFFLINE
  •  
  • Local time:09:30 AM

Posted 04 September 2015 - 05:07 PM

I have followed almost all of your suggestions, but why do I need to disable steam and uninstall winamp?

 

Is there a way to have MBAM remove what it found the last time I scanned without having to scan again?

 

Thank you for your help.



#10 buddy215

buddy215

  • BC Advisor
  • 12,596 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:04:30 PM

Posted 04 September 2015 - 06:46 PM

You would only be removing Steam from startup. It will be available when needed by probably clicking on the desktop icon. Up to you.

Winamp had a bad rep at one time. Ad intensive and not well supported. If you want to keep it....up to you. Eset removed some adware from Winamp.

 

Best to rescan and it will likely ask you to reboot to remove what it found. I just checked....8 hours of scanning...

Are you running programs from the D Drive or just the C drive that Windows is installed on? If so, change the settings in MBAM to scan only the C-Drive.

EDIT: Malwarebytes | How do I scan a specific file, folder, d...

You can find the files on the D-Drive and have MBAM just scan those it noted in the last MBAM log you posted.

 

 

Has the computer improved in performance or are there still problems?


Edited by buddy215, 04 September 2015 - 06:53 PM.

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss

A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”


#11 OmnisScio

OmnisScio
  • Topic Starter

  • Members
  • 38 posts
  • OFFLINE
  •  
  • Local time:09:30 AM

Posted 05 September 2015 - 12:16 AM

I have most programs installed and run from the D drive as the C drive (an SSD) is too small to put them on. I have the MBAM run while I'm at work, so no other programs are running. It was scanning both the C and D drive.

 

I opened MBAM and in the history section was a list of all the stuff it found in the scan, it was quarantined. I was able to select items on the list to permanently delete and did so to most of them.

 

Regarding performance, it has always been difficult to gauge. It's always so random and sporadic. Sometimes the computer will turn on and off in less than 30 seconds (like it should), and other times it will take several minutes. Most of the time navigating the file system is effortless, but occasionally it gets bogged down and has extreme difficulty accessing a seemingly innocuous folder. 

 

I'll have to use the computer for a few days before I can give a confidant answer to this question.

 

The game Neverwinter nights however, continues to experience stuttering in the music of the opening movies (the game itself is fine though).  It is possible that this is caused by something else entirely. 



#12 buddy215

buddy215

  • BC Advisor
  • 12,596 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:04:30 PM

Posted 05 September 2015 - 06:48 AM

Sounds like the disk drive D has problems. Likely bad sectors and/ or small amount of free space. Having a ton of RAM may help with the stuttering....like 16 GBs.

Are you able to defragment the D-drive?


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss

A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”


#13 OmnisScio

OmnisScio
  • Topic Starter

  • Members
  • 38 posts
  • OFFLINE
  •  
  • Local time:09:30 AM

Posted 05 September 2015 - 06:37 PM

I believe I have enough free space.  It is 667 GB free of 1.81 TB.

 

I have 8 GB of RAM

 

I could have the defrag go while I'm at work today.

That just moves stuff around right? Nothing gets deleted?



#14 buddy215

buddy215

  • BC Advisor
  • 12,596 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:04:30 PM

Posted 05 September 2015 - 07:01 PM

I probably don't need to say this..BUT...DO NOT attempt to defrag the SSD.

 

Like you said....defragging just moves files around...doesn't remove any.


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss

A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”


#15 OmnisScio

OmnisScio
  • Topic Starter

  • Members
  • 38 posts
  • OFFLINE
  •  
  • Local time:09:30 AM

Posted 06 September 2015 - 06:34 AM

I'm glad you did say it. Why is defragging a SSD bad?

 

I only defragged the D drive by the way.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users