Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

W7 is in trouble - can't update, can't install drivers, wermgr going nuts


  • Please log in to reply
12 replies to this topic

#1 sarojgilbert

sarojgilbert

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Arcata, CA
  • Local time:06:19 AM

Posted 11 May 2014 - 12:15 AM

My hard drive started failing on 4/27 and was replaced... the system image and all personal files were restored from a recent back up.  The system began acting strange before the crash but when I got it back, the following happened:

  • For 30 minutes or so after booting, the focus of whatever window I'm in goes in and out... so if I start typing, letters are skpped as that window loses focus... I think I narrowed that phenomenon down to wermgr process cycling.  I tried to shut down the wermgr service, but something else keeps spawnning it... no doubt the actual errors that are occurring... I don't know how to get rid of it entirely, nor if I should although I have serious doubts that Microsoft really cares what is happening to my computer. 
  • The HP printer's "Solution Center" had disappeared (which I need to scan)
  • My ScanSnap was no longer operational and the computer fails to complete the driver install
  • Windows update hangs up
  • I can't back up files with the native Windows backup app... it goes so far and then hangs (with no error message)...  left it on overnight and was at same percentage 8 hours later.

I tried going back to an earlier restore point, but the one I needed had already been erased and I couldn't get back far enough.

 

Windows fails at diagnosing or correcting any errors.

 

I'm about to reinstall Windows 7 and SP1, but would prefer not to if possible as I would have to reinstall many applications to get up and running again.  Although there is clearly a lot of unneeded installs on the drive some of which launch services although I've tried to shut as many as I can down.

 

I have all files backed up on an external drive... the backup I made before getting the harddrive replaced and manually copied over all files created since.  My internal drive is partitioned into C: which holds the system files and E: which has My Documents and some other personal files.  Microsoft tech site says that all partitions could get destroyed by reinstalling Windows... I don't know how that is possible... are they that sloppy that they don't respect partition boundaries?

 

I have Norton 360 running continually.

 

Any and all help will be greatly appreciated!

 

Here is the speccy report: http://speccy.piriform.com/results/1H3FeoANEv8r2nJFkL5Imb0

Here is the MiniToolBox report:

MiniToolBox by Farbar  Version: 23-01-2014
Ran by Saroj (administrator) on 10-05-2014 at 21:46:41
Running from "E:\Documents\Computers\My Installables\MiniToolBox"
Microsoft Windows 7 Professional  Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Event log errors: ===============================

Application errors:
==================
Error: (05/10/2014 08:47:55 PM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe_CryptSvc, version: 6.1.7600.16385, time stamp: 0x4a5bc3c1
Faulting module name: ESENT.dll, version: 6.1.7601.17577, time stamp: 0x4d79bfba
Exception code: 0xc0000005
Fault offset: 0x00000000000059a0
Faulting process id: 0xc30
Faulting application start time: 0xsvchost.exe_CryptSvc0
Faulting application path: svchost.exe_CryptSvc1
Faulting module path: svchost.exe_CryptSvc2
Report Id: svchost.exe_CryptSvc3

Error: (05/10/2014 08:47:50 PM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe_CryptSvc, version: 6.1.7600.16385, time stamp: 0x4a5bc3c1
Faulting module name: ESENT.dll, version: 6.1.7601.17577, time stamp: 0x4d79bfba
Exception code: 0xc0000005
Fault offset: 0x00000000000059a0
Faulting process id: 0xc18
Faulting application start time: 0xsvchost.exe_CryptSvc0
Faulting application path: svchost.exe_CryptSvc1
Faulting module path: svchost.exe_CryptSvc2
Report Id: svchost.exe_CryptSvc3

Error: (05/10/2014 08:47:45 PM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe_CryptSvc, version: 6.1.7600.16385, time stamp: 0x4a5bc3c1
Faulting module name: ESENT.dll, version: 6.1.7601.17577, time stamp: 0x4d79bfba
Exception code: 0xc0000005
Fault offset: 0x00000000000059a0
Faulting process id: 0x18a4
Faulting application start time: 0xsvchost.exe_CryptSvc0
Faulting application path: svchost.exe_CryptSvc1
Faulting module path: svchost.exe_CryptSvc2
Report Id: svchost.exe_CryptSvc3

Error: (05/10/2014 08:47:43 PM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe_CryptSvc, version: 6.1.7600.16385, time stamp: 0x4a5bc3c1
Faulting module name: ESENT.dll, version: 6.1.7601.17577, time stamp: 0x4d79bfba
Exception code: 0xc0000005
Fault offset: 0x00000000000059a0
Faulting process id: 0x1368
Faulting application start time: 0xsvchost.exe_CryptSvc0
Faulting application path: svchost.exe_CryptSvc1
Faulting module path: svchost.exe_CryptSvc2
Report Id: svchost.exe_CryptSvc3

Error: (05/10/2014 08:47:40 PM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe_CryptSvc, version: 6.1.7600.16385, time stamp: 0x4a5bc3c1
Faulting module name: ESENT.dll, version: 6.1.7601.17577, time stamp: 0x4d79bfba
Exception code: 0xc0000005
Fault offset: 0x00000000000059a0
Faulting process id: 0x1bb8
Faulting application start time: 0xsvchost.exe_CryptSvc0
Faulting application path: svchost.exe_CryptSvc1
Faulting module path: svchost.exe_CryptSvc2
Report Id: svchost.exe_CryptSvc3

Error: (05/10/2014 08:47:38 PM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe_CryptSvc, version: 6.1.7600.16385, time stamp: 0x4a5bc3c1
Faulting module name: ESENT.dll, version: 6.1.7601.17577, time stamp: 0x4d79bfba
Exception code: 0xc0000005
Fault offset: 0x00000000000059a0
Faulting process id: 0x14ec
Faulting application start time: 0xsvchost.exe_CryptSvc0
Faulting application path: svchost.exe_CryptSvc1
Faulting module path: svchost.exe_CryptSvc2
Report Id: svchost.exe_CryptSvc3

Error: (05/10/2014 08:47:35 PM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe_CryptSvc, version: 6.1.7600.16385, time stamp: 0x4a5bc3c1
Faulting module name: ESENT.dll, version: 6.1.7601.17577, time stamp: 0x4d79bfba
Exception code: 0xc0000005
Fault offset: 0x00000000000059a0
Faulting process id: 0x1304
Faulting application start time: 0xsvchost.exe_CryptSvc0
Faulting application path: svchost.exe_CryptSvc1
Faulting module path: svchost.exe_CryptSvc2
Report Id: svchost.exe_CryptSvc3

Error: (05/10/2014 08:47:33 PM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe_CryptSvc, version: 6.1.7600.16385, time stamp: 0x4a5bc3c1
Faulting module name: ESENT.dll, version: 6.1.7601.17577, time stamp: 0x4d79bfba
Exception code: 0xc0000005
Fault offset: 0x00000000000059a0
Faulting process id: 0x910
Faulting application start time: 0xsvchost.exe_CryptSvc0
Faulting application path: svchost.exe_CryptSvc1
Faulting module path: svchost.exe_CryptSvc2
Report Id: svchost.exe_CryptSvc3

Error: (05/10/2014 08:47:30 PM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe_CryptSvc, version: 6.1.7600.16385, time stamp: 0x4a5bc3c1
Faulting module name: ESENT.dll, version: 6.1.7601.17577, time stamp: 0x4d79bfba
Exception code: 0xc0000005
Fault offset: 0x00000000000059a0
Faulting process id: 0xa00
Faulting application start time: 0xsvchost.exe_CryptSvc0
Faulting application path: svchost.exe_CryptSvc1
Faulting module path: svchost.exe_CryptSvc2
Report Id: svchost.exe_CryptSvc3

Error: (05/10/2014 08:47:28 PM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe_CryptSvc, version: 6.1.7600.16385, time stamp: 0x4a5bc3c1
Faulting module name: ESENT.dll, version: 6.1.7601.17577, time stamp: 0x4d79bfba
Exception code: 0xc0000005
Fault offset: 0x00000000000059a0
Faulting process id: 0x1ab0
Faulting application start time: 0xsvchost.exe_CryptSvc0
Faulting application path: svchost.exe_CryptSvc1
Faulting module path: svchost.exe_CryptSvc2
Report Id: svchost.exe_CryptSvc3


System errors:
=============
Error: (05/10/2014 08:47:56 PM) (Source: Service Control Manager) (User: )
Description: The Cryptographic Services service terminated unexpectedly.  It has done this 655 time(s).

Error: (05/10/2014 08:47:51 PM) (Source: Service Control Manager) (User: )
Description: The Cryptographic Services service terminated unexpectedly.  It has done this 654 time(s).

Error: (05/10/2014 08:47:45 PM) (Source: Service Control Manager) (User: )
Description: The Cryptographic Services service terminated unexpectedly.  It has done this 653 time(s).

Error: (05/10/2014 08:47:44 PM) (Source: Service Control Manager) (User: )
Description: The Cryptographic Services service terminated unexpectedly.  It has done this 652 time(s).

Error: (05/10/2014 08:47:40 PM) (Source: Service Control Manager) (User: )
Description: The Cryptographic Services service terminated unexpectedly.  It has done this 651 time(s).

Error: (05/10/2014 08:47:39 PM) (Source: Service Control Manager) (User: )
Description: The Cryptographic Services service terminated unexpectedly.  It has done this 650 time(s).

Error: (05/10/2014 08:47:35 PM) (Source: Service Control Manager) (User: )
Description: The Cryptographic Services service terminated unexpectedly.  It has done this 649 time(s).

Error: (05/10/2014 08:47:34 PM) (Source: Service Control Manager) (User: )
Description: The Cryptographic Services service terminated unexpectedly.  It has done this 648 time(s).

Error: (05/10/2014 08:47:30 PM) (Source: Service Control Manager) (User: )
Description: The Cryptographic Services service terminated unexpectedly.  It has done this 647 time(s).

Error: (05/10/2014 08:47:29 PM) (Source: Service Control Manager) (User: )
Description: The Cryptographic Services service terminated unexpectedly.  It has done this 646 time(s).


Microsoft Office Sessions:
=========================
Error: (02/22/2014 00:10:43 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 84335 seconds with 4380 seconds of active time.  This session ended with a crash.

Error: (01/11/2014 03:37:55 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6680.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 19 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (09/19/2013 09:32:06 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6679.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 80818 seconds with 420 seconds of active time.  This session ended with a crash.

Error: (07/27/2013 10:32:12 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 88642 seconds with 3840 seconds of active time.  This session ended with a crash.

Error: (09/30/2012 00:05:18 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6661.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 156247 seconds with 3240 seconds of active time.  This session ended with a crash.

Error: (08/22/2012 09:16:48 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6661.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 1200105 seconds with 63000 seconds of active time.  This session ended with a crash.

Error: (06/01/2012 03:51:11 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6607.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 144844 seconds with 16740 seconds of active time.  This session ended with a crash.

Error: (04/12/2012 06:40:23 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 413019 seconds with 13380 seconds of active time.  This session ended with a crash.

Error: (04/12/2012 00:07:54 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6654.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 864573 seconds with 25800 seconds of active time.  This session ended with a crash.

Error: (04/07/2012 11:56:33 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 475153 seconds with 30720 seconds of active time.  This session ended with a crash.


=========================== Installed Programs ============================

 Update for Microsoft Office 2007 (KB2508958)
3dPageFlip  Editor
64 Bit HP CIO Components Installer (Version: 7.2.8)
ABBYY FineReader for ScanSnap ™ 5.0 (Version: 11.0.159)
Acquia Dev Desktop (Version: 1.2.43)
Adobe Acrobat XI Standard (Version: 11.0.06)
Adobe AIR (Version: 3.8.0.870)
Adobe Dreamweaver CS5.5 (Version: 11.5)
Adobe Flash Player 13 ActiveX (Version: 13.0.0.206)
Adobe Flash Player 13 Plugin (Version: 13.0.0.206)
Adobe Reader XI (11.0.06) (Version: 11.0.06)
Adobe Shockwave Player 12.0 (Version: 12.0.5.146)
Amazon Kindle
Angry Birds (Version: 2.3.0)
Apple Application Support (Version: 3.0.1)
Apple Mobile Device Support (Version: 7.1.1.3)
Apple Software Update (Version: 2.1.3.127)
Audials (Version: 10.1.6207.700)
Audio Record Wizard (Version: 6.8)
B209a-m (Version: 140.0.690.000)
Batch Picture Resizer 4.0 (Version: 4.0)
Boilsoft Video Joiner 6.57
Bonjour (Version: 3.0.0.10)
Booknizer 5.1
BufferChm (Version: 140.0.212.000)
Bully Dog Update Agent (Version: 1.1.1.12)
calibre (Version: 0.9.16)
CardMinder (Version: V5.0L10)
CardMinder V5.0 (Version: 5.0.10.1)
CCleaner (Version: 4.13)
Citrix Online Launcher (Version: 1.0.168)
Content Manager (Version: 2.61)
Convert Pdf to Word 6.9
CrossLoop 2.74
D3DX10 (Version: 15.4.2368.0902)
Debut Video Capture Software (Version: 1.82)
Destinations (Version: 140.0.77.000)
DeviceDiscovery (Version: 140.0.212.000)
Dropbox (Version: 2.6.33)
Easy Drive Data Recovery (Version: 3.0)
eChat (Version: Ensign eChat)
eFax Messenger (Version: 4.4.2.533)
E-Futures International Demo 3.5
Elgato Video Capture (Version: 1.1.4.40)
Etron USB3.0 Host Controller (Version: 0.101)
Evernote v. 5.3.1 (Version: 5.3.1.3363)
Express Zip
FBDownloader IE Add-on (Version: 1.0.3)
FileZilla Client 3.5.3 (Version: 3.5.3)
Folder Size & Analyze Professional (Version: 5.20)
Free Download Manager 3.9.2
GIMP 2.8.6 (Version: 2.8.6)
Google Earth Plug-in (Version: 7.1.2.2041)
Google Update Helper (Version: 1.3.24.7)
GoToMeeting 6.2.0.1350 (Version: 6.2.0.1350)
Graboid Video 3.58 (Version: 3.58)
Graboid Video 3.58 Setup (Version: 3.5.8)
Hewlett-Packard ACLM.NET v1.1.0.0 (Version: 1.00.0000)
HHD Software Hex Editor Neo 5.13 (Version: 5.13.1.4770)
HP Customer Participation Program 14.0 (Version: 14.0)
HP Imaging Device Functions 14.0 (Version: 14.0)
HP Photo Creations (Version: 1.0.0.2024)
HP Photosmart Plus B209a-m All-in-One Driver Software 14.0 Rel. 6 (Version: 14.0)
HP Product Detection (Version: 11.14.0001)
HP Update (Version: 5.005.000.002)
HPDiagnosticAlert (Version: 1.00.0000)
HPPhotoGadget (Version: 140.0.524.000)
HPSSupply (Version: 140.0.211.000)
Intel® Control Center (Version: 1.2.1.1007)
Intel® Management Engine Components (Version: 7.0.0.1118)
Intel® Processor Graphics (Version: 8.15.10.2418)
Intel® Rapid Storage Technology (Version: 10.6.0.1002)
iPixSoft Flash Gallery Factory (1.6.0.0) (Version: 1.6.0.0)
iSEEK AnswerWorks English Runtime (Version: 010.000.0101)
iTunes (Version: 11.1.5.5)
Janetter 4.2.3.0
Java 7 Update 45 (64-bit) (Version: 7.0.450)
Java 7 Update 55 (Version: 7.0.550)
Java Auto Updater (Version: 2.1.9.8)
Junk Mail filter update (Version: 16.4.3508.0205)
KC Softwares AudioGrail
KooRaRoo Media (Version: 1.2.0.0)
Kwik POP v3.0
Learn to Play Bridge
Learn to Play Bridge 2
LightScribe Applications (Version: 1.18.15.1)
LightScribe System Software (Version: 1.18.18.1)
LoopBe30 - Internal MIDI Ports
Magic Collage (Version: 2.3)
Malwarebytes Anti-Malware version 2.0.1.1004 (Version: 2.0.1.1004)
Market Replay Downloader version 1.0 (Version: 1.0)
MarketResearch (Version: 140.0.212.000)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft IntelliPoint 8.2 (Version: 8.20.468.0)
Microsoft Office 2007 Primary Interop Assemblies (Version: 12.0.4518.1014)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook Connector (Version: 14.0.5118.5000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Professional 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs (Version: 12.0.4518.1014)
Microsoft Silverlight (Version: 5.1.30214.0)
Microsoft SkyDrive (Version: 16.4.6013.0910)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft VC9 runtime libraries (Version: 2.0.0)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.50727.42)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual Studio 2005 Tools for Office Runtime
Microsoft Visual Studio 2005 Tools for Office Runtime (Version: 8.0.60940.0)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053)
Microsoft_VC90_ATL_x86 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (Version: 1.00.0000)
Microsoft_VC90_MFCLOC_x86 (Version: 1.00.0000)
MixPad
Mobile Video 2.0 (Version: 2.11.0713)
Movie Maker (Version: 16.4.3508.0205)
Mozilla Firefox 28.0 (x86 en-US) (Version: 28.0)
Mozilla Maintenance Service (Version: 28.0)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSVCRT110 (Version: 16.4.1108.0727)
MSVCRT110_amd64 (Version: 16.4.1109.0912)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 4.0 SP2 Parser and SDK (Version: 4.20.9818.0)
NanoMax 2.9.1.1000
NETGEAR Genie (Version: 2.2.28.24.exe )
Network64 (Version: 140.0.215.000)
Network64 (Version: 140.0.221.000)
NinjaTrader 7 (Version: 7.0.1022)
Norton 360 (Version: 21.2.0.38)
Norton Identity Safe (Version: 2013.4.0.10)
Norton Management (Version: 3.2.2.12)
ON_OFF Charge B11.0110.1 (Version: 1.00.0001)
PaintSupreme (Version: 1.1)
PDF Impress 2013 (Version: 21.23.032)
PDFCreator (Version: 1.2.0)
Photo Gallery (Version: 16.4.3508.0205)
PhotoStage Slideshow Producer
Photoupz 1.63 (Version: 1.63)
PicaJet FX 2.6.5.696 (Version: PicaJet FX 2.6.5.696)
Pixelplan - Flow Architect Studio 3D
Pixelplan - Pixelplan O4C Viewer Web
Pixillion Image Converter (Version: 2.59)
Process Lasso (Version: 6.0.1.36)
PS_AIO_06_B209a-m_SW_Min (Version: 140.0.690.000)
QuickBooks (Version: 20.0.4017.807)
QuickBooks Pro 2010 (Version: 20.0.4017.807)
Quicken 2014 (Version: 23.1.7.6)
QuickTime 7 (Version: 7.75.80.95)
QuickTransfer (Version: 140.0.98.000)
Realtek Ethernet Controller Driver (Version: 7.45.516.2011)
Realtek High Definition Audio Driver (Version: 6.0.1.6387)
Scan (Version: 140.0.80.000)
ScanSnap Manager (Version: 6.0.11.5.07)
ScanSnap Manager (Version: V6.0L12)
ScanSnap Organizer (Version: 5.0.11.1)
ScanSnap Organizer (Version: V5.0L11)
Shop for HP Supplies (Version: 14.0)
Should I Remove It (Version: 1.0.4)
Skype Click to Call (Version: 7.2.15747.10003)
Skype™ 6.11 (Version: 6.11.102)
SmartDraw 2014
SmartDraw CI
SmartDraw PDF Export (novaPDF 6.4  printer)
SmartWebPrinting (Version: 140.0.186.000)
SMTPing 1.2.2.18 (Version: 1.2.2.18)
Snagit 11 (Version: 11.4.0)
Software Informer 1.1
Solid 8.0 (Version: 8.00.0000)
Solid Essential 8.0 (Version: 8.0.0.126)
SongFrame
Speccy (Version: 1.24)
Status (Version: 140.0.212.000)
swMSM (Version: 12.0.0.1)
SyncBackPro (Version: 6.5.4.0)
TimelapseCam Director 1.0 (Version: 1.0.0)
Tipard Video Converter Platinum 6.2.16 (Version: 6.2.16)
Toolbox (Version: 140.0.428.000)
TrayApp (Version: 140.0.212.000)
TwistedBrush Pro Studio
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2878297) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Ventrilo Client for Windows x64 (Version: 3.0.8.0)
version 1.0.6.4
Video Capture all v5.09.1202.00 (Version: 5.09.1202.00)
Video Capture v5.09.1202.00 (Version: 5.09.1202.00)
VideoPad Video Editor
VIO Player version 1.0.1 (Version: 1.0.1)
VLC media player 1.0.1 (Version: 1.0.1)
WavePad Sound Editor
WebReg (Version: 140.0.212.017)
Winamp (Version: 5.63 )
Winamp Detector Plug-in (Version: 1.0.0.1)
WinCatalog 2013 (Version: 4.0)
WinDirStat 1.1.2
Windows Live Communications Platform (Version: 16.4.3508.0205)
Windows Live Essentials (Version: 16.4.3508.0205)
Windows Live Family Safety (Version: 16.4.3508.0205)
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0)
Windows Live Installer (Version: 16.4.3508.0205)
Windows Live Mail (Version: 16.4.3508.0205)
Windows Live Messenger (Version: 16.4.3508.0205)
Windows Live MIME IFilter (Version: 16.4.3508.0205)
Windows Live Photo Common (Version: 16.4.3508.0205)
Windows Live PIMT Platform (Version: 16.4.3508.0205)
Windows Live SOXE (Version: 16.4.3508.0205)
Windows Live SOXE Definitions (Version: 16.4.3508.0205)
Windows Live UX Platform (Version: 16.4.3508.0205)
Windows Live UX Platform Language Pack (Version: 16.4.3508.0205)
Windows Live Writer (Version: 16.4.3508.0205)
Windows Live Writer Resources (Version: 16.4.3508.0205)
Windows Media Player Firefox Plugin (Version: 1.0.0.8)
WinISO (Version: 6.3.0.4905)
WinPatrol (Version: 25.6.2012.1)
WModem Driver Installer (Version: 2.0.6.9)
Xvid Video Codec (Version: 1.3.2)

========================= Memory info: ===================================

Percentage of memory in use: 23%
Total physical RAM: 16301.06 MB
Available physical RAM: 12390.96 MB
Total Pagefile: 32600.3 MB
Available Pagefile: 27626.81 MB
Total Virtual: 4095.88 MB
Available Virtual: 3958.62 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:322.17 GB) (Free:214.79 GB) NTFS
2 Drive d: (Repair disc Windows 7 64-bit) (CDROM) (Total:0.16 GB) (Free:0 GB) UDF
3 Drive e: (Storage) (Fixed) (Total:609.24 GB) (Free:360.05 GB) NTFS
4 Drive f: (SAMSUNG) (Fixed) (Total:1863.01 GB) (Free:1167.92 GB) NTFS

========================= Users: ========================================

User accounts for \\

Admin                    Administrator            Guest                    
Licensed User            QBDataServiceUser20      Saroj                    


**** End of log ****
 


Edited by hamluis, 12 May 2014 - 11:51 AM.
Moved from Win 7 to Am I Infected - Hamluis.


BC AdBot (Login to Remove)

 


#2 dc3

dc3

    Bleeping Treehugger


  • Members
  • 30,391 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Sierra Foothills of Northern Ca.
  • Local time:06:19 AM

Posted 11 May 2014 - 10:22 AM

I think I narrowed that phenomenon down to wermgr process cycling.  I tried to shut down the wermgr service, but something else keeps spawnning it

 
This is the Windows Error Reporting Service.  This service can be disabled without any complications.
 
Click on the Start orb, then type services in the Search programs and files box.
 
Services will appear above the Search box und Apps., right click on it and choose Run as administrator.
 
When services open scroll down to Windows Error Reporting Service, double click on it and disable it in Startup type.
 
 
Please run Eset's online scanner and Malwarebyte Antimalware.

Please run the ESET OnlineScan

  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.

 

 
 
Please download Malwarebytes Anti-Malware.
 
1)  Double-click on mbam-setup.exe, then click on Run to install the application, follow the prompts through the installation.
 
2)  Malwarebytes will automatically open.  If this is the first time you have run this version of Malwarbytes you will see an image like the one below.
 
mbam1_zps95cc812c.png
 
Click on Update Now, after Malwarebytes is updated click on Scan.
 
If this isn't the first time you have run this version, then you will see an image like the one below.  Click on Scan
 
mbam1_zps98e7fba9.png
 
You will be prompted to update Malwarebytes, to do so click on Update Now.
 
 mbam2_zps85f38f0c.png
 
3)  The scan will automatically run now.
 
mbamreplace_zps3ead4824.png
 
 
4)  When the scan is complete the results will be displayed.  Click on Quarantine All, then click on Apply Actions
 
mbam4_zps23e52ad4.png
 
 
5)  To complete any actions taken you will be asked if you want to restart your computer, click on Yes
 
 mbam4_zps490948cc.png
 
6)  Please post the Malwarebytes log.
 
To find your Malwarebytes log,download mbam-check.exe from here and save it to your desktop.
 
To open the log double click on mbam-check.exe on your desktop.  When the log opens, scroll down toward the bottom of the log to Quarantined Items.  Copy and paste this in your next post.

Family and loved ones will always be a priority in my daily life.  You never know when one will leave you.

 

 

 

 


#3 sarojgilbert

sarojgilbert
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Arcata, CA
  • Local time:06:19 AM

Posted 11 May 2014 - 07:46 PM

Thanks for your time and getting back quickly... I ran Malwarebytes Anti-malware; it didn't ask me to update... It does say my trial will expire in 9 hours and asks me to "Buy Premium". I quarantined the one item it flagged I opened the log, but there is no "Quarantined items" mentioned... the log is included at bottom of this post. I rebooted; wermgr finally didn't start (even though I tried to shut down the service multiple times yesterday); I ran malwarebytes anti malware again and checked for updates (there are none). I scanned again (No malicious items were detected!). I then did started ESET online scan after disabling Norton 360. ESET online scanner hung up at 92% 4 hours into the process; it scanned 590487 files found 216 infected files. stopped at adxregistrator.log in E:\Documents\zAdd-in Malawarebytes is running in the background and sucking up resources I guess I'll can it... it hasn't moved for 30 minutes... so far, here is my list of problems: - Windows hangs up trying to install its own updates - Cryptographic Service won't start - Windows won't install drivers - Certain processes report that computer is not connected to the internet even though it is (I can browse and get email traffic) - bleeping computer .com reports that Javasript is disabled although nothing has been done to stop it. Any ideas?

#4 sarojgilbert

sarojgilbert
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Arcata, CA
  • Local time:06:19 AM

Posted 11 May 2014 - 07:47 PM

oops... forgot to include the malware log: <?xml version="1.0" encoding="UTF-16" ?> 2014/05/11 12:33:46 -0700mbam-log-2014-05-11 (12-25-53).xmlyes2.00.1.1004v2014.05.11.08v2014.03.27.01trialenabledenableddisabledWindows 7 Service Pack 1x64SarojNTFSthreatcompleted39111546400000010enabledenabledenabledenableddisableddisabledenabledenabledenabledC:\Users\Saroj\Downloads\rcpsetup_2005.exePUP.Optional.RegCleanProsuccess9d873b150774eb4ba9e460d48b756d93

#5 sarojgilbert

sarojgilbert
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Arcata, CA
  • Local time:06:19 AM

Posted 11 May 2014 - 08:18 PM

I stopped ESET and saved the "List of found threats" and looked through the list displayed when I clicked on "Manage quarantine"... I haven't gone through the "List of found threats" and highlighted those shown in the "Manage quarantine"; most were legitimate programs; some I don't recognize.

 

Any ideas about what I should do next?



#6 dc3

dc3

    Bleeping Treehugger


  • Members
  • 30,391 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Sierra Foothills of Northern Ca.
  • Local time:06:19 AM

Posted 12 May 2014 - 10:13 AM

The Malwarebytes log is incomplete, please post the entire log.

 

Please post what you have of the Eset log.

 

You reading these logs does not doesn't provide me with the information which could shed some light on what is going on.


Family and loved ones will always be a priority in my daily life.  You never know when one will leave you.

 

 

 

 


#7 sarojgilbert

sarojgilbert
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Arcata, CA
  • Local time:06:19 AM

Posted 12 May 2014 - 11:06 AM

MALWAREBYTES LOG:

<?xml version="1.0" encoding="UTF-16" ?>

<mbam-log>

<header>

<date>2014/05/11 12:33:46 -0700</date>

<log>mbam-log-2014-05-11 (12-25-53).xml</log>

<isadmin>yes</isadmin>

</header>

<engine>

<version>2.00.1.1004</version>

<rules-database>v2014.05.11.08</rules-database>

<swissarmy-database>v2014.03.27.01</swissarmy-database>

<license>trial</license>

<file-protection>enabled</file-protection>

<web-protection>enabled</web-protection>

<self-protection>disabled</self-protection>

</engine>

<system>

<osversion>Windows 7 Service Pack 1</osversion>

<arch>x64</arch>

<username>Saroj</username>

<filesys>NTFS</filesys>

</system>

<summary>

<type>threat</type>

<result>completed</result>

<objects>391115</objects>

<time>464</time>

<processes>0</processes>

<modules>0</modules>

<keys>0</keys>

<values>0</values>

<datas>0</datas>

<folders>0</folders>

<files>1</files>

<sectors>0</sectors>

</summary>

<options>

<memory>enabled</memory>

<startup>enabled</startup>

<filesystem>enabled</filesystem>

<archives>enabled</archives>

<rootkits>disabled</rootkits>

<deeprootkit>disabled</deeprootkit>

<shuriken>enabled</shuriken>

<pup>enabled</pup>

<pum>enabled</pum>

</options>

<items>

<file><path>C:\Users\Saroj\Downloads\rcpsetup_2005.exe</path><vendor>PUP.Optional.RegCleanPro</vendor><action>success</action><hash>9d873b150774eb4ba9e460d48b756d93</hash></file>

</items>

</mbam-log>



#8 sarojgilbert

sarojgilbert
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Arcata, CA
  • Local time:06:19 AM

Posted 12 May 2014 - 11:08 AM

ESET LOG (up until it hung):

C:\Program Files (x86)\Conduit\Community Alerts\Alert.dll    Win32/Toolbar.Conduit.Y potentially unwanted application    
C:\Program Files (x86)\Conduit\CT3289847\plugins\TBVerifier.dll    Win32/Toolbar.Conduit.AC potentially unwanted application    
C:\Program Files (x86)\Conduit\CT3309350\plugins\TBVerifier.dll    Win32/Toolbar.Conduit.AC potentially unwanted application    
C:\Program Files (x86)\NCH Software\Debut\debut.exe    a variant of Win32/Toolbar.Conduit.H potentially unwanted application    
C:\Program Files (x86)\NCH Software\Debut\debutsetup_v1.82.exe    a variant of Win32/Toolbar.Conduit.H potentially unwanted application    
C:\Program Files (x86)\NCH Software\ExpressZip\expresszip.exe    a variant of Win32/Toolbar.Conduit.H potentially unwanted application    
C:\Program Files (x86)\NCH Software\ExpressZip\expresszipsetup_v2.13.exe    a variant of Win32/Toolbar.Conduit.H potentially unwanted application    
C:\Program Files (x86)\NCH Software\MixPad\mixpad.exe    a variant of Win32/Toolbar.Conduit.H potentially unwanted application    
C:\Program Files (x86)\NCH Software\MixPad\mpsetup_v3.22.exe    a variant of Win32/Toolbar.Conduit.H potentially unwanted application    
C:\Program Files (x86)\NCH Software\MixPad\uninst.exe    a variant of Win32/Toolbar.Conduit.H potentially unwanted application    
C:\Program Files (x86)\NCH Software\PhotoStage\photostage.exe    a variant of Win32/Toolbar.Conduit.H potentially unwanted application    
C:\Program Files (x86)\NCH Software\PhotoStage\pstagesetup_v2.13.exe    a variant of Win32/Toolbar.Conduit.H potentially unwanted application    
C:\Program Files (x86)\NCH Software\PhotoStage\uninst.exe    a variant of Win32/Toolbar.Conduit.H potentially unwanted application    
C:\Program Files (x86)\NCH Software\Pixillion\pixillion.exe    probably a variant of Win32/Toolbar.Conduit.H potentially unwanted application    
C:\Program Files (x86)\NCH Software\Pixillion\pixillionsetup_v2.59.exe    probably a variant of Win32/Toolbar.Conduit.H potentially unwanted application    
C:\Program Files (x86)\NCH Software\VideoPad\uninst.exe    a variant of Win32/Toolbar.Conduit.J potentially unwanted application    
C:\Program Files (x86)\NCH Software\VideoPad\videopad.exe    a variant of Win32/Toolbar.Conduit.J potentially unwanted application    
C:\Program Files (x86)\NCH Software\VideoPad\vppsetup_v2.41.exe    a variant of Win32/Toolbar.Conduit.J potentially unwanted application    
C:\Program Files (x86)\NCH Software\WavePad\uninst.exe    a variant of Win32/Toolbar.Conduit.H potentially unwanted application    
C:\Program Files (x86)\NCH Software\WavePad\wavepad.exe    a variant of Win32/Toolbar.Conduit.H potentially unwanted application    
C:\Program Files (x86)\NCH Software\WavePad\wpsetup_v5.20.exe    a variant of Win32/Toolbar.Conduit.H potentially unwanted application    
C:\Users\Saroj\AppData\Local\CRE\iigplimlmgilpobjilfbfeilnpiigpgl.crx    Win32/Toolbar.Conduit.AC potentially unwanted application    
C:\Users\Saroj\AppData\Local\CRE\klibnahbojhkanfgaglnlalfkgpcppfi.crx    Win32/Toolbar.Conduit.AC potentially unwanted application    
C:\Users\Saroj\AppData\Local\Google\Chrome\User Data\Default\Extensions\ggagiiobgjmfpdadhecbofeoelcpidec\10.19.2.505_0\plugins\TBVerifier.dll    Win32/Toolbar.Conduit.AC potentially unwanted application    
C:\Users\Saroj\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhfonpmgphigeplcebcighengmgihnkh\10.20.101.5_0\plugins\TBVerifier.dll    Win32/Toolbar.Conduit.AC potentially unwanted application    
C:\Users\Saroj\AppData\Local\Google\Chrome\User Data\Default\Extensions\iigplimlmgilpobjilfbfeilnpiigpgl\10.16.70.1_0\plugins\TBVerifier.dll    Win32/Toolbar.Conduit.AC potentially unwanted application    
C:\Users\Saroj\AppData\Local\TB\APISupport\MiniSP_1.0.2.107\MiniSP.dll    a variant of Win32/Conduit.SearchProtect.H potentially unwanted application    
C:\Users\Saroj\AppData\Local\Temp\Temp1_Backup files 262.zip\C\Users\Saroj\Desktop\LICENSEDUSER-PC\Backup Set 2013-09-14 000837\Backup Files 2013-09-14 000837\Backup files 14.zip    a variant of Win32/InstallBrain.W potentially unwanted application    
C:\Users\Saroj\AppData\Local\Temp\Temp1_Backup files 263.zip\C\Users\Saroj\Desktop\LICENSEDUSER-PC\Backup Set 2013-09-14 000837\Backup Files 2013-09-14 000837\Backup files 15.zip    multiple threats    
C:\Users\Saroj\AppData\Local\Temp\Temp1_Backup files 264.zip\C\Users\Saroj\Desktop\LICENSEDUSER-PC\Backup Set 2013-09-14 000837\Backup Files 2013-09-14 000837\Backup files 16.zip    Win32/Toolbar.SearchSuite potentially unwanted application    
C:\Users\Saroj\AppData\Local\Temp\Temp1_Backup files 265.zip\C\Users\Saroj\Desktop\LICENSEDUSER-PC\Backup Set 2013-09-14 000837\Backup Files 2013-09-14 000837\Backup files 17.zip    Win32/InstallBrain potentially unwanted application    
C:\Users\Saroj\AppData\Local\Temp\Temp1_Backup files 266.zip\C\Users\Saroj\Desktop\LICENSEDUSER-PC\Backup Set 2013-09-14 000837\Backup Files 2013-09-14 000837\Backup files 18.zip    Win32/DomaIQ.AG potentially unwanted application    
C:\Users\Saroj\AppData\Local\Temp\Temp1_Backup files 272.zip\E\Documents\- Current Projects\misfiled in Ninjatrader\Documents\Computers\My Installables\AshapooBurningStudio\AshampooBurningStudio2012.zip    Win32/Toolbar.Conduit potentially unwanted application    
C:\Users\Saroj\AppData\Local\Temp\Temp1_Backup files 273.zip\E\Documents\- Current Projects\misfiled in Ninjatrader\Documents\Computers\My Installables\AudioGrail\AudioGrail70.zip    a variant of Win32/Packed.Themida potentially unwanted application    
C:\Users\Saroj\AppData\Local\Temp\Temp1_Backup files 276.zip\E\Documents\- Current Projects\misfiled in Ninjatrader\Documents\Computers\My Installables\Max SyncUp\MAXSyncUp.zip    a variant of Win32/Packed.Themida potentially unwanted application    
C:\Users\Saroj\AppData\Local\Temp\Temp1_Backup files 289.zip\E\Documents\- Current Projects\misfiled in Ninjatrader\Documents\Computers\My Installables\Security apps\Surfinguard\Finjan.SurfinGuard.Pro.v5.70.311.Incl.Keymaker-AGAiN.zip    a variant of Win32/Keygen.AF potentially unsafe application    
C:\Users\Saroj\AppData\Local\Temp\Temp1_Backup files 326.zip\E\Documents\Computers\My Installables\AshapooBurningStudio\AshampooBurningStudio2012.zip    Win32/Toolbar.Conduit potentially unwanted application    
C:\Users\Saroj\AppData\Local\Temp\Temp1_Backup files 327.zip\E\Documents\Computers\My Installables\AudioGrail\AudioGrail70.zip    a variant of Win32/Packed.Themida potentially unwanted application    
C:\Users\Saroj\AppData\Local\Temp\Temp1_Backup files 330.zip\E\Documents\Computers\My Installables\Max SyncUp\MAXSyncUp.zip    a variant of Win32/Packed.Themida potentially unwanted application    
C:\Users\Saroj\AppData\Local\Temp\Temp1_Backup files 343.zip\E\Documents\Computers\My Installables\Security apps\Surfinguard\Finjan.SurfinGuard.Pro.v5.70.311.Incl.Keymaker-AGAiN.zip    a variant of Win32/Keygen.AF potentially unsafe application    
C:\Users\Saroj\AppData\Local\Temp\Temp1_Backup files 4.zip\C\Users\Saroj\AppData\Local\Google\Chrome\User Data\Default\Extensions\ggagiiobgjmfpdadhecbofeoelcpidec\10.19.2.505_0\plugins\TBVerifier.dll    Win32/Toolbar.Conduit.AC potentially unwanted application    
C:\Users\Saroj\AppData\Local\Temp\Temp1_Backup files 4.zip\C\Users\Saroj\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhfonpmgphigeplcebcighengmgihnkh\10.20.101.5_0\plugins\TBVerifier.dll    Win32/Toolbar.Conduit.AC potentially unwanted application    
C:\Users\Saroj\AppData\Local\Temp\Temp1_Backup files 4.zip\C\Users\Saroj\AppData\Local\Google\Chrome\User Data\Default\Extensions\iigplimlmgilpobjilfbfeilnpiigpgl\10.16.70.1_0\plugins\TBVerifier.dll    Win32/Toolbar.Conduit.AC potentially unwanted application    
C:\Users\Saroj\AppData\Local\Temp\Temp1_Backup files 4.zip\C\Users\Saroj\AppData\Local\Google\Chrome\User Data\Default\Extensions\klibnahbojhkanfgaglnlalfkgpcppfi\10.16.9.6_0\plugins\TBVerifier.dll    Win32/Toolbar.Conduit.AC potentially unwanted application    
C:\Users\Saroj\AppData\Local\Temp\Temp1_Backup files 4.zip\C\Users\Saroj\AppData\Local\TB\APISupport\MiniSP_1.0.2.107\MiniSP.dll    a variant of Win32/Conduit.SearchProtect.H potentially unwanted application    
C:\Users\Saroj\Desktop\LICENSEDUSER-PC\Backup Set 2013-09-14 000837\Backup Files 2013-09-14 000837\Backup files 14.zip    a variant of Win32/InstallBrain.W potentially unwanted application    
C:\Users\Saroj\Desktop\LICENSEDUSER-PC\Backup Set 2013-09-14 000837\Backup Files 2013-09-14 000837\Backup files 15.zip    multiple threats    
C:\Users\Saroj\Desktop\LICENSEDUSER-PC\Backup Set 2013-09-14 000837\Backup Files 2013-09-14 000837\Backup files 16.zip    Win32/Toolbar.SearchSuite potentially unwanted application    
C:\Users\Saroj\Desktop\LICENSEDUSER-PC\Backup Set 2013-09-14 000837\Backup Files 2013-09-14 000837\Backup files 17.zip    Win32/InstallBrain potentially unwanted application    
C:\Users\Saroj\Desktop\LICENSEDUSER-PC\Backup Set 2013-09-14 000837\Backup Files 2013-09-14 000837\Backup files 18.zip    Win32/DomaIQ.AG potentially unwanted application    
E:\C drive data\Program Files (x86)\Conduit\Community Alerts\Alert.dll    Win32/Toolbar.Conduit.Y potentially unwanted application    
E:\C drive data\Program Files (x86)\Conduit\CT3289847\plugins\TBVerifier.dll    Win32/Toolbar.Conduit.AC potentially unwanted application    
E:\C drive data\Program Files (x86)\Conduit\CT3309350\plugins\TBVerifier.dll    Win32/Toolbar.Conduit.AC potentially unwanted application    
E:\C drive data\Program Files (x86)\NCH Software\Debut\debut.exe    a variant of Win32/Toolbar.Conduit.H potentially unwanted application    
E:\C drive data\Program Files (x86)\NCH Software\Debut\debutsetup_v1.82.exe    a variant of Win32/Toolbar.Conduit.H potentially unwanted application    
E:\C drive data\Program Files (x86)\NCH Software\ExpressZip\expresszip.exe    a variant of Win32/Toolbar.Conduit.H potentially unwanted application    
E:\C drive data\Program Files (x86)\NCH Software\ExpressZip\expresszipsetup_v2.13.exe    a variant of Win32/Toolbar.Conduit.H potentially unwanted application    
E:\C drive data\Program Files (x86)\NCH Software\MixPad\mixpad.exe    a variant of Win32/Toolbar.Conduit.H potentially unwanted application    
E:\C drive data\Program Files (x86)\NCH Software\MixPad\mpsetup_v3.22.exe    a variant of Win32/Toolbar.Conduit.H potentially unwanted application    
E:\C drive data\Program Files (x86)\NCH Software\MixPad\uninst.exe    a variant of Win32/Toolbar.Conduit.H potentially unwanted application    
E:\C drive data\Program Files (x86)\NCH Software\PhotoStage\photostage.exe    a variant of Win32/Toolbar.Conduit.H potentially unwanted application    
E:\C drive data\Program Files (x86)\NCH Software\PhotoStage\pstagesetup_v2.13.exe    a variant of Win32/Toolbar.Conduit.H potentially unwanted application    
E:\C drive data\Program Files (x86)\NCH Software\PhotoStage\uninst.exe    a variant of Win32/Toolbar.Conduit.H potentially unwanted application    
E:\C drive data\Program Files (x86)\NCH Software\Pixillion\pixillion.exe    probably a variant of Win32/Toolbar.Conduit.H potentially unwanted application    
E:\C drive data\Program Files (x86)\NCH Software\Pixillion\pixillionsetup_v2.59.exe    probably a variant of Win32/Toolbar.Conduit.H potentially unwanted application    
E:\C drive data\Program Files (x86)\NCH Software\VideoPad\uninst.exe    a variant of Win32/Toolbar.Conduit.J potentially unwanted application    
E:\C drive data\Program Files (x86)\NCH Software\VideoPad\videopad.exe    a variant of Win32/Toolbar.Conduit.J potentially unwanted application    
E:\C drive data\Program Files (x86)\NCH Software\VideoPad\vppsetup_v2.41.exe    a variant of Win32/Toolbar.Conduit.J potentially unwanted application    
E:\C drive data\Program Files (x86)\NCH Software\WavePad\uninst.exe    a variant of Win32/Toolbar.Conduit.H potentially unwanted application    
E:\C drive data\Program Files (x86)\NCH Software\WavePad\wavepad.exe    a variant of Win32/Toolbar.Conduit.H potentially unwanted application    
E:\C drive data\Program Files (x86)\NCH Software\WavePad\wpsetup_v5.20.exe    a variant of Win32/Toolbar.Conduit.H potentially unwanted application    
E:\C drive data\Users\Saroj\AppData\Local\CRE\iigplimlmgilpobjilfbfeilnpiigpgl.crx    Win32/Toolbar.Conduit.AC potentially unwanted application    
E:\C drive data\Users\Saroj\AppData\Local\CRE\klibnahbojhkanfgaglnlalfkgpcppfi.crx    Win32/Toolbar.Conduit.AC potentially unwanted application    
E:\C drive data\Users\Saroj\AppData\Local\Google\Chrome\User Data\Default\Extensions\ggagiiobgjmfpdadhecbofeoelcpidec\10.19.2.505_0\plugins\TBVerifier.dll    Win32/Toolbar.Conduit.AC potentially unwanted application    
E:\C drive data\Users\Saroj\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhfonpmgphigeplcebcighengmgihnkh\10.20.101.5_0\plugins\TBVerifier.dll    Win32/Toolbar.Conduit.AC potentially unwanted application    
E:\C drive data\Users\Saroj\AppData\Local\Google\Chrome\User Data\Default\Extensions\iigplimlmgilpobjilfbfeilnpiigpgl\10.16.70.1_0\plugins\TBVerifier.dll    Win32/Toolbar.Conduit.AC potentially unwanted application    
E:\C drive data\Users\Saroj\AppData\Local\TB\APISupport\MiniSP_1.0.2.107\MiniSP.dll    a variant of Win32/Conduit.SearchProtect.H potentially unwanted application    
E:\C drive data\Users\Saroj\AppData\Local\Temp\Temp1_Backup files 262.zip\C\Users\Saroj\Desktop\LICENSEDUSER-PC\Backup Set 2013-09-14 000837\Backup Files 2013-09-14 000837\Backup files 14.zip    a variant of Win32/InstallBrain.W potentially unwanted application    
E:\C drive data\Users\Saroj\AppData\Local\Temp\Temp1_Backup files 263.zip\C\Users\Saroj\Desktop\LICENSEDUSER-PC\Backup Set 2013-09-14 000837\Backup Files 2013-09-14 000837\Backup files 15.zip    multiple threats    
E:\C drive data\Users\Saroj\AppData\Local\Temp\Temp1_Backup files 264.zip\C\Users\Saroj\Desktop\LICENSEDUSER-PC\Backup Set 2013-09-14 000837\Backup Files 2013-09-14 000837\Backup files 16.zip    Win32/Toolbar.SearchSuite potentially unwanted application    
E:\C drive data\Users\Saroj\AppData\Local\Temp\Temp1_Backup files 265.zip\C\Users\Saroj\Desktop\LICENSEDUSER-PC\Backup Set 2013-09-14 000837\Backup Files 2013-09-14 000837\Backup files 17.zip    Win32/InstallBrain potentially unwanted application    
E:\C drive data\Users\Saroj\AppData\Local\Temp\Temp1_Backup files 266.zip\C\Users\Saroj\Desktop\LICENSEDUSER-PC\Backup Set 2013-09-14 000837\Backup Files 2013-09-14 000837\Backup files 18.zip    Win32/DomaIQ.AG potentially unwanted application    
E:\C drive data\Users\Saroj\AppData\Local\Temp\Temp1_Backup files 272.zip\E\Documents\- Current Projects\misfiled in Ninjatrader\Documents\Computers\My Installables\AshapooBurningStudio\AshampooBurningStudio2012.zip    Win32/Toolbar.Conduit potentially unwanted application    
E:\C drive data\Users\Saroj\AppData\Local\Temp\Temp1_Backup files 273.zip\E\Documents\- Current Projects\misfiled in Ninjatrader\Documents\Computers\My Installables\AudioGrail\AudioGrail70.zip    a variant of Win32/Packed.Themida potentially unwanted application    
E:\C drive data\Users\Saroj\AppData\Local\Temp\Temp1_Backup files 276.zip\E\Documents\- Current Projects\misfiled in Ninjatrader\Documents\Computers\My Installables\Max SyncUp\MAXSyncUp.zip    a variant of Win32/Packed.Themida potentially unwanted application    
E:\C drive data\Users\Saroj\AppData\Local\Temp\Temp1_Backup files 289.zip\E\Documents\- Current Projects\misfiled in Ninjatrader\Documents\Computers\My Installables\Security apps\Surfinguard\Finjan.SurfinGuard.Pro.v5.70.311.Incl.Keymaker-AGAiN.zip    a variant of Win32/Keygen.AF potentially unsafe application    
E:\C drive data\Users\Saroj\AppData\Local\Temp\Temp1_Backup files 326.zip\E\Documents\Computers\My Installables\AshapooBurningStudio\AshampooBurningStudio2012.zip    Win32/Toolbar.Conduit potentially unwanted application    
E:\C drive data\Users\Saroj\AppData\Local\Temp\Temp1_Backup files 327.zip\E\Documents\Computers\My Installables\AudioGrail\AudioGrail70.zip    a variant of Win32/Packed.Themida potentially unwanted application    
E:\C drive data\Users\Saroj\AppData\Local\Temp\Temp1_Backup files 330.zip\E\Documents\Computers\My Installables\Max SyncUp\MAXSyncUp.zip    a variant of Win32/Packed.Themida potentially unwanted application    
E:\C drive data\Users\Saroj\AppData\Local\Temp\Temp1_Backup files 343.zip\E\Documents\Computers\My Installables\Security apps\Surfinguard\Finjan.SurfinGuard.Pro.v5.70.311.Incl.Keymaker-AGAiN.zip    a variant of Win32/Keygen.AF potentially unsafe application    
E:\C drive data\Users\Saroj\AppData\Local\Temp\Temp1_Backup files 4.zip\C\Users\Saroj\AppData\Local\Google\Chrome\User Data\Default\Extensions\ggagiiobgjmfpdadhecbofeoelcpidec\10.19.2.505_0\plugins\TBVerifier.dll    Win32/Toolbar.Conduit.AC potentially unwanted application    
E:\C drive data\Users\Saroj\AppData\Local\Temp\Temp1_Backup files 4.zip\C\Users\Saroj\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhfonpmgphigeplcebcighengmgihnkh\10.20.101.5_0\plugins\TBVerifier.dll    Win32/Toolbar.Conduit.AC potentially unwanted application    
E:\C drive data\Users\Saroj\AppData\Local\Temp\Temp1_Backup files 4.zip\C\Users\Saroj\AppData\Local\Google\Chrome\User Data\Default\Extensions\iigplimlmgilpobjilfbfeilnpiigpgl\10.16.70.1_0\plugins\TBVerifier.dll    Win32/Toolbar.Conduit.AC potentially unwanted application    
E:\C drive data\Users\Saroj\AppData\Local\Temp\Temp1_Backup files 4.zip\C\Users\Saroj\AppData\Local\Google\Chrome\User Data\Default\Extensions\klibnahbojhkanfgaglnlalfkgpcppfi\10.16.9.6_0\plugins\TBVerifier.dll    Win32/Toolbar.Conduit.AC potentially unwanted application    
E:\C drive data\Users\Saroj\AppData\Local\Temp\Temp1_Backup files 4.zip\C\Users\Saroj\AppData\Local\TB\APISupport\MiniSP_1.0.2.107\MiniSP.dll    a variant of Win32/Conduit.SearchProtect.H potentially unwanted application    
E:\C drive data\Users\Saroj\Desktop\LICENSEDUSER-PC\Backup Set 2013-09-14 000837\Backup Files 2013-09-14 000837\Backup files 14.zip    a variant of Win32/InstallBrain.W potentially unwanted application    
E:\C drive data\Users\Saroj\Desktop\LICENSEDUSER-PC\Backup Set 2013-09-14 000837\Backup Files 2013-09-14 000837\Backup files 15.zip    multiple threats    
E:\C drive data\Users\Saroj\Desktop\LICENSEDUSER-PC\Backup Set 2013-09-14 000837\Backup Files 2013-09-14 000837\Backup files 16.zip    Win32/Toolbar.SearchSuite potentially unwanted application    
E:\C drive data\Users\Saroj\Desktop\LICENSEDUSER-PC\Backup Set 2013-09-14 000837\Backup Files 2013-09-14 000837\Backup files 17.zip    Win32/InstallBrain potentially unwanted application    
E:\C drive data\Users\Saroj\Desktop\LICENSEDUSER-PC\Backup Set 2013-09-14 000837\Backup Files 2013-09-14 000837\Backup files 18.zip    Win32/DomaIQ.AG potentially unwanted application    
E:\Documents\- Current Projects\misfiled in Ninjatrader\Documents\Computers\My Installables\winzip160.exe    Win32/Toolbar.Conduit potentially unwanted application    
E:\Documents\- Current Projects\misfiled in Ninjatrader\Documents\Computers\My Installables\7zip\77ZipSetup.exe    a variant of Win32/InstallBrain.W potentially unwanted application    
E:\Documents\- Current Projects\misfiled in Ninjatrader\Documents\Computers\My Installables\7zip\7zipap_1320.exe    a variant of Win32/InstallIQ.A potentially unwanted application    
E:\Documents\- Current Projects\misfiled in Ninjatrader\Documents\Computers\My Installables\7zip\jZipSetup.exe    probably a variant of Win32/Toolbar.SearchSuite.J potentially unwanted application    
E:\Documents\- Current Projects\misfiled in Ninjatrader\Documents\Computers\My Installables\AshapooBurningStudio\AshampooBurningStudio2012.zip    Win32/Toolbar.Conduit potentially unwanted application    
E:\Documents\- Current Projects\misfiled in Ninjatrader\Documents\Computers\My Installables\AudioGrail\AudioGrail70.zip    a variant of Win32/Packed.Themida potentially unwanted application    
E:\Documents\- Current Projects\misfiled in Ninjatrader\Documents\Computers\My Installables\AVI Toolbox\vppsetup.exe    a variant of Win32/Toolbar.Conduit.J potentially unwanted application    
E:\Documents\- Current Projects\misfiled in Ninjatrader\Documents\Computers\My Installables\Caliber\calibrewithtop20ebooks-setup.exe    Win32/DownloadAdmin.G potentially unwanted application    
E:\Documents\- Current Projects\misfiled in Ninjatrader\Documents\Computers\My Installables\CleverPrint\Setup.exe    a variant of Win32/Adware.iBryte.D application    
E:\Documents\- Current Projects\misfiled in Ninjatrader\Documents\Computers\My Installables\Download speed\CustomizableSetup.exe    Win32/Toolbar.Inbox.F potentially unwanted application    
E:\Documents\- Current Projects\misfiled in Ninjatrader\Documents\Computers\My Installables\Flow Architect\setup.exe    a variant of Win32/AirAdInstaller.A potentially unwanted application    
E:\Documents\- Current Projects\misfiled in Ninjatrader\Documents\Computers\My Installables\Free File Viewer\FreeFileViewer2010Setup.exe    a variant of Win32/InstallIQ.A potentially unwanted application    
E:\Documents\- Current Projects\misfiled in Ninjatrader\Documents\Computers\My Installables\Free File Viewer\freefileviewer_730.exe    a variant of Win32/InstallIQ.A potentially unwanted application    
E:\Documents\- Current Projects\misfiled in Ninjatrader\Documents\Computers\My Installables\ilivid\iLividSetup-r157-n-bf.exe    Win32/Toolbar.SearchSuite potentially unwanted application    
E:\Documents\- Current Projects\misfiled in Ninjatrader\Documents\Computers\My Installables\ilivid\iLividSetupV1.exe    Win32/Toolbar.SearchSuite potentially unwanted application    
E:\Documents\- Current Projects\misfiled in Ninjatrader\Documents\Computers\My Installables\Max SyncUp\MAXSyncUp.zip    a variant of Win32/Packed.Themida potentially unwanted application    
E:\Documents\- Current Projects\misfiled in Ninjatrader\Documents\Computers\My Installables\Mozilla\Softango_VideoConverter.exe    Win32/InstallBrain potentially unwanted application    
E:\Documents\- Current Projects\misfiled in Ninjatrader\Documents\Computers\My Installables\NCH\Accounting\easetup.exe    a variant of Win32/Bundled.Toolbar.Google.C potentially unsafe application    
E:\Documents\- Current Projects\misfiled in Ninjatrader\Documents\Computers\My Installables\NCH\BroadCam\bcsetup.exe    a variant of Win32/Toolbar.Conduit.H potentially unwanted application    
E:\Documents\- Current Projects\misfiled in Ninjatrader\Documents\Computers\My Installables\NCH\BroadWave\bwsetup.exe    a variant of Win32/Bundled.Toolbar.Google.C potentially unsafe application    
E:\Documents\- Current Projects\misfiled in Ninjatrader\Documents\Computers\My Installables\NCH\Burn\burnsetup.exe    a variant of Win32/Toolbar.Conduit.H potentially unwanted application    
E:\Documents\- Current Projects\misfiled in Ninjatrader\Documents\Computers\My Installables\NCH\DesktopNow Remote Computer Access\dsktopnow.exe    a variant of Win32/Toolbar.Conduit.H potentially unwanted application    
E:\Documents\- Current Projects\misfiled in Ninjatrader\Documents\Computers\My Installables\NCH\Doxilion\doxillionsetup.exe    a variant of Win32/Toolbar.Conduit.H potentially unwanted application    
E:\Documents\- Current Projects\misfiled in Ninjatrader\Documents\Computers\My Installables\NCH\Doxilion\doxpsetup.exe    a variant of Win32/Toolbar.Conduit.H potentially unwanted application    
E:\Documents\- Current Projects\misfiled in Ninjatrader\Documents\Computers\My Installables\NCH\FlashLynx\flashlynxsetup.exe    a variant of Win32/Bundled.Toolbar.Google.C potentially unsafe application    
E:\Documents\- Current Projects\misfiled in Ninjatrader\Documents\Computers\My Installables\NCH\FTP - Classic\cftpsetup.exe    a variant of Win32/Bundled.Toolbar.Google.C potentially unsafe application    
E:\Documents\- Current Projects\misfiled in Ninjatrader\Documents\Computers\My Installables\NCH\FTP - Fling\flingsetup.exe    a variant of Win32/Bundled.Toolbar.Google.C potentially unsafe application    
E:\Documents\- Current Projects\misfiled in Ninjatrader\Documents\Computers\My Installables\NCH\Golden Records Analog to Digital Converter\grsetup.exe    a variant of Win32/Bundled.Toolbar.Google.C potentially unsafe application    
E:\Documents\- Current Projects\misfiled in Ninjatrader\Documents\Computers\My Installables\NCH\Golden Videos\gvsetup.exe    probably a variant of Win32/Toolbar.Conduit.H potentially unwanted application    
E:\Documents\- Current Projects\misfiled in Ninjatrader\Documents\Computers\My Installables\NCH\Invoicing\eisetup.exe    a variant of Win32/Bundled.Toolbar.Google.C potentially unsafe application    
E:\Documents\- Current Projects\misfiled in Ninjatrader\Documents\Computers\My Installables\NCH\Meo encryption\meofreesetup.exe    a variant of Win32/Toolbar.Conduit.H potentially unwanted application    
E:\Documents\- Current Projects\misfiled in Ninjatrader\Documents\Computers\My Installables\NCH\Meo encryption\meosetup.exe    a variant of Win32/Toolbar.Conduit.H potentially unwanted application    
E:\Documents\- Current Projects\misfiled in Ninjatrader\Documents\Computers\My Installables\NCH\Music transcriber\twelvekeyssetup.exe    a variant of Win32/Toolbar.Conduit.J potentially unwanted application    
E:\Documents\- Current Projects\misfiled in Ninjatrader\Documents\Computers\My Installables\NCH\PDF printer\printpdfsetup.exe    probably a variant of Win32/Toolbar.Conduit.H potentially unwanted application    
E:\Documents\- Current Projects\misfiled in Ninjatrader\Documents\Computers\My Installables\NCH\PhotoStage Slideshow\pstagesetup.exe    a variant of Win32/Bundled.Toolbar.Google.C potentially unsafe application    
E:\Documents\- Current Projects\misfiled in Ninjatrader\Documents\Computers\My Installables\NCH\Play Perfect\ppfsetup.exe    a variant of Win32/Bundled.Toolbar.Google.C potentially unsafe application    
E:\Documents\- Current Projects\misfiled in Ninjatrader\Documents\Computers\My Installables\NCH\Record Pad\rpsetup.exe    a variant of Win32/Bundled.Toolbar.Google.C potentially unsafe application    
E:\Documents\- Current Projects\misfiled in Ninjatrader\Documents\Computers\My Installables\NCH\Scribe - Express\essetup.exe    a variant of Win32/Bundled.Toolbar.Google.C potentially unsafe application    
E:\Documents\- Current Projects\misfiled in Ninjatrader\Documents\Computers\My Installables\NCH\Slide show presentation\pstagesetup.exe    a variant of Win32/Bundled.Toolbar.Google.C potentially unsafe application    
E:\Documents\- Current Projects\misfiled in Ninjatrader\Documents\Computers\My Installables\NCH\Slide show presentation\Photo Slideshow Software - Make DVD Slideshows and Photo Presentations_files\prismpsetup.exe    a variant of Win32/Bundled.Toolbar.Google.C potentially unsafe application    
E:\Documents\- Current Projects\misfiled in Ninjatrader\Documents\Computers\My Installables\NCH\Sound Tap\stsetup.exe    a variant of Win32/Bundled.Toolbar.Google.C potentially unsafe application    
E:\Documents\- Current Projects\misfiled in Ninjatrader\Documents\Computers\My Installables\NCH\Stamp Tags editor\stampsetup.exe    a variant of Win32/Toolbar.Conduit.H potentially unwanted application    
E:\Documents\- Current Projects\misfiled in Ninjatrader\Documents\Computers\My Installables\NCH\Switch Audio File Converter Software\switchsetup.exe    a variant of Win32/Bundled.Toolbar.Google.C potentially unsafe application    
E:\Documents\- Current Projects\misfiled in Ninjatrader\Documents\Computers\My Installables\NCH\VideoPad\vppsetup.exe    a variant of Win32/Bundled.Toolbar.Google.C potentially unsafe application    
E:\Documents\- Current Projects\misfiled in Ninjatrader\Documents\Computers\My Installables\NCH\WavePad\wpsetup.exe    a variant of Win32/Bundled.Toolbar.Google.C potentially unsafe application    
E:\Documents\- Current Projects\misfiled in Ninjatrader\Documents\Computers\My Installables\NCH\Zulu DJ\zulusetup.exe    a variant of Win32/Bundled.Toolbar.Google.C potentially unsafe application    
E:\Documents\- Current Projects\misfiled in Ninjatrader\Documents\Computers\My Installables\pdf converter\convertpdftoword-setup.exe    Win32/DownloadAdmin.G potentially unwanted application    
E:\Documents\- Current Projects\misfiled in Ninjatrader\Documents\Computers\My Installables\Piriform\ccsetup316.exe    Win32/Bundled.Toolbar.Google.E potentially unsafe application    
E:\Documents\- Current Projects\misfiled in Ninjatrader\Documents\Computers\My Installables\Piriform\ccsetup408.exe    Win32/Bundled.Toolbar.Google.D potentially unsafe application    
E:\Documents\- Current Projects\misfiled in Ninjatrader\Documents\Computers\My Installables\Piriform\dfsetup216.exe    Win32/Bundled.Toolbar.Google.D potentially unsafe application    
E:\Documents\- Current Projects\misfiled in Ninjatrader\Documents\Computers\My Installables\Piriform\rcsetup149.exe    Win32/Bundled.Toolbar.Google.D potentially unsafe application    
E:\Documents\- Current Projects\misfiled in Ninjatrader\Documents\Computers\My Installables\Piriform\spsetup124.exe    Win32/Bundled.Toolbar.Google.D potentially unsafe application    
E:\Documents\- Current Projects\misfiled in Ninjatrader\Documents\Computers\My Installables\QuickTime\quicktime.exe    Win32/DomaIQ.AG potentially unwanted application    
E:\Documents\- Current Projects\misfiled in Ninjatrader\Documents\Computers\My Installables\Screen Movie Studio - Demonshop\setup.exe    a variant of Win32/AirAdInstaller.A potentially unwanted application    
E:\Documents\- Current Projects\misfiled in Ninjatrader\Documents\Computers\My Installables\Security apps\Surfinguard\Finjan.SurfinGuard.Pro.v5.70.311.Incl.Keymaker-AGAiN.zip    a variant of Win32/Keygen.AF potentially unsafe application    
E:\Documents\- Current Projects\misfiled in Ninjatrader\Documents\Computers\My Installables\SonicDownloads\ac3filter.exe    a variant of Win32/InstallIQ.A potentially unwanted application    
E:\Documents\- Current Projects\misfiled in Ninjatrader\Documents\Computers\My Installables\VIO player\vioplayer2_d4865281.exe    a variant of Win32/InstallIQ.A potentially unwanted application    
E:\Documents\- Current Projects\misfiled in Ninjatrader\Documents\Computers\My Installables\WinAmp\winamp563_full_emusic-7plus_en-us.exe    Win32/OpenCandy potentially unsafe application    
E:\Documents\Computers\My Installables\winzip160.exe    Win32/Toolbar.Conduit potentially unwanted application    
E:\Documents\Computers\My Installables\7zip\77ZipSetup.exe    a variant of Win32/InstallBrain.W potentially unwanted application    
E:\Documents\Computers\My Installables\7zip\7zipap_1320.exe    a variant of Win32/InstallIQ.A potentially unwanted application    
E:\Documents\Computers\My Installables\AshapooBurningStudio\AshampooBurningStudio2012.zip    Win32/Toolbar.Conduit potentially unwanted application    
E:\Documents\Computers\My Installables\AudioGrail\AudioGrail70.zip    a variant of Win32/Packed.Themida potentially unwanted application    
E:\Documents\Computers\My Installables\AVI Toolbox\vppsetup.exe    a variant of Win32/Toolbar.Conduit.J potentially unwanted application    
E:\Documents\Computers\My Installables\Caliber\calibrewithtop20ebooks-setup.exe    Win32/DownloadAdmin.G potentially unwanted application    
E:\Documents\Computers\My Installables\CleverPrint\Setup.exe    a variant of Win32/Adware.iBryte.D application    
E:\Documents\Computers\My Installables\Download speed\CustomizableSetup.exe    Win32/Toolbar.Inbox.F potentially unwanted application    
E:\Documents\Computers\My Installables\Flow Architect\setup.exe    a variant of Win32/AirAdInstaller.A potentially unwanted application    
E:\Documents\Computers\My Installables\Free File Viewer\FreeFileViewer2010Setup.exe    a variant of Win32/InstallIQ.A potentially unwanted application    
E:\Documents\Computers\My Installables\Free File Viewer\freefileviewer_730.exe    a variant of Win32/InstallIQ.A potentially unwanted application    
E:\Documents\Computers\My Installables\ilivid\iLividSetup-r157-n-bf.exe    Win32/Toolbar.SearchSuite potentially unwanted application    
E:\Documents\Computers\My Installables\ilivid\iLividSetupV1.exe    Win32/Toolbar.SearchSuite potentially unwanted application    
E:\Documents\Computers\My Installables\Max SyncUp\MAXSyncUp.zip    a variant of Win32/Packed.Themida potentially unwanted application    
E:\Documents\Computers\My Installables\Mozilla\Softango_VideoConverter.exe    Win32/InstallBrain potentially unwanted application    
E:\Documents\Computers\My Installables\NCH\Accounting\easetup.exe    a variant of Win32/Bundled.Toolbar.Google.C potentially unsafe application    
E:\Documents\Computers\My Installables\NCH\BroadCam\bcsetup.exe    a variant of Win32/Toolbar.Conduit.H potentially unwanted application    
E:\Documents\Computers\My Installables\NCH\BroadWave\bwsetup.exe    a variant of Win32/Bundled.Toolbar.Google.C potentially unsafe application    
E:\Documents\Computers\My Installables\NCH\Burn\burnsetup.exe    a variant of Win32/Toolbar.Conduit.H potentially unwanted application    
E:\Documents\Computers\My Installables\NCH\DesktopNow Remote Computer Access\dsktopnow.exe    a variant of Win32/Toolbar.Conduit.H potentially unwanted application    
E:\Documents\Computers\My Installables\NCH\Doxilion\doxillionsetup.exe    a variant of Win32/Toolbar.Conduit.H potentially unwanted application    
E:\Documents\Computers\My Installables\NCH\Doxilion\doxpsetup.exe    a variant of Win32/Toolbar.Conduit.H potentially unwanted application    
E:\Documents\Computers\My Installables\NCH\FlashLynx\flashlynxsetup.exe    a variant of Win32/Bundled.Toolbar.Google.C potentially unsafe application    
E:\Documents\Computers\My Installables\NCH\FTP - Classic\cftpsetup.exe    a variant of Win32/Bundled.Toolbar.Google.C potentially unsafe application    
E:\Documents\Computers\My Installables\NCH\FTP - Fling\flingsetup.exe    a variant of Win32/Bundled.Toolbar.Google.C potentially unsafe application    
E:\Documents\Computers\My Installables\NCH\Golden Records Analog to Digital Converter\grsetup.exe    a variant of Win32/Bundled.Toolbar.Google.C potentially unsafe application    
E:\Documents\Computers\My Installables\NCH\Golden Videos\gvsetup.exe    probably a variant of Win32/Toolbar.Conduit.H potentially unwanted application    
E:\Documents\Computers\My Installables\NCH\Invoicing\eisetup.exe    a variant of Win32/Bundled.Toolbar.Google.C potentially unsafe application    
E:\Documents\Computers\My Installables\NCH\Meo encryption\meofreesetup.exe    a variant of Win32/Toolbar.Conduit.H potentially unwanted application    
E:\Documents\Computers\My Installables\NCH\Meo encryption\meosetup.exe    a variant of Win32/Toolbar.Conduit.H potentially unwanted application    
E:\Documents\Computers\My Installables\NCH\Music transcriber\twelvekeyssetup.exe    a variant of Win32/Toolbar.Conduit.J potentially unwanted application    
E:\Documents\Computers\My Installables\NCH\PDF printer\printpdfsetup.exe    probably a variant of Win32/Toolbar.Conduit.H potentially unwanted application    
E:\Documents\Computers\My Installables\NCH\PhotoStage Slideshow\pstagesetup.exe    a variant of Win32/Bundled.Toolbar.Google.C potentially unsafe application    
E:\Documents\Computers\My Installables\NCH\Play Perfect\ppfsetup.exe    a variant of Win32/Bundled.Toolbar.Google.C potentially unsafe application    
E:\Documents\Computers\My Installables\NCH\Record Pad\rpsetup.exe    a variant of Win32/Bundled.Toolbar.Google.C potentially unsafe application    
E:\Documents\Computers\My Installables\NCH\Scribe - Express\essetup.exe    a variant of Win32/Bundled.Toolbar.Google.C potentially unsafe application    
E:\Documents\Computers\My Installables\NCH\Slide show presentation\pstagesetup.exe    a variant of Win32/Bundled.Toolbar.Google.C potentially unsafe application    
E:\Documents\Computers\My Installables\NCH\Slide show presentation\Photo Slideshow Software - Make DVD Slideshows and Photo Presentations_files\prismpsetup.exe    a variant of Win32/Bundled.Toolbar.Google.C potentially unsafe application    
E:\Documents\Computers\My Installables\NCH\Sound Tap\stsetup.exe    a variant of Win32/Bundled.Toolbar.Google.C potentially unsafe application    
E:\Documents\Computers\My Installables\NCH\Stamp Tags editor\stampsetup.exe    a variant of Win32/Toolbar.Conduit.H potentially unwanted application    
E:\Documents\Computers\My Installables\NCH\Switch Audio File Converter Software\switchsetup.exe    a variant of Win32/Bundled.Toolbar.Google.C potentially unsafe application    
E:\Documents\Computers\My Installables\NCH\VideoPad\vppsetup.exe    a variant of Win32/Bundled.Toolbar.Google.C potentially unsafe application    
E:\Documents\Computers\My Installables\NCH\WavePad\wpsetup.exe    a variant of Win32/Bundled.Toolbar.Google.C potentially unsafe application    
E:\Documents\Computers\My Installables\NCH\Zulu DJ\zulusetup.exe    a variant of Win32/Bundled.Toolbar.Google.C potentially unsafe application    
E:\Documents\Computers\My Installables\pdf converter\convertpdftoword-setup.exe    Win32/DownloadAdmin.G potentially unwanted application    
E:\Documents\Computers\My Installables\Piriform\ccsetup316.exe    Win32/Bundled.Toolbar.Google.E potentially unsafe application    
E:\Documents\Computers\My Installables\Piriform\ccsetup408.exe    Win32/Bundled.Toolbar.Google.D potentially unsafe application    
E:\Documents\Computers\My Installables\Piriform\dfsetup216.exe    Win32/Bundled.Toolbar.Google.D potentially unsafe application    
E:\Documents\Computers\My Installables\Piriform\rcsetup149.exe    Win32/Bundled.Toolbar.Google.D potentially unsafe application    
E:\Documents\Computers\My Installables\Piriform\spsetup124.exe    Win32/Bundled.Toolbar.Google.D potentially unsafe application    
E:\Documents\Computers\My Installables\QuickTime\quicktime.exe    Win32/DomaIQ.AG potentially unwanted application    
E:\Documents\Computers\My Installables\Screen Movie Studio - Demonshop\setup.exe    a variant of Win32/AirAdInstaller.A potentially unwanted application    
E:\Documents\Computers\My Installables\Security apps\Surfinguard\Finjan.SurfinGuard.Pro.v5.70.311.Incl.Keymaker-AGAiN.zip    a variant of Win32/Keygen.AF potentially unsafe application    
E:\Documents\Computers\My Installables\SonicDownloads\ac3filter.exe    a variant of Win32/InstallIQ.A potentially unwanted application    
E:\Documents\Computers\My Installables\Speccy\spsetup126.exe    Win32/Bundled.Toolbar.Google.D potentially unsafe application    
E:\Documents\Computers\My Installables\VIO player\vioplayer2_d4865281.exe    a variant of Win32/InstallIQ.A potentially unwanted application    
E:\Documents\Computers\My Installables\WinAmp\winamp563_full_emusic-7plus_en-us.exe    Win32/OpenCandy potentially unsafe application    
 



#9 sarojgilbert

sarojgilbert
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Arcata, CA
  • Local time:06:19 AM

Posted 14 May 2014 - 10:38 AM

Please note that dc3 was "helping" me... I spent hours getting together the items he requested.  Then nothing... I saw that he was online and pm'd him yesterday to see if he could have a look.  He responded that I must respond in the forum itself and NOT pm him.  He said he would have a look... he still has not got back to me.  So yesterday I concluded that I can't wait any longer to get my OS back running correctly as I can no longer do any scanning nor install MS updates.  All the RESTORE points have the bad reg settings or corrupted OS files in them as MS has rolled over the good restore points from before the problems occurred.  Neither will the Repair disk work.  Neither will the reg files previously saved work... I've tried a few and they all fail due to an error.

So I decided to go ahead and reinstall the OS which is a different request... My original request was to fix it and appears to me to be null and void due to lack of interest.  No one other than dc3 has offered to help on the original request.  Since dc3 has helped others in the meantime, I can only conclude that he no longer wants to help me.

Also note that my original request now shows 0 replies... this changed after it said 3 or 4 a few days ago... and even though it now says 0, I have not heard back from anyone else.  What do you consider to be a reasonable time to wait?  It is disappointing to have gone to a lot of work creating reports to no avail.

I realize that this is a volunteer effort, but it seems to me that if one of you decides to help, you should either follow through or say, sorry I can no longer help, and let me know so I can go elsewhere.

Thank you for your efforts.



#10 dc3

dc3

    Bleeping Treehugger


  • Members
  • 30,391 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Sierra Foothills of Northern Ca.
  • Local time:06:19 AM

Posted 14 May 2014 - 10:57 AM

You have two topics open regarding this issue.  The one here and another in the Am I Infected forum.

 

I PMed a moderator to see if I could have this one close so that the one in the Am I Infected forum could be pursued without potentially creating confusion.  This was yesterday afternoon, the PM has been read and I'm still waiting for a response.  I'm not ignoring your topic, and I have not quit trying to help you.

 

You are correct, we all volunteer our time here.  There are times when my outside life takes a precedence, like taking my wife out for a early dinner and a movie on her birthday yesterday. 

 

If you would still like for me to try to help you let me know.


Family and loved ones will always be a priority in my daily life.  You never know when one will leave you.

 

 

 

 


#11 sarojgilbert

sarojgilbert
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Arcata, CA
  • Local time:06:19 AM

Posted 14 May 2014 - 02:29 PM

I have no idea how my topic got into the "Am I infected forum"... I opened it in BleepingComputer.com -> Operating Systems -> Windows 7; if I were allowed to attach a file or include an image, I could prove it to you.  I have no idea how it got moved there, but I had nothing to do with it... I didn't move it there, nor did I open a different one there; I don't think my computer is infected.  Prove me wrong, but at this point I think it is very unlikely... Why would someone move my post without discussing it with me assuming a problem that hadn't been identified yet? Call me crazy, bu  It seems to make sense to diagnose the problem before assuming it is this or that and acting on that assumption.

 

I just need to have a good operating system that is doing what it is supposed to and correctly which is why I posted in .BleepingComputer.com -> Operating Systems -> Windows 7.

 

The hard drive failed and was replaced at no charge by the computer firm who built this computer.  Most likely, In the process of failing it messed up some of the OS files... The cryptographic service is no longer running, nor will it start.. it appears to be trashed and in spite of considerable research, I can only find advisories for XP. 

 

To compound things as I tried to update and install missing drivers new restore points were automatically created and the older good ones were written over by the OS so that I no longer have a good one thus I lost the opportunity to go back to a previous "good" state... moreover the fault with the OS is preventing me from performing various fixes... at least all I've tried so far.  In the process of moving I have lost my "clean/when new" Repair/restore DVD.  I have the OS and drivers.

 

All I want to do now is reinstall my operating system which is why I asked in a new post, now locked by HamLuis.  It is actually a different topic, but apparently he doesn't think so... I have no way to close a topic or mark it no longer relevant.  If I did, I would have to avoid all this mishigas and wasted time.  I pm'd dc3 because I didn't want to embarrass him by posting publicly.  Well that wasn't the right thing to do either... jeesh.

 

If you know of a checklist, please let me know where it is.  Even if I take the computer back to the store for a reinstall, if I haven't saved, printed, recorded, backed up everything I need to, I'm in  trouble... They don't know my apps, my s/w, my settings etc. to know how to protect me so that I can get the 100+ currently installed applications back up and running.



#12 dc3

dc3

    Bleeping Treehugger


  • Members
  • 30,391 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Sierra Foothills of Northern Ca.
  • Local time:06:19 AM

Posted 14 May 2014 - 04:40 PM

If you look at the bottom of your first post in the Am I Infected forum you will see where hamluis moved it there.  You posted a log which they deemed to mean that you thought you were infected.

 

If the hdd had failed, this would mean that the recovery partition on the hdd was lost as well.  This would also include any data that was not previously backed up on a form of removable media, like another hdd, flash drive, CDs, DVDs.

 

If you need a installation disc you can download a ISO image which can be burned to a DVD and create an installation disc.  If you wish to do so, you can download it at the  Windows 7 Forums.


Edited by dc3, 14 May 2014 - 04:41 PM.

Family and loved ones will always be a priority in my daily life.  You never know when one will leave you.

 

 

 

 


#13 sarojgilbert

sarojgilbert
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Arcata, CA
  • Local time:06:19 AM

Posted 14 May 2014 - 09:55 PM

ok... I see that now... I honestly didn't bother to read a post I made days ago.  I don't know why he moved it there... esp w/o saying anything to me.  I posted a few things to start with as a pre-emptive strike based on what I had seen posted in other threads.  The other stuff I posted was what I thought you directed me to do. 

 

I backed up everything to an external drive before I took the computer into the shop and created an image too... but I suspect the image was bad by then and I didn't realize it.

 

I have an installation disk with W7 and SP1 on it and talked to the guys at the shop re: how to do a Repair-Install... I just want to be sure I have everything to hand before I possibly wipe out everything on the C: (OS) drive (in case the Repair Install fails).  I also signed up with Carbonite which has copied 98% of my files... As far as I understand there isn't any point in creating an image or backup of the registries at this point since apparently both are damaged.  I'll copy it all over to my external drive again right before I attempt the repair.

 

Thanks for the tips.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users