So I followed the instructions in #18. I did the "windows repair", clicked the "Restart System when Finished" but my computer rebooted automatically and the program did not restart. Also I still can't get malwarebytes.
So I followed the instructions in #18. I did the "windows repair", clicked the "Restart System when Finished" but my computer rebooted automatically and the program did not restart. Also I still can't get malwarebytes.
Last edited by Juliet; 2014-07-27 at 21:15.
I can't say what issues remain because I haven't been using my computer except to talk to you. I am relying on you to be able to tell if ZUSY and any other malware have been deleted.
x result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 24-07-2014 01
Ran by Ed at 2014-07-27 19:49:45 Run:3
Running from C:\Users\Ed\Desktop
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
C:\Users\Ed\AppData\Local\CRE\jccpjpmiegdnbmbnaiaicnaakpacgbdi.crx
G:\ED-PC\Backup Set 2014-04-06 192742\Backup Files 2014-04-13 195910\Backup files 18.zip
G:\ED-PC\Backup Set 2014-04-06 192742\Backup Files 2014-04-13 195910\Backup files 19.zip
G:\ED-PC\Backup Set 2014-04-06 192742\Backup Files 2014-04-13 195910\Backup files 2.zip
G:\ED-PC\Backup Set 2014-04-06 192742\Backup Files 2014-04-13 195910\Backup files 3.zip
G:\ED-PC\Backup Set 2014-04-06 192742\Backup Files 2014-04-13 195910\Backup files 4.zip
G:\ED-PC\Backup Set 2014-04-06 192742\Backup Files 2014-04-13 195910\Backup files 6.zip
G:\ED-PC\Backup Set 2014-04-06 192742\Backup Files 2014-04-13 195910\Backup files 7.zip
G:\ED-PC\Backup Set 2014-04-06 192742\Backup Files 2014-05-04 190000\Backup files 2.zip
G:\ED-PC\Backup Set 2014-04-06 192742\Backup Files 2014-05-04 190000\Backup files 7.zip
G:\ED-PC\Backup Set 2014-04-06 192742\Backup Files 2014-05-11 211809\Backup files 2.zip
G:\ED-PC\Backup Set 2014-05-18 202456\Backup Files 2014-05-18 202456\Backup files 10.zip
G:\ED-PC\Backup Set 2014-05-18 202456\Backup Files 2014-05-18 202456\Backup files 12.zip
G:\ED-PC\Backup Set 2014-05-18 202456\Backup Files 2014-05-18 202456\Backup files 24.zip
G:\ED-PC\Backup Set 2014-05-18 202456\Backup Files 2014-05-18 202456\Backup files 25.zip
G:\ED-PC\Backup Set 2014-05-18 202456\Backup Files 2014-05-18 202456\Backup files 41.zip
G:\ED-PC\Backup Set 2014-05-18 202456\Backup Files 2014-05-18 202456\Backup files 6.zip
G:\ED-PC\Backup Set 2014-05-18 202456\Backup Files 2014-05-18 202456\Backup files 8.zip
G:\ED-PC\Backup Set 2014-05-18 202456\Backup Files 2014-05-25 192314\Backup files 2.zip
G:\ED-PC\Backup Set 2014-05-18 202456\Backup Files 2014-06-16 091350\Backup files 2.zip
G:\ED-PC\Backup Set 2014-05-18 202456\Backup Files 2014-06-29 190000\Backup files 1.zip
G:\ED-PC\Backup Set 2014-05-18 202456\Backup Files 2014-06-29 190000\Backup files 2.zip
G:\ED-PC\Backup Set 2014-07-06 190001\Backup Files 2014-07-06 190001\Backup files 11.zip
G:\ED-PC\Backup Set 2014-07-06 190001\Backup Files 2014-07-06 190001\Backup files 23.zip
G:\ED-PC\Backup Set 2014-07-06 190001\Backup Files 2014-07-06 190001\Backup files 7.zip
*****************
"C:\Users\Ed\AppData\Local\CRE\jccpjpmiegdnbmbnaiaicnaakpacgbdi.crx" => File/Directory not found.
"G:\ED-PC\Backup Set 2014-04-06 192742\Backup Files 2014-04-13 195910\Backup files 18.zip" => File/Directory not found.
"G:\ED-PC\Backup Set 2014-04-06 192742\Backup Files 2014-04-13 195910\Backup files 19.zip" => File/Directory not found.
"G:\ED-PC\Backup Set 2014-04-06 192742\Backup Files 2014-04-13 195910\Backup files 2.zip" => File/Directory not found.
"G:\ED-PC\Backup Set 2014-04-06 192742\Backup Files 2014-04-13 195910\Backup files 3.zip" => File/Directory not found.
"G:\ED-PC\Backup Set 2014-04-06 192742\Backup Files 2014-04-13 195910\Backup files 4.zip" => File/Directory not found.
"G:\ED-PC\Backup Set 2014-04-06 192742\Backup Files 2014-04-13 195910\Backup files 6.zip" => File/Directory not found.
"G:\ED-PC\Backup Set 2014-04-06 192742\Backup Files 2014-04-13 195910\Backup files 7.zip" => File/Directory not found.
"G:\ED-PC\Backup Set 2014-04-06 192742\Backup Files 2014-05-04 190000\Backup files 2.zip" => File/Directory not found.
"G:\ED-PC\Backup Set 2014-04-06 192742\Backup Files 2014-05-04 190000\Backup files 7.zip" => File/Directory not found.
"G:\ED-PC\Backup Set 2014-04-06 192742\Backup Files 2014-05-11 211809\Backup files 2.zip" => File/Directory not found.
"G:\ED-PC\Backup Set 2014-05-18 202456\Backup Files 2014-05-18 202456\Backup files 10.zip" => File/Directory not found.
"G:\ED-PC\Backup Set 2014-05-18 202456\Backup Files 2014-05-18 202456\Backup files 12.zip" => File/Directory not found.
"G:\ED-PC\Backup Set 2014-05-18 202456\Backup Files 2014-05-18 202456\Backup files 24.zip" => File/Directory not found.
"G:\ED-PC\Backup Set 2014-05-18 202456\Backup Files 2014-05-18 202456\Backup files 25.zip" => File/Directory not found.
"G:\ED-PC\Backup Set 2014-05-18 202456\Backup Files 2014-05-18 202456\Backup files 41.zip" => File/Directory not found.
"G:\ED-PC\Backup Set 2014-05-18 202456\Backup Files 2014-05-18 202456\Backup files 6.zip" => File/Directory not found.
"G:\ED-PC\Backup Set 2014-05-18 202456\Backup Files 2014-05-18 202456\Backup files 8.zip" => File/Directory not found.
"G:\ED-PC\Backup Set 2014-05-18 202456\Backup Files 2014-05-25 192314\Backup files 2.zip" => File/Directory not found.
"G:\ED-PC\Backup Set 2014-05-18 202456\Backup Files 2014-06-16 091350\Backup files 2.zip" => File/Directory not found.
"G:\ED-PC\Backup Set 2014-05-18 202456\Backup Files 2014-06-29 190000\Backup files 1.zip" => File/Directory not found.
"G:\ED-PC\Backup Set 2014-05-18 202456\Backup Files 2014-06-29 190000\Backup files 2.zip" => File/Directory not found.
"G:\ED-PC\Backup Set 2014-07-06 190001\Backup Files 2014-07-06 190001\Backup files 11.zip" => File/Directory not found.
"G:\ED-PC\Backup Set 2014-07-06 190001\Backup Files 2014-07-06 190001\Backup files 23.zip" => File/Directory not found.
"G:\ED-PC\Backup Set 2014-07-06 190001\Backup Files 2014-07-06 190001\Backup files 7.zip" => File/Directory not found.
==== End of Fixlog ====
well, as far as I can see your probably clear.
This last script I created,( with the backups from 2014-04-06 -2014-07-06 zip files) was it run more then once?
Use your computer for a day, if there are problems please make notes.
If none, we'll remove these tools and quarantine folders and I'll post a few preventive tips.
Windows Insider MVP Consumer Security 2009 - 2017
Please do not PM me for Malware help, we all benefit from posting on the open board.
hi ebb
I still think your in good shape.
Before you allow windows (or that you) to create another backup I think we should remove the ones that were considered bad.
Or, do not use the backups that were created. Nothing can be restored unless you chose a backup for the computer.
The list below shows the ones you posted previously.
What you can do is run another Eset scan and allow it to remove/quarantine what it finds, if it can, or, try to manually remove the bad ones.G:\ED-PC\Backup Set 2014-04-06 192742\Backup Files 2014-04-13 195910\Backup files 18.zip Win32/DownloadAdmin.G potentially unwanted application No action
G:\ED-PC\Backup Set 2014-04-06 192742\Backup Files 2014-04-13 195910\Backup files 19.zip a variant of Win32/InstallCore.IU potentially unwanted application No action
G:\ED-PC\Backup Set 2014-04-06 192742\Backup Files 2014-04-13 195910\Backup files 2.zip Win32/InstallCore.AZ potentially unwanted application No action
G:\ED-PC\Backup Set 2014-04-06 192742\Backup Files 2014-04-13 195910\Backup files 3.zip multiple threats No action
G:\ED-PC\Backup Set 2014-04-06 192742\Backup Files 2014-04-13 195910\Backup files 4.zip a variant of Win32/Toolbar.Conduit.AA potentially unwanted application No action
G:\ED-PC\Backup Set 2014-04-06 192742\Backup Files 2014-04-13 195910\Backup files 6.zip a variant of Win32/Toolbar.Conduit.AH potentially unwanted application No action
G:\ED-PC\Backup Set 2014-04-06 192742\Backup Files 2014-04-13 195910\Backup files 7.zip Win64/Toolbar.Conduit.B potentially unwanted application No action
G:\ED-PC\Backup Set 2014-04-06 192742\Backup Files 2014-05-04 190000\Backup files 2.zip multiple threats No action
G:\ED-PC\Backup Set 2014-04-06 192742\Backup Files 2014-05-04 190000\Backup files 7.zip Win32/DownloadAdmin.G potentially unwanted application No action
G:\ED-PC\Backup Set 2014-04-06 192742\Backup Files 2014-05-11 211809\Backup files 2.zip a variant of Win32/Conduit.SearchProtect.P potentially unwanted application No action
G:\ED-PC\Backup Set 2014-05-18 202456\Backup Files 2014-05-18 202456\Backup files 10.zip a variant of Win32/Conduit.SearchProtect.P potentially unwanted application No action
G:\ED-PC\Backup Set 2014-05-18 202456\Backup Files 2014-05-18 202456\Backup files 12.zip a variant of Win32/Toolbar.Conduit.AH potentially unwanted application No action
G:\ED-PC\Backup Set 2014-05-18 202456\Backup Files 2014-05-18 202456\Backup files 24.zip Win32/DownloadAdmin.G potentially unwanted application No action
G:\ED-PC\Backup Set 2014-05-18 202456\Backup Files 2014-05-18 202456\Backup files 25.zip a variant of Win32/InstallCore.IU potentially unwanted application No action
G:\ED-PC\Backup Set 2014-05-18 202456\Backup Files 2014-05-18 202456\Backup files 41.zip Win32/DownloadAdmin.G potentially unwanted application No action
G:\ED-PC\Backup Set 2014-05-18 202456\Backup Files 2014-05-18 202456\Backup files 6.zip Win32/InstallCore.AZ potentially unwanted application No action
G:\ED-PC\Backup Set 2014-05-18 202456\Backup Files 2014-05-18 202456\Backup files 8.zip multiple threats No action
G:\ED-PC\Backup Set 2014-05-18 202456\Backup Files 2014-05-25 192314\Backup files 2.zip Win32/Conduit.SearchProtect potentially unwanted application No action
G:\ED-PC\Backup Set 2014-05-18 202456\Backup Files 2014-06-16 091350\Backup files 2.zip a variant of Win32/Conduit.SearchProtect.P potentially unwanted application No action
G:\ED-PC\Backup Set 2014-05-18 202456\Backup Files 2014-06-29 190000\Backup files 1.zip a variant of Win32/DomaIQ.BB potentially unwanted application No action
G:\ED-PC\Backup Set 2014-05-18 202456\Backup Files 2014-06-29 190000\Backup files 2.zip Win32/Toolbar.Montiera.B potentially unwanted application No action
G:\ED-PC\Backup Set 2014-07-06 190001\Backup Files 2014-07-06 190001\Backup files 11.zip a variant of Win32/Toolbar.SearchSuite.P potentially unwanted application No action
G:\ED-PC\Backup Set 2014-07-06 190001\Backup Files 2014-07-06 190001\Backup files 23.zip Win32/Toolbar.Montiera.B potentially unwanted application No action
G:\ED-PC\Backup Set 2014-07-06 190001\Backup Files 2014-07-06 190001\Backup files 7.zip Win32/BrowseFox.B potentially unwanted application No action
I found an online tutorial that makes it easy.
http://www.sevenforums.com/tutorials...e-backups.html
Windows Insider MVP Consumer Security 2009 - 2017
Please do not PM me for Malware help, we all benefit from posting on the open board.
Hi Juliet,
I submitted this already this am but don't see that when I log in. Sorry if it is a repeat.
I got a call from LT Infotech this am. Unfortunately the technician had a difficult accent to understand and he talked too fast. I wasn't sure it was legitimate. He told me I had 1000s of threats and tried to sell me something. I decided to talk to you first.
The threats on the "G" drive were on an external drive. I just deleted them.
I did run the ESET (log below) and it showed 1 threat which it removed.
I went in to the "sevenforums" site and found it a little intimidating. I'll study it and run it if you suggest.
Await your advice.
Scan Log WHOOPS! It tells me the message is too long and won't transmit it.
Now what?
THIS IS A SCAM.I got a call from LT Infotech this am. Unfortunately the technician had a difficult accent to understand and he talked too fast. I wasn't sure it was legitimate. He told me I had 1000s of threats and tried to sell me something. I decided to talk to you first.
If you get another call like this hang up immediately or laugh in his face!
We are hearing of a lot of these calls in recent days on several help forums, they are all scams.
Little did he know I just helped you clean your computer.
Think, how or why would someone from LT Infotech call you?, your phone number was randomly generated.
Good deal, then we got that covered.The threats on the "G" drive were on an external drive. I just deleted them.
I did run the ESET (log below) and it showed 1 threat which it removed.
Things look good to me, ready to remove all these tools now?
Windows Insider MVP Consumer Security 2009 - 2017
Please do not PM me for Malware help, we all benefit from posting on the open board.
you can attach it or make multiple post?Scan Log WHOOPS! It tells me the message is too long and won't transmit it.
Windows Insider MVP Consumer Security 2009 - 2017
Please do not PM me for Malware help, we all benefit from posting on the open board.