Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Support
Windows Malware Removal Help & Support
CBL says that I have a Conficker
Message
<blockquote data-quote="Hieronymus" data-source="post: 521330" data-attributes="member: 53834"><p>Hello,</p><p></p><p>I've run both scans and I've attached the log from Farbar to this reply.</p><p>I hope this won't be a problem for you, but the AdwCleaner that I downloaded was automatically in my (Czech) language, and it seemingly attempted to write some words in the log in that language as well, so it came out as nonsense. If this is a problem, please tell me and I'll try to download AdwCleaner in English. </p><p></p><p>Here are the contents of the AdwCleaner log:</p><p>[coode]</p><p># AdwCleaner v5.201 - Log vytvoĹ™en 07/07/2016 v 18:13:55</p><p># Aktualizováno 30/06/2016 by ToolsLib</p><p># Databáze : 2016-07-06.1 [Server]</p><p># OperaÄŤnĂ system : Windows 8.1 (X64)</p><p># UĹľivatelskĂ© jmĂ©no : Robin - MARSHALL</p><p># SpuštÄ›no z : C:\Users\Robin\Desktop\AdwCleaner.exe</p><p># NastavenĂ : ÄŚištÄ›nĂ</p><p># Podpora : <a href="https://toolslib.net/forum" target="_blank">ToolsLib</a></p><p></p><p>***** [ SluĹľby ] *****</p><p></p><p></p><p>***** [ SloĹľky ] *****</p><p></p><p>[-] SloĹľka Smazáno : C:\ProgramData\Trymedia</p><p>[#] SloĹľka Smazáno : C:\ProgramData\Application Data\Trymedia</p><p>[-] SloĹľka Smazáno : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\abc</p><p>[-] SloĹľka Smazáno : C:\Users\Robin\AppData\Local\VirtualStore\Program Files\abc</p><p>[-] SloĹľka Smazáno : C:\Users\Robin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SmartTweak Software</p><p>[-] SloĹľka Smazáno : C:\Program Files\abc</p><p></p><p>***** [ Soubory ] *****</p><p></p><p>[-] Soubor Smazáno : C:\WINDOWS\Reimage.ini</p><p></p><p>***** [ DLLs ] *****</p><p></p><p></p><p>***** [ WMI ] *****</p><p></p><p></p><p>***** [ Zástupci ] *****</p><p></p><p></p><p>***** [ NaplánovanĂ© Ăşlohy ] *****</p><p></p><p></p><p>***** [ Registry ] *****</p><p></p><p>[-] KlĂÄŤ Smazáno : HKLM\SOFTWARE\Classes\AppID\REI_AxControl.DLL</p><p>[-] KlĂÄŤ Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Reimage.exe</p><p>[-] KlĂÄŤ Smazáno : HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine</p><p>[-] KlĂÄŤ Smazáno : HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine.1</p><p>[-] KlĂÄŤ Smazáno : HKLM\SOFTWARE\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}</p><p>[-] KlĂÄŤ Smazáno : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}</p><p>[-] KlĂÄŤ Smazáno : HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}</p><p>[-] KlĂÄŤ Smazáno : HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}</p><p>[-] KlĂÄŤ Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}</p><p>[-] KlĂÄŤ Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{7D3C47ED-E0BE-4940-9DDA-A7A097AEBD88}</p><p>[-] KlĂÄŤ Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10ECCE17-29B5-4880-A8F5-EAD298611484}</p><p>[-] KlĂÄŤ Smazáno : HKCU\Software\smarttweak</p><p>[-] KlĂÄŤ Smazáno : HKLM\SOFTWARE\Reimage</p><p></p><p>***** [ ProhlĂĹľeÄŤe ] *****</p><p></p><p>[-] [C:\Users\Robin\AppData\Roaming\Mozilla\Firefox\Profiles\e9hu0vtx.default\prefs.js] Smazáno : user_pref("browser.search.searchengine.alias", "istartsurf");</p><p>[-] [C:\Users\Robin\AppData\Roaming\Mozilla\Firefox\Profiles\e9hu0vtx.default\prefs.js] Smazáno : user_pref("browser.search.searchengine.desc", "this is my first firefox searchEngine");</p><p>[-] [C:\Users\Robin\AppData\Roaming\Mozilla\Firefox\Profiles\e9hu0vtx.default\prefs.js] Smazáno : user_pref("browser.search.searchengine.iconURL", "hxxp://<a href="http://www.istartsurf.com/favicon.ico" target="_blank">www.istartsurf.com/favicon.ico</a>");</p><p>[-] [C:\Users\Robin\AppData\Roaming\Mozilla\Firefox\Profiles\e9hu0vtx.default\prefs.js] Smazáno : user_pref("browser.search.searchengine.name", "istartsurf");</p><p>[-] [C:\Users\Robin\AppData\Roaming\Mozilla\Firefox\Profiles\e9hu0vtx.default\prefs.js] Smazáno : user_pref("browser.search.searchengine.ptid", "cor");</p><p>[-] [C:\Users\Robin\AppData\Roaming\Mozilla\Firefox\Profiles\e9hu0vtx.default\prefs.js] Smazáno : user_pref("browser.search.searchengine.uid", "WDCXWD7500BPVT-80HXZT3_WD-WXG1E82ULJ55ULJ55");</p><p>[-] [C:\Users\Robin\AppData\Roaming\Mozilla\Firefox\Profiles\e9hu0vtx.default\prefs.js] Smazáno : user_pref("browser.search.searchengine.url", "hxxp://<a href="http://www.istartsurf.com/web/?type=ds&ts=1435084964&z=03d753daede5a87c2c795b6g0z4caw1e6b0zdteq6w&from=cor&uid=WDCXWD7500BPVT-80HXZT3_WD-WXG1E82ULJ55ULJ55[...]" target="_blank">www.istartsurf.com/web/?type=ds&ts=1435084964&z=03d753daede5a87c2c795b6g0z4caw1e6b0zdteq6w&from=cor&uid=WDCXWD7500BPVT-80HXZT3_WD-WXG1E82ULJ55ULJ55[...]</a></p><p>[-] [C:\Users\Robin\AppData\Roaming\Mozilla\Firefox\Profiles\e9hu0vtx.default\prefs.js] Smazáno : user_pref("extensions.quick_start.enable_search1", false);</p><p>[-] [C:\Users\Robin\AppData\Roaming\Mozilla\Firefox\Profiles\e9hu0vtx.default\prefs.js] Smazáno : user_pref("extensions.quick_start.sd.closeWindowWithLastTab_prev_state", false);</p><p></p><p>*************************</p><p></p><p>:: "Tracing" klĂÄŤe smazány</p><p>:: NastavenĂ Winsock vyÄŤištÄ›no</p><p></p><p>*************************</p><p></p><p>C:\AdwCleaner\AdwCleaner[C1].txt - [4000 bytĹŻ] - [07/07/2016 18:13:55]</p><p>C:\AdwCleaner\AdwCleaner[S1].txt - [4019 bytĹŻ] - [07/07/2016 18:10:28]</p><p></p><p>########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [4146 bytĹŻ] ##########[/code]</p></blockquote><p></p>
[QUOTE="Hieronymus, post: 521330, member: 53834"] Hello, I've run both scans and I've attached the log from Farbar to this reply. I hope this won't be a problem for you, but the AdwCleaner that I downloaded was automatically in my (Czech) language, and it seemingly attempted to write some words in the log in that language as well, so it came out as nonsense. If this is a problem, please tell me and I'll try to download AdwCleaner in English. Here are the contents of the AdwCleaner log: [coode] # AdwCleaner v5.201 - Log vytvoĹ™en 07/07/2016 v 18:13:55 # Aktualizováno 30/06/2016 by ToolsLib # Databáze : 2016-07-06.1 [Server] # OperaÄŤnĂ system : Windows 8.1 (X64) # UĹľivatelskĂ© jmĂ©no : Robin - MARSHALL # SpuštÄ›no z : C:\Users\Robin\Desktop\AdwCleaner.exe # NastavenĂ : ÄŚištÄ›nĂ # Podpora : [URL="https://toolslib.net/forum"]ToolsLib[/URL] ***** [ SluĹľby ] ***** ***** [ SloĹľky ] ***** [-] SloĹľka Smazáno : C:\ProgramData\Trymedia [#] SloĹľka Smazáno : C:\ProgramData\Application Data\Trymedia [-] SloĹľka Smazáno : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\abc [-] SloĹľka Smazáno : C:\Users\Robin\AppData\Local\VirtualStore\Program Files\abc [-] SloĹľka Smazáno : C:\Users\Robin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SmartTweak Software [-] SloĹľka Smazáno : C:\Program Files\abc ***** [ Soubory ] ***** [-] Soubor Smazáno : C:\WINDOWS\Reimage.ini ***** [ DLLs ] ***** ***** [ WMI ] ***** ***** [ Zástupci ] ***** ***** [ NaplánovanĂ© Ăşlohy ] ***** ***** [ Registry ] ***** [-] KlĂÄŤ Smazáno : HKLM\SOFTWARE\Classes\AppID\REI_AxControl.DLL [-] KlĂÄŤ Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Reimage.exe [-] KlĂÄŤ Smazáno : HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine [-] KlĂÄŤ Smazáno : HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine.1 [-] KlĂÄŤ Smazáno : HKLM\SOFTWARE\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A} [-] KlĂÄŤ Smazáno : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8} [-] KlĂÄŤ Smazáno : HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4} [-] KlĂÄŤ Smazáno : HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546} [-] KlĂÄŤ Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36} [-] KlĂÄŤ Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{7D3C47ED-E0BE-4940-9DDA-A7A097AEBD88} [-] KlĂÄŤ Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10ECCE17-29B5-4880-A8F5-EAD298611484} [-] KlĂÄŤ Smazáno : HKCU\Software\smarttweak [-] KlĂÄŤ Smazáno : HKLM\SOFTWARE\Reimage ***** [ ProhlĂĹľeÄŤe ] ***** [-] [C:\Users\Robin\AppData\Roaming\Mozilla\Firefox\Profiles\e9hu0vtx.default\prefs.js] Smazáno : user_pref("browser.search.searchengine.alias", "istartsurf"); [-] [C:\Users\Robin\AppData\Roaming\Mozilla\Firefox\Profiles\e9hu0vtx.default\prefs.js] Smazáno : user_pref("browser.search.searchengine.desc", "this is my first firefox searchEngine"); [-] [C:\Users\Robin\AppData\Roaming\Mozilla\Firefox\Profiles\e9hu0vtx.default\prefs.js] Smazáno : user_pref("browser.search.searchengine.iconURL", "hxxp://[URL="http://www.istartsurf.com/favicon.ico"]www.istartsurf.com/favicon.ico[/URL]"); [-] [C:\Users\Robin\AppData\Roaming\Mozilla\Firefox\Profiles\e9hu0vtx.default\prefs.js] Smazáno : user_pref("browser.search.searchengine.name", "istartsurf"); [-] [C:\Users\Robin\AppData\Roaming\Mozilla\Firefox\Profiles\e9hu0vtx.default\prefs.js] Smazáno : user_pref("browser.search.searchengine.ptid", "cor"); [-] [C:\Users\Robin\AppData\Roaming\Mozilla\Firefox\Profiles\e9hu0vtx.default\prefs.js] Smazáno : user_pref("browser.search.searchengine.uid", "WDCXWD7500BPVT-80HXZT3_WD-WXG1E82ULJ55ULJ55"); [-] [C:\Users\Robin\AppData\Roaming\Mozilla\Firefox\Profiles\e9hu0vtx.default\prefs.js] Smazáno : user_pref("browser.search.searchengine.url", "hxxp://[URL="http://www.istartsurf.com/web/?type=ds&ts=1435084964&z=03d753daede5a87c2c795b6g0z4caw1e6b0zdteq6w&from=cor&uid=WDCXWD7500BPVT-80HXZT3_WD-WXG1E82ULJ55ULJ55[...]"]www.istartsurf.com/web/?type=ds&ts=1435084964&z=03d753daede5a87c2c795b6g0z4caw1e6b0zdteq6w&from=cor&uid=WDCXWD7500BPVT-80HXZT3_WD-WXG1E82ULJ55ULJ55[...][/URL] [-] [C:\Users\Robin\AppData\Roaming\Mozilla\Firefox\Profiles\e9hu0vtx.default\prefs.js] Smazáno : user_pref("extensions.quick_start.enable_search1", false); [-] [C:\Users\Robin\AppData\Roaming\Mozilla\Firefox\Profiles\e9hu0vtx.default\prefs.js] Smazáno : user_pref("extensions.quick_start.sd.closeWindowWithLastTab_prev_state", false); ************************* :: "Tracing" klĂÄŤe smazány :: NastavenĂ Winsock vyÄŤištÄ›no ************************* C:\AdwCleaner\AdwCleaner[C1].txt - [4000 bytĹŻ] - [07/07/2016 18:13:55] C:\AdwCleaner\AdwCleaner[S1].txt - [4019 bytĹŻ] - [07/07/2016 18:10:28] ########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [4146 bytĹŻ] ##########[/code] [/QUOTE]
Insert quotes…
Verification
Post reply
Top