Addition.txt

Greenerweb - Jak się tego pozbyć ?

Niestety reklamy nadal atakują .


Additional scan result of Farbar Recovery Scan Tool (x86) Version:24-07-2014
Ran by Ire at 2014-07-24 01:30:35
Running from C:\Users\Ire\Desktop\Logi
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: COMODO Antivirus (Enabled - Up to date) {B74CC7D2-B407-E1DC-1033-DD315BCDC8C8}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: COMODO Antivirus (Enabled - Up to date) {0C2D2636-923D-EE52-2A83-E643204A8275}
FW: COMODO Firewall (Enabled) {8F7746F7-FE68-E084-3B6C-7404A51E8FB3}

==================== Installed Programs ======================

(Only the adware programs with " hidden " flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (HKLM\...\7-Zip) (Version: - )
Adobe Flash Player 14 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.07) - Polish (HKLM\...\{AC76BA86-7AD7-1045-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
CCleaner (HKLM\...\CCleaner) (Version: 4.15 - Piriform)
COMODO Internet Security Premium (HKLM\...\{2736B6BD-31EC-4FC8-A48C-F0A5C914C0B6}) (Version: 7.0.55655.4142 - COMODO Security Solutions Inc.)
ffdshow v1.3.4530 [2014-02-09] (HKLM\...\ffdshow_is1) (Version: 1.3.4530.0 - )
Malwarebytes Anti-Malware wersja 2.0.2.1012 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Mozilla Firefox 30.0 (x86 pl) (HKLM\...\Mozilla Firefox 30.0 (x86 pl)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
PrivDog (HKLM\...\PrivDog) (Version: 2.2.0.14 - privdog.com)
Realtek AC'97 Audio (HKLM\...\{FB08F381-6533-4108-B7DD-039E11FBC27E}) (Version: 5.37 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7246 - Realtek Semiconductor Corp.)
SMPlayer 14.3.0 (HKLM\...\SMPlayer) (Version: 14.3.0 - Ricardo Villalba)

==================== Custom CLSID entries: ==========================

(Only entries are listed that could be exploited by malware. If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points =========================

23-07-2014 22:51:20 Removed GeekBuddy.

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:04 - 2014-07-15 15:52 - 00000921 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 genuine.microsoft.com
127.0.0.1 mpa.one.microsoft.com
127.0.0.1 sls.microsoft.com


==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {1ADB4CD4-85CB-467C-8BC1-997AB2DDA13F} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup = & gt; Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {5FC0B0BA-F498-4A15-998C-8BA5CFD2D5AE} - System32\Tasks\CCleanerSkipUAC = & gt; C:\Program Files\CCleaner\CCleaner.exe [2014-06-24] (Piriform Ltd)
Task: {65497017-EBE9-4113-B00B-F72D2DA6F8AB} - System32\Tasks\COMODO\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9} = & gt; C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2014-04-16] (COMODO)
Task: {8E1F1FDE-D53C-46A2-BFDF-5007A30E8F99} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} = & gt; C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2014-04-16] (COMODO)
Task: {C69DAFAF-C5E0-415E-815B-0A3462076138} - System32\Tasks\DriverToolkit Autorun = & gt; C:\Program Files\DriverToolkit\DriverToolkit.exe
Task: {D3341944-6279-4D18-8B56-92182DE85148} - System32\Tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} = & gt; C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2014-04-16] (COMODO)
Task: {EA1E1EF4-6309-4A1D-BB16-1FF74673DC60} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} = & gt; C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2014-04-16] (COMODO)
Task: {F3B61512-EDF6-4D1C-815B-D04D0C498140} - System32\Tasks\Adobe Flash Player Updater = & gt; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-09] (Adobe Systems Incorporated)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not bemove.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job = & gt; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DriverToolkit Autorun.job = & gt; C:\Program Files\DriverToolkit\DriverToolkit.exe

==================== Loaded Modules (whitelisted) =============

2013-04-15 18:39 - 2013-04-15 18:39 - 00070352 _____ () C:\Program Files\COMODO\COMODO Internet Security\scanners\smart.cav
2014-07-15 16:13 - 2014-06-06 06:38 - 03852912 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The " AlternateShell " will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


==================== Faulty Device Manager Devices =============

Name: {a3f28269-ad17-41a8-b032-3e0313ef8979}w
Description: {a3f28269-ad17-41a8-b032-3e0313ef8979}w
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: {a3f28269-ad17-41a8-b032-3e0313ef8979}w
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (07/24/2014 01:27:09 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA " Win32_Processor " AND TargetInstance.LoadPercentage & gt; 990x80041003

Error: (07/24/2014 01:25:32 AM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Aktywacja licencji systemu Windows nie powiodła się. Błąd 0x00000000.

Error: (07/24/2014 01:25:32 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Wystąpił błąd aktywacji licencji (slui.exe), kod błędu:
0x800401F9

Error: (07/24/2014 01:21:22 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA " Win32_Processor " AND TargetInstance.LoadPercentage & gt; 990x80041003

Error: (07/24/2014 01:19:51 AM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Aktywacja licencji systemu Windows nie powiodła się. Błąd 0x00000000.

Error: (07/24/2014 01:19:51 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Wystąpił błąd aktywacji licencji (slui.exe), kod błędu:
0x800401F9

Error: (07/24/2014 00:31:05 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA " Win32_Processor " AND TargetInstance.LoadPercentage & gt; 990x80041003

Error: (07/24/2014 00:29:27 AM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Aktywacja licencji systemu Windows nie powiodła się. Błąd 0x00000000.

Error: (07/24/2014 00:29:27 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Wystąpił błąd aktywacji licencji (slui.exe), kod błędu:
0x800401F9

Error: (07/24/2014 00:15:55 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA " Win32_Processor " AND TargetInstance.LoadPercentage & gt; 990x80041003


System errors:
=============
Error: (07/24/2014 01:25:38 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Nie można załadować następujących sterowników startu rozruchowego lub systemowego:
{a3f28269-ad17-41a8-b032-3e0313ef8979}w

Error: (07/24/2014 01:19:53 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Nie można załadować następujących sterowników startu rozruchowego lub systemowego:
{a3f28269-ad17-41a8-b032-3e0313ef8979}Gw
{a3f28269-ad17-41a8-b032-3e0313ef8979}w

Error: (07/24/2014 00:14:33 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Nie można uruchomić usługi Util Greener Web z powodu następującego błędu:
%%5

Error: (07/24/2014 00:14:33 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Nie można uruchomić usługi Update Greener Web z powodu następującego błędu:
%%5

Error: (07/24/2014 00:14:30 AM) (Source: BugCheck) (EventID: 1001) (User: )
Description: 0x000000f4 (0x00000003, 0x84882d40, 0x84882eac, 0x81e59d60)C:\Windows\MEMORY.DMP072414-29453-01

Error: (07/22/2014 02:24:58 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Nie można załadować następujących sterowników startu rozruchowego lub systemowego:
cdrom

Error: (07/22/2014 02:24:52 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Poprzednie zamknięcie systemu przy 14:22:27 na ?2014-?07-?22 było nieoczekiwane.

Error: (07/22/2014 01:44:32 PM) (Source: cdrom) (EventID: 15) (User: )
Description: Urządzenie \Device\CdRom0 nie jest jeszcze przygotowane do dostępu.

Error: (07/22/2014 01:44:32 PM) (Source: atapi) (EventID: 11) (User: )
Description: Sterownik wykrył błąd kontrolera na \Device\Ide\IdePort1.

Error: (07/22/2014 01:44:31 PM) (Source: cdrom) (EventID: 15) (User: )
Description: Urządzenie \Device\CdRom0 nie jest jeszcze przygotowane do dostępu.


Microsoft Office Sessions:
=========================
Error: (07/24/2014 01:27:09 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA " Win32_Processor " AND TargetInstance.LoadPercentage & gt; 990x80041003

Error: (07/24/2014 01:25:32 AM) (Source: Winlogon) (EventID: 4103) (User: )
Description: 0x000000000x00000001

Error: (07/24/2014 01:25:32 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: 0x800401F9

Error: (07/24/2014 01:21:22 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA " Win32_Processor " AND TargetInstance.LoadPercentage & gt; 990x80041003

Error: (07/24/2014 01:19:51 AM) (Source: Winlogon) (EventID: 4103) (User: )
Description: 0x000000000x00000001

Error: (07/24/2014 01:19:51 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: 0x800401F9

Error: (07/24/2014 00:31:05 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA " Win32_Processor " AND TargetInstance.LoadPercentage & gt; 990x80041003

Error: (07/24/2014 00:29:27 AM) (Source: Winlogon) (EventID: 4103) (User: )
Description: 0x000000000x00000001

Error: (07/24/2014 00:29:27 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: 0x800401F9

Error: (07/24/2014 00:15:55 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA " Win32_Processor " AND TargetInstance.LoadPercentage & gt; 990x80041003


==================== Memory info ===========================

Percentage of memory in use: 44%
Total physical RAM: 1535.55 MB
Available physical RAM: 857.07 MB
Total Pagefile: 3071.11 MB
Available Pagefile: 2225.54 MB
Total Virtual: 2047.88 MB
Available Virtual: 1922.34 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:39.06 GB) (Free:25.6 GB) NTFS == & gt; [Drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:53.71 GB) (Free:23.06 GB) NTFS
Drive e: () (Fixed) (Total:56.27 GB) (Free:56.1 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 149 GB) (Disk ID: E35AFE36)
Partition 1: (Active) - (Size=39 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=110 GB) - (Type=OF Extended)

==================== End Of Log ============================


Download file - link to post