Extras.Txt

jak usunąć reklamy "ads by keep now"

Witam serdecznie od pewnego czasu wyświetlają mi się reklamy na stronach www, wklejane sztucznie przez złośliwe oprogramowanie. Może ktoś się już z tym spotkał? jak więc usunąć reklamy "ads by keep now" ? poniżej zamieszczam logi OTL (podzielone ze względu na wolny internet)


OTL Extras logfile created on: 2014-02-02 13:05:19 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Kwiatuszek\Moje dokumenty\Downloads
Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd

990,54 Mb Total Physical Memory | 224,18 Mb Available Physical Memory | 22,63% Memory free
2,88 Gb Paging File | 2,15 Gb Available in Paging File | 74,72% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149,04 Gb Total Space | 26,13 Gb Free Space | 17,53% Space Free | Partition Type: NTFS

Computer Name: HP | User Name: Kwiatuszek | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ & lt; extension & gt; ]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL " %1 " ,%*

[HKEY_USERS\S-1-5-21-220523388-436374069-1801674531-1003\SOFTWARE\Classes\ & lt; extension & gt; ]
.html [@ = ChromeHTML.R4CAA6P57542ZY5VHR6UYQ5ZYY] -- C:\Documents and Settings\Kwiatuszek\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe (Google Inc.)

[color=#E56717]========== Shell Spawning ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ & lt; key & gt; \shell\[command]\command]
batfile [open] -- " %1 " %*
cmdfile [open] -- " %1 " %*
comfile [open] -- " %1 " %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL " %1 " ,%*
exefile [open] -- " %1 " %*
htmlfile [edit] -- Reg Error: Key error.
piffile [open] -- " %1 " %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- " %1 "
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- " %1 " /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [napiprojekt] -- " C:\Program Files\NapiProjekt\napisy.exe " " %1 " ()
Directory [napiprojekt0] -- " C:\Program Files\NapiProjekt\napisy.exe " " %1 " -pobierz_ang ()
Directory [Winamp.Bookmark] -- " C:\Program Files\Winamp\winamp.exe " /BOOKMARK " %1 " (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- " C:\Program Files\Winamp\winamp.exe " /ADD " %1 " (Nullsoft, Inc.)
Directory [Winamp.Play] -- " C:\Program Files\Winamp\winamp.exe " " %1 " (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
" FirstRunDisabled " = 1
" AntiVirusDisableNotify " = 0
" FirewallDisableNotify " = 0
" UpdatesDisableNotify " = 0
" AntiVirusOverride " = 0
" FirewallOverride " = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[color=#E56717]========== System Restore Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
" DisableSR " = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
" Start " = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
" Start " = 2

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
" EnableFirewall " = 0
" DisableNotifications " = 0

[color=#E56717]========== Authorized Applications List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
" %windir%\Network Diagnostic\xpnetdiag.exe " = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
" %windir%\system32\sessmgr.exe " = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
" %windir%\Network Diagnostic\xpnetdiag.exe " = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
" %windir%\system32\sessmgr.exe " = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
" C:\Documents and Settings\Kwiatuszek\Pulpit\uTorrentPortable\App\uTorrent\uTorrent.exe " = C:\Documents and Settings\Kwiatuszek\Pulpit\uTorrentPortable\App\uTorrent\uTorrent.exe:*:Enabled:uTorrent -- (BitTorrent, Inc.)
" C:\Documents and Settings\Kwiatuszek\Pulpit\uTorrentPortable\uTorrent.exe " = C:\Documents and Settings\Kwiatuszek\Pulpit\uTorrentPortable\uTorrent.exe:*:Enabled:uTorrent -- (BitTorrent, Inc.)
" C:\Program Files\Winamp\winamp.exe " = C:\Program Files\Winamp\winamp.exe:*:Enabled:Winamp -- (Nullsoft, Inc.)


[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
" {1F1C2DFC-2D24-3E06-BCB8-725134ADF989} " = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
" {26A24AE4-039D-4CA4-87B4-2F83217045FF} " = Java 7 Update 45
" {34D2AB40-150D-475D-AE32-BD23FB5EE355} " = HP Quick Launch Buttons 6.40 B2
" {350C9415-3D7C-4EE8-BAA9-00BCB3D54227} " = WebFldrs XP
" {36A969EF-2977-47E2-A82F-ABD10BE3CDBF} " = TP-LINK Wireless Client Utility
" {4A03706F-666A-4037-7777-5F2748764D10} " = Java Auto Updater
" {4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E} " = Google Earth Plug-in
" {837b34e3-7c30-493c-8f6a-2b0f04e2912c} " = Microsoft Visual C++ 2005 Redistributable
" {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} " = Microsoft Silverlight
" {A89768CF-CD21-44FD-A723-16D5A8557415} " = NEF Codec
" {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} " = Google Update Helper
" {AC76BA86-7AD7-1045-7B44-AB0000000001} " = Adobe Reader XI (11.0.06) - Polish
" {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} " = Microsoft .NET Framework 2.0 Service Pack 2
" {CCF298AF-9CE1-4B26-B251-486E98A34789} " = Windows 7 USB/DVD Download Tool
" {D4F48A8F-8E81-43E0-847F-04318383476F}_is1 " = CardRecoveryPro 2.5.5
" {DDBB7C89-1A09-441E-AA0F-6AA465755C17} " = REALTEK DTV USB DEVICE
" {F0C3E5D1-1ADE-321E-8167-68EF0DE699A5} " = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
" {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC} " = Realtek High Definition Audio Driver
" 6A1545AE87FC8D98ACA7539CE7AA69DF2A5C7E1C " = Pakiet sterowników systemu Windows - Advanced Micro Devices (AmdK8) Processor (05/27/2006 1.3.2.0)
" avast " = avast! Free Antivirus
" Broadcom 802.11b Network Adapter " = Broadcom 802.11 Wireless LAN Adapter
" CNXT_HDAUDIO " = Conexant HD Audio
" CPUID CPU-Z_is1 " = CPUID CPU-Z 1.61.3
" DAEMON Tools Pro " = DAEMON Tools Pro
" deLight3D " = deLight3D 1.4.2
" ie8 " = Windows Internet Explorer 8
" KLiteCodecPack_is1 " = K-Lite Codec Pack 9.4.0 (Full)
" Malwarebytes' Anti-Malware_is1 " = Malwarebytes Anti-Malware wersja 1.75.0.1300
" Mozilla Firefox 24.0 (x86 pl) " = Mozilla Firefox 24.0 (x86 pl)
" MozillaMaintenanceService " = Mozilla Maintenance Service
" NapiProjekt_is1 " = NapiProjekt (2.0.0.2151)
" nLite_is1 " = nLite 1.4.9.3
" NVIDIA Drivers " = NVIDIA Drivers
" PandoraRecovery " = PandoraRecovery (Remove Only)
" QuicktimeAlt_is1 " = QuickTime Alternative 1.95
" RescuePRO-Deluxe " = RescuePRO Deluxe 4.0
" SubEdit-Player_is1 " = SubEdit-Player
" SynTPDeinstKey " = Synaptics Pointing Device Driver
" TechPowerUp GPU-Z " = TechPowerUp GPU-Z
" Totalcmd " = Total Commander (Remove or Repair)
" UltraISO_is1 " = UltraISO Premium V9.53
" uTorrent " = uTorrent
" Wdf01005 " = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
" Winamp " = Winamp
" Windows Media Format Runtime " = Windows Media Format Runtime
" WinRAR archiver " = WinRAR 4.20 (32-bit)

[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\S-1-5-21-220523388-436374069-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
" Google Chrome " = Google Chrome
" Winamp Detect " = Detektor Winampa

[color=#E56717]========== Last 20 Event Log Errors ==========[/color]

[ Application Events ]
Error - 2013-12-19 06:31:01 | Computer Name = HP | Source = MsiInstaller | ID = 11316
Description = Product: Google Update Helper -- Error 1316. A network error occurred
while attempting to read from the file: C:\Program Files\Google\Update\1.3.22.3\BonanzaDealsLiveHelper.msi

Error - 2013-12-19 19:31:02 | Computer Name = HP | Source = MsiInstaller | ID = 11316
Description = Product: Google Update Helper -- Error 1316. A network error occurred
while attempting to read from the file: C:\Program Files\Google\Update\1.3.22.3\BonanzaDealsLiveHelper.msi

Error - 2013-12-20 06:31:01 | Computer Name = HP | Source = MsiInstaller | ID = 11316
Description = Product: Google Update Helper -- Error 1316. A network error occurred
while attempting to read from the file: C:\Program Files\Google\Update\1.3.22.3\BonanzaDealsLiveHelper.msi

Error - 2013-12-20 15:31:02 | Computer Name = HP | Source = MsiInstaller | ID = 11316
Description = Product: Google Update Helper -- Error 1316. A network error occurred
while attempting to read from the file: C:\Program Files\Google\Update\1.3.22.3\BonanzaDealsLiveHelper.msi

Error - 2013-12-22 14:31:01 | Computer Name = HP | Source = MsiInstaller | ID = 11316
Description = Product: Google Update Helper -- Error 1316. A network error occurred
while attempting to read from the file: C:\Program Files\Google\Update\1.3.22.3\BonanzaDealsLiveHelper.msi

Error - 2013-12-25 05:31:01 | Computer Name = HP | Source = MsiInstaller | ID = 11316
Description = Product: Google Update Helper -- Error 1316. A network error occurred
while attempting to read from the file: C:\Program Files\Google\Update\1.3.22.3\BonanzaDealsLiveHelper.msi

Error - 2013-12-25 08:26:34 | Computer Name = HP | Source = Application Hang | ID = 1002
Description = Aplikacja zawieszająca explorer.exe, wersja 6.0.2900.5512, moduł zawieszenia
hungapp, wersja 0.0.0.0, adres zawieszenia 0x00000000.

Error - 2013-12-25 08:31:02 | Computer Name = HP | Source = MsiInstaller | ID = 11316
Description = Product: Google Update Helper -- Error 1316. A network error occurred
while attempting to read from the file: C:\Program Files\Google\Update\1.3.22.3\BonanzaDealsLiveHelper.msi

Error - 2013-12-25 14:31:02 | Computer Name = HP | Source = MsiInstaller | ID = 11316
Description = Product: Google Update Helper -- Error 1316. A network error occurred
while attempting to read from the file: C:\Program Files\Google\Update\1.3.22.3\BonanzaDealsLiveHelper.msi

Error - 2013-12-25 15:31:00 | Computer Name = HP | Source = MsiInstaller | ID = 11316
Description = Product: Google Update Helper -- Error 1316. A network error occurred
while attempting to read from the file: C:\Program Files\Google\Update\1.3.22.3\BonanzaDealsLiveHelper.msi

[ System Events ]
Error - 2014-01-24 22:25:10 | Computer Name = HP | Source = atapi | ID = 262153
Description = Urządzenie \Device\Ide\IdePort0 nie odpowiedziało w ramach ustalonego
limitu czasu.

Error - 2014-01-24 22:25:19 | Computer Name = HP | Source = atapi | ID = 262153
Description = Urządzenie \Device\Ide\IdePort0 nie odpowiedziało w ramach ustalonego
limitu czasu.

Error - 2014-01-24 22:25:33 | Computer Name = HP | Source = atapi | ID = 262153
Description = Urządzenie \Device\Ide\IdePort0 nie odpowiedziało w ramach ustalonego
limitu czasu.

Error - 2014-01-24 22:25:33 | Computer Name = HP | Source = PlugPlayManager | ID = 12
Description = Urządzenie 'MATSHITA DVD-RAM UJ-851S' (IDE\CdRomMATSHITA_DVD-RAM_UJ-851S________________1.50____\5 & 3738e2e0 & 0 & 0.0.0)
zniknęło z systemu bez uprzedniego przygotowania go do usunięcia.

Error - 2014-01-28 15:21:33 | Computer Name = HP | Source = W32Time | ID = 39452706
Description = Usługa czas wykryła, że trzeba zmienić czas systemowy o +91361 s. Usługa
czasu nie zmieni czasu systemowego o więcej niż +54000 s. Sprawdź, czy czas i strefa
czasowa są poprawne i czy źródło czasu time.windows.com (ntp.m|0x1|192.168.1.241:123- & gt; 64.4.10.33:123)
działa poprawnie.

Error - 2014-01-29 01:15:18 | Computer Name = HP | Source = AR9271 | ID = 1
Description =

Error - 2014-01-30 02:46:33 | Computer Name = HP | Source = Dhcp | ID = 1000
Description = Komputer utracił połączenie dla swojego adresu IP 192.168.1.241 na
karcie sieciowej o adresie sieciowym 002719BB3FA3.

Error - 2014-01-30 16:48:30 | Computer Name = HP | Source = Windows Update Agent | ID = 20
Description = Instalacja nie powiodła się: system Windows nie mógł zainstalować
następującej aktualizacji, ponieważ wystąpił błąd 0x80246007: Aktualizacja zabezpieczeń
dla programu Microsoft Silverlight (KB2890788).

Error - 2014-01-31 10:57:29 | Computer Name = HP | Source = Dhcp | ID = 1000
Description = Komputer utracił połączenie dla swojego adresu IP 192.168.1.241 na
karcie sieciowej o adresie sieciowym 002719BB3FA3.

Error - 2014-02-02 07:39:45 | Computer Name = HP | Source = Service Control Manager | ID = 7026
Description = Nie można załadować następujących sterowników startu rozruchowego
lub systemowego: nvatabus nvgts


& lt; End of report & gt;


Download file - link to post