Przy wchodzeniu w mój komputer, panel sterowania itp. uruchamia się instalacja Smart Web Printing.
Proszę o pomoc w pozbyciu się tego.
Logi:
http://www.wklej.org/id/1747373/
Odinstaluj Qtrax Player.Otwórz notatnik systemowy i wklej:
SmartWebPrinting (Version: 140.0.186.000 - Hewlett-Packard) Hidden
Task: C:\WINDOWS\Tasks\Ad-Aware Update (Daily 1).job = C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
Task: C:\WINDOWS\Tasks\Ad-Aware Update (Daily 2).job = C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
Task: C:\WINDOWS\Tasks\Ad-Aware Update (Daily 3).job = C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
Task: C:\WINDOWS\Tasks\Ad-Aware Update (Daily 4).job = C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
Task: C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job = C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-606747145-1637723038-725345543-1003Core.job = C:\Documents and Settings\Bóko\Ustawienia lokalne\Dane aplikacji\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-606747145-1637723038-725345543-1003UA.job = C:\Documents and Settings\Bóko\Ustawienia lokalne\Dane aplikacji\Facebook\Update\FacebookUpdate.exe
AlternateDataStreams: C:\WINDOWS\Temp:temp
AlternateDataStreams: C:\Documents and Settings\All Users\Dane aplikacji\TEMP:DFC5A2B2
HKLM\...\Run: [HP Software Update] = C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [49152 2007-03-11] (Hewlett-Packard Co.)
HKU\S-1-5-21-606747145-1637723038-725345543-1003\...\Run: [Facebook Update] = C:\Documents and Settings\Bóko\Ustawienia lokalne\Dane aplikacji\Facebook\Update\FacebookUpdate.exe [138096 2014-01-02] (Facebook Inc.)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction ======= ATTENTION
HKU\S-1-5-21-606747145-1637723038-725345543-1003\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction ======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.delta-homes.com/?type=hpts=1433146593z=21e223b3f0c97db3c281da1g7zccaefozzjcktmlmafrom=wpm06013uid=WDCXWD3200AAKS-75VYA0_WD-WCARW314219642196
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.delta-homes.com/?type=hpts=1433146593z=21e223b3f0c97db3c281da1g7zccaefozzjcktmlmafrom=wpm06013uid=WDCXWD3200AAKS-75VYA0_WD-WCARW314219642196
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "about:newtab" ======= ATTENTION
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.delta-homes.com/web/?type=dsts=1433146593z=21e223b3f0c97db3c281da1g7zccaefozzjcktmlmafrom=wpm06013uid=WDCXWD3200AAKS-75VYA0_WD-WCARW314219642196q={searchTerms}
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.delta-homes.com/web/?type=dsts=1433146593z=21e223b3f0c97db3c281da1g7zccaefozzjcktmlmafrom=wpm06013uid=WDCXWD3200AAKS-75VYA0_WD-WCARW314219642196q={searchTerms}
SearchScopes: HKLM - {BE28C22E-F666-424d-B5FD-125C4AFEE34E} URL = http://search.myheritage.com?orig=dsq={searchTerms}
SearchScopes: HKU\S-1-5-21-606747145-1637723038-725345543-1003 - DefaultScope {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = http://do-search.com/web/?utm_source=butm_medium=utm_campaign=install_ieutm_content=dsfrom=uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6Ats=1420373293type=defaultq={searchTerms}
SearchScopes: HKU\S-1-5-21-606747145-1637723038-725345543-1003 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://do-search.com/web/?utm_source=butm_medium=utm_campaign=install_ieutm_content=dsfrom=uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6Ats=1420373293type=defaultq={searchTerms}
SearchScopes: HKU\S-1-5-21-606747145-1637723038-725345543-1003 - {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = http://do-search.com/web/?utm_source=butm_medium=utm_campaign=install_ieutm_content=dsfrom=uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6Ats=1420373293type=defaultq={searchTerms}
SearchScopes: HKU\S-1-5-21-606747145-1637723038-725345543-1003 - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://do-search.com/web/?utm_source=butm_medium=utm_campaign=install_ieutm_content=dsfrom=uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6Ats=1420373293type=defaultq={searchTerms}
SearchScopes: HKU\S-1-5-21-606747145-1637723038-725345543-1003 - {BE28C22E-F666-424d-B5FD-125C4AFEE34E} URL = http://do-search.com/web/?utm_source=butm_medium=utm_campaign=install_ieutm_content=dsfrom=uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6Ats=1420373293type=defaultq={searchTerms}
SearchScopes: HKU\S-1-5-21-606747145-1637723038-725345543-1003 - {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = http://do-search.com/web/?utm_source=butm_medium=utm_campaign=install_ieutm_content=dsfrom=uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6Ats=1420373293type=defaultq={searchTerms}
SearchScopes: HKU\S-1-5-21-606747145-1637723038-725345543-1003 - {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = http://do-search.com/web/?utm_source=butm_medium=utm_campaign=install_ieutm_content=dsfrom=uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6Ats=1420373293type=defaultq={searchTerms}
BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll No File
BHO: LuckyTab Class - {51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F} - C:\Program Files\XTab\SupTab.dll [2015-05-29] (Thinknice Co. Limited)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll No File
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.6.0_07\bin\jp2ssv.dll No File
BHO: IEPluginBHO Class - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10\_userdata\ggbho.2.dll No File
BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll No File
Toolbar: HKLM - Easy Gif Animator Toolbar - {35065594-9169-4A34-B167-FC4865038E53} - C:\Program Files\Easy Gif Animator Extension\v3.3.0.3\EasyGifAnimator_Toolbar.dll No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\IEXPLORE.EXE http://www.delta-homes.com/?type=scts=1433146593z=21e223b3f0c97db3c281da1g7zccaefozzjcktmlmafrom=wpm06013uid=WDCXWD3200AAKS-75VYA0_WD-WCARW314219642196
FF DefaultSearchUrl: hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1060933SearchSource=3q={searchTerms}
FF SearchPlugin: C:\Documents and Settings\Bóko\Dane aplikacji\Mozilla\Firefox\Profiles\zcmip3jb.default\searchplugins\conduit.xml [2013-11-15]
FF SearchPlugin: C:\Documents and Settings\Bóko\Dane aplikacji\Mozilla\Firefox\Profiles\zcmip3jb.default\searchplugins\freecorder-customized-web-search.xml [2013-11-15]
FF SearchPlugin: C:\Documents and Settings\Bóko\Dane aplikacji\Mozilla\Firefox\Profiles\zcmip3jb.default\searchplugins\web-search.xml [2011-03-15]
FF Extension: ace race 1.0.1 - C:\Documents and Settings\Bóko\Dane aplikacji\Mozilla\Firefox\Profiles\zcmip3jb.default\Extensions\{ebf755a7-a244-4bc6-ac93-a366f9eccf49}.xpi [2015-02-01]
FF HKLM\...\Firefox\Extensions: [quick_searchff@gmail.com] - C:\Documents and Settings\Rodzice\Dane aplikacji\Mozilla\Firefox\Profiles\i0x5sqo0.default\extensions\quick_searchff@gmail.com
FF HKLM\...\Firefox\Extensions: [sweetsearch@gmail.com] - C:\Documents and Settings\Rodzice\Dane aplikacji\Mozilla\Firefox\Profiles\i0x5sqo0.default\extensions\sweetsearch@gmail.com
R2 IHProtect Service; C:\Program Files\XTab\ProtectService.exe [157824 2015-05-29] (XTab system)
R2 PicexaService; C:\Program Files\Picexa\PicexaSvc.exe [396952 2015-06-01] (Taiwan Shui Mu Chih Ching Technology Limited)
S4 HidServ; %SystemRoot%\System32\hidserv.dll [X]
R1 {c5e48979-bd7f-4cf7-9b73-2482a67a4f37}Gt; C:\WINDOWS\System32\drivers\{c5e48979-bd7f-4cf7-9b73-2482a67a4f37}Gt.sys [55056 2014-08-15] (StdLib)
R1 {c5e48979-bd7f-4cf7-9b73-2482a67a4f37}t; C:\WINDOWS\System32\drivers\{c5e48979-bd7f-4cf7-9b73-2482a67a4f37}t.sys [55056 2014-08-22] (StdLib)
R1 {ebf755a7-a244-4bc6-ac93-a366f9eccf49}t; C:\WINDOWS\System32\drivers\{ebf755a7-a244-4bc6-ac93-a366f9eccf49}t.sys [55824 2015-01-31] (StdLib)
U3 a42y44jp; C:\WINDOWS\system32\Drivers\a42y44jp.sys [0] (NVIDIA Corporation) ==== ATTENTION (zero byte File/Folder)
S3 Cardex; \\C:\WINDOWS\system32\drivers\TBPANEL.SYS [X]
S3 catchme; \\C:\ComboFix\catchme.sys [X]
S3 dtscsi; \SystemRoot\System32\Drivers\dtscsi.sys [X]
S4 IntelIde; No ImagePath
S3 RimUsb; System32\Drivers\RimUsb.sys [X]
U1 WS2IFSL; No ImagePath
S2 zumbus; system32\DRIVERS\zumbus.sys [X]
2015-06-27 13:45 - 2015-06-27 13:45 - 00000000 ____ D C:\Documents and Settings\Bóko\SupTabXP
2015-06-01 10:19 - 2015-06-27 13:42 - 00000000 ____ D C:\Program Files\Picexa
2015-06-01 10:19 - 2015-06-01 10:19 - 00001470 _____ C:\Documents and Settings\All Users\Pulpit\Picexa.lnk
2015-06-01 10:19 - 2015-06-01 10:19 - 00000000 ____ D C:\Documents and Settings\Rodzice\Dane aplikacji\Picexa Viewer
2015-06-01 10:19 - 2015-06-01 10:19 - 00000000 ____ D C:\Documents and Settings\All Users\Menu Start\Programy\Picexa
2015-06-01 10:18 - 2015-06-01 10:18 - 00000000 ____ D C:\Documents and Settings\All Users\Dane aplikacji\IHProtectUpDate
2015-06-01 10:17 - 2015-06-01 10:18 - 00000000 ____ D C:\Program Files\XTab
EmptyTemp:
Plik zapisz pod nazwą fixlist.txt i umieść obok FRST w tym samym folderze.