prośba o sprawdzenie logów

[Gość: Meżda]

Bardzo proszę o sprawdzenie logów, mozilla wariuje, wyskakują okna, reklamy, błędy o przerwanym skrypcie.

zrobiłam adwcleaner, cccleaner, poniżej logi z FRST:

wklej.org/id/2029641/
wklej.org/id/2029651/
Dziękuję za pomoc!

[kolobos]

Odinstaluj:
Adobe Reader 9.1 - Polish, zmien na najnowsza wersje AR lub Foxit: ninite.com/foxit/
FoxTab PDF Converter
Java(TM) 6 Update 24, zainstaluj ninite.com/java/

Obok frst.exe utworz plik fixlist.txt z zawartoscia:
Task: {1BC04D3D-5DA2-4D5F-AFCA-9ACBE09385F7} - System32\Tasks\{94569A36-E92C-4CED-A948-4880159069E2} => pcalua.exe -a D:\gry\beastnb\SETUP.EXE -d D:\gry\beastnb
Task: {20E6CFDF-9DAD-41A7-B8F4-5B0F83210A95} - System32\Tasks\PriceFountainUpdateVer => C:\Users\Meżda\AppData\Roaming\PriceFountainUpdateVer\UpdateProc\UpdateTask.exe [2016-02-26] () <==== UWAGA
Task: {3064C533-832F-488B-91A8-448E59171FFD} - System32\Tasks\{B7DD1D9F-7105-484F-B55B-F7416BF704D3} => pcalua.exe -a C:\Users\Meżda\AppData\Roaming\mystartsearch\UninstallManager.exe -c -ptid=cornl
Task: {59872D4D-485D-45FB-9A49-72115B58CE57} - System32\Tasks\{0C050F47-7F0A-0C79-7A11-0D047E7D110E} => powershell.exe -nologo -executionpolicy bypass -noninteractive -windowstyle hidden -EncodedCommand
Task: {9B695353-B309-4B72-86DE-187294460E67} - System32\Tasks\{06697F76-1837-4EFF-8C7A-A2130508E860} => pcalua.exe -a C:\Programy\pdf\\ftpdf_inst.exe -c remove
Task: {D58E7C4A-0B68-4FF6-AB42-2ECCDD26E721} - System32\Tasks\{F54BFF21-B7DD-460A-9569-403B9364713A} => pcalua.exe -a "D:\gry\zoo\Zoo Tycoon 2 - CRACK\Hotfix\Zoo_Tycoon_2_Addon_Hotfix.exe" -d "D:\gry\zoo\Zoo Tycoon 2 - CRACK\Hotfix"
Task: C:\Windows\Tasks\PriceFountainUpdateVer.job => C:\Users\MEDA~1\AppData\Roaming\PRICEF~1\UPDATE~1\UPDATE~1.EXE <==== UWAGA
AlternateDataStreams: C:\ProgramData\Temp:373E1720 [118]
HKU\S-1-5-21-2914413549-1929540384-3802278658-1000\...\MountPoints2: {0d2ff059-fc1e-11e2-abd9-4cedde7e7d64} - G:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-2914413549-1929540384-3802278658-1000\...\MountPoints2: {377ad388-0802-11e3-9aa4-4cedde7e7d64} - G:\Startme.exe
HKU\S-1-5-21-2914413549-1929540384-3802278658-1000\...\MountPoints2: {377ad3e3-0802-11e3-9aa4-4cedde7e7d64} - G:\Startme.exe
HKU\S-1-5-21-2914413549-1929540384-3802278658-1000\...\MountPoints2: {42d2561b-c8ed-11e0-8eba-4cedde7e7d64} - H:\SJ2_setup.exe
HKU\S-1-5-21-2914413549-1929540384-3802278658-1000\...\MountPoints2: {44b720f0-b174-11e1-bff6-4cedde7e7d64} - G:\AutoRun.exe
HKU\S-1-5-21-2914413549-1929540384-3802278658-1000\...\MountPoints2: {752d8ab2-b0a0-11e1-9084-4cedde7e7d64} - G:\AutoRun.exe
HKU\S-1-5-21-2914413549-1929540384-3802278658-1000\...\MountPoints2: {752d8ac7-b0a0-11e1-9084-4cedde7e7d64} - G:\AutoRun.exe
HKU\S-1-5-21-2914413549-1929540384-3802278658-1000\...\MountPoints2: {9b3cb3c0-5e41-11e5-b465-806e6f6e6963} - G:\SETUP.EXE
HKU\S-1-5-21-2914413549-1929540384-3802278658-1000\...\MountPoints2: {ca687cb8-5e98-11e0-ae1d-4cedde7e7d64} - F:\autorun.exe
Tcpip\Parameters: [NameServer] 82.163.142.7 95.211.158.134
Tcpip\..\Interfaces\{A19E2E78-9420-413D-ACA0-992CCBBCB0CB}: [DhcpNameServer] 82.163.142.7
Tcpip\..\Interfaces\{C680D052-31E0-4A66-9140-46C0F0189170}: [DhcpNameServer] 82.163.142.7
Toolbar: HKU\S-1-5-21-2914413549-1929540384-3802278658-1000 -> Brak nazwy - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Brak pliku
CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - <Brak Path/update_url>
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2016-03-02] ()
U3 a8l7grsp; C:\Windows\System32\Drivers\a8l7grsp.sys [0 ] (Advanced Micro Devices) <==== UWAGA (zerobajtowy plik/folder)
S2 DgiVecp; \??\C:\Windows\system32\Drivers\DgiVecp.sys [X]
S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [X]
S3 ew_usbenumfilter; system32\DRIVERS\ew_usbenumfilter.sys [X]
S3 huawei_cdcacm; system32\DRIVERS\ew_jucdcacm.sys [X]
S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]
S3 huawei_ext_ctrl; system32\DRIVERS\ew_juextctrl.sys [X]
S3 huawei_wwanecm; system32\DRIVERS\ew_juwwanecm.sys [X]
2016-03-02 19:06 - 2016-03-02 19:06 - 00772016 _____ (Reimage?) C:\Users\Meżda\Downloads\ReimageRepair.exe
2016-03-02 18:52 - 2016-03-02 19:07 - 00000000 ____D C:\AdwCleaner
2016-03-02 18:03 - 2016-03-02 18:03 - 00000000 _____ C:\autoexec.bat
2016-03-02 18:02 - 2016-03-02 18:02 - 00022704 _____ C:\Windows\system32\Drivers\EsgScanner.sys
2016-03-02 18:01 - 2016-03-02 18:01 - 03286400 _____ (Enigma Software Group USA, LLC.) C:\Users\Meżda\Downloads\SpyHunter-Installer.exe
2016-03-02 18:01 - 2016-03-02 18:01 - 03286400 _____ (Enigma Software Group USA, LLC.) C:\Users\Meżda\Downloads\SpyHunter-Installer(1).exe
2016-02-28 16:24 - 2016-03-02 19:24 - 00000294 _____ C:\Windows\Tasks\PriceFountainUpdateVer.job
2016-02-28 16:24 - 2016-02-28 16:24 - 00003222 _____ C:\Windows\System32\Tasks\PriceFountainUpdateVer
2016-02-28 16:24 - 2016-02-28 16:24 - 00000000 ____D C:\Users\Meżda\AppData\Roaming\PriceFountainUpdateVer
2016-02-28 16:23 - 2016-02-28 16:23 - 08003072 _____ C:\Users\Meżda\AppData\Roaming\agent.dat
2016-02-28 16:23 - 2016-02-28 16:23 - 01895098 _____ C:\Users\Meżda\AppData\Roaming\Zenjob.tst
2016-02-28 16:23 - 2016-02-28 16:23 - 00762880 _____ C:\Users\Meżda\AppData\Roaming\Zenjob.exe
2016-02-28 16:23 - 2016-02-28 16:23 - 00127488 _____ C:\Users\Meżda\AppData\Roaming\Installer.dat
2016-02-28 16:23 - 2016-02-28 16:23 - 00126464 _____ C:\Users\Meżda\AppData\Roaming\noah.dat
2016-02-28 16:23 - 2016-02-28 16:23 - 00064752 _____ C:\Users\Meżda\AppData\Roaming\Config.xml
2016-02-28 16:23 - 2016-02-28 16:23 - 00018432 _____ C:\Users\Meżda\AppData\Roaming\Main.dat
2016-02-28 16:23 - 2016-02-28 16:23 - 00011424 _____ C:\Users\Meżda\AppData\Roaming\InstallationConfiguration.xml
2016-02-28 16:23 - 2016-02-28 16:23 - 00005568 _____ C:\Users\Meżda\AppData\Roaming\md.xml
EmptyTemp:

W FRST wybierz Napraw.