

Otwórz notatnik systemowy i wklej:

ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} =>  -> Brak pliku
ContextMenuHandlers1: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} =>  -> Brak pliku
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} =>  -> Brak pliku
ContextMenuHandlers4: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} =>  -> Brak pliku
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> Brak pliku
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} =>  -> Brak pliku
ContextMenuHandlers1_S-1-5-21-54286028-2577319502-3764889771-1001: [GGDriveMenu] -> {E68D0A55-3C40-4712-B90D-DCFA93FF2534} =>  -> Brak pliku
ContextMenuHandlers4_S-1-5-21-54286028-2577319502-3764889771-1001: [GGDriveMenu] -> {E68D0A55-3C40-4712-B90D-DCFA93FF2534} =>  -> Brak pliku
ContextMenuHandlers5_S-1-5-21-54286028-2577319502-3764889771-1001: [GGDriveMenu] -> {E68D0A55-3C40-4712-B90D-DCFA93FF2534} =>  -> Brak pliku
Task: {0A8FE14B-37D0-4F16-BFA4-95FD5469005E} - System32\Tasks\gigabitupnewscomrooudone => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" gigabitupnews.com/rooudone <==== UWAGA
Task: {89DC616A-034F-4889-ADF6-F82C32C668DA} - \Microsoft\Windows\UNP\Campaigns\{3D2E6D6C-D655-43CB-B39B-D2B876D9E480}\ExperienceTargeted\Unlock -> Brak pliku <==== UWAGA
Task: {E15D0692-401F-477B-A71E-D377FC1D0682} - \Microsoft\Windows\UNP\RunCampaignManager -> Brak pliku <==== UWAGA
Task: {E8672681-9222-4D54-AE02-8C1B924B3A79} - \Microsoft\Windows\UNP\Campaigns\{3D2E6D6C-D655-43CB-B39B-D2B876D9E480}\ExperienceTargeted\OnIdle -> Brak pliku <==== UWAGA
ShortcutWithArgument: C:\Users\damia\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mail.Ru.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> url,FileProtocolHandler "hxxp://www.mail.ru/cnt/20775012?gp=811144"
HKU\S-1-5-21-54286028-2577319502-3764889771-1001\...\Winlogon: [Shell] C:\Windows\System32\cmd.exe [272896 2017-10-21] (Microsoft Corporation) <==== UWAGA
GroupPolicy: Ograniczenia <==== UWAGA
GroupPolicy\User: Ograniczenia <==== UWAGA
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-54286028-2577319502-3764889771-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://mail.ru/cnt/10445?gp=811141
SearchScopes: HKU\S-1-5-21-54286028-2577319502-3764889771-1001 -> DefaultScope {FFEBBF0A-C22C-4172-89FF-45215A135AC7} URL = hxxp://go.mail.ru/distib/ep/?q={searchTerms}&fr=ntg&product_id=%7B079793E1-A6F5-410D-AACA-378C052F7CFE%7D&gp=811142
SearchScopes: HKU\S-1-5-21-54286028-2577319502-3764889771-1001 -> {36BC4DEB-BA1C-4097-A3E4-24EBA7CA8C05} URL = 
SearchScopes: HKU\S-1-5-21-54286028-2577319502-3764889771-1001 -> {FFEBBF0A-C22C-4172-89FF-45215A135AC7} URL = hxxp://go.mail.ru/distib/ep/?q={searchTerms}&fr=ntg&product_id=%7B079793E1-A6F5-410D-AACA-378C052F7CFE%7D&gp=811142
BHO-x32: Search@Mail.Ru -> {8E8F97CD-60B5-456F-A201-73065652D099} -> C:\Users\damia\AppData\Local\Mail.Ru\Sputnik\ie_addon_dll.dll [2017-10-28] (Mail.Ru)
CHR DefaultSearchURL: Profile 1 -> hxxps://inline.go.mail.ru/search?inline_comp=dse&q={searchTerms}&fr=chxtn12.0.23
CHR DefaultSearchKeyword: Profile 1 -> inline.go.mail.ru
CHR DefaultSuggestURL: Profile 1 -> hxxp://suggests.go.mail.ru/chrome?q={searchTerms}
CHR Extension: (Mail.Ru) - C:\Users\damia\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bhjhnafpiilpffhglajcaepjbnbjemci [2017-10-28]
CHR Extension: (Домашняя страница Mail.Ru) - C:\Users\damia\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hcadgijmedbfgciegjomfpjcdchlhnif [2017-10-28]
CHR Extension: (Визуальные Закладки Mail.Ru) - C:\Users\damia\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lhemechcanjmilllmccjbjldonmnnjjj [2017-10-28]
CHR HKU\S-1-5-21-54286028-2577319502-3764889771-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bhjhnafpiilpffhglajcaepjbnbjemci] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-54286028-2577319502-3764889771-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [hcadgijmedbfgciegjomfpjcdchlhnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-54286028-2577319502-3764889771-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lhemechcanjmilllmccjbjldonmnnjjj] - hxxps://clients2.google.com/service/update2/crx
S2 ibtsiva; %SystemRoot%\system32\ibtsiva [X]
2017-10-28 08:47 - 2017-10-28 13:11 - 000000000 ____D C:\Users\damia\AppData\Local\Mail.Ru
2017-10-28 13:29 - 2017-03-01 01:47 - 000000000 ____D C:\AdwCleaner
EmptyTemp:

Plik zapisz pod nazwą fixlist.txt i umieść obok FRST w tym samym folderze. 
Uruchom jako administrator FRST i kliknij w Fix/Napraw.