
Odinstaluj Java 8 Update 25.Otwórz notatnik systemowy i wklej:

Task: {163D6D6D-533D-4F09-B24E-95434F466BBE} - System32\Tasks\{34558E9C-40DB-4F01-B7EE-372871F5F0FE} => pcalua.exe -a "C:\Users\Arek\Desktop\Arek\Counter-Strike 1.6 Portable.exe" -d C:\Users\Arek\Desktop\Arek
Task: {75B9C997-0316-4CDC-8AA0-2BF6E489EA57} - \SW-Booster-S-792098896 -> Brak pliku <==== UWAGA
Task: {779069AC-10F3-4F18-AACE-8BFB2267F932} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1041497562-3885997112-4052375489-1000UA => C:\Users\Arek\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-11-22] (Facebook Inc.)
Task: {E2688651-AFCB-4AC2-BCB9-89633C92179B} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1041497562-3885997112-4052375489-1000Core => C:\Users\Arek\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-11-22] (Facebook Inc.)
Task: {E8496DAD-52B1-46DD-B191-9F5F6CE4F97E} - System32\Tasks\{E749E820-FBC9-4472-A0F3-F48F807505CB} => Chrome.exe hxxps://ui.skype.com/ui/0/7.35.0.103/pl/abandoninstall?page=tsInstall
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1041497562-3885997112-4052375489-1000Core.job => C:\Users\Arek\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1041497562-3885997112-4052375489-1000UA.job => C:\Users\Arek\AppData\Local\Facebook\Update\FacebookUpdate.exe
ShortcutWithArgument: C:\Users\Arek\AppData\Local\Microsoft\Start Menu\Вoйти в Интeрнeт.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> "hxxp://beyneza.ru/?utm_source=startlink03&utm_content=64aadd5ee5367067f14b4ef44e736500&utm_term=57B3C7A41A1BBE5FC626097734FBA925&utm_d=20170617"
ShortcutWithArgument: C:\Users\Arek\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Вoйти в Интeрнeт.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> " <===== Cyrillic
AlternateDataStreams: C:\ProgramData\TEMP:054203E4 [124]
AlternateDataStreams: C:\Users\Arek\Ustawienia lokalne:2As6PicIW3csL4aQmrtw4O [2328]
AlternateDataStreams: C:\Users\Arek\Ustawienia lokalne:UTkMjbKcuGx5JwCWi6f6ytSk [2158]
AlternateDataStreams: C:\Users\Arek\AppData\Local:2As6PicIW3csL4aQmrtw4O [2328]
AlternateDataStreams: C:\Users\Arek\AppData\Local:UTkMjbKcuGx5JwCWi6f6ytSk [2158]
AlternateDataStreams: C:\Users\Arek\AppData\Local\Dane aplikacji:2As6PicIW3csL4aQmrtw4O [2328]
AlternateDataStreams: C:\Users\Arek\AppData\Local\Dane aplikacji:UTkMjbKcuGx5JwCWi6f6ytSk [2158]
AlternateDataStreams: C:\Users\Arek\AppData\Local\Temporary Internet Files:GktivZJ8StwMnVu1ksiIzlOHk [2070]
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [946352 2012-12-18] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-1041497562-3885997112-4052375489-1000\...\Run: [Gaijin.Net Agent] => C:\Users\Arek\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe [2012616 2017-06-18] (Gaijin Entertainment)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Brak pliku
CHR HKLM\SOFTWARE\Policies\Google: Ograniczenia <======= UWAGA
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Ograniczenia <======= UWAGA
HKU\S-1-5-21-1041497562-3885997112-4052375489-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Ograniczenia <======= UWAGA
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\ko9x3hxc.default -> ?????@Mail.Ru
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\ko9x3hxc.default -> ?????@Mail.Ru
CHR HomePage: Default -> inline.go.mail.ru
CHR StartupUrls: Default -> "hxxp://mail.ru/cnt/10445?gp=811009","hxxp://www.google.pl/"
U3 ahbq4mhm; C:\Windows\System32\Drivers\ahbq4mhm.sys [0 ] (Microsoft Corporation) <==== UWAGA (zerobajtowy plik/folder)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
2017-06-18 00:09 - 2017-06-18 20:51 - 00000000 ____D C:\Users\Arek\AppData\Local\svshost
2017-06-18 00:08 - 2017-06-18 00:08 - 00000000 ____D C:\Users\Arek\AppData\Local\Поиcк в Интeрнете
2017-06-18 00:04 - 2017-06-18 00:04 - 00000702 _____ C:\Users\Arek\Downloads\kmspico-10-2-0.torrent
EmptyTemp:

Plik zapisz pod nazwą fixlist.txt i umieść obok FRST w tym samym folderze. 
Uruchom jako administrator FRST i kliknij w Fix/Napraw.