
Otwórz notatnik systemowy i wklej:

Task: {1058E69C-2E97-4FF7-8AB3-210B408F7984} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Brak pliku <==== UWAGA
Task: {159B8492-CB34-4088-8278-BB928B700762} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Brak pliku <==== UWAGA
Task: {1B026FBE-31B8-4841-A26C-51FC03593030} - \Microsoft\Windows\UNP\RunCampaignManager -> Brak pliku <==== UWAGA
Task: {B1DDB3A4-A411-4C6D-A955-0EAFE43E510E} - System32\Tasks\GuAOwAI => C:\WINDOWS\SysWOW64\mcOj.bat [2017-09-29] () <==== UWAGA
Task: {BCC4B090-8E97-4FF6-9F49-CC14405247B0} - System32\Tasks\icpEse => C:\Program Files (x86)\fGfzq.bat [2017-09-29] () <==== UWAGA
Task: {C1FAA808-ECD2-4FEE-8A01-9B2A59CB5077} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Brak pliku <==== UWAGA
Task: {CD4E2E9D-ED8E-4FB6-9007-0C6CD11A05E8} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Brak pliku <==== UWAGA
Task: {F902AFF4-5F94-4E2A-BBE1-A8E4E10C39A7} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Brak pliku <==== UWAGA
Hosts:
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== UWAGA
Winlogon\Notify\ScCertProp: wlnotify.dll [X]
HKU\S-1-5-21-2084417965-1771512177-3991989140-1000\...\Run: [Akamai NetSession Interface] => C:\Users\EliteBook\AppData\Local\Akamai\netsession_win.exe [4490200 2017-01-03] (Akamai Technologies, Inc.)
HKU\S-1-5-21-2084417965-1771512177-3991989140-1000\...\Policies\Explorer: [] 
HKU\S-1-5-21-2084417965-1771512177-3991989140-1000\...\MountPoints2: {2e33acea-7f3a-11e6-bdd3-806e6f6e6963} - "D:\LaunchBFII.exe" 
GroupPolicy: Ograniczenia <==== UWAGA
GroupPolicy\User: Ograniczenia <==== UWAGA
HKU\S-1-5-21-2084417965-1771512177-3991989140-1000\Software\Microsoft\Internet Explorer\Main,Start Page = 
SearchScopes: HKU\S-1-5-21-2084417965-1771512177-3991989140-1000 -> DefaultScope {FFEBBF0A-C22C-4172-89FF-45215A135AC7} URL =
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
U3 idsvc; Brak ImagePath
2017-12-30 23:30 - 2017-12-30 23:30 - 000000000 ____D C:\ProgramData\SWCUTemp
2017-12-29 17:42 - 2017-12-31 00:33 - 000000000 ____D C:\AdwCleaner
2017-12-29 16:49 - 2017-12-31 11:45 - 000003556 _____ C:\WINDOWS\System32\Tasks\icpEse
2017-12-29 16:49 - 2017-12-31 00:14 - 000002708 _____ C:\WINDOWS\System32\Tasks\AkUcPmIIaIk
2017-12-29 16:49 - 2017-12-31 00:14 - 000002464 _____ C:\WINDOWS\System32\Tasks\GuAOwAI
2017-12-29 16:49 - 2017-09-29 14:42 - 000174592 _____ (Microsoft Corporation) C:\WINDOWS\nHiOI.exe
2017-12-29 16:49 - 2017-09-29 14:42 - 000059904 _____ (Microsoft Corporation) C:\WINDOWS\GTjVzyOu.exe
2017-12-29 16:49 - 2017-09-29 14:42 - 000001077 _____ C:\Users\EliteBook\Ixua
2017-12-29 16:49 - 2017-09-29 14:42 - 000000077 _____ C:\WINDOWS\SysWOW64\mcOj
2017-12-29 16:49 - 2017-09-29 14:42 - 000000053 _____ C:\Program Files (x86)\fGfzq
2017-12-19 19:40 - 2017-12-31 00:14 - 000002388 _____ C:\WINDOWS\System32\Tasks\{86AF7298-D7D8-4827-A6FC-C355F303840F}
2017-09-29 14:42 - 2017-09-29 14:42 - 000001077 _____ () C:\Users\EliteBook\Ixua.bat
2017-12-29 16:49 - 2017-09-29 14:42 - 000000053 _____ () C:\Program Files (x86)\fGfzq
2017-09-29 14:42 - 2017-09-29 14:42 - 000000053 _____ () C:\Program Files (x86)\fGfzq.bat
2017-12-29 16:49 - 2017-09-29 14:42 - 000001018 _____ () C:\Program Files (x86)\Common Files\QLEOHGvAgBZ
2017-09-29 14:42 - 2017-09-29 14:42 - 000001018 _____ () C:\Program Files (x86)\Common Files\QLEOHGvAgBZ.bat
EmptyTemp:

Plik zapisz pod nazwą fixlist.txt i umieść obok FRST w tym samym folderze. 
Uruchom jako administrator FRST i kliknij w Fix/Napraw.