Open an elevated Command prompt as before. Type (with an Enter after the line) :
at
It should say:
I would also uninstall Java 8 Update 91. It is sometimes used by malware and most websites no longer use it. If you find one that does need it you can reinstall it but I'd like to get rid of it as a test.
Search For Event Viewer and hit Enter. It should open Event Viewer. Click on the arrow in front of Event Viewer then on the arrow in front of Applications and Services Logs then on the arrow in front of Microsoft then on the arrow in front of Windows then on the arrow in front of Task Scheduler. Click on Operational. This will be empty. Click on Enable Log on the far right. Now close event viewer and wait until the malware comes back.
If it does come back, go back into Operational and look for tasks that ran during the time window when it came back. These should all be native Windows tasks but I suppose if I were a malware writer I could figure out how to modify one somehow. FRST doesn't look at the Windows tasks so would be a good place to hide.