Opakovaná ztuhnutí během užívání - nucené restarty či vybití

[nereide]

Dobrý den, už jsem tady pěkně dlouho nebyla Ráda bych Vás poprosila o pomoc s problémem a jako vždycky přispěji (hnedka po výplatě 15. ).

Problém:
zničehonic ztuhne PC. Bez jakékoliv reakce na cokoliv. Buď ho musím odpojit z elektriky a počkat, až dojde baterka a nebo někdy mám štěstí a reaguje to na tlačítko vypnout... děje se to tak obvykle 1x za den a vždy při prohlížení internetu. Někdy to fachá bez problémů při 10 spuštěných stránkách s náročným traffic a někdy se to položí jen při jedné. Dříve byl problém např. při spouštění filmů, ale to se "odbouralo" - ale nevím jak

Přikládám log FRST a addition

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14.03.2018
Ran by Petra (administrator) on DARKWELL (02-04-2018 07:52:07)
Running from C:\Users\Petra\Desktop
Loaded Profiles: Petra & UpdatusUser (Available Profiles: Petra & UpdatusUser)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(forum.viry.cz) C:\Users\Petra\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\PING.EXE

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [246120 2018-01-09] (AVAST Software)
HKLM-x32\...\RunOnce: [SBrowserCheck] => C:\ProgramData\Avast Software\Avast\SecureBrowser\avast_browser_setup_checker.exe [2482128 2018-03-23] ()
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-3201448915-3208623186-2291822294-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [17074688 2018-03-28] (Piriform Ltd)
HKU\S-1-5-21-3201448915-3208623186-2291822294-1003\...\Run: [Syncables] => C:\Program Files (x86)\syncables\syncables desktop\Syncables.exe
HKU\S-1-5-21-3201448915-3208623186-2291822294-1003\...\Run: [msnmsgr] => ~"C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background*
HKU\S-1-5-21-3201448915-3208623186-2291822294-1003\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [17074688 2018-03-28] (Piriform Ltd)
HKU\S-1-5-21-3201448915-3208623186-2291822294-1003\...\MountPoints2: {81831cc0-649e-11e2-b483-806e6f6e6963} - F:\INSTALL.EXE
HKU\S-1-5-21-3201448915-3208623186-2291822294-1003\...\MountPoints2: {8e54418a-649f-11e2-b18a-20cf30541808} - F:\INSTALL.EXE

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 213.46.172.36 213.46.172.37
Tcpip\..\Interfaces\{7F329D31-ABB8-4CF8-B7CF-4D85539B5560}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{BCF72ADC-1A50-4434-8CF0-DECE8FB2DF80}: [DhcpNameServer] 213.46.172.36 213.46.172.37

Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3201448915-3208623186-2291822294-1002\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3201448915-3208623186-2291822294-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?trackid=sp-006
HKU\S-1-5-21-3201448915-3208623186-2291822294-1003\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
HKU\S-1-5-21-3201448915-3208623186-2291822294-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?trackid=sp-006
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM-x32 -> DefaultScope value is missing
SearchScopes: HKLM-x32 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={s ... lz=1I7ASUT
SearchScopes: HKU\S-1-5-21-3201448915-3208623186-2291822294-1002 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKU\S-1-5-21-3201448915-3208623186-2291822294-1003 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3201448915-3208623186-2291822294-1003 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2018-01-09] (AVAST Software)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2018-01-09] (AVAST Software)

FireFox:
========
FF DefaultProfile: c72ht6wm.default
FF ProfilePath: C:\Users\Petra\AppData\Roaming\Mozilla\Firefox\Profiles\c72ht6wm.default [2018-04-02]
FF Extension: (Avast Online Security) - C:\Users\Petra\AppData\Roaming\Mozilla\Firefox\Profiles\c72ht6wm.default\Extensions\wrc@avast.com.xpi [2018-01-09]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_25_0_0_171.dll [2017-05-11] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_171.dll [2017-05-11] ()
FF Plugin-x32: @java.com/DTPlugin,version=10.7.2 -> C:\Windows\SysWOW64\npDeployJava1.dll [2012-09-09] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-11-21] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2013-02-09] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2013-02-09] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-15] (Google Inc.)
FF Plugin-x32: @xstandard.com/XStandard -> C:\Program Files (x86)\XStandard\Bin\NPXStandard.dll [2010-11-16] (Belus Technology Inc.)

Chrome:
=======
CHR Profile: C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default [2018-04-02]
CHR Extension: (Prezentace) - C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
CHR Extension: (Dokumenty) - C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Disk Google) - C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-05-14]
CHR Extension: (YouTube) - C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-05-14]
CHR Extension: (Tabulky) - C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
CHR Extension: (Dokumenty Google offline) - C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-07-02]
CHR Extension: (Chrono Download Manager) - C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\mciiogijehkdemklbdcbfkefimifhecn [2018-03-10]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-09-01]
CHR Extension: (Gmail) - C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-05-14]
CHR Extension: (Chrome Media Router) - C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-03-25]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7538536 2018-01-09] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [301168 2018-01-09] (AVAST Software)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 ASUSProcObsrv; C:\eSupport\eDriver\I386\AsPrOb64.sys [11320 2008-01-04] ()
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [185096 2018-01-09] (AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdrivera.sys [321512 2018-01-09] (AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsha.sys [199448 2018-01-09] (AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswbloga.sys [343768 2018-01-09] (AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniva.sys [57696 2018-01-09] (AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [149344 2018-01-09] (AVAST Software)
S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [46976 2018-01-09] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [32088 2017-03-04] (AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [146648 2018-01-10] (AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [110336 2018-01-09] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [84384 2018-01-09] (AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1025176 2018-01-09] (AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [457896 2018-01-10] (AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [204456 2018-01-09] (AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [358672 2018-01-09] (AVAST Software)
S3 ETD; C:\Windows\System32\DRIVERS\ETD.sys [117760 2009-10-15] (ELAN Microelectronic Corp.) [File not signed]
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [564824 2013-01-22] (Duplex Secure Ltd.)
S3 AmUStor; system32\drivers\AmUStor.SYS [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 cpuz133; \??\C:\Users\ADMINI~1\AppData\Local\Temp\cpuz133\cpuz133_x64.sys [X] <==== ATTENTION
S3 IntcAzAudAddService; system32\drivers\RTKVHD64.sys [X]
S3 SPUVCbv; System32\Drivers\SPUVCbv_x64.sys [X]
U2 TMAgent; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-04-02 07:52 - 2018-04-02 07:53 - 000013599 _____ C:\Users\Petra\Desktop\FRST.txt
2018-04-02 07:51 - 2018-04-02 07:52 - 000000000 ____D C:\FRST
2018-04-02 07:51 - 2018-04-02 07:51 - 000029696 _____ C:\Users\Petra\AppData\Local\MSGBOX.EXE
2018-04-02 07:51 - 2018-04-02 07:51 - 000015327 _____ C:\Users\Petra\Desktop\LM.bat
2018-04-02 07:51 - 2018-04-02 07:46 - 000112640 _____ (forum.viry.cz) C:\Users\Petra\Desktop\FRSTLauncher.exe
2018-04-02 07:46 - 2018-04-02 07:46 - 000112640 _____ (forum.viry.cz) C:\Users\Petra\Downloads\FRSTLauncher.exe
2018-04-02 07:36 - 2018-04-02 07:34 - 002403328 _____ (Farbar) C:\Users\Petra\Desktop\FRST64.exe
2018-04-02 07:34 - 2018-04-02 07:34 - 002403328 _____ (Farbar) C:\Users\Petra\Downloads\FRST64.exe
2018-04-01 07:06 - 2018-04-01 07:06 - 000000000 ____D C:\ProgramData\SWCUTemp
2018-03-30 22:48 - 2018-03-30 22:48 - 187789506 _____ C:\Users\Petra\Downloads\Big Bang Theory S11E18 CZ Titulky - TBBT S11E18 CZ titulky.avi
2018-03-29 20:21 - 2018-03-29 20:22 - 364409554 _____ C:\Users\Petra\Downloads\Lucifer S03E19 - 3x19 CZ titulky v obraze.avi
2018-03-29 20:13 - 2018-03-29 20:14 - 287692262 _____ C:\Users\Petra\Downloads\Lucifer S03E19 CZ titulky vložené.mkv
2018-03-28 19:06 - 2018-04-01 07:08 - 000004128 _____ C:\Windows\System32\Tasks\CCleaner Update
2018-03-23 22:54 - 2018-03-23 22:55 - 339632364 _____ C:\Users\Petra\Downloads\Lucifer S03E18 CZtit V OBRAZE..avi
2018-03-23 22:32 - 2018-03-26 20:26 - 000000000 ____D C:\Users\Petra\momentky
2018-03-19 20:12 - 2018-03-19 20:12 - 000267469 _____ C:\Users\Petra\Downloads\330_496_59a5754cd131d_udubu_katalog_bytu_3etapa_9np_909_6.pdf
2018-03-16 22:10 - 2018-03-16 22:11 - 338675460 _____ C:\Users\Petra\Downloads\Lucifer S03E17 CZtit V OBRAZE.avi
2018-03-10 10:28 - 2018-03-10 10:28 - 000313544 _____ (Mozilla) C:\Users\Petra\Downloads\Firefox Installer(1).exe
2018-03-10 10:27 - 2018-03-10 10:27 - 000014157 _____ C:\Users\Petra\Downloads\pdf
2018-03-10 10:27 - 2018-03-10 10:27 - 000014157 _____ C:\Users\Petra\Downloads\_pdf_
2018-03-10 10:25 - 2018-03-10 10:25 - 000313544 _____ (Mozilla) C:\Users\Petra\Downloads\Firefox Installer.exe
2018-03-08 19:27 - 2018-03-08 19:27 - 005061030 _____ C:\Users\Petra\Favorit - 25. 1. 2018.pdf

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-04-02 07:33 - 2017-04-15 22:21 - 001478144 ___SH C:\Users\Petra\Thumbs.db
2018-04-02 07:27 - 2009-07-14 06:45 - 000015904 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-04-02 07:27 - 2009-07-14 06:45 - 000015904 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-04-02 07:25 - 2009-08-03 22:00 - 003086426 _____ C:\Windows\system32\perfh005.dat
2018-04-02 07:25 - 2009-08-03 22:00 - 000975614 _____ C:\Windows\system32\perfc005.dat
2018-04-02 07:25 - 2009-07-14 07:13 - 000005502 _____ C:\Windows\system32\PerfStringBackup.INI
2018-04-02 07:19 - 2013-03-26 20:47 - 000000095 _____ C:\Users\Petra\.accessibility.properties
2018-04-02 07:19 - 2012-09-08 13:40 - 000000000 ____D C:\Users\Petra
2018-04-02 07:19 - 2010-09-17 02:37 - 000000000 ____D C:\ProgramData\NVIDIA
2018-04-02 07:19 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-04-01 16:05 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2018-04-01 07:16 - 2017-03-04 11:02 - 000004172 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2018-03-30 22:23 - 2013-03-23 20:18 - 000000000 ____D C:\Users\UpdatusUser
2018-03-30 10:31 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\system32\NDF
2018-03-29 18:56 - 2015-11-19 19:52 - 000000000 ____D C:\Program Files\CCleaner
2018-03-23 20:28 - 2016-05-14 09:35 - 000002226 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-03-23 20:28 - 2016-05-14 09:35 - 000002185 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-03-22 22:14 - 2017-01-28 12:23 - 000000000 ____D C:\Users\Petra\AppData\LocalLow\Mozilla
2018-03-15 22:17 - 2018-01-21 16:13 - 000095232 _____ C:\Users\Petra\Downloads\Tabulka 2018 syndikat.xls
2018-03-10 19:22 - 2017-05-22 20:33 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2018-03-10 19:22 - 2017-01-28 12:18 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service

==================== Files in the root of some directories =======

2016-07-06 17:08 - 2014-11-07 19:19 - 016946498 _____ () C:\Program Files (x86)\dw-medvik-m21-bmc_v4-3-17b.exe
2018-04-02 07:51 - 2018-04-02 07:51 - 000029696 _____ () C:\Users\Petra\AppData\Local\MSGBOX.EXE
2017-03-16 21:09 - 2017-03-16 21:10 - 000000000 _____ () C:\Users\Petra\AppData\Local\{68297A89-0639-40E6-9F3E-4EBB084B6E1C}
2017-03-06 18:33 - 2017-03-06 18:33 - 000000000 _____ () C:\Users\Petra\AppData\Local\{7E6FA9E8-3D49-4A1D-8FAF-FA15A32A38AD}
2017-03-03 19:15 - 2017-03-03 19:15 - 000000000 _____ () C:\Users\Petra\AppData\Local\{A2300061-BD18-48D5-9023-FFA16CE4665C}

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-03-30 12:31

==================== End of FRST.txt ============================

[Rudy]

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.

[nereide]

Dobré poledne,

# AdwCleaner 7.0.8.0 - Logfile created on Mon Apr 02 10:03:31 2018
# Updated on 2018/08/02 by Malwarebytes
# Running on Windows 7 Home Premium (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services deleted.

***** [ Folders ] *****

No malicious folders deleted.

***** [ Files ] *****

No malicious files deleted.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks deleted.

***** [ Registry ] *****

No malicious registry entries deleted.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries deleted.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries deleted.

*************************

::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0



*************************

C:/AdwCleaner/AdwCleaner[S0].txt - [952 B] - [2018/4/2 10:3:0]


########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########

[Rudy]

Toto je OK. Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-3201448915-3208623186-2291822294-1003\...\MountPoints2: {81831cc0-649e-11e2-b483-806e6f6e6963} - F:\INSTALL.EXE
HKU\S-1-5-21-3201448915-3208623186-2291822294-1003\...\MountPoints2: {8e54418a-649f-11e2-b18a-20cf30541808} - F:\INSTALL.EXE
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM-x32 -> DefaultScope value is missing
SearchScopes: HKU\S-1-5-21-3201448915-3208623186-2291822294-1002 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKU\S-1-5-21-3201448915-3208623186-2291822294-1003 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3201448915-3208623186-2291822294-1003 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
U2 TMAgent; no ImagePath
C:\Users\Petra\AppData\Local\{68297A89-0639-40E6-9F3E-4EBB084B6E1C}
C:\Users\Petra\AppData\Local\{7E6FA9E8-3D49-4A1D-8FAF-FA15A32A38AD}
C:\Users\Petra\AppData\Local\{A2300061-BD18-48D5-9023-FFA16CE4665C}
Task: {2B593458-586A-4FFD-BBC8-600CEC6FED79} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-05-14] (Google Inc.)
Task: {8A84671F-4D21-4768-B57B-FBAD95926F51} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-05-14] (Google Inc.)

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

[nereide]

Teď je fixlog takto:

Fix result of Farbar Recovery Scan Tool (x64) Version: 14.03.2018
Ran by Petra (02-04-2018 13:18:17) Run:1
Running from C:\Users\Petra\Desktop
Loaded Profiles: Petra & UpdatusUser (Available Profiles: Petra & UpdatusUser)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-3201448915-3208623186-2291822294-1003\...\MountPoints2: {81831cc0-649e-11e2-b483-806e6f6e6963} - F:\INSTALL.EXE
HKU\S-1-5-21-3201448915-3208623186-2291822294-1003\...\MountPoints2: {8e54418a-649f-11e2-b18a-20cf30541808} - F:\INSTALL.EXE
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM-x32 -> DefaultScope value is missing
SearchScopes: HKU\S-1-5-21-3201448915-3208623186-2291822294-1002 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKU\S-1-5-21-3201448915-3208623186-2291822294-1003 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3201448915-3208623186-2291822294-1003 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
U2 TMAgent; no ImagePath
C:\Users\Petra\AppData\Local\{68297A89-0639-40E6-9F3E-4EBB084B6E1C}
C:\Users\Petra\AppData\Local\{7E6FA9E8-3D49-4A1D-8FAF-FA15A32A38AD}
C:\Users\Petra\AppData\Local\{A2300061-BD18-48D5-9023-FFA16CE4665C}
Task: {2B593458-586A-4FFD-BBC8-600CEC6FED79} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-05-14] (Google Inc.)
Task: {8A84671F-4D21-4768-B57B-FBAD95926F51} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-05-14] (Google Inc.)

EmptyTemp:
End
*****************

Processes closed successfully.
"HKLM\SOFTWARE\Policies\Microsoft\Windows Defender" => removed successfully
"HKU\S-1-5-21-3201448915-3208623186-2291822294-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{81831cc0-649e-11e2-b483-806e6f6e6963}" => not found
HKLM\Software\Classes\CLSID\{81831cc0-649e-11e2-b483-806e6f6e6963} => not found
"HKU\S-1-5-21-3201448915-3208623186-2291822294-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8e54418a-649f-11e2-b18a-20cf30541808}" => not found
HKLM\Software\Classes\CLSID\{8e54418a-649f-11e2-b18a-20cf30541808} => not found
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Local Page => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => removed successfully
HKLM\Software\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => not found
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
"HKU\S-1-5-21-3201448915-3208623186-2291822294-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" => removed successfully
HKLM\Software\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => not found
"HKU\S-1-5-21-3201448915-3208623186-2291822294-1003\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => not found
HKLM\Software\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => not found
"HKU\S-1-5-21-3201448915-3208623186-2291822294-1003\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" => not found
HKLM\Software\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => not found
"HKLM\System\CurrentControlSet\Services\TMAgent" => removed successfully
TMAgent => service removed successfully
C:\Users\Petra\AppData\Local\{68297A89-0639-40E6-9F3E-4EBB084B6E1C} => moved successfully
C:\Users\Petra\AppData\Local\{7E6FA9E8-3D49-4A1D-8FAF-FA15A32A38AD} => moved successfully
C:\Users\Petra\AppData\Local\{A2300061-BD18-48D5-9023-FFA16CE4665C} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{2B593458-586A-4FFD-BBC8-600CEC6FED79}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2B593458-586A-4FFD-BBC8-600CEC6FED79}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8A84671F-4D21-4768-B57B-FBAD95926F51}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8A84671F-4D21-4768-B57B-FBAD95926F51}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 27859201 B
Java, Flash, Steam htmlcache => 506 B
Windows/system/drivers => 10584 B
Edge => 0 B
Chrome => 470286516 B
Firefox => 266462263 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 128 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 0 B
Petra => 15215534 B
UpdatusUser => 0 B

RecycleBin => 53190 B
EmptyTemp: => 751.8 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 13:18:54 ====

[Rudy]

Smazáno. Nastala nějaká změna?

[nereide]

Je to rozhodně lepší, už to netuhne i během užívání (taková ta neznatelná zatuhnutí, než to vytuhne úplně). Moc děkuji a můžu pro jistotu ještě potvrdit, cca za dva dny užívání, předtím, než se to zamkne?

[Rudy]

Samozřejmě, nechám to tu otevřené. Zatím nemáte zač!

[nereide]

Dobrý večer, tak bohužel... zase to vytuhlo (pc je celkově rychlejší atd), ale... Když řeknu přesný čas, tj. 4.4. 2018 v 20:28, je nějaká utilitka, která zmapuje, co se stalo v daném časovém rozmezí 1 minuty?

[Rudy]

Přímo není. Co jste instalovala těsně před tím, než se problém objevil?

[nereide]

Dobrý den, vůbec nic, bohužel. Tedy jenom programy, které jsme tady využili v průběhu testování

[Rudy]

Vypadá to na nějaký systémový problém. Zkuste Startmenu>přík. řádek (napsat) sfc /scannow>Enter. Proběhne sken a případná oprava systémových souborů. Poté restartujte a sledujte, zda se stav nějak změnil.

[nereide]

Dobrý den, tak spustit to normálně nejde (ačkoliv mám správcovské možnosti) (okénko se otevře na vteřinu a hned zanikne), když jsem si natvrdo vynutila sfc/ scannow skrzw složku system32, tak se mi PC zhroutil (a disk i přehřál) takže tam bude systémový problém zcela určitě, teď je otázkou, jestli mi to reinstalace Windows vyřeší?

[Rudy]

To jistě může a potvrzuje se, že ten problém je opravdu systémový. Zkuste nejprve obnvou systému k datu, kdy korketně fungoval.

[nereide]

Jojo, podniknu to. Moc děkuji za spolupráci a ukázání správného směru

Fórum se může již zamknout! Děkuji a po výplatě zas přispěji.