Rychlé blikání hlavního panelu, Unknown Hard error

[petrsivan]

Dobrý den,
mám tu notebook Acer Aspire, OS Windows 10 x64 (upgrade z Windows 7), kde při přihlášení do uživatelského účtu začne rapidně blikat hlavní panel (ještě předtím, než se načte plocha, asi spouštění explorer.exe). Při dostatku trpělivosti po čase vyběhne chyba "Unknown Hard Error" a v záhlaví okna je napsáno "DDE Server Window: explorer.exe - Upozornění systému". Pokud se okno odklikne, přejde se zpět do blikání a tak pořád dokola. Systém vykazoval i problém nefunkčního Start Menu. Po aktivaci Administrator účtu a po nalogování do něj nejdou tyto symptomy pozorovat. I přesto však systém nejede jak má, je nefunkční síť, zvuk, ale již funguje Start menu. Jakýkoliv log je možný pouze z účtu Administrator, přikládám log z FRST.

Děkuji, s pozdravem
Petr Siváň


Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 13-03-2017
Ran by Administrator (administrator) on ELDA-PC (14-03-2017 18:20:09)
Running from C:\Users\Administrator\Desktop
Loaded Profiles: Eliska & Administrator (Available Profiles: Eliska & Administrator)
Platform: Windows 10 Home Version 1607 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser not detected!)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(forum.viry.cz) C:\Users\Administrator\Desktop\FRSTLauncher.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12459112 2012-03-15] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1158248 2012-03-09] (Realtek Semiconductor)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-07-26] (Apple Inc.)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2016-09-07] (Microsoft Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6108752 2015-11-13] (AVAST Software)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-07-22] (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 213.46.172.37 213.46.172.36
Tcpip\..\Interfaces\{c48f000d-014e-4c45-826d-24cf4d7c7ba3}: [DhcpNameServer] 213.46.172.37 213.46.172.36

Internet Explorer:
==================
URLSearchHook: [S-1-5-21-546783952-1306337439-3826605599-1000] ATTENTION => Default URLSearchHook is missing
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-07-22] (AVAST Software)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-07-22] (AVAST Software)

FireFox:
========
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-12-11]
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [No File]
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-12-18] ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-21] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-21] (Google Inc.)

Chrome:
=======
CHR Profile: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default [2017-03-14]
CHR Extension: (Docs) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-03-14]
CHR Extension: (Disk Google) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-03-14]
CHR Extension: (YouTube) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-03-14]
CHR Extension: (Gmail) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-03-14]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-07-22]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-07-22]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2227312 2017-01-19] (Adobe Systems, Incorporated)
S4 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-07-22] (AVAST Software)
S4 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4047768 2015-07-22] (Avast Software)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [31776 2016-12-07] (HP Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [28656 2015-07-22] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [90968 2015-07-22] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [93528 2015-07-22] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-07-22] (AVAST Software)
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [1059656 2015-11-13] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [449992 2015-11-13] (AVAST Software)
R2 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [150160 2015-07-22] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-07-22] (AVAST Software)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R0 ngvss; C:\Windows\System32\Drivers\ngvss.sys [115152 2015-07-22] (AVAST Software)
R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [402960 2015-12-23] (Realsil Semiconductor Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [273824 2015-07-22] (Avast Software)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
U3 idsvc; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-03-14 18:20 - 2017-03-14 18:20 - 00009243 _____ C:\Users\Administrator\Desktop\FRST.txt
2017-03-14 17:53 - 2017-03-14 17:54 - 00000000 ____D C:\rsit
2017-03-14 17:53 - 2017-03-14 17:53 - 00000000 ____D C:\Program Files\trend micro
2017-03-14 17:48 - 2017-03-14 18:20 - 00000000 ____D C:\FRST
2017-03-14 17:12 - 2017-03-14 17:12 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Hewlett-Packard
2017-03-14 17:11 - 2017-03-14 17:11 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\DVDVideoSoft
2017-03-14 17:09 - 2017-03-14 17:40 - 01222144 _____ C:\Users\Administrator\Desktop\RSITx64.exe
2017-03-14 16:54 - 2017-03-14 16:54 - 00000986 _____ C:\Users\Administrator\Desktop\TOTALCMD.lnk
2017-03-14 16:54 - 2017-03-14 16:54 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\GHISLER
2017-03-14 16:47 - 2017-03-14 16:47 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\AVAST Software
2017-03-14 16:46 - 2017-03-14 16:46 - 00002411 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-03-14 16:46 - 2017-03-14 16:46 - 00000000 ___RD C:\Users\Administrator\OneDrive
2017-03-14 16:45 - 2017-03-14 17:08 - 00002332 _____ C:\Users\Administrator\Desktop\Google Chrome.lnk
2017-03-14 16:45 - 2017-03-14 16:45 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Adobe
2017-03-14 16:41 - 2017-03-14 16:41 - 00000129 _____ C:\Users\Administrator\Desktop\aaa.txt
2017-03-14 16:35 - 2017-03-14 17:41 - 04031440 _____ C:\Users\Administrator\Desktop\adwcleaner_6.044.exe
2017-03-14 16:34 - 2017-03-14 17:40 - 02424832 _____ (Farbar) C:\Users\Administrator\Desktop\FRST64.exe
2017-03-14 16:34 - 2017-03-14 17:40 - 00112640 _____ (forum.viry.cz) C:\Users\Administrator\Desktop\FRSTLauncher.exe
2017-03-14 16:30 - 2017-03-14 18:06 - 00000000 ____D C:\Users\Administrator\AppData\Local\Packages
2017-03-14 16:30 - 2017-03-14 16:30 - 00000000 ____D C:\Users\Administrator\AppData\Local\ElevatedDiagnostics
2017-03-14 16:29 - 2017-03-14 17:22 - 00000000 ____D C:\Users\Administrator
2017-03-14 16:29 - 2017-03-14 16:47 - 00000000 ____D C:\Users\Administrator\AppData\Local\ConnectedDevicesPlatform
2017-03-14 16:29 - 2017-03-14 16:29 - 00000020 ___SH C:\Users\Administrator\ntuser.ini
2017-03-14 16:29 - 2017-03-14 16:29 - 00000000 _SHDL C:\Users\Administrator\Šablony
2017-03-14 16:29 - 2017-03-14 16:29 - 00000000 _SHDL C:\Users\Administrator\Soubory cookie
2017-03-14 16:29 - 2017-03-14 16:29 - 00000000 _SHDL C:\Users\Administrator\Poslední
2017-03-14 16:29 - 2017-03-14 16:29 - 00000000 _SHDL C:\Users\Administrator\Okolní tiskárny
2017-03-14 16:29 - 2017-03-14 16:29 - 00000000 _SHDL C:\Users\Administrator\Okolní síť
2017-03-14 16:29 - 2017-03-14 16:29 - 00000000 _SHDL C:\Users\Administrator\Nabídka Start
2017-03-14 16:29 - 2017-03-14 16:29 - 00000000 _SHDL C:\Users\Administrator\Dokumenty
2017-03-14 16:29 - 2017-03-14 16:29 - 00000000 _SHDL C:\Users\Administrator\Documents\Obrázky
2017-03-14 16:29 - 2017-03-14 16:29 - 00000000 _SHDL C:\Users\Administrator\Documents\Hudba
2017-03-14 16:29 - 2017-03-14 16:29 - 00000000 _SHDL C:\Users\Administrator\Documents\Filmy
2017-03-14 16:29 - 2017-03-14 16:29 - 00000000 _SHDL C:\Users\Administrator\Data aplikací
2017-03-14 16:29 - 2017-03-14 16:29 - 00000000 _SHDL C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2017-03-14 16:29 - 2017-03-14 16:29 - 00000000 _SHDL C:\Users\Administrator\AppData\Local\Data aplikací
2017-03-14 16:29 - 2017-03-14 16:29 - 00000000 ____D C:\Users\Administrator\AppData\Local\TileDataLayer
2017-03-14 16:29 - 2016-11-30 21:48 - 00000000 ____D C:\Users\Administrator\AppData\Local\Google
2017-03-14 16:29 - 2016-10-16 04:25 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Media Center Programs
2017-03-14 16:29 - 2016-10-16 04:25 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\AVG
2017-03-14 16:29 - 2016-10-16 04:25 - 00000000 ____D C:\Users\Administrator\AppData\Local\AVG
2017-03-14 15:55 - 2017-03-14 15:55 - 00000000 ____D C:\Users\Eliska\Desktop\Total Commander 64 8.01
2017-03-14 15:49 - 2017-03-14 15:45 - 00112640 _____ (forum.viry.cz) C:\Users\Eliska\Desktop\FRSTLauncher.exe
2017-03-14 15:49 - 2017-03-14 15:39 - 02424832 _____ (Farbar) C:\Users\Eliska\Desktop\FRST64.exe
2017-03-14 15:49 - 2017-03-14 15:35 - 04987672 _____ (Ghisler Software GmbH) C:\Users\Eliska\Desktop\tcmd900ax64.exe
2017-03-14 15:12 - 2017-03-14 15:12 - 00000000 _____ C:\Users\Eliska\Desktop\aaa.txt
2017-03-14 14:48 - 2017-03-14 14:44 - 04031440 _____ C:\Users\Eliska\Desktop\adwcleaner_6.044.exe
2017-03-14 13:58 - 2017-03-14 15:24 - 00000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2017-03-14 13:54 - 2017-03-14 16:42 - 00000000 ____D C:\WINDOWS\pss
2017-03-14 10:52 - 2015-10-17 12:07 - 02238152 _____ (ELAN Microelectronics Corp.) C:\WINDOWS\ETDUninst.dll
2017-03-14 10:27 - 2017-03-14 10:28 - 00008292 _____ C:\Users\Eliska\Documents\cc_20170314_102748.reg
2017-03-08 19:37 - 2017-03-08 19:37 - 00000000 ____D C:\WINDOWS\Panther
2017-03-08 18:34 - 2017-03-14 16:29 - 00786432 _____ C:\Users\Eliska\ntuser.man
2017-03-04 16:58 - 2017-03-04 16:59 - 00000000 ____D C:\Users\Eliska\Documents\Staré
2017-03-04 12:11 - 2017-03-04 12:11 - 00000000 ____D C:\Users\Eliska\Documents\Farmakologie
2017-03-02 18:12 - 2017-03-02 18:12 - 01129376 _____ (Google Inc.) C:\Users\Eliska\Downloads\googledrivesync.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-03-14 18:16 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-03-14 17:46 - 2016-10-16 04:51 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-03-14 17:44 - 2015-12-25 19:21 - 00000000 ____D C:\AdwCleaner
2017-03-14 17:28 - 2016-10-16 04:51 - 00004280 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2017-03-14 17:12 - 2016-07-16 07:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2017-03-14 17:11 - 2015-12-24 10:09 - 00000000 ____D C:\Users\Eliska\AppData\Roaming\DVDVideoSoft
2017-03-14 16:45 - 2015-09-14 11:14 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-03-14 14:47 - 2016-10-16 04:03 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-03-14 13:08 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-03-14 12:34 - 2015-01-17 19:00 - 00000000 ____D C:\Users\Eliska\Documents\Others
2017-03-14 11:46 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\registration
2017-03-14 10:52 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF
2017-03-14 10:51 - 2015-01-19 15:36 - 00000000 ____D C:\ProgramData\Skype
2017-03-14 10:41 - 2016-10-16 04:14 - 02315424 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-03-14 10:41 - 2016-07-16 23:25 - 00851746 _____ C:\WINDOWS\system32\perfh005.dat
2017-03-14 10:41 - 2016-07-16 23:25 - 00218096 _____ C:\WINDOWS\system32\perfc005.dat
2017-03-14 10:34 - 2016-10-16 04:03 - 00369160 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-03-14 10:30 - 2015-12-24 10:09 - 00000000 ____D C:\Users\Eliska\AppData\Local\AvgSetupLog
2017-03-14 10:30 - 2015-01-23 14:31 - 00000000 ____D C:\Program Files (x86)\AVG
2017-03-14 10:30 - 2015-01-23 14:29 - 00000000 ____D C:\ProgramData\AVG
2017-03-14 10:28 - 2015-01-17 19:40 - 00000000 ____D C:\Program Files\Common Files\Apple
2017-03-14 10:21 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-03-14 10:21 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-03-14 10:19 - 2015-01-16 15:55 - 00000000 ____D C:\Program Files (x86)\Adobe
2017-03-14 10:17 - 2015-01-16 15:46 - 00000000 ____D C:\ProgramData\Adobe
2017-03-14 08:58 - 2016-10-16 04:15 - 00000000 ____D C:\Users\Eliska
2017-03-08 19:37 - 2016-10-23 20:02 - 00000352 _____ C:\WINDOWS\Tasks\HPCeeScheduleForEliska.job
2017-03-07 21:43 - 2016-10-23 20:02 - 00003248 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForEliska
2017-03-07 20:26 - 2015-11-17 14:06 - 00001021 _____ C:\Users\Eliska\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Základy lékařské terminologie.lnk
2017-03-07 20:26 - 2015-11-17 14:06 - 00000979 _____ C:\Users\Eliska\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Histologie, embryologie.lnk
2017-03-07 20:26 - 2015-11-17 14:06 - 00000872 _____ C:\Users\Eliska\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Anatomie.lnk
2017-03-07 20:10 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-03-07 19:57 - 2016-10-23 08:48 - 00000000 ___RD C:\Users\Eliska\Disk Google
2017-03-04 22:22 - 2015-01-17 19:23 - 00000000 ____D C:\Users\Eliska\AppData\Roaming\uTorrent
2017-03-04 17:58 - 2016-10-11 12:23 - 00000000 ____D C:\Users\Eliska\Documents\Patologie
2017-03-04 17:03 - 2017-01-27 12:37 - 00003276 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2017-03-04 17:03 - 2015-09-14 11:23 - 00002427 _____ C:\Users\Eliska\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-03-04 17:03 - 2015-09-14 11:23 - 00000000 ___RD C:\Users\Eliska\OneDrive
2017-03-04 16:58 - 2016-10-11 12:24 - 00000000 ____D C:\Users\Eliska\Documents\Interní propedeutika
2017-02-28 18:31 - 2015-01-15 19:04 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-02-28 18:29 - 2015-01-15 19:04 - 138020592 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-02-19 14:23 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\NDF

==================== Files in the root of some directories =======


==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================


==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================




===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Administrator\Desktop" je 7 MB.


***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0
"C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe" [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Acrobat Synchronizer
"C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe" [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0
"C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Dolby Home Theater v4
"C:\Dolby PCEE4\pcee4.exe" -autostart [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor
"C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds
"C:\Windows\system32\hkcmd.exe" [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray
"C:\Windows\system32\igfxtray.exe" [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper
"C:\Program Files\iTunes\iTunesHelper.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence
"C:\Windows\system32\igfxpers.exe" [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVBg_Dolby
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE4 [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify
"C:\Users\Eliska\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify Web Helper
"C:\Users\Eliska\AppData\Roaming\Spotify\SpotifyWebHelper.exe"


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]


==================== End Of Log ==============================

[Rudy]

Zdravím!
Spíše to vypadá na systémovou chybu, nicméně zkusíme PC vyčistit. Spusťte tuto utilitu:

Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.

[petrsivan]

Nalezeno 0 hrozeb, posílám log po Vyčištění:


# AdwCleaner v6.044 - Log vytvořen 14/03/2017 v 18:37:18
# Aktualizováno dne 28/02/2017 z Malwarebytes
# Databáze : 2017-02-28.2 [Místní]
# Operační systém : Windows 10 Home (X64)
# Uživatelské jméno : Administrator - ELDA-PC
# Spuštěno z : C:\Users\Administrator\Desktop\adwcleaner_6.044.exe
# Mod: Čištění
# Podpora : https://www.malwarebytes.com/support



***** [ Služby ] *****



***** [ Složky ] *****



***** [ Soubory ] *****



***** [ DLL ] *****



***** [ WMI ] *****



***** [ Zástupci ] *****



***** [ Naplánované úlohy ] *****



***** [ Registry ] *****



***** [ Prohlížeče ] *****



*************************

:: "Tracing" klíče smazány
:: Winsock nastavení vyčištěno

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [6387 Bajty] - [25/12/2015 21:06:32]
C:\AdwCleaner\AdwCleaner[C2].txt - [1930 Bajty] - [14/03/2017 17:44:12]
C:\AdwCleaner\AdwCleaner[C3].txt - [955 Bajty] - [14/03/2017 18:37:18]
C:\AdwCleaner\AdwCleaner[S1].txt - [6013 Bajty] - [25/12/2015 19:21:12]
C:\AdwCleaner\AdwCleaner[S2].txt - [2160 Bajty] - [14/03/2017 17:43:26]
C:\AdwCleaner\AdwCleaner[S3].txt - [1672 Bajty] - [14/03/2017 18:37:10]

########## EOF - C:\AdwCleaner\AdwCleaner[C3].txt - [1246 Bajty] ##########

[Rudy]

Toto je OK. Otevřte poznámkový blok a zkopírujte do něj:

Start
U3 idsvc; no ImagePath

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

[petrsivan]

Fix result of Farbar Recovery Scan Tool (x64) Version: 13-03-2017
Ran by Administrator (14-03-2017 18:51:51) Run:1
Running from C:\Users\Administrator\Desktop
Loaded Profiles: Administrator (Available Profiles: Eliska & Administrator)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
U3 idsvc; no ImagePath

EmptyTemp:
End
*****************

HKLM\System\CurrentControlSet\Services\idsvc => key removed successfully
idsvc => service removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 5437104 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 3565505 B
Edge => 0 B
Chrome => 5881143 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 15905 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 128 B
LocalService => 0 B
NetworkService => 460434 B
Eliska => 5371161 B
Administrator => 72573 B

RecycleBin => 0 B
EmptyTemp: => 19.8 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 18:51:58 ====

[petrsivan]

Ještě doplním - jak nejde zvuk - v jednom z nastavení jsem si všiml, že systém upozorňuje, že služba zvuku není spuštěna - podíval jsem se do seznamu služeb, kde je drtivá většina služeb zakázána, mezi nimi i "Zvuk systému Windows" + jeho návaznosti. Je možné se na toto nějak podívat?

[Rudy]

Buď můžete služby povolit, nebo provést obnovu systému k datu, kdy korketně fungoval.