Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o preventivní kontrolu logu kvůli blokaci defenderu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Prosím o preventivní kontrolu logu kvůli blokaci defende
Vyzkouším to a uvidím. Moc díky za pomoc a přeji pěkné svátky
Re: Prosím o preventivní kontrolu logu kvůli blokaci defende
Tak este upraceme po pouzitych nastrojoch:
- Stiahni DelFix: https://toolslib.net/downloads/finish/2-delfix/
- Uloz na plochu a spusti
- Nechaj oznacenu moznost "Remove disinfection tools"
- Klikni na "Run"
Absolvent skoly pre novacikov
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
Re: Prosím o preventivní kontrolu logu kvůli blokaci defende
Tak jsem ten účet zkusil odebrat, restartovat PC, ale výsledek je nic moc. Tedy kliknutí pravým na soubor a pokus o kontrolu skončí stejně jako předtím, hláškou o omezení. Jediný rozdíl je, že se přes nabídku Start dá vyhledat "Ochrana před viry a hrozbami", ale v ní nejde spustit kontrola, neproběhne žádná rekace po stisku tlačítka, a ani nede zapnout "ochrana v reálném čase" v nastavení.
Re: Prosím o preventivní kontrolu logu kvůli blokaci defende
Hm, posli nove logy z FRST.
Absolvent skoly pre novacikov
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
Re: Prosím o preventivní kontrolu logu kvůli blokaci defende
Zasílám oba logy v příloze.
- Přílohy
-
- FRST_logy.rar
- (24.01 KiB) Staženo 66 x
Re: Prosím o preventivní kontrolu logu kvůli blokaci defende
Pardon za zdrzanie.
Ak problem pretrvava a ten univerzitny ucet si este nepridal naspat, tak poprosim spustit tento fixlist:
Otvor poznamkovy blok (Win+R -> notepad -> enter)
Ak problem pretrvava a ten univerzitny ucet si este nepridal naspat, tak poprosim spustit tento fixlist:
Otvor poznamkovy blok (Win+R -> notepad -> enter)
- Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:
Kód: Vybrat vše
Start CMD: dsregcmd /status ExportKey: HKEY_LOCAL_MACHINE\SOFTWARE\Policies ExportKey: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinDefend ExportKey: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SecurityHealthService ExportKey: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wscsvc Folder: C:\WINDOWS\system32\GroupPolicy Folder: C:\WINDOWS\SysWOW64\GroupPolicy Folder: C:\WINDOWS\system32\GroupPolicyUsers Folder: C:\WINDOWS\SysWOW64\GroupPolicyUsers End
- Uloz na plochu s nazvom fixlist.txt
- Spusti znovu FRST a klikni na Fix
- Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
- Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj
Absolvent skoly pre novacikov
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
Re: Prosím o preventivní kontrolu logu kvůli blokaci defende
Netřeba se jakkoliv omlouvat, však byly svátky
Stav zůstává stále stejný, účet jsem nepřidával.
Fixlist proveden, reset nebyl vyžadován, níže zasílám log:
Fix result of Farbar Recovery Scan Tool (x64) Version: 26-12-2019
Ran by Bodie (27-12-2019 20:46:17) Run:1
Running from C:\Users\Bodie\Desktop
Loaded Profiles: Bodie (Available Profiles: Bodie)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CMD: dsregcmd /status
ExportKey: HKEY_LOCAL_MACHINE\SOFTWARE\Policies
ExportKey: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinDefend
ExportKey: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SecurityHealthService
ExportKey: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wscsvc
Folder: C:\WINDOWS\system32\GroupPolicy
Folder: C:\WINDOWS\SysWOW64\GroupPolicy
Folder: C:\WINDOWS\system32\GroupPolicyUsers
Folder: C:\WINDOWS\SysWOW64\GroupPolicyUsers
End
*****************
========= dsregcmd /status =========
+----------------------------------------------------------------------+
| Device State |
+----------------------------------------------------------------------+
AzureAdJoined : NO
EnterpriseJoined : NO
DomainJoined : NO
+----------------------------------------------------------------------+
| User State |
+----------------------------------------------------------------------+
NgcSet : NO
WorkplaceJoined : NO
WamDefaultSet : NO
+----------------------------------------------------------------------+
| SSO State |
+----------------------------------------------------------------------+
AzureAdPrt : NO
AzureAdPrtAuthority : NO
EnterprisePrt : NO
EnterprisePrtAuthority : NO
+----------------------------------------------------------------------+
| Ngc Prerequisite Check |
+----------------------------------------------------------------------+
IsDeviceJoined : NO
IsUserAzureAD : NO
PolicyEnabled : NO
PostLogonEnabled : YES
DeviceEligible : YES
SessionIsNotRemote : YES
CertEnrollment : none
PreReqResult : WillNotProvision
========= End of CMD: =========
================== ExportKey: ===================
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies]
[HKLM\SOFTWARE\Policies\Microsoft]
[HKLM\SOFTWARE\Policies\Microsoft\Cryptography]
[HKLM\SOFTWARE\Policies\Microsoft\Cryptography\Configuration]
[HKLM\SOFTWARE\Policies\Microsoft\Cryptography\Configuration\SSL]
[HKLM\SOFTWARE\Policies\Microsoft\Cryptography\Configuration\SSL\00010002]
[HKLM\SOFTWARE\Policies\Microsoft\Peernet]
"Disabled"="0"
[HKLM\SOFTWARE\Policies\Microsoft\SystemCertificates]
[HKLM\SOFTWARE\Policies\Microsoft\SystemCertificates\CA]
[HKLM\SOFTWARE\Policies\Microsoft\SystemCertificates\CA\Certificates]
[HKLM\SOFTWARE\Policies\Microsoft\SystemCertificates\CA\CRLs]
[HKLM\SOFTWARE\Policies\Microsoft\SystemCertificates\CA\CTLs]
[HKLM\SOFTWARE\Policies\Microsoft\SystemCertificates\Disallowed]
[HKLM\SOFTWARE\Policies\Microsoft\SystemCertificates\Disallowed\Certificates]
[HKLM\SOFTWARE\Policies\Microsoft\SystemCertificates\Disallowed\CRLs]
[HKLM\SOFTWARE\Policies\Microsoft\SystemCertificates\Disallowed\CTLs]
[HKLM\SOFTWARE\Policies\Microsoft\SystemCertificates\Root]
[HKLM\SOFTWARE\Policies\Microsoft\SystemCertificates\Root\Certificates]
[HKLM\SOFTWARE\Policies\Microsoft\SystemCertificates\Root\CRLs]
[HKLM\SOFTWARE\Policies\Microsoft\SystemCertificates\Root\CTLs]
[HKLM\SOFTWARE\Policies\Microsoft\SystemCertificates\trust]
[HKLM\SOFTWARE\Policies\Microsoft\SystemCertificates\trust\Certificates]
[HKLM\SOFTWARE\Policies\Microsoft\SystemCertificates\trust\CRLs]
[HKLM\SOFTWARE\Policies\Microsoft\SystemCertificates\trust\CTLs]
[HKLM\SOFTWARE\Policies\Microsoft\SystemCertificates\TrustedPeople]
[HKLM\SOFTWARE\Policies\Microsoft\SystemCertificates\TrustedPeople\Certificates]
[HKLM\SOFTWARE\Policies\Microsoft\SystemCertificates\TrustedPeople\CRLs]
[HKLM\SOFTWARE\Policies\Microsoft\SystemCertificates\TrustedPeople\CTLs]
[HKLM\SOFTWARE\Policies\Microsoft\SystemCertificates\TrustedPublisher]
[HKLM\SOFTWARE\Policies\Microsoft\SystemCertificates\TrustedPublisher\Certificates]
[HKLM\SOFTWARE\Policies\Microsoft\SystemCertificates\TrustedPublisher\CRLs]
[HKLM\SOFTWARE\Policies\Microsoft\SystemCertificates\TrustedPublisher\CTLs]
[HKLM\SOFTWARE\Policies\Microsoft\TPM]
"OSManagedAuthLevel"="5"
[HKLM\SOFTWARE\Policies\Microsoft\Windows]
[HKLM\SOFTWARE\Policies\Microsoft\Windows\Appx]
"AllowAllTrustedApps"="65535"
[HKLM\SOFTWARE\Policies\Microsoft\Windows\BITS]
[HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion]
[HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings]
"CallLegacyWCMPolicies"="0"
[HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Cache]
[HKLM\SOFTWARE\Policies\Microsoft\Windows\DataCollection]
[HKLM\SOFTWARE\Policies\Microsoft\Windows\DriverSearching]
"DriverUpdateWizardWuSearchEnabled"="1"
[HKLM\SOFTWARE\Policies\Microsoft\Windows\EnhancedStorageDevices]
"TCGSecurityActivationDisabled"="0"
[HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec]
[HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy]
[HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local]
[HKLM\SOFTWARE\Policies\Microsoft\Windows\Network Connections]
"NC_PersonalFirewallConfig"="0"
[HKLM\SOFTWARE\Policies\Microsoft\Windows\NetworkConnectivityStatusIndicator]
""=""
[HKLM\SOFTWARE\Policies\Microsoft\Windows\NetworkProvider]
[HKLM\SOFTWARE\Policies\Microsoft\Windows\NetworkProvider\HardenedPaths]
[HKLM\SOFTWARE\Policies\Microsoft\Windows\safer]
[HKLM\SOFTWARE\Policies\Microsoft\Windows\safer\codeidentifiers]
"authenticodeenabled"="0"
[HKLM\SOFTWARE\Policies\Microsoft\Windows\SettingSync]
"EnableBackupForWin8Apps"="1"
[HKLM\SOFTWARE\Policies\Microsoft\Windows\System]
[HKLM\SOFTWARE\Policies\Microsoft\Windows\WcmSvc]
[HKLM\SOFTWARE\Policies\Microsoft\Windows\WcmSvc\GroupPolicy]
[HKLM\SOFTWARE\Policies\Microsoft\Windows\WcmSvc\Local]
"WCMPresent"="1"
[HKLM\SOFTWARE\Policies\Microsoft\Windows\WorkplaceJoin]
""=""
[HKLM\SOFTWARE\Policies\Microsoft\Windows\WSDAPI]
[HKLM\SOFTWARE\Policies\Microsoft\Windows\WSDAPI\Discovery Proxies]
[HKLM\SOFTWARE\Policies\Microsoft\Windows Defender]
[HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Policy Manager]
[HKLM\SOFTWARE\Policies\Microsoft\Windows NT]
[HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services]
[HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services\Client]
"fEnableUsbBlockDeviceBySetupClass"="1"
"fEnableUsbNoAckIsochWriteToDevice"="80"
"fEnableUsbSelectDeviceByInterface"="1"
[HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services\Client\UsbBlockDeviceBySetupClasses]
"1000"="{3376f4ce-ff8d-40a2-a80f-bb4359d1415c}"
[HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services\Client\UsbSelectDeviceByInterfaces]
"1000"="{6bdd1fc6-810f-11d0-bec7-08002be2092f}"
[HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Windows File Protection]
"KnownDllList"="nlhtml.dll"
=== End of ExportKey ===
================== ExportKey: ===================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinDefend]
"DependOnService"="RpcSs"
"Description"="@%ProgramFiles%\Windows Defender\MpAsDesc.dll,-240"
"DisplayName"="@%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310"
"ErrorControl"="1"
"FailureActions"="8051010000000000010000000300000014000000030000006400000000000000640000000000000064000000"
"ImagePath"=""C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MsMpEng.exe""
"LaunchProtected"="3"
"ObjectName"="LocalSystem"
"RequiredPrivileges"="SeImpersonatePrivilege*SeBackupPrivilege*SeRestorePrivilege*SeDebugPrivilege*SeChangeNotifyPrivilege*SeLoadDriverPrivilege*SeSecurityPrivilege*SeShutdownPrivilege*SeIncreaseQuotaPrivilege*SeAssignPrim (the data entry has 118 more characters)."
"ServiceSidType"="1"
"Start"="2"
"Type"="16"
"FailureCommand"="C:\WINDOWS\system32\mrt.exe /EHB /ServiceFailure "CAMP=4.18.1911.3;approximate-> Engine=1.1.16600.7;AVSIG=1.307.1134.0;ASSIG=1.307.1134.0" /StartService /Defender /q"
[HKLM\SYSTEM\CurrentControlSet\Services\WinDefend\Security]
"Security"="01001480f400000000010000140000003000000002001c000100000002801400ff010f000101000000000001000000000200c40007000000000018009d01020001020000000000052000000021020000000014009d010200010100000000000512000000 (the data entry has 336 more characters)."
=== End of ExportKey ===
================== ExportKey: ===================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SecurityHealthService]
"DependOnService"="RpcSs"
"Description"="@%systemroot%\system32\SecurityHealthAgent.dll,-1001"
"DisplayName"="@%systemroot%\system32\SecurityHealthAgent.dll,-1002"
"ErrorControl"="1"
"FailureActions"="80510100000000000000000003000000140000000100000060ea00000100000060ea00000000000000000000"
"ImagePath"="%SystemRoot%\system32\SecurityHealthService.exe"
"LaunchProtected"="2"
"ObjectName"="LocalSystem"
"RequiredPrivileges"="SeImpersonatePrivilege*SeBackupPrivilege*SeRestorePrivilege*SeDebugPrivilege*SeChangeNotifyPrivilege*SeSecurityPrivilege*SeAssignPrimaryTokenPrivilege*SeTcbPrivilege*SeSystemEnvironmentPrivilege*SeShu (the data entry has 14 more characters)."
"ServiceSidType"="1"
"Type"="16"
[HKLM\SYSTEM\CurrentControlSet\Services\SecurityHealthService\Security]
"Security"="010014801c01000028010000140000003000000002001c000100000002801400ff010f000101000000000001000000000200ec0008000000000018009d00020001020000000000052000000021020000000014009d010200010100000000000512000000 (the data entry has 416 more characters)."
=== End of ExportKey ===
================== ExportKey: ===================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wscsvc]
"DelayedAutoStart"="1"
"DependOnService"="RpcSs"
"Description"="@%SystemRoot%\System32\wscsvc.dll,-201"
"DisplayName"="@%SystemRoot%\System32\wscsvc.dll,-200"
"ErrorControl"="1"
"FailureActions"="805101000000000000000000030000001400000001000000c0d4010001000000e09304000000000000000000"
"ImagePath"="%SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted -p"
"LaunchProtected"="2"
"ObjectName"="NT AUTHORITY\LocalService"
"RequiredPrivileges"="SeChangeNotifyPrivilege*SeImpersonatePrivilege"
"ServiceSidType"="1"
"Start"="2"
"Type"="32"
[HKLM\SYSTEM\CurrentControlSet\Services\wscsvc\Parameters]
"ServiceDll"="%SystemRoot%\System32\wscsvc.dll"
"ServiceDllUnloadOnStop"="1"
[HKLM\SYSTEM\CurrentControlSet\Services\wscsvc\Security]
"Security"="010014801c01000028010000140000003000000002001c000100000002801400ff010f000101000000000001000000000200ec0008000000000018009d00020001020000000000052000000021020000000014009d010200010100000000000512000000 (the data entry has 416 more characters)."
=== End of ExportKey ===
========================= Folder: C:\WINDOWS\system32\GroupPolicy ========================
not found.
====== End of Folder: ======
========================= Folder: C:\WINDOWS\SysWOW64\GroupPolicy ========================
not found.
====== End of Folder: ======
========================= Folder: C:\WINDOWS\system32\GroupPolicyUsers ========================
not found.
====== End of Folder: ======
========================= Folder: C:\WINDOWS\SysWOW64\GroupPolicyUsers ========================
not found.
====== End of Folder: ======
==== End of Fixlog 20:46:18 ====
Stav zůstává stále stejný, účet jsem nepřidával.
Fixlist proveden, reset nebyl vyžadován, níže zasílám log:
Fix result of Farbar Recovery Scan Tool (x64) Version: 26-12-2019
Ran by Bodie (27-12-2019 20:46:17) Run:1
Running from C:\Users\Bodie\Desktop
Loaded Profiles: Bodie (Available Profiles: Bodie)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CMD: dsregcmd /status
ExportKey: HKEY_LOCAL_MACHINE\SOFTWARE\Policies
ExportKey: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinDefend
ExportKey: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SecurityHealthService
ExportKey: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wscsvc
Folder: C:\WINDOWS\system32\GroupPolicy
Folder: C:\WINDOWS\SysWOW64\GroupPolicy
Folder: C:\WINDOWS\system32\GroupPolicyUsers
Folder: C:\WINDOWS\SysWOW64\GroupPolicyUsers
End
*****************
========= dsregcmd /status =========
+----------------------------------------------------------------------+
| Device State |
+----------------------------------------------------------------------+
AzureAdJoined : NO
EnterpriseJoined : NO
DomainJoined : NO
+----------------------------------------------------------------------+
| User State |
+----------------------------------------------------------------------+
NgcSet : NO
WorkplaceJoined : NO
WamDefaultSet : NO
+----------------------------------------------------------------------+
| SSO State |
+----------------------------------------------------------------------+
AzureAdPrt : NO
AzureAdPrtAuthority : NO
EnterprisePrt : NO
EnterprisePrtAuthority : NO
+----------------------------------------------------------------------+
| Ngc Prerequisite Check |
+----------------------------------------------------------------------+
IsDeviceJoined : NO
IsUserAzureAD : NO
PolicyEnabled : NO
PostLogonEnabled : YES
DeviceEligible : YES
SessionIsNotRemote : YES
CertEnrollment : none
PreReqResult : WillNotProvision
========= End of CMD: =========
================== ExportKey: ===================
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies]
[HKLM\SOFTWARE\Policies\Microsoft]
[HKLM\SOFTWARE\Policies\Microsoft\Cryptography]
[HKLM\SOFTWARE\Policies\Microsoft\Cryptography\Configuration]
[HKLM\SOFTWARE\Policies\Microsoft\Cryptography\Configuration\SSL]
[HKLM\SOFTWARE\Policies\Microsoft\Cryptography\Configuration\SSL\00010002]
[HKLM\SOFTWARE\Policies\Microsoft\Peernet]
"Disabled"="0"
[HKLM\SOFTWARE\Policies\Microsoft\SystemCertificates]
[HKLM\SOFTWARE\Policies\Microsoft\SystemCertificates\CA]
[HKLM\SOFTWARE\Policies\Microsoft\SystemCertificates\CA\Certificates]
[HKLM\SOFTWARE\Policies\Microsoft\SystemCertificates\CA\CRLs]
[HKLM\SOFTWARE\Policies\Microsoft\SystemCertificates\CA\CTLs]
[HKLM\SOFTWARE\Policies\Microsoft\SystemCertificates\Disallowed]
[HKLM\SOFTWARE\Policies\Microsoft\SystemCertificates\Disallowed\Certificates]
[HKLM\SOFTWARE\Policies\Microsoft\SystemCertificates\Disallowed\CRLs]
[HKLM\SOFTWARE\Policies\Microsoft\SystemCertificates\Disallowed\CTLs]
[HKLM\SOFTWARE\Policies\Microsoft\SystemCertificates\Root]
[HKLM\SOFTWARE\Policies\Microsoft\SystemCertificates\Root\Certificates]
[HKLM\SOFTWARE\Policies\Microsoft\SystemCertificates\Root\CRLs]
[HKLM\SOFTWARE\Policies\Microsoft\SystemCertificates\Root\CTLs]
[HKLM\SOFTWARE\Policies\Microsoft\SystemCertificates\trust]
[HKLM\SOFTWARE\Policies\Microsoft\SystemCertificates\trust\Certificates]
[HKLM\SOFTWARE\Policies\Microsoft\SystemCertificates\trust\CRLs]
[HKLM\SOFTWARE\Policies\Microsoft\SystemCertificates\trust\CTLs]
[HKLM\SOFTWARE\Policies\Microsoft\SystemCertificates\TrustedPeople]
[HKLM\SOFTWARE\Policies\Microsoft\SystemCertificates\TrustedPeople\Certificates]
[HKLM\SOFTWARE\Policies\Microsoft\SystemCertificates\TrustedPeople\CRLs]
[HKLM\SOFTWARE\Policies\Microsoft\SystemCertificates\TrustedPeople\CTLs]
[HKLM\SOFTWARE\Policies\Microsoft\SystemCertificates\TrustedPublisher]
[HKLM\SOFTWARE\Policies\Microsoft\SystemCertificates\TrustedPublisher\Certificates]
[HKLM\SOFTWARE\Policies\Microsoft\SystemCertificates\TrustedPublisher\CRLs]
[HKLM\SOFTWARE\Policies\Microsoft\SystemCertificates\TrustedPublisher\CTLs]
[HKLM\SOFTWARE\Policies\Microsoft\TPM]
"OSManagedAuthLevel"="5"
[HKLM\SOFTWARE\Policies\Microsoft\Windows]
[HKLM\SOFTWARE\Policies\Microsoft\Windows\Appx]
"AllowAllTrustedApps"="65535"
[HKLM\SOFTWARE\Policies\Microsoft\Windows\BITS]
[HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion]
[HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings]
"CallLegacyWCMPolicies"="0"
[HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Cache]
[HKLM\SOFTWARE\Policies\Microsoft\Windows\DataCollection]
[HKLM\SOFTWARE\Policies\Microsoft\Windows\DriverSearching]
"DriverUpdateWizardWuSearchEnabled"="1"
[HKLM\SOFTWARE\Policies\Microsoft\Windows\EnhancedStorageDevices]
"TCGSecurityActivationDisabled"="0"
[HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec]
[HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy]
[HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local]
[HKLM\SOFTWARE\Policies\Microsoft\Windows\Network Connections]
"NC_PersonalFirewallConfig"="0"
[HKLM\SOFTWARE\Policies\Microsoft\Windows\NetworkConnectivityStatusIndicator]
""=""
[HKLM\SOFTWARE\Policies\Microsoft\Windows\NetworkProvider]
[HKLM\SOFTWARE\Policies\Microsoft\Windows\NetworkProvider\HardenedPaths]
[HKLM\SOFTWARE\Policies\Microsoft\Windows\safer]
[HKLM\SOFTWARE\Policies\Microsoft\Windows\safer\codeidentifiers]
"authenticodeenabled"="0"
[HKLM\SOFTWARE\Policies\Microsoft\Windows\SettingSync]
"EnableBackupForWin8Apps"="1"
[HKLM\SOFTWARE\Policies\Microsoft\Windows\System]
[HKLM\SOFTWARE\Policies\Microsoft\Windows\WcmSvc]
[HKLM\SOFTWARE\Policies\Microsoft\Windows\WcmSvc\GroupPolicy]
[HKLM\SOFTWARE\Policies\Microsoft\Windows\WcmSvc\Local]
"WCMPresent"="1"
[HKLM\SOFTWARE\Policies\Microsoft\Windows\WorkplaceJoin]
""=""
[HKLM\SOFTWARE\Policies\Microsoft\Windows\WSDAPI]
[HKLM\SOFTWARE\Policies\Microsoft\Windows\WSDAPI\Discovery Proxies]
[HKLM\SOFTWARE\Policies\Microsoft\Windows Defender]
[HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Policy Manager]
[HKLM\SOFTWARE\Policies\Microsoft\Windows NT]
[HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services]
[HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services\Client]
"fEnableUsbBlockDeviceBySetupClass"="1"
"fEnableUsbNoAckIsochWriteToDevice"="80"
"fEnableUsbSelectDeviceByInterface"="1"
[HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services\Client\UsbBlockDeviceBySetupClasses]
"1000"="{3376f4ce-ff8d-40a2-a80f-bb4359d1415c}"
[HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services\Client\UsbSelectDeviceByInterfaces]
"1000"="{6bdd1fc6-810f-11d0-bec7-08002be2092f}"
[HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Windows File Protection]
"KnownDllList"="nlhtml.dll"
=== End of ExportKey ===
================== ExportKey: ===================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinDefend]
"DependOnService"="RpcSs"
"Description"="@%ProgramFiles%\Windows Defender\MpAsDesc.dll,-240"
"DisplayName"="@%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310"
"ErrorControl"="1"
"FailureActions"="8051010000000000010000000300000014000000030000006400000000000000640000000000000064000000"
"ImagePath"=""C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MsMpEng.exe""
"LaunchProtected"="3"
"ObjectName"="LocalSystem"
"RequiredPrivileges"="SeImpersonatePrivilege*SeBackupPrivilege*SeRestorePrivilege*SeDebugPrivilege*SeChangeNotifyPrivilege*SeLoadDriverPrivilege*SeSecurityPrivilege*SeShutdownPrivilege*SeIncreaseQuotaPrivilege*SeAssignPrim (the data entry has 118 more characters)."
"ServiceSidType"="1"
"Start"="2"
"Type"="16"
"FailureCommand"="C:\WINDOWS\system32\mrt.exe /EHB /ServiceFailure "CAMP=4.18.1911.3;approximate-> Engine=1.1.16600.7;AVSIG=1.307.1134.0;ASSIG=1.307.1134.0" /StartService /Defender /q"
[HKLM\SYSTEM\CurrentControlSet\Services\WinDefend\Security]
"Security"="01001480f400000000010000140000003000000002001c000100000002801400ff010f000101000000000001000000000200c40007000000000018009d01020001020000000000052000000021020000000014009d010200010100000000000512000000 (the data entry has 336 more characters)."
=== End of ExportKey ===
================== ExportKey: ===================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SecurityHealthService]
"DependOnService"="RpcSs"
"Description"="@%systemroot%\system32\SecurityHealthAgent.dll,-1001"
"DisplayName"="@%systemroot%\system32\SecurityHealthAgent.dll,-1002"
"ErrorControl"="1"
"FailureActions"="80510100000000000000000003000000140000000100000060ea00000100000060ea00000000000000000000"
"ImagePath"="%SystemRoot%\system32\SecurityHealthService.exe"
"LaunchProtected"="2"
"ObjectName"="LocalSystem"
"RequiredPrivileges"="SeImpersonatePrivilege*SeBackupPrivilege*SeRestorePrivilege*SeDebugPrivilege*SeChangeNotifyPrivilege*SeSecurityPrivilege*SeAssignPrimaryTokenPrivilege*SeTcbPrivilege*SeSystemEnvironmentPrivilege*SeShu (the data entry has 14 more characters)."
"ServiceSidType"="1"
"Type"="16"
[HKLM\SYSTEM\CurrentControlSet\Services\SecurityHealthService\Security]
"Security"="010014801c01000028010000140000003000000002001c000100000002801400ff010f000101000000000001000000000200ec0008000000000018009d00020001020000000000052000000021020000000014009d010200010100000000000512000000 (the data entry has 416 more characters)."
=== End of ExportKey ===
================== ExportKey: ===================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wscsvc]
"DelayedAutoStart"="1"
"DependOnService"="RpcSs"
"Description"="@%SystemRoot%\System32\wscsvc.dll,-201"
"DisplayName"="@%SystemRoot%\System32\wscsvc.dll,-200"
"ErrorControl"="1"
"FailureActions"="805101000000000000000000030000001400000001000000c0d4010001000000e09304000000000000000000"
"ImagePath"="%SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted -p"
"LaunchProtected"="2"
"ObjectName"="NT AUTHORITY\LocalService"
"RequiredPrivileges"="SeChangeNotifyPrivilege*SeImpersonatePrivilege"
"ServiceSidType"="1"
"Start"="2"
"Type"="32"
[HKLM\SYSTEM\CurrentControlSet\Services\wscsvc\Parameters]
"ServiceDll"="%SystemRoot%\System32\wscsvc.dll"
"ServiceDllUnloadOnStop"="1"
[HKLM\SYSTEM\CurrentControlSet\Services\wscsvc\Security]
"Security"="010014801c01000028010000140000003000000002001c000100000002801400ff010f000101000000000001000000000200ec0008000000000018009d00020001020000000000052000000021020000000014009d010200010100000000000512000000 (the data entry has 416 more characters)."
=== End of ExportKey ===
========================= Folder: C:\WINDOWS\system32\GroupPolicy ========================
not found.
====== End of Folder: ======
========================= Folder: C:\WINDOWS\SysWOW64\GroupPolicy ========================
not found.
====== End of Folder: ======
========================= Folder: C:\WINDOWS\system32\GroupPolicyUsers ========================
not found.
====== End of Folder: ======
========================= Folder: C:\WINDOWS\SysWOW64\GroupPolicyUsers ========================
not found.
====== End of Folder: ======
==== End of Fixlog 20:46:18 ====
Re: Prosím o preventivní kontrolu logu kvůli blokaci defende
Musim sa priznat, ze tento problem je uz aj pre mna zahadou
Otvor poznamkovy blok (Win+R -> notepad -> enter)
Otvor poznamkovy blok (Win+R -> notepad -> enter)
- Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:
Kód: Vybrat vše
Start ExportKey: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options CMD: sc queryex WinDefend CMD: sc queryex SecurityHealthService CMD: sc queryex wscsvc PowerShell: Get-Service -Name WinDefend | Select-Object -Property * PowerShell: Get-Service -Name SecurityHealthService | Select-Object -Property * PowerShell: Get-Service -Name wscsvc | Select-Object -Property * End
- Uloz na plochu s nazvom fixlist.txt
- Spusti znovu FRST a klikni na Fix
- Pockaj na dokoncenie
- Tentokrat to bude bez restartu, otvori sa Fixlog.txt (pripadne bude na ploche), jeho obsah sem skopiruj
Absolvent skoly pre novacikov
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
Re: Prosím o preventivní kontrolu logu kvůli blokaci defende
Připadá mi, že už tím jen zbytečně zdržuju. Tak si kdyžtak najdu po novém roce den volna a provedu reinstal celého notebooku.
V příloze zasílám všechny logy.
V příloze zasílám všechny logy.
- Přílohy
-
- FRST_logy2.rar
- (28.72 KiB) Staženo 65 x
Re: Prosím o preventivní kontrolu logu kvůli blokaci defende
Urcite nezdrzujes/neotravujes, ja by som tiez rad odhalil pricinu (a myslim, ze uz sa to aj podarilo). Podla posledneho logu je poskodena (resp. vobec nie je zaregistrovana) sluzba "SecurityHealthService" (Windows Zabezpecenie), ktora je standardnou sucastou Windows 10 v1909.
Je pravda, ze reinstall Windowsu by bola asi najucinnejsia moznost, ale ak si reinstall este neurobil, tak vyskusaj tento fixlist:
Otvor poznamkovy blok (Win+R -> notepad -> enter)
Je pravda, ze reinstall Windowsu by bola asi najucinnejsia moznost, ale ak si reinstall este neurobil, tak vyskusaj tento fixlist:
Otvor poznamkovy blok (Win+R -> notepad -> enter)
- Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:
Kód: Vybrat vše
Start CloseProcesses: CreateRestorePoint: REG: reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SecurityHealthService" /v "Start" /t REG_DWORD /d "3" /f Hosts: EmptyTemp: End
- Uloz na plochu s nazvom fixlist.txt
- Spusti znovu FRST a klikni na Fix
- Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
- Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj
Absolvent skoly pre novacikov
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
Re: Prosím o preventivní kontrolu logu kvůli blokaci defende
Přeinstalování jsem zatím nestihl, a poslední fix pomohl, jupííí Moc děkuju, Defender už zase normálně běží.
Fix result of Farbar Recovery Scan Tool (x64) Version: 28-12-2019
Ran by Bodie (04-01-2020 09:49:01) Run:3
Running from C:\Users\Bodie\Desktop
Loaded Profiles: Bodie (Available Profiles: Bodie)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:
REG: reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SecurityHealthService" /v "Start" /t REG_DWORD /d "3" /f
Hosts:
EmptyTemp:
End
*****************
Processes closed successfully.
Restore point was successfully created.
========= reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SecurityHealthService" /v "Start" /t REG_DWORD /d "3" /f =========
Operace byla dokonźena ŁspŘçnŘ.
========= End of Reg: =========
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
=========== EmptyTemp: ==========
BITS transfer queue => 12345344 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 44929886 B
Java, Flash, Steam htmlcache => 14686 B
Windows/system/drivers => 8843972 B
Edge => 25101 B
Chrome => 70421671 B
Firefox => 1129581075 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 7168 B
Users => 7168 B
ProgramData => 7168 B
Public => 7168 B
systemprofile => 5510356 B
systemprofile32 => 5510356 B
LocalService => 5510356 B
NetworkService => 5542768 B
Bodie => 168070315 B
RecycleBin => 4617818305 B
EmptyTemp: => 5.7 GB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 09:49:46 ====
Fix result of Farbar Recovery Scan Tool (x64) Version: 28-12-2019
Ran by Bodie (04-01-2020 09:49:01) Run:3
Running from C:\Users\Bodie\Desktop
Loaded Profiles: Bodie (Available Profiles: Bodie)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:
REG: reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SecurityHealthService" /v "Start" /t REG_DWORD /d "3" /f
Hosts:
EmptyTemp:
End
*****************
Processes closed successfully.
Restore point was successfully created.
========= reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SecurityHealthService" /v "Start" /t REG_DWORD /d "3" /f =========
Operace byla dokonźena ŁspŘçnŘ.
========= End of Reg: =========
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
=========== EmptyTemp: ==========
BITS transfer queue => 12345344 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 44929886 B
Java, Flash, Steam htmlcache => 14686 B
Windows/system/drivers => 8843972 B
Edge => 25101 B
Chrome => 70421671 B
Firefox => 1129581075 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 7168 B
Users => 7168 B
ProgramData => 7168 B
Public => 7168 B
systemprofile => 5510356 B
systemprofile32 => 5510356 B
LocalService => 5510356 B
NetworkService => 5542768 B
Bodie => 168070315 B
RecycleBin => 4617818305 B
EmptyTemp: => 5.7 GB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 09:49:46 ====
Re: Prosím o preventivní kontrolu logu kvůli blokaci defende
Super, som rad, ze sa to nakoniec podarilo Predpokladam, ze ine problemy s PC uz nie su, ci?
Este odporucam "preventivne" znovu spustit kontrolu integrity systemovych suborov (logy uz nie je potrebne zasielat)
Este odporucam "preventivne" znovu spustit kontrolu integrity systemovych suborov (logy uz nie je potrebne zasielat)
- Otvor Start, napis "cmd" (bez uvodzoviek), klikni pravym tlacitkom mysi na Prikazovy riadok a klikni na Spustit ako spravca
- Skopiruj a spusti prikaz:
Kód: Vybrat vše
DISM.exe /Online /Cleanup-image /Restorehealth
- Po dokonceni skopiruj a spusti druhy prikaz:
Kód: Vybrat vše
sfc /scannow
Absolvent skoly pre novacikov
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
Re: Prosím o preventivní kontrolu logu kvůli blokaci defende
O žádných jiných problémech nevím
Oba příkazy provedeny a nenašlo to žádný problém, vše vpořádku.
Ještě jednou mockrát děkuju za spoustu času, kterou jsi mi tady věnoval
Oba příkazy provedeny a nenašlo to žádný problém, vše vpořádku.
Ještě jednou mockrát děkuju za spoustu času, kterou jsi mi tady věnoval
Re: Prosím o preventivní kontrolu logu kvůli blokaci defende
Tak este upraceme po pouzitych nastrojoch:
- Stiahni DelFix: https://toolslib.net/downloads/finish/2-delfix/
- Uloz na plochu a spusti
- Nechaj oznacenu moznost "Remove disinfection tools"
- Klikni na "Run"
Absolvent skoly pre novacikov
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
Re: Prosím o preventivní kontrolu logu kvůli blokaci defende
Uklizeno, díky