Dalo to práci, ale možná se podařilo. Smazán soubor c:/windows/system32/bthserv.dll - trojan.
Zdá se, že PC byl kompromitován přes RDP. Zjistil jsem účet admin, který by tam neměl být. Nechápu, že jsem si toho včera nevšiml...
Tento účet jsem zakázal, a podezřelý obsah na ploše a v downloads smazal. V appdata v profilech byl infikovaný soubor msgbox.exe - smazán. Ve Windows/Prefetch jsem smazal vše s příponou pf. Po restaru se zdá vše OK. FRST šel spustit a aktualizoval se.
Přikládám log:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 12-02-2017
Ran by dpadmin (administrator) on SOCHR (13-02-2017 22:06:13)
Running from C:\Users\dpadmin\Desktop
Loaded Profiles: dpadmin (Available Profiles: dpadmin & sochr & ucetni & admin)
Platform: Microsoft Windows 7 Professional Service Pack 1 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:
http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore.exe
(CobianSoft, Luis Cobian) C:\Program Files\Cobian Backup 11\cbVSCService11.exe
(ESET) C:\Program Files\ESET\ESET Endpoint Antivirus\ekrn.exe
(ESET) C:\Program Files\ESET\RemoteAdministrator\Agent\ERAAgent.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(ESET) C:\Program Files\ESET\ESET Endpoint Antivirus\egui.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
() C:\Program Files\Xerox Companion Suite\MFFSUM.exe
() C:\Program Files\Xerox Companion Suite\MFPrintServer.exe
(Luis Cobian, CobianSoft) C:\Program Files\Cobian Backup 11\Cobian.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
() C:\Program Files\Xerox Companion Suite\MFServices.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Luis Cobian, CobianSoft) C:\Program Files\Cobian Backup 11\cbInterface.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Microsoft Corporation) C:\Windows\System32\perfmon.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [MFFSum_Pro_LL2] => C:\Program Files\Xerox Companion Suite\MFFSUM.exe [24576 2010-02-11] ()
HKLM\...\Run: [MFPrintServer_Pro_LL2] => C:\Program Files\Xerox Companion Suite\MFPrintServer.exe [73728 2010-02-11] ()
HKLM\...\Run: [Cobian Backup 11] => C:\Program Files\Cobian Backup 11\Cobian.exe [720896 2013-03-07] (Luis Cobian, CobianSoft)
HKU\S-1-5-21-224114086-3321654504-1725146643-1000\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [6828448 2017-02-06] (SUPERAntiSpyware)
Startup: C:\Users\sochr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\W_mrpprn – zástupce.lnk [2014-06-30]
ShortcutTarget: W_mrpprn – zástupce.lnk -> C:\Program Files\MRP\Tiskový manažer\W_mrpprn.exe ()
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: 192.168.0.1 server-agnis
Tcpip\Parameters: [DhcpNameServer] 192.168.1.253
Tcpip\..\Interfaces\{DD8BE20A-65BC-44C4-8E6C-621ED882D086}: [DhcpNameServer] 192.168.1.253
Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://
www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://
www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-224114086-3321654504-1725146643-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://
www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
DPF: {AA25A56C-B654-4356-B390-DC3594B75C63} hxxp://192.168.0.200/codebase/HCNetVideoActiveX.cab
DPF: {D8950D0E-FCE7-4AE4-9370-7E4CFBC04362} hxxps://eportal.cssz.cz/fas/page/activexcab/webff_cs.cab
FireFox:
========
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
FF Plugin: synology.com/SurveillanceHelper -> C:\Program Files\Synology\SurveillanceHelper\1.0.0.5\npSurveillanceHelper.dll [2016-06-06] (Synology)
FF Plugin: synology.com/SurveillancePlugin -> C:\Program Files\Synology\SurveillancePlugin\1.0.0.973\npSurveillancePlugin.dll [2016-06-06] (Synology)
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [143776 2017-01-31] (SUPERAntiSpyware.com)
R2 cbVSCService11; C:\Program Files\Cobian Backup 11\cbVSCService11.exe [67584 2013-03-07] (CobianSoft, Luis Cobian) [File not signed]
S3 EHttpSrv; C:\Program Files\ESET\ESET Endpoint Antivirus\ehttpsrv.exe [43168 2016-05-24] (ESET)
R2 ekrn; C:\Program Files\ESET\ESET Endpoint Antivirus\ekrn.exe [1648224 2016-05-24] (ESET)
R2 EraAgentSvc; C:\Program Files\ESET\RemoteAdministrator\Agent\ERAAgent.exe [1891528 2015-05-05] (ESET)
S3 eshasrv; C:\Program Files\ESET\ESET Endpoint Antivirus\eshasrv.exe [173216 2016-05-24] (ESET)
S4 FUSServices; C:\Windows\system32\FUSServices.exe [10752 2010-02-11] () [File not signed]
S2 SpyHunter 4 Service; C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe [665768 2017-02-13] (Enigma Software Group USA, LLC.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
S2 bthserv; C:\Windows\system32\bthserv.dll [X]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [208552 2016-05-23] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [155296 2016-05-23] (ESET)
R2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [140960 2016-05-23] (ESET)
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [19984 2017-02-13] ()
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-02-13 22:06 - 2017-02-13 22:06 - 00007196 _____ C:\Users\dpadmin\Desktop\FRST.txt
2017-02-13 22:06 - 2017-02-13 22:06 - 00000000 ____D C:\Users\dpadmin\Desktop\FRST-OlderVersion
2017-02-13 21:46 - 2017-02-13 21:46 - 00001240 _____ C:\Users\dpadmin\Desktop\SpyHunter.lnk
2017-02-13 21:46 - 2017-02-13 21:46 - 00000000 ____D C:\Users\dpadmin\AppData\Roaming\Enigma Software Group
2017-02-13 21:46 - 2017-02-13 21:46 - 00000000 ____D C:\sh4ldr
2017-02-13 21:45 - 2017-02-13 21:45 - 00019984 _____ C:\Windows\system32\Drivers\EsgScanner.sys
2017-02-13 21:45 - 2017-02-13 21:45 - 00000000 ____D C:\Program Files\Enigma Software Group
2017-02-13 21:19 - 2017-02-13 21:20 - 00000000 ____D C:\x
2017-02-13 21:18 - 2017-02-13 21:18 - 00000000 ____D C:\Users\dpadmin\AppData\Local\ESET
2017-02-13 20:56 - 2017-02-13 22:02 - 00007596 _____ C:\Users\dpadmin\AppData\Local\Resmon.ResmonCfg
2017-02-13 20:20 - 2017-02-13 20:35 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2017-02-13 20:20 - 2017-02-13 20:20 - 00170200 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-02-13 20:20 - 2017-02-13 20:20 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-02-13 20:16 - 2017-02-13 20:35 - 00000000 ____D C:\Users\dpadmin\Desktop\mbar
2017-02-13 20:16 - 2017-02-13 20:16 - 00094936 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2017-02-12 22:39 - 2017-02-13 14:39 - 00000514 _____ C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task f53d2275-1557-479e-9468-82d6160a72ed.job
2017-02-12 22:39 - 2017-02-13 02:00 - 00000514 _____ C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 844a17a5-ca76-42a6-9f6c-0dd19fdb5cda.job
2017-02-12 22:39 - 2017-02-12 22:39 - 00000000 ____D C:\Users\dpadmin\AppData\Roaming\SUPERAntiSpyware.com
2017-02-12 22:38 - 2017-02-12 22:39 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2017-02-12 22:38 - 2017-02-12 22:38 - 29207824 _____ (SUPERAntiSpyware) C:\Users\dpadmin\Downloads\SUPERAntiSpyware.exe
2017-02-12 22:38 - 2017-02-12 22:38 - 00001961 _____ C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2017-02-12 22:38 - 2017-02-12 22:38 - 00000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2017-02-12 22:38 - 2017-02-12 22:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2017-02-12 22:17 - 2017-02-12 22:18 - 00002288 _____ C:\Users\dpadmin\Desktop\Fixlog.txt
2017-02-12 21:50 - 2017-02-12 21:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2017-02-12 21:20 - 2017-02-13 22:06 - 00000000 ____D C:\FRST
2017-02-12 21:17 - 2017-02-12 21:17 - 00008728 _____ C:\ComboFix.txt
2017-02-12 20:37 - 2017-02-12 20:38 - 00000000 ____D C:\Users\dpadmin\Downloads\Autoruns
2017-02-12 20:37 - 2017-02-12 20:37 - 01304400 _____ C:\Users\dpadmin\Downloads\Autoruns.zip
2017-02-12 19:43 - 2017-02-12 19:43 - 00000954 _____ C:\Users\dpadmin\Documents\zaloha reg pred odvirovanim.reg
2017-02-12 19:19 - 2017-02-12 19:19 - 03516080 _____ (Enigma Software Group USA, LLC.) C:\Users\dpadmin\Downloads\SpyHunter-Installer.exe
2017-02-10 08:57 - 2017-02-13 22:06 - 01763328 _____ (Farbar) C:\Users\dpadmin\Desktop\FRST.exe
2017-02-10 08:31 - 2017-02-10 08:32 - 91734016 _____ C:\Users\sochr\Downloads\eea_nt32_csy.msi
2017-02-10 08:25 - 2017-02-10 08:30 - 102678528 _____ C:\Users\sochr\Downloads\eea_nt64_csy.msi
2017-02-09 16:01 - 2011-06-26 07:45 - 00256000 _____ C:\Windows\PEV.exe
2017-02-09 16:01 - 2010-11-07 18:20 - 00208896 _____ C:\Windows\MBR.exe
2017-02-09 16:01 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2017-02-09 16:01 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2017-02-09 16:01 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2017-02-09 16:01 - 2000-08-31 01:00 - 00098816 _____ C:\Windows\sed.exe
2017-02-09 16:01 - 2000-08-31 01:00 - 00080412 _____ C:\Windows\grep.exe
2017-02-09 16:01 - 2000-08-31 01:00 - 00068096 _____ C:\Windows\zip.exe
2017-02-09 15:59 - 2017-02-09 15:56 - 00758912 _____ (ESET) C:\Users\dpadmin\Desktop\ESETUninstaller.exe
2017-02-09 15:59 - 2017-02-09 15:53 - 55566792 _____ (Malwarebytes ) C:\Users\dpadmin\Desktop\mb3-setup-consumer-3.0.6.1469.exe
2017-02-09 15:52 - 2017-02-09 15:52 - 00000000 ____D C:\Users\dpadmin\AppData\Local\ElevatedDiagnostics
2017-02-09 15:51 - 2017-02-12 21:17 - 00000000 ____D C:\Qoobox
2017-02-09 15:51 - 2017-02-09 16:10 - 00000000 ____D C:\Windows\erdnt
2017-02-09 15:50 - 2017-02-13 21:32 - 00568640 _____ C:\Windows\ntbtlog.txt
2017-02-09 15:47 - 2017-02-09 15:45 - 05659775 ____R (Swearware) C:\Users\dpadmin\Desktop\ComboFix.exe
2017-01-24 07:50 - 2017-02-07 10:13 - 00016801 _____ C:\Users\sochr\Desktop\Recepce pokl.kniha Únor 2017.ods
2017-01-19 21:02 - 2017-01-19 21:02 - 00002850 _____ C:\Users\ucetni\Downloads\20170117.kmo
2017-01-17 22:17 - 2017-01-17 22:17 - 00003325 _____ C:\Users\ucetni\Downloads\20170112.kmo
2017-01-14 13:46 - 2017-01-14 13:46 - 00012547 ____N C:\Users\sochr\Desktop\hlásit platbu kartou.odt
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-02-13 22:02 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-02-13 21:13 - 2009-07-14 05:34 - 00031104 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-02-13 21:13 - 2009-07-14 05:34 - 00031104 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-02-13 20:50 - 2016-07-03 13:58 - 00000000 ____D C:\Program Files\PokerStars.EU
2017-02-12 22:42 - 2011-04-12 02:37 - 00668542 _____ C:\Windows\system32\perfh005.dat
2017-02-12 22:42 - 2011-04-12 02:37 - 00141202 _____ C:\Windows\system32\perfc005.dat
2017-02-12 22:42 - 2010-11-20 22:01 - 01583226 _____ C:\Windows\system32\PerfStringBackup.INI
2017-02-12 22:42 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\inf
2017-02-12 22:32 - 2009-07-14 05:53 - 00032588 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2017-02-12 22:19 - 2016-03-11 10:18 - 00000008 __RSH C:\ProgramData\ntuser.pol
2017-02-12 22:17 - 2009-07-14 03:37 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2017-02-12 21:50 - 2015-06-08 14:58 - 00000000 ____D C:\ProgramData\ESET
2017-02-12 21:50 - 2015-06-08 14:58 - 00000000 ____D C:\Program Files\ESET
2017-02-12 21:16 - 2009-07-14 03:04 - 00000215 _____ C:\Windows\system.ini
2017-02-12 19:20 - 2014-06-26 07:10 - 00000000 ____D C:\Users\dpadmin
2017-02-04 09:50 - 2017-01-02 07:48 - 00017339 ____N C:\Users\sochr\Desktop\Recepce pokl.kniha Leden 2017.ods
2017-01-30 09:15 - 2015-06-09 12:52 - 00000000 ____D C:\AgnisWork
2017-01-25 20:20 - 2016-07-21 20:54 - 00545488 _____ C:\Users\ucetni\Desktop\p304_25279238_2016.pdf
2017-01-22 09:52 - 2016-04-13 14:13 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-01-14 16:20 - 2014-06-26 07:57 - 00000000 ____D C:\Users\sochr\Desktop\Poukázky strava restaurace Švejk
2017-01-14 16:19 - 2014-12-06 09:39 - 00000000 ____D C:\Users\sochr\Desktop\Rauty
2017-01-14 16:15 - 2016-10-28 10:03 - 00000000 ____D C:\Users\sochr\Desktop\JL. návrhy týden-víkend
2017-01-14 16:07 - 2016-01-31 12:37 - 00000000 ____D C:\Users\sochr\Desktop\Švejk JL.NL. 2016
2017-01-14 13:02 - 2015-06-15 15:32 - 00001928 ____N C:\Users\sochr\Desktop\AGNIS.lnk
==================== Files in the root of some directories =======
2017-02-13 20:56 - 2017-02-13 22:02 - 0007596 _____ () C:\Users\dpadmin\AppData\Local\Resmon.ResmonCfg
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-02-02 00:14
==================== End of FRST.txt ============================
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
Drive c: () (Fixed) (Total:223.47 GB) (Free:171.19 GB) NTFS
Available physical RAM: 1802.78 MB
Total physical RAM: 3061.49 MB
Percentage of memory in use: 41%
==================== MBR and Partition Table ==================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 223.6 GB) (Disk ID: FE9DCBE3)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=223.5 GB) - (Type=07 NTFS)
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 844a17a5-ca76-42a6-9f6c-0dd19fdb5cda.job => C:\Program Files\SUPERAntiSpyware\SASTask.exe
Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task f53d2275-1557-479e-9468-82d6160a72ed.job => C:\Program Files\SUPERAntiSpyware\SASTask.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: ESET Endpoint Antivirus 6.4.2014.2 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET Endpoint Antivirus 6.4.2014.2 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\dpadmin\Desktop" je 92 MB.
***** Startup Programs *****
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x0
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x0
DisableNotifications REG_DWORD 0x0
DoNotAllowExceptions REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
Přispějete na provoz fóra?