motionMixxx Opublikowano 6 Sierpnia 2014 Zgłoś Udostępnij Opublikowano 6 Sierpnia 2014 Wistam od dłuższego czasu u kolegi w maszynie można uruchomić zapory systemu bardzo proszę o pomoc GMER - http://www.wklej.org/id/1434019/ OTL.Txt Extras.Txt FRST.txt Addition.txt Odnośnik do komentarza
jessica Opublikowano 6 Sierpnia 2014 Zgłoś Udostępnij Opublikowano 6 Sierpnia 2014 1) Użyj >Adw-cleanernajpierw kliknij na SZUKAJ, a dopiero po zakończeniu skanowania, gdy uaktywni się przycisk USUŃ, to kliknij na niego.Pokaż raport z niego C:\AdwCleaner\AdwCleaner.txt 2) Użyj >>RogueKiller (aby pobrać kliknij na obrazek x64 po Lien de téléchargement :)Kliknij w nim SCAN, a po wyszukaniu szkodliwych rzeczy kliknij DELETE. Pokaż oba raporty z niego. 3) Otwórz Notatnik i wklej w nim: C:\Users\user\AppData\Local\Google\Desktop\InstallC:\Program Files (x86)\Google\Desktop\InstallTask: {7684A7CC-CA0A-47FA-A035-EAAE0EDA8011} - \CreateChoiceProcessTask No Task File <==== ATTENTIONTask: {A3CCB37D-87D6-4E10-9918-EB62EA883899} - \CCleanerSkipUAC No Task File <==== ATTENTIONReg: reg delete "HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes" /fReg: reg delete "HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes" /fReg: reg delete "HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes" /fWinsock: Catalog5 01 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"Winsock: Catalog5 05 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"Winsock: Catalog5-x64 01 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"Winsock: Catalog5-x64 05 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"U4 *etadpug; "C:\Program Files (x86)\Google\Desktop\Install\{556f87dd-9a44-a124-c6e9-595638fe0978}\ \...\???\{556f87dd-9a44-a124-c6e9-595638fe0978}\GoogleUpdate.exe" < <==== ATTENTION (ZeroAccess)R1 {59981518-8b2b-431e-90db-17dacc8cfa86}Gw64; C:\Windows\System32\drivers\{59981518-8b2b-431e-90db-17dacc8cfa86}Gw64.sys [61112 2014-05-16] (StdLib)S3 gdrv; \??\C:\Windows\gdrv.sys [X]S3 MSICDSetup; \??\E:\CDriver64.sys [X]S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]Reboot: Plik zapisz pod nazwą fixlist.txt i umieść obok narzędzia FRST. Uruchom FRST i kliknij w Fix. Powstanie plik fixlog.txt. Daj ten log. 4) Zrób nowe logi z FRST. 5) Zrób log z Farbar Service Scanner >http://download.bleepingcomputer.com/farbar/FSS.exe (do skanowania zaznacz wszystko) jessi Odnośnik do komentarza
motionMixxx Opublikowano 7 Sierpnia 2014 Autor Zgłoś Udostępnij Opublikowano 7 Sierpnia 2014 Wszystkie czynności wykonałem RogueKiller log - http://www.wklej.org/id/1434674/ AdwCleanerS3.txt Fixlog.txt FRST.txt Addition.txt FSS.txt Odnośnik do komentarza
jessica Opublikowano 7 Sierpnia 2014 Zgłoś Udostępnij Opublikowano 7 Sierpnia 2014 Infekcja ZeroAcces zniszczyła usługi Systemowe. 1) Pobierz >>ESET ServicesRepairKliknij prawym na pliku ServicesRepair i wybierz Uruchom jako administrator. 2) Zrób nowy log z FSS. jessi Odnośnik do komentarza
motionMixxx Opublikowano 7 Sierpnia 2014 Autor Zgłoś Udostępnij Opublikowano 7 Sierpnia 2014 Czynności wykonane FSS.txt Odnośnik do komentarza
jessica Opublikowano 7 Sierpnia 2014 Zgłoś Udostępnij Opublikowano 7 Sierpnia 2014 zaraz, muszę pomyśleć - dwie usługi nie zostały odbudowane ... 1) Do Notatnika wklej: Windows Registry Editor Version 5.00[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\PolicyAgent]"DisplayName"="@%SystemRoot%\\System32\\polstore.dll,-5010""ImagePath"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,\ 74,00,25,00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,73,\ 00,76,00,63,00,68,00,6f,00,73,00,74,00,2e,00,65,00,78,00,65,00,20,00,2d,00,\ 6b,00,20,00,4e,00,65,00,74,00,77,00,6f,00,72,00,6b,00,53,00,65,00,72,00,76,\ 00,69,00,63,00,65,00,4e,00,65,00,74,00,77,00,6f,00,72,00,6b,00,52,00,65,00,\ 73,00,74,00,72,00,69,00,63,00,74,00,65,00,64,00,00,00"Description"="@%SystemRoot%\\system32\\polstore.dll,-5011""ObjectName"="NT Authority\\NetworkService""ErrorControl"=dword:00000001"Start"=dword:00000003"Type"=dword:00000020"DependOnService"=hex(7):54,00,63,00,70,00,69,00,70,00,00,00,62,00,66,00,65,00,\ 00,00,00,00"ServiceSidType"=dword:00000001"RequiredPrivileges"=hex(7):53,00,65,00,41,00,75,00,64,00,69,00,74,00,50,00,72,\ 00,69,00,76,00,69,00,6c,00,65,00,67,00,65,00,00,00,53,00,65,00,43,00,68,00,\ 61,00,6e,00,67,00,65,00,4e,00,6f,00,74,00,69,00,66,00,79,00,50,00,72,00,69,\ 00,76,00,69,00,6c,00,65,00,67,00,65,00,00,00,53,00,65,00,43,00,72,00,65,00,\ 61,00,74,00,65,00,47,00,6c,00,6f,00,62,00,61,00,6c,00,50,00,72,00,69,00,76,\ 00,69,00,6c,00,65,00,67,00,65,00,00,00,53,00,65,00,49,00,6d,00,70,00,65,00,\ 72,00,73,00,6f,00,6e,00,61,00,74,00,65,00,50,00,72,00,69,00,76,00,69,00,6c,\ 00,65,00,67,00,65,00,00,00,00,00"FailureActions"=hex:80,51,01,00,00,00,00,00,00,00,00,00,03,00,00,00,14,00,00,\ 00,01,00,00,00,c0,d4,01,00,01,00,00,00,e0,93,04,00,00,00,00,00,00,00,00,00[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\PolicyAgent\Parameters]"ServiceDll"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,\ 00,74,00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,\ 69,00,70,00,73,00,65,00,63,00,73,00,76,00,63,00,2e,00,64,00,6c,00,6c,00,00,\ 00"ServiceDllUnloadOnStop"=dword:00000001"ServiceMain"="SpdServiceMain"[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\PolicyAgent\TriggerInfo][HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\PolicyAgent\TriggerInfo\0]"Type"=dword:00000004"Action"=dword:00000001"GUID"=hex:07,9e,56,b7,21,84,e0,4e,ad,10,86,91,5a,fd,ad,09"Data0"=hex:52,00,50,00,43,00,00,00,54,00,43,00,50,00,00,00,25,00,77,00,69,00,\ 6e,00,64,00,69,00,72,00,25,00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,\ 00,32,00,5c,00,73,00,76,00,63,00,68,00,6f,00,73,00,74,00,2e,00,65,00,78,00,\ 65,00,00,00,70,00,6f,00,6c,00,69,00,63,00,79,00,61,00,67,00,65,00,6e,00,74,\ 00,00,00,00,00"DataType0"=dword:00000002[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\RemoteAccess]"DisplayName"="@%Systemroot%\\system32\\mprdim.dll,-200""ImagePath"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,\ 74,00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,73,\ 00,76,00,63,00,68,00,6f,00,73,00,74,00,2e,00,65,00,78,00,65,00,20,00,2d,00,\ 6b,00,20,00,6e,00,65,00,74,00,73,00,76,00,63,00,73,00,00,00"Description"="@%Systemroot%\\system32\\mprdim.dll,-201""ObjectName"="localSystem""ErrorControl"=dword:00000001"Start"=dword:00000004"Type"=dword:00000020"DependOnGroup"=hex(7):4e,00,65,00,74,00,42,00,49,00,4f,00,53,00,47,00,72,00,\ 6f,00,75,00,70,00,00,00,00,00"DependOnService"=hex(7):52,00,70,00,63,00,53,00,53,00,00,00,42,00,66,00,65,00,\ 00,00,52,00,61,00,73,00,4d,00,61,00,6e,00,00,00,48,00,74,00,74,00,70,00,00,\ 00,00,00"ServiceSidType"=dword:00000001"RequiredPrivileges"=hex(7):53,00,65,00,43,00,68,00,61,00,6e,00,67,00,65,00,4e,\ 00,6f,00,74,00,69,00,66,00,79,00,50,00,72,00,69,00,76,00,69,00,6c,00,65,00,\ 67,00,65,00,00,00,53,00,65,00,4c,00,6f,00,61,00,64,00,44,00,72,00,69,00,76,\ 00,65,00,72,00,50,00,72,00,69,00,76,00,69,00,6c,00,65,00,67,00,65,00,00,00,\ 53,00,65,00,49,00,6d,00,70,00,65,00,72,00,73,00,6f,00,6e,00,61,00,74,00,65,\ 00,50,00,72,00,69,00,76,00,69,00,6c,00,65,00,67,00,65,00,00,00,53,00,65,00,\ 41,00,75,00,64,00,69,00,74,00,50,00,72,00,69,00,76,00,69,00,6c,00,65,00,67,\ 00,65,00,00,00,00,00"FailureActions"=hex:84,03,00,00,00,00,00,00,00,00,00,00,03,00,00,00,14,00,00,\ 00,01,00,00,00,c0,d4,01,00,01,00,00,00,e0,93,04,00,00,00,00,00,00,00,00,00"ConfigurationFlags"=dword:00000000[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\RemoteAccess\Accounting]"AccountSessionIdStart"=dword:00000001[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\RemoteAccess\Accounting\Providers]"ActiveProvider"="{1AA7F846-C7F5-11D0-A376-00C04FC9DA04}"[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\RemoteAccess\Accounting\Providers\{1AA7F840-C7F5-11D0-A376-00C04FC9DA04}]"ConfigClsid"="{1AA7F840-C7F5-11D0-A376-00C04FC9DA04}""DisplayName"="@%Systemroot%\\system32\\mprddm.dll,-202""VendorName"="Microsoft""ProviderTypeGUID"="{76560D00-2BFD-11d2-9539-3078302C2030}"[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\RemoteAccess\Accounting\Providers\{1AA7F846-C7F5-11D0-A376-00C04FC9DA04}]"Path"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,74,\ 00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,6d,00,\ 70,00,72,00,64,00,64,00,6d,00,2e,00,64,00,6c,00,6c,00,00,00"ConfigClsid"="""DisplayName"="@%Systemroot%\\system32\\mprddm.dll,-203""ProviderTypeGUID"="{76560D81-2BFD-11d2-9539-3078302C2030}""VendorName"="Microsoft"[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\RemoteAccess\Authentication][HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\RemoteAccess\Authentication\Providers]"ActiveProvider"="{1AA7F841-C7F5-11D0-A376-00C04FC9DA04}"[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\RemoteAccess\Authentication\Providers\{1AA7F83F-C7F5-11D0-A376-00C04FC9DA04}]"ConfigClsid"="{1AA7F83F-C7F5-11D0-A376-00C04FC9DA04}""DisplayName"="@%Systemroot%\\system32\\mprddm.dll,-201""VendorName"="Microsoft""ProviderTypeGUID"="{76560D00-2BFD-11d2-9539-3078302C2030}"[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\RemoteAccess\Authentication\Providers\{1AA7F841-C7F5-11D0-A376-00C04FC9DA04}]"Path"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,74,\ 00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,6d,00,\ 70,00,72,00,64,00,64,00,6d,00,2e,00,64,00,6c,00,6c,00,00,00"ConfigClsid"="""DisplayName"="@%Systemroot%\\system32\\mprddm.dll,-200""VendorName"="Microsoft""ProviderTypeGUID"="{76560D01-2BFD-11d2-9539-3078302C2030}"[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\RemoteAccess\DemandDialManager]"DllPath"="%SystemRoot%\\System32\\mprddm.dll"[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\RemoteAccess\Interfaces]"Stamp"=dword:00000000[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\RemoteAccess\Interfaces\0]"InterfaceName"="Loopback""Type"=dword:00000005"Enabled"=dword:00000001"Stamp"=dword:00000000[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\RemoteAccess\Interfaces\0\Ip]"ProtocolId"=dword:00000021"InterfaceInfo"=hex:01,00,00,00,68,00,00,00,03,00,00,00,05,00,ff,ff,48,00,00,\ 00,00,00,00,00,40,00,00,00,04,00,ff,ff,04,00,00,00,01,00,00,00,40,00,00,00,\ 07,00,ff,ff,10,00,00,00,01,00,00,00,48,00,00,00,00,00,00,00,01,00,00,00,00,\ 00,00,00,58,02,c2,01,08,07,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\ 00,00,00,00,00,00,00,00,00,00[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\RemoteAccess\Interfaces\0\Ipv6]"ProtocolId"=dword:00000057"InterfaceInfo"=hex:01,00,00,00,68,00,00,00,03,00,00,00,05,00,ff,ff,48,00,00,\ 00,00,00,00,00,40,00,00,00,04,00,ff,ff,04,00,00,00,01,00,00,00,40,00,00,00,\ 07,00,ff,ff,10,00,00,00,01,00,00,00,48,00,00,00,00,00,00,00,01,00,00,00,00,\ 00,00,00,58,02,c2,01,08,07,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\ 00,00,00,00,00,00,00,00,00,00[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\RemoteAccess\Interfaces\1]"InterfaceName"="Internal""Type"=dword:00000004"Enabled"=dword:00000001"Stamp"=dword:00000000[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\RemoteAccess\Interfaces\1\Ip]"ProtocolId"=dword:00000021"InterfaceInfo"=hex:01,00,00,00,68,00,00,00,03,00,00,00,05,00,ff,ff,48,00,00,\ 00,00,00,00,00,40,00,00,00,04,00,ff,ff,04,00,00,00,01,00,00,00,40,00,00,00,\ 07,00,ff,ff,10,00,00,00,01,00,00,00,48,00,00,00,00,00,00,00,01,00,00,00,00,\ 00,00,00,58,02,c2,01,08,07,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\ 00,00,00,00,00,00,00,00,00,00[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\RemoteAccess\Interfaces\1\Ipv6]"ProtocolId"=dword:00000057"InterfaceInfo"=hex:01,00,00,00,68,00,00,00,03,00,00,00,05,00,ff,ff,48,00,00,\ 00,00,00,00,00,40,00,00,00,04,00,ff,ff,04,00,00,00,01,00,00,00,40,00,00,00,\ 07,00,ff,ff,10,00,00,00,01,00,00,00,48,00,00,00,00,00,00,00,01,00,00,00,00,\ 00,00,00,58,02,c2,01,08,07,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\ 00,00,00,00,00,00,00,00,00,00[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\RemoteAccess\Interfaces\2]"InterfaceName"="{B19FFBDD-2DE4-4C89-9F2C-FF5C2D8D0738}""Type"=dword:00000003"Enabled"=dword:00000001"Stamp"=dword:00000000[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\RemoteAccess\Interfaces\2\Ip]"ProtocolId"=dword:00000021"InterfaceInfo"=hex:01,00,00,00,68,00,00,00,03,00,00,00,05,00,ff,ff,48,00,00,\ 00,00,00,00,00,40,00,00,00,04,00,ff,ff,04,00,00,00,01,00,00,00,40,00,00,00,\ 07,00,ff,ff,10,00,00,00,01,00,00,00,48,00,00,00,00,00,00,00,01,00,00,00,00,\ 00,00,00,58,02,c2,01,08,07,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\ 00,00,00,00,00,00,00,00,00,00[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\RemoteAccess\Interfaces\2\Ipv6]"ProtocolId"=dword:00000057"InterfaceInfo"=hex:01,00,00,00,68,00,00,00,03,00,00,00,05,00,ff,ff,48,00,00,\ 00,00,00,00,00,40,00,00,00,04,00,ff,ff,04,00,00,00,01,00,00,00,40,00,00,00,\ 07,00,ff,ff,10,00,00,00,01,00,00,00,48,00,00,00,00,00,00,00,01,00,00,00,00,\ 00,00,00,58,02,c2,01,08,07,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\ 00,00,00,00,00,00,00,00,00,00[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\RemoteAccess\Interfaces\3]"InterfaceName"="{B478FC25-3362-46FA-B72C-544C7BA9D67A}""Type"=dword:00000003"Enabled"=dword:00000001"Stamp"=dword:00000000[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\RemoteAccess\Interfaces\3\Ip]"ProtocolId"=dword:00000021"InterfaceInfo"=hex:01,00,00,00,68,00,00,00,03,00,00,00,05,00,ff,ff,48,00,00,\ 00,00,00,00,00,40,00,00,00,04,00,ff,ff,04,00,00,00,01,00,00,00,40,00,00,00,\ 07,00,ff,ff,10,00,00,00,01,00,00,00,48,00,00,00,00,00,00,00,01,00,00,00,00,\ 00,00,00,58,02,c2,01,08,07,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\ 00,00,00,00,00,00,00,00,00,00[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\RemoteAccess\Interfaces\3\Ipv6]"ProtocolId"=dword:00000057"InterfaceInfo"=hex:01,00,00,00,68,00,00,00,03,00,00,00,05,00,ff,ff,48,00,00,\ 00,00,00,00,00,40,00,00,00,04,00,ff,ff,04,00,00,00,01,00,00,00,40,00,00,00,\ 07,00,ff,ff,10,00,00,00,01,00,00,00,48,00,00,00,00,00,00,00,01,00,00,00,00,\ 00,00,00,58,02,c2,01,08,07,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\ 00,00,00,00,00,00,00,00,00,00[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\RemoteAccess\Interfaces\4]"InterfaceName"="{0AFFAC03-E9FA-405A-A377-004F0A1883CE}""Type"=dword:00000003"Enabled"=dword:00000001"Stamp"=dword:00000000[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\RemoteAccess\Interfaces\4\Ip]"ProtocolId"=dword:00000021"InterfaceInfo"=hex:01,00,00,00,68,00,00,00,03,00,00,00,05,00,ff,ff,48,00,00,\ 00,00,00,00,00,40,00,00,00,04,00,ff,ff,04,00,00,00,01,00,00,00,40,00,00,00,\ 07,00,ff,ff,10,00,00,00,01,00,00,00,48,00,00,00,00,00,00,00,01,00,00,00,00,\ 00,00,00,58,02,c2,01,08,07,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\ 00,00,00,00,00,00,00,00,00,00[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\RemoteAccess\Interfaces\4\Ipv6]"ProtocolId"=dword:00000057"InterfaceInfo"=hex:01,00,00,00,68,00,00,00,03,00,00,00,05,00,ff,ff,48,00,00,\ 00,00,00,00,00,40,00,00,00,04,00,ff,ff,04,00,00,00,01,00,00,00,40,00,00,00,\ 07,00,ff,ff,10,00,00,00,01,00,00,00,48,00,00,00,00,00,00,00,01,00,00,00,00,\ 00,00,00,58,02,c2,01,08,07,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\ 00,00,00,00,00,00,00,00,00,00[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\RemoteAccess\Interfaces\5]"InterfaceName"="{C25CA7FB-D708-4E29-9BDC-02FFB2C1B9CF}""Type"=dword:00000003"Enabled"=dword:00000001"Stamp"=dword:00000000[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\RemoteAccess\Interfaces\5\Ip]"ProtocolId"=dword:00000021"InterfaceInfo"=hex:01,00,00,00,68,00,00,00,03,00,00,00,05,00,ff,ff,48,00,00,\ 00,00,00,00,00,40,00,00,00,04,00,ff,ff,04,00,00,00,01,00,00,00,40,00,00,00,\ 07,00,ff,ff,10,00,00,00,01,00,00,00,48,00,00,00,00,00,00,00,01,00,00,00,00,\ 00,00,00,58,02,c2,01,08,07,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\ 00,00,00,00,00,00,00,00,00,00[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\RemoteAccess\Interfaces\5\Ipv6]"ProtocolId"=dword:00000057"InterfaceInfo"=hex:01,00,00,00,68,00,00,00,03,00,00,00,05,00,ff,ff,48,00,00,\ 00,00,00,00,00,40,00,00,00,04,00,ff,ff,04,00,00,00,01,00,00,00,40,00,00,00,\ 07,00,ff,ff,10,00,00,00,01,00,00,00,48,00,00,00,00,00,00,00,01,00,00,00,00,\ 00,00,00,58,02,c2,01,08,07,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\ 00,00,00,00,00,00,00,00,00,00[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\RemoteAccess\Interfaces\6]"InterfaceName"="{5DBCA5BB-25FF-48A6-BBB0-DFC74866B9ED}""Type"=dword:00000003"Enabled"=dword:00000001"Stamp"=dword:00000000[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\RemoteAccess\Interfaces\6\Ip]"ProtocolId"=dword:00000021"InterfaceInfo"=hex:01,00,00,00,68,00,00,00,03,00,00,00,05,00,ff,ff,48,00,00,\ 00,00,00,00,00,40,00,00,00,04,00,ff,ff,04,00,00,00,01,00,00,00,40,00,00,00,\ 07,00,ff,ff,10,00,00,00,01,00,00,00,48,00,00,00,00,00,00,00,01,00,00,00,00,\ 00,00,00,58,02,c2,01,08,07,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\ 00,00,00,00,00,00,00,00,00,00[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\RemoteAccess\Interfaces\6\Ipv6]"ProtocolId"=dword:00000057"InterfaceInfo"=hex:01,00,00,00,68,00,00,00,03,00,00,00,05,00,ff,ff,48,00,00,\ 00,00,00,00,00,40,00,00,00,04,00,ff,ff,04,00,00,00,01,00,00,00,40,00,00,00,\ 07,00,ff,ff,10,00,00,00,01,00,00,00,48,00,00,00,00,00,00,00,01,00,00,00,00,\ 00,00,00,58,02,c2,01,08,07,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\ 00,00,00,00,00,00,00,00,00,00[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\RemoteAccess\Interfaces\7]"InterfaceName"="{4D94550A-CD2C-417A-B885-2F7F9FECAA16}""Type"=dword:00000003"Enabled"=dword:00000001"Stamp"=dword:00000000[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\RemoteAccess\Interfaces\7\Ip]"ProtocolId"=dword:00000021"InterfaceInfo"=hex:01,00,00,00,68,00,00,00,03,00,00,00,05,00,ff,ff,48,00,00,\ 00,00,00,00,00,40,00,00,00,04,00,ff,ff,04,00,00,00,01,00,00,00,40,00,00,00,\ 07,00,ff,ff,10,00,00,00,01,00,00,00,48,00,00,00,00,00,00,00,01,00,00,00,00,\ 00,00,00,58,02,c2,01,08,07,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\ 00,00,00,00,00,00,00,00,00,00[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\RemoteAccess\Interfaces\7\Ipv6]"ProtocolId"=dword:00000057"InterfaceInfo"=hex:01,00,00,00,68,00,00,00,03,00,00,00,05,00,ff,ff,48,00,00,\ 00,00,00,00,00,40,00,00,00,04,00,ff,ff,04,00,00,00,01,00,00,00,40,00,00,00,\ 07,00,ff,ff,10,00,00,00,01,00,00,00,48,00,00,00,00,00,00,00,01,00,00,00,00,\ 00,00,00,58,02,c2,01,08,07,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\ 00,00,00,00,00,00,00,00,00,00[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\RemoteAccess\Interfaces\8]"InterfaceName"="{8F550093-CC2D-4998-9EFE-2E9884E96AD7}""Type"=dword:00000003"Enabled"=dword:00000001"Stamp"=dword:00000000[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\RemoteAccess\Interfaces\8\Ip]"ProtocolId"=dword:00000021"InterfaceInfo"=hex:01,00,00,00,68,00,00,00,03,00,00,00,05,00,ff,ff,48,00,00,\ 00,00,00,00,00,40,00,00,00,04,00,ff,ff,04,00,00,00,01,00,00,00,40,00,00,00,\ 07,00,ff,ff,10,00,00,00,01,00,00,00,48,00,00,00,00,00,00,00,01,00,00,00,00,\ 00,00,00,58,02,c2,01,08,07,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\ 00,00,00,00,00,00,00,00,00,00[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\RemoteAccess\Interfaces\8\Ipv6]"ProtocolId"=dword:00000057"InterfaceInfo"=hex:01,00,00,00,68,00,00,00,03,00,00,00,05,00,ff,ff,48,00,00,\ 00,00,00,00,00,40,00,00,00,04,00,ff,ff,04,00,00,00,01,00,00,00,40,00,00,00,\ 07,00,ff,ff,10,00,00,00,01,00,00,00,48,00,00,00,00,00,00,00,01,00,00,00,00,\ 00,00,00,58,02,c2,01,08,07,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\ 00,00,00,00,00,00,00,00,00,00[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\RemoteAccess\Parameters]"ServiceDLL"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,\ 00,74,00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,\ 6d,00,70,00,72,00,64,00,69,00,6d,00,2e,00,64,00,6c,00,6c,00,00,00"QuarantineInstalled"=dword:00000001"LoggingFlags"=dword:00000002"ServerFlags"=dword:00802602"ServiceDllUnloadOnStop"=dword:00000001"Stamp"=dword:00000000"UsersConfigured"=dword:00000000"RouterType"=dword:00000007[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\RemoteAccess\Parameters\AccountLockout]"MaxDenials"=dword:00000000"ResetTime (mins)"=dword:00000b40[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\RemoteAccess\Parameters\IKEV2]"idleTimeout"=dword:0000012c"networkBlackoutTime"=dword:00000708"saLifeTime"=dword:00007080"saDataSize"=dword:00019000"ConfigOptions"=dword:00000000[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\RemoteAccess\Parameters\Ip]"AllowClientIpAddresses"=dword:00000000"AllowNetworkAccess"=dword:00000001"EnableIn"=dword:00000001"EnableRoute"=dword:00000001"IpAddress"="0.0.0.0""IpMask"="0.0.0.0""UseDhcpAddressing"=dword:00000001"EnableNetbtBcastFwd"=dword:00000001[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\RemoteAccess\Parameters\Ipv6]"AdvertiseDefaultRoute"=dword:00000001"AllowNetworkAccess"=dword:00000001"EnableIn"=dword:00000000"EnableRoute"=dword:00000001"UseDhcpAddressing"=dword:00000000[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\RemoteAccess\Parameters\Nbf]"AllowNetworkAccess"=dword:00000001"EnableIn"=dword:00000001[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\RemoteAccess\Performance]"Library"="rasctrs.dll""Open"="OpenRasPerformanceData""Close"="CloseRasPerformanceData""Collect"="CollectRasPerformanceData""InstallType"=dword:00000001"PerfIniFile"="rasctrs.ini""First Counter"=dword:000007fe"Last Counter"=dword:00000824"First Help"=dword:000007ff"Last Help"=dword:00000825[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\RemoteAccess\Policy]"Allow LM Authentication"=dword:00000000"ProductDir"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,\ 00,74,00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,\ 49,00,41,00,53,00,00,00[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\RemoteAccess\Policy\Pipeline][HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\RemoteAccess\Policy\Pipeline\01]@="IAS.ProxyPolicyEnforcer""Requests"="0 1 2""Responses"="0 1 2 3 4"[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\RemoteAccess\Policy\Pipeline\02]@="IAS.Realm""Providers"="1""Requests"="0 1""Responses"="0"[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\RemoteAccess\Policy\Pipeline\03]@="IAS.Realm""Requests"="0 1""Responses"="0""Providers"="0 2"[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\RemoteAccess\Policy\Pipeline\04]@="IAS.NTSamNames""Providers"="1""Responses"="0""Requests"="0"[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\RemoteAccess\Policy\Pipeline\05]@="IAS.CRPBasedEAP""Providers"="1""Requests"="0 2""Responses"="0"[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\RemoteAccess\Policy\Pipeline\06]@="IAS.Realm""Providers"="1""Requests"="0""Responses"="0""Replays"="0"[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\RemoteAccess\Policy\Pipeline\07]@="IAS.NTSamNames""Providers"="1""Requests"="0""Responses"="0""Replays"="0"[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\RemoteAccess\Policy\Pipeline\08]@="IAS.MachineNameMapper""Providers"="1""Requests"="0""Responses"="0""Replays"="0"[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\RemoteAccess\Policy\Pipeline\09]@="IAS.BaseCampHost""Replays"="0"[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\RemoteAccess\Policy\Pipeline\10]@="IAS.RadiusProxy""Providers"="2""Responses"="0""Replays"="0"[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\RemoteAccess\Policy\Pipeline\11]@="IAS.ExternalAuthNames""Providers"="2""Requests"="0""Responses"="1""Replays"="0"[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\RemoteAccess\Policy\Pipeline\12]@="IAS.NTSamAuthentication""Requests"="0""Responses"="0 1 2""Providers"="1""Replays"="0"[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\RemoteAccess\Policy\Pipeline\13]@="IAS.UserAccountValidation""Providers"="1 3""Requests"="0""Replays"="0""Responses"="0 1""Reasons"="33"[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\RemoteAccess\Policy\Pipeline\14]@="IAS.MachineAccountValidation""Providers"="1""Requests"="0""Responses"="0 1""Replays"="0"[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\RemoteAccess\Policy\Pipeline\15]@="IAS.EAPIdentity""Providers"="1""Requests"="0""Replays"="0""Responses"="0"[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\RemoteAccess\Policy\Pipeline\16]@="IAS.QuarantineEvaluator""Providers"="1""Requests"="0""Replays"="0""Responses"="0 1"[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\RemoteAccess\Policy\Pipeline\17]@="IAS.PolicyEnforcer""Providers"="1 3""Requests"="0""Replays"="0""Responses"="0 1""Reasons"="33"[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\RemoteAccess\Policy\Pipeline\18]@="IAS.NTSamPerUser""Providers"="1 3""Requests"="0""Replays"="0""Responses"="0 1""Reasons"="33"[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\RemoteAccess\Policy\Pipeline\19]@="IAS.URHandler""Providers"="1 3""Requests"="0""Replays"="0""Responses"="0 1""Reasons"="33"[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\RemoteAccess\Policy\Pipeline\20]@="IAS.RAPBasedEAP""Providers"="1""Requests"="0 2""Replays"="0""Responses"="0"[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\RemoteAccess\Policy\Pipeline\21]@="IAS.PostEapRestrictions""Providers"="0 1 3""Requests"="0""Replays"="0""Responses"="0 1"[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\RemoteAccess\Policy\Pipeline\22]@="IAS.PostQuarantineEvaluator""Providers"="1""Requests"="0""Replays"="0""Responses"="1 2 5"[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\RemoteAccess\Policy\Pipeline\23]@="IAS.ChangePassword""Providers"="1""Requests"="0""Replays"="0""Responses"="1"[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\RemoteAccess\Policy\Pipeline\24]@="IAS.AuthorizationHost""Replays"="0"[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\RemoteAccess\Policy\Pipeline\25]@="IAS.EAPTerminator""Providers"="0 1""Requests"="0 2""Replays"="0""Responses"="1 2 3 5"[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\RemoteAccess\Policy\Pipeline\26]@="IAS.DatabaseAccounting"[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\RemoteAccess\Policy\Pipeline\27]@="IAS.Accounting"[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\RemoteAccess\Policy\Pipeline\28]@="IAS.MSChapErrorReporter""Providers"="0 1 3""Requests"="0""Replays"="0""Responses"="2"[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\RemoteAccess\RouterManagers]"Stamp"=dword:00000000[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\RemoteAccess\RouterManagers\Ip]"ProtocolId"=dword:00000021"GlobalInfo"=hex:01,00,00,00,78,00,00,00,02,00,00,00,03,00,ff,ff,08,00,00,00,\ 01,00,00,00,30,00,00,00,06,00,ff,ff,34,00,00,00,01,00,00,00,38,00,00,00,00,\ 00,00,00,00,00,00,00,01,00,00,00,06,00,00,00,02,00,00,00,01,00,00,00,03,00,\ 00,00,0a,00,00,00,16,27,00,00,03,00,00,00,17,27,00,00,05,00,00,00,12,27,00,\ 00,07,00,00,00,08,00,00,00,78,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00"DLLPath"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,\ 74,00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,69,\ 00,70,00,72,00,74,00,72,00,6d,00,67,00,72,00,2e,00,64,00,6c,00,6c,00,00,00[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\RemoteAccess\RouterManagers\Ipv6]"ProtocolId"=dword:00000057"GlobalInfo"=hex:01,00,00,00,78,00,00,00,02,00,00,00,0f,00,ff,ff,08,00,00,00,\ 01,00,00,00,30,00,00,00,06,00,ff,ff,34,00,00,00,01,00,00,00,38,00,00,00,00,\ 00,00,00,00,00,00,00,01,00,00,00,06,00,00,00,02,00,00,00,01,00,00,00,16,27,\ 00,00,03,00,00,00,17,27,00,00,05,00,00,00,12,27,00,00,07,00,00,00,03,00,00,\ 00,0a,00,00,00,08,00,00,00,78,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00"DLLPath"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,\ 74,00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,69,\ 00,70,00,72,00,74,00,72,00,6d,00,67,00,72,00,2e,00,64,00,6c,00,6c,00,00,00[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\RemoteAccess\RoutingTableManager][HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\RemoteAccess\RoutingTableManager\Instance 00000][HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\RemoteAccess\RoutingTableManager\Instance 00000\AddressFamily 00002]"AddressSize"=dword:00000004"MaxChangeNotifyRegistrations"=dword:00000010"MaxHandlesReturnedInEnum"=dword:00000019"MaxNextHopsInRoute"=dword:00000003"MaxOpaqueInfoPointers"=dword:00000005"ViewsSupported"=dword:00000003[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\RemoteAccess\RoutingTableManager\Instance 00000\AddressFamily 00023]"AddressSize"=dword:00000010"MaxChangeNotifyRegistrations"=dword:00000010"MaxHandlesReturnedInEnum"=dword:00000019"MaxNextHopsInRoute"=dword:00000003"MaxOpaqueInfoPointers"=dword:00000005"ViewsSupported"=dword:00000003[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\RemoteAccess\Security]"Security"=hex:01,00,04,80,5c,00,00,00,68,00,00,00,00,00,00,00,14,00,00,00,02,\ 00,48,00,03,00,00,00,00,00,14,00,fd,01,02,00,01,01,00,00,00,00,00,05,12,00,\ 00,00,00,00,18,00,ff,01,0f,00,01,02,00,00,00,00,00,05,20,00,00,00,20,02,00,\ 00,00,00,14,00,8d,01,02,00,01,01,00,00,00,00,00,05,0b,00,00,00,01,01,00,00,\ 00,00,00,05,12,00,00,00,01,01,00,00,00,00,00,05,12,00,00,00 Z Menu Notatnika >> Plik >> Zapisz jako >> Ustaw rozszerzenie na Wszystkie pliki >> Zapisz jako> FIX.REG >>z prawokliku na plik Scal i potwierdź import do rejestru. 2) Pobierz narzędzie SetACL, (SetACL.3.06 z folderu Commandline version wypakuj wersję dopasowaną do systemu (x86 = 32-bit, x64 = 64-bit) i umieść w katalogu C:\Windows.W Notatniku wklej poniższą treść i zapisz plik pod nazwą fix.txt. Plik umieść bezpośrednio na C:\. "machine\SYSTEM\CurrentControlSet\Services\PolicyAgent",4,"O:BA" "machine\SYSTEM\CurrentControlSet\Services\PolicyAgent\Parameters",4,"O:BA" "machine\SYSTEM\CurrentControlSet\Services\PolicyAgent\Parameters\Cache",4,"O:BAD:PAI(A;OICI;CCDCLCSWRPRC;;;S-1-5-80-3044542841-3639452079-4096941652-1606687743-1256249853)" "machine\SYSTEM\CurrentControlSet\Services\PolicyAgent\TriggerInfo",4,"O:BA" "machine\SYSTEM\CurrentControlSet\Services\PolicyAgent\TriggerInfo\0",4,"O:BA"START > w polu szukania wpisz cmd > z prawokliku Uruchom jako Administrator > wklej komendę:SetACL -on "HKLM\SYSTEM\CurrentControlSet\Services\PolicyAgent" -ot reg -actn restore -bckp C:\fix.txt 3) W Notatniku wklej poniższą treść i zapisz plik pod nazwą fix.txt. Plik umieść bezpośrednio na C:\. "machine\SYSTEM\CurrentControlSet\Services\RemoteAccess",4,"O:BAD:PAI(A;;KR;;;LS)(A;OICIIO;GR;;;LS)(A;;KR;;;NO)(A;OICIIO;GR;;;NO)(A;;KR;;;NS)(A;OICIIO;GR;;;NS)(A;;KA;;;SY)(A;OICIIO;GA;;;SY)(A;;KR;;;BU)(A;OICIIO;GR;;;BU)(A;;KA;;;BA)(A;OICIIO;GA;;;BA)" "machine\SYSTEM\CurrentControlSet\Services\RemoteAccess\Accounting",4,"O:BAD:PAI(A;;KR;;;LS)(A;OICIIO;GR;;;LS)(A;;KR;;;NO)(A;OICIIO;GR;;;NO)(A;;KR;;;NS)(A;OICIIO;GR;;;NS)(A;;KA;;;SY)(A;OICIIO;GA;;;SY)(A;;KR;;;BU)(A;OICIIO;GR;;;BU)(A;;KA;;;BA)(A;OICIIO;GA;;;BA)" "machine\SYSTEM\CurrentControlSet\Services\RemoteAccess\Accounting\Providers",4,"O:BAD:PAI(A;;KR;;;LS)(A;OICIIO;GR;;;LS)(A;;KR;;;NO)(A;OICIIO;GR;;;NO)(A;;KR;;;NS)(A;OICIIO;GR;;;NS)(A;;KA;;;SY)(A;OICIIO;GA;;;SY)(A;;KR;;;BU)(A;OICIIO;GR;;;BU)(A;;KA;;;BA)(A;OICIIO;GA;;;BA)" "machine\SYSTEM\CurrentControlSet\Services\RemoteAccess\Accounting\Providers\{1AA7F840-C7F5-11D0-A376-00C04FC9DA04}",4,"O:BAD:PAI(A;;KR;;;LS)(A;OICIIO;GR;;;LS)(A;;KR;;;NO)(A;OICIIO;GR;;;NO)(A;;KR;;;NS)(A;OICIIO;GR;;;NS)(A;;KA;;;SY)(A;OICIIO;GA;;;SY)(A;;KR;;;BU)(A;OICIIO;GR;;;BU)(A;;KA;;;BA)(A;OICIIO;GA;;;BA)" "machine\SYSTEM\CurrentControlSet\Services\RemoteAccess\Accounting\Providers\{1AA7F846-C7F5-11D0-A376-00C04FC9DA04}",4,"O:BAD:PAI(A;;KR;;;LS)(A;OICIIO;GR;;;LS)(A;;KR;;;NO)(A;OICIIO;GR;;;NO)(A;;KR;;;NS)(A;OICIIO;GR;;;NS)(A;;KA;;;SY)(A;OICIIO;GA;;;SY)(A;;KR;;;BU)(A;OICIIO;GR;;;BU)(A;;KA;;;BA)(A;OICIIO;GA;;;BA)" "machine\SYSTEM\CurrentControlSet\Services\RemoteAccess\Authentication",4,"O:BAD:PAI(A;;KR;;;LS)(A;OICIIO;GR;;;LS)(A;;KR;;;NO)(A;OICIIO;GR;;;NO)(A;;KR;;;NS)(A;OICIIO;GR;;;NS)(A;;KA;;;SY)(A;OICIIO;GA;;;SY)(A;;KR;;;BU)(A;OICIIO;GR;;;BU)(A;;KA;;;BA)(A;OICIIO;GA;;;BA)" "machine\SYSTEM\CurrentControlSet\Services\RemoteAccess\Authentication\Providers",4,"O:BAD:PAI(A;;KR;;;LS)(A;OICIIO;GR;;;LS)(A;;KR;;;NO)(A;OICIIO;GR;;;NO)(A;;KR;;;NS)(A;OICIIO;GR;;;NS)(A;;KA;;;SY)(A;OICIIO;GA;;;SY)(A;;KR;;;BU)(A;OICIIO;GR;;;BU)(A;;KA;;;BA)(A;OICIIO;GA;;;BA)" "machine\SYSTEM\CurrentControlSet\Services\RemoteAccess\Authentication\Providers\{1AA7F83F-C7F5-11D0-A376-00C04FC9DA04}",4,"O:BAD:PAI(A;;KR;;;LS)(A;OICIIO;GR;;;LS)(A;;KR;;;NO)(A;OICIIO;GR;;;NO)(A;;KR;;;NS)(A;OICIIO;GR;;;NS)(A;;KA;;;SY)(A;OICIIO;GA;;;SY)(A;;KR;;;BU)(A;OICIIO;GR;;;BU)(A;;KA;;;BA)(A;OICIIO;GA;;;BA)" "machine\SYSTEM\CurrentControlSet\Services\RemoteAccess\Authentication\Providers\{1AA7F841-C7F5-11D0-A376-00C04FC9DA04}",4,"O:BAD:PAI(A;;KR;;;LS)(A;OICIIO;GR;;;LS)(A;;KR;;;NO)(A;OICIIO;GR;;;NO)(A;;KR;;;NS)(A;OICIIO;GR;;;NS)(A;;KA;;;SY)(A;OICIIO;GA;;;SY)(A;;KR;;;BU)(A;OICIIO;GR;;;BU)(A;;KA;;;BA)(A;OICIIO;GA;;;BA)" "machine\SYSTEM\CurrentControlSet\Services\RemoteAccess\DemandDialManager",4,"O:BAD:PAI(A;;KR;;;LS)(A;OICIIO;GR;;;LS)(A;;KR;;;NO)(A;OICIIO;GR;;;NO)(A;;KR;;;NS)(A;OICIIO;GR;;;NS)(A;;KA;;;SY)(A;OICIIO;GA;;;SY)(A;;KR;;;BU)(A;OICIIO;GR;;;BU)(A;;KA;;;BA)(A;OICIIO;GA;;;BA)" "machine\SYSTEM\CurrentControlSet\Services\RemoteAccess\Interfaces",4,"O:BAD:PAI(A;;KR;;;LS)(A;OICIIO;GR;;;LS)(A;;KR;;;NO)(A;OICIIO;GR;;;NO)(A;;KR;;;NS)(A;OICIIO;GR;;;NS)(A;;KA;;;SY)(A;OICIIO;GA;;;SY)(A;;KR;;;BU)(A;OICIIO;GR;;;BU)(A;;KA;;;BA)(A;OICIIO;GA;;;BA)" "machine\SYSTEM\CurrentControlSet\Services\RemoteAccess\Interfaces\0",4,"O:SY" "machine\SYSTEM\CurrentControlSet\Services\RemoteAccess\Interfaces\0\Ip",4,"O:SY" "machine\SYSTEM\CurrentControlSet\Services\RemoteAccess\Interfaces\0\Ipv6",4,"O:SY" "machine\SYSTEM\CurrentControlSet\Services\RemoteAccess\Interfaces\1",4,"O:SY" "machine\SYSTEM\CurrentControlSet\Services\RemoteAccess\Interfaces\1\Ip",4,"O:SY" "machine\SYSTEM\CurrentControlSet\Services\RemoteAccess\Interfaces\1\Ipv6",4,"O:SY" "machine\SYSTEM\CurrentControlSet\Services\RemoteAccess\Interfaces\2",4,"O:SY" "machine\SYSTEM\CurrentControlSet\Services\RemoteAccess\Interfaces\2\Ip",4,"O:SY" "machine\SYSTEM\CurrentControlSet\Services\RemoteAccess\Interfaces\2\Ipv6",4,"O:SY" "machine\SYSTEM\CurrentControlSet\Services\RemoteAccess\Interfaces\3",4,"O:SY" "machine\SYSTEM\CurrentControlSet\Services\RemoteAccess\Interfaces\3\Ip",4,"O:SY" "machine\SYSTEM\CurrentControlSet\Services\RemoteAccess\Interfaces\3\Ipv6",4,"O:SY" "machine\SYSTEM\CurrentControlSet\Services\RemoteAccess\Interfaces\4",4,"O:SY" "machine\SYSTEM\CurrentControlSet\Services\RemoteAccess\Interfaces\4\Ip",4,"O:SY" "machine\SYSTEM\CurrentControlSet\Services\RemoteAccess\Interfaces\4\Ipv6",4,"O:SY" "machine\SYSTEM\CurrentControlSet\Services\RemoteAccess\Interfaces\5",4,"O:SY" "machine\SYSTEM\CurrentControlSet\Services\RemoteAccess\Interfaces\5\Ip",4,"O:SY" "machine\SYSTEM\CurrentControlSet\Services\RemoteAccess\Interfaces\5\Ipv6",4,"O:SY" "machine\SYSTEM\CurrentControlSet\Services\RemoteAccess\Interfaces\6",4,"O:SY" "machine\SYSTEM\CurrentControlSet\Services\RemoteAccess\Interfaces\6\Ip",4,"O:SY" "machine\SYSTEM\CurrentControlSet\Services\RemoteAccess\Interfaces\6\Ipv6",4,"O:SY" "machine\SYSTEM\CurrentControlSet\Services\RemoteAccess\Interfaces\7",4,"O:SY" "machine\SYSTEM\CurrentControlSet\Services\RemoteAccess\Interfaces\7\Ip",4,"O:SY" "machine\SYSTEM\CurrentControlSet\Services\RemoteAccess\Interfaces\7\Ipv6",4,"O:SY" "machine\SYSTEM\CurrentControlSet\Services\RemoteAccess\Interfaces\8",4,"O:SY" "machine\SYSTEM\CurrentControlSet\Services\RemoteAccess\Interfaces\8\Ip",4,"O:SY" "machine\SYSTEM\CurrentControlSet\Services\RemoteAccess\Interfaces\8\Ipv6",4,"O:SY" "machine\SYSTEM\CurrentControlSet\Services\RemoteAccess\Parameters",4,"O:BAD:PAI(A;;KR;;;LS)(A;OICIIO;GR;;;LS)(A;;KR;;;NO)(A;OICIIO;GR;;;NO)(A;;KR;;;NS)(A;OICIIO;GR;;;NS)(A;;KA;;;SY)(A;OICIIO;GA;;;SY)(A;;KR;;;BU)(A;OICIIO;GR;;;BU)(A;;KA;;;BA)(A;OICIIO;GA;;;BA)" "machine\SYSTEM\CurrentControlSet\Services\RemoteAccess\Parameters\AccountLockout",4,"O:BA" "machine\SYSTEM\CurrentControlSet\Services\RemoteAccess\Parameters\IKEV2",4,"O:BA" "machine\SYSTEM\CurrentControlSet\Services\RemoteAccess\Parameters\Ip",4,"O:BA" "machine\SYSTEM\CurrentControlSet\Services\RemoteAccess\Parameters\Ipv6",4,"O:BA" "machine\SYSTEM\CurrentControlSet\Services\RemoteAccess\Parameters\Nbf",4,"O:BA" "machine\SYSTEM\CurrentControlSet\Services\RemoteAccess\Performance",4,"O:BAD:PAI(A;;KR;;;LS)(A;OICIIO;GR;;;LS)(A;;KR;;;NO)(A;OICIIO;GR;;;NO)(A;;KR;;;NS)(A;OICIIO;GR;;;NS)(A;;KA;;;SY)(A;OICIIO;GA;;;SY)(A;;KR;;;BU)(A;OICIIO;GR;;;BU)(A;;KA;;;BA)(A;OICIIO;GA;;;BA)" "machine\SYSTEM\CurrentControlSet\Services\RemoteAccess\Policy",4,"O:BA" "machine\SYSTEM\CurrentControlSet\Services\RemoteAccess\Policy\Pipeline",4,"O:S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464D:PAI(A;;KA;;;S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464)(A;CIIO;GA;;;S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464)(A;;KR;;;SY)(A;CIIO;GR;;;SY)(A;;KR;;;BA)(A;CIIO;GR;;;BA)(A;;KR;;;BU)(A;CIIO;GR;;;BU)" "machine\SYSTEM\CurrentControlSet\Services\RemoteAccess\Policy\Pipeline\01",4,"O:S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464D:PAI(A;;KA;;;S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464)(A;CIIO;GA;;;S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464)(A;;KR;;;SY)(A;CIIO;GR;;;SY)(A;;KR;;;BA)(A;CIIO;GR;;;BA)(A;;KR;;;BU)(A;CIIO;GR;;;BU)" "machine\SYSTEM\CurrentControlSet\Services\RemoteAccess\Policy\Pipeline\02",4,"O:S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464D:PAI(A;;KA;;;S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464)(A;CIIO;GA;;;S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464)(A;;KR;;;SY)(A;CIIO;GR;;;SY)(A;;KR;;;BA)(A;CIIO;GR;;;BA)(A;;KR;;;BU)(A;CIIO;GR;;;BU)" "machine\SYSTEM\CurrentControlSet\Services\RemoteAccess\Policy\Pipeline\03",4,"O:S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464D:PAI(A;;KA;;;S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464)(A;CIIO;GA;;;S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464)(A;;KR;;;SY)(A;CIIO;GR;;;SY)(A;;KR;;;BA)(A;CIIO;GR;;;BA)(A;;KR;;;BU)(A;CIIO;GR;;;BU)" "machine\SYSTEM\CurrentControlSet\Services\RemoteAccess\Policy\Pipeline\04",4,"O:S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464D:PAI(A;;KA;;;S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464)(A;CIIO;GA;;;S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464)(A;;KR;;;SY)(A;CIIO;GR;;;SY)(A;;KR;;;BA)(A;CIIO;GR;;;BA)(A;;KR;;;BU)(A;CIIO;GR;;;BU)" "machine\SYSTEM\CurrentControlSet\Services\RemoteAccess\Policy\Pipeline\05",4,"O:S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464D:PAI(A;;KA;;;S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464)(A;CIIO;GA;;;S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464)(A;;KR;;;SY)(A;CIIO;GR;;;SY)(A;;KR;;;BA)(A;CIIO;GR;;;BA)(A;;KR;;;BU)(A;CIIO;GR;;;BU)" "machine\SYSTEM\CurrentControlSet\Services\RemoteAccess\Policy\Pipeline\06",4,"O:S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464D:PAI(A;;KA;;;S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464)(A;CIIO;GA;;;S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464)(A;;KR;;;SY)(A;CIIO;GR;;;SY)(A;;KR;;;BA)(A;CIIO;GR;;;BA)(A;;KR;;;BU)(A;CIIO;GR;;;BU)" "machine\SYSTEM\CurrentControlSet\Services\RemoteAccess\Policy\Pipeline\07",4,"O:S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464D:PAI(A;;KA;;;S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464)(A;CIIO;GA;;;S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464)(A;;KR;;;SY)(A;CIIO;GR;;;SY)(A;;KR;;;BA)(A;CIIO;GR;;;BA)(A;;KR;;;BU)(A;CIIO;GR;;;BU)" "machine\SYSTEM\CurrentControlSet\Services\RemoteAccess\Policy\Pipeline\08",4,"O:S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464D:PAI(A;;KA;;;S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464)(A;CIIO;GA;;;S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464)(A;;KR;;;SY)(A;CIIO;GR;;;SY)(A;;KR;;;BA)(A;CIIO;GR;;;BA)(A;;KR;;;BU)(A;CIIO;GR;;;BU)" "machine\SYSTEM\CurrentControlSet\Services\RemoteAccess\Policy\Pipeline\09",4,"O:S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464D:PAI(A;;KA;;;S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464)(A;CIIO;GA;;;S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464)(A;;KR;;;SY)(A;CIIO;GR;;;SY)(A;;KR;;;BA)(A;CIIO;GR;;;BA)(A;;KR;;;BU)(A;CIIO;GR;;;BU)" "machine\SYSTEM\CurrentControlSet\Services\RemoteAccess\Policy\Pipeline\10",4,"O:S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464D:PAI(A;;KA;;;S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464)(A;CIIO;GA;;;S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464)(A;;KR;;;SY)(A;CIIO;GR;;;SY)(A;;KR;;;BA)(A;CIIO;GR;;;BA)(A;;KR;;;BU)(A;CIIO;GR;;;BU)" "machine\SYSTEM\CurrentControlSet\Services\RemoteAccess\Policy\Pipeline\11",4,"O:S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464D:PAI(A;;KA;;;S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464)(A;CIIO;GA;;;S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464)(A;;KR;;;SY)(A;CIIO;GR;;;SY)(A;;KR;;;BA)(A;CIIO;GR;;;BA)(A;;KR;;;BU)(A;CIIO;GR;;;BU)" "machine\SYSTEM\CurrentControlSet\Services\RemoteAccess\Policy\Pipeline\12",4,"O:S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464D:PAI(A;;KA;;;S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464)(A;CIIO;GA;;;S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464)(A;;KR;;;SY)(A;CIIO;GR;;;SY)(A;;KR;;;BA)(A;CIIO;GR;;;BA)(A;;KR;;;BU)(A;CIIO;GR;;;BU)" "machine\SYSTEM\CurrentControlSet\Services\RemoteAccess\Policy\Pipeline\13",4,"O:S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464D:PAI(A;;KA;;;S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464)(A;CIIO;GA;;;S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464)(A;;KR;;;SY)(A;CIIO;GR;;;SY)(A;;KR;;;BA)(A;CIIO;GR;;;BA)(A;;KR;;;BU)(A;CIIO;GR;;;BU)" "machine\SYSTEM\CurrentControlSet\Services\RemoteAccess\Policy\Pipeline\14",4,"O:S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464D:PAI(A;;KA;;;S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464)(A;CIIO;GA;;;S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464)(A;;KR;;;SY)(A;CIIO;GR;;;SY)(A;;KR;;;BA)(A;CIIO;GR;;;BA)(A;;KR;;;BU)(A;CIIO;GR;;;BU)" "machine\SYSTEM\CurrentControlSet\Services\RemoteAccess\Policy\Pipeline\15",4,"O:S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464D:PAI(A;;KA;;;S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464)(A;CIIO;GA;;;S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464)(A;;KR;;;SY)(A;CIIO;GR;;;SY)(A;;KR;;;BA)(A;CIIO;GR;;;BA)(A;;KR;;;BU)(A;CIIO;GR;;;BU)" "machine\SYSTEM\CurrentControlSet\Services\RemoteAccess\Policy\Pipeline\16",4,"O:S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464D:PAI(A;;KA;;;S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464)(A;CIIO;GA;;;S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464)(A;;KR;;;SY)(A;CIIO;GR;;;SY)(A;;KR;;;BA)(A;CIIO;GR;;;BA)(A;;KR;;;BU)(A;CIIO;GR;;;BU)" "machine\SYSTEM\CurrentControlSet\Services\RemoteAccess\Policy\Pipeline\17",4,"O:S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464D:PAI(A;;KA;;;S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464)(A;CIIO;GA;;;S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464)(A;;KR;;;SY)(A;CIIO;GR;;;SY)(A;;KR;;;BA)(A;CIIO;GR;;;BA)(A;;KR;;;BU)(A;CIIO;GR;;;BU)" "machine\SYSTEM\CurrentControlSet\Services\RemoteAccess\Policy\Pipeline\18",4,"O:S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464D:PAI(A;;KA;;;S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464)(A;CIIO;GA;;;S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464)(A;;KR;;;SY)(A;CIIO;GR;;;SY)(A;;KR;;;BA)(A;CIIO;GR;;;BA)(A;;KR;;;BU)(A;CIIO;GR;;;BU)" "machine\SYSTEM\CurrentControlSet\Services\RemoteAccess\Policy\Pipeline\19",4,"O:S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464D:PAI(A;;KA;;;S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464)(A;CIIO;GA;;;S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464)(A;;KR;;;SY)(A;CIIO;GR;;;SY)(A;;KR;;;BA)(A;CIIO;GR;;;BA)(A;;KR;;;BU)(A;CIIO;GR;;;BU)" "machine\SYSTEM\CurrentControlSet\Services\RemoteAccess\Policy\Pipeline\20",4,"O:S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464D:PAI(A;;KA;;;S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464)(A;CIIO;GA;;;S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464)(A;;KR;;;SY)(A;CIIO;GR;;;SY)(A;;KR;;;BA)(A;CIIO;GR;;;BA)(A;;KR;;;BU)(A;CIIO;GR;;;BU)" "machine\SYSTEM\CurrentControlSet\Services\RemoteAccess\Policy\Pipeline\21",4,"O:S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464D:PAI(A;;KA;;;S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464)(A;CIIO;GA;;;S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464)(A;;KR;;;SY)(A;CIIO;GR;;;SY)(A;;KR;;;BA)(A;CIIO;GR;;;BA)(A;;KR;;;BU)(A;CIIO;GR;;;BU)" "machine\SYSTEM\CurrentControlSet\Services\RemoteAccess\Policy\Pipeline\22",4,"O:S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464D:PAI(A;;KA;;;S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464)(A;CIIO;GA;;;S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464)(A;;KR;;;SY)(A;CIIO;GR;;;SY)(A;;KR;;;BA)(A;CIIO;GR;;;BA)(A;;KR;;;BU)(A;CIIO;GR;;;BU)" "machine\SYSTEM\CurrentControlSet\Services\RemoteAccess\Policy\Pipeline\23",4,"O:S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464D:PAI(A;;KA;;;S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464)(A;CIIO;GA;;;S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464)(A;;KR;;;SY)(A;CIIO;GR;;;SY)(A;;KR;;;BA)(A;CIIO;GR;;;BA)(A;;KR;;;BU)(A;CIIO;GR;;;BU)" "machine\SYSTEM\CurrentControlSet\Services\RemoteAccess\Policy\Pipeline\24",4,"O:S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464D:PAI(A;;KA;;;S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464)(A;CIIO;GA;;;S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464)(A;;KR;;;SY)(A;CIIO;GR;;;SY)(A;;KR;;;BA)(A;CIIO;GR;;;BA)(A;;KR;;;BU)(A;CIIO;GR;;;BU)" "machine\SYSTEM\CurrentControlSet\Services\RemoteAccess\Policy\Pipeline\25",4,"O:S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464D:PAI(A;;KA;;;S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464)(A;CIIO;GA;;;S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464)(A;;KR;;;SY)(A;CIIO;GR;;;SY)(A;;KR;;;BA)(A;CIIO;GR;;;BA)(A;;KR;;;BU)(A;CIIO;GR;;;BU)" "machine\SYSTEM\CurrentControlSet\Services\RemoteAccess\Policy\Pipeline\26",4,"O:S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464D:PAI(A;;KA;;;S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464)(A;CIIO;GA;;;S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464)(A;;KR;;;SY)(A;CIIO;GR;;;SY)(A;;KR;;;BA)(A;CIIO;GR;;;BA)(A;;KR;;;BU)(A;CIIO;GR;;;BU)" "machine\SYSTEM\CurrentControlSet\Services\RemoteAccess\Policy\Pipeline\27",4,"O:S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464D:PAI(A;;KA;;;S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464)(A;CIIO;GA;;;S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464)(A;;KR;;;SY)(A;CIIO;GR;;;SY)(A;;KR;;;BA)(A;CIIO;GR;;;BA)(A;;KR;;;BU)(A;CIIO;GR;;;BU)" "machine\SYSTEM\CurrentControlSet\Services\RemoteAccess\Policy\Pipeline\28",4,"O:S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464D:PAI(A;;KA;;;S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464)(A;CIIO;GA;;;S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464)(A;;KR;;;SY)(A;CIIO;GR;;;SY)(A;;KR;;;BA)(A;CIIO;GR;;;BA)(A;;KR;;;BU)(A;CIIO;GR;;;BU)" "machine\SYSTEM\CurrentControlSet\Services\RemoteAccess\RouterManagers",4,"O:BAD:PAI(A;;KR;;;LS)(A;OICIIO;GR;;;LS)(A;;KR;;;NO)(A;OICIIO;GR;;;NO)(A;;KR;;;NS)(A;OICIIO;GR;;;NS)(A;;KA;;;SY)(A;OICIIO;GA;;;SY)(A;;KR;;;BU)(A;OICIIO;GR;;;BU)(A;;KA;;;BA)(A;OICIIO;GA;;;BA)" "machine\SYSTEM\CurrentControlSet\Services\RemoteAccess\RouterManagers\Ip",4,"O:SY" "machine\SYSTEM\CurrentControlSet\Services\RemoteAccess\RouterManagers\Ipv6",4,"O:SY" "machine\SYSTEM\CurrentControlSet\Services\RemoteAccess\RoutingTableManager",4,"O:BAD:PAI(A;;KR;;;LS)(A;OICIIO;GR;;;LS)(A;;KR;;;NO)(A;OICIIO;GR;;;NO)(A;;KR;;;NS)(A;OICIIO;GR;;;NS)(A;;KA;;;SY)(A;OICIIO;GA;;;SY)(A;;KR;;;BU)(A;OICIIO;GR;;;BU)(A;;KA;;;BA)(A;OICIIO;GA;;;BA)" "machine\SYSTEM\CurrentControlSet\Services\RemoteAccess\RoutingTableManager\Instance 00000",4,"O:BAD:PAI(A;;KR;;;LS)(A;OICIIO;GR;;;LS)(A;;KR;;;NO)(A;OICIIO;GR;;;NO)(A;;KR;;;NS)(A;OICIIO;GR;;;NS)(A;;KA;;;SY)(A;OICIIO;GA;;;SY)(A;;KR;;;BU)(A;OICIIO;GR;;;BU)(A;;KA;;;BA)(A;OICIIO;GA;;;BA)" "machine\SYSTEM\CurrentControlSet\Services\RemoteAccess\RoutingTableManager\Instance 00000\AddressFamily 00002",4,"O:BA" "machine\SYSTEM\CurrentControlSet\Services\RemoteAccess\RoutingTableManager\Instance 00000\AddressFamily 00023",4,"O:BA" "machine\SYSTEM\CurrentControlSet\Services\RemoteAccess\Security",4,"O:BA" START > w polu szukania wpisz cmd > z prawokliku Uruchom jako Administrator > wklej komendę:SetACL -on "HKLM\SYSTEM\CurrentControlSet\Services\RemoteAccess" -ot reg -actn restore -bckp C:\fix.txt 4) Zrestartuj komputer. 5) Zrób nowy log z FSS jessi Odnośnik do komentarza
motionMixxx Opublikowano 11 Sierpnia 2014 Autor Zgłoś Udostępnij Opublikowano 11 Sierpnia 2014 Wszystkie czynności wykonane i przepraszam,że tak późno ale nie miałem dostępu do maszyny FSS.txt Odnośnik do komentarza
jessica Opublikowano 11 Sierpnia 2014 Zgłoś Udostępnij Opublikowano 11 Sierpnia 2014 Action Center:============ wscsvc Service is not running. Checking service configuration: The start type of wscsvc service is OK. The ImagePath of wscsvc service is OK. The ServiceDll of wscsvc service is OK. Teoretycznie powinno się teraz dać włączyć. >START >URUCHOM >wybierz (lub wpisz): services.msc >po prawej wyszukaj i zaznacz: Centrum Zabezpieczeń >po lewej kliknij na: Uruchom Usługę Windows Update:============ wuauserv Service is not running. Checking service configuration: The start type of wuauserv service is OK. The ImagePath of wuauserv service is OK. The ServiceDll of wuauserv service is OK. Teoretycznie powinno się teraz dać włączyć. >START >URUCHOM >wybierz (lub wpisz): services.msc >po prawej wyszukaj i zaznacz: Windows Update >po lewej kliknij na: Uruchom Usługę Miejmy nadzieję, że to pomoże ... jessi Odnośnik do komentarza
motionMixxx Opublikowano 11 Sierpnia 2014 Autor Zgłoś Udostępnij Opublikowano 11 Sierpnia 2014 co ciekawe wszystko działa bez żadnego uruchamia czy to już wszystko czy jeszcze jakieś kroki finalizujące temat? Odnośnik do komentarza
jessica Opublikowano 11 Sierpnia 2014 Zgłoś Udostępnij Opublikowano 11 Sierpnia 2014 jeszcze jakieś kroki finalizujące temat: W Adw-Cleaner kliknij na przycisk Odinstaluj (UNINSTALL). Otwórz Notatnik i wklej w nim: DeleteQuarantine: Plik zapisz pod nazwą fixlist.txt i umieść obok narzędzia FRST. Uruchom FRST i kliknij w Fix.przez SHIFT+DEL usuń pozostały folder C:\FRST Rogue Killer - usuń ręcznie. ESET Service Repair - usuń ręcznie. FSS - usuń ręcznie. SETAcl - usuń ręcznie Fix.Reg - usuń ręcznie (jeśli jeszcze jest). To chyba wszystko. jessi Odnośnik do komentarza
motionMixxx Opublikowano 11 Sierpnia 2014 Autor Zgłoś Udostępnij Opublikowano 11 Sierpnia 2014 przez SHIFT+DEL nie moge usunąc folderu FRST co ciekawe do kosza tez nie mogę... Odnośnik do komentarza
jessica Opublikowano 11 Sierpnia 2014 Zgłoś Udostępnij Opublikowano 11 Sierpnia 2014 przez SHIFT+DEL nie moge usunąc folderu FRST co ciekawe do kosza tez nie mogę... zrobiłeś najpierw to "DeleteQuarantine:" ? Odnośnik do komentarza
motionMixxx Opublikowano 11 Sierpnia 2014 Autor Zgłoś Udostępnij Opublikowano 11 Sierpnia 2014 zgadza sie zrobiłem Odnośnik do komentarza
jessica Opublikowano 11 Sierpnia 2014 Zgłoś Udostępnij Opublikowano 11 Sierpnia 2014 W OTL kliknij na przycisk Sprzątanie - może przy okazji usunie się także FRST. Nie wiem, dlaczego nie da się usunąć normalnie. jessi Odnośnik do komentarza
motionMixxx Opublikowano 11 Sierpnia 2014 Autor Zgłoś Udostępnij Opublikowano 11 Sierpnia 2014 OTL częściowo załatwił sprawę ale folder FRST i w nim Quarantine nadal istnieją a kiedy chce wywalic do kosza jest info: Program Eksplorator Windows przestał działać Odnośnik do komentarza
jessica Opublikowano 11 Sierpnia 2014 Zgłoś Udostępnij Opublikowano 11 Sierpnia 2014 OTL częściowo załatwił sprawę ale folder FRST i w nim Quarantine nadal istnieją a kiedy chce wywalic do kosza jest info: Program Eksplorator Windows przestał działać Trudno, zostawiamy to, bo jakoś nic innego nie przychodzi mi na myśl. jessi Odnośnik do komentarza
motionMixxx Opublikowano 11 Sierpnia 2014 Autor Zgłoś Udostępnij Opublikowano 11 Sierpnia 2014 ok gitarka dzięki wielkie Odnośnik do komentarza
Rekomendowane odpowiedzi
Jeśli chcesz dodać odpowiedź, zaloguj się lub zarejestruj nowe konto
Jedynie zarejestrowani użytkownicy mogą komentować zawartość tej strony.
Zarejestruj nowe konto
Załóż nowe konto. To bardzo proste!
Zarejestruj sięZaloguj się
Posiadasz już konto? Zaloguj się poniżej.
Zaloguj się