Вирус не дает зайти в папки с антивирусом, закрывает браузер на поиске антивируса.

23 июля, 2021

Добрый день, схватил вирус, который в рандомное время закрывает файлы (Word, Excel) и не дает зайти в папки с установщиками антивирусов. Более того закрывается браузер при попытке скачивания или даже поиска антивирусных утилит. На компе установлен Malware, висит в трее, но окно не открывается, проверка тоже не стартует. Другие антивири не устанавливаются, Autologger тоже.

Нашёл решение тут:

Farbar Recovery Scan Tool запустилась спокойно (скачал на другом компе). Вот логи. Помогите, пожалуйста.

Addition.txt FRST.txt

23 июля, 2021

Здравствуйте!

Примите к сведению - после выполнения скрипта все открытые вкладки браузеров будут закрыты, произойдет выход из аккаунтов, временные файлы, куки и кэш будут очищены.

Отключите до перезагрузки антивирус.

Выделите следующий код:

Start::
SystemRestore: On
CreateRestorePoint:
() [Файл не подписан] [Файл уже используется] C:\Windows\System32\ixobqpfvkxlhsoewu.exe
() [Файл не подписан] C:\Users\212\AppData\Local\Temp\ehmnq.exe <2>
HKLM\...\Run: [rundll] => C:\Windows\system32\wscript.exe C:\ProgramData\indus\start.vbs
HKLM\...\Run: [tdpxhbmxhpyp] => C:\Windows\system32\exsjcfztmdvvkkeacvqha.exe [479232 2013-06-05] () [Файл не подписан] [Файл уже используется]
HKLM\...\Run: [rhznddulbpebnkbutj] => C:\Users\212\AppData\Local\Temp\phbrjlexpfwvjibwxpjz.exe [479232 2013-06-05] () [Файл не подписан] [Файл уже используется] <==== ВНИМАНИЕ
HKLM\...\RunOnce: [sdqzkfrdoxhzg] => C:\Windows\system32\rhznddulbpebnkbutj.exe . [479232 2013-06-05] () [Файл не подписан] [Файл уже используется]
HKLM\...\RunOnce: [ixobqpfvkxlhsoewu] => C:\Users\212\AppData\Local\Temp\bpfrfdshvhupzuja.exe . [479232 2013-06-05] () [Файл не подписан] [Файл уже используется] <==== ВНИМАНИЕ
HKLM\...\Policies\Explorer\Run: [tftdplylxhsltm] => C:\Windows\system32\phbrjlexpfwvjibwxpjz.exe [479232 2013-06-05] () [Файл не подписан] [Файл уже используется]
HKLM\...\Policies\Explorer\Run: [wfqxgzjtcjr] => C:\Users\212\AppData\Local\Temp\bpfrfdshvhupzuja.exe [479232 2013-06-05] () [Файл не подписан] [Файл уже используется]
HKU\S-1-5-21-3310099979-550825954-3226161661-1000\...\Run: [wjyjwthvitfzicq] => C:\Windows\system32\exsjcfztmdvvkkeacvqha.exe [479232 2013-06-05] () [Файл не подписан] [Файл уже используется]
HKU\S-1-5-21-3310099979-550825954-3226161661-1000\...\Run: [tdpxhbmxhpyp] => C:\Users\212\AppData\Local\Temp\ctmbstldujzxkiauule.exe [479232 2013-06-05] () [Файл не подписан] [Файл уже используется] <==== ВНИМАНИЕ
HKU\S-1-5-21-3310099979-550825954-3226161661-1000\...\RunOnce: [sdqzkfrdoxhzg] => C:\Users\212\AppData\Local\Temp\ctmbstldujzxkiauule.exe . [479232 2013-06-05] () [Файл не подписан] [Файл уже используется] <==== ВНИМАНИЕ
HKU\S-1-5-21-3310099979-550825954-3226161661-1000\...\RunOnce: [bpfrfdshvhupzuja] => C:\Windows\system32\ixobqpfvkxlhsoewu.exe . [479232 2013-06-05] () [Файл не подписан] [Файл уже используется]
HKU\S-1-5-21-3310099979-550825954-3226161661-1000\...\Policies\system: [DisableRegistryTools] 1
HKU\S-1-5-21-3310099979-550825954-3226161661-1000\...\MountPoints2: F - F:\AutoRun.exe
HKU\S-1-5-21-3310099979-550825954-3226161661-1000\...\MountPoints2: G - G:\AutoRun.exe
HKU\S-1-5-21-3310099979-550825954-3226161661-1000\...\MountPoints2: H - H:\AutoRun.exe
HKU\S-1-5-21-3310099979-550825954-3226161661-1000\...\MountPoints2: {0aa0c89b-2feb-11e3-8bed-00e052f81026} - F:\Install.exe
HKU\S-1-5-21-3310099979-550825954-3226161661-1000\...\MountPoints2: {0aa0c8b4-2feb-11e3-8bed-00e052f81026} - F:\Install.exe
HKU\S-1-5-21-3310099979-550825954-3226161661-1000\...\MountPoints2: {0f5a7429-4ab0-11e3-9488-00e052f81026} - F:\Install.exe
HKU\S-1-5-21-3310099979-550825954-3226161661-1000\...\MountPoints2: {0fd7bda6-345b-11e6-91da-00e052f81026} - F:\setup.exe
HKU\S-1-5-21-3310099979-550825954-3226161661-1000\...\MountPoints2: {12b1bb48-0e31-11e8-ae00-00e052f81026} - F:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-3310099979-550825954-3226161661-1000\...\MountPoints2: {2c9fa2f9-3a18-11e3-9124-00e052f81026} - F:\Install.exe
HKU\S-1-5-21-3310099979-550825954-3226161661-1000\...\MountPoints2: {2efff389-b3e4-11e3-9322-00e052f81026} - F:\AutoRun.exe
HKU\S-1-5-21-3310099979-550825954-3226161661-1000\...\MountPoints2: {2efff3c9-b3e4-11e3-9322-00e052f81026} - G:\AutoRun.exe
HKU\S-1-5-21-3310099979-550825954-3226161661-1000\...\MountPoints2: {44f13fda-0280-11e4-8f6c-00e052f81026} - F:\AutoRun.exe
HKU\S-1-5-21-3310099979-550825954-3226161661-1000\...\MountPoints2: {5ccbbafc-d81f-11e3-b0b7-00e052f81026} - F:\AutoRun.exe
HKU\S-1-5-21-3310099979-550825954-3226161661-1000\...\MountPoints2: {6031c141-37bb-11e3-b188-00e052f81026} - F:\Install.exe
HKU\S-1-5-21-3310099979-550825954-3226161661-1000\...\MountPoints2: {61232ce8-ac49-11e3-9702-00e052f81026} - F:\Install.exe
HKU\S-1-5-21-3310099979-550825954-3226161661-1000\...\MountPoints2: {832a28f5-469d-11eb-a9f4-00e052f81026} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3310099979-550825954-3226161661-1000\...\MountPoints2: {8729e626-323b-11e3-b25d-00e052f81026} - F:\Install.exe
HKU\S-1-5-21-3310099979-550825954-3226161661-1000\...\MountPoints2: {aaab2248-4b60-11e3-b7e2-00e052f81026} - G:\Install.exe
HKU\S-1-5-21-3310099979-550825954-3226161661-1000\...\MountPoints2: {bc27f7c1-4a96-11e3-9803-00e052f81026} - F:\Install.exe
HKU\S-1-5-21-3310099979-550825954-3226161661-1000\...\MountPoints2: {bf485db0-3391-11e6-95e3-00e052f81026} - H:\AutoRun.exe
HKU\S-1-5-21-3310099979-550825954-3226161661-1000\...\MountPoints2: {dbd5fedb-0349-11e4-8ff7-00e052f81026} - H:\AutoRun.exe
Policies: C:\ProgramData\NTUSER.pol: Ограничение <==== ВНИМАНИЕ
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Ограничение <==== ВНИМАНИЕ
U1 aswbdisk; отсутствует ImagePath
2021-07-06 11:54 - 2021-07-22 16:58 - 000000260 ____H C:\Windows\ehmnqdhloprbakougjopsfjnqrt.cmq
2021-07-06 11:54 - 2021-07-22 16:58 - 000000260 ____H C:\Users\212\AppData\Local\ehmnqdhloprbakougjopsfjnqrt.cmq
2021-07-06 11:54 - 2021-07-22 16:58 - 000000260 ____H C:\Program Files\ehmnqdhloprbakougjopsfjnqrt.cmq
2021-07-06 11:54 - 2021-07-22 16:57 - 000000260 ____H C:\Windows\system32\ehmnqdhloprbakougjopsfjnqrt.cmq
2021-07-06 11:54 - 2021-07-06 11:54 - 000004008 ____H C:\Windows\system32\bpfrfdshvhupzujaxlbnbzodrdqlvqfwthxjxv.znz
2021-07-06 11:54 - 2021-07-06 11:54 - 000004008 ____H C:\Windows\bpfrfdshvhupzujaxlbnbzodrdqlvqfwthxjxv.znz
2021-07-06 11:54 - 2021-07-06 11:54 - 000004008 ____H C:\Users\212\AppData\Local\bpfrfdshvhupzujaxlbnbzodrdqlvqfwthxjxv.znz
2021-07-06 11:54 - 2021-07-06 11:54 - 000004008 ____H C:\Program Files\bpfrfdshvhupzujaxlbnbzodrdqlvqfwthxjxv.znz
2021-07-06 11:54 - 2013-06-05 17:18 - 000479232 __RSH C:\Windows\vpldxbwrldwxnojgjdzrlp.exe
2021-07-06 11:54 - 2013-06-05 17:18 - 000479232 __RSH C:\Windows\system32\vpldxbwrldwxnojgjdzrlp.exe
2021-07-06 11:54 - 2013-06-05 17:18 - 000479232 __RSH C:\Windows\system32\rhznddulbpebnkbutj.exe
2021-07-06 11:54 - 2013-06-05 17:18 - 000479232 __RSH C:\Windows\system32\phbrjlexpfwvjibwxpjz.exe
2021-07-06 11:54 - 2013-06-05 17:18 - 000479232 __RSH C:\Windows\system32\ixobqpfvkxlhsoewu.exe
2021-07-06 11:54 - 2013-06-05 17:18 - 000479232 __RSH C:\Windows\system32\exsjcfztmdvvkkeacvqha.exe
2021-07-06 11:54 - 2013-06-05 17:18 - 000479232 __RSH C:\Windows\system32\ctmbstldujzxkiauule.exe
2021-07-06 11:54 - 2013-06-05 17:18 - 000479232 __RSH C:\Windows\system32\bpfrfdshvhupzuja.exe
2021-07-06 11:54 - 2013-06-05 17:18 - 000479232 __RSH C:\Windows\rhznddulbpebnkbutj.exe
2021-07-06 11:54 - 2013-06-05 17:18 - 000479232 __RSH C:\Windows\phbrjlexpfwvjibwxpjz.exe
2021-07-06 11:54 - 2013-06-05 17:18 - 000479232 __RSH C:\Windows\ixobqpfvkxlhsoewu.exe
2021-07-06 11:54 - 2013-06-05 17:18 - 000479232 __RSH C:\Windows\exsjcfztmdvvkkeacvqha.exe
2021-07-06 11:54 - 2013-06-05 17:18 - 000479232 __RSH C:\Windows\ctmbstldujzxkiauule.exe
2021-07-06 11:54 - 2013-06-05 17:18 - 000479232 __RSH C:\Windows\bpfrfdshvhupzuja.exe
FCheck: C:\Windows\ainst.exe [2018-09-29] <==== ВНИМАНИЕ (нулевой байт Файл/Папка)
FCheck: C:\Windows\inst.exe [2018-10-30] <==== ВНИМАНИЕ (нулевой байт Файл/Папка)
FCheck: C:\Windows\system32\ise_installer_temp.exe [2017-03-04] <==== ВНИМАНИЕ (нулевой байт Файл/Папка)
AlternateDataStreams: C:\Windows\system32\FlashPlayerInstaller.exe:$CmdTcID [64]
AlternateDataStreams: C:\Windows\ucrtbase.dll:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\massfilter.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\ZTEusbmdm6k.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\ZTEusbnmea.sys:$CmdTcID [64]
AlternateDataStreams: C:\Windows\system32\Drivers\ZTEusbser6k.sys:$CmdTcID [64]
AlternateDataStreams: C:\Users\212\Downloads\delivery terms.xls:$CmdZnID [26]
AlternateDataStreams: C:\Users\212\Downloads\wav-library.net_-_Zvuk_pozharnoj_signalizacii_(iPlayer.fm).mp3:$CmdZnID [26]
AlternateDataStreams: C:\Users\212\Downloads\Акт о приемке.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\212\Downloads\акция оберег 1.doc:$CmdZnID [26]
AlternateDataStreams: C:\Users\212\Downloads\Арсенал фурнитура (1).xls:$CmdZnID [26]
AlternateDataStreams: C:\Users\212\Downloads\Арсенал фурнитура.xls:$CmdZnID [26]
AlternateDataStreams: C:\Users\212\Downloads\выпискапослстр.jpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\212\Downloads\Портал-Тула.xls:$CmdZnID [26]
AlternateDataStreams: C:\Users\212\Downloads\Триадорс 01.07.16.rar:$CmdZnID [26]
FirewallRules: [{87CE9BCB-9B1B-40A2-9C00-A26500F0251A}] => (Block) LPort=445
FirewallRules: [{2F930610-C638-4F37-8BAE-4BDFAC1C2589}] => (Block) LPort=445
FirewallRules: [{0A4DBC23-661A-4A4E-8E54-2D8D08FBA875}] => (Block) LPort=445
FirewallRules: [{D2B05ACB-E85E-4336-BE93-D6298B572BB3}] => (Block) LPort=445
FirewallRules: [{C8E8AF0C-121E-4269-9781-718C9760A8FE}] => (Block) LPort=445
FirewallRules: [{51D40927-A298-48C6-A792-7A23A0E00091}] => (Block) LPort=445
FirewallRules: [{22B07C19-18FB-42EA-8413-18421DE7F8CC}] => (Block) LPort=445
FirewallRules: [{8E0A0000-BF0F-4288-A2C6-4F839F2962F3}] => (Block) LPort=445
FirewallRules: [{8E233BA0-72D9-4D0E-B225-A5D0E4C34DEB}] => (Block) LPort=445
FirewallRules: [{40E5E9FE-75C9-4B36-B511-2D87529D0378}] => (Block) LPort=445
FirewallRules: [{667EB996-F188-4ECB-A837-FDA27C293499}] => (Block) LPort=445
FirewallRules: [{A53B9339-D363-4026-8713-32808EFE7927}] => (Block) LPort=445
FirewallRules: [{2FD8BD5F-4E48-4F2E-8C11-E85D90C2AA7F}] => (Block) LPort=445
FirewallRules: [{141D6197-AD5E-4F58-9304-CD2C147F3179}] => (Block) LPort=445
FirewallRules: [{3BA5AD65-BA84-462A-91EB-166A8E80119A}] => (Block) LPort=445
FirewallRules: [{6C58F5DC-0496-4C33-BEA0-4618A6753734}] => (Block) LPort=445
FirewallRules: [{865D3C3B-8532-45FE-9F36-0DB92680EA0F}] => (Block) LPort=445
FirewallRules: [{479929B8-6098-4088-B93B-4D6421CD1389}] => (Block) LPort=445
FirewallRules: [{91FE2470-24D5-450E-B6A9-8963B49839D5}] => (Block) LPort=445
FirewallRules: [{55C395AD-AFC4-4285-8A5D-F35FFB2459C4}] => (Block) LPort=445
FirewallRules: [{8670FF94-35F9-4966-B273-0583CAE35EFF}] => (Block) LPort=445
FirewallRules: [{CBF849AF-F8C8-40F5-B8B3-60D775CC3DBE}] => (Block) LPort=445
FirewallRules: [{00F690CD-3251-4299-83E7-1C25BB3F2925}] => (Block) LPort=445
FirewallRules: [{0E6C0F90-7928-4B12-B8F5-01A6BE4814F3}] => (Block) LPort=445
FirewallRules: [{715EF3B2-1341-49F1-A319-7D84A5FD04C1}] => (Block) LPort=445
FirewallRules: [{71C6D3B0-5839-4EAC-9472-23E6F1ECE622}] => (Block) LPort=445
FirewallRules: [{B0B2AC6C-0A8E-41DB-99F6-70B0B86D2572}] => (Block) LPort=445
FirewallRules: [{3A275EAD-58E2-4490-988C-B25F8017B6B9}] => (Block) LPort=445
FirewallRules: [{6D7E3E72-246F-48C3-B601-935B05A99CC4}] => (Block) LPort=445
FirewallRules: [{9CE52106-F8A8-42D1-80EC-54F285D991E3}] => (Block) LPort=445
FirewallRules: [{ECE3EFA1-9D0F-4AAF-A43D-966B39968AAE}] => (Block) LPort=445
FirewallRules: [{59A5895F-5A78-4F8C-826E-8F094314A1FC}] => (Block) LPort=445
FirewallRules: [{82A78C11-CC46-4149-B72F-7E692968EFC1}] => (Block) LPort=445
FirewallRules: [{109E44B8-B8E7-45C3-AA21-69CE5E5210DA}] => (Block) LPort=445
FirewallRules: [{2E666D1B-3802-417D-A1B4-26F24F2CA7A6}] => (Block) LPort=445
FirewallRules: [{39212F99-4535-4AC5-B895-24E5375D999A}] => (Block) LPort=445
FirewallRules: [{8635D240-F829-47B5-8199-190F1B09A83D}] => (Block) LPort=445
FirewallRules: [{68727C28-89C3-42DC-8EB3-B6539D6AA378}] => (Block) LPort=445
FirewallRules: [{ED4FB413-B90E-4A87-895F-E0EB6E9645D2}] => (Block) LPort=445
FirewallRules: [{400BAB4C-7571-4BD2-B448-CA593DC9CCA4}] => (Block) LPort=445
FirewallRules: [{D804C996-FF8B-44A2-99A0-407EE00B40C8}] => (Block) LPort=445
FirewallRules: [{8D891F6F-BC15-4064-9B58-D4B0E7DA243F}] => (Block) LPort=445
FirewallRules: [{81A84E92-7ABB-4298-A472-2ADB4AB9A827}] => (Block) LPort=445
FirewallRules: [{4E0DBB1E-2EE6-4F70-B4F7-5EA5FCE98543}] => (Block) LPort=445
FirewallRules: [{7C925C1A-EC81-4730-A12D-452165659B18}] => (Block) LPort=445
FirewallRules: [{D78010DE-BDBC-4B56-B5A6-610AF5DE0027}] => (Block) LPort=445
FirewallRules: [{934AA1CF-413E-49BF-ADC6-40C92C85E6B7}] => (Block) LPort=445
FirewallRules: [{28CAA3B3-E9F2-40F8-BB67-DE441E6109BC}] => (Block) LPort=445
FirewallRules: [{4DB3FD23-57AE-4BFE-96A0-FE92940F1D55}] => (Block) LPort=445
FirewallRules: [{8FDB96C8-8CDF-4B71-891D-F74A23BA4680}] => (Block) LPort=445
FirewallRules: [{99F46BF0-2E63-4BF9-95DE-F5C435EACC3C}] => (Block) LPort=445
FirewallRules: [{C9623DCD-7B14-42FF-B527-E99F5625C66D}] => (Block) LPort=445
FirewallRules: [{917F86BF-D8EB-4B12-8DD9-F897AE2A96CB}] => (Block) LPort=445
FirewallRules: [{F31A0FCA-1A25-429A-A378-FE48FB7EFD46}] => (Block) LPort=445
FirewallRules: [{3BEFCB98-2E7C-4EEB-A425-C7E5D584B3ED}] => (Block) LPort=445
FirewallRules: [{2C836319-6B59-4A41-93D1-D19D6B15896A}] => (Block) LPort=445
FirewallRules: [{1376022D-E3CB-4E72-875C-D7B07ADE9FE5}] => (Block) LPort=445
FirewallRules: [{6BDED583-59D7-4062-916F-459EA77D2D91}] => (Block) LPort=445
FirewallRules: [{514923A6-1984-4C32-88C1-85B8366E1FB8}] => (Block) LPort=445
FirewallRules: [{3EFF9FAE-207D-4845-8007-AF34F1BD723C}] => (Block) LPort=445
FirewallRules: [{C9D6E17D-8F1E-4A28-95E7-530F7E6D974E}] => (Block) LPort=445
FirewallRules: [{7BA54C11-0B3C-43F2-A13B-C37F37BDB6F3}] => (Block) LPort=445
FirewallRules: [{34F3BCBF-FC1C-4BB0-9C22-BA29E91CAA68}] => (Block) LPort=445
FirewallRules: [{DC3328F0-CAFA-4591-86F7-56D4618D21BF}] => (Block) LPort=445
FirewallRules: [{3DC8F7A9-80D5-4A55-9875-27AADAD56046}] => (Block) LPort=445
FirewallRules: [{5572ECCE-481F-4C45-B175-AFA3EA57CB50}] => (Block) LPort=445
FirewallRules: [{C7E91EB3-A06F-49F4-949C-73CC036BC734}] => (Block) LPort=445
FirewallRules: [{886A2194-A3A9-4EF3-A5D1-7BA9DF8970C7}] => (Block) LPort=445
FirewallRules: [{5DF2BB85-63DD-47BA-AD8A-B3BB6AACCFAF}] => (Block) LPort=445
FirewallRules: [{950A5915-986F-4CA2-A6BF-F0A8B09946D4}] => (Block) LPort=445
FirewallRules: [{C49D0F2A-D19C-4151-8887-D3A90936F926}] => (Block) LPort=445
FirewallRules: [{FE1AA214-AF94-4961-921B-0BB1905D3049}] => (Block) LPort=445
FirewallRules: [{49BAB040-F41B-4BDE-B04B-AF62FE11D05C}] => (Block) LPort=445
FirewallRules: [{1C8B1D0D-1D23-4285-A4D7-E4EDDF235048}] => (Block) LPort=445
FirewallRules: [{BF46DF38-50FD-47C9-B37B-ACA23C905EF4}] => (Block) LPort=445
FirewallRules: [{BB49269C-CC90-4F09-994E-8117C5BA7AFF}] => (Block) LPort=445
FirewallRules: [{5254043D-61F1-44AA-8FAF-63C7D7DFF263}] => (Block) LPort=445
FirewallRules: [{3965D23E-8185-409A-8D54-60E235ED327C}] => (Block) LPort=445
FirewallRules: [{1D1FCC2E-F5A1-4BAF-A54D-9D631018C6B0}] => (Block) LPort=445
FirewallRules: [{57F97DC2-4AC0-48D3-B3FC-FFBB655EB8AF}] => (Block) LPort=445
FirewallRules: [{11B4E415-0600-4EE2-A603-C0DAF767F72F}] => (Block) LPort=445
FirewallRules: [{0B5EC3DF-7A30-4951-889B-D4B7F5BD096E}] => (Block) LPort=445
FirewallRules: [{EB43D4D6-8C61-4695-B410-3142C1B2C190}] => (Block) LPort=445
FirewallRules: [{CEC507DE-6009-4CE4-8978-0BC03AABFF35}] => (Block) LPort=445
FirewallRules: [{F6507CB2-79B1-448B-81A4-FA3EAD35F749}] => (Block) LPort=445
FirewallRules: [{4A979D69-4938-4AE7-889B-58BC291268B7}] => (Block) LPort=445
FirewallRules: [{A1DBE854-D3B7-40BC-9F74-4402C0761439}] => (Block) LPort=445
FirewallRules: [{59C17447-1F24-445A-9615-88E1091862C9}] => (Block) LPort=445
FirewallRules: [{6FFBBA1B-77CD-430D-93C5-5280B6A60D5A}] => (Block) LPort=445
FirewallRules: [{F59031CA-2429-4B74-9596-B2A07632A777}] => (Block) LPort=445
FirewallRules: [{27BFD035-A6DA-4FBA-8408-13EBB6E4881D}] => (Block) LPort=445
FirewallRules: [{90D1B8E4-D713-438F-A774-60B4C86F43DD}] => (Block) LPort=445
FirewallRules: [{65D11190-BD06-430C-B048-D91B1B08A8C4}] => (Block) LPort=445
FirewallRules: [{0B8D83BB-3E9E-4059-AE4A-CC5EA713C90E}] => (Block) LPort=445
FirewallRules: [{CFC71C1C-6F8A-4114-8B04-ED0D8B94C266}] => (Block) LPort=445
FirewallRules: [{C2EB6E9B-71E3-42D3-A610-6B1522C802D3}] => (Block) LPort=445
FirewallRules: [{8E9C2844-616C-4BF3-9658-78DACA0B9763}] => (Block) LPort=445
FirewallRules: [{84A4A53E-415A-49AC-8C66-8EFDE9B3EF50}] => (Block) LPort=445
FirewallRules: [{6347A14C-1648-4064-94CF-84492407E6E2}] => (Block) LPort=445
FirewallRules: [{77B0CB21-226A-4C24-AF47-2FC3E8EF7315}] => (Block) LPort=445
FirewallRules: [{F87C38DB-2725-4728-ACF7-0DBBD30A7952}] => (Block) LPort=445
FirewallRules: [{7A659CFE-B257-495D-8DDE-2ABCBABF550E}] => (Block) LPort=445
FirewallRules: [{91D40710-D5D8-47F6-9F5E-0795CABCFDEC}] => (Block) LPort=445
FirewallRules: [{DE1314B0-DEE7-429D-9E0C-A9C253752452}] => (Block) LPort=445
FirewallRules: [{579A5C57-73DB-4037-ABAC-0B8926B447E4}] => (Block) LPort=445
FirewallRules: [{9491BB04-6170-4431-97B3-92414E176FAC}] => (Block) LPort=445
FirewallRules: [{9A72CEE8-316D-4501-A380-A8F1A3866968}] => (Block) LPort=445
FirewallRules: [{5571E5B8-E335-4F2D-A30F-B73D4D67B2B6}] => (Block) LPort=445
FirewallRules: [{6DCFBB25-2B8F-44ED-B2C1-B1F475846278}] => (Block) LPort=445
FirewallRules: [{7ACFC222-858D-4764-B97E-A13445FB34C3}] => (Block) LPort=445
FirewallRules: [{74D9E806-8DFA-4818-A471-2CE73D13E434}] => (Block) LPort=445
FirewallRules: [{E4A09493-AC68-4E57-9975-A243BBB477EC}] => (Block) LPort=445
FirewallRules: [{7B227482-D1B7-4183-B174-50C6E3C0D20A}] => (Block) LPort=445
FirewallRules: [{0322BB7C-6CDE-41C2-B41D-8EB9A502BB27}] => (Block) LPort=445
FirewallRules: [{6FB7BAAB-58B0-409D-882B-3712EFFDD09B}] => (Block) LPort=445
FirewallRules: [{65121DA4-C1F8-4D8D-9E3C-8C0D808B8102}] => (Block) LPort=445
FirewallRules: [{5F2574A3-604C-4516-969C-C7879675D618}] => (Block) LPort=445
FirewallRules: [{B862E8A8-5871-4BAF-8E1B-9DC5510ABD30}] => (Block) LPort=445
FirewallRules: [{33F0F692-433D-43E1-A6FC-8C1323BC230F}] => (Block) LPort=445
FirewallRules: [{5B61F089-087C-4D6C-815C-E7ED767F3B81}] => (Block) LPort=445
FirewallRules: [{B1495E48-6335-4608-8714-91E218098920}] => (Block) LPort=445
FirewallRules: [{67C11D4B-DAC3-43C1-85FB-60096860D09F}] => (Block) LPort=445
FirewallRules: [{26E298CB-F88B-4A4E-AE7E-FFD3D8E7FF21}] => (Block) LPort=445
FirewallRules: [{DCEC2952-178D-4733-9969-035F6453646D}] => (Block) LPort=445
FirewallRules: [{81956EA4-B1E5-4C7F-AAB6-22ACCF891996}] => (Block) LPort=445
FirewallRules: [{62C45FA5-1999-4869-B262-550678D9C9EC}] => (Block) LPort=445
FirewallRules: [{6FB7FE4D-4DF5-471D-A716-01A7093395B9}] => (Block) LPort=445
FirewallRules: [{1ED2B8C3-3C2D-40BF-A557-70F331A76F1B}] => (Block) LPort=445
FirewallRules: [{3D62B39D-F864-4518-B250-2D0C65B8F289}] => (Block) LPort=445
FirewallRules: [{BA80CBF9-EF95-4F03-84FF-EC20001B046B}] => (Block) LPort=445
FirewallRules: [{5075B3AB-20DF-400D-8137-D05B06461023}] => (Block) LPort=445
FirewallRules: [{368622B3-F39A-481E-9590-E4E72C31AA72}] => (Block) LPort=445
FirewallRules: [{1A1CE6F5-E5FB-4192-A113-A0787BB87279}] => (Block) LPort=445
FirewallRules: [{9CAF6D29-3479-45C7-9A52-3DA4A913744E}] => (Block) LPort=445
FirewallRules: [{B3456D80-009D-482D-B975-6874B47EB714}] => (Block) LPort=445
FirewallRules: [{06E55EF1-35C9-419F-8C8C-2DFECAE3BC18}] => (Block) LPort=445
FirewallRules: [{C1F7A39D-F5E4-415D-8DFA-FC64F87D6DB7}] => (Block) LPort=445
FirewallRules: [{704A8D4D-E259-4952-AF20-1C056168A55A}] => (Block) LPort=445
FirewallRules: [{E26A4E4C-749B-4F97-9A86-E810647C5A94}] => (Block) LPort=445
FirewallRules: [{DD93FC5B-21BE-4C95-BEDF-A2C3B2513DD1}] => (Block) LPort=445
FirewallRules: [{22C08ECB-6AE0-486C-8588-F4F37AC5B3CE}] => (Block) LPort=445
FirewallRules: [{5317B1D2-D9EC-4C1D-B4E3-779AE3D1BAE4}] => (Block) LPort=445
FirewallRules: [{C8756509-C085-471E-A884-7D409B69F5F1}] => (Block) LPort=445
FirewallRules: [{979215F4-DCE2-4B09-BB41-E6D278EED540}] => (Block) LPort=445
FirewallRules: [{9D099960-6C81-4E09-854D-A508839185B6}] => (Block) LPort=445
FirewallRules: [{33963B1C-4AD3-4B3A-B53B-8297E91A41FE}] => (Block) LPort=445
FirewallRules: [{372829DF-8D0B-4083-B5A0-ECC45E42FD70}] => (Block) LPort=445
FirewallRules: [{841422F2-D1CE-441C-B525-EF104E33F4FA}] => (Block) LPort=445
FirewallRules: [{28646493-D820-4258-8DB8-998BD5F2B47E}] => (Block) LPort=445
FirewallRules: [{21683F5D-BF69-4C55-8598-47AA0898C6BA}] => (Block) LPort=445
FirewallRules: [{62D9F9B4-D10E-42E5-A109-628841FAC0E6}] => (Block) LPort=445
FirewallRules: [{42378F42-B553-40D7-91FF-663D15683546}] => (Block) LPort=445
FirewallRules: [{4848D775-BDD2-492A-B0B1-1A49BB62E95B}] => (Block) LPort=445
FirewallRules: [{E1345DF7-ADC6-456A-B456-32DCA6ADBAED}] => (Block) LPort=445
FirewallRules: [{2D1ED0B4-F693-4742-947A-B61A24483252}] => (Block) LPort=445
FirewallRules: [{45C4D20A-C531-4055-9841-C342FC78B1E6}] => (Block) LPort=445
FirewallRules: [{16CB49E8-A08C-4AE5-862E-82117C2D21F5}] => (Block) LPort=445
FirewallRules: [{B5FB54E1-9CE0-4650-A726-61762109D924}] => (Block) LPort=445
FirewallRules: [{52DD96AE-4895-4915-B8B6-9C3C62E9A378}] => (Block) LPort=445
FirewallRules: [{55F50163-CA7D-43CF-8900-1D0D1548A047}] => (Block) LPort=445
FirewallRules: [{FC427173-52BA-4E1D-87AD-209F45359CCC}] => (Block) LPort=445
FirewallRules: [{827DDCAB-9D7D-4DD5-946A-C7704AF92663}] => (Block) LPort=445
FirewallRules: [{A7EFAB89-4449-4781-ACD3-E8913091E0E8}] => (Block) LPort=445
FirewallRules: [{7605B6EA-5942-459A-B1DC-1F4DDF7901BD}] => (Block) LPort=445
FirewallRules: [{DEB55091-21EF-4F86-A01E-E47D1526B05F}] => (Block) LPort=445
FirewallRules: [{58AAAE13-EAC5-473F-89EC-4C98DC5821E3}] => (Block) LPort=445
FirewallRules: [{C7FD3758-75DD-44C8-A123-F6EA983674E2}] => (Block) LPort=445
FirewallRules: [{7B7FEC23-F7C5-4F16-84EE-D995EA45DB46}] => (Block) LPort=445
FirewallRules: [{4485A457-9ADC-4C13-B9F9-9C5FB47274FF}] => (Block) LPort=445
FirewallRules: [{E1DC9BEB-49D3-4E71-AA98-AFC5F48F12F6}] => (Block) LPort=445
FirewallRules: [{91F25515-7FE4-47AC-8866-74694C75B73C}] => (Block) LPort=445
FirewallRules: [{DD71DA39-0EBD-47D3-9062-FBD34CBBDC52}] => (Block) LPort=445
FirewallRules: [{65B4B170-19DE-4485-8F3B-8A668C912747}] => (Block) LPort=445
FirewallRules: [{C619401E-255A-4E8C-AAE4-88AAAC72BD72}] => (Block) LPort=445
FirewallRules: [{FEC84318-DEA2-4BDE-8AE5-199F03B4BE9A}] => (Block) LPort=445
FirewallRules: [{FE12C29D-6E50-43FD-9133-77BE105950DF}] => (Block) LPort=445
FirewallRules: [{403F8305-4FDC-46B3-8730-D5F9A66106C9}] => (Block) LPort=445
FirewallRules: [{952353FC-2419-4718-80AB-8A138183E602}] => (Block) LPort=445
FirewallRules: [{179B6B96-4612-4ED1-B41E-B279868FD095}] => (Block) LPort=445
FirewallRules: [{F5C99C6B-29DC-4495-8B01-10C618BBB6F9}] => (Block) LPort=445
FirewallRules: [{177162CF-44AA-43BC-BA0C-227047A3B22D}] => (Block) LPort=445
FirewallRules: [{72D68C68-A496-4F16-81BB-B9322DA9D9F5}] => (Block) LPort=445
FirewallRules: [{4960A15E-2977-4AE7-9E10-A8B5335C2F41}] => (Block) LPort=445
FirewallRules: [{DB3BA210-5C50-499B-AF53-F816A8A8EB37}] => (Block) LPort=445
FirewallRules: [{217D935A-05E9-42B1-AEF8-F052F04B0081}] => (Block) LPort=445
FirewallRules: [{553217D0-9CC4-4C2E-9753-BDD88289817D}] => (Block) LPort=445
FirewallRules: [{F81B09A6-C43B-4854-89ED-CC67BD548785}] => (Block) LPort=445
FirewallRules: [{7E2E6B43-3142-4CF3-A5F5-4B4DA3A6DB19}] => (Block) LPort=445
FirewallRules: [{77DF2A7B-5355-450F-8680-0A7367E67080}] => (Block) LPort=445
FirewallRules: [{68C3FB8F-8949-427C-8A1E-D24F827C744A}] => (Block) LPort=445
FirewallRules: [{768BF805-0E0E-4101-B136-0A06C4DFBF23}] => (Block) LPort=445
FirewallRules: [{82C371D4-0ED8-4792-BA46-49B9DC106FAC}] => (Block) LPort=445
FirewallRules: [{9E92328B-17C7-422C-B22C-EF447CFF6C9E}] => (Block) LPort=445
FirewallRules: [{13BD4DCE-AF8C-41A6-A433-8EB2E8070BF0}] => (Block) LPort=445
FirewallRules: [{44C40D4C-EAC9-4E22-9D70-9B2FB3D20EC2}] => (Block) LPort=445
FirewallRules: [{9526F755-A246-499E-BB66-6BE454A3E732}] => (Block) LPort=445
FirewallRules: [{9B51503E-8774-451D-ADF0-A69A9A7ED811}] => (Block) LPort=445
FirewallRules: [{D08B0AD3-283C-45B9-BF69-D9DB1BCC935E}] => (Block) LPort=445
FirewallRules: [{C2ED0F17-3484-42A6-9D90-7D44EA43FC50}] => (Block) LPort=445
FirewallRules: [{C7EC814C-03B0-4B32-B5FF-42E21D731969}] => (Block) LPort=445
FirewallRules: [{60EAD249-0CD2-4147-BFC1-F732FC77E9C6}] => (Block) LPort=445
FirewallRules: [{C0BF8466-3F2F-4374-BF97-BBBABC5B5514}] => (Block) LPort=445
FirewallRules: [{785C6A25-098E-4E76-AA5F-FB79DD409F3E}] => (Block) LPort=445
FirewallRules: [{F3782AE9-312A-455B-8121-66D9B02A506F}] => (Block) LPort=445
FirewallRules: [{F14E8F90-D707-4EA7-BC46-FE1D3557374E}] => (Block) LPort=445
FirewallRules: [{DFFC61CC-928E-42A5-8FD6-89BD402E50D8}] => (Block) LPort=445
FirewallRules: [{F241AF43-57A9-4AFE-A75B-94412921B870}] => (Block) LPort=445
FirewallRules: [{5160DF0E-190D-4914-B4D7-598CA0666D0D}] => (Block) LPort=445
FirewallRules: [{66E77C60-BC78-43EE-ADE9-1EAABC4FFB41}] => (Block) LPort=445
FirewallRules: [{ABE30355-6BB9-4102-8930-369FD684AFC2}] => (Block) LPort=445
FirewallRules: [{4C4A5FD9-822E-4DCC-97D8-1822A54C2401}] => (Block) LPort=445
FirewallRules: [{FEC85485-B302-45D5-B85C-8075E941FE75}] => (Block) LPort=445
FirewallRules: [{F51B2AD5-5296-4523-9BB9-645A1955B52F}] => (Block) LPort=445
FirewallRules: [{331BD775-3473-4BEB-B3B1-AB7D59EDC6EA}] => (Block) LPort=445
FirewallRules: [{28473D4A-B048-4720-9D80-ED0724556421}] => (Block) LPort=445
FirewallRules: [{1E3E2860-7653-439E-ADD5-284830A9A874}] => (Block) LPort=445
FirewallRules: [{36A17B72-FC3B-4A21-8472-8E148A4E0100}] => (Block) LPort=445
FirewallRules: [{29AB938B-4DFF-41C3-B9D2-1069751899E2}] => (Block) LPort=445
FirewallRules: [{0D5CFD48-17B9-4E35-85DD-3775BCF35206}] => (Block) LPort=445
FirewallRules: [{55F75448-DD5A-4978-BFB0-52CD0811A270}] => (Block) LPort=445
FirewallRules: [{111FBF85-13EE-4C25-AF5D-E6C419C8228F}] => (Block) LPort=445
FirewallRules: [{BF421969-B5A5-42A2-B200-B2C2BFC9AA47}] => (Block) LPort=445
FirewallRules: [{1C4D9671-DED5-4AE4-930D-108060351DCD}] => (Block) LPort=445
FirewallRules: [{645FEE67-6D5F-47DD-9CEA-91044F20A726}] => (Block) LPort=445
EmptyTemp:
Reboot:
End::

Скопируйте выделенный текст (правой кнопкой - Копировать).
Запустите FRST (FRST64) от имени администратора.
Нажмите Fix и подождите. Программа создаст лог-файл (Fixlog.txt). Прикрепите его к своему следующему сообщению.

Компьютер будет перезагружен автоматически.

Подробнее читайте в этом руководстве.

Пробуйте собрать логи Автологером.

26 июля, 2021

Добрый вечер!

Автологгер запустился, но проблема пока не исчезла, вот запрошенные файлы.

CollectionLog-2021.07.26-19.06.zip fixlog.txt

26 июля, 2021

Цитата

Platform: x32 Windows 7 (Pro), 6.1.7600.0, Service Pack: 0 <=== Attention! (outdated SP)

Мало того, что Win7 уже больше года не поддерживается, так у вас еще и не установлен SP1 и все последующие критические обновления. Без их установки лечение бесполезно.

Пакет обновления 1 (SP1) для Windows 7 x32 и Windows Server 2008 R2 x32

26 июля, 2021

И все же для начала избавиться нужно от файлового вируса.

Пролечитесь так https://support.kaspersky.ru/krd18 (скачивать и записывать образ на диск нужно на другой, чистой от вирусов машине)

19 августа, 2021

26.07.2021 в 22:21, thyrex сказал:

И все же для начала избавиться нужно от файлового вируса.

Пролечитесь так https://support.kaspersky.ru/krd18 (скачивать и записывать образ на диск нужно на другой, чистой от вирусов машине)

Комп очень плохо воспринял обновление до последнего SP, поэтому долго не отвечал))) Но образ касперского помог! Спасибо большое!

19 августа, 2021

Соберите ещё раз CollectionLog с помощью Автологера.

Вирус не дает зайти в папки с антивирусом, закрывает браузер на поиске антивируса.

Рекомендуемые сообщения

Realito

Ссылка на комментарий

Поделиться на другие сайты

Sandor

Ссылка на комментарий

Поделиться на другие сайты

Realito

Ссылка на комментарий

Поделиться на другие сайты

Sandor

Ссылка на комментарий

Поделиться на другие сайты

thyrex

Ссылка на комментарий

Поделиться на другие сайты

Realito

Ссылка на комментарий

Поделиться на другие сайты

Sandor

Ссылка на комментарий

Поделиться на другие сайты

Пожалуйста, войдите, чтобы комментировать

Похожий контент

Обзор

Активность

Магазин

Поддержка

Kaspersky Support Forum