Вирус не дает зайти в папки с антивирусом, закрывает браузер на поиске антивируса.

[Realito]

Добрый день, схватил вирус, который в рандомное время закрывает файлы (Word, Excel) и не дает зайти в папки с установщиками антивирусов. Более того закрывается браузер при попытке скачивания или даже поиска антивирусных утилит. На компе установлен Malware, висит в трее, но окно не открывается, проверка тоже не стартует. Другие антивири не устанавливаются, Autologger тоже.

 

Нашёл решение тут: 

 Farbar Recovery Scan Tool запустилась спокойно (скачал на другом компе). Вот логи. Помогите, пожалуйста.

Addition.txt FRST.txt

[Sandor]

Здравствуйте!

 

Примите к сведению - после выполнения скрипта все открытые вкладки браузеров будут закрыты, произойдет выход из аккаунтов, временные файлы, куки и кэш будут очищены.

• Отключите до перезагрузки антивирус.
• Выделите следующий код:

  Start::
  SystemRestore: On
  CreateRestorePoint:
  () [Файл не подписан] [Файл уже используется] C:\Windows\System32\ixobqpfvkxlhsoewu.exe
  () [Файл не подписан] C:\Users\212\AppData\Local\Temp\ehmnq.exe <2>
  HKLM\...\Run: [rundll] => C:\Windows\system32\wscript.exe C:\ProgramData\indus\start.vbs
  HKLM\...\Run: [tdpxhbmxhpyp] => C:\Windows\system32\exsjcfztmdvvkkeacvqha.exe [479232 2013-06-05] () [Файл не подписан] [Файл уже используется]
  HKLM\...\Run: [rhznddulbpebnkbutj] => C:\Users\212\AppData\Local\Temp\phbrjlexpfwvjibwxpjz.exe [479232 2013-06-05] () [Файл не подписан] [Файл уже используется] <==== ВНИМАНИЕ
  HKLM\...\RunOnce: [sdqzkfrdoxhzg] => C:\Windows\system32\rhznddulbpebnkbutj.exe . [479232 2013-06-05] () [Файл не подписан] [Файл уже используется]
  HKLM\...\RunOnce: [ixobqpfvkxlhsoewu] => C:\Users\212\AppData\Local\Temp\bpfrfdshvhupzuja.exe . [479232 2013-06-05] () [Файл не подписан] [Файл уже используется] <==== ВНИМАНИЕ
  HKLM\...\Policies\Explorer\Run: [tftdplylxhsltm] => C:\Windows\system32\phbrjlexpfwvjibwxpjz.exe [479232 2013-06-05] () [Файл не подписан] [Файл уже используется]
  HKLM\...\Policies\Explorer\Run: [wfqxgzjtcjr] => C:\Users\212\AppData\Local\Temp\bpfrfdshvhupzuja.exe [479232 2013-06-05] () [Файл не подписан] [Файл уже используется]
  HKU\S-1-5-21-3310099979-550825954-3226161661-1000\...\Run: [wjyjwthvitfzicq] => C:\Windows\system32\exsjcfztmdvvkkeacvqha.exe [479232 2013-06-05] () [Файл не подписан] [Файл уже используется]
  HKU\S-1-5-21-3310099979-550825954-3226161661-1000\...\Run: [tdpxhbmxhpyp] => C:\Users\212\AppData\Local\Temp\ctmbstldujzxkiauule.exe [479232 2013-06-05] () [Файл не подписан] [Файл уже используется] <==== ВНИМАНИЕ
  HKU\S-1-5-21-3310099979-550825954-3226161661-1000\...\RunOnce: [sdqzkfrdoxhzg] => C:\Users\212\AppData\Local\Temp\ctmbstldujzxkiauule.exe . [479232 2013-06-05] () [Файл не подписан] [Файл уже используется] <==== ВНИМАНИЕ
  HKU\S-1-5-21-3310099979-550825954-3226161661-1000\...\RunOnce: [bpfrfdshvhupzuja] => C:\Windows\system32\ixobqpfvkxlhsoewu.exe . [479232 2013-06-05] () [Файл не подписан] [Файл уже используется]
  HKU\S-1-5-21-3310099979-550825954-3226161661-1000\...\Policies\system: [DisableRegistryTools] 1
  HKU\S-1-5-21-3310099979-550825954-3226161661-1000\...\MountPoints2: F - F:\AutoRun.exe
  HKU\S-1-5-21-3310099979-550825954-3226161661-1000\...\MountPoints2: G - G:\AutoRun.exe
  HKU\S-1-5-21-3310099979-550825954-3226161661-1000\...\MountPoints2: H - H:\AutoRun.exe
  HKU\S-1-5-21-3310099979-550825954-3226161661-1000\...\MountPoints2: {0aa0c89b-2feb-11e3-8bed-00e052f81026} - F:\Install.exe
  HKU\S-1-5-21-3310099979-550825954-3226161661-1000\...\MountPoints2: {0aa0c8b4-2feb-11e3-8bed-00e052f81026} - F:\Install.exe
  HKU\S-1-5-21-3310099979-550825954-3226161661-1000\...\MountPoints2: {0f5a7429-4ab0-11e3-9488-00e052f81026} - F:\Install.exe
  HKU\S-1-5-21-3310099979-550825954-3226161661-1000\...\MountPoints2: {0fd7bda6-345b-11e6-91da-00e052f81026} - F:\setup.exe
  HKU\S-1-5-21-3310099979-550825954-3226161661-1000\...\MountPoints2: {12b1bb48-0e31-11e8-ae00-00e052f81026} - F:\HTC_Sync_Manager_PC.exe
  HKU\S-1-5-21-3310099979-550825954-3226161661-1000\...\MountPoints2: {2c9fa2f9-3a18-11e3-9124-00e052f81026} - F:\Install.exe
  HKU\S-1-5-21-3310099979-550825954-3226161661-1000\...\MountPoints2: {2efff389-b3e4-11e3-9322-00e052f81026} - F:\AutoRun.exe
  HKU\S-1-5-21-3310099979-550825954-3226161661-1000\...\MountPoints2: {2efff3c9-b3e4-11e3-9322-00e052f81026} - G:\AutoRun.exe
  HKU\S-1-5-21-3310099979-550825954-3226161661-1000\...\MountPoints2: {44f13fda-0280-11e4-8f6c-00e052f81026} - F:\AutoRun.exe
  HKU\S-1-5-21-3310099979-550825954-3226161661-1000\...\MountPoints2: {5ccbbafc-d81f-11e3-b0b7-00e052f81026} - F:\AutoRun.exe
  HKU\S-1-5-21-3310099979-550825954-3226161661-1000\...\MountPoints2: {6031c141-37bb-11e3-b188-00e052f81026} - F:\Install.exe
  HKU\S-1-5-21-3310099979-550825954-3226161661-1000\...\MountPoints2: {61232ce8-ac49-11e3-9702-00e052f81026} - F:\Install.exe
  HKU\S-1-5-21-3310099979-550825954-3226161661-1000\...\MountPoints2: {832a28f5-469d-11eb-a9f4-00e052f81026} - E:\HiSuiteDownLoader.exe
  HKU\S-1-5-21-3310099979-550825954-3226161661-1000\...\MountPoints2: {8729e626-323b-11e3-b25d-00e052f81026} - F:\Install.exe
  HKU\S-1-5-21-3310099979-550825954-3226161661-1000\...\MountPoints2: {aaab2248-4b60-11e3-b7e2-00e052f81026} - G:\Install.exe
  HKU\S-1-5-21-3310099979-550825954-3226161661-1000\...\MountPoints2: {bc27f7c1-4a96-11e3-9803-00e052f81026} - F:\Install.exe
  HKU\S-1-5-21-3310099979-550825954-3226161661-1000\...\MountPoints2: {bf485db0-3391-11e6-95e3-00e052f81026} - H:\AutoRun.exe
  HKU\S-1-5-21-3310099979-550825954-3226161661-1000\...\MountPoints2: {dbd5fedb-0349-11e4-8ff7-00e052f81026} - H:\AutoRun.exe
  Policies: C:\ProgramData\NTUSER.pol: Ограничение <==== ВНИМАНИЕ
  HKLM\SOFTWARE\Policies\Mozilla\Firefox: Ограничение <==== ВНИМАНИЕ
  U1 aswbdisk; отсутствует ImagePath
  2021-07-06 11:54 - 2021-07-22 16:58 - 000000260 ____H C:\Windows\ehmnqdhloprbakougjopsfjnqrt.cmq
  2021-07-06 11:54 - 2021-07-22 16:58 - 000000260 ____H C:\Users\212\AppData\Local\ehmnqdhloprbakougjopsfjnqrt.cmq
  2021-07-06 11:54 - 2021-07-22 16:58 - 000000260 ____H C:\Program Files\ehmnqdhloprbakougjopsfjnqrt.cmq
  2021-07-06 11:54 - 2021-07-22 16:57 - 000000260 ____H C:\Windows\system32\ehmnqdhloprbakougjopsfjnqrt.cmq
  2021-07-06 11:54 - 2021-07-06 11:54 - 000004008 ____H C:\Windows\system32\bpfrfdshvhupzujaxlbnbzodrdqlvqfwthxjxv.znz
  2021-07-06 11:54 - 2021-07-06 11:54 - 000004008 ____H C:\Windows\bpfrfdshvhupzujaxlbnbzodrdqlvqfwthxjxv.znz
  2021-07-06 11:54 - 2021-07-06 11:54 - 000004008 ____H C:\Users\212\AppData\Local\bpfrfdshvhupzujaxlbnbzodrdqlvqfwthxjxv.znz
  2021-07-06 11:54 - 2021-07-06 11:54 - 000004008 ____H C:\Program Files\bpfrfdshvhupzujaxlbnbzodrdqlvqfwthxjxv.znz
  2021-07-06 11:54 - 2013-06-05 17:18 - 000479232 __RSH C:\Windows\vpldxbwrldwxnojgjdzrlp.exe
  2021-07-06 11:54 - 2013-06-05 17:18 - 000479232 __RSH C:\Windows\system32\vpldxbwrldwxnojgjdzrlp.exe
  2021-07-06 11:54 - 2013-06-05 17:18 - 000479232 __RSH C:\Windows\system32\rhznddulbpebnkbutj.exe
  2021-07-06 11:54 - 2013-06-05 17:18 - 000479232 __RSH C:\Windows\system32\phbrjlexpfwvjibwxpjz.exe
  2021-07-06 11:54 - 2013-06-05 17:18 - 000479232 __RSH C:\Windows\system32\ixobqpfvkxlhsoewu.exe
  2021-07-06 11:54 - 2013-06-05 17:18 - 000479232 __RSH C:\Windows\system32\exsjcfztmdvvkkeacvqha.exe
  2021-07-06 11:54 - 2013-06-05 17:18 - 000479232 __RSH C:\Windows\system32\ctmbstldujzxkiauule.exe
  2021-07-06 11:54 - 2013-06-05 17:18 - 000479232 __RSH C:\Windows\system32\bpfrfdshvhupzuja.exe
  2021-07-06 11:54 - 2013-06-05 17:18 - 000479232 __RSH C:\Windows\rhznddulbpebnkbutj.exe
  2021-07-06 11:54 - 2013-06-05 17:18 - 000479232 __RSH C:\Windows\phbrjlexpfwvjibwxpjz.exe
  2021-07-06 11:54 - 2013-06-05 17:18 - 000479232 __RSH C:\Windows\ixobqpfvkxlhsoewu.exe
  2021-07-06 11:54 - 2013-06-05 17:18 - 000479232 __RSH C:\Windows\exsjcfztmdvvkkeacvqha.exe
  2021-07-06 11:54 - 2013-06-05 17:18 - 000479232 __RSH C:\Windows\ctmbstldujzxkiauule.exe
  2021-07-06 11:54 - 2013-06-05 17:18 - 000479232 __RSH C:\Windows\bpfrfdshvhupzuja.exe
  FCheck: C:\Windows\ainst.exe [2018-09-29] <==== ВНИМАНИЕ (нулевой байт Файл/Папка)
  FCheck: C:\Windows\inst.exe [2018-10-30] <==== ВНИМАНИЕ (нулевой байт Файл/Папка)
  FCheck: C:\Windows\system32\ise_installer_temp.exe [2017-03-04] <==== ВНИМАНИЕ (нулевой байт Файл/Папка)
  AlternateDataStreams: C:\Windows\system32\FlashPlayerInstaller.exe:$CmdTcID [64]
  AlternateDataStreams: C:\Windows\ucrtbase.dll:$CmdTcID [64]
  AlternateDataStreams: C:\Windows\system32\Drivers\massfilter.sys:$CmdTcID [64]
  AlternateDataStreams: C:\Windows\system32\Drivers\ZTEusbmdm6k.sys:$CmdTcID [64]
  AlternateDataStreams: C:\Windows\system32\Drivers\ZTEusbnmea.sys:$CmdTcID [64]
  AlternateDataStreams: C:\Windows\system32\Drivers\ZTEusbser6k.sys:$CmdTcID [64]
  AlternateDataStreams: C:\Users\212\Downloads\delivery terms.xls:$CmdZnID [26]
  AlternateDataStreams: C:\Users\212\Downloads\wav-library.net_-_Zvuk_pozharnoj_signalizacii_(iPlayer.fm).mp3:$CmdZnID [26]
  AlternateDataStreams: C:\Users\212\Downloads\Акт о приемке.jpg:$CmdZnID [26]
  AlternateDataStreams: C:\Users\212\Downloads\акция оберег 1.doc:$CmdZnID [26]
  AlternateDataStreams: C:\Users\212\Downloads\Арсенал фурнитура (1).xls:$CmdZnID [26]
  AlternateDataStreams: C:\Users\212\Downloads\Арсенал фурнитура.xls:$CmdZnID [26]
  AlternateDataStreams: C:\Users\212\Downloads\выпискапослстр.jpg:$CmdZnID [26]
  AlternateDataStreams: C:\Users\212\Downloads\Портал-Тула.xls:$CmdZnID [26]
  AlternateDataStreams: C:\Users\212\Downloads\Триадорс 01.07.16.rar:$CmdZnID [26]
  FirewallRules: [{87CE9BCB-9B1B-40A2-9C00-A26500F0251A}] => (Block) LPort=445
  FirewallRules: [{2F930610-C638-4F37-8BAE-4BDFAC1C2589}] => (Block) LPort=445
  FirewallRules: [{0A4DBC23-661A-4A4E-8E54-2D8D08FBA875}] => (Block) LPort=445
  FirewallRules: [{D2B05ACB-E85E-4336-BE93-D6298B572BB3}] => (Block) LPort=445
  FirewallRules: [{C8E8AF0C-121E-4269-9781-718C9760A8FE}] => (Block) LPort=445
  FirewallRules: [{51D40927-A298-48C6-A792-7A23A0E00091}] => (Block) LPort=445
  FirewallRules: [{22B07C19-18FB-42EA-8413-18421DE7F8CC}] => (Block) LPort=445
  FirewallRules: [{8E0A0000-BF0F-4288-A2C6-4F839F2962F3}] => (Block) LPort=445
  FirewallRules: [{8E233BA0-72D9-4D0E-B225-A5D0E4C34DEB}] => (Block) LPort=445
  FirewallRules: [{40E5E9FE-75C9-4B36-B511-2D87529D0378}] => (Block) LPort=445
  FirewallRules: [{667EB996-F188-4ECB-A837-FDA27C293499}] => (Block) LPort=445
  FirewallRules: [{A53B9339-D363-4026-8713-32808EFE7927}] => (Block) LPort=445
  FirewallRules: [{2FD8BD5F-4E48-4F2E-8C11-E85D90C2AA7F}] => (Block) LPort=445
  FirewallRules: [{141D6197-AD5E-4F58-9304-CD2C147F3179}] => (Block) LPort=445
  FirewallRules: [{3BA5AD65-BA84-462A-91EB-166A8E80119A}] => (Block) LPort=445
  FirewallRules: [{6C58F5DC-0496-4C33-BEA0-4618A6753734}] => (Block) LPort=445
  FirewallRules: [{865D3C3B-8532-45FE-9F36-0DB92680EA0F}] => (Block) LPort=445
  FirewallRules: [{479929B8-6098-4088-B93B-4D6421CD1389}] => (Block) LPort=445
  FirewallRules: [{91FE2470-24D5-450E-B6A9-8963B49839D5}] => (Block) LPort=445
  FirewallRules: [{55C395AD-AFC4-4285-8A5D-F35FFB2459C4}] => (Block) LPort=445
  FirewallRules: [{8670FF94-35F9-4966-B273-0583CAE35EFF}] => (Block) LPort=445
  FirewallRules: [{CBF849AF-F8C8-40F5-B8B3-60D775CC3DBE}] => (Block) LPort=445
  FirewallRules: [{00F690CD-3251-4299-83E7-1C25BB3F2925}] => (Block) LPort=445
  FirewallRules: [{0E6C0F90-7928-4B12-B8F5-01A6BE4814F3}] => (Block) LPort=445
  FirewallRules: [{715EF3B2-1341-49F1-A319-7D84A5FD04C1}] => (Block) LPort=445
  FirewallRules: [{71C6D3B0-5839-4EAC-9472-23E6F1ECE622}] => (Block) LPort=445
  FirewallRules: [{B0B2AC6C-0A8E-41DB-99F6-70B0B86D2572}] => (Block) LPort=445
  FirewallRules: [{3A275EAD-58E2-4490-988C-B25F8017B6B9}] => (Block) LPort=445
  FirewallRules: [{6D7E3E72-246F-48C3-B601-935B05A99CC4}] => (Block) LPort=445
  FirewallRules: [{9CE52106-F8A8-42D1-80EC-54F285D991E3}] => (Block) LPort=445
  FirewallRules: [{ECE3EFA1-9D0F-4AAF-A43D-966B39968AAE}] => (Block) LPort=445
  FirewallRules: [{59A5895F-5A78-4F8C-826E-8F094314A1FC}] => (Block) LPort=445
  FirewallRules: [{82A78C11-CC46-4149-B72F-7E692968EFC1}] => (Block) LPort=445
  FirewallRules: [{109E44B8-B8E7-45C3-AA21-69CE5E5210DA}] => (Block) LPort=445
  FirewallRules: [{2E666D1B-3802-417D-A1B4-26F24F2CA7A6}] => (Block) LPort=445
  FirewallRules: [{39212F99-4535-4AC5-B895-24E5375D999A}] => (Block) LPort=445
  FirewallRules: [{8635D240-F829-47B5-8199-190F1B09A83D}] => (Block) LPort=445
  FirewallRules: [{68727C28-89C3-42DC-8EB3-B6539D6AA378}] => (Block) LPort=445
  FirewallRules: [{ED4FB413-B90E-4A87-895F-E0EB6E9645D2}] => (Block) LPort=445
  FirewallRules: [{400BAB4C-7571-4BD2-B448-CA593DC9CCA4}] => (Block) LPort=445
  FirewallRules: [{D804C996-FF8B-44A2-99A0-407EE00B40C8}] => (Block) LPort=445
  FirewallRules: [{8D891F6F-BC15-4064-9B58-D4B0E7DA243F}] => (Block) LPort=445
  FirewallRules: [{81A84E92-7ABB-4298-A472-2ADB4AB9A827}] => (Block) LPort=445
  FirewallRules: [{4E0DBB1E-2EE6-4F70-B4F7-5EA5FCE98543}] => (Block) LPort=445
  FirewallRules: [{7C925C1A-EC81-4730-A12D-452165659B18}] => (Block) LPort=445
  FirewallRules: [{D78010DE-BDBC-4B56-B5A6-610AF5DE0027}] => (Block) LPort=445
  FirewallRules: [{934AA1CF-413E-49BF-ADC6-40C92C85E6B7}] => (Block) LPort=445
  FirewallRules: [{28CAA3B3-E9F2-40F8-BB67-DE441E6109BC}] => (Block) LPort=445
  FirewallRules: [{4DB3FD23-57AE-4BFE-96A0-FE92940F1D55}] => (Block) LPort=445
  FirewallRules: [{8FDB96C8-8CDF-4B71-891D-F74A23BA4680}] => (Block) LPort=445
  FirewallRules: [{99F46BF0-2E63-4BF9-95DE-F5C435EACC3C}] => (Block) LPort=445
  FirewallRules: [{C9623DCD-7B14-42FF-B527-E99F5625C66D}] => (Block) LPort=445
  FirewallRules: [{917F86BF-D8EB-4B12-8DD9-F897AE2A96CB}] => (Block) LPort=445
  FirewallRules: [{F31A0FCA-1A25-429A-A378-FE48FB7EFD46}] => (Block) LPort=445
  FirewallRules: [{3BEFCB98-2E7C-4EEB-A425-C7E5D584B3ED}] => (Block) LPort=445
  FirewallRules: [{2C836319-6B59-4A41-93D1-D19D6B15896A}] => (Block) LPort=445
  FirewallRules: [{1376022D-E3CB-4E72-875C-D7B07ADE9FE5}] => (Block) LPort=445
  FirewallRules: [{6BDED583-59D7-4062-916F-459EA77D2D91}] => (Block) LPort=445
  FirewallRules: [{514923A6-1984-4C32-88C1-85B8366E1FB8}] => (Block) LPort=445
  FirewallRules: [{3EFF9FAE-207D-4845-8007-AF34F1BD723C}] => (Block) LPort=445
  FirewallRules: [{C9D6E17D-8F1E-4A28-95E7-530F7E6D974E}] => (Block) LPort=445
  FirewallRules: [{7BA54C11-0B3C-43F2-A13B-C37F37BDB6F3}] => (Block) LPort=445
  FirewallRules: [{34F3BCBF-FC1C-4BB0-9C22-BA29E91CAA68}] => (Block) LPort=445
  FirewallRules: [{DC3328F0-CAFA-4591-86F7-56D4618D21BF}] => (Block) LPort=445
  FirewallRules: [{3DC8F7A9-80D5-4A55-9875-27AADAD56046}] => (Block) LPort=445
  FirewallRules: [{5572ECCE-481F-4C45-B175-AFA3EA57CB50}] => (Block) LPort=445
  FirewallRules: [{C7E91EB3-A06F-49F4-949C-73CC036BC734}] => (Block) LPort=445
  FirewallRules: [{886A2194-A3A9-4EF3-A5D1-7BA9DF8970C7}] => (Block) LPort=445
  FirewallRules: [{5DF2BB85-63DD-47BA-AD8A-B3BB6AACCFAF}] => (Block) LPort=445
  FirewallRules: [{950A5915-986F-4CA2-A6BF-F0A8B09946D4}] => (Block) LPort=445
  FirewallRules: [{C49D0F2A-D19C-4151-8887-D3A90936F926}] => (Block) LPort=445
  FirewallRules: [{FE1AA214-AF94-4961-921B-0BB1905D3049}] => (Block) LPort=445
  FirewallRules: [{49BAB040-F41B-4BDE-B04B-AF62FE11D05C}] => (Block) LPort=445
  FirewallRules: [{1C8B1D0D-1D23-4285-A4D7-E4EDDF235048}] => (Block) LPort=445
  FirewallRules: [{BF46DF38-50FD-47C9-B37B-ACA23C905EF4}] => (Block) LPort=445
  FirewallRules: [{BB49269C-CC90-4F09-994E-8117C5BA7AFF}] => (Block) LPort=445
  FirewallRules: [{5254043D-61F1-44AA-8FAF-63C7D7DFF263}] => (Block) LPort=445
  FirewallRules: [{3965D23E-8185-409A-8D54-60E235ED327C}] => (Block) LPort=445
  FirewallRules: [{1D1FCC2E-F5A1-4BAF-A54D-9D631018C6B0}] => (Block) LPort=445
  FirewallRules: [{57F97DC2-4AC0-48D3-B3FC-FFBB655EB8AF}] => (Block) LPort=445
  FirewallRules: [{11B4E415-0600-4EE2-A603-C0DAF767F72F}] => (Block) LPort=445
  FirewallRules: [{0B5EC3DF-7A30-4951-889B-D4B7F5BD096E}] => (Block) LPort=445
  FirewallRules: [{EB43D4D6-8C61-4695-B410-3142C1B2C190}] => (Block) LPort=445
  FirewallRules: [{CEC507DE-6009-4CE4-8978-0BC03AABFF35}] => (Block) LPort=445
  FirewallRules: [{F6507CB2-79B1-448B-81A4-FA3EAD35F749}] => (Block) LPort=445
  FirewallRules: [{4A979D69-4938-4AE7-889B-58BC291268B7}] => (Block) LPort=445
  FirewallRules: [{A1DBE854-D3B7-40BC-9F74-4402C0761439}] => (Block) LPort=445
  FirewallRules: [{59C17447-1F24-445A-9615-88E1091862C9}] => (Block) LPort=445
  FirewallRules: [{6FFBBA1B-77CD-430D-93C5-5280B6A60D5A}] => (Block) LPort=445
  FirewallRules: [{F59031CA-2429-4B74-9596-B2A07632A777}] => (Block) LPort=445
  FirewallRules: [{27BFD035-A6DA-4FBA-8408-13EBB6E4881D}] => (Block) LPort=445
  FirewallRules: [{90D1B8E4-D713-438F-A774-60B4C86F43DD}] => (Block) LPort=445
  FirewallRules: [{65D11190-BD06-430C-B048-D91B1B08A8C4}] => (Block) LPort=445
  FirewallRules: [{0B8D83BB-3E9E-4059-AE4A-CC5EA713C90E}] => (Block) LPort=445
  FirewallRules: [{CFC71C1C-6F8A-4114-8B04-ED0D8B94C266}] => (Block) LPort=445
  FirewallRules: [{C2EB6E9B-71E3-42D3-A610-6B1522C802D3}] => (Block) LPort=445
  FirewallRules: [{8E9C2844-616C-4BF3-9658-78DACA0B9763}] => (Block) LPort=445
  FirewallRules: [{84A4A53E-415A-49AC-8C66-8EFDE9B3EF50}] => (Block) LPort=445
  FirewallRules: [{6347A14C-1648-4064-94CF-84492407E6E2}] => (Block) LPort=445
  FirewallRules: [{77B0CB21-226A-4C24-AF47-2FC3E8EF7315}] => (Block) LPort=445
  FirewallRules: [{F87C38DB-2725-4728-ACF7-0DBBD30A7952}] => (Block) LPort=445
  FirewallRules: [{7A659CFE-B257-495D-8DDE-2ABCBABF550E}] => (Block) LPort=445
  FirewallRules: [{91D40710-D5D8-47F6-9F5E-0795CABCFDEC}] => (Block) LPort=445
  FirewallRules: [{DE1314B0-DEE7-429D-9E0C-A9C253752452}] => (Block) LPort=445
  FirewallRules: [{579A5C57-73DB-4037-ABAC-0B8926B447E4}] => (Block) LPort=445
  FirewallRules: [{9491BB04-6170-4431-97B3-92414E176FAC}] => (Block) LPort=445
  FirewallRules: [{9A72CEE8-316D-4501-A380-A8F1A3866968}] => (Block) LPort=445
  FirewallRules: [{5571E5B8-E335-4F2D-A30F-B73D4D67B2B6}] => (Block) LPort=445
  FirewallRules: [{6DCFBB25-2B8F-44ED-B2C1-B1F475846278}] => (Block) LPort=445
  FirewallRules: [{7ACFC222-858D-4764-B97E-A13445FB34C3}] => (Block) LPort=445
  FirewallRules: [{74D9E806-8DFA-4818-A471-2CE73D13E434}] => (Block) LPort=445
  FirewallRules: [{E4A09493-AC68-4E57-9975-A243BBB477EC}] => (Block) LPort=445
  FirewallRules: [{7B227482-D1B7-4183-B174-50C6E3C0D20A}] => (Block) LPort=445
  FirewallRules: [{0322BB7C-6CDE-41C2-B41D-8EB9A502BB27}] => (Block) LPort=445
  FirewallRules: [{6FB7BAAB-58B0-409D-882B-3712EFFDD09B}] => (Block) LPort=445
  FirewallRules: [{65121DA4-C1F8-4D8D-9E3C-8C0D808B8102}] => (Block) LPort=445
  FirewallRules: [{5F2574A3-604C-4516-969C-C7879675D618}] => (Block) LPort=445
  FirewallRules: [{B862E8A8-5871-4BAF-8E1B-9DC5510ABD30}] => (Block) LPort=445
  FirewallRules: [{33F0F692-433D-43E1-A6FC-8C1323BC230F}] => (Block) LPort=445
  FirewallRules: [{5B61F089-087C-4D6C-815C-E7ED767F3B81}] => (Block) LPort=445
  FirewallRules: [{B1495E48-6335-4608-8714-91E218098920}] => (Block) LPort=445
  FirewallRules: [{67C11D4B-DAC3-43C1-85FB-60096860D09F}] => (Block) LPort=445
  FirewallRules: [{26E298CB-F88B-4A4E-AE7E-FFD3D8E7FF21}] => (Block) LPort=445
  FirewallRules: [{DCEC2952-178D-4733-9969-035F6453646D}] => (Block) LPort=445
  FirewallRules: [{81956EA4-B1E5-4C7F-AAB6-22ACCF891996}] => (Block) LPort=445
  FirewallRules: [{62C45FA5-1999-4869-B262-550678D9C9EC}] => (Block) LPort=445
  FirewallRules: [{6FB7FE4D-4DF5-471D-A716-01A7093395B9}] => (Block) LPort=445
  FirewallRules: [{1ED2B8C3-3C2D-40BF-A557-70F331A76F1B}] => (Block) LPort=445
  FirewallRules: [{3D62B39D-F864-4518-B250-2D0C65B8F289}] => (Block) LPort=445
  FirewallRules: [{BA80CBF9-EF95-4F03-84FF-EC20001B046B}] => (Block) LPort=445
  FirewallRules: [{5075B3AB-20DF-400D-8137-D05B06461023}] => (Block) LPort=445
  FirewallRules: [{368622B3-F39A-481E-9590-E4E72C31AA72}] => (Block) LPort=445
  FirewallRules: [{1A1CE6F5-E5FB-4192-A113-A0787BB87279}] => (Block) LPort=445
  FirewallRules: [{9CAF6D29-3479-45C7-9A52-3DA4A913744E}] => (Block) LPort=445
  FirewallRules: [{B3456D80-009D-482D-B975-6874B47EB714}] => (Block) LPort=445
  FirewallRules: [{06E55EF1-35C9-419F-8C8C-2DFECAE3BC18}] => (Block) LPort=445
  FirewallRules: [{C1F7A39D-F5E4-415D-8DFA-FC64F87D6DB7}] => (Block) LPort=445
  FirewallRules: [{704A8D4D-E259-4952-AF20-1C056168A55A}] => (Block) LPort=445
  FirewallRules: [{E26A4E4C-749B-4F97-9A86-E810647C5A94}] => (Block) LPort=445
  FirewallRules: [{DD93FC5B-21BE-4C95-BEDF-A2C3B2513DD1}] => (Block) LPort=445
  FirewallRules: [{22C08ECB-6AE0-486C-8588-F4F37AC5B3CE}] => (Block) LPort=445
  FirewallRules: [{5317B1D2-D9EC-4C1D-B4E3-779AE3D1BAE4}] => (Block) LPort=445
  FirewallRules: [{C8756509-C085-471E-A884-7D409B69F5F1}] => (Block) LPort=445
  FirewallRules: [{979215F4-DCE2-4B09-BB41-E6D278EED540}] => (Block) LPort=445
  FirewallRules: [{9D099960-6C81-4E09-854D-A508839185B6}] => (Block) LPort=445
  FirewallRules: [{33963B1C-4AD3-4B3A-B53B-8297E91A41FE}] => (Block) LPort=445
  FirewallRules: [{372829DF-8D0B-4083-B5A0-ECC45E42FD70}] => (Block) LPort=445
  FirewallRules: [{841422F2-D1CE-441C-B525-EF104E33F4FA}] => (Block) LPort=445
  FirewallRules: [{28646493-D820-4258-8DB8-998BD5F2B47E}] => (Block) LPort=445
  FirewallRules: [{21683F5D-BF69-4C55-8598-47AA0898C6BA}] => (Block) LPort=445
  FirewallRules: [{62D9F9B4-D10E-42E5-A109-628841FAC0E6}] => (Block) LPort=445
  FirewallRules: [{42378F42-B553-40D7-91FF-663D15683546}] => (Block) LPort=445
  FirewallRules: [{4848D775-BDD2-492A-B0B1-1A49BB62E95B}] => (Block) LPort=445
  FirewallRules: [{E1345DF7-ADC6-456A-B456-32DCA6ADBAED}] => (Block) LPort=445
  FirewallRules: [{2D1ED0B4-F693-4742-947A-B61A24483252}] => (Block) LPort=445
  FirewallRules: [{45C4D20A-C531-4055-9841-C342FC78B1E6}] => (Block) LPort=445
  FirewallRules: [{16CB49E8-A08C-4AE5-862E-82117C2D21F5}] => (Block) LPort=445
  FirewallRules: [{B5FB54E1-9CE0-4650-A726-61762109D924}] => (Block) LPort=445
  FirewallRules: [{52DD96AE-4895-4915-B8B6-9C3C62E9A378}] => (Block) LPort=445
  FirewallRules: [{55F50163-CA7D-43CF-8900-1D0D1548A047}] => (Block) LPort=445
  FirewallRules: [{FC427173-52BA-4E1D-87AD-209F45359CCC}] => (Block) LPort=445
  FirewallRules: [{827DDCAB-9D7D-4DD5-946A-C7704AF92663}] => (Block) LPort=445
  FirewallRules: [{A7EFAB89-4449-4781-ACD3-E8913091E0E8}] => (Block) LPort=445
  FirewallRules: [{7605B6EA-5942-459A-B1DC-1F4DDF7901BD}] => (Block) LPort=445
  FirewallRules: [{DEB55091-21EF-4F86-A01E-E47D1526B05F}] => (Block) LPort=445
  FirewallRules: [{58AAAE13-EAC5-473F-89EC-4C98DC5821E3}] => (Block) LPort=445
  FirewallRules: [{C7FD3758-75DD-44C8-A123-F6EA983674E2}] => (Block) LPort=445
  FirewallRules: [{7B7FEC23-F7C5-4F16-84EE-D995EA45DB46}] => (Block) LPort=445
  FirewallRules: [{4485A457-9ADC-4C13-B9F9-9C5FB47274FF}] => (Block) LPort=445
  FirewallRules: [{E1DC9BEB-49D3-4E71-AA98-AFC5F48F12F6}] => (Block) LPort=445
  FirewallRules: [{91F25515-7FE4-47AC-8866-74694C75B73C}] => (Block) LPort=445
  FirewallRules: [{DD71DA39-0EBD-47D3-9062-FBD34CBBDC52}] => (Block) LPort=445
  FirewallRules: [{65B4B170-19DE-4485-8F3B-8A668C912747}] => (Block) LPort=445
  FirewallRules: [{C619401E-255A-4E8C-AAE4-88AAAC72BD72}] => (Block) LPort=445
  FirewallRules: [{FEC84318-DEA2-4BDE-8AE5-199F03B4BE9A}] => (Block) LPort=445
  FirewallRules: [{FE12C29D-6E50-43FD-9133-77BE105950DF}] => (Block) LPort=445
  FirewallRules: [{403F8305-4FDC-46B3-8730-D5F9A66106C9}] => (Block) LPort=445
  FirewallRules: [{952353FC-2419-4718-80AB-8A138183E602}] => (Block) LPort=445
  FirewallRules: [{179B6B96-4612-4ED1-B41E-B279868FD095}] => (Block) LPort=445
  FirewallRules: [{F5C99C6B-29DC-4495-8B01-10C618BBB6F9}] => (Block) LPort=445
  FirewallRules: [{177162CF-44AA-43BC-BA0C-227047A3B22D}] => (Block) LPort=445
  FirewallRules: [{72D68C68-A496-4F16-81BB-B9322DA9D9F5}] => (Block) LPort=445
  FirewallRules: [{4960A15E-2977-4AE7-9E10-A8B5335C2F41}] => (Block) LPort=445
  FirewallRules: [{DB3BA210-5C50-499B-AF53-F816A8A8EB37}] => (Block) LPort=445
  FirewallRules: [{217D935A-05E9-42B1-AEF8-F052F04B0081}] => (Block) LPort=445
  FirewallRules: [{553217D0-9CC4-4C2E-9753-BDD88289817D}] => (Block) LPort=445
  FirewallRules: [{F81B09A6-C43B-4854-89ED-CC67BD548785}] => (Block) LPort=445
  FirewallRules: [{7E2E6B43-3142-4CF3-A5F5-4B4DA3A6DB19}] => (Block) LPort=445
  FirewallRules: [{77DF2A7B-5355-450F-8680-0A7367E67080}] => (Block) LPort=445
  FirewallRules: [{68C3FB8F-8949-427C-8A1E-D24F827C744A}] => (Block) LPort=445
  FirewallRules: [{768BF805-0E0E-4101-B136-0A06C4DFBF23}] => (Block) LPort=445
  FirewallRules: [{82C371D4-0ED8-4792-BA46-49B9DC106FAC}] => (Block) LPort=445
  FirewallRules: [{9E92328B-17C7-422C-B22C-EF447CFF6C9E}] => (Block) LPort=445
  FirewallRules: [{13BD4DCE-AF8C-41A6-A433-8EB2E8070BF0}] => (Block) LPort=445
  FirewallRules: [{44C40D4C-EAC9-4E22-9D70-9B2FB3D20EC2}] => (Block) LPort=445
  FirewallRules: [{9526F755-A246-499E-BB66-6BE454A3E732}] => (Block) LPort=445
  FirewallRules: [{9B51503E-8774-451D-ADF0-A69A9A7ED811}] => (Block) LPort=445
  FirewallRules: [{D08B0AD3-283C-45B9-BF69-D9DB1BCC935E}] => (Block) LPort=445
  FirewallRules: [{C2ED0F17-3484-42A6-9D90-7D44EA43FC50}] => (Block) LPort=445
  FirewallRules: [{C7EC814C-03B0-4B32-B5FF-42E21D731969}] => (Block) LPort=445
  FirewallRules: [{60EAD249-0CD2-4147-BFC1-F732FC77E9C6}] => (Block) LPort=445
  FirewallRules: [{C0BF8466-3F2F-4374-BF97-BBBABC5B5514}] => (Block) LPort=445
  FirewallRules: [{785C6A25-098E-4E76-AA5F-FB79DD409F3E}] => (Block) LPort=445
  FirewallRules: [{F3782AE9-312A-455B-8121-66D9B02A506F}] => (Block) LPort=445
  FirewallRules: [{F14E8F90-D707-4EA7-BC46-FE1D3557374E}] => (Block) LPort=445
  FirewallRules: [{DFFC61CC-928E-42A5-8FD6-89BD402E50D8}] => (Block) LPort=445
  FirewallRules: [{F241AF43-57A9-4AFE-A75B-94412921B870}] => (Block) LPort=445
  FirewallRules: [{5160DF0E-190D-4914-B4D7-598CA0666D0D}] => (Block) LPort=445
  FirewallRules: [{66E77C60-BC78-43EE-ADE9-1EAABC4FFB41}] => (Block) LPort=445
  FirewallRules: [{ABE30355-6BB9-4102-8930-369FD684AFC2}] => (Block) LPort=445
  FirewallRules: [{4C4A5FD9-822E-4DCC-97D8-1822A54C2401}] => (Block) LPort=445
  FirewallRules: [{FEC85485-B302-45D5-B85C-8075E941FE75}] => (Block) LPort=445
  FirewallRules: [{F51B2AD5-5296-4523-9BB9-645A1955B52F}] => (Block) LPort=445
  FirewallRules: [{331BD775-3473-4BEB-B3B1-AB7D59EDC6EA}] => (Block) LPort=445
  FirewallRules: [{28473D4A-B048-4720-9D80-ED0724556421}] => (Block) LPort=445
  FirewallRules: [{1E3E2860-7653-439E-ADD5-284830A9A874}] => (Block) LPort=445
  FirewallRules: [{36A17B72-FC3B-4A21-8472-8E148A4E0100}] => (Block) LPort=445
  FirewallRules: [{29AB938B-4DFF-41C3-B9D2-1069751899E2}] => (Block) LPort=445
  FirewallRules: [{0D5CFD48-17B9-4E35-85DD-3775BCF35206}] => (Block) LPort=445
  FirewallRules: [{55F75448-DD5A-4978-BFB0-52CD0811A270}] => (Block) LPort=445
  FirewallRules: [{111FBF85-13EE-4C25-AF5D-E6C419C8228F}] => (Block) LPort=445
  FirewallRules: [{BF421969-B5A5-42A2-B200-B2C2BFC9AA47}] => (Block) LPort=445
  FirewallRules: [{1C4D9671-DED5-4AE4-930D-108060351DCD}] => (Block) LPort=445
  FirewallRules: [{645FEE67-6D5F-47DD-9CEA-91044F20A726}] => (Block) LPort=445
  EmptyTemp:
  Reboot:
  End::

   

• Скопируйте выделенный текст (правой кнопкой - Копировать).
• Запустите FRST (FRST64) от имени администратора.
• Нажмите Fix и подождите. Программа создаст лог-файл (Fixlog.txt). Прикрепите его к своему следующему сообщению.

Компьютер будет перезагружен автоматически.

Подробнее читайте в этом руководстве.

 

Пробуйте собрать логи Автологером.

[Realito]

Добрый вечер! 

Автологгер запустился, но проблема пока не исчезла, вот запрошенные файлы.

CollectionLog-2021.07.26-19.06.zip fixlog.txt

[Sandor]

Цитата

Platform:  x32 Windows 7 (Pro), 6.1.7600.0, Service Pack: 0 <=== Attention! (outdated SP)

Мало того, что Win7 уже больше года не поддерживается, так у вас еще и не установлен SP1 и все последующие критические обновления. Без их установки лечение бесполезно.

 

Пакет обновления 1 (SP1) для Windows 7 x32 и Windows Server 2008 R2 x32

[thyrex]

И все же для начала избавиться нужно от файлового вируса.

 

Пролечитесь так https://support.kaspersky.ru/krd18 (скачивать и записывать образ на диск нужно на другой, чистой от вирусов машине)

[Realito]

26.07.2021 в 22:21, thyrex сказал:

И все же для начала избавиться нужно от файлового вируса.

 

Пролечитесь так https://support.kaspersky.ru/krd18 (скачивать и записывать образ на диск нужно на другой, чистой от вирусов машине)

Комп очень плохо воспринял обновление до последнего SP, поэтому долго не отвечал))) Но образ касперского помог! Спасибо большое!

[Sandor]

Соберите ещё раз CollectionLog с помощью Автологера.