Перейти к содержанию
Правила раздела

[РЕШЕНО] касперский нашел HEUR:HackTool.Win32.Convagent.gen в файле svchos.exe

Vadya

Автор Vadya
в Помощь в удалении вирусов

 Поделиться

Рекомендуемые сообщения

Vadya

Vadya

Опубликовано
Опубликовано (изменено)

здравствуйте. история такая. прошло почти две недели как прошлый раз проверял комп курейтом. думаю дай сегодня проверю  курейтом лучше перебдеть чем недобдеть.   и как только курейт проверил   в папке program data/чего то там/ файл  svchos.exe  касперский поднял алерт  HEUR:HackTool.Win32.Convagent.gen и удалил этот файл. проверил папку эту она создана аж 23 апреля почему раньше касперский  алерт не поднимал не понятно, то ли вирус подменил этот файл на зловред, то ли база обновилась и там стали бить тревогу на этот фаил не понятно. хочу, что бы вы проверили, что бы моя душа была спокойна. курейт ничего не нашел.

кстати еще вопрос почему автологер пишет 5. поиск кей логеров и сборщиков клавиатуры отключена пользователем? я ж не отключаю ничего как в инструкции написано так и делаю?  

CollectionLog-2023.06.19-18.44.zip

Изменено пользователем Vadya
mike 1

mike 1

Опубликовано
Опубликовано

Внимание! Рекомендации написаны специально для этого пользователя. Если рекомендации написаны не для вас, не используйте их - это может повредить вашей системе.

Если у вас похожая проблема - создайте тему в разделе Уничтожение вирусов и выполните Правила оформления запроса о помощи.

 

Здравствуйте! 

 

Закройте все программы, временно выгрузите антивирус, файрволл и прочее защитное ПО.

Важно! на Windows Vista/7/8 AVZ запускайте через контекстное меню проводника от имени Администратора. Выполните скрипт в АВЗ (Файл - Выполнить скрипт):

  

begin
ExecuteWizard('TSW',2,2,true);
RebootWindows(false);
end.

 

Внимание! Будет выполнена перезагрузка компьютера

 

Пофиксите следующие строчки в HiJackThis (используйте версию из папки Автологгера)

  

O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Device\HarddiskVolume4\Temp\dwt-6860-5288-ec389fabd.sys -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Device\HarddiskVolume4\Temp\dwt-6860-5288-ec62bbeee.tmp\catfile-se.db -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Device\HarddiskVolume4\Temp\dwt-6860-5288-ec62bbeee.tmp\cathash-se.db -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Device\HarddiskVolume4\Temp\dwt-6860-5288-ec62bbeee.tmp\certs-6860-5288-ec62f49d0.tmp.db -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Device\HarddiskVolume4\Temp\dwt-6860-5748-fe07fd9a1.sys -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Device\HarddiskVolume4\Temp\fshc-6860-5288-ee5b4bbf4.tmp.db -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\033E3lkCbY -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\0BU3K4D1jpNk -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\0dgqmrhIrZ -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\0iaWDcLUDlj5hB0 -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\0iITO5j2kuebGwi.exe -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\0je2PYSfq -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\0lEqk6XGulaN -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\11c8MZHTbO3F -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\1MkXjmM47xtPfiz -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\1o3zpg8AUz -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\2eIUt395p -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\2I6Df0XGsgem -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\2VdJALo9LeqRB -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\2yQ1FdRmCn -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\3EFoTJL4cqqAgm -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\3eZhxxkmjdXr -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\3ga88ngcYS2rL -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\3GCQFqmZQ -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\3ILDi6DwhVUp3i -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\3qQLxT7WJV -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\4dXbHKBCJUxNuS6 -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\4G7JekTZxTV -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\4gIWMYi8N -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\4mlkvlUJ -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\4o0kSPv5tx -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\4S9fskTK3ksr -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\4X9QDlEJV -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\5blWRurBmZxk -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\5GPujW3R -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\5NrQUK70r -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\5oRVN4EZ3FqhmF -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\5rmhcEiUN2uwZ -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\5T1mAo8G -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\65dJtw3RE6Pi -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\6CnFQ8O70R -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\6G0QfZj399yGG6J -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\6oFP4luEZWphBN -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\6v5zatdGU -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\7HRNIpGnRC -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\7QQucmL89 -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\7XvfKDp8kvvxPx -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\85LbfJRoG37 -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\8AiKyZ5agnnY8w -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\8C2VEoFOEpa -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\8DdbCV67XrF4N -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\8F0ffg9Ntk2EK -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\8I4dXf4yJZ -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\8nbOz4SU7 -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\8Sc8diHg1 -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\9ak0OR8dxDmSkJ -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\9J4wexeghMfG5 -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\9MmRUPU73bwv -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\9xKyXgGAxFR7Rp -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\a3Jw0JdESNGb -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\A9pWuNec -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\ABcRKndt5V -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\AdiQZWS8 -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\aEwgf5ITY -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\AGgcwwRloS -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\Ah02LCccmG2Xr -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\AmCN0eyz5 -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\aMV0mHpt -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\ApJJm6LkFJ0t1ix -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\aRph11ZV -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\aWzrZXrEeZ -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\aXiRliUbW7iv -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\B33xJAkA9CU91Z -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\b3WcbR24uR -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\ba8h6JcZ649vFa -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\BcmkE619Ks -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\Bds4BDPmcY -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\BeKY16ZJ8 -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\bMGKajCOM7WE6N -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\bmijpnhTeKES -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\BmxgwScxzX -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\bPLkZOC8b -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\bq3AZdK0oZFJ -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\BsHN7CbStT0 -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\bWX8Mp2XU08Z -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\Bxn2s8O3j2b7nBt.key -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\Bzq17G8370LwmT -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\ccsdk.dll -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\CjlM9bkI -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\cJVKgR9TqJWK3R -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\CLic3YiXISrjta -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\CmFe2ln1ehc -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\cMpTTpRyd6R -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\CNWIQ0jla0Holrc -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\CoIT2fY5l6 -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\cVFBIMgPz2zL -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\cXVG0Ck86BZinDy -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\D1h2cJqmy0K9r -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\d2B0WM6Ey -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\D5gHzRRSkGfjvu -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\dCDMDzNI9jUZer -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\Dk3XK0LV53M -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\dkIHlTDwSow -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\dMakBUDDq -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\DQYtOUHfnVXt7Le -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\drwbase.db -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\DVAULSFhkKHCw.dll -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\DYGTs2T3Ci2 -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\e2FgKABWjd8yUNl -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\E3XEDgtF9 -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\e7ddWKfXS5 -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\ebd4de7d3.sys.2841f53 -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\ebd4de7d3.sys.2841f53.28427fd -> DELETE
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\EBue9Vk1T -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\EHgceuj14Jfh -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\en.chm -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\eP3EUeQO2tV5GEl -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\epzCup3piG -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\ez1fZpeQ7UE0 -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\F7Lfe0oVDSszfd -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\f8NGfa1qQsxpK -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\f9Bc1lZ3u3Ph -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\FBZbC2yjRB -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\ffZxhfFNp4qtZ -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\fjgf3oubBnZ -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\frhnVg7phUiOM -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\g2DAy3PJskqkBTD -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\g7AUsTTjnhKxF79 -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\gbvH8qPRzK -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\gct5IMXqq6 -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\GEIYoFwmM -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\GoUVd9LomP -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\gWjVnCFeNCo -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\GzGORh9ZQUfe -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\hcmO87UKHx26CH8 -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\HcOPfhWc -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\HDmTYdEhjB2 -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\HhEM7JH90PGfS7 -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\HIFCmQoju -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\hkLcHWWSns -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\hoBSV5q4f3 -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\HoPnIv6ciVt78G -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\HPTLicQSL6KeZZc -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\HSHPq6UyYitn3U -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\HzEAQvm4Y3P3 -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\I4fjlMkpv -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\IcO4noR1xRf -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\ikChaWxG5 -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\IkWIarGvzo -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\ilr16UJNsxdS7 -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\isURO3FnCjYPc -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\IwkcnOTV -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\J5VztcCO -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\ja.chm -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\jA67dyYPSlM -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\JahuuYOktxUj -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\jBqaSMCMNtp -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\JceCm74e.exe.2841f72 -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\JceCm74e.exe.2841f72 -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\jHaaqk7G -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\Jhu6vQ2rIFyHc -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\jIslVkGe3c -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\JN9WRwx2 -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\JnAWrY2aYKX3 -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\JpeMQu5HXtiAYIb -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\k0oCYWCjt7GN -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\KCjDeiipa -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\Kh7sh9ixb8EGT2F -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\kJ023MqkZBX7Lj -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\Kqj5dlsiux -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\ku21WrfcnNzV63 -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\kVta9bTlIQixuDi -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\KwL5H5GB7ON -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\KyanRwlu -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\KYRhmW8ouk -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\L35Cl0c0nGXZ -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\LBHCKM060 -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\LBIhoWlo0uFu -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\lDMrslHhg2ffjC -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\LFSDrEJYegtD -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\lfu2pmsrC -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\LgChSUvRh -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\lhrHYyfDr3UiM4 -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\lLp9EVm2 -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\LnsTGN5tJEq -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\LSJd3tn5 -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\M0WXPbOBC8d -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\mANp4WMiysc8LH -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\MATUaT5T3S -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\MNh62jztKPv6zs.exe -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\MqEWoZNCuDt -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\mVcDu0kax5hfV -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\Myu7EGnCmpRDsz -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\myvhE00WoSZth -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\MzBRAx1Om1mrY -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\n4SMrig9TTKlT5O -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\NDiE4aKX -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\NgvaB35Gxx -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\nhGjVv6CA -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\nKNVJRQ0Ecim -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\NXjlYmob -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\o6qnvvSeklY7veS -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\O81N2vlsJzTfF -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\oe5yTa7bY7bsgL -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\oEG5Eaq1F84Cfm -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\of0hGsbp31AT -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\oneaBy2meT -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\oQs4LUyJ8C -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\oSYQrX1412VUZnP -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\Ov4TKDOHA -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\oxuTCDkOGGj8L8 -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\P6ccda7a8xTF5Ic -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\pHLJ8J42gC7j -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\PJvVnJPQGIisnG4 -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\PPHMobY4 -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\PTjW87XS4Yl -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\pZ8aB9FhWSEO -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\qEYhrM0vd -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\qgCbt2hf -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\QILyqMxgckx6gi -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\QiYryZdInAsjat -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\qME6QyMXC -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\QpnNoRZ23X8lF -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\QXhGRcI4u -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\qXR7dEG7lc -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\QYcUErzKSp0MKaz -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\R6qSZEGNFyLV -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\rBqyfjNaDvJ8oA1 -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\rD2FPdjrTLDlFtu -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\REAyfgjXkRMGE -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\rf0yGuaufFXNd -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\Rf4ShcNcYYS -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\rGnRi7SmC -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\RJ5xGPKaDBr7s -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\RKp8RYOjd55PAdT -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\RMfQAzW6p3X -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\RpmTmI62u -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\RTluN006N0L -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\ru.chm -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\s4eMgzkZ1o2Ce -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\sgOBhw30H6wYarJ -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\sTv03BXwL -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\sVO5eeCB3SVAv -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\SvRE2KNt0t -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\T73jyQYA -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\tc26R3rOxz -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\tcEBzs4O9lLeo -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\tCLKoZZi -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\te2BoKfQ1RxRzn -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\thS3Cpa2I1tqUlp -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\TrNdZjrV0kuW -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\UayVOxrwGOn -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\uGA29yi5YvRHHF -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\UiZMYrsoBgMLK5Z -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\ULg1LsshSsxEmm3 -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\UmTDgaStJrYc2 -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\Uq0BfXING40hI -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\uRR82tlZt3U -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\UV5OcDMPP -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\uYvY1Z3mfT -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\V5CVRTynaJw5x -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\vFPZeruCrFqf5k0 -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\vgzQJfF4 -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\VKJdQVDBrd -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\Vlf2ih6u5ee0Xu.exe -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\VMZknVUjHR08I4 -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\vnLN5bqNQVhl6 -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\vQ8324sYpg -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\vQogStzrvcjwt -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\vqVhXVZrw4VmJM -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\vRzW0dW6aPra.dll.2841fd0 -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\vRzW0dW6aPra.dll.2841fd0 -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\vT25cBGvE -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\vwTyBpWnf8OlL4 -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\wD5lfCsWkLz -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\wevpRZ4JxhC3M -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\Whtbvrre -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\WuW1Ajd0 -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\WW1g7Dmv6y73 -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\wXwDEIUx -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\x8DtBG1YgM -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\x9VpcM6h -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\xG2uPx7833Gs -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\xjSHhZp5w4Avaj -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\xR6D51VIqV -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\xv9RH9xPnSIsU -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\xYXEZoV3MrhOeC -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\Y1YnojCKKfShSAQ -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\Y4MiU8PF3dt -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\Y6PSNZB0IrKe75C -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\YcykB7QV -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\yfFzawuKXYrUQ1B -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\ygruxYt454djBMi -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\Yiaenj3iotf8J7A -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\Yku0ufJ2KS -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\YlkTzeoBAKqZ6O -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\YNFIhZ2s4kN -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\ynXG37Sq -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\YOiX7T0Fg -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\YuXma6wYz01c5mJ -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\yxutNBlO -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\z3TQGvRgs5M -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\z8sMbFVkZ2n -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\zAUZshLRP7jmEJ -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\ZAyJbJbhUJ -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\zCFsmnfD1A4 -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\ze8tnf7Qk7HuNi -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\ZfxK38cf4xXJ -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\ZHZVfOmxk -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\ZIijTUOR -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\ZJBlQkxwBEK5EW -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\ztSFwmd3A.dll -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\ZVJzDc5ZKxrwbi -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\ZVxebVQOmjD0T6 -> DELETE (file missing)
O4 - HKLM\..\Session Manager: [PendingFileRenameOperations2] = C:\Temp\C66FBAF0-4A60B799-9374C65-1054145D\ZWvt7mJu -> DELETE (file missing)

 

Сделайте новые логи Автологгером. 

Vadya

Vadya

Опубликовано
  • Автор
Опубликовано
52 минуты назад, mike 1 сказал:

Выполните скрипт в АВЗ (Файл - Выполнить скрипт):

сделано.

53 минуты назад, mike 1 сказал:

Пофиксите следующие строчки в HiJackThis

в этом вопросе мы с вами по кругу ходим еще прошлый раз я писал, что HiJackThis ни одной строчки из вашего сообщения не находит как их фиксить если он их не видит? 

джек.jpg

mike 1

mike 1

Опубликовано
Опубликовано

Если нет, то пропускайте этот шаг. На момент сбора логов они были. 

  • 4 недели спустя...
mike 1

mike 1

Опубликовано
Опубликовано

Мы были рады Вам помочь! Надеемся, что Вы остались довольны результатом. На нашем форуме также можно получить компьютерную помощь, помощь по продуктам "Лаборатории Касперкого", обсудить технологии и технику, заказать эксклюзивную сувенирную продукцию "Лаборатории Касперского" бесплатно! Форумчане ежегодно путешествуют. В числе приглашенных в ТурциюАрмениюСочиКамбоджу можете стать и Вы! Будем рады видеть Вас в наших рядах! Всегда ваш, клуб "Лаборатории Касперского".

Гость
Эта тема закрыта для публикации ответов.
 Поделиться
Перейти к списку тем

  • Похожий контент

    • eturrno
      MEM:Trojan.Win32.SEPEH.gen нужна помощь в удалении данного трояна
      Автор eturrno
      была попытка удалить через KVRT(Kaspersky Virus Removal Tool), он троян не нашел. После с помощью uvs latest.zip сделала файл где по идеи должно показываться где он  находиться. хотелось бы чтобы помогли разобраться где зарылся троян и как его удалить, ниже прикреплю его LAPTOP-K5B6FI1P_2026-03-01_17-48-08_v5.0.4v x64.7z
      LAPTOP-K5B6FI1P_2026-03-01_17-48-08_v5.0.4v x64.7z 
      license.txt readme.txt
    • drxon004
      Нужна помощь удалить троян Trojan:Win32/Kepavll!rfn
      Автор drxon004
      Где-то подцепил троян Trojan:Win32/Kepavll!rfn. При запуске постоянно вылетает ошибка autoit C:\Programdata\ReaItekHD\taskhost.exe, еще это видимо какой-то скрипт, ибо он не дает заходить на сайты связанные с антивирусом, даже на этом форуме я сейчас пишу через другое устройство, прогнал через Microsoft defender, он его удалить не смог, в затронутых элементах: C:\Programdata\ReaItekHD\taskhost.exe, C:\WINDOWS\System32\Tasks\Microsoft\Windows\WindowsBackup\SupportSystem->(UTF-16LE), C:\WINDOWS\System32\Tasks\Microsoft\Windows\WindowsBackup\WinlogonCheck->(UTF-16LE), C:\WINDOWS\System32\Tasks\Microsoft\Windows\WindowsBackup\SupportSystem, C:\WINDOWS\System32\Tasks\Microsoft\Windows\WindowsBackup\WinlogonCheck, так же не дает запускать в безопасном режиме (закрывает окно, когда запускаю msconfig), даже и не знаю что делать, пробовал и cureit, он тоже не помог
    • Dmitryy120
      Как работает kvrt?
      Автор Dmitryy120
      Допустим я скачал какой то exe файл с какого то подозрительного сайта ( я не запускал его) , и хочу просканировать его на своем ноуте через утилиту KVRT перед запуском , и выбираю эту подозрительную программу, как KVRT ее просканирует , он запустит ее на моем ноутбуке, или как выполняется сканирование ? Просто предположу , допустим это какой то стилер или другое вредоносное ПО, kvrt во время проверки запускает эту программу на моем компьютере , она выполняет свою вредоносную функцию , ворует данные с компьютера или что то еще , kvrt еще обнаруживает и удаляет. По сути программа уже выполнила свод функцию и украла все данные. И может удаляться, это работает по такому сценарию, который я предположил или сканирование проходит по другому ?
    • Владхелп
      Подвисание и замедление ноута
      Автор Владхелп
      Во время работы в школе подключил "грязную флешку", на след день заметил сильный перегрев и замедление ноутбука
      CollectionLog-2026.02.14-22.35.zip
    • Leit
      Вирус майнер, самовосстанавливающийся архив
      Автор Leit
      После сканирование и удаления вирусов с помощью антивируса dr web cureit открывается самовосстанавливающийся архив и после перезагрузки вирусы появляются вновь, я понимаю что это вирус, но не могу понять где и как мне его удалить, помогите пожалуйста. В архиве лог с dr web cureit и логи с FRST, AV block remover даже в безопасном режиме не запускается, пишет отказано в доступе 
×
×
  • Создать...